Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security

Coping With 1 Million SSH Authentication Failures? 497

Posted by kdawson from the some-definitions-of-managed dept.
An anonymous reader writes "I own a small Web development studio that specializes in open source software, primarily Drupal, WordPress, and Joomla for small businesses. Our production servers, which host about 50 sites and generate ~20K hits/week, are managed by a 3rd party that I'm sure many on Slashdot would recognize. Earlier today I was researching some problems on one of our sites and found that there have been over 1 million SSH authentication failures from ~1200 IP addresses on one of our servers over the last year. I contacted the ISP, who had promised me that server security would be actively managed, and their recommendation was, 'change the SSH port!' Of course this makes sense and may help to an extent, but it still doesn't solve the problem I'm facing: how do you manage server security on a tight budget with literally no system admin (except for me and I know I'm a n00b)? User passwords are randomly generated, we use a non-standard SSH port, and do not use any unencrypted services such as FTP. Is there a server monitoring program you would recommend? Is there an ISP or Web-based service that specializes in this?"
Crime

Some Newegg Customers Received Fake Intel Core i7s 447

Posted by kdawson from the zero-gigahertz dept.
Several readers have mentioned the strange goods that some customers received from Newegg in place of the Intel Core i7 920 processor they ordered. Word on the problem first surfaced on TribalWar on Thursday evening. Newegg still hasn't commented on this. It's not known whether it happened as a result fraud by another Newegg customer, in shipping, or where. The "processors" are made of aluminum, and the "fans" are some kind of synthetic molded material. The "factory seal" was printed onto the box; the holographic stickers on the boxes were also faked. The first part of this video shows the bogus goods. At this writing Google News lists a handful of blogs mentioning the fakes.

Submission + - Moore's Law Comes to PCI Express Expansion Cards (linuxfordevices.com)

Submitted by __aajbyc7391
__aajbyc7391 writes: A group of companies today unveiled — and demonstrated products based on — a tiny new PCI Express expansion standard, according to an article at LinuxDevices. Although it's somewhat larger than the PCI Express Mini Card, the tiny new 43mm x 65mm FeaturePak card's high density 230-pin edgecard connector provides twice the number of PCI Express and USB 2.0 channels to the host computer, plus 100 lines dedicated to general purpose I/O, of which 34 signal pairs are implemented with enhanced isolation for use in applications such as gigabit Ethernet or high-precision analog I/O. While FeaturePaks will certainly be used in all sorts of embedded devices (medical instruments, test equipment, etc.), the tiny cards could also be used for developing configurable consumer devices, for example to add an embedded firewall/router of security processor to a laptop or notebook computers, or for modular functionality in TV set-top-boxes and Internet edge devices.
Space

Pluto — a Complex and Changing World 191

Posted by timothy from the can-imagine-quite-a-bit dept.
astroengine writes "After 4 years of processing the highest resolution photographs the Hubble Space Telescope could muster, we now have the highest resolution view of Pluto's surface ever produced. Most excitingly, these new observations show an active world with seasonal changes altering the dwarf planet's surface. It turns out that this far-flung world has more in common with Earth than we would have ever imagined."
PHP

Eight PHP IDEs Compared 206

Posted by timothy from the colonic-extraction dept.
snydeq writes "InfoWorld's Rick Grehen provides an in-depth comparative review of eight PHP IDEs: ActiveState's Komodo IDE, CodeLobster PHP Edition, Eclipse PHP Development Tools (PDT), MPSoftware's phpDesigner, NetBeans IDE for PHP, NuSphere's PhpED, WaterProof's PHPEdit, and Zend Studio. 'All of these PHP toolkits offer strong support for the other languages and environments (HTML, CSS, JavaScript, SQL database) that a PHP developer encounters. The key differences we discovered were in the tools they provide (HTML inspector, SQL management system) for various tasks, the quality of their documentation, and general ease-of-use,' Grehen writes.'"

Comment Re:Do the studies apply? (Score 1) 394

by eliphas_levy (#30798092) Attached to: Programming With Proportional Fonts?

