PS... I don't write code, that shit is hard, but I'll be damned if I don't yell at you and I can't write hello world. Nonetheless, I maintain you guys suck and probably eat babies.
Fucking baby eaters, learn to follow an RFC and sanitize your queries you fucking baby eaters!
-rich
How do you sleep knowing DJB is out there and you can't compare? How can this be your 10th version with no hope of being better at writing DNS code. Swallow your pride, and start with a known good code base, you know like DJB, then cock it up... you are bind after all... that's what you guys do, and that you ARE good at. Every week, every month for years, decades, it's another bind security alert. Bind is the only code that I know of that is the exception to the saying "you can't make a silk purse out of a sows ear"... you can if there is no ear left, is there any original code in b9? Back to the drawing board wasn't far enough... jesus christ. Are interns the only ones allowed to code? Are you getting M$ rejects? I don't understand, do the opposite of what you think you should do, and maybe you have some decent code there, ask people on the street if this this and this are a good idea... ask your grand parents, filp coins... something other than what you do day in and day out fuck!
-rich
ClamAV is using Amazons EC2 Cloud. Real-time (upon execution) scanning, scanning on install, and scanning on service startup, as well as removal/quarantine. You do have to be connected however for the hash and heuristics checks to work.
But best practices are much better than any AV any day. Don't use IE, don't run as admin, it is that simple: http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
From the INSTALL doc:Suricata is compatible with standard Snort rulesets. A sample standard configuration file can be found in the Suricata base directory. This file is called 'suricata.yaml'. I've just now got it installed, going to investigate further...
Why can't these guys come out to play!! This is the one piece of Vaporware I am still holding out hope for. I've written them, they've replied eventually, they keep pushing the release dates back...
http://www.memjethomeandoffice.com/faq/category/company/
>Although we initially believed we would be introducing A4/Letter devices through OEM brands in 2009, the timing now has shifted to 2010
Fuck!
-rich
We have similar goals with our project Clearsite.sourceforge.net. We've learned our lessons and think we can begin taking on the likes of SolarWinds, OSSIM, ZenOss, SpiceWorks etc... We made the mistake of being to geared toward one vendor(cisco) but no longer. We're making the software work for us, were not working with the software. Crating a Snort interface that highlights the portion of the packet that trips the content rule, being able to note FP's, highlight the portion that's a FP in the packet, and it's added to the rule once you click submit. Some user-agent rule goes off, but it's your own app, highlight the user-agent your app uses, click submit and content:!"user-agent: xyz"; gets added to a display filter and or the actual sig itself. A snort rule is triggered for Bittorrent being used, a cron job connects via wmi, snmp or ssh to a host, runs a netstat -abn effectively and figures out the process and location of the executable that triggered the rule, or the lack of being able to get such a result back might further point to a FP or a machine not under your control. If no contact, check the mac address db to see if it's one of yours, if not, snmp set fa0/22 disable. Proactive. Naturally there are more checks and balances in there, but that's where were heading with just the snort portion. Again making the software work for us. As always we'll use our very popular ajax search for everything we can.
http://clearsite.blogspot.com/search?updated-min=2007-01-01T00%3A00%3A00-08%3A00&updated-max=2008-01-01T00%3A00%3A00-08%3A00&max-results=3
-rich
(google: xinn.org contact)
We have similar goals with Clearsite, it's like cacti but cisco centric. We're going back to the drawing board this year from what we've learned and our product will be a lot like OSSIM, only better;)
Google: xinn.org contact
if you'd like to discuss further.
-rich
Xinn.org
Security is not a product; it itself is a process. And if we're going to make our digital systems secure [sic and or loved ones], we're going to have to start building processes. If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.
