Linux-Advocacy Digest #71, Volume #28 Fri, 28 Jul 00 20:13:06 EDT
Contents:
Re: I had a reality check today :( (Jim Richardson)
Re: No wonder Hackers love Linux (Jim Richardson)
Re: No wonder Hackers love Linux (Jim Richardson)
Re: Am I the only one that finds this just a little scary? (Jim Richardson)
Re: Am I the only one that finds this just a little scary? (Jim Richardson)
Re: Am I the only one that finds this just a little scary? (Jim Richardson)
Re: Am I the only one that finds this just a little scary? (Jim Richardson)
Re: Are Linux people illiterate? (Jim Richardson)
Re: The Failure of the USS Yorktown (Jim Richardson)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Subject: Re: I had a reality check today :(
Date: Fri, 28 Jul 2000 14:51:46 -0700
Reply-To: [EMAIL PROTECTED]
On Mon, 24 Jul 2000 01:17:19 -0700,
Spud, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>[snips]
>
>"Arthur Frain" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Spud wrote:
>
>> If you're referring to the #!/bin/perl as an association
>> embedded in the script, for purposes of mail or browsing
>> that isn't correct. It's only the OS or shell that know
>> what #! means, not mail software.
>
>And apparently has nothing to do with applications associating
>anything with anything. Right.
>
>
>> So you're essentially right that Linux *could* be
>> susceptible to VB-like viruses - it's just that
>> hardly anybody ever enables that capability.
>
>Right... and OE _could_ be susceptible to such viruses as well... *if*
>the user decides "Hey, what's this? A totally unknown file which
>might do anything; let's run it." In short, the existence of the
>association - regardless of who manages it - is irrelevant.
Or just download the mail, no need to bother reading or previewing it
anymore even.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Subject: Re: No wonder Hackers love Linux
Date: Fri, 28 Jul 2000 15:50:01 -0700
Reply-To: [EMAIL PROTECTED]
On Mon, 24 Jul 2000 19:06:36 -0700,
Bob B., in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>dakota <[EMAIL PROTECTED]> wrote:
>>Steve <[EMAIL PROTECTED]> wrote:
>>>Just installed Mandrake 7.1 with medium security
>>>setting and install option of everything.
>>>
>>>Port 21 ftp WIDE OPEN.
>>>
>>>Port 23 telnet WIDE OPEN
>>>
>>>Port 110 pop3 WIDE OPEN
>>>
>>>Port 113 ident Wide open....
>>>
>>>Not to mention all of the other security holes due
>>>to inetd running every service known to mankind.
>>
>>Are you an idiot??? Just because those ports are left open
>>doesn't mean its a security risk. There are millions of servers
>>out there that leave those ports open and suffer no ill side
>>effects. Besides that, you can pipe everyone one of those
>>services and more through an encrypted ssh session. Are you
>>aware of those things called "firewalls" <snicker>?
>
>This is a great way to win friends and influence people - start
>off by calling them an idiot. Ipchains will in fact close these
>ports. So the authors of ipchains seem to think they are a
>security risk, even if you don't.
>
>>
>>>
>>>Windows 98 se with ICS installed closes all of
>>>those ports and several are in stealth mode.
>>
>>Winshit 98 has a badly broken TCP/IP stack (not to mention the
>>plethora of shutdown and APM problems) as does Windows 95/NT/Win
>>2000. Nmap can detect them quickly and they are highly
>>susceptible to DoS attacks. Try sending an oversized packet to
>>Winshit 95, or try sending a malformed ICMP packet to any of the
>>above and see what happens. Have you seen the lastest security
>>bulletin from Meglasoft? It mentions a problem with Win2000's
>>telnet server in which there is a DoS vulnerability but they
>>play it down by giving the excuse that you can stop and restart
>>the service. You see, the "Microsoft" version of security is
>>very flawed and nearly non-existent, as evidenced by the many
>>security bulletins they put out on a daily basis. All the
>>stealth mode <I'm still laughing at this one> that Microsoft has
>>to offer isn't going to protect you from denial of service
>>attacks. Can MS products filter by Type of Service or Quality
>>of Service, I don't think so. Can MS products do IP
>>masquerading or filtering (ipchains in Linux), I don't think so.
