I'd suspect it would depend on how much IP addresses cost, under IPv6. As it stands, if you want your own range (not a range delegated from your ISP), it's Not Cheap, and I recall you had to get 3 class C's (which struck me as really odd).
If the cost of an IPv6 block dwindles to about ten bucks a year per thousand (pulling numbers out of the air) then I suspect each ISP account would come with 16 or so addresses.
And man, would I like that. Ever try playing a DirectPlay game behind a NAT firewall? It's fine with one client and a bunch of blind portforwards, but you're on your own if you have two systems behind it that want to play. (admittedly, that's not IPv4's fault, it's that nobody knows how to read the stream to make an ip_masq_directplay as far as I know)
We just (yesterday at 4 PM) placed an order for one of the new APPRO1124 dual Athlon 1U rackmounts, with a 2 GB of DDR RAM and 2 1.2 TBirds, and a couple 10K SCSI drives.
I'm looking forward to playing with it when it gets here next week.:) The writeup on Anandtech about "the perfect server?" was one of our primary reasons for deciding to give this a shot.
For the curious, the machine will be running J2SE, JBoss, and Jakarta/Tomcat, for a custom app that connects to a (in this case, local) Postgresql database, which is why we have so much RAM in it.
how do you determine which packets in the session are part of a password?
Not too hard, provided you limit your attack fodder to newly initialized SSH sessions.
If user logs in from A to B, then starts a new session to C, you can tell that session started because you see the initial traffic from B to C's port 22.
It's not that hard to then time all traffic from A to B's port 22, until such time as another packet (the complete password) goes from B to C's port 22. And as a bonus, you know that last packet from A to B/22 was enter, so you can use that in your timing.
Good point, I was presuming the viewpoint of a non-customer, IE: just somebody off the street looking for a cheap route to getting the same product that HP is providing.
But just to be pedantic: you're not buying the software, you're buying a particular arrangement and configuration of the software. One isn't OK under the GPL (HP doesn't have the rights to sell something it has no copyright to) but the other is entirely up to them.
As to the last item, I would guess that all depends on the EULA that they release their configuration under.
Presumably, what HP is selling here, is a tricked out, tuned, stripped to minimal configuration, that they've had "many eyeballs" look at.
They don't have to release word one about how they set up the software, or even WHICH software. Just any changes to code that they had to do to get it to work.
The keyword you're looking for there is a "honeypot", or when multiple systems/nodes are involved, a "honeynet". A google search on those terms should turn up some good stuff.
I had some good bookmarks on the subject, but I forgot to bring 'em with me from the last job, I'm afraid.
Well, not for the basic DDOS network scanning, but the later item in the story is slated to come out in May. That coupled with a moderately clear description of what the technology does ought to pretty much guarantee that the virus writers will have something developed to evade it by then.
Shaw is a seperate entity from Excite. They just share name brand recognition, most of the same AUP (I noticed the Shaw AUP is worded much more openly in terms of servers, in parts... reads basically like 'don't bugger the system and we'll look the other way':D ), and from what I understand, Shaw is making decent money off their internet services.
Today on Junkyard Wars, our contestants have to build a rocket of death, to propel one team mate to an unbelievable height, with certain death - and the smashing Junkyard Wars trophy - as their only rewards.
For the blue, we had the Bodgers... with their expert Rocketman. They all said "Bollocks to this" and left, leaving Rocketman by himself.
Amazingly enough, the pink team, the NERDS, are all still here - but they insist that it's their expert who will be the only one in the capsule.
You know the rules... you have until sundown (or the FAA calls the whole thing off)... GO!
Actually, because of the specific deep linking that some folks say may be the problem, geocaching.com -can- easily remove the problem site themselves, and the data will just be gone.
Wouldn't work - the NIC address is only used on the local hop, and discarded (well, replaced) with the next pair.
That MAC address is how the cards themselves talk to each other, while inside the ethernet packet is -another- set of addresses, which you would consider to be the "real" addresses - the TCP/IP source and destination.
A manned ship that could be self-sufficient for the required travel times would cost as much as a space station, because it would *be* a space station.