~Bruce Schneier
It is fun! It is the best FPS I've played online ever. Note, its beta, there are still plenty of bugs. My biggest and fastest computer only gets 10-24fps, but my older mid-level is 125fps solid. The difference seems to be 64-bit XP vs 32-bit. Regardless of browser, video driver, single head, multi-head, picmip, screen resolution, fresh install or otherwise, the 64-bit machine get's terrible fps (usable, but not as nice) and the 32-bit screams... I've done everything I can, swapped video cards between to two... everything. But playing on the 32-bit is a lot of fun! The skill matching is pretty good, the levels are fresh, some are reworked, some of the good ones from RA3 are missing, but its still a blast.
-rich
Create rainbow tables and charge a small fee for access. If you target M$ Office passwords, specifically the password to open, 40-bit RC4, target the possible keys because there are less possible keys than are possible passwords. See Ophcrack office, Rainbow crack office and Elcomsoft AOPB.
Running as non-admin is easy, runas (which is only a right-click away)is very easy to use and works well 99% of the time. The annoying thing is remembering to right-click the msi/exe to use runas:) Do you need AV? IE is how BHO's like vundo get in to your pc, active-x is also a nightmare... I've been saying this for years! I have 5000+ users that we no longer install AV directly on their PC's, and we pass our PCI/DSS and SOX audits every year. There is no excuse for M$ to put users into Admin by default. Windows 7 however it does... the local admin account is disabled... but so what! It's idiotic, lock the administrator, but place a new user into admin group by default.
-rich
ClearSite
An identity thief will smile alot after he/she has got my money, so how does this help if the system can't cope with a smile and or glasses. "Smiling all the way to the bank" ring a bell?
Security theater plain and simple. Another waste of my taxpaying dollars. I'll have no photo next time, or pull a peewee and use scotch tape on my face the whole time I'm there.
-rich
http://dev.clear-site.net/
ClearSite is prettier than Cacti, it's geared towards Cisco and HP network gear, but the new version coming in 2009 will blow the competition away! While it uses RRDTool also, it has a real-time Ajax search and a much better navigation scheme over Cacti.
http://clearsite.sourceforge.net/coming-soon.html
Not much, BHO's like Vundo(virus) only work against IE, we don't use IE. There is very little. I've got 2000+ users who are never infected, again no IE.
-rich
98% of virii/malware etc need ADMIN to succeed... and very few application on windows, save a very small percentage actually need admin. The User Group is good enough for the wife/kids and my sales staff, lowers TCO even for M$. We don't use installed AV clients, we scan remotely nightly, run proxy+av along with snort, no issues. Users can use runas http://xinn.org/RunasVBS.html if need be, but they probably won't need to. Anti-Admin VS Anti-Virus, and AA wins! http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
Best Practices. M$ and tons of 3rd party software makers, don't make it easy to adhere to Best Practices, I'm sure if they did they'd be called Easy Practices.
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
When was the last time you had to run a video game as root? Never. On M$, games and lot's of other things do need admin to run about 70% of the time probably more, however you don't have to be logged in as a member of the admin or power users group to run them. You can use runas (similar to su) with a simple right-click.
Why don't virus "shoot-outs" and other types of comparisons ever put all those Anti-/spyware/virus software up against a non-admin user... You may actually find the non-admin wins. My wife/kids and myself don't run as admins on my M$ machines, and for good measure we do scan nightly (TY ClamWin) for good measure, nothing for over 3 years. The only spy-ware we've gotten are some "browser helper objects" but since I hid the IE icon under the FF icon, it's never happened again.
Remember, *nix started out as a multi-user system, and windows did not, they kludged a mult-user system (version after version) on top of a single user system, and security is/was an after thought, clearly.
