Linux-Advocacy Digest #112, Volume #30 Wed, 8 Nov 00 01:13:02 EST
Contents:
Re: On a win 2000 system. remove RH7 as follows ("Les Mikesell")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Bruce Schuck")
Re: We will never know what the MS intruder did ("Chad Myers")
Re: Linux growth rate explosion! ("Chad Myers")
Re: so REALLY, what's the matter with Microsoft? ("Chad Myers")
Re: so REALLY, what's the matter with Microsoft? ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: RedHat BugList Summary ("Chad Myers")
Re: On a win 2000 system. remove RH7 as follows (Craig Kelley)
----------------------------------------------------------------------------
From: "Les Mikesell" <[EMAIL PROTECTED]>
Crossposted-To: alt.destroy.microsoft,comp.os.ms-windows.advocacy,alt.linux.sucks
Subject: Re: On a win 2000 system. remove RH7 as follows
Date: Wed, 08 Nov 2000 04:51:43 GMT
"Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
news:8uag7l$nau$[EMAIL PROTECTED]...
>
> > But back on topic, if you have no other useful logical partitions in
your
> > extended partition you could use my debug method to remove the extended
> > partition and FDISK will never be the wiser.
>
> Win2k is much better in handling this.
> Although I'm still waiting for resizing feature.
> But then MS would be anti trusted by Parition Magic :)
Why is it that Win2k won't put quite a whole 9 gig scsi
drive in a single primary partition? I can understand
it on the boot drive, but it does the same thing on a
second drive. If you go back after the install and delete
the partition, then create an extended partition instead
you get more space. Did I miss something along the
way?
Les Mikesell
[EMAIL PROTECTED]
>
> > The ultimate solution, as you've discovered, is fdisk instead of FDISK
=)
>
> what is the difference?
>
>
------------------------------
From: "Bruce Schuck" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Tue, 7 Nov 2000 20:55:37 -0800
"Les Mikesell" <[EMAIL PROTECTED]> wrote in message
news:G84O5.14139$[EMAIL PROTECTED]...
>
> "Chad Myers" <[EMAIL PROTECTED]> wrote in message
> news:RJTN5.45$[EMAIL PROTECTED]...
> >
> >
> > Is ReiserFS released yet?
>
> It is available and people are using it. Several distributions
> include it.
>
> > Has it been thoroughly tested? IIRC, it's still an outsider and hasn't
> > been fully included in the major distributions (although SuSE has it? I
> > remember hearing one of them did now).
>
> Was NTFS tested before it was released? At work I inherited an NT box
> that collected news stories from a wire service and made them available
> through a web server. The thing would crash regularly (like most
> pre-sp3 NT boxes) and it kept taking longer and longer for scandisk
> to finish.
Disk problem. Or an airflow or heat problem. I lost a Quantum drive on my
dual P6-200 due to a heat/airflow problem.
> Finally after it didn't finish over a 3 day weekend I moved
> the whole mess to a unix box and it has been trouble-free for years.
>
> > Has it been thoroughly tested in an enterprise environment or a
> > high-traffic database environment (where +2GB files would be most
> important)?
>
> Has NTFS been tested with large numbers of small files? The disk
> above was nowhere near full, but it had accumulated a lot of files.
I've never had a problem with an NT fileserver.
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: We will never know what the MS intruder did
Date: Wed, 08 Nov 2000 03:37:52 GMT
"Bob Hauck" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Tue, 07 Nov 2000 04:13:00 GMT, Chad Myers
> <[EMAIL PROTECTED]> wrote:
> >"Bob Hauck" <[EMAIL PROTECTED]> wrote in message
> >news:[EMAIL PROTECTED]...
> >> On Mon, 06 Nov 2000 03:52:55 GMT, Chad Myers
> >> <[EMAIL PROTECTED]> wrote:
>
> >> >What about the plethora of privilege-escalation (aka root gaining)
> >> >exploits on Linux?
> >>
> >> What about the ones on NT?
>
> >There haven't been many, if any, lately (in the past month or two.
>
> Oh, so they had a good month? Microsoft has issued 85 security patches
> this year.
Note that this includes all their products, including Outlook/express
Win95/98/ME, NT, _AND_ Win2000.
How many of them were for NT/2K? Far less.
How many exploits have Red Hat alone (let alone all Linux distros) had
this year?
Far more proportionately.
> We won't count the fact that the default NT install lets regular users
> write to system directories and to system registry entries. It is
> pretty easy to elevate your priviledges if you can do that, but since
> it is working as intended I guess it isn't an "exploit".
Only if you're logged on locally. NT is pretty tight from the network.
Anyone with the slightest concern with security could tighten up the
box easily, more easily, in fact, than Linux as there are easy to use
permissions windows, user rights assignments, user/group management tools,
etc.
Linux has a few, but they are disperate and not full featured.
