| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 2005/7/29-31 [Industry/Jobs, Computer/SW/OS/Windows] UID:38871 Activity:nil |
7/29 Anyone have any experience with (or other comments on) buying
from http://PCDirect.com? There doesn't seem to be much negative about them
posted online, and yet their prices (I'm looking at complete systems,
no OS) are noticeably lower than what I've seen elsewhere. I'm
naturally wondering where the catch is.
\- boy i thought you were talking about "professional cutlery
direct" whom i would have given a solid endorsement. |
| 2005/7/29-31 [Computer/SW/Unix, Computer/SW] UID:38872 Activity:kinda low |
7/29 Has anybody deployed a "checksumming/file integrity infrastructure"
across say ~100 *nix machines? Any recommendations for particular
tools? Tripwire is garbage, and for various reasons I am thinking
about moving away from veracity, which I am been using for a while.
Considering looking at osiris and samhain. Would prefer something
lean and old-school unixish (like one binary and one config file)
rather than one of these "entrprise software system" type things
with a large footprint and a lot of chrome. Tnx.
\_ Not on 100 machines, but we ran fcheck for a while. It was really
resource intensive. I moved to some one-or-two binaries C one
..i think the name started w/ an "a" It worked pretty well.
--dbushong
\- re: resouce intensiveness ... if the resources are 1. human time
2. cpu 3. disk io, i think you can decrease #2 by using fletcher
checksum instead of an expensive one like md5. not much you can
do about disk io ... so a lot of it comes down to #1 ... it's
key to have a config system flexible enough to not go crazy if
somebody say nfs mounts a 300gig parition without factoring
that into the configruation. as with intrusion detection
systems in general, resourse and ability to minimize false
alarms is what dictates success or failure in a practical
sense. for me, chekcing the OS on a sun takes about 6-10 min.
\_ The a____ program I switched to used less compute resources
because it:
a) used a weaker checksum
b) had internal optimized checksumming code (rather than
forking "md5sum" each time)
Both fcheck and it specified certain directories to scan and
didn't traverse mount points.
--dbushong
\_ There was a discussion of this on one of my security lists a
while ago--I have forwarded your question, and will forward
what comes up if you tell me who you are. So far someone has
suggested http://aide.sourceforge.net -John
\_ That was the one. --dbushong
\_ How do you mean? Does it work for you? I'd be interested
in your experience with it as I've had clients with just this
kind of requirement. -John |
| 2005/7/29-8/2 [Computer/Networking] UID:38873 Activity:moderate |
7/28 Anybody have actual details on the Cisco IOS vulnerability? I know
they're trying to quash it but with 'information wants to be free' I
figured a bunch of people must know about it. All I've heard so far
is that it's a remote heap overflow and Cisco's had a patch for months
but doesn't want to roll it out till their next release date. I also
heard a rumor that there's a vulnerability where the attacker can
damage the hardware, though I'd suspect they just mean firmware.
\- i have deleted my comments. pls dont restore them.
\- if i know you, you can mail me with specific questions --psb
\- if i know you, you can mail me with specific questions.
it is my opinion it is not an especially interesting problem,
just large in magnitude. there are more serious problems
in the nature of of internet routing as typically implemented
today which can be exploited to "bring the net to a halt" and
cant be fixed with a code patch. if the "damage the hardware"
comment refers to what i think, it is pretty much a red herring.
if i take over your solaris box, i can "damage the hardware" too.
i guess this bring new meaning to "8 fold path".
just large in magnitude and a lot of work to fix. there are more
serious problems in the nature of of internet routing as
typically implemented today and tcp/ip which can be exploited to
"bring the net to a halt" and cant be fixed with a code
patch. just like knowledge of how to "defeat" congestion
control ... well known but the stack hacks are not readily
available as far as i know. if the "damage the hardware"
comment refers to what i think it does, it is pretty much a
red herring. if i take over your solaris box, i can "damage
the hardware" too.