-rich
Slashdot Mirror
PS... I don't write code, that shit is hard, but I'll be damned if I don't yell at you and I can't write hello world. Nonetheless, I maintain you guys suck and probably eat babies. Fucking baby eaters, learn to follow an RFC and sanitize your queries you fucking baby eaters! -rich
How do you sleep knowing DJB is out there and you can't compare? How can this be your 10th version with no hope of being better at writing DNS code. Swallow your pride, and start with a known good code base, you know like DJB, then cock it up... you are bind after all... that's what you guys do, and that you ARE good at. Every week, every month for years, decades, it's another bind security alert. Bind is the only code that I know of that is the exception to the saying "you can't make a silk purse out of a sows ear"... you can if there is no ear left, is there any original code in b9? Back to the drawing board wasn't far enough... jesus christ. Are interns the only ones allowed to code? Are you getting M$ rejects? I don't understand, do the opposite of what you think you should do, and maybe you have some decent code there, ask people on the street if this this and this are a good idea... ask your grand parents, filp coins... something other than what you do day in and day out fuck! -rich
ClamAV is using Amazons EC2 Cloud. Real-time (upon execution) scanning, scanning on install, and scanning on service startup, as well as removal/quarantine. You do have to be connected however for the hash and heuristics checks to work. But best practices are much better than any AV any day. Don't use IE, don't run as admin, it is that simple: http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html -rich
From the INSTALL doc:Suricata is compatible with standard Snort rulesets. A sample standard configuration file can be found in the Suricata base directory. This file is called 'suricata.yaml'. I've just now got it installed, going to investigate further...
Quakelive works on linux now, have a go!
Why can't these guys come out to play!! This is the one piece of Vaporware I am still holding out hope for. I've written them, they've replied eventually, they keep pushing the release dates back... http://www.memjethomeandoffice.com/faq/category/company/ >Although we initially believed we would be introducing A4/Letter devices through OEM brands in 2009, the timing now has shifted to 2010 Fuck! -rich
We have similar goals with our project Clearsite.sourceforge.net. We've learned our lessons and think we can begin taking on the likes of SolarWinds, OSSIM, ZenOss, SpiceWorks etc... We made the mistake of being to geared toward one vendor(cisco) but no longer. We're making the software work for us, were not working with the software. Crating a Snort interface that highlights the portion of the packet that trips the content rule, being able to note FP's, highlight the portion that's a FP in the packet, and it's added to the rule once you click submit. Some user-agent rule goes off, but it's your own app, highlight the user-agent your app uses, click submit and content:!"user-agent: xyz"; gets added to a display filter and or the actual sig itself. A snort rule is triggered for Bittorrent being used, a cron job connects via wmi, snmp or ssh to a host, runs a netstat -abn effectively and figures out the process and location of the executable that triggered the rule, or the lack of being able to get such a result back might further point to a FP or a machine not under your control. If no contact, check the mac address db to see if it's one of yours, if not, snmp set fa0/22 disable. Proactive. Naturally there are more checks and balances in there, but that's where were heading with just the snort portion. Again making the software work for us. As always we'll use our very popular ajax search for everything we can. http://clearsite.blogspot.com/search?updated-min=2007-01-01T00%3A00%3A00-08%3A00&updated-max=2008-01-01T00%3A00%3A00-08%3A00&max-results=3 -rich (google: xinn.org contact)
We have similar goals with Clearsite, it's like cacti but cisco centric. We're going back to the drawing board this year from what we've learned and our product will be a lot like OSSIM, only better;) Google: xinn.org contact if you'd like to discuss further. -rich Xinn.org
Security is not a product; it itself is a process. And if we're going to make our digital systems secure [sic and or loved ones], we're going to have to start building processes. If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. ~Bruce Schneier
I guess they can't make the "puke saber" soon enough 8~0===# *splat*
It is fun! It is the best FPS I've played online ever. Note, its beta, there are still plenty of bugs. My biggest and fastest computer only gets 10-24fps, but my older mid-level is 125fps solid. The difference seems to be 64-bit XP vs 32-bit. Regardless of browser, video driver, single head, multi-head, picmip, screen resolution, fresh install or otherwise, the 64-bit machine get's terrible fps (usable, but not as nice) and the 32-bit screams... I've done everything I can, swapped video cards between to two... everything. But playing on the 32-bit is a lot of fun! The skill matching is pretty good, the levels are fresh, some are reworked, some of the good ones from RA3 are missing, but its still a blast. -rich
Create rainbow tables and charge a small fee for access. If you target M$ Office passwords, specifically the password to open, 40-bit RC4, target the possible keys because there are less possible keys than are possible passwords. See Ophcrack office, Rainbow crack office and Elcomsoft AOPB.
