Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Easy (Score 1) 484

That was a "convenience" on old sparc boxes (think boot net installs) for when you didn't know the mac addresses of your physical cards.
Easily turned off in openboot by setting local-mac-address? = true.

As for networking nowadays, compare the feature set crossbow provides to anything any other vendor provides.

Comment Re:Wow, what a stupid post (Score 2) 417

Let me guess, no-one wanted to provide support for the authors ipad or his shadow infrastructure sitting under his desk on 3 year old unsupported equipment.

Some hints for the articles author

Provide a damned business case for the toys (yes, they are toys) and how they are going to improve efficiency/save costs for the organisation as a whole.
Hell if your business case is good Management and IT may agree to supply and roll out the toys.

Comment Re:Just boycott the asses pleases (Score 1) 339

Who do you think you are kidding.

Senator Steve Fielding (Family First) has a big hard on for filtering out internet porn.
Senator Nick Xenephon (Independant) wants online gambling filtered.

Myself I cynically believe this is a point scoring exercise to get the senators that hold the balance of power in the senate on the governments side.

Why else would you push ahead with something absolutely nobody wants.

No doubt down the track the government will call in this favour

Comment Re:Sun Java System Directory Server (Score 1) 409

Proxy account wont stop DoS due to excessive lookups by a malicious person on systems configured to use the service on the local network. They will just be performed by the proxy user.

True you have extra potential for anybody from any host to perform lookups and abuse the server (generally the ldap servers are not public to world though), but in my deployments it has been a requirement for free internal access to the information provided.

With a good spread of hub or read-only consumers behind ldap proxies this can be alleviated somewhat.

In my experience the biggest DoS has been due to account lockout settings... but you get that regardless of authentication backend...

Comment Re:Sun Java System Directory Server (Score 1) 409

Dont use a proxy account for authentication from linux (you need the proxy account on solaris though so ldaps/tls works...).

Ensure that userpassword is readable by no-one (including the proxy user), and use pam_ldap for authentication.

On linux anonymous access is sufficent for NSS lookups, authentication is performed via pam_ldap, which performs an ldap bind as the user that is authenticating.
This also frees you to use any password storage scheme you want.

Slashdot Top Deals

A sine curve goes off to infinity, or at least the end of the blackboard. -- Prof. Steiner