Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Are these useful yet? (Score 1) 44

Try the sguil console, and you'll be happier with handling alerts. It presents the data from full content pcaps, Snort alerts, and session data, together with a handy window to to reverse DNS and whois. It will give you the signature that fired the alert, or, if no alert fired (say someone emailed abuse@yourdomain.tld with an IP and time range) you can look back in time and see what connections your host had open when. It will even help you decide which alerts are useful and which are useless, but you still have to tune the rules yourself. For handling that, I use oinkmaster. Sguil scales to billions of rows.

Some folks have worked on integrating bro (or was it prelude?), which is another interesting alerting engine. It might be possible to integrate with this project.

http://sguil.sourceforge.net/

Comment one thing is sure: we'll see IFF it vindicates cop (Score 1) 1079

if it vindicates the guy's account, it'll get "lost" or be shielded in the name of national security for revealing camera positions. The assaulting BP will get cover from his agency. OTOH there will magically be no security issue if it even approaches a vindication for the cops.

Comment law is glutted even top tier grads begging (Score 1) 783

Do NOT go to law school under any circumstances. The job market is glutted and there is no guarantee of ANY work at all. The salary stats are inflated by bogus reporting, cherry picking from among those who have a job. More than half of recent grads had no job 1 year after graduating. Check out http://temporaryattorney.blogspot.com/ and http://www.lawschoolscam.blogspot.com/

Comment Are you kidding? I hate them like poison (Score 1) 371

Fuck them in the neck with fire.

I went through a bullshit audit back in the day, when a disgruntled employee tried to inform on the college where we worked. He was largely responsible for the mess, I was largely responsible for cleaning it up in spite of political pressure from the top to keep things working as they always did. A couple of months after the cleanup, they notified us we were being audited. We had the ability to run our own audit and when they were not helpful in narrowing the search, supplied a multi thousand page report in 8-pt type giving every executable on every machine.

Months later they found one classroom still had software on it that was not being used in that room (class was moved to another building). They asked for something like $30K in fines. We told them we were poster children for compliance, could prove that the software was not used, and told them to fuck off. They did.

Bastards went on a fishing expedition elsewhere, hitting non-profits and other underfunded .edu's where they figured the IT depts would cave rather than fight because they lacked the resources to control their environments.

So much effort that delivered nothing toward the mission. Fuck them.

Comment Re:Funny this was submitted by kdawson (Score 1) 634

Oh, all the time. Hannity routinely takes comments out of context to ascribe statements to people that the opposite of what they actually said. Obama had a speech where he said something to the effect of, "Some people say we're in decline. I disagree." Hannity quoted and ranted, "He said, '...we're in decline'! he hatez america!" They've edited video to distort the plain meaning of what someone was saying. And wasn't it them who touched up photos to make two journalists, who were reporting something embarassing to the Republican Party, look 'more Jewish' ? Why yes, Mr. Orwell, it was.
http://mediamatters.org/research/200807020002

Seriously, there's a conservative case to be made on most issues, but Fox news will not present it or anything else but the most brazen political propaganda. Other media outlets might get the story wrong, might emphasize something irrelevant (though usually in a rightward lean), but Fox is a party organ in the style of Pravda.

They lie.

Comment Yep: Policy. Enforcement. Audit. (Score 1) 98

3 separate realms.

Policy to define what's allowed (you haz a policy, whether it is written down or even thought about).

Enforcement of that policy. FW, IPS, application fw. The higher in the stack the fw goes, the closer it should be in the net topology to the target it defends.

Audit the enforcement of that policy. IDS, stats, flow.

And rather than tie everything together, how about focus on the 3-4 sources that really kick ass? FW logs are not useful. Focus on what your targets are doing, not what the millions of bots are prevented from doing.

http://taosecurity.blogspot.com/ is your source for clear thinking on this subject.

Comment NYT is right to show the cost of the war (Score 1) 321

It's the role of the press to bring us the story, especially if the powers that be want it hushed up. I think the Pentagon was chickenshit to hide the homecomings up to this point. Did you see that under the new process, 3/4 of families are fine with the photographs? Someone struck exactly the right note, giving families the right to make the call.

My agenda is truth. The truth is some of our people come back dead. It dishonors their memories to pretend otherwise, and to minimize their sacrifice. So I'm not willing to accept your formulation that its just a political bias that determines whether one should or will approve of their publishing the events.

Slashdot Top Deals

The road to ruin is always in good repair, and the travellers pay the expense of it. -- Josh Billings

Working...