Berkeley CSUA MOTD:2002:March:13 Wednesday <Tuesday, Thursday>
 Berkeley CSUA MOTD Match all Match any Histogram Relevance Most current Least current

 WIKI | FAQ | Tech FAQ http://csua.com/feed/
 2002/3/13 [Computer/SW/Security] UID:24092 Activity:high 3/12 sshd has got vulnerabilities, fixes, and potential future vulnerabilities. If I TCP wrap and use hosts.allow/deny for sshd and other apps, so only listed hosts can connect, does that prevent intruders from exploiting future holes? That is, as long as it's TCP-wrapped or restricted by hosts.* files, even if I was running an exploitable version of sshd, nobody can break in via sshd, true? Same with all inetd.conf daemons, right? I only run one. (This assumes the hosts in my hosts.allow file are secure) \_ Here is a thought. Run sshd on a high number port as sshd rather than root. Then use your fw/nat/pat box redir 22 to the high number port. This way even if there is a breakin, they don't get root (assuming root can't login via ssh). \_ Assuming no holes in tcpwrappers, probably. ssh uses libwrap, which is a little different than being wrapped in inetd.conf, and possibly is less secure. -tom \_ why dont you just upgrade/patch ssh? \_ "potential future vulnerabilities", i.e. undiscovered bugs. \_ well then, why dont you jsut remove ssh. even safer, unplug your machine from the net. Nothing safer from network attacks than an airwall. \_ You're an idiot. -tom \_ No s/he has a point. If the OP is so afraid of being on the net that they want to be 'safe' from the future, they're on the wrong net. They need to power down and idiot." because that requires no thought or effort. go read a book in a park if they want that level of safety. No one can protect your net from unknown future bugs. If it was that easy everyone would be doing it. Of course it's much easier to just post "You're an idiot." because that requires no thought or effort. -i2 \_ Oh, and posting "disconnect from the net if you want to feel safe" requires effort? Guess what-- you're an idiot, too. -tom \_ i don't give a rats ass about this thread, i'm just going to point out that tom has proven himself to be a total idiot about a hundred times over on the motd. \_ Does that include his anonymous postings? \_ clearly you're dead to sarcasm. \_ "Sarcasm is hard! Let's go shopping!" \_ The post above by "i2" is not sarcasm. If you are i2 then you are a liar, if you are not then, Guess what -- -!tom \_ Wow... let it go. Time to move on. Try Prozac or Ritalin or something. \_ IP Spoofing isn't that hard and you will also need to ensure all of the hosts in your list are never compromised. If you are concerned about security you need to set up your network in a manner that is secure. \_ Isn't the known hole in ssh quite hard to exploit? \_ Yes, and that too only if you have a local account with a valid passwd and shell.
 2002/3/13 [Uncategorized] UID:24093 Activity:high 3/12 is there something can be done with the following? Obviously it's an hoax/fraud. Is it important enuf for the FBI to follow? \_ Don't we have enough spams and scams already? Do you have to put that on the motd? Get a life. \_ see you freak'n asshole, people wants to read it. YOU should go get a life instead of sitting there editing other's mesg. why are you so fuck'n anal you dumb shit! =D \_ am i really really dumb, or did the above poster not post anything? \_ it was edited \_ then un-edit it. i want to read it. \_ it was just the nigerian scam with a minor twist \_ is that the thing where someone says they need to sneak something like $50M into the country? ...or am I thinking of another spam/scam. \_ Yeah it was something like that.  2002/3/13 [Reference/Military] UID:24094 Activity:very high 3/12 Fire with Fire: http://www.omaha.com/index.php?u_np=0&u_pg=36&u_sid=336167 \_ That's fucking hilarious! --scotsman \_ I'd go to every game just so I could root against them. It would just be too much fun for me to yell derogatory things about the the team mascot all game long. \_ the "what people are saying" is pretty funny too. \_ AFAIK, the "reds" slaughtered the "fighting whites" at the battle of little big horn. Wouldn't it be ironic if the "reds" won this time around as well? \_ I don't get how the name Fighting Whitie is offensive. Maybe Horny Whities or Greedy Land Owning Whities, but Fighting Whities? Gimme a break \_ how about Manifest Destiny Whities or Small Pox Spreading Whities or Xeno Killing Whities? \_ Why not Fighting Nazis? Fighting Klansmen? Fighting Niggers? Fighting Chinks? Fighting WhItey is not offensive or attention-getting at all \_ What if you were a historically subjugated minority and then had to see a belligerent caricature of your ethnic group all over national television? Do you think that'd make you feel good? Hell no. Damn Notre Dame. \_ so judging by the above posts, do people generally not see the native american sports team names as a bad thing at all?  2002/3/13 [Uncategorized] UID:24095 Activity:nil 3/12 Restored. Why do people bother?  2002/3/13 [Computer/SW/WWW/Browsers] UID:24096 Activity:high 3/12 what do you think about listening to internet radio or mp3s using computer at work? \_ how does this differ from bringing your CD player to work and listening to music? \_ depends on what work you are doing. Tech Support? Software Engineering? \_ I think it's a fine idea. \_ Are you questioning a bandwidth or noise polution policy, or a time waster policy. The former are valid concerns. The latter is just stupid. If the employee is being productive, taking away their music would be vindictive and pointy-haired. If they're not being productive, music is probably not their only problem. --scotsman \_ on a somewhat related topic, will this XM radio idea ever take off? \_ are you willing to pay$9.99 a month for it? \_ work shud never be fun.. stop fukn around and work.. -shac
