Berkeley CSUA MOTD:2002:March:13 Wednesday <Tuesday, Thursday>
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2002/3/13 [Computer/SW/Security] UID:24092 Activity:high
3/12    sshd has got vulnerabilities, fixes, and potential future
        vulnerabilities. If I TCP wrap and use hosts.allow/deny for sshd
        and other apps, so only listed hosts can connect, does that prevent
        intruders from exploiting future holes?
        That is, as long as it's TCP-wrapped or restricted by hosts.* files,
        even if I was running an exploitable version of sshd, nobody can
        break in via sshd, true?
        Same with all inetd.conf daemons, right? I only run one.
        (This assumes the hosts in my hosts.allow file are secure)
        \_ Here is a thought. Run sshd on a high number port as sshd rather
           than root. Then use your fw/nat/pat box redir 22 to the high
           number port. This way even if there is a breakin, they don't
           get root (assuming root can't login via ssh).
        \_ Assuming no holes in tcpwrappers, probably.  ssh uses libwrap,
           which is a little different than being wrapped in inetd.conf,
           and possibly is less secure.  -tom
        \_ why dont you just upgrade/patch ssh?
           \_ "potential future vulnerabilities", i.e. undiscovered bugs.
              \_ well then, why dont you jsut remove ssh.  even safer,
                 unplug your machine from the net.  Nothing safer from network
                 attacks than an airwall.
                 \_ You're an idiot.  -tom
                    \_ No s/he has a point.  If the OP is so afraid of being on
                       the net that they want to be 'safe' from the future,
                       they're on the wrong net.  They need to power down and
                       idiot." because that requires no thought or effort.
                       go read a book in a park if they want that level of
                       safety.  No one can protect your net from unknown future
                       bugs.  If it was that easy everyone would be doing it.
                       Of course it's much easier to just post "You're an
                       idiot." because that requires no thought or effort. -i2
                        \_ Oh, and posting "disconnect from the net if you
                           want to feel safe" requires effort?  Guess what--
                           you're an idiot, too.  -tom
                           \_ i don't give a rats ass about this thread,
                              i'm just going to point out that tom has
                              proven himself to be a total idiot about
                              a hundred times over on the motd.
                              \_ Does that include his anonymous postings?
                           \_ clearly you're dead to sarcasm.
                              \_ "Sarcasm is hard!  Let's go shopping!"
                              \_  The post above by "i2" is not sarcasm. If you
                                  are i2 then you are a liar, if you are not
                                  then, Guess what -- -!tom
                                  \_ Wow... let it go. Time to move on.  Try
                                     Prozac or Ritalin or something.
        \_ IP Spoofing isn't that hard and you will also need to ensure
           all of the hosts in your list are never compromised. If you are
           concerned about security you need to set up your network in
           a manner that is secure.
        \_ Isn't the known hole in ssh quite hard to exploit?
           \_ Yes, and that too only if you have a local account
              with a valid passwd and shell.
2002/3/13 [Uncategorized] UID:24093 Activity:high
3/12    is there something can be done with the following?  Obviously it's
        an hoax/fraud.  Is it important enuf for the FBI to follow?
        \_ Don't we have enough spams and scams already?  Do you have to put
           that on the motd?  Get a life.
           \_ see you freak'n asshole, people wants to read it.  YOU should
              go get a life instead of sitting there editing other's mesg.
              why are you so fuck'n anal you dumb shit! =D
           \_ am i really really dumb, or did the above poster not post
              anything?
              \_ it was edited
                \_ then un-edit it. i want to read it.
                 \_ it was just the nigerian scam with a minor twist
                    \_ is that the thing where someone says they need to
                       sneak something like $50M into the country? ...or
                       am I thinking of another spam/scam.
                       \_ Yeah it was something like that.
2002/3/13 [Reference/Military] UID:24094 Activity:very high
3/12    Fire with Fire:
        http://www.omaha.com/index.php?u_np=0&u_pg=36&u_sid=336167
        \_ That's fucking hilarious! --scotsman
        \_ I'd go to every game just so I could root against them. It would
           just be too much fun for me to yell derogatory things about the
           the team mascot all game long.
        \_ the "what people are saying" is pretty funny too.