My opinion is like the parent's, I really can't stand the lack of vertical alignment, same length text should display in same width.
This code should have the same width no matter what:
arrayOne[1010] = 'lll'
arrayTwo[1010] = '111'

I personally use DeJavu Sans Mono, on all OSes. The (0,O) and (1,l) distinctions are very clear to me, and I like the curves it have.

I actually had to put it on my pendrive, along with gVim portable, as I will not stand notepad with his blocky console font.
Debian

FreeNAS Switching From FreeBSD To Debian Linux 206

Posted by Soulskill from the changing-horses dept.
dnaumov writes "FreeNAS, a popular, free NAS solution, is moving away from using FreeBSD as its underlying core OS and switching to Debian Linux. Version 0.8 of FreeNAS as well as all further releases are going to be based on Linux, while the FreeBSD-based 0.7 branch of FreeNAS is going into maintenance-only mode, according to main developer Volker Theile. A discussion about the switch, including comments from the developers, can be found on the FreeNAS SourceForge discussion forum. Some users applaud the change, which promises improved hardware compatibility, while others voice concerns regarding the future of their existing setups and lack of ZFS support in Linux."
Announcements

Submission + - tr.im url shortener closes it's doors. (tr.im)

Submitted by
sukotto
sukotto writes: "The popular url-shortener tr.im (primarily used by Twitter users) has closed its doors citing lack of funding and inability to find someone to buy them out. Too bad. It was a great service.

Here's the press statement:
tr.im is now in the process of discontinuing service, effective immediately.

Statistics can no longer be considered reliable, or reliably available going forward.
However, all tr.im links will continue to redirect, and will do so until at least December 31, 2009.
Your tweets with tr.im URLs in them will not be affected.

We regret that it came to this, but all of our efforts to avoid it failed.
No business we approached wanted to purchase tr.im for even a minor amount.

There is no way for us to monetize URL shortening — users won't pay for it — and we just can't
justify further development since Twitter has all but annointed bit.ly the market winner.
There is simply no point for us to continue operating tr.im, and pay for its upkeep.

We apologize for the disruption and inconvenience this may cause you."
Movies

Submission + - Top 10 fun computing films (pcauthority.com.au)

Submitted by Slatterz
Slatterz writes: News of the death of John Hughes has many people bemoaning the lack of films that understand and appeal to the geek audience. This list of the top 10 "fun" computing films has been compiled in honour of Hughes, and focuses on those that have used computers as a narrative arc to their characters. Some left of field choices, considering this is a list that goes from Tron to WALL-E, though nostalgia does tend to make people enjoy things more fondly than they really did the first time.
Wireless Networking

Submission + - Critical flaw discovered in dd-wrt

Submitted by MagicM
MagicM writes: A critical flaw has been discovered in DD-WRT, a Linux based alternative OpenSource firmware for WLAN routers such as the fan-favorite Linksys WRT54GL. The flaw can give an attacker instant root access to the router merely by embedding an image with a specially crafted URL in a webpage (CSRF attack).

Comment Re:Efficiency? (Score 1) 184

by eliphas_levy (#28433469) Attached to: Intel Demos Wireless "Resonant" Recharging
From TFA:
"For the Intel project, the large coil was hooked up to electronics that produced a current oscillating at seven megahertz. The receiving coil was tuned to the same frequency, and thus is able to accept an energy transfer with about 80 percent efficiency within a range of about a meter, says Josh Smith, the lead researcher on the project."

Comment Re:Now for a better scheduler (Score 1) 61

by eliphas_levy (#28399607) Attached to: Google Chrome Developers On Browser Security

Here goes... If *I* know how to add a scheduled task to windows scheduler at install time (when I have the god-admin-rights) - how google does not? Oh yes, it knows... but it does not want it to be simple. Do no evil. I always put a (unchecked) .CMD file backup task to the whathever-install that I make. Could not google do the same? Yes.

Slashdot Top Deals

Never test for an error condition you don't know how to handle. -- Steinbach

Close