I fight in armor, and in the kingdom I'm part of, we have archery on the war field, and use lexan face protection (as well as the heavy guage bars) to prevent arrow splinters from getting into our eyes.
The arrows themselves had "markland blunts" on them - rubber tips about 3/4ths of an inch across, and a maximum draw weight of 30 pounds at 30 inches.
Lightweight, and soft hitting - but shards or the butt end of an arrow could still ruin your day. The lexan needed to be tough because it was taking blows from rataan swords that were NOT light, and would cause lesser plastic to shatter.
Speaking as a SCA fighter, who used lexan as anti-arrow face protection, the man's right. You don't want the wrong one, unless you really feel like picking shards out of your face when it shatters.;)
Yep. I have a working Kaypro... I -could- gut it and install my Athlon in it... but then all I'd have would be an athlon, in a wierd case. The working Kaypro is way cooler.:)
Now, making a REPLICA case, that's another story. Hmm....
Actually, I've read the first two Honor Harrington novels on my Visor, using Mobipocket, and it was quite enjoyable. No idea what the refresh rate is on a Visor screen, though.
You raise some good points, but Joe Salesman plugging in an AP - even if it's already strictly against policy - will usually be a big problem.
If conference rooms are set up to allow outsiders, then if you're sane (and you were able to get your bosses to cough up the money, admittedly), it's set up in a DMZ of it's own, unlike the internal networks.
Now, I set up my DHCP in a paranoid fashion - if I don't know the MAC, it doesn't get an address... but that's often not workable for bigger places, and if the WAP-adder has enough technical savvy, he may realize he needs to make his WAP pretend to be his old box by MAC, and get on that way. If the WAP is handing out it's own addresses to those that connect by it, now you can't MAC filter anymore.
And once the person's on the inside LAN, a little bit of arpflooding (which, admittedly, your IDS should be picking up, but folks often don't have them internally because of the false alarms all the time) will make the switches failover and start acting like hubs - and he can sniff away at traffic to get passwords.
In essence, I view it not as re-checking for AP's specifically, but just another part of the constant check and recheck of your setups that you need to do to see if something has been changed in a way to break access controls that exist. HIDS, NIDS, tripwire, etc all factor in to this, making sure you haven't opened up a new vulnerability is just part of the big picture. It won't make you safe in and of itself, but neither should it be ignored based on trust that the rest is all "strong enough".
Re:Good God, are you Clueless?
on
WiFi Triangulation
·
· Score: 4, Insightful
You underestimate the people in marketing, sales, etc who have no techie traning, but are quite happy to go and buy a WAP, and plug that in at their office, so they can one-up their co-workers.
That practice is one reason that even clued network admins need to regularly recheck their networks for AP's. Rogue ones will forever be a pain in the ass.
We don't have large passenger traffic via rail because it's slow. We don't have fast rail because most rail traffic isn't passenger.
Time to break that loop. If you could cheaply load your car on as well (think land-ferry), this would be a kickass way to vacation with a small car or minivan.
Except that the real ones will be getting the positive votes. Slowly, they will begin to pull ahead of the pack, and thus gain more attention - and a similar increase in getting good votes, until there's a clear authoritative "Fooblah Slim - Grok my Parser Up.mp3".
Presumably, because then you only need to buy a set of really decent IP hardware - which is practically commodity these days compared to something for "insert new protocol here". Lowering the cost (ongoing and initial) makes it closer to achieving profit.
The office I'm at used to have a contract with a monthly cap - a mere 20GB, with fairly hefty per-GB fees after that.
One Monday morning, I came in, and glanced at the MRTG graphs over the weekend. Keeripes! Somebody had been pushing data at about 250Kbps from Friday night until about 6 PM on Sunday, sustained.
I did a quick calculation, and then informed the bosses that we were going to be paying a lot more than usual this month, and asked if they wanted me to find out why. Of course they did.
Turned out it was one of said managers. He fired up Limewire, grabbed something on Friday, and forgot to shut it off. Seeing our nice low-latency, high capacity link (E10 or thereabouts, just with a really low traffic cap), it went supernode... and we paid about twice the usual for it.
Correct me if I'm wrong, but a quick scan through the README doesn't seem to imply it'll do anything more than scream at the top of it's digital lungs with ever-changing AP SSID's.
Isn't that going to completely slaughter your actual AP?
Not if you want to start doing DShield-like data correlation, but from the ubersecure (snicker) internal government systems.
People would have an absolute bird if it got out that attempted access logs from #insert government agency here# were being sent to a NGO for correlation.
Although I won't deny that some greenbacks for incidents.org would be a great idea.
110 volt 60 Hz really doesn't do much to you, in general.
I had some smartass go and plug in a project I was working on in Electronics 11 while my back was turned, and when I turned back and picked it up, I just got a wierd buzz feeling, then my arm spasmed and I flung it away from me.
Now, if it was 220V, I'd have had serious damage done.
In short, North American plugs are "shortable" because they don't NEED to be that safe. A short, sharp shock won't hurt you much.
Slashdot Mirror
No - the SCA is middle ages recreation.
I fight in armor, and in the kingdom I'm part of, we have archery on the war field, and use lexan face protection (as well as the heavy guage bars) to prevent arrow splinters from getting into our eyes.
The arrows themselves had "markland blunts" on them - rubber tips about 3/4ths of an inch across, and a maximum draw weight of 30 pounds at 30 inches.
Lightweight, and soft hitting - but shards or the butt end of an arrow could still ruin your day. The lexan needed to be tough because it was taking blows from rataan swords that were NOT light, and would cause lesser plastic to shatter.