>>
>
>You are ingoring the original poster's point - by default,
>Windows SE sets up a reasonable level of security - Linux (at
>least Mandrake) does not.
Are you claiming that Windows 98 SE had the option of setting up
an FTP server, a POP3 server, or a telnet server?
>
>There are several ways to check your security. The Gibson
>Research site is a good one, and much easier than building a
>utility from source code, and more informative than netstat.
>
nmap gives you way more info, grc isn't even in the ballpark in comparison.
Even Saint (ne้ Satan) does a much better job than grc. But having said that,
grc is a useful quick check for simple things.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.advocacy
Subject: Re: No wonder Hackers love Linux
Date: Fri, 28 Jul 2000 15:53:47 -0700
Reply-To: [EMAIL PROTECTED]
On Tue, 25 Jul 2000 02:18:58 GMT,
Steve, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>On Tue, 25 Jul 2000 02:05:56 GMT,
>[EMAIL PROTECTED] () wrote:
>
>
>> Without a static IP address it's pretty much a moot point
>> either way. OTOH, you don't have to have a well defined and
>> stable 'IP identity' to be wide open under Windows networking.
>
>Cable modems and other 24/7 systems are wide open.
>
>I dial-up several times a day and I am scanned all
>of the time.
>
>Many times by someone here in this group, but that
>is another story all together.
>Suffice to say I know who it is. He comes a
>knockin' but he can't get in.
>
>
>> The WinDOS attempt at being 'easy' also makes it remarkably more
>> open, given a quite common sort of user error, than a Unix box
>> with the most sloppy of security practices.
>
>Wrong...Zonealarm even on default medium settings
>closes all ports. Linux defualt does not.
>Sendmail exploits among others are another *nix
>issue.
Zonealarm, what version of windows does that come with?
Sendmail exploits? nah, look at outlook, *there's* an exploit farm...
>
>
>>>
>>>
>>>>>
>>>>>Windows 98 se with ICS installed closes all of
>>>>>those ports and several are in stealth mode.
>>[deletia]
>>>>to offer isn't going to protect you from denial of service
>>>>attacks. Can MS products filter by Type of Service or Quality
>>>>of Service, I don't think so. Can MS products do IP
>>>>masquerading or filtering (ipchains in Linux), I don't think so.
>>>
>>>
>>>Windows has those ports closed by default.
>>>Linux does not.....
>>
>> No, Windows merely doesn't bother to address those features.
>
>What are you talking about?
>
>The ports are closed and most are in stealth mode.
>
>
>
>> It is rather more like a Macintosh in this instance.
>
>
>??????????
>
>
>>>
>>>
>>>>>
>>>>>No wonder the script kiddies seems to love
>>>>>Linsux.....
>>>>>
>>>>
>>>>They like it because its design is extremely flexible. The
>>>>TCP/IP stack isn't flawed, either.
>>>
>>>
>>>Sure it isn't. The ports are just wide open.
>>
>> ...to experts using character stream tools.
>
>To any idiot with a gui based scanner.
>
>Today you don't have to know anything in order to
>wreak havoc with a wide open system like a default
>Linux install leaves you with.
>
>> WinDOS is quite often wide open to complete idiots using
>> tools requiring no particular aptitude.
>
>On some older systems (pre Win98SE) this is true
>and my comments apply to thoses systems as well. I
>was addressing current Linux and Windows systems
>however, in default configurations.
>
>Any idiot can render even the most secure system a
>wide open one in short order and this applies to
>Linux as well as Windows.
>
>>>
>>>>
>>>>>Typical newbie will install it with defaults and
>>>>>be hacked within a couple of hours.
>>>>>
>>>>
>>>>Linux is NOT meant for the typical winnewbie. It's meant for
>>>>people that have a brain.
