The purpose of FTP is to send data. The purpose of Google desktop is to search documents locally (or on various computers), not to send data to Google servers.
In a switched environment, a sniffer on a network card will see only the traffic specific to this card. So if you put a sniffer on your own computer, then yes, it is ok to collect your own data, unless you don't trust yourself...
As for "looking around", it is very different from "probing". Looking is passive; you just let the information come to your eyes. It is the same as sniffing. Probing is active: you actually send packets and analyze how the remote system is reacting. So it is more like knocking at doors and checking if windows are locked.
Probing can be harmful for the target if it is not designed to handle the kind of data you send. Also on big systems probing will trigger an alarm, so it will bother the sysadmin as well. Quite rude.
If the assignment was to put a sniffer on the student's network adapter and watch the packets passing by, then it would do no harm. But probing is not passive, it is active, and it can be harmful to the target server. You might compromise a service without knowing it.
Every month thousands of idiots are probing the ports on my firewall, eating away my bandwith (which *I* pay for) and adding load on my firewall's CPU (which *I* paid for). And I am a home user with nothing interesting to steal from. Do you have any idea how much bandwith and CPU is wasted at Google, Yahoo or Microsoft because of the same kind of wannabe hackers?
If no service is listening on a port then this port is not an issue (apart from flooding or DOS). However you must be sure that no service unknown to you is listening, like inetd on Linux or rpc on Windows. You must also know that some protocols will open ports almost randomly once a communication is established, like passive FTP.
Probing is a way to detect which ports are open and what kind of services are running; Nessus (on Linux) and GFI Languard (on Windows) are two very common probing tools. In many countries it is not legal to probe ports on servers that you do not control: this is why the assignment in the OP is illegal.
If you have network services running on a machine, you can install a firewall that will allow you to choose who can access those services. Default configuration on most hardware firewalls (like you D-Link) will block incoming and allow outgoing traffic. If you don't want people from the internet to connect on your local machines then you don't have to worry, just make sure to update your firmware once in a while. Those products are fine for such usage, and possibly they have logs that you can watch to see who tried to probe your ports.
If you allow incoming traffic then it is another issue. By incoming I mean traffic that is initiated by someone on the outside, not answers to requests you made. If you have incoming traffic you would need a firewall with packet-inspection capabilities; it would make sure that the packets that are passing on the open ports are related to the purpose of the said ports. Efficiency of detection will vary from one product to another, but on most home products (like your D-Link) it is not available at all.
Also you would need an intrusion-detection system (IDS) both on the gateway and on the critical systems. IDS can detect various patterns of attacks. A well-know IDS is Snort.
Firewalls and IDS will send lots of information to logging devices (generally a syslog daemon), and it is possible to install or design a software to warn you (email, pager, blinking gizmo on a screen) when specific events are logged. You could also have a look at reports on a regular basis, or do some kind of data-mining in your logs to detect trends or bizarre behaviors.
This is a.NET web application, easy to setup and very user-friendly. There is also the usual support for mailed-in requests (POP listener), reports, flexible properties, and so on.
1) Install a few Linux file servers (without disturbing your Windows 2000 domain) 2) Talk to the press about plans of moving from Exchange to "open source" software. Mention possible plans of using Linux on desktops. 3) Let the Linux community talk about "another Munich" 4) Wait for the Microsoft call and cut a good deal for the already planned XP rollout
Being a textbook Red Hat customer could also come in handy, in case Microsoft does not bite.
If the culture in your area is to be open about the previous salary, then it could be difficult not to tell them. And it would not be a good idea to lie. Lies have a way to come back and haunt you at the most unexpected moment.
Don't try to fill at once this gap that you see between your salary and "the market". If you still have your job while you try to cut a deal for the new one, then a 10%-15% increase would be enough. If they seem fine with the number, try to nibble a little: more vacation time, free parking space (if you are in a crowded area), paid training.
Bottom line, don't try to stretch them too much. Leave room for your 6-month or 1-year review, when you will have a bigger value for them (if you are any good!). After 18 months or 2 years, if you have not reached a better salary, then you can move up.
This is why I got my RTFM coffee mug. For a while each time someone asked me a question out of stupidity I would take a sip and point to the mug. Works like a charm.
If you don't know what RTFM stands for, then... RTFM!
SATA drives over 80-100GB will burn incredibly fast. Relying on those drives for mission-critical data is not a good idea, even if you have a top-notch RAID controller.
... when some of the virus were funny, like this one that was playing the "Hitchcock Presents" theme once in a while. Or that other one that was beeping each time the Enter key was pressed. This was a time where a TSR was not some obnoxious prick trying to sell you phony mortgage plans.
