Okay, I admit I am a little green when it come to the finer side of IP. Okay, I'm really green! Anyway, since DDOS relies pretty much on PiNG, would a reasonable amount of protection be gained by killing ICMP at the router/firewall? It would keep it from getting to the servers, but would it help reduce the 'tidle wave' of traffic on it's way to the router?
Somebody enlighten me! (Flame certainly welcome, I could use a good laugh!)
Gee, now I'm replying to my own articles. How arrogant!
Anyway, if we sit down for a minute and try to figure out the point that the author was trying to make (if he/she had enought brain power), I think we would wind up with the following interpretation:
Windows machines were not vunerable to being 'infected' with this particular piece of code that was being used for the attack. Yes, they certainly would be vulnerable if they became victims of the attack. Yes, code can be written to use Microsoft systems to assist in the attack. But the code used would not run on Microsoft boxes. Besides that, who wants to wast time coding to use an MS box when a UN*X box does the job so much more efficently?
Of course, that makes for a longer paragraph than what they had on it, but why should they waste their time writing all that when they get paid just the same for a one-liner?
As for the remainder of the article, I think they simply left a lot of facts out. They always do. Rat bastards.
I know this is probably flame bait, but what the hell; I like the attention!
IMHO, bad press is just a fact of life. Most articles from sources like 'currents' have to water down the facts for the following reasons:
1. So the average CEO or bean counter will feel like he can actually comprehend what is being said in the artice
2. To compress the 'facts' into a compact article that won't take more than 30 seconds of the busy CEO or bean counter's time
3. To make the article more interesting for non-IT people.
All this makes for more interesting reading to the average Joe, but much is lost in the translation.
Dealing with stuff like this is just part of our jobs. We can take whatever attitude we want with it, but consider this possibility:
An article like this may cause your CEO or manager or whoever approves your budget and signs you paycheck to ask questions. This gives you a few opportunities:
1. You get to share your knowledge with him/her.
2. You could use it to build a case for more security software/equipment/personnel.
3. You could use it to justify a raise and come additional training.
4. You get to insult someone's intelligence! (I recommend a subtle approach)
As the saying goes, life is 10% what happens to you and 90% what you do with it. Why not use articles like this to your advantage?
I feel that the majority of people who had to work new years eve faced one or both of the following problems:
1. Management was not convinced that their IT staff had successfully remediated the problem in their own systems.
2. Management was not convinced that if anything did happen, it would be outside of their systems and beyond their control.
I am the sole administrator for a division of a global manufacturing company. I am responsible for every system that moves electrons. These include servers, desktops, LANs, WANs, Internet, telephones, security systems, electrical power, CNC hosts etc. And to make matters worse, Corporate dictated long ago that we would be a Microsoft company. So I have to support a multitude of systems running a dizzying array of Microsoft products. Sound like fun?
But despite all this, I was fortunate enough to spend the entire NYE1999 weekend at home with all the friends that I and my wife invited over. How did I manage this?
I made certain that management was involved just enough in the Y2K remediation process that they could understand what our systems did and where they were vulnerable. I gave them detailed progress reports throughout the process. I invited management to take part in the live test where we rolled the clocks to 12.31.99 23:00. The system demonstated its ability to handle the rollover without an event.
I setup the ability to dial into the system from home and test all major aspects of the system from remote. In the end, I had sold management on the idea that everything that could be done had been done. They were adequately convinced that if anything did go wrong, it would be something outside our systems (ie power, dial tone, etc.) and that it would be a waste of time and money to have me onsite.
Management was confident that I could monitor the system from home and would be aware if anything did go wrong.
In the end, I was able to enjoy the holiday because management and I knew that we had taken care of the problem. My guess is that the majority of those that did have to work on NYE either had not adequately prepared their systems to handle Y2K or had not involved management enough in the process for them to understand that the systems were ready. The remainder simply have a paranoid management.
We often forget that working with the computers is only half the job. Computers are made by people to be used by people. Working with real live human beings is an aspect of our job that we easily forget or neglect. While we were all preparing our computer systems for Y2K, how many of us took the time to prepare our userbase and our management for Y2K. If we as IT staff forgot to address the people that use these systems, then the only information they got was from the press or their churches, both in which the majority was selling the notion that we were doomed.
Simply fact is that no matter how much we want to be geeks, techowizards, geniouses, etc. we must not for get that we must also play the roll of salesman. You have to sell your ideas and your beliefs to your management and users. Once I learned that lesson, my job became a lot more interesting, productive and exciting.