>>>
>>>
>>>Or who want to spend their entire summer reading
>>>how-to's related to security instead of
>>>downloading ZoneAlarm_>clicking setup.exe and
>>>sitting on the beach in East Hampton sipping
>>>drinks with umbrella's in them and looking at half
>>>naked women.
>>
>> If you want a secure system, then you do the work.
>> Otherwise someone brighter than you is going to be
>> hacking your box despite of your shiny happy security
>> blanket.
>
>ZoneAlarm and Norton were both highly rated and in
>their default configs no work is required.
>Nothing, nada....
>
>> You foolishly put your trust in one set of developers
>> just when another set of developers failed you.
>
>I know what works from experience. An expert in
>security will of course be able to design a
>superior system for either Linux or Windows.
>
>A default installer (99 percent of the rest of the
>world) will have their ass exposed using Linux but
>not Windows 98SE with ICS and maybe ZoneAlarm.
>
>Setup.exe is all it takes.
>
>
>
>>[deletia]
>>
>> Not only does WinDOS make it quite likely that you will
>> have all of your files free and accessable to the whole
>> damn ISP, but you'll be clogging any common backbone
>> (think cablemodems here) with completely extraneous broadcast
>> traffic.
>
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Am I the only one that finds this just a little scary?
Date: Fri, 28 Jul 2000 10:44:53 -0700
Reply-To: [EMAIL PROTECTED]
On 25 Jul 2000 04:10:41 GMT,
Stephen S. Edwards II, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>: Vote LIBERTARION.... the political equivalent of Linux.
>
>Wrong. The political equivalent of Linux is communism.
Hey, if we are putting lables to linux agin, I'll disagree with you
both and say anarchy.
>--
>..-----.
>|[ ] | Stephen Edwards | http://www.primenet.com/~rakmount
>| = :| "I'm too polite to use that word, so I'll just say,
>| | 'bite me, you baboon-faced ass-scratcher.'"
>|_..._| --SEGA's Seaman on the "F" word.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Am I the only one that finds this just a little scary?
Date: Fri, 28 Jul 2000 10:49:12 -0700
Reply-To: [EMAIL PROTECTED]
On Mon, 24 Jul 2000 18:48:20 -0400,
Aaron R. Kulkis, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>
>
>Perry Pip wrote:
>>
>> On Thu, 20 Jul 2000 08:52:22 -0500,
>> Tim Kelley <[EMAIL PROTECTED]> wrote:
>>
>> >Well I don't particularly like the government or the military so
>>
>> Well if it weren't for the Government and Military:
>>
>> 1) There would be no computers as we know today. They pioneered them.
>
>Wrong. Alan Turing was working on these things FAR before the
>military needed code-breaking computers.
>
>Read Feynman's "Surely You're Joking, Mr. Feynman". Electro-mechanical
>multipliers and dividers were "off-the-shelf" items by the late 1930's.
The US Navy's codebreaker section used (in the beginning) IBM machines, that
were developed by IBM alone, the Navy wasn't allowed to open and tinker with
them. (They did anyway.)
>
>>
>> 2) There would be no Internet as we know today. They pioneered it.
>>
>> 3) There would no reliable electricity, as the power monopolies would
>> be to busy playing cut throating their customers.
>
>Oh god. This is so stupid. The main reason why most areas have
>Electricity monopolies is BECAUSE OF the government, as they
>GRANTED MONOPOLIES to the various power companies.
>
>Every place where such officially sanctioned monopolies have been
>overturned, the price of electricity drops IMMEDIATELY when a
>competing company comes into the local market.
>
Not to mention that the rural electrification program mandated that farmers
with wind generators, (common in the '30s and '40s) dismantled them.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Am I the only one that finds this just a little scary?
Date: Fri, 28 Jul 2000 10:54:10 -0700
Reply-To: [EMAIL PROTECTED]
On Mon, 24 Jul 2000 20:51:58 GMT,
[EMAIL PROTECTED], in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>On Sun, 23 Jul 2000 21:54:35 -0400, Colin R. Day <[EMAIL PROTECTED]> wrote:
>>Perry Pip wrote:
>>
>>> On Sat, 22 Jul 2000 01:40:51 -0400,
>>> Colin R. Day <[EMAIL PROTECTED]> wrote:
>>>
>>> >But you are forgetting that without the military's
>>> >receiving those tax dollars, Americans might have made
>>> >such things on their own.