Heck, it'd have to be better than a space station... or at least, better than the ISS. The ISS gets resupplied every two or three months. Fat chance on sending out a Progress halfway to Mars.:)
It's correct, except it's not for protection from sniffing keystrokes - it's for using lasers to pick up vibrations from sounds in the offices. I believe I saw this on "Dangerous Places", so YMMV.:)
Actually, there's something to be said for playing from five feet away, with no zones-of-death in front of you, where the dog, cat, and your mother all manage to rip the cable out of the system by walking into the damn thing for the eigth time.
Not that I believe this at all, but it occured to me and I figure it's amusing enough to share.
CNN: A delay in the departure of Endeavour could mean a delay in the launch of space tourist Dennis Tito aboard a Russian Soyuz craft. Tito was scheduled to lift off on Saturday, but that mission would have to be delayed if the computer problem is not corrected, NASA spokesman Doug Peterson told Reuters.
"Sorry, Dennis. That darn computer system crashed again, we just can't let ya launch right now. We figure it'll be fixed by... oh... October." <sotto voce: Frank, have you finished the bluescreen plan for Friday yet?>
The color commentary is actually very enjoyable from the various Tribes shoutcasting organizations. Hundreds listened to play-by-plays of Tribes 1 matches.
The clever boys over at the Tribes Shoutcast Network (I think it was actually TheRedDread of Team 5150, but that may have been a different spectator viewing app) have been running an amazing little app called TribesTV, which let you connect to a video stream from the point of view of an ingame observer, realtime.
The major Tribes 1 matches were incredibly popular, and I can't wait for something similar for Tribes 2. The most impressive part (to me, anyways) was that this was all done without any help from the games developers.
Note: it would appear that the URLs don't work right now - Tribalwar has just moved servers and it looks like they missed some DNS entries.
Slashdot Mirror
I'd suspect it would depend on how much IP addresses cost, under IPv6. As it stands, if you want your own range (not a range delegated from your ISP), it's Not Cheap, and I recall you had to get 3 class C's (which struck me as really odd).
If the cost of an IPv6 block dwindles to about ten bucks a year per thousand (pulling numbers out of the air) then I suspect each ISP account would come with 16 or so addresses.
And man, would I like that. Ever try playing a DirectPlay game behind a NAT firewall? It's fine with one client and a bunch of blind portforwards, but you're on your own if you have two systems behind it that want to play. (admittedly, that's not IPv4's fault, it's that nobody knows how to read the stream to make an ip_masq_directplay as far as I know)
We just (yesterday at 4 PM) placed an order for one of the new APPRO1124 dual Athlon 1U rackmounts, with a 2 GB of DDR RAM and 2 1.2 TBirds, and a couple 10K SCSI drives.
:) The writeup on Anandtech about "the perfect server?" was one of our primary reasons for deciding to give this a shot.
I'm looking forward to playing with it when it gets here next week.
For the curious, the machine will be running J2SE, JBoss, and Jakarta/Tomcat, for a custom app that connects to a (in this case, local) Postgresql database, which is why we have so much RAM in it.
how do you determine which packets in the session are part of a password?
Not too hard, provided you limit your attack fodder to newly initialized SSH sessions.
If user logs in from A to B, then starts a new session to C, you can tell that session started because you see the initial traffic from B to C's port 22.
It's not that hard to then time all traffic from A to B's port 22, until such time as another packet (the complete password) goes from B to C's port 22. And as a bonus, you know that last packet from A to B/22 was enter, so you can use that in your timing.
Good point, I was presuming the viewpoint of a non-customer, IE: just somebody off the street looking for a cheap route to getting the same product that HP is providing.
But just to be pedantic: you're not buying the software, you're buying a particular arrangement and configuration of the software. One isn't OK under the GPL (HP doesn't have the rights to sell something it has no copyright to) but the other is entirely up to them.
As to the last item, I would guess that all depends on the EULA that they release their configuration under.
GPL just means source code.
It does NOT mean implementation.
Presumably, what HP is selling here, is a tricked out, tuned, stripped to minimal configuration, that they've had "many eyeballs" look at.
They don't have to release word one about how they set up the software, or even WHICH software. Just any changes to code that they had to do to get it to work.