\- actally let me revise: the attack vector isnt interesting
(old idea ... ios heap attacks) but where you go from there is
interesting, but only so because what you are sitting on is
potentially a core router. not to say lynn didnt put in a lot
or work and cleverness to understand the weird MEMORY
archieteure of a router. the best of mudge, or SD are a lot
cooler, also you may wish to see Mr. FX's discussion of
the arch of IOS ... a router is not a "regular" computer.
\_ Wired News has a bit of a story about this, including links to the
researcher's report with a bit more details. see http://www.wired.com
\- I have put some comments at ~psb/MOTD/CiscoComment
\_ There was a lot of discussion on this on the DailyDave (STFW)
mailing list recently. I have the actual presentation, so mail
me @zog.net if you haven't seen it already. -John
mailing list recently, including, I believe, a few links to
shellcode. Drop me a mail @zog.net if you want me to forward the
archives to you (I don't think it's on http://immunitysec.com yet.) -John
\_ There has been a lot of discussion on NANOG about this in the
last two or three days. Cisco has issued a security advisory
stating that it is a IPv6 Bug:
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
http://lin.kz/?e0pw3
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
More information about Lynn's presentation is available at:
http://www.tomsnetworking.com/Sections-article131.php
http://lin.kz/?6bjoj
http://www.tomsnetworking.com/Sections-article131.php
The import of the presentation seems to be that IOS is an OS
and is vulnerable to buffer overflow attacks like any other OS:
http://www.merit.edu/mail.archives/nanog/2005-07/msg00991.html
http://lin.kz/?bv693
http://www.merit.edu/mail.archives/nanog/2005-07/msg00991.html
You may want to read these NANOG postings for more information:
http://www.merit.edu/mail.archives/nanog/msg09799.html
http://www.merit.edu/mail.archives/nanog/msg09914.html
http://http://www.merit.edu/mail.archives/nanog/2005-07/msg00981.html
http://lin.kz/?3nqo6
http://lin.kz/?9j2sj
http://www.merit.edu/mail.archives/nanog/msg09799.html
http://www.merit.edu/mail.archives/nanog/msg09914.html
http://www.merit.edu/mail.archives/nanog/2005-07/msg00981.html |
| 2005/7/29 [Politics/Domestic/President/Bush] UID:38874 Activity:nil |
7/28 Enter a creative headline for the following picture, I'll start.
http://www.nasa.gov/multimedia/imagegallery/image_feature_374.html
\_ Small brain, small TV
\_ This happens when your entertainment budget goes to the war
\_ It took him 2 minutes before he realized it's a microwave.
\_ How do I make the remote put NASCAR back on? |
| 2005/7/29 [Recreation/Media] UID:38875 Activity:nil |
7/28 Murderball == awesome movie. - danh |
| 2005/7/29 [Reference/Military, Reference/History/WW2] UID:38876 Activity:low |
7/28 John, this is for you... on the reference of ww2
"Nippon's true aim in the prosecution of the Greater East
Asia War is the maintenance of self-existence and self-defense
for the Empire and the emancipation of the peoples in Greater
East Asia from the yoke of the United States and Britain.
This sacred war aim is recognized by all human beings on
earth. There is a world of difference between our war aim
and that of the United States and Britain.
\_ Yeah, and it was war necessity to kill and rape 300k civilians in
the city of Nanjing in order to achieve this.
\_ Sometimes you must choke a dog in order to give it medicine. |
| 2005/7/29 [Uncategorized/Profanity, Science/GlobalWarming] UID:38877 Activity:nil |
7/28 I used to be young, idealistic, and optimistic. I had a job,
quit my job, and started helping people out to make the world
a better place. Then as I got older, I realized the world
doesn't want to be better. The old people don't like to be
told by youngin's how they should live their lives, and the
really poor people are actually pretty stubborn and most
importantly, conservative. People are they way they are,
because they unwilling to listen to you, to make changes,
or to be helped. The world doesn't need another fucking
idealist. So fuck the world, fuck social programs, fuck
volunteering, fuck Peace Corp, fuck everything that trys
to make the world better, because the world doesn't want
to be made better.