>>> >
>>>
>>> Except that the private sector simply isn't willing to make huge up
>>> front investments in new technologies that won't pay off till decades
>>> later. Two good additional examples are the railroads and civillian
>>> aviation, both of which were fisrt invested in heavily by the
>>> Government and later privitized when people realized their was money
>>> to make off of it.
>>
>>Not sure about railroads. And are you sure that government did a
>>better job with the money than private citizens would have done?
>
> This presumes that those private citizens/companies would
> have shown the foresight to bother, rather than persuing
> more immediate selfish goals.
>
You mean like Burlington Northern? the private intercontinental RR did?
(While following their immediate "selfish" goals I might add.)
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Am I the only one that finds this just a little scary?
Date: Fri, 28 Jul 2000 10:42:32 -0700
Reply-To: [EMAIL PROTECTED]
On 25 Jul 2000 06:29:14 GMT,
Perry Pip, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>On Sun, 23 Jul 2000 21:54:35 -0400,
>Colin R. Day <[EMAIL PROTECTED]> wrote:
>>Perry Pip wrote:
>>
>>> On Sat, 22 Jul 2000 01:40:51 -0400,
>>> Colin R. Day <[EMAIL PROTECTED]> wrote:
>>>
>>> >But you are forgetting that without the military's
>>> >receiving those tax dollars, Americans might have made
>>> >such things on their own.
>>> >
>>>
>>> Except that the private sector simply isn't willing to make huge up
>>> front investments in new technologies that won't pay off till decades
>>> later. Two good additional examples are the railroads and civillian
>>> aviation, both of which were fisrt invested in heavily by the
>>> Government and later privitized when people realized their was money
>>> to make off of it.
>>
>>Not sure about railroads.
>
>I should have been more specific - the first transcontinental
>railroads. http://www.blm.gov/education/railroads/trans.html It was an
>investment the private sector was unwilling to make, mostly because of
>getting across the Sierras and the Rockies. When it was completed, the
>industry had it's largest boom ever.
>
You are correct that the first intercon RR was basically a govt project, but
there was at least one that did it without fed funds, Burlington Northern, I
think it is mentioned in "Myth of the Robber Barons"
>
>>And are you sure that government did a
>>better job with the money than private citizens would have done?
>
>When the lack of a near term payoff prevents private citizens from
>investing at all, obviously yes. But then once the technology is
>developed and the payoffs are proven, it is better to then be
>privatized.
>
>Perry
>
Govt runs poorly at best, sometimes (like the micro electronics industry) it
hits a goldmine as it were, most of the time, the funds are spent on massive
boondoggles, vastky outweighing the positive results. If the funds were
collected without theft, then that would be fine, But they aren't.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Subject: Re: Are Linux people illiterate?
Date: Fri, 28 Jul 2000 11:24:27 -0700
Reply-To: [EMAIL PROTECTED]
On Tue, 18 Jul 2000 13:01:06 -0700,
[EMAIL PROTECTED], in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>
><[EMAIL PROTECTED]> wrote in message news:8l22th$94$[EMAIL PROTECTED]...
>> In article <8l1un0$dob$[EMAIL PROTECTED]>,
>> "MH" <[EMAIL PROTECTED]> wrote:
>>
>> "Payed" is much more logical than "paid". Just try to *logically*
>> explain why "shure" is a misspelling.
>
>To understand the root for the illogical spelling rules of the english
>language we have to consider the source of the language as well as the
>traditions and culture that surrounded it. Logic was never a part of the
>development of the spelling rules of the english language.
>
>English is a large and rich and evolving language with multiple ways to say
>the same thing--all with equal validity. The English language has an
>inheritance from the Picts, Celts, Vikings, Romans, Normans, Angelo, Saxons,
>Jutes, Francs, and many other peoples. These sources provides us a large
>pallete of words, phrases, and idioms to select from. Many meanings have
>multiple ways of being stated and many words also have multiple
>meanings--all valid.
