Berkeley CSUA MOTD:2005:July:29 Friday <Thursday, Saturday>
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2005/7/29-31 [Industry/Jobs, Computer/SW/OS/Windows] UID:38871 Activity:nil
7/29    Anyone have any experience with (or other comments on) buying
        from http://PCDirect.com? There doesn't seem to be much negative about them
        posted online, and yet their prices (I'm looking at complete systems,
        no OS) are noticeably lower than what I've seen elsewhere. I'm
        naturally wondering where the catch is.
        \- boy i thought you were talking about "professional cutlery
           direct" whom i would have given a solid endorsement.
2005/7/29-31 [Computer/SW/Unix, Computer/SW] UID:38872 Activity:kinda low
7/29    Has anybody deployed a "checksumming/file integrity infrastructure"
        across say ~100 *nix machines? Any recommendations for particular
        tools? Tripwire is garbage, and for various reasons I am thinking
        about moving away from veracity, which I am been using for a while.
        Considering looking at osiris and samhain. Would prefer something
        lean and old-school unixish (like one binary and one config file)
        rather than one of these "entrprise software system" type things
        with a large footprint and a lot of chrome. Tnx.
        \_ Not on 100 machines, but we ran fcheck for a while.  It was really
           resource intensive.  I moved to some one-or-two binaries C one
           ..i think the name started w/ an "a"  It worked pretty well.
           --dbushong
           \- re: resouce intensiveness ... if the resources are 1. human time
              2. cpu 3. disk io, i think you can decrease #2 by using fletcher
              checksum instead of an expensive one like md5. not much you can
              do about disk io ... so a lot of it comes down to #1 ... it's
              key to have a config system flexible enough to not go crazy if
              somebody say nfs mounts a 300gig parition without factoring
              that into the configruation. as with intrusion detection
              systems in general, resourse and ability to minimize false
              alarms is what dictates success or failure in a practical
              sense. for me, chekcing the OS on a sun takes about 6-10 min.
              \_ The a____ program I switched to used less compute resources
                 because it:
                 a) used a weaker checksum
                 b) had internal optimized checksumming code (rather than
                    forking "md5sum" each time)
                 Both fcheck and it specified certain directories to scan and
                 didn't traverse mount points.
                 --dbushong
        \_ There was a discussion of this on one of my security lists a
           while ago--I have forwarded your question, and will forward
           what comes up if you tell me who you are.  So far someone has
           suggested http://aide.sourceforge.net  -John
           \_ That was the one.  --dbushong
              \_ How do you mean?  Does it work for you?  I'd be interested
                 in your experience with it as I've had clients with just this
                 kind of requirement.  -John
2005/7/29-8/2 [Computer/Networking] UID:38873 Activity:moderate
7/28    Anybody have actual details on the Cisco IOS vulnerability?  I know
        they're trying to quash it but with 'information wants to be free' I
        figured a bunch of people must know about it.  All I've heard so far
        is that it's a remote heap overflow and Cisco's had a patch for months
        but doesn't want to roll it out till their next release date.  I also
        heard a rumor that there's a vulnerability where the attacker can
        damage the hardware, though I'd suspect they just mean firmware.
        \- i have deleted my comments. pls dont restore them.
        \- if i know you, you can mail me with specific questions --psb
        \- if i know you, you can mail me with specific questions.
           it is my opinion it is not an especially interesting problem,
           just large in magnitude. there are more serious problems
           in the nature of of internet routing as typically implemented
           today which can be exploited to "bring the net to a halt" and
           cant be fixed with a code patch. if the "damage the hardware"
           comment refers to what i think, it is pretty much a red herring.
           if i take over your solaris box, i can "damage the hardware" too.
           i guess this bring new meaning to "8 fold path".
           just large in magnitude and a lot of work to fix. there are more
           serious problems in the nature of of internet routing as
           typically implemented today and tcp/ip which can be exploited to
           "bring the net to a halt" and cant be fixed with a code
           patch. just like knowledge of how to "defeat" congestion
           control ... well known but the stack hacks are not readily
           available as far as i know. if the "damage the hardware"
           comment refers to what i think it does, it is pretty much a
           red herring. if i take over your solaris box, i can "damage
           the hardware" too.