\_ You may want to read the Book of Ecclesiastes.
-- ulysses
\_ And finally, fuck you.
\_ The optimist believes we live in the best of all possible worlds,
and the pessimist fears he may be right. -- ilyas
\_ Actually, I'm happier knowing there are more idealists in the
world (at least those idealists that use violence as a last but
necessary resort, e.g., Gulf War 1, WW2, Korean War).
Do what I do: Be practical, but inside, be idealistic, but try
not to admit to it.
The practical side of you may have recognized that people resent it
when you single them out for charity (giving money to beggars), but
they will accept freely if it is part of a formal process that
most people see as fair (Social Security, Medicare, universal health
care, etc.).
\_ Heh. 'Most.' So are you liberals a persecuted minority or not,
make up your fucking mind.
\_ 72% of Americans support universal health insurance. That
sounds pretty moderate to me.
\_ 55% of Americans (including 47% of Kerry voters) believe
"God created humans in present form". 27% believe "humans
evolved, God guided the process". A mere 13% believe
"humans evolved, God did not guide process". About 2/3
of Americans want creationism taugh along with evolution.
What do I believe? I believe if the majority of Americans
believes in something, run away from it, fast.
\_ Hi troll! |
| 2005/7/29-31 [Computer/SW/WWW/Browsers] UID:38878 Activity:nil |
7/29 wtf is up with FF? I've given the new version a couple of weeks and
it seems as jumpy and prone to crash as IE now.
\_ Wow. Glad that I still haven't upgraded from 1.0.4.
\_ I've upgraded as each new version has come out since around .9.
I haven't noticed any difference in stability for good or bad since
1.0.0 came out on any of several machines.
\_ ditto.
\_ Are you using 1.0.5, cause there is a 1.0.6 now.
\_ works fine for me. maybe another relevant question is wtf is up
with your machine?
\_ As someone else pointed out to me on motd several months ago,
the reason for my FF 1.0.x crashes was an extension was buggy.
FF itself runs fine. (The buggy extension in question was an
older version of flashblock that crashed the newer version of FF.)
\_ And there it is. Thanks. I just unloaded all the extensions and
FF now runs the way it used to.
\_ I've heard the latest full Mozilla has lots of problems, too.
\_ It doesn't crash for me, but it seems a bit slower. -ausman |
| 2005/7/29-31 [Politics/Foreign/MiddleEast/Israel] UID:38879 Activity:high |
7/29 It's the Jews! It's always the Jews!
http://www.nysun.com/article/17686
\_ Where is the motd jew-lover NOW?
\_ Jewish people should rule the world.
/\
//\\ / ====
____//__\\____ / / \
\.-//----\\-,/ / / ___/\__
\v/ \v/ | | \ /
/\\ //\ | | \ /- \
//_\\____//_\\ \ \ // \_\
'----\\--//----` \ \ /
\\// \ ====
\/ GOOD EVIL
\_ An argument truly worthy of the motd.
\_ These guys are no more brainwashed or misinformed than your
average Fox News viewer. But yes, it is terrible that so many
are deliberately lied to by the media. This is one of the
reasons it is so important to come to an equitable resolution
to the Palestinian-Isreali conflict, so that the Arab governments
can't use it as a stick to whip up their peoples fury and
redirect it to Isreal and the United States. Though they
probably will try anyway...
are deliberately misinformed by the media.
\_ Ignoring the blatant troll bait at the beginning, you're out
of your mind if you think the Arab governments would settle
for any "equitable resolution." You completely fail to
understand the situation if you think they are going for
anything less than kill all the jews. Anything other than
genocide would be considered unfair by these guys.