Nowadays the virus are mostly mail-related, so you get annoyed by other people's virus all the time. Sad.
Athlon64/Sempron64 lines are on average about 4-5x times more power/heat efficient than comparable PIV/Celeron CPUs
Says you.
Seriously, a couple months ago my company bought 1500 workstations and of course we had better prices with AMD than Intel CPUs (low-end PCs). But then our supplier agreed to cut prices on Celeron-based systems, apparently he was eating his profits with too many RMA on the Semprons (over-heating problem). Of course this guy was an idiot, he should have called you before.
But hey, nowadays you can find people who will swear that the Hyundai Sonata is more reliable than the Honda Accord, it's just sad.
At the office: -Hey boss, I just called the third party that is providing us with the critical software we use, and they said that the next release will run on Intel D, but we have only Pentium 4... -Ok then, replace the 2000 workstations, I'm sure Dell or HP will have a good deal for us. -Yeah, they might even take back our old Pentium 4 at no charge!
Yeah, AMD is great, not only it's cheaper, but it also helps to heat your room. Unless you take the money you saved by not buying Intel and you purchase some extra cooling.
This is not a simple matter of disabling a user account. To do a proper resolution of this issue, IBM must involve a lot of people:
* an account manager to handle the issue with the customer * a senior analyst to evaluate the situation and make an action plan * a systems analyst to make recommandations to prevent this kind of issue in the future (new ACLs, firewall rules, etc) * a couple of technicians to carry out the job (log scanning, password reset, etc) * a security specialist to proceed to an ethical hack and validate the new measures * a security analyst to review the company's security policy
Would they bill only 50$/h for those people, still the invoice could get high very quickly. They would not even have to get nasty. But then 50$/h an hour is a very low rate for consultants.
I've been in two big companies and I did not enjoy. Like you I was coming from mid-sized places and I thought: how great it must be not to have to worry about budgets. But I was devastated by the slow-paced, nonchalant ambiance. I had a hard time adjusting myself to the never ending meetings and memos and pointless policies, and at some point I told myself: it is just incredible how money is wasted here, no surprise if the only customers are other big companies with huge budgets.
In big companies the decisions are made by people who do not have to live with the direct consequences ("The budget is busted because of Microsoft licenses are too high? Bah, let's cut in the network redundancy, it never failed anyway"). Also in those companies you will actually hear things like "nobody got fired for choosing IBM (or Microsoft)", or "maybe Microsoft will go down someday, but if it happens we won't be alone to sink". No matter how reliable or cheap is a technology, it won't get management approval as long as it is not mainstream.
Yeah, those places have big budgets, impressive server rooms and the latest gizmo from HP or IBM so you can update the hot-swappable BIOS of the over-priced servers from a web interface. But very quickly you will get bored with such toys, especially when you are forbidden to use Firefox instead of IE on your workstation, or when you find out that it takes two months to have a DNS record fixed (about which you have daily complaints from your customers).
In big companies you will find plenty of people with no skills because it's easy to hide somewhere in the corporate tree. And the odds that one of those people ends up being your boss are high, in which case not only you must tolerate his stupid decisions, but you must also stay low-profile, because if he starts to feel threatened by you he will play all his sleazy cards to get you out.
By contrast in universities you have more room for initiative, plus you get all the side benefits, like free education, cool environment, and very interesting resources from other institutions. You'll get less budget, you might have to kiss some old, hairy ass in wine & cheese events, but you'll also work in a place where the most bright people of the country are coming everyday to teach, learn or research. Some of them might get very annoying, but in the end you'll always find some geeks to have a good talk.
My advice: stay away from the big companies. Stick to mid-sized business, or go to this university. Expensive corporate toys are not gonna keep your mind from running, and at some point you'd have either to sell-out or to leave.
Reminds me of this Las Vegas episode with the "king and queen of coupons" (and their freaky puppet that was saying "Feed me coupons").
If some people are happy to get freebies and collect coupons, and if they feel so proud of themselves to do so, then let it be. After all, this is a "free" country.
I think the word you look for is "port", not "tweak".
Also you suggest to install Linux in order to run Linux applications on Windows. This is a great, but I don't see where you fit Windows in this architecture...
Ok, so you have to pay to have Google Desktop WITHOUT the privacy issue. I guess it's like paying a little more to get a whore with no STDs.
The purpose of FTP is to send data. The purpose of Google desktop is to search documents locally (or on various computers), not to send data to Google servers.
In a switched environment, a sniffer on a network card will see only the traffic specific to this card. So if you put a sniffer on your own computer, then yes, it is ok to collect your own data, unless you don't trust yourself...