           \- actally let me revise: the attack vector isnt interesting
              (old idea ... ios heap attacks) but where you go from there is
              interesting, but only so because what you are sitting on is
              potentially a core router. not to say lynn didnt put in a lot
              or work and cleverness to understand the weird MEMORY
              archieteure of a router. the best of mudge, or SD are a lot
              cooler, also you may wish to see Mr. FX's discussion of
              the arch of IOS ... a router is not a "regular" computer.
        \_ Wired News has a bit of a story about this, including links to the
           researcher's report with a bit more details.  see http://www.wired.com
           \- I have put some comments at ~psb/MOTD/CiscoComment
        \_ There was a lot of discussion on this on the DailyDave (STFW)
           mailing list recently.  I have the actual presentation, so mail
           me @zog.net if you haven't seen it already.  -John
           mailing list recently, including, I believe, a few links to
           shellcode.  Drop me a mail @zog.net if you want me to forward the
           archives to you (I don't think it's on http://immunitysec.com yet.)  -John
        \_ There has been a lot of discussion on NANOG about this in the
           last two or three days. Cisco has issued a security advisory
           stating that it is a IPv6 Bug:
             http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
             http://lin.kz/?e0pw3
            http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
           More information about Lynn's presentation is available at:
             http://www.tomsnetworking.com/Sections-article131.php
             http://lin.kz/?6bjoj
            http://www.tomsnetworking.com/Sections-article131.php
           The import of the presentation seems to be that IOS is an OS
           and is vulnerable to buffer overflow attacks like any other OS:
             http://www.merit.edu/mail.archives/nanog/2005-07/msg00991.html
             http://lin.kz/?bv693
            http://www.merit.edu/mail.archives/nanog/2005-07/msg00991.html
           You may want to read these NANOG postings for more information:
             http://www.merit.edu/mail.archives/nanog/msg09799.html
             http://www.merit.edu/mail.archives/nanog/msg09914.html
             http://http://www.merit.edu/mail.archives/nanog/2005-07/msg00981.html
             http://lin.kz/?3nqo6
             http://lin.kz/?9j2sj
             http://www.merit.edu/mail.archives/nanog/msg09799.html
             http://www.merit.edu/mail.archives/nanog/msg09914.html
             http://www.merit.edu/mail.archives/nanog/2005-07/msg00981.html
2005/7/29 [Politics/Domestic/President/Bush] UID:38874 Activity:nil
7/28    Enter a creative headline for the following picture, I'll start.
        http://www.nasa.gov/multimedia/imagegallery/image_feature_374.html
        \_ Small brain, small TV
        \_ This happens when your entertainment budget goes to the war
        \_ It took him 2 minutes before he realized it's a microwave.
        \_ How do I make the remote put NASCAR back on?
2005/7/29 [Recreation/Media] UID:38875 Activity:nil
7/28    Murderball == awesome movie. - danh
2005/7/29 [Reference/Military, Reference/History/WW2] UID:38876 Activity:low
7/28    John, this is for you... on the reference of ww2
        "Nippon's true aim in the prosecution of the Greater East
        Asia War is the maintenance of self-existence and self-defense
        for the Empire and the emancipation of the peoples in Greater
        East Asia from the yoke of the United States and Britain.
        This sacred war aim is recognized by all human beings on
        earth. There is a world of difference between our war aim
        and that of the United States and Britain.
        \_ Yeah, and it was war necessity to kill and rape 300k civilians in
           the city of Nanjing in order to achieve this.
           \_ Sometimes you must choke a dog in order to give it medicine.
2005/7/29 [Science/GlobalWarming, Uncategorized/Profanity] UID:38877 Activity:nil
7/28    I used to be young, idealistic, and optimistic. I had a job,
        quit my job, and started helping people out to make the world
        a better place. Then as I got older, I realized the world
        doesn't want to be better. The old people don't like to be
        told by youngin's how they should live their lives, and the
        really poor people are actually pretty stubborn and most
        importantly, conservative. People are they way they are,
        because they unwilling to listen to you, to make changes,
        or to be helped. The world doesn't need another fucking
        idealist. So fuck the world, fuck social programs, fuck
        volunteering, fuck Peace Corp, fuck everything that trys
        to make the world better, because the world doesn't want
        to be made better.
