I note that GP was very careful to mention "systems" as a plural a lot. There is a cluster near me at the moment which nobody knows the root password to (until a recent local kernel root exploit at least) because of a very similar situation. Thankfully we got them back with a lot less trouble than this one, but there it is.
So DoS attacks are no longer real threats? I hate an alarmist as much as the next over worked admin, but I'd rather a penetration than a DoS. Users don't need to know when we get "hacked", they tend to notice DoS attacks.
But (most) humans have this innate condition where taking another life weighs on them somewhat - even most veterans and soldiers I know get twitchy about having to shoot at another person. A robot removes this and replaces it with cold logic.
Put another way, replace the robots with the WOPR, and the humans with, well, the humans in the bunkers.
Just wanted to say, whilst making note that I am strongly against cloud computing, that the first spreadsheet programs were probably very inflexible too. Things like macro's and massively complex formulae probably weren't available early on. I don't actually remember that, I net have a use for spreadsheets until about 4 years ago, but it is something to think about.
Our IP range seems a bit strange. I have, for example, a host at x.x.32.1 which shows up as China in three different geo-location databases, but the IP at x.x.32.2 shows up as Australian. The IP range is leased from one of the states major providers - all of which show up as Australia when you check them. Just something to note I guess.
Are you kidding! That's only a 10 hour trip - hell I'm doing one of those tonight to go back to see my family for that slackest of holidays, Mothers Day. Also, side note, bowen seems to be fairly close to Townsville (at least looking at the google map) - Brisbane is just the state capitol, and probably the easiest point of reference for non-qld individuals.
I'm usually slack about removing ports (I either play on test systems or I just want a program gone) so I just dig it out of pkg_list and then pkg_delete the one I'm getting rid of. Purists probably hate me but there it is, I do things that work for me, and work for any of the clients I need to install things on, not what people tell me I should do.
What they were were the days of honour and respect. Where virus authors did it for the challenge, the reputation, and the fun of it all (tiny for the least instructions possible, whale because it was hard to crack etc.). Not like these cheap fucks we have these days who don't care if they slow down a system or corrupt files - where it is all about the biggest e-peen with the largest DoS capability and copy paste code from generators. It's a shame really, it reminds me of the cliche "old mafia vs new mafia" you get in movies, and we are worse for it.
On your nokia comment, watch the speed at which SMS' are deleted from the inbox - the larger the number, the slower it is, but it picks up speed as the number reduces (as though they are re-parsing the inbox in memory or something).
I can squeeze (as a rule) at least a 10% performance enhancement out of any of the code that the others I program with write, purely because I bothered to learn things like the sorting algorithms, or that a for loop should be processed with >= 0 where possible (or split into a while loop) to reduce computation time. Incremental changes that make vast improvements to the performance of the code. This, incidentally, is one of the reasons I detest people learning perl or python first - ease of language or simple learning aside, the tendency is to write awful code in the long run - at least in the programmers I've seen.
Does anyone know what a standard service-level agreement for 911 service looks like?
Until recently when they've been dropping the ball severely, Australia's major telco - Telstra - had a no-nines arrangement on their 911 services (000 out here). Whenever a telstra tech would do something (last known employee I have for this information is roughly 8 years ago btw) they would have to think "Will this affect 000 functionality". If it would, a work around would be found. Basically, they had one rule and it was "000 is available. Period."
Unfortunately, as I said, that's been significantly reduced lately - we've had a number of cases which have shown this, but there it is. Information most recently provided second hand by an old telstra mainframe tech, confirmed by at least two other ex telstra techs I know. If someone who is there now could pitch in...
Ok so it doesn't apply to the current round of updates, but I used to admin a server that couldn't be upgraded to 2000 SP4 - trying to do so would cause irreparable damage (Full restore from backup, every single time). It's one thing to abuse an admin for not applying a patch, it's another to be that admin and making sure that adding it will work ok. The only sane security policy in a situation like that is protecting the internal network, but you can't protect a file server from an SMB attack if you need it to be a file server - and if you can't patch it for whatever reason......
