quote who=Rick Welykochy
Adrian Chadd wrote:
The trouble is that the entry barrier for coding is so low, you can
code without any clue.
This very issue gave rise to some heated debate over on the LINK mailing
list, which some of you attend.
Many of us computer professionals were peeved
On 02/06/2008, at 3:25 PM, Rev Simon Rumble wrote:
This one time, at band camp, Daniel Pittman wrote:
[2] formmail. I say no more.
Matt's Script Archive, anyone?
God... no. make it stop!
I was a #perl op on Efnet back in 2000/2001. The channel had
officially disowned Matt and
On Mon, Jun 02, 2008, Jeff Waugh wrote:
Yet there are so many who go nuts when the idea of accreditation is raised.
:-) [This cheap shot does not indicate my support for or against the idea!]
Heh. They don't suspect the real issue with accreditation?
That suddenly Universities will have to
This one time, at band camp, Chris Collins wrote:
Matt's Script Archive, anyone?
God... no. make it stop!
I was a #perl op on Efnet back in 2000/2001. The channel had officially
disowned Matt and anything to do with him. The standard recommendation
being Don't. Just... don't.
And a
This one time, at band camp, Adrian Chadd wrote:
Ah, if only writing software held the same risks and building bridges. :)
You mean engineers don't test their newly-built bridge by driving a
dozen variously-shaped vehicles across it, before opening it up to all
and sundry?
--
Rev Simon
Adrian Chadd wrote:
Ah, if only writing software held the same risks and building bridges. :)
It does. Here is the classic:
http://en.wikipedia.org/wiki/Therac-25
http://catless.ncl.ac.uk/Risks/3.09.html
This dates from way back in 1986.
Mike
--
Michael Lake
Computational Research Centre of
On Mon, Jun 02, 2008, Michael Lake wrote:
Adrian Chadd wrote:
Ah, if only writing software held the same risks and building bridges. :)
It does. Here is the classic:
http://en.wikipedia.org/wiki/Therac-25
http://catless.ncl.ac.uk/Risks/3.09.html
This dates from way back in 1986.
Oh yes,
On Mon, 2008-06-02 at 20:33 +1000, James Purser wrote:
So how would you develop such a system whilst also allowing for the
freedom and low barrier to entry that signifies the Free and Open Source
Software movement?
I expect that when regulation is forced upon us, barriers to entry
iwill be the
quote who=Rev Simon Rumble
This one time, at band camp, Adrian Chadd wrote:
Ah, if only writing software held the same risks and building bridges.
:)
You mean engineers don't test their newly-built bridge by driving a dozen
variously-shaped vehicles across it, before opening it up to
On Mon, 2008-06-02 at 10:06 +0800, jam wrote:
Frankly, no one I know, has ever had, or knows someone who has ever had a
compromised linux box. Frankly I doubt if all of SLUG ever has ...
Here compromised means: someone has taken control of the machine and is
using it for some
On Mon, 2008-06-02 at 20:21 +1000, Peter Miller wrote:
On Mon, 2008-06-02 at 16:31 +1000, Jeff Waugh wrote:
Yet there are so many who go nuts when the idea of accreditation is raised.
:-) [This cheap shot does not indicate my support for or against the idea!]
As a profession, we have two
I had the pleasure some years ago of a cracker gaining access to a Linux box
on my work Network running SME Server. I am a lawyer, not a software
professional, though computers have been an enjoyable hobby for me since my
late teens, and I have administered our work network and a number of others
On Mon, 2008-06-02 at 16:31 +1000, Jeff Waugh wrote:
Yet there are so many who go nuts when the idea of accreditation is raised.
:-) [This cheap shot does not indicate my support for or against the idea!]
As a profession, we have two choices:
1. start licensing and accrediting ourselves, with a
Peter Miller wrote:
iwill be the whole point/i. Unless we get in first.
Will the parallel be: you get malpractice insurance, or you can have
your future wages garnished forever if you get sued. Doctors have to
pay their malpractice insurance to have their pro-bono work covered. I
expect
On Mon, Jun 02, 2008, Peter Miller wrote:
Will the parallel be: you get malpractice insurance, or you can have
your future wages garnished forever if you get sued. Doctors have to
pay their malpractice insurance to have their pro-bono work covered. I
expect software folks will too.
If the
On Mon, 2 Jun 2008 at 14:59, Jason Ball [EMAIL PROTECTED] wrote:
Not wishing to start an OS war, but I rarely if ever have seen a BSD
or Sun box compromised. Is this due to sheer numbers of Linux and
Doze?