        \_ You may want to read the Book of Ecclesiastes.
           -- ulysses
        \_ And finally, fuck you.
        \_ The optimist believes we live in the best of all possible worlds,
           and the pessimist fears he may be right. -- ilyas
        \_ Actually, I'm happier knowing there are more idealists in the
           world (at least those idealists that use violence as a last but
           necessary resort, e.g., Gulf War 1, WW2, Korean War).
           Do what I do:  Be practical, but inside, be idealistic, but try
           not to admit to it.
           The practical side of you may have recognized that people resent it
           when you single them out for charity (giving money to beggars), but
           they will accept freely if it is part of a formal process that
           most people see as fair (Social Security, Medicare, universal health
           care, etc.).
           \_ Heh.  'Most.'  So are you liberals a persecuted minority or not,
              make up your fucking mind.
              \_ 72% of Americans support universal health insurance.  That
                 sounds pretty moderate to me.
                 \_ 55% of Americans (including 47% of Kerry voters) believe
                    "God created humans in present form".  27% believe "humans
                    evolved, God guided the process".  A mere 13% believe
                    "humans evolved, God did not guide process".  About 2/3
                    of Americans want creationism taugh along with evolution.
                    What do I believe?  I believe if the majority of Americans
                    believes in something, run away from it, fast.
              \_ Hi troll!
2005/7/29-31 [Computer/SW/WWW/Browsers] UID:38878 Activity:nil
7/29    wtf is up with FF? I've given the new version a couple of weeks and
        it seems as jumpy and prone to crash as IE now.
        \_ Wow.  Glad that I still haven't upgraded from 1.0.4.
        \_ I've upgraded as each new version has come out since around .9.
           I haven't noticed any difference in stability for good or bad since
           1.0.0 came out on any of several machines.
           \_ ditto.
        \_ Are you using 1.0.5, cause there is a 1.0.6 now.
        \_ works fine for me. maybe another relevant question is wtf is up
           with your machine?
        \_ As someone else pointed out to me on motd several months ago,
           the reason for my FF 1.0.x crashes was an extension was buggy.
           FF itself runs fine.  (The buggy extension in question was an
           older version of flashblock that crashed the newer version of FF.)
           \_ And there it is. Thanks. I just unloaded all the extensions and
              FF now runs the way it used to.
        \_ I've heard the latest full Mozilla has lots of problems, too.
        \_ It doesn't crash for me, but it seems a bit slower. -ausman
2005/7/29-31 [Politics/Foreign/MiddleEast/Israel] UID:38879 Activity:high
7/29    It's the Jews!  It's always the Jews!
        http://www.nysun.com/article/17686
        \_ Where is the motd jew-lover NOW?
           \_ Jewish people should rule the world.
            /\
           //\\                    / ====
      ____//__\\____             / /      \
      \.-//----\\-,/            / /    ___/\__
       \v/      \v/            |  |    \     /
       /\\      //\            |  |     \ /- \
      //_\\____//_\\            \ \     //  \_\
     '----\\--//----`            \ \      /
           \\//                    \ ====
            \/ GOOD                      EVIL
               \_ An argument truly worthy of the motd.
        \_ These guys are no more brainwashed or misinformed than your
           average Fox News viewer. But yes, it is terrible that so many
           are deliberately lied to by the media. This is one of the
           reasons it is so important to come to an equitable resolution
           to the Palestinian-Isreali conflict, so that the Arab governments
           can't use it as a stick to whip up their peoples fury and
           redirect it to Isreal and the United States. Though they
           probably will try anyway...
           are deliberately misinformed by the media.
           \_ Ignoring the blatant troll bait at the beginning, you're out
              of your mind if you think the Arab governments would settle
              for any "equitable resolution."  You completely fail to
              understand the situation if you think they are going for
              anything less than kill all the jews.  Anything other than
              genocide would be considered unfair by these guys.
              \_ Sorry, you are simply wrong. Why did Egypt sign a peace
                 treaty with Isreal if that was the case? Seems like you
                 are as brainwashed as your average Fox News viewer. There
                 treaty with Isreal if that was the case? Seems like there
                 are perhaps one or two countries, like Iran, who still
                 feel that way, but they are in the minority.
