Find me another server that can hold 720 gig in 1U and survive a million hits a day.
A million hits a day is less than 12 hits/sec. If Apple's Xserves use Apache, they aren't going to scale nearly as well as Zeus. It's all about the web server, not the hardware.
Another "questionable" practice that would be affected are services like monster.com, which send mail (usually resumes) to subscribers (companies hunting employees), but forge the sender address as being the real address of the individual, not of monster.com itself.
The simple solution here is for monster.com to do the right thing and only "forge" the From line in the header, not the envelope sender address. The envelope sender should use VERP, which would allow monster to know when a specific email bounces.
Do not do that! What happens if the other machine then connects back to you to check if postmaster exists? It will create an infinite loop. You need to use a null envelope sender:
Not really. You have to include all the hidden costs, which are about equal to a person's salary: benefits, insurance, taxes, office space, management, etc.
Your comment applies to legitimate companies who respect and abide by a privacy policy.
Yes. Spam mailed from countries outside the US that don't care about spam or spam mailed through proxies is going to be sent regardless of whether or not you unsubscribe. Much of that spam doesn't even pretend to have an unsubscribe link. Since they already have your email address, there isn't anything worse that can happen.
But if you want to stop legitimate companies from mailing you, or companies that have (at least somewhat) legitimately bought your address, you need to unsubscribe.
> 3) NEVER click the unsubscribe link at the bottom of the email.
If you don't unsubscribe, you can't complain when you get mailed. Any legitimate companies that do mailings will never mail you after you unsubscribe. Companies don't want to mail people that don't want to be mailed and will complain. They want to mail people that will buy their products.
As I recall, I'd elected to use a less stealthy TCP scan because I wanted to be as aboveboard as possible, sorta like the LAN equivalent of yelling "Hey, anyone home?" from the sidewalk as opposed sneaking up and trying the doorknobs with a stealth SYN scan. =P
But it's better to not be detected at all. Plus with a SYN scan you have deniability. The source address can be spoofed (even nmap will do it -- see decoy scan). Thus, it wasn't necessarily you that sent the packets.
I think that this operates rather backwardly. Instead of making/bin a symlink to some new directory, it would make more sense to make a conglomerate directory that includes the contents of/bin,/usr/bin, etc.
Requiring a reverse DNS record isn't forcing you to go out and buy a domain, just to bitch at your ISP to give you a valid reverse DNS. It can be in your domain, or in theirs, it just has to exist.
Or it can be same domain used for reverse lookups. You can make the PTR record for 1.2.3.4 this: 4.3.2.1.in-addr.arpa
Re:Who didn't see this coming?
on
SCO DOS'ed
·
· Score: 1
Apache is a *decent* webserver (note that i said decent), and although you're right, it's not too scalable, the point is not to run it on some "big iron" server, but rather on a zillion cheap Linux boxen. Apache's inherent problems with many connections don't matter as much then.
Personally, I'd rather run Zeus on one FreeBSD box than Apache on a zillion Linux boxes:) Apache's big problem is that it is designed to include everything in the web server process, such as PHP. That is horrible design. Content generation should be done outside of the web server using FastCGI.
Re:Apache is _not_ a good web server.
on
SCO DOS'ed
·
· Score: 1
Why is it so widely deployed?
Because there isn't a good free alternative. I hope to change that soon.
Re:Who didn't see this coming?
on
SCO DOS'ed
·
· Score: 1
SYN floods are so ten years ago. A decent webserver (say, Apache) should we able to handle it without too much trouble.
It's obvious that you don't have a clue about what you are talking about. A SYN flood has nothing to do with a web server. And Apache is _not_ a good web server. It does not scale to a large number of connections.
Re:Who didn't see this coming?
on
SCO DOS'ed
·
· Score: 1
Some people have that kind of bandwidth available. Hell, I have 3 different places with 1Gb connections to OC192's.
I do not believe you.
It's called Cogent. 1000 Mbps for $10,000 a month.
What I hate most about the C family of languages, is that the only terminator for a string is a binary zero. It is not possible (at least in the implemention available to me) to ask 'how big is that string, physically'?
That's only if you use C strings. Use stralloc and you won't have that problem.
Re:They needed three days to figure this out?
on
Spam Meeting Wrap-up
·
· Score: 1
And how will people cause problems for them? Spam isn't exactly illegal just yet.
