Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:ISTR hearing something about that... (Score 1) 108

by LordLimecat (#49517195) Attached to: New PCIe SSDs Load Games, Apps As Fast As Old SATA Drives

If you're asking "what is my proof", check out any anandtech review's "consistency" test on SSDs.

If you're asking what the cause is, I would assume theres a buffer thats getting saturated, or else a cache that is exhausted, or perhaps the SSD controller's CPU gets pegged. Whatever the cause, most SSDs will sustain very high IOPs for a short period of time before falling into a "steady state pattern". For some SSDs it is a wildly swinging pattern, others (higher quality) hold a pretty steady rate around 5-6 IOPS.

Comment: Re:It all depends on the workload... (Score 1) 108

by LordLimecat (#49516689) Attached to: New PCIe SSDs Load Games, Apps As Fast As Old SATA Drives

You'll note that to produce this crappy summary they skipped over the IOmeter pages which show the Intel 750 bursting @ 180k IOPS and sustaining 20k, while 90% of consumer SSDs cant sustain more than 8k and the x-25m theyre touting struggles to break 2k.

Load up a slew of VMs on a virtualization lab on that x-25M and compare it to the 750-- THEN tell me that its no faster.

Comment: Re:"old sata drives"? (Score 1) 108

by LordLimecat (#49516669) Attached to: New PCIe SSDs Load Games, Apps As Fast As Old SATA Drives

Did you read the summary? It's reporting that new PCIe SSDs are not faster than "old" SATA SSDs as measured by real-world app- and game-loading times

Im calling BS on the statistics, which has a 1.2TB ssd as substantially slower than a 120GB SSD from years ago, which is itself substantially slower than consumer-grade drives like the Crucial BX series.

This all points to some horrible firmware issue, or testing problems, or bad methodology. Theres no real other way to explain that performance; simply increasing the capacity to 1.2TB should have it topping all of the benchmarks, regardless of the protocol used to connect it.

Comment: Re:Words without actions are meaningless (Score 3, Informative) 92

by LordLimecat (#49515173) Attached to: D-Link Apologizes For Router Security

For starters, I have read up on it, and many many vendors agree that it IS security.
Sources:
Cisco (Top 2 paragraphs of intro)
http://www.cisco.com/web/about...
SANS institute (Page 5, 2nd paragraph)

And so on.

As to your solution, it has a massive issue. Route tables must use next hops as their gateway; you could not enter a command like that targetting my WAN, and have it work, because my WAN IP would not be a next hop for your computer. The only thing your route table can do is instruct your computer which IP on your broadcast domain will be willing to handle your datagrams. At that point, it is up to that router to figure out the next hops.

You will note I asked you what the L3 / L4 headers would be on your packet; this was specifically to demonstrate why such attacks would fail. You would have a source address of 9.9.9.9, and a destination of 192.168.50.5, and you would instruct your computer to pass that datagram off to a router at ethernet address 99:99:99:99:99:99 (your router), and he would promptly vomit and say "what the hell I cant route an RFC1918". Add the route on your router, and you've shoved the issue back to your ISP, whose router would either fail to find a route for that subnet, or (more likely) outright reject it as a violation of RFC.

The only scenario in which this attack makes sense is when the attacker IS the next hop, that is your ISP. And for 99.999% of users, this is not a realistic threat model they will face, and NAT will be "acceptable" security.

No one argues that a stateful firewall is BETTER (as it prevents attacks like you mentioned), but to say that NAT adds no security whatsoever is being silly; major infrastructure vendors disagree with you.

Comment: Re:Words without actions are meaningless (Score 2) 92

by LordLimecat (#49514307) Attached to: D-Link Apologizes For Router Security

I understand these things quite well, as I wouldnt be in the field if I didnt. NAT provides some degree of security in the sense that if you are on an IPv4 network (99% of home users) on an RFC 1918 network (99% of home users) with NAT enabled, it is impossible for anyone to send an unsolicited datagram to your computer behind the NAT.

There are technologies which punch holes in this (like uPnP), but that does not change the implicit security.

NAT in a typical Linux based router does not prevent someone on the external interface from talking to any port and any host on the internal network

Then you have a static port mapping. Generally to get through the NAT you need to know the public IP and port (out of 65536) you want to connect to, which is dynamically assigned. Then you need to deal with the fact that anything you send is going to be pinned to a specific client port not of your choosing, and you will not know the correct source port to get the client to accept your unsolicited datagram (whch will thence be dropped).

I never said it was perfect security, but it prevents folks from accessing listening ports (like 135-139) as a listener port wont have a dynamic mapping-- only outbound traffic gets those.

But you seem to think Im wrong, so educate me. Lets set up a scenario.

Gateway Public: 1.2.1.1
Gateway private: 192.168.50.1
Windows XP box: 192.168.50.5

No firewalls, NAT on the gateway, Windows XP listening on port 135-139.
What Layer3/4 headers are you going to use thats gonna get a packet delivered to one of those 4 ports on that XP box?

Comment: Re:DoE loan... (Score 1) 109

. If you're a few dollars away from losing your home, this government habit of investing your money in wealthy people causes great hardship.

People in those situations arent paying taxes unless theyre making enough to survive and are straight up blowing it. You do understand how our tax system works, right?

"I've seen it. It's rubbish." -- Marvin the Paranoid Android

Working...