As for "looking around", it is very different from "probing". Looking is passive; you just let the information come to your eyes. It is the same as sniffing. Probing is active: you actually send packets and analyze how the remote system is reacting. So it is more like knocking at doors and checking if windows are locked.
Probing can be harmful for the target if it is not designed to handle the kind of data you send. Also on big systems probing will trigger an alarm, so it will bother the sysadmin as well. Quite rude.
If the assignment was to put a sniffer on the student's network adapter and watch the packets passing by, then it would do no harm. But probing is not passive, it is active, and it can be harmful to the target server. You might compromise a service without knowing it.
Every month thousands of idiots are probing the ports on my firewall, eating away my bandwith (which *I* pay for) and adding load on my firewall's CPU (which *I* paid for). And I am a home user with nothing interesting to steal from. Do you have any idea how much bandwith and CPU is wasted at Google, Yahoo or Microsoft because of the same kind of wannabe hackers?
If no service is listening on a port then this port is not an issue (apart from flooding or DOS). However you must be sure that no service unknown to you is listening, like inetd on Linux or rpc on Windows. You must also know that some protocols will open ports almost randomly once a communication is established, like passive FTP.
Probing is a way to detect which ports are open and what kind of services are running; Nessus (on Linux) and GFI Languard (on Windows) are two very common probing tools. In many countries it is not legal to probe ports on servers that you do not control: this is why the assignment in the OP is illegal.
If you have network services running on a machine, you can install a firewall that will allow you to choose who can access those services. Default configuration on most hardware firewalls (like you D-Link) will block incoming and allow outgoing traffic. If you don't want people from the internet to connect on your local machines then you don't have to worry, just make sure to update your firmware once in a while. Those products are fine for such usage, and possibly they have logs that you can watch to see who tried to probe your ports.
If you allow incoming traffic then it is another issue. By incoming I mean traffic that is initiated by someone on the outside, not answers to requests you made. If you have incoming traffic you would need a firewall with packet-inspection capabilities; it would make sure that the packets that are passing on the open ports are related to the purpose of the said ports. Efficiency of detection will vary from one product to another, but on most home products (like your D-Link) it is not available at all.
Also you would need an intrusion-detection system (IDS) both on the gateway and on the critical systems. IDS can detect various patterns of attacks. A well-know IDS is Snort.
Firewalls and IDS will send lots of information to logging devices (generally a syslog daemon), and it is possible to install or design a software to warn you (email, pager, blinking gizmo on a screen) when specific events are logged. You could also have a look at reports on a regular basis, or do some kind of data-mining in your logs to detect trends or bizarre behaviors.
If you are looking for something running on Windows, BugTrackerNet is a nice solution.
.NET web application, easy to setup and very user-friendly. There is also the usual support for mailed-in requests (POP listener), reports, flexible properties, and so on.
http://btnet.sourceforge.net/
This is a
Microsoft Fishing for dummies:
1) Install a few Linux file servers (without disturbing your Windows 2000 domain)
2) Talk to the press about plans of moving from Exchange to "open source" software. Mention possible plans of using Linux on desktops.
3) Let the Linux community talk about "another Munich"
4) Wait for the Microsoft call and cut a good deal for the already planned XP rollout
Being a textbook Red Hat customer could also come in handy, in case Microsoft does not bite.
You can find interesting information here: http://www.dilbert.com/comics/dilbert/archive/dilb ert-20060216.html
If the culture in your area is to be open about the previous salary, then it could be difficult not to tell them. And it would not be a good idea to lie. Lies have a way to come back and haunt you at the most unexpected moment.
Don't try to fill at once this gap that you see between your salary and "the market". If you still have your job while you try to cut a deal for the new one, then a 10%-15% increase would be enough. If they seem fine with the number, try to nibble a little: more vacation time, free parking space (if you are in a crowded area), paid training.
Bottom line, don't try to stretch them too much. Leave room for your 6-month or 1-year review, when you will have a bigger value for them (if you are any good!). After 18 months or 2 years, if you have not reached a better salary, then you can move up.
This is why I got my RTFM coffee mug. For a while each time someone asked me a question out of stupidity I would take a sip and point to the mug. Works like a charm.
If you don't know what RTFM stands for, then... RTFM!
SATA drives over 80-100GB will burn incredibly fast. Relying on those drives for mission-critical data is not a good idea, even if you have a top-notch RAID controller.
Go with SCSI.
... when some of the virus were funny, like this one that was playing the "Hitchcock Presents" theme once in a while. Or that other one that was beeping each time the Enter key was pressed. This was a time where a TSR was not some obnoxious prick trying to sell you phony mortgage plans.
