| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 2002/6/21 [Computer/SW/OS/Windows] UID:25159 Activity:nil |
6/21 Please recommend a good/free schedule/script program.
\_ for what OS?
\_ cron? could you describe your problem in more detail?
\_ cron for unix, at for unix for one shot jobs, and nt/2k/xp have an
at command which I've never used so best of luck with that one. |
| 2002/6/21 [Politics/Foreign/MiddleEast/Israel] UID:25160 Activity:very high |
6/21 http://www.nytimes.com/2002/06/21/international/middleeast/21SUIC.html?pagewanted=2 "The bottleneck on the Palestinian side is not the suicide attacker," said a senior Israeli security official. "It's the bomb." \_ It will end only when Palestinian mothers love their children more than they hate the Israelis. \_ It seems to me that if Israel tried to make life better for the Palestinian's not as many would be willing to die in suicide attacks. For example, if Israel built decent public schools, health care, etc. and took steps to make help Palestinians find decent jobs some of them might decide that rebuilding their country and moving forward is better than terrorism. Then again, if one of my friends or family members was killed by a terrorist I might have a hard time taking such steps. \_ This is all UN controlled territory and the UN, EU, and others pump many millions a month into the PA. Where is all the money going? Not schools, jobs, or healthcare.... You're looking to the wrong folks for these things. Oh yeah, this is also all supposed to be demilitarised land. Why is the UN sitting on it's ass while weapons pour into the area? It'll end when the Palestinians love their children. As a side note, this was all Jordanian territory untl 1967 and they ran it even worse than the Israelis. Why were mass Jordanian executions ok but the Israelis are somehow supposed to be lifting up the people who are specifically targetting their children in a self-proclaimed "war of the buses"? \_ because people have short memories. \_ I'm not saying that what the Palestinians are doing is good. What they should be doing is massive non-violent protests a la Gandi or MLK, but they aren't. My point was only that Palestinian parents won't start encouraging their children to be peaceful unless they feel that they can have happy, productive lives. As long as life sucks, their will be no shortage of martyrs. \_ But Gandi and MLK both did it under severe adversity and oppression. I don't understand why Palestinians refuse to take the non-violent approach. \_ Those activists that have tried non-violence have been shot and beaten. They also tend to get pushed aside for attention by the violent types. In India, the independence movement had both violent and non-violent elements and even in the civil rights struggle, MLK was one of the more moderate elements. Isreal is also far more willing and able to use violence against the Palestinians than Southern Sheriffs were against King (sad but true). So, the short answer is, many Palestinians have tried non-violence. The longer answer is that non-violence is probably only ever effective as one part of a multi-pronged approach. Unfortunately, the Palestinians seem to have lost sight of this as well, and are increasingly dominated by the violent and desperate factions such as Hamas, leaving the Isrealis with no one reasonable to negotiate with. \_ Wow. Both of your arguments are basically clearly stated, respectful of others' points of view and earn sympathy from the reader. Maybe the football games have the normal crowd still asleep. In any case, I'm afraid this thread is too decent for politics on the motd. You're going to have to leave now. \_ YOU ESS EH! YOU ESS EH! YOU ESS.. oh damn it... \_ Try again in 2006. \_ Maybe the Palestinians wouldn't be so violent if their territority wasn't being littered with Israeli "Settlements"? |
| 2002/6/21 [Academia/Berkeley/CSUA/Motd, Academia/Berkeley/CSUA/Troll] UID:25161 Activity:high |
6/20 motd_warriors.new in /csua/bin, new -s option for statistics
\_ Needs to include # of yermom references.
\_ The correct term is "Yermom Invocation" or YMI. And what's with
all these people who can't figure out how to fucking format motd
entries. sheeit..
\_ Uh-huh. How about you throw down some FAQ or a URL, bitch.
\_ It wasn't hard to figure out. Follow the pattern you
fucking monkey! You're a Cal student! Figure it out!
\_ Agreed. Something like a pipe to grep "yermom"|wc|awk'{print $1}'
\_ I meant per thread. |
| 2002/6/21 [Computer/SW/Languages/Misc] UID:25162 Activity:nil |
6/20 Anyone has experience on reading and parsing XML documents via
a socket? My xerces parser doesn't know where the end of
document is. The work around documented on http://xml.apache.org doesn't
work either.
\_ uh read till the end of the last tag? |
| 2002/6/21 [Computer/Networking, Computer/SW/Security] UID:25163 Activity:moderate |
6/20 I'm so confused. Isn't 192.168.0.0 a non-routing network? ...
\_ http://CNC.net should not be routing these packets. Neither should
XO really, but they might have an agreement with CNC that
makes it hard for them to filter traffic.
\_ Welcome to the world of routing. Sadly, certain Network Operators
are, shall we say, less than clued.
