Berkeley CSUA MOTD:Entry 35157
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/07/06 [General] UID:1000 Activity:popular
7/6     

2004/12/2-4 [Computer/Networking] UID:35157 Activity:moderate
12/2    I used the "ShieldUp" website to probe my Mac and it shows that port 0
        and 1 are replying to outside query to say they are closed instead of
        just playing deaf like the other lower ports do.  I did not single
        out port 0 and 1 in the ipfw rules I use.  What rules should I use to
        close this loophole?
        \_ First off, don't use random pages like that, as Steve Gibson is
           an idiot.  Next, use a real port scanner like nessus or nmap.
           Next, why not just explicitly drop 0/1 like your ipfw manual
           says, if it bothers you?  The only thing drop vs block will do is
           make it a bit more difficult to probe for active IPs.  -John
           \_ What's your critique of Steve Gibson? -nop
               \_ He's a publicity junkie (fine) who comes up with complex-
                  looking "solutions" for simple problems (also fine) and
                  tries to pass them off as the BEST/ONLY way to do things.
                  He's done a lot of security-related fear mongering in the
                  past as well (no different from big vendors) in his
                  sensationalist carneval style.  One good example is his
                  when Windows XP came out--he made a huge fuss about how
                  raw socket access would bring the Internet to a halt.  SG
                  is a self-proclaimed expert who lives for press and panders
                  to lowest-common-denominator fears about security shit that
                  people wouldn't need to worry about, given a tiny bit of
                  common sense and willingness to RTFM.  Look at http://grcsucks.com
                  for some comments--he is not a fraud, just really really
                  annoying and misinformed.  -John
                  \_ You said "raw socket access."  huh huh huh huh.
                  \_ I remember reading the "raw socket access" bit (before I'd
                     ever done socket programming) and not understanding it.
                     What exactly was he talking about?
                     \_ He's essentially saying that it's now easier for
                        kiddies to unleash mass DoS because XP makes it
                        simple(r) to not use TCP/IP drivers which
                        normally deal with socket access.  It's complete
                        mumbo-jumbo, but I encourage you to draw your own
                        confusions.  It's easy to find on google.  -John
           \_ Thanks but I also want to know why my computer is blocking
              port 0 and 1 instead of denying them when none of my ipfw
              rules used unreach/reject instead of deny.  Since I am using
              cable modem, could it be the modem that is blocking? -op
              \_ Unlikely, as a cable modem is usually just a kind of bridge.
                 What model/mfgr?  Have you now tried explicitly telling ipfw
                 to drop these to see what happens?  I'll gladly help you, but
                 why not take it to mail?  -John
2025/07/06 [General] UID:1000 Activity:popular
7/6     

You may also be interested in these entries...
2013/8/22-10/28 [Computer/Companies/Yahoo, Industry/SiliconValley] UID:54732 Activity:nil
8/22    http://marketingland.com/yahoo-1-again-not-there-since-early-08-56585
        Y! is back to #1! Marissa, you are SEXY!!!
        \_ how the heck do you only have 225M uniq vis/month when there
           are over 1 billion internet devices out there?
           \_ You think that every single Internet user goes to Y!?
        \_ Tall blonde skinny pasty, not my type at all -former Y!
	...
2013/6/26-8/13 [Computer/Domains, Computer/Networking, Computer/SW/WWW/Browsers] UID:54697 Activity:nil
6/26    This ones for you psb -ausman
        http://25.media.tumblr.com/027fe67c84c2288cc16e9c85db690834/tumblr_mp0ag8DCQI1qzwozco1_1280.jpg
        \- that's pretty good. i wish someone had put the idea to be before i saw
           it on the internet, so see if i'd have put the 9 justices in the same
           boxes. JOHN PAUL STEVENS >> All the sitting justices. --psb
        \- that's pretty good. i wish someone had put the idea to be before i
	...
2012/7/26-9/24 [Computer/Networking] UID:54445 Activity:nil
7/26    Why big mega cable companies rule:
        http://arstechnica.com/tech-policy/2012/07/how-big-cable-killed-the-open-set-top-box-and-what-to-do-about-it
	...
2012/3/29-6/4 [Computer/HW/Memory, Computer/HW/CPU, Computer/HW/Drives] UID:54351 Activity:nil
3/29    A friend wants a PC (no mac). She doesn't want Dell. Is there a
        good place that can custom build for you (SSD, large RAM, cheap video
        card--no game)?
        \_ As a side note: back in my Cal days more than two decades ago when
           having a 387SX made me the only person with floating-point hardware,
           most machines were custom built.
	...