Well no, basically any executable code exploit would let you get away with this. Sure, you don't get root but why not just execute a tcp connection back to a webserver that sends an identifiable string - that way you can log case number xxyzzy against IP dot, and have what you are after.
Any semi intelligent person doing this would have had a hardware firewall (or a *nix bridge) in between them and the internet, forcing them to only use the tor network proxy at one point and letting nothing else through. A good security system should be in place before you start black mailing someone anyway.
If that is the case could we then prosecute counties, towns, cities and states (depending on locale for appropriate terminology) for traffic drugs and/or stolen goods because they provide the roads for cars to travel on?
Well we could just point him at the cut down installer for PC-BSD that lets him pick and choose his packages. You know, the one found at http://www.freebsd.org/
How is following what every single goddamned script kiddie hax0r guide tells you to do considered sophistication?? And is there a decent reference for each state and country on what is illegal and what is not? Is Port Scanning a crime?
If anything we should be prosecuting the proxy owners for not keeping decent logs. And considering how the Sarah Palin email thing went most of the sane ones do, so we shouldn't even be doing that.
At least until recently, my wrists have been strong enough to support a significant amount of weight (recently they were injured in a high impact fall) but the steel plate in one of my arms has significantly reduced my lifting weight - something like this would significantly help me out. Indeed I've already been working on my own plans for an auxiliary (hydraulic based) system for the arm in question.
I don't think I would be giving over 4 grand to a corporation with this particular name though...
Which is what sockstress has been about since the beginning. With attacks known for years (go check out netkill.pl or read a couple chapters Fyodor wrote for the stealing the network books) being readily available, these guys came out with an "OMG TEH INT@RWEBZ BE D!3ING!" causing a mass of media hype - claiming they would release more details later and generally be good about it.
But we've heard nothing of them since it happened (except for a few "coming soon" posts in the week or two afterwards), and now suddenly it's hyped again because some obscure researcher (and let's face it, unicornscan isn't that big compared to some of the better tools out there - and they've all been updated since 2007) died in what is admittedly a tragic situation (anyone killed before their time is tragic).
All these guys do is generate hype, gain a bit more funding, then fade away again.
We've come a long(ish) way since the Titanic. We have, for example, RADAR which can see these things long before we smell the ice. I don't think ice in the shipping lanes is going to be a big issue, a minor annoyance perhaps.
I run some fairly restrictive NoScript and AdBlock filters and I still get that single line at the very top of the page. Right now it says:
ShadowProtect - AUD$995 - www.storagecraft.com.au - SBS, Exchange & SQL - 12 Min DR Never lose more than 15 min of data
If there is a way to turn that off, I'm not familiar with it. Still, it is only one line and I don't tend to notice that it is there (especially with the green and black console interface turned on).
Ignoring the random plug for some site or whatever, my first thought was "Chrome? Ah this is the asshole whose given my users a forking web browser". As such, Chrome is banned from my networks due to my users obsession with 50+ tabs a day. Lucky for them they close Firefox over night or they'd be stuck with Lynx.
iptables -A INPUT -s $SITERANGE -j ACCEPT iptables -A INPUT -s $OFFICEGW -j ACCEPT iptables -A INPUT -j DROP
I don't see why my offsite backup solution should be such an issue - it is just a bunch of windows servers sitting behind an OpenBSD firewall with pretty much exactly those kinds of rules loaded into it (more restrictions on ports etc.). Also, if I screwed up those iptables, see sig;)
Slashdot Mirror
I note that GP was very careful to mention "systems" as a plural a lot. There is a cluster near me at the moment which nobody knows the root password to (until a recent local kernel root exploit at least) because of a very similar situation. Thankfully we got them back with a lot less trouble than this one, but there it is.
you would have to ignore 100,000 aborted sessions
So DoS attacks are no longer real threats? I hate an alarmist as much as the next over worked admin, but I'd rather a penetration than a DoS. Users don't need to know when we get "hacked", they tend to notice DoS attacks.
