Re: black hat hackers

[Greg McCarroll]

* robin szemeti ([EMAIL PROTECTED]) wrote:
> 
> if your scans and probes look like ...
> 
> [4] PBServer/..%5c..%5c..%5cwinnt/system32/cmd.exe



> 
> etc etc etc ad nauseum
> 

nope, the sequence of events went something like this

portscan on 145
20+ minutes later, portscan of 146
1hr+ minutes later, apache was showing attempts such as this 

host217-35-113-70.in-addr.btopenworld.com - - [09/Jan/2002:14:36:32
+] "GET
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/passwd
HTTP/1.0" 404 275 "-" "-"
host217-35-113-70.in-addr.btopenworld.com - - [09/Jan/2002:14:36:33
+] "HEAD /cgi-bin/DCShop/Orders/orders.txt HTTP/1.0" 404 0 "-" "-"
host217-35-113-70.in-addr.btopenworld.com - - [09/Jan/2002:14:36:33
+] "HEAD /cgi-bin/a1disp3.cgi?/../../../../../../etc/passwd
HTTP/1.0" 404 0 "-" "-"
host217-35-113-70.in-addr.btopenworld.com - - [09/Jan/2002:14:36:33
+] "HEAD /cgi-bin/a1stats/ HTTP/1.0" 404 0 "-" "-"

i googled for some of these and discovered its a CGI vunerability
rootkit

after this the person started looking at my homepage, which sort of
freaked me out and i pulled the webserver, disconnected ADSL and ran
some quick tests for rootkits

i contacted abuse@bt and got an autoreply, basically after half of it
that was about news/mail posts and spams, it got to the bit about
system cracking

they say 3 things,

 1.) they will look into any matter reported to them and take
 action against the account
 2.) they will not actually enter into direct discussion with me,
 about any of this
 3.) they won't tell me if they do take any action against the
 account

this sort of left me pretty much in the dark

the next day, i turned ADSL back on, and the webserver and about 11:30
that morning, sure enough the same ip was back and trying CGI
vunerabilities

what could i now do now, if someone at abuse@bt had given me a phone
number i could of called and told them it was happening, but nope i
basically had fuck all i could do

Greg

-- 
Greg McCarroll http://217.34.97.146/~gem/

Re: [Boston.pm] dotbomb crosspost

[Joe Johnston]

Chris Devers wrote:
> 
> Ok, so I never look at F*ckedcompany & maybe that's a good thing, but I'm
> looking right now and they're running two rumors of interest:
> 
>  * O'Reilly are laying off 16 people
>Are they in trouble? In danger? What would the repurcussions of this
>be? They seem to be pretty big advocates (biggest?) of a lot of the
>open source stuff, particularly Perl. These projects may not end if
>O'Reilly suffers or disappears, but they might be impeded badly, no?

I worked at O'Reilly for a year and half until this October. I still have 
many good friends at the company and have some insight into this issue. 

Is O'Reilly in trouble? Like other technical publishers, they have been hit 
hard by the poor economic climate. The slow conference season,
business deals that didn't blossom as well as expected and the death of their 
editor-in-chief all contributed to what can only be called a shitty year. 
Should O'Reilly fail to recover, the Open Source movement would lose one of 
its earliest and loudest supporters. This isn't to say the OSS would
disappear,
but it might be harder for some technologies (like Python or XML-RPC) to 
break through to a wider audience. Perl will be fine. Remember, O'Reilly 
isn't a software house; they're a publisher of great books. Still, I hope
2002 brings decidedly better news to ORA.

If you would like to help O'Reilly, do consider buying a book from their 
web site (http://www.ora.com). 


-- 

Joe Johnston  - http://taskboy.com
"A closed mouth gathers no feet."

Re: Damian in Belfast

[Paul Dundas]

Russell Matbouli wrote:

> On Wed, Jan 09, 2002 at 11:46:32PM +, David Cantrell wrote:
> 
> 
> As for hotels, I guess the main ones would be the Europa, Dukes and the
> Hilton, but I can't give reviews as I've never had to stay in a hotel in
> Belfast... If no-one else suggests places, I can look in the yellow
> pages and you can call around for prices.
> 

http://dmoz.org/Regional/Europe/United_Kingdom/Northern_Ireland/Belfast/Travel_and_Tourism/Accommodation/

lists a few (with sketchy idea of location), and may be of some help.