Send out a bunch of spam and see how long you can keep your net connection. Or send a bunch of spam through proxies advertising your website and see how long it stays up. Now, do the same thing, only this time mailing a remove list (a list of addresses that have asked to be removed or have complained in the past). You will see get into a lot more trouble.
The spammers aren't usually the businessmen with a product to sell--their product is your email address--the more email addresses their clients mail goes out to, the more money they make.
Personally, I think this is a myth. Most of the spam I get appears to be coming from the people who's site it is advertising. Besides, people sending out spam for a fee don't want to get their clients into trouble, any more than people sending out spam for themselves want to get into trouble. If you get someone's website terminated by mailing a bunch of angry people, they aren't going to pay you again.
You need to disregard this about spam coming from countries in Asia or other countries where they don't care about spam. They will mail anyone just because they can.
The point isn't to trick the spammer into thinking that you're complaining from a valid address that is different from your real address. It's to mask your real address so it doesn't get added to a list.
No reputable provider is going to accept anonymous abuse reports. Otherwise, if I didn't like you, I could send lots of fake abuse reports to your upstream.
Re:They needed three days to figure this out?
on
Spam Meeting Wrap-up
·
· Score: 1
Spammers love live email addresses.
No, spammers love live addresses of people who will buy things. Spammers do not want to mail people who will cause problems for them.
Unless you forge your headers so they can't tell where it's coming from.
Forged headers being an issue is a myth. It is trivial to determine which headers are forged.
My apartment has very small, unlockable mailboxes. Too small for a DVD. The mailman leaves anything too big for the mailbox just sitting out. I would never get my DVDs that way. People already steal my newspaper every day.
Perhaps you could fix that problem: Order expensive items and have them shipped with insurance. After the USPS starts losing money to this, they might correct the situation.
Slashdot Mirror
Because Apache is such a technical achievement...
And, the shell script for Windows is????
It works just fine under Cygwin.
Find me another server that can hold 720 gig in 1U and survive a million hits a day.
A million hits a day is less than 12 hits/sec. If Apple's Xserves use Apache, they aren't going to scale nearly as well as Zeus. It's all about the web server, not the hardware.
I'm wondering if Sony is pulling a "Radio Shack" on us (products that crap out exactly one day after the warranty runs out).
Funny, I've always heard that called a "Sony".
Another "questionable" practice that would be affected are services like monster.com, which send mail (usually resumes) to subscribers (companies hunting employees), but forge the sender address as being the real address of the individual, not of monster.com itself.
The simple solution here is for monster.com to do the right thing and only "forge" the From line in the header, not the envelope sender address. The envelope sender should use VERP, which would allow monster to know when a specific email bounces.
MAIL FROM: postmaster@myhost.mydomain.tld
Do not do that! What happens if the other machine then connects back to you to check if postmaster exists? It will create an infinite loop. You need to use a null envelope sender:
MAIL FROM: <>
$40,000,000 / 400 people = $100,000/person.
Wow.
Not really. You have to include all the hidden costs, which are about equal to a person's salary: benefits, insurance, taxes, office space, management, etc.
It seems to me that if the GPL were weakened by a court decision, that same decision would also weaken copyrights generally and eula's specifically.
The GPL has nothing to do with EULAs.
Your comment applies to legitimate companies who respect and abide by a privacy policy.
Yes. Spam mailed from countries outside the US that don't care about spam or spam mailed through proxies is going to be sent regardless of whether or not you unsubscribe. Much of that spam doesn't even pretend to have an unsubscribe link. Since they already have your email address, there isn't anything worse that can happen.
But if you want to stop legitimate companies from mailing you, or companies that have (at least somewhat) legitimately bought your address, you need to unsubscribe.
But unsubscribing will confirm that the mailaddress is still in use, and thus is worth money when they sell it...
No one with any sense buys a remove list. No one wants to mail a remove list. That's just idiotic.
> 3) NEVER click the unsubscribe link at the bottom of the email.
If you don't unsubscribe, you can't complain when you get mailed. Any legitimate companies that do mailings will never mail you after you unsubscribe. Companies don't want to mail people that don't want to be mailed and will complain. They want to mail people that will buy their products.
Besides if you're using a switch instead of a stupid hub they can't sniff you anyway.