Running as non-admin is easy, runas (which is only a right-click away)is very easy to use and works well 99% of the time. The annoying thing is remembering to right-click the msi/exe to use runas :) Do you need AV? IE is how BHO's like vundo get in to your pc, active-x is also a nightmare... I've been saying this for years! I have 5000+ users that we no longer install AV directly on their PC's, and we pass our PCI/DSS and SOX audits every year. There is no excuse for M$ to put users into Admin by default. Windows 7 however it does... the local admin account is disabled... but so what! It's idiotic, lock the administrator, but place a new user into admin group by default.
-rich
ClearSite
"My posses on broadband" -vintCerfsAlot -rich ClearSite Network Management System
Spammers and phishers already have that data, name+email etc... sounds like a drop in the bucket to me. -rich clearsite.sourceforge.net
An identity thief will smile alot after he/she has got my money, so how does this help if the system can't cope with a smile and or glasses. "Smiling all the way to the bank" ring a bell? Security theater plain and simple. Another waste of my taxpaying dollars. I'll have no photo next time, or pull a peewee and use scotch tape on my face the whole time I'm there. -rich http://dev.clear-site.net/
ClearSite is prettier than Cacti, it's geared towards Cisco and HP network gear, but the new version coming in 2009 will blow the competition away! While it uses RRDTool also, it has a real-time Ajax search and a much better navigation scheme over Cacti. http://clearsite.sourceforge.net/coming-soon.html
Not much, BHO's like Vundo(virus) only work against IE, we don't use IE. There is very little. I've got 2000+ users who are never infected, again no IE. -rich
98% of virii/malware etc need ADMIN to succeed... and very few application on windows, save a very small percentage actually need admin. The User Group is good enough for the wife/kids and my sales staff, lowers TCO even for M$. We don't use installed AV clients, we scan remotely nightly, run proxy+av along with snort, no issues. Users can use runas http://xinn.org/RunasVBS.html if need be, but they probably won't need to. Anti-Admin VS Anti-Virus, and AA wins! http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html -rich
Best Practices. M$ and tons of 3rd party software makers, don't make it easy to adhere to Best Practices, I'm sure if they did they'd be called Easy Practices. http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html When was the last time you had to run a video game as root? Never. On M$, games and lot's of other things do need admin to run about 70% of the time probably more, however you don't have to be logged in as a member of the admin or power users group to run them. You can use runas (similar to su) with a simple right-click. Why don't virus "shoot-outs" and other types of comparisons ever put all those Anti-/spyware/virus software up against a non-admin user... You may actually find the non-admin wins. My wife/kids and myself don't run as admins on my M$ machines, and for good measure we do scan nightly (TY ClamWin) for good measure, nothing for over 3 years. The only spy-ware we've gotten are some "browser helper objects" but since I hid the IE icon under the FF icon, it's never happened again. Remember, *nix started out as a multi-user system, and windows did not, they kludged a mult-user system (version after version) on top of a single user system, and security is/was an after thought, clearly. -rich
I'm going to put some dough in it and make Jesus or Mary appear in a tortilla... -rich
Take away admin rights, they surely don't need them. Your savings are two fold. 1) You've just mitigated 99.9% of spyware and Viri 2) Less time needed to keep spyware/viri off, as well as keeping your boxes from becoming bit-tortent or other P2P server and or a spam zombie. http://richrumble.blogspot.com/2006/08/anti-admin- vs-anti-virus.html
http://clintonforbes.blogspot.com/2006/10/10-pros- cons-of-switching-from-windows.html (read the second to last paragraph of that blog)
-rich