\_ A lot of providers use RFC1918 addresses for 'private' interfaces;
frame relay clouds are a good example of this. They're not
supposed to be routed, but rather just used within a given
cloud or circuit for routers to be able to contact each other.
Sometimes routing information about these slips out, when someone
exports a default route, or doesn't filter correctly (correct
me if I'm wrong, but aren't some protocols, like OSPF, a pain
to filter individual routes/networks with?) so people with
different providers will see these addresses as "existing"
in various places. Shouldn't do any harm, it's just not very
clean. -John
\_ still, one shouldn't be using RFC1918 addresses even for
transit links, as it will get important ICMP messages generated
by the routes filtered out. Things like unreachables and
fragmentation-needed stuff. Its sloppy/bad practice. -ERic
\- terminal administrative domains such as lbl.gov put on a
lot of filters like this, but for some reason, various
transit domains like esnet are refusing to do so ... they
are saying there are some performance issues ... we didnt
argue much or demand to see the evidence but it is possible
there is sort of a reason, i.e. even if the overhead is
small, the fraction of these packets is vanishingly small
--psb |
| 2002/6/21-22 [Computer/SW/Security] UID:25164 Activity:high |
6/21 Since keyinit has been disabled and ssh doesn't work for me (behind
company firewall/proxy), what other options do I have to login to
csua? Already tried ssh with http-tunnel and socks2http. -allenchu
\_ Find someone who'll let you telnet into their shell account
and ssh in from there. -Someone who ran out of keys too.
\_ People like you are simply irresponsible bastards. You know
the difference between telnet and ssh but you're still insisting
on using telnet, potentially compromissing not only the security
of your personal account on both machines but also compromissing
the host security of both machines in general. Lots of root
breakins start with sniffed passwords. But you, of course, don't
give a flying f**k to this because you're probably not the one
who will end up fixing the problems later.
\_ If the company's firewall didn't block port 22,
he would of use SSH. Just because you are an irresponsible
idoit doesn't mean everyone else is.
\_ that's not an excuse for using telnet and
jeopardazing the security of the entire machine. I am
also surprised that a company that filters outgoing
ssh still allows outgoing telnet.
\_ I doubt there is one. It's too stupid to comprehend.
\_ How did you post your question without logging in?
\_ Because I have ssh at home. Also have a few keys left.
\_ can you ssh to port 80 on scotch.csua
\_ Thank you. This might be it. Of couse this assumes the
lovely M$ proxy that prevented http-tunnel to work will
not do the same to this solution. -op
\_ sorry, I haven't been paying attention: why is keyinit disabled
anyway?
\_ The answer I got was some sort of security hole w/ skey. |
| 2002/6/21 [Academia/Berkeley/CSUA/Motd] UID:25165 Activity:moderate 50%like:23870 50%like:24290 66%like:26400 66%like:26401 |
6/21 Motd Poll about the motd!
(feel free to add options and vote for more than one option)
The motd...:
Not enough censorship:
(other choices deleted) ...
Is easy to restore after being brutally chopped: .
Is perfect the way it is: .
Has too much censorship:
Not enough censorship:
Should only be for techie and student news:
Should be changed so it's no longer anonymous:
Should only be for announcements re: RIDE BIKE! USE LINUX!:
Should be set to zero bytes every hour:
A haven for anonymous anarchists determined to destroy the free world:
Is nothing I care about: |
| 2002/6/21-22 [Uncategorized] UID:25166 Activity:nil |
6/21 Filter Klez:
:0 Bh
* > 50000
* ^Content-Type:[ ]*(audio/x-|application)
* 1^0 ()<i?frame[ ]*src=(3d)?cid:
* 1^0 ^--[^ ]+$$Content-
virus
\_ ifile! |
| 2002/6/21-23 [Computer/SW/Security, Computer/SW/WWW/Server] UID:25167 Activity:very high |
6/21 Big bad apache hole in the wild. Patch/upgrade now. See http://apache.org or your favorite security site for details. \_ So they finally learned from Microshit? "In order to gain free press we need to introduce security holes." \_ Does anyone think this vulnerability could lead to a fast spreading worm like Code Red, for example? \_ What's the point? Apache + modules (esp. php) are full of holes. \_ So, don't use the modules you don't trust. Patch one, and there are still a hundred others that the '1337 H4X0R5 will use to break in. Even if you patch all the modules, you still have all your executable content (perl cgi, ssi, php, servlet, jsp, etc) which is undoubtedly riddled with holes. \_ 1) try formatting. 