\_ Sorry, you are simply wrong. Why did Egypt sign a peace
treaty with Isreal if that was the case? Seems like you
are as brainwashed as your average Fox News viewer. There
treaty with Isreal if that was the case? Seems like there
are perhaps one or two countries, like Iran, who still
feel that way, but they are in the minority.
\_ Seriously, do you read *any* history? How about the
*B*illions of dollars Egypt gets from the US every year
as long as they maintain the treaty? That money allows
Egypt to maintain a large and effective military for
the region, keeps the dictators swiss bank accounts full
and their home/family villages safe. Too bad the treaty
didn't include the Egyptian government newspapers, TV and
schools from teaching their people that all their problems
are Israel's fault when they're clearly not.
\_ When did Iran become Arabic?
\_ Point taken.
\_ Nuclear weapons, converting even the most persistent
wars into hasty peace treaties since 1945.
\_ It is not really a troll. Just because someone points out
an inconvenient fact, that does not make what they say
a troll. The point is that governments all over the world,
here included, have means of keeping the uneducated hoards
in check. The tools are a bit blunter in totalitarian
regimes, but if anything, they are even more effective
in the democracies.
\_ I think your attempt to equate personal freedom,
prosperity, and free press with blaming everything on
the Jews and shooting any who disagree brilliantly
demonstrates the bankruptcy of your argument. Thanks.
\_ I think your unwillingness to admit to the
propaganda in your midst demonstrates your
narrow simplistic "us vs. them" worldview and
is strong evidence of your own brainwashing.
Your fear that someone somewhere might be wanting
to "blame the jews" and "kill all the jews" shows
a definite paranoiac streak as well. Each side
uses simplistic sloaganeering, and phrases like
"freedom", "motherhood" and "patriotism" to try
and whip up hatred toward the "other side" and
make them more easily controlled. It is too bad
you can't see through it.
\_ Uhm, hello? Read *anything* from the Palestinian
side in the last, oh say, 40 years? They don't
pretend that the only fully satisfactory solution
is "kill all the jews". It isn't paranoia when
someone is out to get you.
\_ Yes, the only solution is to kill all of the
savage Arabs. Only then will the Israeli have
his lebensraum.
\_ Hi Mr. Strawman! How's it going back in
Rhetoric 10 class?
\_ http://csua.org/u/cvi (Isreal government)
"The PLO [...]
"2. Established the independent state of
Palestine and accepted the existence of Israel
as a state in the region;
"3. Declared its rejection and condemnation of
terrorism in all its forms, including state
terrorism;
Note the date, 1998.
\_ That's nice and all but that doesn't jive
\_ jibe
with the reality since 1998 and the PLO
sure as hell doesn't control or represent
all the other groups such as Hamas who have
never said anything but "kill all the jews".
They could've written a statement that said
the moon is made of cheese but that wouldn't
make the moon into cheese.
\_ I don't think critical thinking and independent thought
will ever be a "bankrupt ideology" but you are welcome
to believe that. And yes, the relative lack of a free
press in Egypt is dastardly. And yes, if forced to chose
sides, I would line up with what you un-ironically call
the side of "personal freedom, prosperity and [the]
free press." But you know what? I don't have to chose
sides. I can stand at the sidelines and mock both of
you for acting like Jr. High school children instead
of real adults. Grow up and learn to settle your
differences without resorting to demonizing the
other side and with minimal violence.
\_ The real irony here is that you claim mocking both
sides is somehow more mature that pointing out what
some bad people are doing and saying "That's bad."
This coupled, once again, with the "Kill all the
Arabs" strawman. I think all can see who is acting
like a Jr. High school student here.
\_ I am not the author of the "kill all the Arabs"
strawman. But to be honest, it is not much more
of a strawman, than the "kill all Jews" one. Do
I really need to dig out the quote where a US
Congressman advocates nuking Mecca? The point is
that you are both idiots and I am pointing out
both of your idiocy. And yes, mocking people is
pretty much always more mature than killing them.