Nowadays the virus are mostly mail-related, so you get annoyed by other people's virus all the time. Sad.
According to your list, here is what you should do:
1) Avoid Geocities
2) Don't browse the internet for free porn or warez
You will then discover a brand new internet, the one for grownups.
Maybe he thought you were a chick...
... would you take the blue pill or the red pill?
... it's because they are over-heating.
Says you.
Seriously, a couple months ago my company bought 1500 workstations and of course we had better prices with AMD than Intel CPUs (low-end PCs). But then our supplier agreed to cut prices on Celeron-based systems, apparently he was eating his profits with too many RMA on the Semprons (over-heating problem). Of course this guy was an idiot, he should have called you before.
But hey, nowadays you can find people who will swear that the Hyundai Sonata is more reliable than the Honda Accord, it's just sad.
At the office:
-Hey boss, I just called the third party that is providing us with the critical software we use, and they said that the next release will run on Intel D, but we have only Pentium 4...
-Ok then, replace the 2000 workstations, I'm sure Dell or HP will have a good deal for us.
-Yeah, they might even take back our old Pentium 4 at no charge!
Yeah, AMD is great, not only it's cheaper, but it also helps to heat your room. Unless you take the money you saved by not buying Intel and you purchase some extra cooling.
They should add a feature on the SiteAdvisor toolbar: "this site is often down".
What he did was not a mistake. What he did was a crime, and it reveals a personality flaw that won't be corrected by jail time.
If a guy rapes a girl, then go to jail, would you let him marry your daughter? After all, he would carefully stay out of trouble.
This is not a simple matter of disabling a user account. To do a proper resolution of this issue, IBM must involve a lot of people:
* an account manager to handle the issue with the customer
* a senior analyst to evaluate the situation and make an action plan
* a systems analyst to make recommandations to prevent this kind of issue in the future (new ACLs, firewall rules, etc)
* a couple of technicians to carry out the job (log scanning, password reset, etc)
* a security specialist to proceed to an ethical hack and validate the new measures
* a security analyst to review the company's security policy
Would they bill only 50$/h for those people, still the invoice could get high very quickly. They would not even have to get nasty. But then 50$/h an hour is a very low rate for consultants.
Welcome to the world of big business.
I've been in two big companies and I did not enjoy. Like you I was coming from mid-sized places and I thought: how great it must be not to have to worry about budgets. But I was devastated by the slow-paced, nonchalant ambiance. I had a hard time adjusting myself to the never ending meetings and memos and pointless policies, and at some point I told myself: it is just incredible how money is wasted here, no surprise if the only customers are other big companies with huge budgets.
In big companies the decisions are made by people who do not have to live with the direct consequences ("The budget is busted because of Microsoft licenses are too high? Bah, let's cut in the network redundancy, it never failed anyway"). Also in those companies you will actually hear things like "nobody got fired for choosing IBM (or Microsoft)", or "maybe Microsoft will go down someday, but if it happens we won't be alone to sink". No matter how reliable or cheap is a technology, it won't get management approval as long as it is not mainstream.
Yeah, those places have big budgets, impressive server rooms and the latest gizmo from HP or IBM so you can update the hot-swappable BIOS of the over-priced servers from a web interface. But very quickly you will get bored with such toys, especially when you are forbidden to use Firefox instead of IE on your workstation, or when you find out that it takes two months to have a DNS record fixed (about which you have daily complaints from your customers).
In big companies you will find plenty of people with no skills because it's easy to hide somewhere in the corporate tree. And the odds that one of those people ends up being your boss are high, in which case not only you must tolerate his stupid decisions, but you must also stay low-profile, because if he starts to feel threatened by you he will play all his sleazy cards to get you out.
By contrast in universities you have more room for initiative, plus you get all the side benefits, like free education, cool environment, and very interesting resources from other institutions. You'll get less budget, you might have to kiss some old, hairy ass in wine & cheese events, but you'll also work in a place where the most bright people of the country are coming everyday to teach, learn or research. Some of them might get very annoying, but in the end you'll always find some geeks to have a good talk.
My advice: stay away from the big companies. Stick to mid-sized business, or go to this university. Expensive corporate toys are not gonna keep your mind from running, and at some point you'd have either to sell-out or to leave.
Reminds me of this Las Vegas episode with the "king and queen of coupons" (and their freaky puppet that was saying "Feed me coupons").
If some people are happy to get freebies and collect coupons, and if they feel so proud of themselves to do so, then let it be. After all, this is a "free" country.
I think the word you look for is "port", not "tweak".
Also you suggest to install Linux in order to run Linux applications on Windows. This is a great, but I don't see where you fit Windows in this architecture...