NADAR == Not A Damn Accurate Report. Basically anything coming out of the US government lately. Or my government for that matter.
But (most) humans have this innate condition where taking another life weighs on them somewhat - even most veterans and soldiers I know get twitchy about having to shoot at another person. A robot removes this and replaces it with cold logic.
Put another way, replace the robots with the WOPR, and the humans with, well, the humans in the bunkers.
Just wanted to say, whilst making note that I am strongly against cloud computing, that the first spreadsheet programs were probably very inflexible too. Things like macro's and massively complex formulae probably weren't available early on. I don't actually remember that, I net have a use for spreadsheets until about 4 years ago, but it is something to think about.
Our IP range seems a bit strange. I have, for example, a host at x.x.32.1 which shows up as China in three different geo-location databases, but the IP at x.x.32.2 shows up as Australian. The IP range is leased from one of the states major providers - all of which show up as Australia when you check them. Just something to note I guess.
Are you kidding! That's only a 10 hour trip - hell I'm doing one of those tonight to go back to see my family for that slackest of holidays, Mothers Day. Also, side note, bowen seems to be fairly close to Townsville (at least looking at the google map) - Brisbane is just the state capitol, and probably the easiest point of reference for non-qld individuals.
I'm usually slack about removing ports (I either play on test systems or I just want a program gone) so I just dig it out of pkg_list and then pkg_delete the one I'm getting rid of. Purists probably hate me but there it is, I do things that work for me, and work for any of the clients I need to install things on, not what people tell me I should do.
What they were were the days of honour and respect. Where virus authors did it for the challenge, the reputation, and the fun of it all (tiny for the least instructions possible, whale because it was hard to crack etc.). Not like these cheap fucks we have these days who don't care if they slow down a system or corrupt files - where it is all about the biggest e-peen with the largest DoS capability and copy paste code from generators. It's a shame really, it reminds me of the cliche "old mafia vs new mafia" you get in movies, and we are worse for it.
;)
EDDIE LIVES!
On your nokia comment, watch the speed at which SMS' are deleted from the inbox - the larger the number, the slower it is, but it picks up speed as the number reduces (as though they are re-parsing the inbox in memory or something).
I can squeeze (as a rule) at least a 10% performance enhancement out of any of the code that the others I program with write, purely because I bothered to learn things like the sorting algorithms, or that a for loop should be processed with >= 0 where possible (or split into a while loop) to reduce computation time. Incremental changes that make vast improvements to the performance of the code. This, incidentally, is one of the reasons I detest people learning perl or python first - ease of language or simple learning aside, the tendency is to write awful code in the long run - at least in the programmers I've seen.
Does anyone know what a standard service-level agreement for 911 service looks like?
Until recently when they've been dropping the ball severely, Australia's major telco - Telstra - had a no-nines arrangement on their 911 services (000 out here). Whenever a telstra tech would do something (last known employee I have for this information is roughly 8 years ago btw) they would have to think "Will this affect 000 functionality". If it would, a work around would be found. Basically, they had one rule and it was "000 is available. Period."
Unfortunately, as I said, that's been significantly reduced lately - we've had a number of cases which have shown this, but there it is. Information most recently provided second hand by an old telstra mainframe tech, confirmed by at least two other ex telstra techs I know. If someone who is there now could pitch in...
Ok so it doesn't apply to the current round of updates, but I used to admin a server that couldn't be upgraded to 2000 SP4 - trying to do so would cause irreparable damage (Full restore from backup, every single time). It's one thing to abuse an admin for not applying a patch, it's another to be that admin and making sure that adding it will work ok. The only sane security policy in a situation like that is protecting the internal network, but you can't protect a file server from an SMB attack if you need it to be a file server - and if you can't patch it for whatever reason......
