Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:It's all fun (Score 3, Interesting) 167

by comm3c (#35848978) Attached to: A 9V Battery To Your Brain Can Improve Your Gaming

until it begins to wear down your brain and you get Alzheimer's at 30

Good point. I don't think we understand enough about the electrical operation of the brain to be jumping for this. If I had to make a comparison, we can turn up the clock rate on an oscillator, but it doesn't mean that the device relying on the clock can handle it without some strange, sudden and premature failure.

Comment: Re:It's illegal... (Score 1) 159

by comm3c (#35781248) Attached to: TJX Hacker Claims US Authorized His Crimes

I have been close to this case for various reasons, but this dude's exploits were only detected after the card brands detected massive fraud. The Secret Service might have authorized breaches, but I am sure the Secret Service didn't authorize CC fraud or divulging cardholder data to random people for them to commit fraud.

Comment: Re:Hmm... (Score 5, Interesting) 80

by comm3c (#33403706) Attached to: Duke Research Experiment Disrupts Internet Traffic

Fake it? Not in the last five years!

unless you know of some BGP peers that refuse the standard peering protocol, 1) they are required to only listen to routes from known surrounding peers, 2) will not be listening to what's being advertised by your router unless you have instructed them ahead of time what AS you manage and what prefixes you will be advertising to them.

No. Period, fucking no. Most BGP sessions run between customers and carriers are still basically allowing whatever. Even the big boys basically don't care what you advertise. It would cause too many problems to go and begin filtering, so only regions that seem to have routing DBs (RIPE region) are even remotely participating in this. For the most part, thats a few places here and there, but the carriers will let you do what you want.

Don't believe the hype: BGP is still as weak in public IP as it ever has been. The difference is that if you do decide to hijack someone else's prefixes (don't even include bogons, because the carriers will probably let you advertise those!), everyone will know and you will get your upstream looking at you.

Comment: Re:Public IPs at premium prices (Score 1) 282

by comm3c (#32084094) Attached to: Black Market May Develop For IPv4 Addresses

> my provider uses 10.* addresses there therefore I had to change the
> addressing scheme on my LAN because

Why did you chose 10.x.x.x for your LAN in the first place ? I doubt that you are planning to connect 16,777,216 machines to your LAN ;-)

Guide lines are to use:

192.168.X.X if you need 65,536 IP addresses or less

172.16.X.X-172.31.X.X if you need between 65,536 and 1,048,576 IP addresses

10.X.X.X if you need between 1,048,576 and 16,777,216 IP addresses

Routing is slightly faster with more bits in your netmask. Although I do not think that you will notice a difference especially nowadays. I think this was one of the reasons for these guidelines. Following the guide lines also ease connectivity to bigger nated networks, your provider in your case.

We're in the era of VLSM. Please stop spreading this nonsense of classful addressing.

Comment: Re:Take that, HP! (Score 1) 93

by comm3c (#28207783) Attached to: Cisco Introduces Rackmount Servers
Heh... this isn't just about the network gear, this is also about HP's acquisition of EDS.

You see, once upon a time, HP left their network gear alone. Cisco and HP weren't much of competitors. Then, one day, after firing a CEO, HP decided that they should try to push the product line.

In the mean time, Cisco wasn't worried. But Cisco also had this "strategic alliance" with EDS, complete with multiple teams related to the account. One day, EDS got sold to HP. HP is pushing its product on EDS customers.

Cisco has the money to do this. Ever since around 2003, they have made sure to keep a good amount of cash on hand to finance their own endeavors. Yes, HP offers a lifetime warranty on their products but for anything more than access switches, I wouldn't use them.

Comment: Re:All smoke and no fire.... (Score 1, Informative) 206

by comm3c (#27223227) Attached to: Cisco Barges Into the Server Market

Cisco has people like me and I'm far from alone.

I'm very picky about where I accept employment from and I CHOSE to work at Cisco even though I despise Northern California. For whatever it's worth.

I'm with you. Worked for Cisco because well, they do take the opportunities to foray outside of the core in routing/switching. The talent there is incredibly diverse and includes people who do know way more the just network gear

Fact is, in today's network world, if all you know is networks, you hit a ceiling pretty quickly. None of the folks I worked with were just focused on routing and switching. Almost everyone I knew in Customer Advocacy (Cisco Services) had at least 4 years of experience in something not solely "network" related. Look at the Unity product (its a voicemail system). Incredibly complex on the back end. Folks really have to understand their server operations just to get by.

One of the final projects I worked on before leaving was a virtualization project for CA lab ops. In less than a year, the org went from spending a ton of dosh on individual servers to run tests to less than 10% of the original figure. No one really knew what they were getting into when they did it, but the knowledge base in the company is so huge that you could always find someone to help with a problem

That said, I really don't think this foray into servers is any bigger of a challenge than what Cisco has taken on before.

Comment: Re:They go for the "soft" target (Score 0) 206

by comm3c (#27223175) Attached to: Cisco Barges Into the Server Market
Meh, we're testing out both Juniper and Cisco (major tier 1 service provider) and we tend to get far better response from Cisco than Juniper. Some of our problems have gone weeks without answer by Juniper but for similar issues, Cisco has come back within hours. It really depends on how much you leverage the relationship with the rep on what kind of service you'll get. Tell the Cisco guy that you want to get training from Advanced Services. He'll arrange something and make you feel more comfortable.

Comment: Re:So "pragmatic" means breaking the law? (Score 0) 640

by comm3c (#27205777) Attached to: Morality of Throttling a Local ISP?
Sorry to burst your bubble, but there are hardly any regulations that prevent a small ISP from implementing this. The whole notion that QoS is illegal is absolutely absurd. Today, major service providers (and one that I work for!) implement QoS for preferential treatment of some traffic across their backbone.

Do they have an obligation to disclose it to the customers? Probably. Would most customers mind this? Probably not. The average user would just like to be able to access their website unimpeded by "scavenger" class traffic.

Remember folks, most people really are not affected by policies like this. The people that are affected by these are not the sort that an ISP really wants to keep as customers anyway. Its a fact of life and, the reality stands, the only thing that makes it sleazy is the lack of transparency.

If we want networks that will be able to support the full gamete of voice, video, and data at affordable rates, we are going to have to accept QoS as a fact of life. If you have little more than a basic knowledge of how these applications wreck havoc in a network, I'd suggest running a simulation. (I do this for a living, so its not so hard to see). If you can't tell me why voice requires priority queueing versus web traffic that can handle best effort treatment, you probably don't understand the issue beyond an oversimplified argument that all traffic is "equal". Folks, it isn't. Traffic behaviors and needs make traffic unequal. QoS/Traffic Management/Traffic Engineering is necessary in today's oversubscribed environments to ensure that we can still access resources such as HTTP, SSH, VoIP, Video, and not be overrun by folks who crank up torrents, spew spam, and let worms run rampant from unsecured machines.
Security

+ - Diebold Source Code Reviewed, Found Vunerable->

Submitted by Shteven
Shteven (1137821) writes "The state of California has managed to independently review Diebold's source code for vulnerabilities. From the article:

"The software contains serious design flaws that have led directly to specific vulnerabilities that attackers could exploit to affect election outcomes," read the University of California at Berkeley report, commissioned by the California Secretary of State as part of a two-month "top-to-bottom" review of electronic voting systems certified for use in California. The assessment of Diebold's source code revealed an attacker needs only limited access to compromise an election."

Link to Original Source

Invest in physics -- own a piece of Dirac!

Working...