2012/4/2-6/4 [Computer/SW/Languages/Java, Computer/SW/RevisionControl] UID:54353 Activity:nil
4/02    We use Perforce at work for revision control. It seems to work okay.
        Lately, a lot of the newer developers are saying that Perforce
        sucks and we should switch to Mercurial or Git. I have done some
        searching on the Internet and some others have this opinion. Added
        advantage is that Mercurial and Git are free. However, there would
        be some work to switch for the sysadmins and the developers.
	...
2012/4/26-6/4 [Computer/Networking] UID:54371 Activity:nil
4/26    I see that soda has an ipv6 address but ipv6 traffic from this box
        doesn't actually work (ping6 <DEAD>ipv6.google.com<DEAD>, ping6 http://www.v6.facebook.com
        Is this expected to work?
        \_ Soda doesn't have a real IPv6 address.  The IPv6 addresses you see
           in ifconfig are just link-local addresses; any IPv6-capable machine
           will autogenerate these, whether or not it's connected to an IPv6
	...
Cache (4635 bytes)
grcsucks.com
slander did a good jo b at exposing self proclaimed security experts, media darlings, false c laims spreaders and mass media manipulators such as Caroline Meinel and |JP|, they quit doing so. Yet another species of that sort arrived, it seems like it somehow evolv ed, mutated; this version has the name of "Steve Gibson" and tries to f ool the world by means of trigger phrases, emotional manipulation, misi nformation, misdirection, biased software reviews, defamation, libel an d finally slander. Steve Gibson often is referred to as being a "Security Expert", yet one has to see his appearances on *real* security boards/interviews/gatheri ngs. The answer is quite simple: he would get nailed down by arguments and fa cts from real security experts in less then a minute. These persons ten d not to be very impressed by self-proclaimed Security Experts and his obfuscation of the real issues and intentions. resume page, Gibson worked for years as a mark eter "Gibson founded a proprietorship specializing in media advertising and public relations" , and that's what he is really good at. Stating Patricia McNeill : "Gibson is masterful at stirring up an emotio nal response in the people who come to his site, and then manipulating these people into believing exactly what he wants them to. The tragedy is that these people come to him looking for facts and information, and come away thinking that they have found some! Gibson tries to present himself as a selfless source of public information, yet his entire site is full of emotional manipulation, misinformation, and misdirection. T his man is nothing more that a self-promoting braggart." Through the use of key words and trigger phrases the impression is left in the readers mind that these are indisputable facts when in actuality they are little more than Steve Gibson's own personal opinions pushed right into every readers face. It is a commonly used marketing techniqu e which is also used by many political parties worldwide in the form of sound bytes. The impression of Gibson being a security expert is left on the readers mind simply because Gibson puts that impression there in the first place. If your peers consider you to be an expert then most other people will consider you as an expert. If you are a self proclaim ed expert it only means you have a high opinion of yourself and a bloat ed ego. Self-exposing Quote : If I had my choice of things to do, I'd return to my theoretical work on data compression rather than enter the fray of Internet mania. It may be that I prefer working with and advancing "mature" technologies -- li ke hard disk storage and data compression -- rather than being part of the disease that over-marketing brings to technology. This site questions the motives of Mr Gibson, criticize s him and his works by trying to demystifying what he is doing. What you are going to find on this site are researched facts and opinions. The o pinions however are refered to as what they are : opinions not facts. Addendum : I received 3 mails which had as sole topic the phrase above; snippets: "O pinion used as evidence is not enough to refute fact." which exactly is what I am saying above and completely agree with. The person goes on by saying : "If it were, CNN would always be correct, which, in fact, is ra rely the case." seriousl y Please do yourself a favor and read at least 3-4 pages on this site inste ad of reading above passage and thinking that you got the deal now. If y our sole point in emailing me is to contradict above sentence, you under stood absolutely nothing. Gibson subsequently proved that what he posed as researched facts were only opinions, his whole site is pestered with tautologies, nonsense and contradictions, some of which he corrected one by one after being pointed out by visitors of his site, of course there is no mention of who corrected what, as it would hurt his image and dem ystify himself in front of his followers who sometimes really do act lik e he would be some sort of guru and they would be all part of a Gibson s ect, following his Dogma strictly and firmly and literally burn anybody else who thinks about contradicting/criticizing his views. We encourage you to research each topic for yourself: check out all the l inks, especially the ones that seem contrary to your views; and form your own opinion about the information that is being presented. We suggest that you treat all other news/information outlets in the same way - the media have strong b iases which directly affect the way in which news and information is pre sented to you - and very often that leads to disinformation.