All that being said, please let me take my hat off to all those who serve in our armed forces defending this great nation. Thanks to you, I have the priveledge to work a facinating and challenging job, go home to my wonderful wife, invite my closest friends over and enjoy the holidays. Without you brave people, none of this would be possible.
What most people don't seem to realize is that the Year 2000 issue is just one of many date related issues that IT staffs must contend with. Everyone thinks all the screws are going to fall out on December 31, 1999 at 11:59pm.
Computers measure time in various ways. They use a series of nested variables to count the passing of units of time. What's really critical is what kind of variables they used and when did they start counting.
Let's take UNIX for example. Most implementations of UNIX use a signed integer to measure the number of seconds that have transpired since 'epoch'. Think of epoch as a nail driven into the timeline that UNIX considers to be the start of time. The most common date I have heard of for epoch is January 1, 1970. I'm sure newer implemntations use a different epoch and possibly different system for counting time, but let's follow this example.
We have a signed integer counting seconds elapsed since Jan 1, 1970. Depending on how many bits the variable can hold, it will reach the highest number it can hold and will cycle back to 0 (or negative something depending on if it is signed or not).
When the above happens, the computer may interpret that as time starting over again, or it might interpret it as antitime or get a divide by 0 error.
Granted this model gives us until 2013 or 2076 depending on signage (and my math), but that is just this model. How many other implementations of time counting are out there and how do they work? Dozens, maybe thousands, who knows?
The only reason Year 2000 got so much hype is that it is the only date related problem that the press could comprehend.
I for one am not concerned about Year 2000. I look at it as being no different that all the other issues that IT staff have to keep track of.
If you do nothing else, have fun on New Years Eve. If nothing happens, you didn't miss the party for nothing. If something does happen, at least you got one last laugh in before the world came down around you're ears. Besides, if it breaks, it will be a long time before IT staff see daylight again because we're the sorry SOBs that have to put the damn think back together again!
I predect that a small group of friends are going to get together and party like its 1999!
We're going to have a big damn roast, lot's of corn bread and black eyed peas. I make my own wine and a buddy of mine makes his own beer, so we'll have plenty to eat and drink!
The only thing I'm going to worry about is how to find the bathroom.
I'm am not about to let the damn press hype up gloom and doom to ruin the best New Years celebration in over 1000 years!
On a slightly more serious note, I believe that there will be minor hickups here and there. Minor hickups happen everyday. It's just part of life in the information age.
And if it does all come crashing down, so what? Lifestyle will change. Life itself will not. Life is too short to worry about such things.
Okay, I was kidding a few days ago when I first posted this, but now I'm thinking I just might actually file this one!
Begin repost:
Abstract: the anterior part of the central nervous system enclosed in the cranium of vertebrates, consisting of a mass of nerve tissue organized for the perception of sensory impulses, the regulation of motor impulses, and the production of memory, learning, and consciousness
Abstract: the anterior part of the central nervous system enclosed in the cranium of vertebrates, consisting of a mass of nerve tissue organized for the perception of sensory impulses, the regulation of motor impulses, and the production of memory, learning, and consciousness
Prices as posted on www.pricewatch.com Intel Solution: ABIT BM6 Motherboard: $95 Intel Celeron 466 CPU (Retail, ie 3 year warrantee): $93 Overclock to 582 MHz AMD Solution: ASUSTEK Motherboard: $77 AMD K6 II 475: $75 Overclock to 600 MHz Evidence seems to be support the idea.
You might want to look at some of the solutions at http://www.promise.com/Products/ideraid/ideraid.ht m. I don't know what kind of Linux support is available, but certainly worth checking out.
My understanding is that RAM prices began to rise because several of the major RAM manufacturers were 'retooling' to go from 64bit chips to 128bit chips. During this period, prices rose to slow the sale of existing RAM, as apposed to the potential nightmare of running out (As well as to exploit a situation and make more money). The quake in Taiwan only exasperated the problem, because the only major players that hadn't begun retooling were in (you guessed it) Taiwan. And of course, Christmas is coming and that always drives the price of electronics up.
Not meaning to argue with anybody (everyone has made valid points on a number of the issues here), I'd like to provide a little extra food for thought.
The choice to 'burn/waste' someone elses money is rarely the decision of IT professionals. In most cases, the IT staff has a modest operating budget and the really big purchases are made via 'capital appropriations' that must be approved by the management structure.
