| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 2000/6/14-16 [Computer/SW/Security] UID:18465 Activity:high |
6/14 I have written a program that "pipes" port1 to port2 on a machine
[so if you do say telnet foo 25 that can automatically send to
to port 19, chargen]. Is there a way to grab all the unbound ports
and map them to chargen, to deter people scanning my machine? Will
that be an expensive program to run? I don't want to launch one
version of the process for each port. Thanks!
\_ Why are you even doing this? You're reinventing the wheel.
Just use the IP firewall rules built into your OS to port
forward a range of ports.
\_ I want to turn this on and off. Also not all OSes support
IP firewall. Would like to do this at the application level.
Can you tell me how to listen on all the unbound ports like
inetd?
\_ Sheesh, get a real os. What are you using? win 3.1?
\_ It's actually a vintage box; running a hacked-up
TCP/IP stack for CP/M. I'm using it as a low-load
web server
\_ inetd doesn't listen on all unbound ports - it listens on
the ports listed in inetd.conf. You could write a program
that looped through all possible port numbers and bound them
(if your OS supports opening 64k fd's in a single process)
but that would prevent any other app from being able to bind
a listening port.
\_ N0H0ZERZ!
\_ If the ports are unused what's the big deal? You can't stop
a scan. And if you have insecure services running on other
ports, your program won't help that either. What are you
trying to do? What's the point? Your program won't do
anything useful for you.
\_ An easier thing to do is run FreeBSD 4.x and in /etc/rc.conf set
tcp_restrict_rst="YES" This will cause connections to ports with
nothing listening to hang until timed out. This pretty much kills
portscanning. --dbushong
\_ Who cares? Let em scan. Security through obfuscation and
irritation is not security. You're only slowing down the
inevitable.
\_ If you don't believe in "security through obfuscation"
you won't mind sharing all your passwords with me.
\_ That's different. A password is obscure in a
way that in order to crack it, you need to
try a bunch of random combinations before you
can get it right. Security through obscurity
is where a backdoor exists but you just hid it
somewhere. It's the difference between a key
to your house and hiding that key under the mat.
The key is like the password. Hiding the key
under the mat the the obscure part. Obviously,
most prowlers will usually look under the mat
first before actually cracking the windows.
\_ A password is not obfuscation. Hiding your buggy
service on a random port and making it hard to scan
is obfuscation. Given a few extra minutes your
s00per sekret buggy service will turn up. My ssh
passphrase won't. You know I could give you my
ssh passphrase and it won't help you get into any
of the machines I run but you wouldn't undersand
why. Damn, it's so sad there's no real ugrad
security classes. It shows.
\- i was thinkign about writing a something to wedge
the iss scanner specifically. am trying to decide
whether to do it at a tcp level [long time outs etc.]
or generate random data on port 80, when talking to
nfsd, mountd etc. i am also thinking about using
xinetd. would be interested in more discussion on
this. --psb |
| 2000/6/14-16 [Computer/HW/Drives] UID:18466 Activity:moderate |
6/14 What's the difference between DVD ROM and DVD RAM? Is DVD RAM a
writable DVD? In the same way CD-R/RW are writable? -DVD ignorant
\_ Like CD-RW, not like CD-R. --PeterM
\_ Thanks!
\_ DVDRAM also comes in a casing, like a floppy or MD
\_ DVD RAM vs DVD RW: FIGHT! |
| 2000/6/14-16 [Uncategorized] UID:18467 Activity:nil |
6/14 http://www.cs.bell-labs.com/cm/cs/who/rob/utah2000.ps Master Rob Pike has spoken \_ pike off, taffer |
| 2000/6/14-16 [Consumer/Camera] UID:18468 Activity:nil |
6/14 Has anyone developed film onto KodakCD? How is the quality?
\_ When you say "KodakCD", do you mean PhotoCD (their "pro" product),
or PictureCD (their cheaper "home" product)? With PhotoCD, you get
back your images scanned at 5 different resolutions, the highest of
which is 2000x3000. With PictureCD, you get a single 1024x1536 scan
of each image. I've never used PhotoCD, but I've gotten a PictureCD
with each roll of film I've developed while in Europe so that I
have an easy way of sharing vacation pics on the Web. It works well
for that -- decent resolution, decent contrast/color balance, no
problems with added dust and scratches. I usually only have to do a
crop and some minimal brightness/contrast twiddling for each image
I want to share. Search for both product names on http://photo.net to read
about the respective experiences of others. -- kahogan |
| 2000/6/14 [Computer/SW/Database, Industry/Jobs] UID:18469 Activity:very high |
6/12 \_ uctt, are you a contractor? what do you do?
\_ full time employee at my own startup now. never contracted in my
life. but i did spent some time in big 5 consulting managing
various e-Commerce projects and our team of consultants from big
5 was always much better than the employees in the client company
(that's why they were paying us $275-$350/hr to be there) -uctt
\_ No. They were paying that so management could have someone
to blame when it all falls to shit. No one pays you more
because you're more skilled. They don't have a basis to
judge your skill level.