>
>We may never know what the first language of Britian was. So let us start
>with the proto gaelic of the Picts and Celts. Then came the Romans to
>Britonium (sp?) and their introduction of Latin. It was the Roman presence
>in Britian that created the sepperate identities of England and Scotland.
>Latin was then the proper language of Britian and the prior language was
>used amoung the lower classes and for daily conversation. Over time other
>languages were introduced into Britian by the various barbarian contacts
>such as through invasions by the Jutes, Angelo, Saxons, and other contacts
>like those with the Francs, Goths, and Vandals. In the end the Saxons
>becase supreme over the area that is now known as England. Then came the
>Vikings conquest of most of Britian and their language.
Well, close anyway. P and Q Celtic (Brythonic and Goedelic) were spoken in all
of what the Romans called "Lesser Gaul". The Romans brought latin in, and by
the end of Roman-Britain (410.C.E. when the last Roman legion the XX, Vale
Victix IIRC, was ordered to return to Rome.) Latin was a common trade languange
and was used by the Roman influenced Towns and Colonae, but was not used by
the bulk of the populace living outside of the Roman towns and colonae.
Starting in the early 7th century, the Saxons, Jutes, Angles and other
germanic tribes began migrating into the lowlands due to pressure from tribes
like the Huns further east on the steppes. They brought their germanic
languages, and gave us place names like Wessex (west Saxons) Essex (east
Saxons), Norfolk (north folk), and the village I grew up in in East Anglia,
called hockWold, which meant High wood. Germanic structure underlies modern
english due to the spread of the germanic tribes. Little of either strain of
Gaelic remains although there are remenents. The Danes brought with them many
word constructs and words, especially when they conquered what became known as
the "DaneGeld". Later, the normans came and buggered up the language with a
bunch of french words and grammar. Beef is from Boef, a Norman-French word,
but Cow is old english. There's a really good book on the subject called
"Mother Tongue, the story of English and how it got that way." very much
worth the read if you are interestend in the linguistic history of English.
>It was as a result of that person's working style that has given: us three
>spelling for the sound of "2", which are "two", "too", and "to", as well as
>"book" and "cook" instead of "bwk" and "cwk"; why "sure" is correct and
>"shure" is incorrect. It is by violating his own spelling rules that has
>established "paid" for the past tense of "pay" instead of "payed"
Payed is a germanic ending (past tense.) the id is latinate, either from the
latin itself, or more likely, from the french. All the en endings like
stolen are germanic.
>I could, but I don't like to use that kind of language in any language.
>However, I will close with mixed language statement:
>
>( ( 2 * b ) || !( 2 * b ) ) tolerant is the question.
>
hehe, cute :)
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: The Failure of the USS Yorktown
Date: Fri, 28 Jul 2000 16:16:03 -0700
Reply-To: [EMAIL PROTECTED]
On Mon, 24 Jul 2000 22:12:57 -0400,
Colin R. Day, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>Woofbert wrote:
>
>
>>
>> The Germans didn't agree with the US analysis of the effectiveness of
>> tanks, and developed a couple of different Panzers ... which are the
>> basis of the current Israeli design. The Sherman, with its flat front
>> end, was years behind German design.
>>
>
>But from what I have read, the Sherman was more rugged, which is
>important when you're fighting on another continent.
>
>Colin Day
>
The Sherman was cheap, but that's about it, (oh, and the hydraulically
stabilized turret was better, it could shoot reasonably accurately whilst
moving.) But it had a myriad of flaws. It used radial aircraft engines, they
used gasoline, and were very large and a poor fit physically, causing the
Sherman (and other US designs) to be too tall to hide well. The T-34
(USSR) was just about the best tank of the war, rugged, low slung, heavy,
well shaped armour, wide tracks, diesel engine, hi velocity gun, a great
design with few flaws compared to other comtemporary designs. A bit cramped
though.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