Well no, basically any executable code exploit would let you get away with this. Sure, you don't get root but why not just execute a tcp connection back to a webserver that sends an identifiable string - that way you can log case number xxyzzy against IP dot, and have what you are after.
Any semi intelligent person doing this would have had a hardware firewall (or a *nix bridge) in between them and the internet, forcing them to only use the tor network proxy at one point and letting nothing else through. A good security system should be in place before you start black mailing someone anyway.
Err. Maybe I shouldn't have said that.
Because the first 6 letters match the word mitochlorian and we all know what a bad fucking move that was ;)
If that is the case could we then prosecute counties, towns, cities and states (depending on locale for appropriate terminology) for traffic drugs and/or stolen goods because they provide the roads for cars to travel on?
Well we could just point him at the cut down installer for PC-BSD that lets him pick and choose his packages. You know, the one found at http://www.freebsd.org/
How is following what every single goddamned script kiddie hax0r guide tells you to do considered sophistication?? And is there a decent reference for each state and country on what is illegal and what is not? Is Port Scanning a crime?
If anything we should be prosecuting the proxy owners for not keeping decent logs. And considering how the Sarah Palin email thing went most of the sane ones do, so we shouldn't even be doing that.
At least until recently, my wrists have been strong enough to support a significant amount of weight (recently they were injured in a high impact fall) but the steel plate in one of my arms has significantly reduced my lifting weight - something like this would significantly help me out. Indeed I've already been working on my own plans for an auxiliary (hydraulic based) system for the arm in question.
I don't think I would be giving over 4 grand to a corporation with this particular name though...
Worse, obviously. Unless the US flew in Barbara Streisand - then all bets are off.
Which is what sockstress has been about since the beginning. With attacks known for years (go check out netkill.pl or read a couple chapters Fyodor wrote for the stealing the network books) being readily available, these guys came out with an "OMG TEH INT@RWEBZ BE D!3ING!" causing a mass of media hype - claiming they would release more details later and generally be good about it.
But we've heard nothing of them since it happened (except for a few "coming soon" posts in the week or two afterwards), and now suddenly it's hyped again because some obscure researcher (and let's face it, unicornscan isn't that big compared to some of the better tools out there - and they've all been updated since 2007) died in what is admittedly a tragic situation (anyone killed before their time is tragic).
All these guys do is generate hype, gain a bit more funding, then fade away again.
We've come a long(ish) way since the Titanic. We have, for example, RADAR which can see these things long before we smell the ice. I don't think ice in the shipping lanes is going to be a big issue, a minor annoyance perhaps.
ShadowProtect - AUD$995 - www.storagecraft.com.au - SBS, Exchange & SQL - 12 Min DR Never lose more than 15 min of data
If there is a way to turn that off, I'm not familiar with it. Still, it is only one line and I don't tend to notice that it is there (especially with the green and black console interface turned on).
Ignoring the random plug for some site or whatever, my first thought was "Chrome? Ah this is the asshole whose given my users a forking web browser". As such, Chrome is banned from my networks due to my users obsession with 50+ tabs a day. Lucky for them they close Firefox over night or they'd be stuck with Lynx.
Or maybe it's our fault we make the spammers work harder to get around our filters! Bet you didn't think of that did you!
They'll send it off to porn sites or whatever and have people analyse it from there - can always get around them, it is just a question of resources.
iptables -A INPUT -s $SITERANGE -j ACCEPT
iptables -A INPUT -s $OFFICEGW -j ACCEPT
iptables -A INPUT -j DROP
I don't see why my offsite backup solution should be such an issue - it is just a bunch of windows servers sitting behind an OpenBSD firewall with pretty much exactly those kinds of rules loaded into it (more restrictions on ports etc.). Also, if I screwed up those iptables, see sig ;)