                 \_ Seriously, do you read *any* history?  How about the
                    *B*illions of dollars Egypt gets from the US every year
                    as long as they maintain the treaty?  That money allows
                    Egypt to maintain a large and effective military for
                    the region, keeps the dictators swiss bank accounts full
                    and their home/family villages safe.  Too bad the treaty
                    didn't include the Egyptian government newspapers, TV and
                    schools from teaching their people that all their problems
                    are Israel's fault when they're clearly not.
                 \_ When did Iran become Arabic?
                    \_ Point taken.
                 \_ Nuclear weapons, converting even the most persistent
                    wars into hasty peace treaties since 1945.
              \_ It is not really a troll. Just because someone points out
                 an inconvenient fact, that does not make what they say
                 a troll. The point is that governments all over the world,
                 here included, have means of keeping the uneducated hoards
                 in check. The tools are a bit blunter in totalitarian
                 regimes, but if anything, they are even more effective
                 in the democracies.
                 \_ I think your attempt to equate personal freedom,
                    prosperity, and free press with blaming everything on
                    the Jews and shooting any who disagree brilliantly
                    demonstrates the bankruptcy of your argument.  Thanks.
                    \_ I think your unwillingness to admit to the
                       propaganda in your midst demonstrates your
                       narrow simplistic "us vs. them" worldview and
                       is strong evidence of your own brainwashing.
                       Your fear that someone somewhere might be wanting
                       to "blame the jews" and "kill all the jews" shows
                       a definite paranoiac streak as well. Each side
                       uses simplistic sloaganeering, and phrases like
                       "freedom", "motherhood" and "patriotism" to try
                       and whip up hatred toward the "other side" and
                       make them more easily controlled. It is too bad
                       you can't see through it.
                       \_ Uhm, hello?  Read *anything* from the Palestinian
                          side in the last, oh say, 40 years?  They don't
                          pretend that the only fully satisfactory solution
                          is "kill all the jews".  It isn't paranoia when
                          someone is out to get you.
                          \_ Yes, the only solution is to kill all of the
                             savage Arabs.  Only then will the Israeli have
                             his lebensraum.
                             \_ Hi Mr. Strawman!  How's it going back in
                                Rhetoric 10 class?
                          \_  http://csua.org/u/cvi (Isreal government)
                              "The PLO [...]
                              "2. Established the independent state of
                                Palestine and accepted the existence of Israel
                                as a state in the region;
                               "3. Declared its rejection and condemnation of
                                terrorism in all its forms, including state
                                terrorism;
                               Note the date, 1998.
                               \_ That's nice and all but that doesn't jive
                                                                       \_ jibe
                                  with the reality since 1998 and the PLO
                                  sure as hell doesn't control or represent
                                  all the other groups such as Hamas who have
                                  never said anything but "kill all the jews".
                                  They could've written a statement that said
                                  the moon is made of cheese but that wouldn't
                                  make the moon into cheese.
                \_ I don't think critical thinking and independent thought
                   will ever be a "bankrupt ideology" but you are welcome
                   to believe that. And yes, the relative lack of a free
                   press in Egypt is dastardly. And yes, if forced to chose
                   sides, I would line up with what you un-ironically call
                   the side of "personal freedom, prosperity and [the]
                   free press." But you know what? I don't have to chose
                   sides. I can stand at the sidelines and mock both of
                   you for acting like Jr. High school children instead
                   of real adults. Grow up and learn to settle your
                   differences without resorting to demonizing the
                   other side and with minimal violence.
                   \_ The real irony here is that you claim mocking both
                      sides is somehow more mature that pointing out what
                      some bad people are doing and saying "That's bad."
                      This coupled, once again, with the "Kill all the
                      Arabs" strawman.  I think all can see who is acting
                      like a Jr. High school student here.
                      \_ I am not the author of the "kill all the Arabs"
                         strawman. But to be honest, it is not much more
                         of a strawman, than the "kill all Jews" one. Do
                         I really need to dig out the quote where a US
                         Congressman advocates nuking Mecca? The point is
                         that you are both idiots and I am pointing out
                         both of your idiocy. And yes, mocking people is
                         pretty much always more mature than killing them.