        \_ AFAIK, the "reds" slaughtered the "fighting whites" at the
           battle of little big horn. Wouldn't it be ironic if the
           "reds" won this time around as well?
        \_ I don't get how the name Fighting Whitie is offensive. Maybe
           Horny Whities or Greedy Land Owning Whities, but Fighting Whities?
           Gimme a break
           \_ how about Manifest Destiny Whities or Small Pox Spreading
              Whities or Xeno Killing Whities?
              \_ Why not Fighting Nazis? Fighting Klansmen? Fighting Niggers?
                 Fighting Chinks? Fighting WhItey is not offensive or
                 attention-getting at all
        \_ What if you were a historically subjugated minority and then had
           to see a belligerent caricature of your ethnic group all over
           national television? Do you think that'd make you feel good?
           Hell no. Damn Notre Dame.
        \_ so judging by the above posts, do people generally not see
           the native american sports team names as a bad thing at all?
2002/3/13 [Uncategorized] UID:24095 Activity:nil
3/12    Restored.  Why do people bother?
2002/3/13 [Computer/SW/WWW/Browsers] UID:24096 Activity:high
3/12    what do you think about listening to internet radio or mp3s using
        computer at work?
        \_ how does this differ from bringing your CD player to work
        and listening to music?
        \_ depends on what work you are doing.  Tech Support?  Software
           Engineering?
        \_ I think it's a fine idea.
        \_ Are you questioning a bandwidth or noise polution policy, or
           a time waster policy.  The former are valid concerns.  The
           latter is just stupid.  If the employee is being productive,
           taking away their music would be vindictive and pointy-haired.
           If they're not being productive, music is probably not their
           only problem. --scotsman
        \_ on a somewhat related topic, will this XM radio idea ever
           take off?
           \_ are you willing to pay $9.99 a month for it?
        \_ work shud never be fun.. stop fukn around and work.. -shac
2002/3/13 [Computer/SW/SpamAssassin] UID:24097 Activity:high
3/12    Have any other people got the RessumeRabbit spam from "Daniel
        Johnson"?  I want to respond to tell him to leave me alone but I'm
        worried this will just confirm my email as active... has anyone
        else replied to this?  ... what happened?               - rory
        \_ It's spam.  Why would anyone reply?  You used a throw away email
           address for your job hunting and resume posting... right?  You
           wouldn't do some newbie thing like use your real address in a forum
           that you *know* is getting put into 500000 million databases which
           get sold and resold to idiots like that... right?  You *do* have
           tons of throwaway addresses because you're smart... right?
        \_ Got one from Todd Fisher
2002/3/13-14 [Computer/SW/Unix] UID:24098 Activity:very high
3/13    Lets say your / is getting full quickly for some off reason... where
        could the culprit be? I already looked at /var/adm/log and stuff...
        \_ /tmp?
        \_ And if you're desperate 'find' with the right options might show
           you a single file on the partition that's huge (and growing).  Or
           a 'du' if you're *Really* desperate or lazy.
        \_ lsof can work wonders here.  What can sometimes happen is that a
           file can be deleted (or hidden because you mount something over
           the directory where it exists), and you neglect to HUP a daemon
           that's writing to it.  The file won't actually go away until the
           daemon closes it's filehandle.  find will never find such a file.
           lsof will. -dans
           \_ What's wrong with du?  du -hx -d1, then choose the largest
              directory and go from there.
              \_ Not all versions of du are the same.  Just like not all
                 versions of find are the same, etc.  My reply assumed a
                 base level version of each command that didn't have all the
                 zillions of options that the latest gnu has.  I did say if
                 they have the right options, etc.  Man pages are your friend.
                 My local base install is older and doesn't have a 'dont cross
                 file system boundary' option.  I have the gnuer version also
                 but that was my choice to install it.  The OP may not have.
                 Besides, du can be ugly and slow.  It's an act of desperation
                 for only when a quick bit of manual snooping in the obvious
                 /tmp and log directory type places doesn't work.
        \_ /var/mail and /var/spool
        \_ /homes/user/pr0n
2002/3/13 [Uncategorized] UID:24099 Activity:nil
3/13    "SPECIAL OFFER:  For a limited time only, you will receive a FREE
        personal brass hookah with the Ultimate Herbaceous Intro Offer as our
        gift to you.  This hookah has a retail value of $25.00."