\_ of course that's a big part of it. we'll take
the blame if it all "falls to shit". it's called
taking RESPONSIBILITY and i'll take the
responsiblity for a project in exchange for the
big bucks that they have to pay us. i've
met morons in consulting. i've met a lot more
morons that work as full time employees for the
client. -uctt
\_ You know why that is, right? The companies
that don't need your expertise don't hire
you. If there's a better staff in house then
likely they'll go with that. Granted,
sometimes management does stupid things
anyway, but I bet this helps explain your
experiences. --dim
\_ Holy cow! I find myself agreeing 100% with
dim. Hell has just frozen over.
\_ I think it's a great idea to hire
consultants when the current staff
is better. What's the matter with
you?!?
\_ Sorry, what was I thinking. I'll
call uctt right away to pay more to
get less.
\_ that's why nearly all of the largest and *best*
companies in the world employs a large number of
consultants. why doesn't sun, cisco, microsoft,
oracle, hp, ibm, etc... all just hire the best
talent and do all of their work in house?
certainly they have the money to hire pepole
right? why do they have consulting companies in
there if the consulting companies easily cost 2x
as much as their normal employees? oh...b/c
you know something that bill gates, john
chambers, scott mcnealy, larry ellison, etc.
doesn't know right? -uctt
\_ Your definition of "best" is what? You mean the
way IBM took a huge fall in the 80s? The way
Sun, Oracle and others needed the DoJ to level
the playing field? The way HP is falling apart?
Or that Cisco had to buy Arrowpoint because they
couldn't build their own load balancing switches?
You're confused. Big != better. The *best*
companies are the ones you've probably never
heard of. You'll know who they are 5 years from
now. These large but not best companies use
consultants because the *best* people wouldn't
work for them at any price. I'd be ashamed to
have IBM or Oracle on my resume. The *best*
people have all left these giant ugly slow beasts
for startups. It's still happening today. Don't
spend too much time convincing yourself how great
you are. The day you meet the people working
for the *best* companies will be the worst day of
your life as your giant ego comes crumbling and
tumbling down and all of IBM's horses and all of
Oracles men won't be able to put it back together
again. The emperor wears no clothes. I know the
exact same thing your top 5 list of CEOs knows:
that their employees suck, they can't hire the
best so they have to pay vampires and leeches to
do it for them and just pass along the costs to
their customers. It's people like you that make
software and hardware so expensive for no real
reason. You're not a value-add. You're a value
minus.
\_ who are you??? Preach it brother! you rock.
- anonymous#1fan
\_ Thanks. Just calling it like I see
it.
\_ Uh ... gee!
\_ so what are the best companies right now
that i haven't heard of but i will hear
about 5 years from now? and why is it that
most of the upper level executives in large
corportations have worked in consulting at
some point in their careers? just name a
few of these companies and we'll continue
the discussion... -uctt
the discussion...but i can tell you right
now that either their executive staff is
made up of former consultants, many of
their developers are former consultants, or
they just don't have enough cash for
outside consultants....YET. all of the
successful companies have used consultants
very heavily and they cannot all be wrong.
-uctt |
| 2000/6/14-16 [Health/Eyes] UID:18470 Activity:high |
6/14 What do the 20's in "20/20 eyesight" mean? Thx.
\_ It means they're violating Starbucks' trademark, since they have
'Venti' copyrighted, or whatever. If any optometrist ever drinks
coffee, they're opening up themselves to one hell of a suit. -John
\_ Isn't that new technology neat? -- ilyas
\_ tell of us the stars....
\_ a standard vision test is given at a distance of 20 feet. if
your vision is "20/30", you can read at 30 feet what a normal
20/16, you can see at 16 feet what a normal eye sees at 20
eye would see at 20 feet. on the other end, if your vision is
\_ you've got that backwards. someone who sees 20/30 can
20/16, you can see at 20 feet what a normal eye sees at16
your vision is "20/30", you can read at 20 feet what a normal
eye would see at 30 feet. on the other end, if your vision is
20/16, you can see at 20 feet what a normal eye sees at 16
-danh
\_ someone who sees 20/30 can
see at 20 feet what the average person can see at 30 feet.
fighter pilots need to see 20/15 or 20/10, so they can see
at 20 feet what joe average can see at 10.
\_ I see. For near-sightedness, how does 20/xx translate to/from
the number of "degrees" that some people use to measure near-
sightedness?
\_ maybe you mean diopters. there's only approximate
relations between 20/x ratings and diopters.
see http://www.lpf.com/source/rk/20something.html
\_ I don't know. I was told that my short-sightedness is
simply "550", and everyone in my home country seems to
understand it.
\_ That's probably meant as -5.50
\_ To be slightly more precise, it's based on ability to discern
alpha letters at that distance. Your 20/20 may not be my 20/20.
\_ As opposed to... beta letters?
\_ As opposed to chinese, for example. the eye chart
uses block letters, easy to discern. There are "20/20"
Lasik patients who can't drive safely at night.
\_ As opposed to shapes, colors, 2d objects, 3d objects,
moving objects, unmoving objects, get the picture?
\_ You missed the point. No reason to pull the
non-existant term "alpha letters" out of yer ass.
\_ It wasn't my ass. Thanks for being
concerned for my ass though. |
| 2000/6/14-15 [Uncategorized] UID:18471 Activity:very high |
6/12 Take it to a newsgroup.
\_ Waaah! Do I 'win' if I got the last word in?
\_ yeah! i did get the last word in right before this guy erased
it (obviously you didn't read it though). -uctt |