> We also won't count the fact that major vendors, such as Dell at least
> up until early 99, installed NT Workstation on FAT filesystems by
> default. So you had no security at all.
And this is MS' fault how? OEM's ignorance is not MS' fault. MS has
many checklist and walk-throughs on securing a box at varying levels.
Dell's choice to not install their boxes with consideration of security
is Dell's fault.
> Nor will we count the assorted IE and Outlook holes that could easily
> lead to account compromises by premitting simple "social engineering"
> exploits.
Any OS is vulnerable to these types of attacks. NT is certainly not
alone in this regard, if that's what you're attempting to say.
> >There is the November "Netmon Protocol Parsing" exploit which is only
>
> Oh, look, a remote exploit.
Which is an exploit in a different product. Note that I held Red Hat
Linux and NT to the same standards: Exploits in the core product.
> >available when running the SMS Networking Monitor protocol. SMS is a
> >separate product and therefore isn't really part of NT/2K.
>
> Lots of the stuff that comes with Red Hat would be a separate product
> for NT.
As a default install? Not really.
> >(I'll even give you Red Hat 7.0-only exploits to narrow the scope even more!)
>
> >04-Nov-2000 gnorpm locally exploitable privilege escalation.
>
> Not a remote exploit, must have local account to use.
Right, note that I said "locally". You do know what "locally" means, right?
> >26-Oct-2000 cryus-sasl allows users access to denied objects
> >(granted, this doesn't give you root, but it is a security breech)
>
> Not a root compromise. Doesn't count per your own criteria.
Did I say root compromise? I said privilege escalation, of which this DOES
fit the criteria. I did say "(aka root gaining)" which is included in the
P.E. attacks, but the general criteria was P.E. attacks.
> >18-Oct-2000 iputils ping (!) has several buffer overflows allowing
> > arbitrary code execution
>
> Not a remote exploit, must have local account to use.
>
> So, we have two local exploits for Red Hat vs one remote for NT.
vs NONE for NT (one for SMS)
> That does not sound like the clear win you were looking for.
But the point was to prove to that your statements that NT/2K have
more P.E. attacks was false. This I have done quite clearly.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.advocacy
Subject: Re: Linux growth rate explosion!
Date: Wed, 08 Nov 2000 03:39:10 GMT
"Andrew Suprun" <[EMAIL PROTECTED]> wrote in message
news:y%1O5.17616$[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Chad Myers) wrote in
> <cnLN5.7468$[EMAIL PROTECTED]>:
>
> >I taught myself the rules of relational databases and normalization
> >in Access.
>
> Next, learn OOP/OOD/OOA using VB.
While I realize VB doesn't have full OO support, learning basic concepts
of classes several years ago in VB allowed me to more fully understand
the OO concepts in C++.
Just like Access, VB is a launching point.
However, neither Access nor VB claim to be learning tools, they claim
to target a specific problem with a specific solution, of which they
accomplish quite well.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: so REALLY, what's the matter with Microsoft?
Date: Wed, 08 Nov 2000 03:42:53 GMT
"Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
news:8u9kh8$cub$[EMAIL PROTECTED]...
>
> "Christopher Smith" <[EMAIL PROTECTED]> wrote in message
> news:8u9ft0$i0g$[EMAIL PROTECTED]...
>
>
> > And was available for two (x86+ alpha) until beta 3.
> > And was available for at least four, with partial ports to at least 2
> others
> > in the ~8 years before that.
> > And was designed from the start to be portable, to the expense of nearly
> > everything else.
> >
> > I'll ask again, do you have anything reason, apart from your own biases,
> to
> > believe otherwise ? Bearing in mind that NT has to _sell_. What other
> > commercial OSes are on several platforms ?
>
> Solaris, isn't it?
Support for Solaris x86 is waning as it is/was a dismal failure in terms
of performance and application support. Solaris is very much tied to
SPARC as opposed to NT which is not tied (and specifically designed not to be)
to any particular platform.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: so REALLY, what's the matter with Microsoft?
Date: Wed, 08 Nov 2000 03:44:46 GMT
"Craig Kelley" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
>
> > "Craig Kelley" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > > So, apart form your own biases, what reasons do you have to believe
> > > > the portability of NT, which was sustained until NT4, service pack
> > > > 2, have changed for Win2k, given that Win2k had an ALpha port until
> > > > about Beta 3 ?
> > >
> > > I don't know about Mark, but how about the glaringly obvious: NT 2000
> > > is only available for one architecture.
> >
> > Actually, as of yesterday, it's available for two architectures. Microsoft
> > made the Itanium version of Whistler available for public beta.
> >
> > As anyone familiar with Itanium knows, it's a totally different architecture
> > from traditional x86.