Speaking as a SCA fighter, who used lexan as anti-arrow face protection, the man's right. You don't want the wrong one, unless you really feel like picking shards out of your face when it shatters. ;)
Yep. I have a working Kaypro... I -could- gut it and install my Athlon in it... but then all I'd have would be an athlon, in a wierd case. The working Kaypro is way cooler. :)
Now, making a REPLICA case, that's another story. Hmm....
"If you give me Canadian soldiers, with American equipment, I will win this war for you."
-- Rommel
Yeah, nobody ever notices us.
Like buying a house, then paying a maid service to keep it clean?
It's just a way of avoiding the boring scut work, to jump to the nifty bits.
Actually, I've read the first two Honor Harrington novels on my Visor, using Mobipocket, and it was quite enjoyable. No idea what the refresh rate is on a Visor screen, though.
You raise some good points, but Joe Salesman plugging in an AP - even if it's already strictly against policy - will usually be a big problem.
If conference rooms are set up to allow outsiders, then if you're sane (and you were able to get your bosses to cough up the money, admittedly), it's set up in a DMZ of it's own, unlike the internal networks.
Now, I set up my DHCP in a paranoid fashion - if I don't know the MAC, it doesn't get an address... but that's often not workable for bigger places, and if the WAP-adder has enough technical savvy, he may realize he needs to make his WAP pretend to be his old box by MAC, and get on that way. If the WAP is handing out it's own addresses to those that connect by it, now you can't MAC filter anymore.
And once the person's on the inside LAN, a little bit of arpflooding (which, admittedly, your IDS should be picking up, but folks often don't have them internally because of the false alarms all the time) will make the switches failover and start acting like hubs - and he can sniff away at traffic to get passwords.
In essence, I view it not as re-checking for AP's specifically, but just another part of the constant check and recheck of your setups that you need to do to see if something has been changed in a way to break access controls that exist. HIDS, NIDS, tripwire, etc all factor in to this, making sure you haven't opened up a new vulnerability is just part of the big picture. It won't make you safe in and of itself, but neither should it be ignored based on trust that the rest is all "strong enough".
You underestimate the people in marketing, sales, etc who have no techie traning, but are quite happy to go and buy a WAP, and plug that in at their office, so they can one-up their co-workers.
That practice is one reason that even clued network admins need to regularly recheck their networks for AP's. Rogue ones will forever be a pain in the ass.
Sounds more like a "hole in the bucket" problem.
We don't have large passenger traffic via rail because it's slow.
We don't have fast rail because most rail traffic isn't passenger.
Time to break that loop. If you could cheaply load your car on as well (think land-ferry), this would be a kickass way to vacation with a small car or minivan.
BFC... Big Fucking Catastrophe? :)
*facepalms*
Gee, you think I've been spending too much time on webboards?
try this instead
There's other gigs in town than just Netcraft now. These guys may have the stats you're looking for.
/ 20 0208/servers.html
[url=http://www.securityspace.com/s_survey/data
]Securityspace August stats[/url]
I particularly find the Apache 1.3.22 drop then rebound interesting.
Considering most folks, when they see that, say "lay-tecks", but it's actually "lay-teck", that's probably a bad example. ;)
Except that the real ones will be getting the positive votes. Slowly, they will begin to pull ahead of the pack, and thus gain more attention - and a similar increase in getting good votes, until there's a clear authoritative "Fooblah Slim - Grok my Parser Up.mp3".
I'm not sure it's little files - in the headers, there's this line:
:/
meta http-equiv="refresh" content=";URL="
Mozilla, at least, seems to treat that as a zero second refresh to the same location. As fast as it loads it, it reloads it.
Presumably, because then you only need to buy a set of really decent IP hardware - which is practically commodity these days compared to something for "insert new protocol here". Lowering the cost (ongoing and initial) makes it closer to achieving profit.
The office I'm at used to have a contract with a monthly cap - a mere 20GB, with fairly hefty per-GB fees after that.
One Monday morning, I came in, and glanced at the MRTG graphs over the weekend. Keeripes! Somebody had been pushing data at about 250Kbps from Friday night until about 6 PM on Sunday, sustained.
I did a quick calculation, and then informed the bosses that we were going to be paying a lot more than usual this month, and asked if they wanted me to find out why. Of course they did.
Turned out it was one of said managers. He fired up Limewire, grabbed something on Friday, and forgot to shut it off. Seeing our nice low-latency, high capacity link (E10 or thereabouts, just with a really low traffic cap), it went supernode... and we paid about twice the usual for it.
Of course, that's talking about bytes of overhead vs bytes of real data - there would be much less than 4000 packets per packet containing real data.
So, in other words, those who do as the Founding Fathers figured would be needed - overthrowing a corrupt AMERICAN government - are unamerican.
Boggles the mind.
Sure, but there's still going to be assloads of superfluous chatter on the channels in the area. That can't be impact-free.
Correct me if I'm wrong, but a quick scan through the README doesn't seem to imply it'll do anything more than scream at the top of it's digital lungs with ever-changing AP SSID's.
Isn't that going to completely slaughter your actual AP?
Not if you want to start doing DShield-like data correlation, but from the ubersecure (snicker) internal government systems.
People would have an absolute bird if it got out that attempted access logs from #insert government agency here# were being sent to a NGO for correlation.
Although I won't deny that some greenbacks for incidents.org would be a great idea.
Exactly.
110 volt 60 Hz really doesn't do much to you, in general.
I had some smartass go and plug in a project I was working on in Electronics 11 while my back was turned, and when I turned back and picked it up, I just got a wierd buzz feeling, then my arm spasmed and I flung it away from me.
Now, if it was 220V, I'd have had serious damage done.
In short, North American plugs are "shortable" because they don't NEED to be that safe. A short, sharp shock won't hurt you much.
Nah, he spelled it "larger", I'm giving him the benefit of the doubt and figuring he meant a really, really big can. ;)