Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:Issues I've had. (Score 2, Informative) 410

I'm still using fvwm and have been doing it for 10+ years. Over the years I've tried switching to gnome or KDE several times but found them too be too slow and lacking features and ended up back in fvwm again. I even tried gnome + sawfish for a while but the constant lisp hacking got the best of me. Fvwm has for a long time and still handle multiple monitors perfectly well and I'm still very happy with it.

Comment Re:Ok, so I got the popcorn ready.... (Score 3, Interesting) 254

Manually compromising servers and installing a tool that causes all those servers to rendezvous with or receive commands from a central control point to execute instructions would make them a botnet.

The key question would be: do the compromised servers also run a program that periodically polls a control station for commands, or does the script kiddie manually command individual compromised servers?

I actually encountered this a few years ago, a Red Hat box had been carelessly placed on the internet with a poor dba username password combo. The attacker had not gained root access. But he did manage to install zombie software on the computer in /var/tmp, which consisted of a small web-server serving malicious code and a custom ssl-irc client configured to connect to the botnet owners irc server.

Curious, I took a copy of the software he had installed before I wiped the server. I then proceeded to connect to his irc server using the credentials found in the zombie software. I ended up in an irc channel with the actual owner of the botnet sitting there. Because I kept my servers original irc-name he started prodding me with dcc-commands to find out the status of his returning zombie. After a while I responded and told him he had been discovered, we had a brief chat before he banned me from the irc-server. Seemed like a script kiddie, he used "LOL" in every sentence and lots of numbers, the net seemed to be run manually with some 30 "clients" in it. I gave his client IP to his ISP in Romania together with the logs, doubt anything came out of it though.

Encryption

Resisting the PGP Whole Disk Encryption Craze 480

alaederach writes "I run a lab in a non-profit academic life sciences research institute. Our IT recently decided it would be a good idea to use PGP whole disk encryption on all of our computers, laptops and servers and picked PGP's suite of software. The main reason is that a small subset of our researchers work with patient information which we obviously are mandated to keep confidential. My lab does a lot of high-performance computational work (on genes from Tetrahymena, no humans here) and I am concerned that the overhead of complying with our ITs new security policy will be quite detrimental to my research program. For example, dynamically reallocating a partition on a PGP encrypted disk is apparently not possible. Furthermore, there is some evidence that certain forms of compression are also incompatible with PGP whole disk encryption. Interestingly, it is hard to find any negative articles on PGP, probably because most of them are written by IT pros who are only focused on the security, and not usability. I therefore ask the Slashdot community, what are the disadvantages of PGP in terms of performance, Linux, and high-performance computational research?"

Comment Probably this one then (Score 1) 644

From dhdpd.conf(5) (version 3):

always-broadcast flag;

The DHCP and BOOTP protocols both require DHCP and BOOTP clients to set the broadcast bit in the flags field of the BOOTP message header. Unfortunately, some DHCP and BOOTP clients do not do this, and therefore may not receive responses from the DHCP server. The DHCP server can be made to always broadcast its responses to clients by setting this flag to 'on' for the relevant scope; relevant scopes would be inside a conditional statement, as a parameter for a class, or as a parameter for a host declaration. To avoid creating excess broadcast traffic on your network, we recommend that you restrict the use of this option to as few clients as possible. For example, the Microsoft DHCP client is known not to have this problem, as are the OpenTransport and ISC DHCP clients.

Slashdot Top Deals

Scientists are people who build the Brooklyn Bridge and then buy it. -- William Buckley

Working...