The problem with hiding the SSID is not so much how it affects the wireless network but how it affects the wireless client machines.

Once joined to that WLAN, the machine will broadcast probes containing that SSID everywhere it goes.

That may also leave the clients open to MITM if an attacker sets up another AP with the same SSID. Not sure if this works in practice.

But Skype is running on the internal network, of course it can punch holes in the NAT device. The concern is for unsolicited access from the outside which will not make it through NAT.

How exactly do you think Skype will work through a stateful firewall? It'll result in exactly the same techniques being used, the client will send an outbound "dummy" packet to allow the relevant incoming UDP traffic when the router things it's part of the same connection. Sure there will be 1/10000 customers who can go onto their firewall and open the incoming port, most people will not so these hacks will be around for a long time to come.

In terms of investors with shares who get dividends, UK dividends come with a "tax credit" that can be subtracted from the individuals tax bill. I think the general idea is the tax credit is the amount of corporation tax that the original company has paid so it avoids being double taxed. Not sure if the USA does something similar.

It is a nice idea to move the taxation onto the individuals. But I think it's a bit of a huge solution to a problem where a simpler fix would be to stop letting companies claim international consultancy as deductible and put a bit more rigor into checking their international costs for tax deductibles, e.g. if Facebook Cayman rents Facebook Ireland a $3k server for $300k/year then it's not quite right and can be looked at under the current laws for tax avoidance.

The UK is currently in the process of developing & deploying a network for government agencies to use called the PSN (public services network). It's sort of a replacement for the GSI. It runs on IPv4, most likely using the DWP address space discussed here.

Pretty much all the UK telcos & several global network manufacturers are involved with the PSN so it's a real missed opportunity that they didn't go with IPv6 for it.

I take it "on the job" doesn't have the same meaning on that side of the pond, because 54 days worth is in no sense of the word "mere".

That's the classical definition but the meaning is evolving, these days I would say it's more accurate to consider hardware forwarding decisions is switching and software/CPU-based forwarding is routing.

As for the original question, lots of networking kit uses Linux behind the scenes. Checkpoint splat platform is Linux (IPSO is FreeBSD), I think Mcafee Sidewinder is too, Cisco ASA was a Linux kernel with an IOS-like shell stuck on it (not sure about the new ones). Bluecoat SGOS is very Linux-like but not sure how close it is in reality.

The difficulty is the lack of hardware forwarding, Enterprise networking kit doesn't generally use fast busses or big backplanes to shift packets, it uses proprietary ASICs to handle the packet processing and forwarding at line rate. You can't just buy a top end server, stick TCP-offloading 10Gbps NICs in it and expect it to firewall at 10Gbps. Although that said a lot of "enterprise" firewalls that are sold as 1Gbps struggle to hit 200Mbps and they still sell plenty of boxes.

You should take Russia seriously because if you shut off your nuclear generation then you'll end up dependant on their gas to keep your lights on.

That $350 doesn't include transceivers which you need at both ends.

I would think about $4k/port is more realistic for an average install (which won't be using Linksys).

It has been implemented in IS-IS, used in some service provider networks.

Same thing for Plus, they've put a FAQ up which states they were subject to court orders to turn over their customers details, here.

There's a lot of comments saying "use a decent firewall and you're sorted".

On any non-trivial network, if the only security in place is a firewall on the boundary then you're probably one of the 3/4 of easily exploitable networks mentioned in the article.

Viruses, social engineering, playing with applications that are allowed through (e.g. HTTPS web apps), dial-ins, wireless, abusive staff, there is a never ending list of attack vectors if you only pay attention to the perimeter. Like the article says: 43% of respondents view planting a rogue member of staff inside a company as one of the most successful hacking methodologies..

The hub itself wouldn't generate any BPDUs, but since it just repeats electrical signals on the wire then it would be forwarding those from the next switch back up the loop (likely to be the same physical switch) so BPDU guard would still shut the port down.

There are other loop protections, Cisco switches send loopback packets onto the line and will shut the link down if they see their own loopback packet again. It's a default setting so should work even if BPDU guard (and storm control etc) aren't enabled, unless it's specifically turned off with the "no keepalive" command.

It's a shame they blew up with the ship, if they'd dropped then we'd now be reading the headline "eve pirates legally steal $1200".

My 1990 Celica did it with the original floor mat.

Happened twice in a couple of years, they did have clips in the floor to hold it in place but after 18 years the plastic had broken and the mat could slide around.

I believe you only need the infrastructure server if you want Virtual Center (to manage a load of ESX boxes from a central point), you can manage standalone ESXi boxes individually via their web interfaces.