Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Comment Re:Don't install Comcast equipment... (Score 1) 47

Exactly this - what's to stop your own equipment from being the static IP?

I think you both misread what I said.

Comcast requires their business-class DSL customers with more than one static IP to use rented equipment.

They'll let you have a single static IP with your own CPE. They might even allow you two (not certain). They won't let you have a block of eight IPs, which is what I currently have from Covad or Megapath or whatever their name is this week (Global something-or-other).

I think you did not read what I wrote. You use the non-wifi and non-NAT equipment (and you have to demand it, or they will put in the WiFi full wiz bang BS router) and set up your firewall behind it. Yes, you do not own the docsis router. Nor you you own the rest of the routers in their network. But you do own the device doing firewall, NAT and WiFi which nips this security problem in the bud.

Comment Re:Don't install Comcast equipment... (Score 2) 47

... problem solved. The only reason this attack vector exists in the first place is that people are too lazy to install their own equipment.

Unfortunately, Comcast requires their business-class DSL customers with more than one static IP to use rented equipment, even if you are using it in a residential setting. So power-user customers don't have the option to install their own equipment.

Yes you can. You just specify the non-wifi equipment and no NAT. (Like the SMC Broadband Gateway. The Netgear can do it to.) Then set up your own firewall and WiFi. You can use something like www.smallwall.org on an old WinTerminal for under $50.

Comment Re:This is great (Score 4, Insightful) 73

This could also make power speculation and arbitrage possible. Buy power to charge up on windy nights and sell on hot days. (In summer, anyway) Bulk wind power in Texas on the spot market has actually dropped below zero on a few occasions. http://www.slate.com/articles/... This would fix that imbalance.

Comment Re:Well, at least someone is willing to say it! (Score 1) 572

I wasn't aware FreeBSD was a top level Linux distribution.


With the major distros all moving to systemd, it's nice to see someone burn that bridge. I think if at least one top level distro was anti-systemd, then the drama would all go away, because the group that distrusts systemd could just go there. Someone quick spend your life forking fedora to a non-systemd thing. Pls?

Nope... Linux never mentioned there.

Comment Re:Well, at least someone is willing to say it! (Score 1) 572

FreeBSD. And it is growing. Admittedly, from a VERY small share, but...

Get me an up-to-date nVidia driver, and support for vmware, and I'll switch all my systems right now. Cold day in hell, you say? That's about when I'll go BSD, then.

Well, I guess you will be reinstalling for a while... VMware since FreeBSD8 and current Nvidia drivers. http://www.nvidia.com/object/f... PC-BSD is a little easier for a Desktop then pure FreeBSD.

Comment Re:DH groups (Score 1) 28

I love that page. A good coverage of what is considered secure. In SmallWall, http://www.smallwall.org/ the continuation of m0n0wall, the IPsec configuration page actually has a link to that Cisco page, along with warnings about what is no longer secure.

Note, however, that they also consider DH-2048 acceptable. I believe the general consensus is that it will be secure until about 2020.

Long computations which yield zero are probably all for naught.