\_ Well, I have no real way to respond to this
series of strawmen and red herrings. How
could I make you look sillier than you already
do? I guess I'll throw out that to my reading
the congressman did not advocate nuking Mecca,
series of strawmen and red herrings. Try
actually reading what people write, rather
than what you wish they had written. I guess
I'll throw out that to my reading the
congressman did not advocate nuking Mecca,
he hypothesised that the threat of nuking
Mecca might be a way of detering Islamic
terrorists for a nuclear attack on the US. I
don't know that it is, myself. I guess you
could dig it out and re-read it yourself, but
it's pretty obvious that reading comprehesion
is not your strong suit. |
| 2005/7/29-31 [Uncategorized] UID:38880 Activity:nil |
7/29 in SF till mid september
http://www.sfweekly.com/issues/2005-07-27/culture/art.html |
| 2005/7/29-31 [Uncategorized] UID:38881 Activity:nil |
7/29 "We were actually quite surprised to hear we had some large pieces of
debris fall off the external tank. It wasn't what we had expected ...
Frankly, we were disappointed to hear that had happened ... What I'd
like to say is this is something that has to be fixed ... I don't
think we should fly again unless we do something to prevent this from
happening again." -Commander Eileen Collins, Discovery |
| 2005/7/29-31 [Computer/HW/Drives] UID:38882 Activity:kinda low |
7/29 If I buy Pimsleur's "Quick & Simple" language CD ($15), is that
just buying the first 4 lessons of the full version which costs
over $300, or is it different?
\_ Get them all from Bittorrent first and see. --arr matey
\_ Get them all from Bittorrent first and see. --R Matey
\_ Which torrent search site should I use? The ones I use don't
have them, and I don't know which ones are good. Thanks.
\_ http://thepiratebay.org is the standard. the language stuff may
be incomplete or suffer sound quality issues though.
\_ I'm not sure about a $15 version. For Japanese I bought
some box that was the first 8 lessons for $40, and it came
with a coupon to buy the full 30 for $150. And since sodans
can do math, that's obviously better than paying the
full $300. -bz |
| 2005/7/29-31 [Uncategorized] UID:38883 Activity:nil |
7/29 Are there any good outdoor wi-fi hot spots in Berkeley?
\_ Airbears |
| 2005/7/29-31 [Politics/Domestic/President/Bush] UID:38884 Activity:kinda low 50%like:39576 |
7/29 CNN/USA Today/Gallup Poll:
Bush approval ratings hit lowest point of tenure
http://www.usatoday.com/news/washington/2005-07-29-gallup-poll_x.htm
\_ BUT THE GALLUP POLL IS ALWAYS RIGHT!!!! NOOOOOO!!!!!!!
\_ Although this is on http://usatoday.com, it's not anywhere on http://CNN.com yet
... I guess they'll post it Friday night / Saturday morning ...
how lucky for Dubya! (not that he's the type to watch the polls
anyway -- God Bless!)
\_ Oh wow, in the span of an hour, http://usatoday.com already moved the
link from the front page and buried it. Can you find the link?
Did some political genius recognize the unfortunate timing of
"The majority of Americans hate you" and "I'm going around
the congressional body and appoint Bolton anyway"?
\_ Erm, it's still on the front page, in the Washington/Politics
section
\_ heh, they've been moving it around
I just submitted the http://CNN.com link to http://drudgereport.com,
wonder how long that'll be
\_ He's a lame duck President. Why do you obsess over his poll
numbers? He obviously doesn't care or he'd be out in public
every week stumping for his programs like it was a campaign.
Find something interesting to obsess about. |
| 2005/7/29-31 [Uncategorized] UID:38885 Activity:nil |
7/29 Thinkgeek says today is Sysadmin Day. Bow before me and get me a
marshmallow shooter! That is all. I need more sleep! - jvarga |
| 11/22 |