More than likely.
I've seen a range of plausible reasons and hard statistics to
Darryl Barlow [EMAIL PROTECTED] writes:
[...]
The server had ssh access enabled via password entry and fell victim
to a brute force password attack.
[...]
I still do not know how the attacker located the machine. I presume
it was probably through a port scan which may have taken place
Hi Python lovers,
First off, many thanks to Mark Rees for doing a great job organising SyPy
until now.
Normally SyPy is 1st Thursday of the month but it looks like we're going to
have a special talk in a couple of weeks at google so this weeks meeting has
been postponed. Stay tuned. It would be
So how would you develop such a system whilst also allowing for the
freedom and low barrier to entry that signifies the Free and Open
Source
Software movement?
I expect that when regulation is forced upon us, barriers to entry
iwill be the whole point/i. Unless we get in first.
Will the
Quoting Darryl Barlow [EMAIL PROTECTED]:
I had the pleasure some years ago of a cracker gaining access to a Linux box
on my work Network running SME Server.
I still do
not know how the attacker located the machine. I presume it was probably
through a port scan .
I have seen the same
Adrian Chadd wrote:
The trouble is that the entry barrier for coding is so low, you can
code without any clue.
This very issue gave rise to some heated debate over on the LINK mailing
list, which some of you attend.
Many of us computer professionals were peeved by this low barrier to
entry
At the end of the day... software is judged by whether it works for the
customer or not. Not whether it has a long list of accreditations.
Thats nonsense. Management will continue to buy software and force it
upon their engineers and techs based on the all important
characteristics of...
-
On Monday 02 June 2008 21:43:25 [EMAIL PROTECTED] wrote:
Yet there are so many who go nuts when the idea of accreditation is
raised.
:-) [This cheap shot does not indicate my support for or against the
: idea!]
As a profession, we have two choices:
1. start licensing and accrediting
Sridhar Dhanapalan wrote:
On Mon, 2 Jun 2008 at 14:59, Jason Ball [EMAIL PROTECTED] wrote:
Not wishing to start an OS war, but I rarely if ever have seen a BSD
or Sun box compromised. Is this due to sheer numbers of Linux and
Doze?
More than likely.
I've seen a range of plausible reasons and
[EMAIL PROTECTED] writes:
Quoting Darryl Barlow [EMAIL PROTECTED]:
I had the pleasure some years ago of a cracker gaining access to a Linux box
on my work Network running SME Server.
I still do
not know how the attacker located the machine. I presume it was probably
through a port scan
On Tue, Jun 3, 2008 at 10:47 AM, Rick Welykochy [EMAIL PROTECTED] wrote:
Sridhar Dhanapalan wrote:
On Mon, 2 Jun 2008 at 14:59, Jason Ball [EMAIL PROTECTED] wrote:
Not wishing to start an OS war, but I rarely if ever have seen a BSD
or Sun box compromised. Is this due to sheer numbers of
I have often found that feeding the output of the toaster, back into the
toaster demonstrates an overflow bug, requiring opening all of the windows
and doors.
On Tue, Jun 3, 2008 at 10:53 AM, Sam Gentle [EMAIL PROTECTED] wrote:
On Tue, Jun 3, 2008 at 10:47 AM, Rick Welykochy [EMAIL PROTECTED]
Martin Visser wrote:
I have often found that feeding the output of the toaster, back into the
toaster demonstrates an overflow bug, requiring opening all of the
windows and doors.
Funny that. And I have found that feeding the output of Windows
back into Windows often results in toast!
Quoting Daniel Pittman [EMAIL PROTECTED]:
Which release of SME Server was this? Having done some auditing, and
worked with customers who ran SME Server systems for some years without
incident -- but only on older versions -- I am surprised at this claim.
It is some years ago now...
As I
On Tuesday 03 June 2008 08:50:26 [EMAIL PROTECTED] wrote:
[...]
The server had ssh access enabled via password entry and fell victim
to a brute force password attack.
[...]
I still do not know how the attacker located the machine. I presume
it was probably through a port scan which
quote who=jam
The the famous Win Mac Linux security shoot off: Win and Mac broken but no
body wanted the $10,000 and Sony Viao for breaking the linux box. H.
These events are more about reputation and strutting than money. Reckon that
cracking into a Linux machine is going to do more for
jam wrote:
Daniel talks about 'brute forcing' a password:
say [EMAIL PROTECTED]*()_/?] and 6 chars passwords
6**70 umm 70 * log (2) and 10**8 brute forces / sec
thats 10 to the power 60 secs! Sorry the universe went flat.