Before capital appropriations are granted, IT staff are usually required (and rightfully so) do justify the expenditure. The IT staff should be able to demonstrate that the proposed expenditure will do one of two things (or both):
1. Provide the customer with a better product or service (ie. give the customer a reason to do more business with the company)
2. The technology being purchased will streamline operations that will ultimately result in savings that outweigh the price of the technology. Accounting types often refer to this as 'picking money up off the floor'.
Does this mean that spending tons of money is right for everyone? No. It means that the purchase must be evaluated on several levels to ensure that the expenditure will benefit the company enough to offset the price associated with it.
As 'Techies', it is human nature for us to want the bleeding edge technology. It's toy value. But as it has been pointed out elsewhere, that's not our money that gets spent on the technology. It is important that the technology that we recommend serve the people that will be spending the money.
In many cases, it pays to be on the bleeding edge. Lets take the example of the recent advances in hard drive technology that are being discussed here. Would you like to know one of the major industries that will benefit from this technology? Turn on your radio. Many radio stations today are in the process of transferring all their older tapes and CD collections into a large array of hard disks using MP3 and similar codecs. They have a demonstratable need for larger, faster drives that consume less energy and office space.
As for people who cannot themselves afford the bleeding edge; who find themselves spending $550 for a SCSI subsystem that is only worth $100 after two years, you're right. It isn't very smart to try to stay on the bleeding edge if you don't absolutely need to. You can and will waste a lot of money if you try. But look on the flip side. As the bleeding edge advances, todays highest tech products that cost a fortune will sell for pennies on the dollar, often in less than a year.
If you are making an arguement that bleeding edge is beyond your needs and that it is wasteful to stay on it, then wait 6 to 12 months. By then, the techology will become affordable and your needs may grow to need it after all.
Slashdot Mirror
Okay, I admit I am a little green when it come to the finer side of IP. Okay, I'm really green! Anyway, since DDOS relies pretty much on PiNG, would a reasonable amount of protection be gained by killing ICMP at the router/firewall? It would keep it from getting to the servers, but would it help reduce the 'tidle wave' of traffic on it's way to the router?
Somebody enlighten me! (Flame certainly welcome, I could use a good laugh!)
Gee, now I'm replying to my own articles. How arrogant!
Anyway, if we sit down for a minute and try to figure out the point that the author was trying to make (if he/she had enought brain power), I think we would wind up with the following interpretation:
Windows machines were not vunerable to being 'infected' with this particular piece of code that was being used for the attack. Yes, they certainly would be vulnerable if they became victims of the attack. Yes, code can be written to use Microsoft systems to assist in the attack. But the code used would not run on Microsoft boxes. Besides that, who wants to wast time coding to use an MS box when a UN*X box does the job so much more efficently?
Of course, that makes for a longer paragraph than what they had on it, but why should they waste their time writing all that when they get paid just the same for a one-liner?
As for the remainder of the article, I think they simply left a lot of facts out. They always do. Rat bastards.
I know this is probably flame bait, but what the hell; I like the attention!
IMHO, bad press is just a fact of life. Most articles from sources like 'currents' have to water down the facts for the following reasons:
1. So the average CEO or bean counter will feel like he can actually comprehend what is being said in the artice
2. To compress the 'facts' into a compact article that won't take more than 30 seconds of the busy CEO or bean counter's time
3. To make the article more interesting for non-IT people.
All this makes for more interesting reading to the average Joe, but much is lost in the translation.
Dealing with stuff like this is just part of our jobs. We can take whatever attitude we want with it, but consider this possibility:
An article like this may cause your CEO or manager or whoever approves your budget and signs you paycheck to ask questions. This gives you a few opportunities:
1. You get to share your knowledge with him/her.
2. You could use it to build a case for more security software/equipment/personnel.
3. You could use it to justify a raise and come additional training.
4. You get to insult someone's intelligence! (I recommend a subtle approach)
As the saying goes, life is 10% what happens to you and 90% what you do with it. Why not use articles like this to your advantage?
Tell me if this logic works:
I feel that the majority of people who had to work new years eve faced one or both of the following problems:
1. Management was not convinced that their IT staff had successfully remediated the problem in their own systems.
2. Management was not convinced that if anything did happen, it would be outside of their systems and beyond their control.