The keyword you're looking for there is a "honeypot", or when multiple systems/nodes are involved, a "honeynet". A google search on those terms should turn up some good stuff.
I had some good bookmarks on the subject, but I forgot to bring 'em with me from the last job, I'm afraid.
Well, not for the basic DDOS network scanning, but the later item in the story is slated to come out in May. That coupled with a moderately clear description of what the technology does ought to pretty much guarantee that the virus writers will have something developed to evade it by then.
Do I ever have a deal for them... if they just alter that pesky AUP, I'll run my OWN mail server! No more admin costs for them! ;)
Shaw is a seperate entity from Excite. They just share name brand recognition, most of the same AUP (I noticed the Shaw AUP is worded much more openly in terms of servers, in parts... reads basically like 'don't bugger the system and we'll look the other way' :D ), and from what I understand, Shaw is making decent money off their internet services.
My father-in-law just gave me his old (but working!) Kaypro. I'm in retro heaven. CP/M is a hoot. :D
You know, there really needs to be a "Punny" moderation tag... although I can't decide if it'd mod up or down.
Today on Junkyard Wars, our contestants have to build a rocket of death, to propel one team mate to an unbelievable height, with certain death - and the smashing Junkyard Wars trophy - as their only rewards.
For the blue, we had the Bodgers... with their expert Rocketman. They all said "Bollocks to this" and left, leaving Rocketman by himself.
Amazingly enough, the pink team, the NERDS, are all still here - but they insist that it's their expert who will be the only one in the capsule.
You know the rules... you have until sundown (or the FAA calls the whole thing off)... GO!
Actually, because of the specific deep linking that some folks say may be the problem, geocaching.com -can- easily remove the problem site themselves, and the data will just be gone.
Wouldn't work - the NIC address is only used on the local hop, and discarded (well, replaced) with the next pair.
That MAC address is how the cards themselves talk to each other, while inside the ethernet packet is -another- set of addresses, which you would consider to be the "real" addresses - the TCP/IP source and destination.
Actually, I'm waiting to find out what the cause was.
Stupid admin errors happen both on NT and UNIX - they're not a feature of the OS.
Software problems are a different story. And we don't know which yet, so I'm waiting. Mostly. :)
Heck, it'd have to be better than a space station... or at least, better than the ISS. The ISS gets resupplied every two or three months. Fat chance on sending out a Progress halfway to Mars. :)
It's correct, except it's not for protection from sniffing keystrokes - it's for using lasers to pick up vibrations from sounds in the offices. I believe I saw this on "Dangerous Places", so YMMV. :)
No kidding. They've got all these ideas about one-to-many relationships... sinful, I tell ya!
Actually, there's something to be said for playing from five feet away, with no zones-of-death in front of you, where the dog, cat, and your mother all manage to rip the cable out of the system by walking into the damn thing for the eigth time.
Probably an impossibility... but is it possible to contact Shep regarding a clarification of this?
Not that I believe this at all, but it occured to me and I figure it's amusing enough to share.
"Sorry, Dennis. That darn computer system crashed again, we just can't let ya launch right now. We figure it'll be fixed by... oh... October." <sotto voce: Frank, have you finished the bluescreen plan for Friday yet?>
Sorry, TsN moved. They're now at http://tsn.gameloft.com - its just that the Tribalwar guys haven't updated their menu yet. :)
The color commentary is actually very enjoyable from the various Tribes shoutcasting organizations. Hundreds listened to play-by-plays of Tribes 1 matches.
The clever boys over at the Tribes Shoutcast Network (I think it was actually TheRedDread of Team 5150, but that may have been a different spectator viewing app) have been running an amazing little app called TribesTV, which let you connect to a video stream from the point of view of an ingame observer, realtime.
The major Tribes 1 matches were incredibly popular, and I can't wait for something similar for Tribes 2. The most impressive part (to me, anyways) was that this was all done without any help from the games developers.
Note: it would appear that the URLs don't work right now - Tribalwar has just moved servers and it looks like they missed some DNS entries.
Yep... and also that things other than chatting can be considered interacting, even if there is no chat function available.