Or collapsed to a singularity.
As Bruce Schneier points out here:
jam wrote:
First thanks to everyone who contributed to this interesting thread :-)
Isn't it about time this opinionboring/opinion thread went onto
slug-chat?
:-)
--
Sonia Hamilton.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs:
[EMAIL PROTECTED] writes:
Quoting Daniel Pittman [EMAIL PROTECTED]:
Which release of SME Server was this? Having done some auditing, and
worked with customers who ran SME Server systems for some years without
incident -- but only on older versions -- I am surprised at this claim.
It is
On Tue, Jun 03, 2008, Sonia Hamilton wrote:
jam wrote:
First thanks to everyone who contributed to this interesting thread :-)
Isn't it about time this opinion boring/opinion thread went onto
slug-chat?
There's probably additional boredom to be had in saying which bits of
it, but in terms
I am running a server that was getting heaps of password cracking
attempts on SSH port 22. Since changing the port, the attempts
have stopped.
Denyhosts is a great daemon/cronscript that will manage hosts.allow for
your ssh server. you can set thresholds and instant triggers etc which
will
You could use wget to do this, it's installed on most distributions by
default.
Usually you'd run it like this: wget --mirror -np http://some.url/
(the -np tells it not to recurse up to the parent, which is useful if
you only want to mirror a subdirectory. I add it on out of habit.)
It's
Excerpts from Peter Rundle's message of Tue Jun 03 14:20:08 +1000 2008:
I'm looking for some recommendations for a *simple* Linux based tool to spider
a web site and pull the content back into
plain html files, images, js, css etc.
I have a site written in PHP which needs to be hosted
On Tue, Jun 3, 2008 at 2:20 PM, Peter Rundle [EMAIL PROTECTED] wrote:
I'm looking for some recommendations for a *simple* Linux based tool to
spider a web site and pull the content back into plain html files, images,
js, css etc.
I have a site written in PHP which needs to be hosted
On Tue, 2008-06-03 at 14:20 +1000, Peter Rundle wrote:
I'm looking for some recommendations for a *simple* Linux based tool to
spider a web site and pull the content back into
plain html files, images, js, css etc.
I have a site written in PHP which needs to be hosted temporarily on a
I'm looking for some recommendations for a *simple* Linux based tool to spider a web site and pull the content back into
plain html files, images, js, css etc.
I have a site written in PHP which needs to be hosted temporarily on a server which is incapable (read only does static
content). This
Dean Hamstead wrote:
Denyhosts is a great daemon/cronscript that will manage hosts.allow for
your ssh server. you can set thresholds and instant triggers etc which
will result in that ip being blocked.
Also, can't one use a TCP wrapper with ssh? Either way, it does compromise
one of the
Rick == Rick Welykochy [EMAIL PROTECTED] writes:
Rick Dean Hamstead wrote:
Denyhosts is a great daemon/cronscript that will manage hosts.allow
for your ssh server. you can set thresholds and instant triggers
etc which will result in that ip being blocked.
Rick Also, can't one use a TCP
On 03/06/2008, at 3:19 PM, Mary Gardiner wrote:
On Tue, Jun 03, 2008, Ycros wrote:
It's not always perfect however, as it can sometimes mess the URLs
up,
but it's worth a try anyway.
The -k option to convert any absolute paths to relative ones can be
helpful with this (depending on what
On Tue, Jun 03, 2008, Ycros wrote:
It's not always perfect however, as it can sometimes mess the URLs up,
but it's worth a try anyway.
The -k option to convert any absolute paths to relative ones can be
helpful with this (depending on what you meant by mess the URLs up).
-Mary
--
SLUG -
Peter Rundle [EMAIL PROTECTED] writes:
I'm looking for some recommendations for a *simple* Linux based tool
to spider a web site and pull the content back into plain html files,
images, js, css etc.
Others have suggested wget, which works very well. You might also
consider 'puf':
Package:
[EMAIL PROTECTED] wrote:
Depends how you set it up. Mine has a `three tries and you're out'
policy. And as I use an ssh-agent on my (carry around) laptop,
there's no chance of being locked out accidentally.
I assume three times password fails and you're out, right?
That's interesting.
Can
wget-smubble-yew-get. Wget works great for getting a single file or a very
simple all-under-this-tree setup, but it can take forever.
Try httrack - http://www.httrack.com/. Ignore the pretty little screenshots,
the linux commandline version does the same job, just requires much
command-line-fu.
48 matches
Mail list logo