I am the sole administrator for a division of a global manufacturing company. I am responsible for every system that moves electrons. These include servers, desktops, LANs, WANs, Internet, telephones, security systems, electrical power, CNC hosts etc. And to make matters worse, Corporate dictated long ago that we would be a Microsoft company. So I have to support a multitude of systems running a dizzying array of Microsoft products. Sound like fun?
But despite all this, I was fortunate enough to spend the entire NYE1999 weekend at home with all the friends that I and my wife invited over. How did I manage this?
I made certain that management was involved just enough in the Y2K remediation process that they could understand what our systems did and where they were vulnerable. I gave them detailed progress reports throughout the process. I invited management to take part in the live test where we rolled the clocks to 12.31.99 23:00. The system demonstated its ability to handle the rollover without an event.
I setup the ability to dial into the system from home and test all major aspects of the system from remote. In the end, I had sold management on the idea that everything that could be done had been done. They were adequately convinced that if anything did go wrong, it would be something outside our systems (ie power, dial tone, etc.) and that it would be a waste of time and money to have me onsite.
Management was confident that I could monitor the system from home and would be aware if anything did go wrong.
In the end, I was able to enjoy the holiday because management and I knew that we had taken care of the problem. My guess is that the majority of those that did have to work on NYE either had not adequately prepared their systems to handle Y2K or had not involved management enough in the process for them to understand that the systems were ready. The remainder simply have a paranoid management.
We often forget that working with the computers is only half the job. Computers are made by people to be used by people. Working with real live human beings is an aspect of our job that we easily forget or neglect. While we were all preparing our computer systems for Y2K, how many of us took the time to prepare our userbase and our management for Y2K. If we as IT staff forgot to address the people that use these systems, then the only information they got was from the press or their churches, both in which the majority was selling the notion that we were doomed.
Simply fact is that no matter how much we want to be geeks, techowizards, geniouses, etc. we must not for get that we must also play the roll of salesman. You have to sell your ideas and your beliefs to your management and users. Once I learned that lesson, my job became a lot more interesting, productive and exciting.
All that being said, please let me take my hat off to all those who serve in our armed forces defending this great nation. Thanks to you, I have the priveledge to work a facinating and challenging job, go home to my wonderful wife, invite my closest friends over and enjoy the holidays. Without you brave people, none of this would be possible.
Hell, I'm luck if I can even get WebTV to work.
What most people don't seem to realize is that the Year 2000 issue is just one of many date related issues that IT staffs must contend with. Everyone thinks all the screws are going to fall out on December 31, 1999 at 11:59pm.
Computers measure time in various ways. They use a series of nested variables to count the passing of units of time. What's really critical is what kind of variables they used and when did they start counting.
Let's take UNIX for example. Most implementations of UNIX use a signed integer to measure the number of seconds that have transpired since 'epoch'. Think of epoch as a nail driven into the timeline that UNIX considers to be the start of time. The most common date I have heard of for epoch is January 1, 1970. I'm sure newer implemntations use a different epoch and possibly different system for counting time, but let's follow this example.
We have a signed integer counting seconds elapsed since Jan 1, 1970. Depending on how many bits the variable can hold, it will reach the highest number it can hold and will cycle back to 0 (or negative something depending on if it is signed or not).
When the above happens, the computer may interpret that as time starting over again, or it might interpret it as antitime or get a divide by 0 error.
Granted this model gives us until 2013 or 2076 depending on signage (and my math), but that is just this model. How many other implementations of time counting are out there and how do they work? Dozens, maybe thousands, who knows?
The only reason Year 2000 got so much hype is that it is the only date related problem that the press could comprehend.
I for one am not concerned about Year 2000. I look at it as being no different that all the other issues that IT staff have to keep track of.
If you do nothing else, have fun on New Years Eve. If nothing happens, you didn't miss the party for nothing. If something does happen, at least you got one last laugh in before the world came down around you're ears. Besides, if it breaks, it will be a long time before IT staff see daylight again because we're the sorry SOBs that have to put the damn think back together again!
I predect that a small group of friends are going to get together and party like its 1999!
We're going to have a big damn roast, lot's of corn bread and black eyed peas. I make my own wine and a buddy of mine makes his own beer, so we'll have plenty to eat and drink!
The only thing I'm going to worry about is how to find the bathroom.
I'm am not about to let the damn press hype up gloom and doom to ruin the best New Years celebration in over 1000 years!
On a slightly more serious note, I believe that there will be minor hickups here and there. Minor hickups happen everyday. It's just part of life in the information age.
And if it does all come crashing down, so what? Lifestyle will change. Life itself will not. Life is too short to worry about such things.