2) just because there are other holes is no reason not to patch this one. 3) glad you're not the admin at my company. \_ It is possible but cracking a site by exploiting the holes in locally written code is much harder than exploiting a widely publicized and well understood vulnerability that possibly affects nearly every apache site out there. If you care about security, run publicfile. \_ publicfile does not support CGI scripts or any kind of server side programming which makes it fairly useless for lots of users. \_ Um, it's not actually that bad. It's a DoS exploit at worst on many architectures. \_ nnnn! go read the security alert, not msnbc. \_ Actually I read all three. Plus the apache one. Plus the debian security-announce summary. It's a DoS explot. \_ Well you didn't read the one that said it's a full root exploit. Whatever, go use telnet. Not my problem. \_ At least one exploit (for openbsd) has already been posted on bugtraq with intent to prove people like you wrong. \_ If your OS doesn't execute data off the stack, it's not exploitable (but it's still DOS). And it's not a root hole, just the user Apache runs as. Still, it's potentially bad. -tom \_ Lots of people run apache as root. Lots of sites that run apache as 'www' or whatever will also have local holes if they haven't fixed this one. Thus it is highly likely that getting in through apache is just one step from root. Layers.... \_ I challenge you to find one person running Apache as root. -tom \- the csua used to run a WEEB server on it's name server. there was a bug that let you get a shell running as the WEEB server uid. now it turned out the WEEB server uid owned the WEEB config file, so you could just changed the run-as user to root and repeat the process and you would have a root shell on the name server. this is detailed in some comment by myself and P. Norby some time ago. I dont think this is that big a deal and right now the "real" denial of service is all the people running around recommend things like vulnerabilty people immidiately delete their defaultroutes and such. --psb |
| 2002/6/21-22 [Academia/Berkeley/CSUA, Academia/Berkeley/CSUA/Troll] UID:25168 Activity:very high |
6/21 There are songs about SF, NYC, LA, etc. Are there songs about
Berkeley? Say from the 60s or something?
\_ it's not a reasonable comparison. berkeley is a college town.,
and those are real cities. how many songs can you name from
cambridge, ma, palo alto, cambridge or oxford england,
north hampton, ma, ithica ny, an arbor michigan, or new haven,ct?
sure, there are colleges in the cities you mentioned, but
that's not why there are songs about them(unles you include
college fight songs in which case berkeley has an annoyingly
high number.)
high number.) people sometimes seem to forget this, but
berkeley is really just a college town. no one would even
think to ask the above question about State College, Pa for instance.
\_ "The Elements Song", by Tom Lehrer at least mentions
Berkeley, since two elements are named after Berkeley.
\_ From the 60s I don't know, but you can start with Green Day,
"Welcome to Paradise" from the mid-90s.
\_ Berkeley? You're confused about what Berkeley is all about. No one
in Berkeley actually *does* anything of any note, they just *talk*
about it a lot and sometimes carry signs. Why would anyone bother
to write a song about Berkeley? Would it be a take off on the "I
left my heart in SF" song? Like so, "I left my 3 sheets and my
bong in Berkeley!" Nah... doesn't work. Berkeley shmerkeley.
\_ attempted comedy? attempted troll? sorry... failed on all
counts.
\_ Neither. Stop looking for what isn't there and wasn't
intended. This isn't a comedy club.
\_ Let me guess. You are one of the bitter angry
conservatives on soda, right?
\_ Hell, I'm a non-bitter, non-angry liberal, and I agree
with him/her. --scotsman
\_ Haven't been robbed yet, Ben?
\_ Why do you assume all conservatives are bitter and
anygry? Your assumption that anyone with a differing
philosophy must have social and psychological problems
is a huge intellectual cop-out.
\_ You must have huge social and psychological
problems. If he though that ALL conservatives
were angry and bitter, he would not have had to
specify "one of those bitter angry conservatives"
and could have just said "conservatives". Are
you one of those dim-witted, hyper-sensitive
conservatives?
\_ Yawn. Are you one of those moronic and
blindly stupid ultra leftists who has to
determine the meaning of "is" and then attack
based on what you've falsely decided someone
has said by putting unspoken words in their
mouth rather than directly address their
statements? No, you're probably not. Have a
nice day. :-)
\_ http://www.thereoutthere.com/useeberklyrics.htm
How about all those Cal fight songs?
\_ Start spreading the news, I'm leaving today
I want to be a part of it - Berkeley Berkeley
hm, I guess that doesn't sound too good
\_ Berkeley gets mentioned a fair amount. Counting Crows
"Down on Virginia and La Loma/Where I've got friends who care
for me", Warren Zevon in "Roland, the Headless Thompson Gunner".
John Denver has a song called "Berkeley Woman". Joni Mitchell
mentions People's Park in "Court and Spark." -tom
\_ the Barington[sp?] co-op is mentioned in a Primus song
"if barington starts to breathe again, we might all
just fade away." perhaps someone can name the song. i forget. |