>
> We'll see how quickly they drop it. :)
>
> (*I* certainly wouldn't buy a non-ia32 machine to run Windows NT on,
> considering Microsoft's past record of support for non-ia32
> architectures)
Past record? MS' support for Alpha (which had a reasonable sized
market) was pretty good. Many recent products (including Office,
Visual Studio 6, and many BackOffice products) are available on
Alpha. All recent patches are available on alpha. Many of the
new add-on features (scripting engines, Java VMs, etc) are
still being released with Alpha support.
What past record, other than the very good one, are you referring to?
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Wed, 08 Nov 2000 03:48:22 GMT
"Bruce Schuck" <[EMAIL PROTECTED]> wrote in message
news:3zWN5.124505$[EMAIL PROTECTED]...
>
> "Relax" <[EMAIL PROTECTED]> wrote in message
> news:3a080572$0$36976$[EMAIL PROTECTED]...
> > "Roberto Alsina" <[EMAIL PROTECTED]> wrote in message
> > news:8u8rlg$8k4$[EMAIL PROTECTED]...
> > > In article <3a07d40b$0$14416$[EMAIL PROTECTED]>,
> > > "Relax" <[EMAIL PROTECTED]> wrote:
> > > > "Roberto Alsina" <[EMAIL PROTECTED]> wrote in message
> > > > news:8u77je$vai$[EMAIL PROTECTED]...
> > > > > In article <3a06de7b$0$32739$[EMAIL PROTECTED]>,
> > > > > "Relax" <[EMAIL PROTECTED]> wrote:
> > > > > > By the way, what is the maximum
> > > > > > partition size limit on Linux, and what is the maximum file size
> > > on
> > > > > 32bit
> > > > > > hardware?
> > > > >
> > > > > Assuming ext2:
> > > > >
> > > > > Max file size: 2GB, unless you use the "bigfile" patch.
> > > > > Max part size: 4TB
> > > >
> > > > 4TB maximum FS size is quite decent, but 2GB filesize is hardly an
> > > > "enterprise scale" limit. Needs to mature a bit :)
> > >
> > > Or you need to use the "bigfile" patch. You seem to enjoy selective
> > > reading.
> >
> > Oh yes, and what are you going to do, recompile Oracle to use the new API?
>
> Oracle? You can't use Oracle on Linux. It's not open source. How can they
> check out the code for bugs and security holes?
and god knows there's a truck-load of 'em...
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Wed, 08 Nov 2000 03:49:53 GMT
"Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
news:8ua5ga$jmi$[EMAIL PROTECTED]...
>
> "." <[EMAIL PROTECTED]> wrote in message
> news:8u9vv6$8u8$[EMAIL PROTECTED]...
>
>
> > > Couldn't resist, sorry.
> > > Deja's archives are still off somewhere, anything that has to do with
> > > ReiserFS?
> >
> > No. If it was merely a filesystem problem, the fix would have been weeks,
> > not months. The problem is much more complex, and has partially to do
> with
> > article numbering and integration.
>
> They had it before, what happened?
> If it's article numbering problem, make an option "Search the really old
> messages" and put it on a different database.
Hey... they develop with Linux... give 'em a break. These complex
concepts escape them...
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Wed, 08 Nov 2000 03:53:45 GMT
"Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
news:8u9msp$drl$[EMAIL PROTECTED]...
>
> "Chad Myers" <[EMAIL PROTECTED]> wrote in message
> news:KHTN5.44$[EMAIL PROTECTED]...
> >
> > "Paul Colquhoun" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > On 7 Nov 2000 04:09:10 -0600, Relax <[EMAIL PROTECTED]> wrote:
> > > |"Roberto Alsina" <[EMAIL PROTECTED]> wrote in message
> > > |news:8u77je$vai$[EMAIL PROTECTED]...
> > > |> In article <3a06de7b$0$32739$[EMAIL PROTECTED]>,
> > > |> "Relax" <[EMAIL PROTECTED]> wrote:
> > > |> > By the way, what is the maximum
> > > |> > partition size limit on Linux, and what is the maximum file size on
> > > |> 32bit
> > > |> > hardware?
> > > |>
> > > |> Assuming ext2:
> > > |>
> > > |> Max file size: 2GB, unless you use the "bigfile" patch.
> > > |> Max part size: 4TB
> > > |
> > > |4TB maximum FS size is quite decent, but 2GB filesize is hardly an
> > > |"enterprise scale" limit. Needs to mature a bit :)
> > > |
> > > |Released in 1993, NTFS's maximum file size is 16EB, which means
> "unlimited"
> > > |for all practical purposes.
> > >
> > >
> > > Please stop blaming the ext2 file system for the 2Gb limit.
> >
> > You need a patch to fix it.
> >
> > How easily available is this patch?
>
> Easy if you know what to look for. (bigfile, I think the name was)
Does it (the patch) come enabled by default in any distribution?