Okay, I was kidding a few days ago when I first posted this, but now I'm thinking I just might actually file this one!
Begin repost:
Abstract: the anterior part of the central nervous system enclosed in the cranium of vertebrates, consisting of a mass of nerve tissue organized for the perception of sensory impulses, the regulation of motor impulses, and the production of memory, learning, and consciousness
AKA: A Brain
Inventor: Nicodemas
Assignee: Slashdot
Application number: 929001
Filed: October 22, 1999
End Repost
Abstract: the anterior part of the central nervous system enclosed in the cranium of vertebrates, consisting of a mass of nerve tissue organized for the perception of sensory impulses, the regulation of motor impulses, and the production of memory, learning, and consciousness
Inventor: Nicodemas
Assignee: Slashdot
Application number: 929001
Filed: October 22, 1999
Hehe...
Look up the name Shihan Karl Geis!
I'll spar a couple of rounds with her!
One word:
Aikido!
Although I hate to mention his name on /., ...
Michael Jordon: $400 Million
Bill Gates: $100 Billion
That's okay, I didn't want to share my toys anyway!
Prices as posted on www.pricewatch.com Intel Solution: ABIT BM6 Motherboard: $95 Intel Celeron 466 CPU (Retail, ie 3 year warrantee): $93 Overclock to 582 MHz AMD Solution: ASUSTEK Motherboard: $77 AMD K6 II 475: $75 Overclock to 600 MHz Evidence seems to be support the idea.
"Why in the world would the average person want a computer?"
-Xerox circa 1977
Don't stand in the path of progress, run in it!
Personal policy: Ignore the moderator's ratings. Read everything and decide for yourself. (No offense to the moderators intended) 8)
Inspire me! Tell me it cannot be done!
You might want to look at some of the solutions at http://www.promise.com/Products/ideraid/ideraid.ht m. I don't know what kind of Linux support is available, but certainly worth checking out.
My understanding is that RAM prices began to rise because several of the major RAM manufacturers were 'retooling' to go from 64bit chips to 128bit chips. During this period, prices rose to slow the sale of existing RAM, as apposed to the potential nightmare of running out (As well as to exploit a situation and make more money). The quake in Taiwan only exasperated the problem, because the only major players that hadn't begun retooling were in (you guessed it) Taiwan. And of course, Christmas is coming and that always drives the price of electronics up.
Not meaning to argue with anybody (everyone has made valid points on a number of the issues here), I'd like to provide a little extra food for thought.
The choice to 'burn/waste' someone elses money is rarely the decision of IT professionals. In most cases, the IT staff has a modest operating budget and the really big purchases are made via 'capital appropriations' that must be approved by the management structure.
Before capital appropriations are granted, IT staff are usually required (and rightfully so) do justify the expenditure. The IT staff should be able to demonstrate that the proposed expenditure will do one of two things (or both):
1. Provide the customer with a better product or service (ie. give the customer a reason to do more business with the company)
2. The technology being purchased will streamline operations that will ultimately result in savings that outweigh the price of the technology. Accounting types often refer to this as 'picking money up off the floor'.
Does this mean that spending tons of money is right for everyone? No. It means that the purchase must be evaluated on several levels to ensure that the expenditure will benefit the company enough to offset the price associated with it.
As 'Techies', it is human nature for us to want the bleeding edge technology. It's toy value. But as it has been pointed out elsewhere, that's not our money that gets spent on the technology. It is important that the technology that we recommend serve the people that will be spending the money.
In many cases, it pays to be on the bleeding edge. Lets take the example of the recent advances in hard drive technology that are being discussed here. Would you like to know one of the major industries that will benefit from this technology? Turn on your radio. Many radio stations today are in the process of transferring all their older tapes and CD collections into a large array of hard disks using MP3 and similar codecs. They have a demonstratable need for larger, faster drives that consume less energy and office space.
As for people who cannot themselves afford the bleeding edge; who find themselves spending $550 for a SCSI subsystem that is only worth $100 after two years, you're right. It isn't very smart to try to stay on the bleeding edge if you don't absolutely need to. You can and will waste a lot of money if you try. But look on the flip side. As the bleeding edge advances, todays highest tech products that cost a fortune will sell for pennies on the dollar, often in less than a year.
If you are making an arguement that bleeding edge is beyond your needs and that it is wasteful to stay on it, then wait 6 to 12 months. By then, the techology will become affordable and your needs may grow to need it after all.