You'd like to think that, wouldn't you? arpspoof from the dsniff package lets you sniff on a switched network. So does ettercap.
As I recall, I'd elected to use a less stealthy TCP scan because I wanted to be as aboveboard as possible, sorta like the LAN equivalent of yelling "Hey, anyone home?" from the sidewalk as opposed sneaking up and trying the doorknobs with a stealth SYN scan. =P
But it's better to not be detected at all. Plus with a SYN scan you have deniability. The source address can be spoofed (even nmap will do it -- see decoy scan). Thus, it wasn't necessarily you that sent the packets.
I think that this operates rather backwardly. Instead of making /bin a symlink to some new directory, it would make more sense to make a conglomerate directory that includes the contents of /bin, /usr/bin, etc.
http://cr.yp.to/slashcommand.html
I guess it doesn't matter if you're the only one reading the code, but I can't see how macros can do anything other than make code harder to read...
t ines.html
http://www.chiark.greenend.org.uk/~sgtatham/corou
Requiring a reverse DNS record isn't forcing you to go out and buy a domain, just to bitch at your ISP to give you a valid reverse DNS. It can be in your domain, or in theirs, it just has to exist.
Or it can be same domain used for reverse lookups. You can make the PTR record for 1.2.3.4 this: 4.3.2.1.in-addr.arpa
isnt mysql $1000+ for commercial use?
No, it's GPL.
Apache is a *decent* webserver (note that i said decent), and although you're right, it's not too scalable, the point is not to run it on some "big iron" server, but rather on a zillion cheap Linux boxen. Apache's inherent problems with many connections don't matter as much then.
:) Apache's big problem is that it is designed to include everything in the web server process, such as PHP. That is horrible design. Content generation should be done outside of the web server using FastCGI.
Personally, I'd rather run Zeus on one FreeBSD box than Apache on a zillion Linux boxes
Why is it so widely deployed?
Because there isn't a good free alternative. I hope to change that soon.
SYN floods are so ten years ago. A decent webserver (say, Apache) should we able to handle it without too much trouble.
It's obvious that you don't have a clue about what you are talking about. A SYN flood has nothing to do with a web server. And Apache is _not_ a good web server. It does not scale to a large number of connections.
Some people have that kind of bandwidth available. Hell, I have 3 different places with 1Gb connections to OC192's.
I do not believe you.
It's called Cogent. 1000 Mbps for $10,000 a month.
What I hate most about the C family of languages, is that the only terminator for a string is a binary zero. It is not possible (at least in the implemention available to me) to ask 'how big is that string, physically'?
That's only if you use C strings. Use stralloc and you won't have that problem.
And how will people cause problems for them? Spam isn't exactly illegal just yet.
Send out a bunch of spam and see how long you can keep your net connection. Or send a bunch of spam through proxies advertising your website and see how long it stays up. Now, do the same thing, only this time mailing a remove list (a list of addresses that have asked to be removed or have complained in the past). You will see get into a lot more trouble.
The spammers aren't usually the businessmen with a product to sell--their product is your email address--the more email addresses their clients mail goes out to, the more money they make.
Personally, I think this is a myth. Most of the spam I get appears to be coming from the people who's site it is advertising. Besides, people sending out spam for a fee don't want to get their clients into trouble, any more than people sending out spam for themselves want to get into trouble. If you get someone's website terminated by mailing a bunch of angry people, they aren't going to pay you again.
You need to disregard this about spam coming from countries in Asia or other countries where they don't care about spam. They will mail anyone just because they can.
The point isn't to trick the spammer into thinking that you're complaining from a valid address that is different from your real address. It's to mask your real address so it doesn't get added to a list.
No reputable provider is going to accept anonymous abuse reports. Otherwise, if I didn't like you, I could send lots of fake abuse reports to your upstream.
Spammers love live email addresses.
No, spammers love live addresses of people who will buy things. Spammers do not want to mail people who will cause problems for them.
Unless you forge your headers so they can't tell where it's coming from.
Forged headers being an issue is a myth. It is trivial to determine which headers are forged.
My apartment has very small, unlockable mailboxes. Too small for a DVD. The mailman leaves anything too big for the mailbox just sitting out. I would never get my DVDs that way. People already steal my newspaper every day.
Perhaps you could fix that problem: Order expensive items and have them shipped with insurance. After the USPS starts losing money to this, they might correct the situation.