Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:Wooo Over a 1000! (Score 1) 35

just move the listening port to something other than 22 for fucks sake.

Which will move their attempts to another port. ...Oops, sorry. Forgot to say "for fucks sake."

The way you solve this, is by installing Fail2Ban (and change the default time) or other similar products. Automatically utilizing the system firewall (iptables and the like) to prevent them from even trying.

And yes, 59,000 attempts is a problem that needs to be addressed. If for no other reason, than it's stealing bandwidth, and slowing down the entire server / connection.

Comment Not available during US Presidential Elections (Score 4, Funny) 439

One slight item missing from the article...

"Due to the fear of mass suicides from the mental anguish caused by elections, the Death With Dignity Act would be suspended three months prior to all elections. "Not wanting to live like this (being exposed to non-stop presidential advertisements)" would not be sufficient excuse to superseded a very important aspect of the law, said spokesperson Dr. Marcia Angell. Everyone choosing this option must be "deemed capable of making an informed decision." It's well documented that during an election season, this is virtually, if not completely impossible."

Comment Man-In-The-Middle Attack, let's call it what it is (Score 3, Informative) 782

I ran into this with a customer of one of my clients recently. The insurance company was using a setup from Websense to snoop on all HTTPS traffic. As best as I could tell, they were snooping ALL traffic (banking, healthcare included), not just "safe" sites.

Surely this breaks privacy laws in numerous instances. HIPAA? Banking laws? Shoot, there's a federal law that could make snooping in on your NetFlicks traffic (video rentals) illegal. Ironically, if SOPA/PIPA had passed, HTTPS snooping would have been legal.

As for the moral aspect of this, and all the people that say "you shouldn't do personal stuff at work," a few points to keep in mind. 1) Only the IT staff at this company new what was going on. No one outside the IT department could find any reference, or notification. 2) This was REQUIRED on all home PC's that utilized their VPN network (kinda shoots down doing your home stuff at home). 3) From what I was told by their IT staff (remember I was a 3rd party, trying to get our networks connections to work), the IT staff regularly "audited" HTTPS traffic. That means someone in-house was regularly looking at bank account information, and health care information of their fellow employees, and they weren't making this known to the general population within the company.

I tried to get some main stream press attention on this topic a while back. No one would bite.

Comment ID3 tags (Score 1) 758

More than likely any "auditing" that may occur will be based solely on ID3 tags. Simply audit all of the ID3 tags (probably just the comments field) for anything that might be incriminating. (find . -name "*.mp3" -exec mp3info2 -p '%c: %F\n' {} \; | egrep "bad tags|more bad tags")

For that matter deleting everything in the comments fields would probably remove all possibility of incrimination. (find . -name "*.mp3" -exec mp3info2 -c "" {} \;)

All Finagle Laws may be bypassed by learning the simple art of doing without thinking.