        I'm *sooo* glad that domain ownership records are public.  Sure this
        got pre-filtered into my crap folder but really....
2002/3/13 [Uncategorized] UID:24100 Activity:nil
3/13    Post 9/11: Are there still bomb threats at Berkeley?  Evans Hall?
        \_ Hopefully.
2002/3/13-15 [Uncategorized] UID:24101 Activity:high
3/13    I'm writing a program called diff_tex which takes 2 tex files,
        OLD and NEW, and produces a version of NEW with changes
        highlighted in some manner.  At first I tried putting
        \begin{bf} and \end{bf} enclosing lines where changes had
        occured but this can cause problems inside equation, align,
        or tabbing environments.  Does anyone know of a way to highlight
        something (bold, italics, red, whatever) such that it will work
        in most latex environments?  Thanks. -emin
           \- i am not sure what you are setting out to accomplish but i am
              not sure it is feasible. i mean tex can be a full blown
              language and just looking at text diff probably wont cut it.
              e.g. if macro are redefined etc. --psb
        \_ put boxes around it?
           \_ Do you mean with \fbox?  The \fbox command seems even less
              robust than other things like \begin{bf} ... \end{bf}.
              Are there tricks for making \fbox robust?  Thanks. -emin
        \_ I think green boxes with reddish brown flowers on a bed of darker
           green grass or maybe clovers....
           \_ We started out with boxes but they're too much work. We've settled
              on good old fashioned, herbicide-sucking turf.
           \_ We started out with boxes but they're too much work. We've
              settled on good old fashioned, herbicide-sucking turf.
              \_ Maybe a nice red brick pathway lined by dasies would put the
                 right touch to it.
                 \_ Hmmm. That's not a bad idea. We'll just have be careful not
                    to mow the flowers when we mow the lawn.  Maybe putting in a
                    wire border high enough to stop the fender...
                    \_ Well the flowers go "back" a bit from the edge so it'll
                       be hard to mow the flowers by mistake.  You only need
                       about 6 inches of clearance between the edge and the
                       plants.  Good luck with it!  Post pics when you're done.
              \_ I don't know any tricks for \fbox.  What if you just
                 delimited all changes with special characters?
                 e.g. ***** something that was changed ******
2002/3/13-14 [Politics/Domestic/California, Politics/Domestic/President/Bush] UID:24102 Activity:moderate
3/13    http://www.nytimes.com/2002/03/13/international/13CND-ZIMB.html
        oh, the irony:
        In Washington, a statement by Secretary Powell said "Mugabe can
        claim victory but not democratic legitimacy."
        \_ What's the irony in that?
           \_ The touchy feely gore lover who posted this believes that
              bush and co did not win the election in a democratic way
              because they didn't let "every vote be counted" and had
              a bunch of cronies in the sc rule in thier favor.
              \_ Oh.  Is this that nonsense about stealing the election even
                 though no matter how they counted and recounted it afterwards
                 the best they could do was a three (3) vote win for Gore
                 under some extremely unlikely and bizarre circumstances?  You
                 mean that election where every vote got counted so many times
                 the chad was falling out of ballots all over the floor and
                 tables?  Thanks.  Now I know.
2002/3/13-14 [Politics/Foreign/Asia/China] UID:24103 Activity:high
3/13    Now blocking entire *.tw and *.cn at home.  .kr is going in there too
        if I ever get spammed from there.
        \_ Why is it that a lot of Chinese flock to get rich quick schemes?
                - Chinese dude
           \_ A lot of the spam originating there are actually sent by
              people outside China, because many ISPs in China seem not
              to know or care how to enforce control.  Maybe some sodan
              should get a job there.
              \_ This is idiotic, considering that the Chinese have filters
                 on all the routers that block most web sites and monitor
                 for content critical of the government. The more likely
                 analysis is that the communist Chinese just don't care.
2017/09/19 [General] UID:1000 Activity:popular
9/19    
Berkeley CSUA MOTD:2002:March:13 Wednesday <Tuesday, Thursday>