 2002/3/13 [Computer/SW/SpamAssassin] UID:24097 Activity:high 3/12 Have any other people got the RessumeRabbit spam from "Daniel Johnson"? I want to respond to tell him to leave me alone but I'm worried this will just confirm my email as active... has anyone else replied to this? ... what happened? - rory \_ It's spam. Why would anyone reply? You used a throw away email address for your job hunting and resume posting... right? You wouldn't do some newbie thing like use your real address in a forum that you *know* is getting put into 500000 million databases which get sold and resold to idiots like that... right? You *do* have tons of throwaway addresses because you're smart... right? \_ Got one from Todd Fisher
 2002/3/13-14 [Computer/SW/Unix] UID:24098 Activity:very high 3/13 Lets say your / is getting full quickly for some off reason... where could the culprit be? I already looked at /var/adm/log and stuff... \_ /tmp? \_ And if you're desperate 'find' with the right options might show you a single file on the partition that's huge (and growing). Or a 'du' if you're *Really* desperate or lazy. \_ lsof can work wonders here. What can sometimes happen is that a file can be deleted (or hidden because you mount something over the directory where it exists), and you neglect to HUP a daemon that's writing to it. The file won't actually go away until the daemon closes it's filehandle. find will never find such a file. lsof will. -dans \_ What's wrong with du? du -hx -d1, then choose the largest directory and go from there. \_ Not all versions of du are the same. Just like not all versions of find are the same, etc. My reply assumed a base level version of each command that didn't have all the zillions of options that the latest gnu has. I did say if they have the right options, etc. Man pages are your friend. My local base install is older and doesn't have a 'dont cross file system boundary' option. I have the gnuer version also but that was my choice to install it. The OP may not have. Besides, du can be ugly and slow. It's an act of desperation for only when a quick bit of manual snooping in the obvious /tmp and log directory type places doesn't work. \_ /var/mail and /var/spool \_ /homes/user/pr0n
 2002/3/13 [Uncategorized] UID:24099 Activity:nil 3/13 "SPECIAL OFFER: For a limited time only, you will receive a FREE personal brass hookah with the Ultimate Herbaceous Intro Offer as our gift to you. This hookah has a retail value of \$25.00." I'm *sooo* glad that domain ownership records are public. Sure this got pre-filtered into my crap folder but really....
 2002/3/13 [Uncategorized] UID:24100 Activity:nil 3/13 Post 9/11: Are there still bomb threats at Berkeley? Evans Hall? \_ Hopefully.
 2002/3/13-15 [Uncategorized] UID:24101 Activity:high 3/13 I'm writing a program called diff_tex which takes 2 tex files, OLD and NEW, and produces a version of NEW with changes highlighted in some manner. At first I tried putting \begin{bf} and \end{bf} enclosing lines where changes had occured but this can cause problems inside equation, align, or tabbing environments. Does anyone know of a way to highlight something (bold, italics, red, whatever) such that it will work in most latex environments? Thanks. -emin \- i am not sure what you are setting out to accomplish but i am not sure it is feasible. i mean tex can be a full blown language and just looking at text diff probably wont cut it. e.g. if macro are redefined etc. --psb \_ put boxes around it? \_ Do you mean with \fbox? The \fbox command seems even less robust than other things like \begin{bf} ... \end{bf}. Are there tricks for making \fbox robust? Thanks. -emin \_ I think green boxes with reddish brown flowers on a bed of darker green grass or maybe clovers.... \_ We started out with boxes but they're too much work. We've settled on good old fashioned, herbicide-sucking turf. \_ We started out with boxes but they're too much work. We've settled on good old fashioned, herbicide-sucking turf. \_ Maybe a nice red brick pathway lined by dasies would put the right touch to it. \_ Hmmm. That's not a bad idea. We'll just have be careful not to mow the flowers when we mow the lawn. Maybe putting in a wire border high enough to stop the fender... \_ Well the flowers go "back" a bit from the edge so it'll be hard to mow the flowers by mistake. You only need about 6 inches of clearance between the edge and the plants. Good luck with it! Post pics when you're done. \_ I don't know any tricks for \fbox. What if you just delimited all changes with special characters? e.g. ***** something that was changed ******
 2002/3/13-14 [Politics/Domestic/California, Politics/Domestic/President/Bush] UID:24102 Activity:moderate 3/13 http://www.nytimes.com/2002/03/13/international/13CND-ZIMB.html oh, the irony: In Washington, a statement by Secretary Powell said "Mugabe can claim victory but not democratic legitimacy." \_ What's the irony in that? \_ The touchy feely gore lover who posted this believes that bush and co did not win the election in a democratic way because they didn't let "every vote be counted" and had a bunch of cronies in the sc rule in thier favor. \_ Oh. Is this that nonsense about stealing the election even though no matter how they counted and recounted it afterwards the best they could do was a three (3) vote win for Gore under some extremely unlikely and bizarre circumstances? You mean that election where every vote got counted so many times the chad was falling out of ballots all over the floor and tables? Thanks. Now I know.
 2002/3/13-14 [Politics/Foreign/Asia/China] UID:24103 Activity:high 3/13 Now blocking entire *.tw and *.cn at home. .kr is going in there too if I ever get spammed from there. \_ Why is it that a lot of Chinese flock to get rich quick schemes? - Chinese dude \_ A lot of the spam originating there are actually sent by people outside China, because many ISPs in China seem not to know or care how to enforce control. Maybe some sodan should get a job there. \_ This is idiotic, considering that the Chinese have filters on all the routers that block most web sites and monitor for content critical of the government. The more likely analysis is that the communist Chinese just don't care.
2018/08/19 [General] UID:1000 Activity:popular
 8/19
Berkeley CSUA MOTD:2002:March:13 Wednesday <Tuesday, Thursday>