                         \_ Well, I have no real way to respond to this
                            series of strawmen and red herrings.  How
                            could I make you look sillier than you already
                            do?  I guess I'll throw out that to my reading
                            the congressman did not advocate nuking Mecca,
                            series of strawmen and red herrings.  Try
                            actually reading what people write, rather
                            than what you wish they had written. I guess
                            I'll throw out that to my reading the
                            congressman did not advocate nuking Mecca,
                            he hypothesised that the threat of nuking
                            Mecca might be a way of detering Islamic
                            terrorists for a nuclear attack on the US.  I
                            don't know that it is, myself. I guess you
                            could dig it out and re-read it yourself, but
                            it's pretty obvious that reading comprehesion
                            is not your strong suit.
2005/7/29-31 [Uncategorized] UID:38880 Activity:nil
7/29    in SF till mid september
        http://www.sfweekly.com/issues/2005-07-27/culture/art.html
2005/7/29-31 [Uncategorized] UID:38881 Activity:nil
7/29    "We were actually quite surprised to hear we had some large pieces of
        debris fall off the external tank. It wasn't what we had expected ...
        Frankly, we were disappointed to hear that had happened ... What I'd
        like to say is this is something that has to be fixed ... I don't
        think we should fly again unless we do something to prevent this from
        happening again." -Commander Eileen Collins, Discovery
2005/7/29-31 [Computer/HW/Drives] UID:38882 Activity:kinda low
7/29    If I buy Pimsleur's "Quick & Simple" language CD ($15), is that
        just buying the first 4 lessons of the full version which costs
        over $300, or is it different?
        \_ Get them all from Bittorrent first and see. --arr matey
        \_ Get them all from Bittorrent first and see. --R Matey
           \_ Which torrent search site should I use? The ones I use don't
              have them, and I don't know which ones are good. Thanks.
              \_ http://thepiratebay.org is the standard. the language stuff may
                 be incomplete or suffer sound quality issues though.
        \_ I'm not sure about a $15 version. For Japanese I bought
           some box that was the first 8 lessons for $40, and it came
           with a coupon to buy the full 30 for $150. And since sodans
           can do math, that's obviously better than paying the
           full $300. -bz
2005/7/29-31 [Uncategorized] UID:38883 Activity:nil
7/29    Are there any good outdoor wi-fi hot spots in Berkeley?
        \_ Airbears
2005/7/29-31 [Politics/Domestic/President/Bush] UID:38884 Activity:kinda low 50%like:39576
7/29    CNN/USA Today/Gallup Poll:
        Bush approval ratings hit lowest point of tenure
        http://www.usatoday.com/news/washington/2005-07-29-gallup-poll_x.htm
        \_ BUT THE GALLUP POLL IS ALWAYS RIGHT!!!! NOOOOOO!!!!!!!
        \_ Although this is on http://usatoday.com, it's not anywhere on http://CNN.com yet
           ... I guess they'll post it Friday night / Saturday morning ...
           how lucky for Dubya!  (not that he's the type to watch the polls
           anyway -- God Bless!)
        \_ Oh wow, in the span of an hour, http://usatoday.com already moved the
           link from the front page and buried it.  Can you find the link?
           Did some political genius recognize the unfortunate timing of
           "The majority of Americans hate you" and "I'm going around
           the congressional body and appoint Bolton anyway"?
           \_ Erm, it's still on the front page, in the Washington/Politics
              section
              \_ heh, they've been moving it around
                 I just submitted the http://CNN.com link to http://drudgereport.com,
                 wonder how long that'll be
        \_ He's a lame duck President.  Why do you obsess over his poll
           numbers?  He obviously doesn't care or he'd be out in public
           every week stumping for his programs like it was a campaign.
           Find something interesting to obsess about.
2005/7/29-31 [Uncategorized] UID:38885 Activity:nil
7/29    Thinkgeek says today is Sysadmin Day.  Bow before me and get me a
        marshmallow shooter!  That is all.  I need more sleep! - jvarga
2017/09/20 [General] UID:1000 Activity:popular
9/20    
Berkeley CSUA MOTD:2005:July:29 Friday <Thursday, Saturday>