>
> > Do any distributions come with it enabled by default?
>
> I don't know, but I'm doubtful.
> This is a very scary thing to do, messing with your file system.
So no one has trust in it.
>
> > Filesystem drivers are Big Things, you can't have filesystem
> > corruption in an enterprise environment and ext2 already
> > has a bad name in that regard.
>
> Interesting, why?
One of the new features in the 2.4 kernel is "improved ext2
stability and recovery"
Red Hat sells an "enterprise linux" which boasts enhanced
reliability (as if to claim that regular linux isn't reliable)
and better filesystem performance and reliability and "enhanced
recovery" as opposed to the hours-long fsck that ensues when a
power-outage or other type of interruption occurs.
> > NT supports 16Eb so =P <grin>
>
> I had to go to the dictonary and search for this value. WOW!
>
>
> > > Kernel 2.4 (with the appropriate libraries) will/has removed this
> > > restriction on 32bit architectures as well.
> >
> > Where is 2.4? Not released.
>
> Off in the web, not final yet.
> You can get it, if you want.
> It's a beta.
So it's not released.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Wed, 08 Nov 2000 04:04:37 GMT
"Roberto Teixeira" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> >>>>> "R" == Relax <[EMAIL PROTECTED]> writes:
>
> R> NTFS has yet to be proven unstable anywhere. Just a little
> R> difference, of course, but one that matters. That said, it is
> R> interesting to discover that a very important, if not crucial,
> R> piece of code like an enterprise-class filesystem can be
> R> "proven unstable" despite the fact it's open-sourced thus
> R> scrutinized by thousands of talented and dedicated people for
> R> bugs and security holes, with "0-day patches" (tm) and the like
> R> :)
>
> ReiserFS is still UNDER DEVELOPMENT, do not forget this. And that is
> why it is still _not_ in the Linux kernels.
Thank you for admitting this.
ReiserFS is the first, best hope for a Linux FS.
Ext2 is hopelessly flawed, ext3 is still ways away.
It's safe to say:
Linux has no enterprise-class, or even departmental-class filesystem.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: RedHat BugList Summary
Date: Wed, 08 Nov 2000 04:09:24 GMT
"Craig Kelley" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Ayende Rahien" <[EMAIL PROTECTED]> writes:
>
> > "Craig Kelley" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > "Bruce Schuck" <[EMAIL PROTECTED]> writes:
> > >
> > > > Bug Report for -All-
> > > >
> > > > Tue Nov 7 13:21:34 2000
> > > >
> > > > Summary
> > > >
> > > > New Bugs This Week 183
> > > > Bugs Marked New 1588
> > > > Bugs Marked Assigned 1285
> > > > Bugs Marked Reopened 123
> > > > Total Bugs 2996
> > > >
> > > >
> > > > Whoooooo!
> > >
> > > Compared to the 64,000 bugs in Windows 2000?
> > >
> > > If you're going to pronounce the meaningless, let's be fair...
> >
> > Why don't name some of those 64,000 bugs in win2k?
>
> The point is: These "bug reports" are meaningless.
>
> The 64k number was reported by ZDnet from *Microsoft* itself.
>From one of those unnamed "inside sources".
No one has yet to confirm these claims. There was a hint that there
were 64k "issues" in the bug-tracking software related to Win2K, issues
include (the majority) new feature requests or feature changes. A scant
few were actual bugs. Have you ever managed a software product this
large with many thousands of people requesting features or feature
changes?
Didn't think so.
-Chad
------------------------------
Crossposted-To: alt.destroy.microsoft,comp.os.ms-windows.advocacy,alt.linux.sucks
Subject: Re: On a win 2000 system. remove RH7 as follows
From: Craig Kelley <[EMAIL PROTECTED]>
Date: 07 Nov 2000 23:03:58 -0700
"Les Mikesell" <[EMAIL PROTECTED]> writes:
> "Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
> news:8uag7l$nau$[EMAIL PROTECTED]...
> >
>
> > > But back on topic, if you have no other useful logical partitions in
> your
> > > extended partition you could use my debug method to remove the extended
> > > partition and FDISK will never be the wiser.
> >
> > Win2k is much better in handling this.
> > Although I'm still waiting for resizing feature.
> > But then MS would be anti trusted by Parition Magic :)
>
> Why is it that Win2k won't put quite a whole 9 gig scsi
> drive in a single primary partition? I can understand
> it on the boot drive, but it does the same thing on a
> second drive. If you go back after the install and delete
> the partition, then create an extended partition instead
> you get more space. Did I miss something along the
> way?
It always leaves a bit of space at the beginning of the drive (it'll
even pretend that the space doesn't exist in most tools) to solve the
1042 cylinder problem that used to haunt LILO. You'd have to do it on
all drives just in case one of them ends up being the boot disk (ie,
boot off SCSI n>0).
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