-- 
   Paul D([EMAIL PROTECTED])
"There is no limit to what a man can do or how far he can go if
 he doesn't mind who gets the credit." - Robert Woodruff

Re: Re: TWYD

[Brad Bollenbach]

A social meet of which I hope to be a part.

I'll be landing in London first thing Sunday morning. See y'all then! :)

- Original Message - 
From: "Simon Wistow" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 09, 2002 9:44 AM
Subject: Fwd: Re: TWYD


> Sounds like an experiment for the next social meet :)
> 
> - Forwarded message from 300list -
> 
> Date: Wed, 9 Jan 2002 15:25:14 -
> To: 
> Subject: Re: TWYD
> 
> > On a related topic, I was quite pleasantly surprised when, combining
> > Guinness and redbull in a drunken experiment, it tasted quite nice.
> > Does it have a name?
> 
> Black ball?
> 
> Martin
> 
> 
> - End forwarded message -
> 

Re: Damian in Belfast

[Russell Matbouli]

On Wed, Jan 09, 2002 at 11:46:32PM +, David Cantrell wrote:
> And if any of the Belfast.pm crowd have suggestions for hotels, we'd be
> grateful for your advice.

I may be able to provide a sofa to sleep on if there are any
cheapo-studenty types coming over...

As for hotels, I guess the main ones would be the Europa, Dukes and the
Hilton, but I can't give reviews as I've never had to stay in a hotel in
Belfast... If no-one else suggests places, I can look in the yellow
pages and you can call around for prices.
-- 
Russell Matbouli   |Jam your brain with broken heros
[EMAIL PROTECTED] | Love your masks and adore your failure
PGP KeyID: 0x3CA84CF4  |



msg04277/pgp0.pgp
Description: PGP signature

Re: black hat hackers

[Randal L. Schwartz]

> "Paul" == Paul Makepeace <[EMAIL PROTECTED]> writes:

Paul> On Thu, Jan 10, 2002 at 12:42:06AM +, the hatter wrote:
>> Which isn't to say that I'd be too surprised to see "clueful internet user
>> given 25 years for telling user they've got security problems, using
>> security problems" on the reg one day.

Paul> I'm sure Randal could expound on this point.

All too well.  And I presume you've heard the final chapter in my
personal story on this:

http://groups.yahoo.com/group/fors-announce/message/20

And although it's over for me, I will continue to "fight the good fight".

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

Re: black hat hackers

[Paul Makepeace]

On Thu, Jan 10, 2002 at 12:42:06AM +, the hatter wrote:
> Which isn't to say that I'd be too surprised to see "clueful internet user
> given 25 years for telling user they've got security problems, using
> security problems" on the reg one day.

I'm sure Randal could expound on this point.

Paul

-- 
Paul Makepeace ... http://paulm.com/

"What is naked olive oil? Fast, then expel worms."
   -- http://paulm.com/toys/surrealism/

Re: [Boston.pm] dotbomb crosspost

[Dan Sugalski]

At 11:20 AM 1/9/2002 -0600, Chris Devers wrote:
>Ok, so I never look at F*ckedcompany & maybe that's a good thing, but I'm
>looking right now and they're running two rumors of interest:
>
>  * O'Reilly are laying off 16 people
>Are they in trouble? In danger? What would the repurcussions of this
>be? They seem to be pretty big advocates (biggest?) of a lot of the
>open source stuff, particularly Perl. These projects may not end if
>O'Reilly suffers or disappears, but they might be impeded badly, no?

At the moment it won't make much difference. The only O'Reilly person 
involved is Nat. There are OSCon issues potentially, but they wouldn't keep 
running conventions, and adding more (BioCon, P2PCon, at least) if they 
weren't showing a profit from 'em.

>  * NorthernLight may be shutting down
>Doesn't Dan Sugalski work there? Will this impact Parrot/Perl6? Or
>will the sponsorship thing help out here (in a recession, when not
>as many people are going to be able to donate, and there will be
>two sponsored developers this time around)?

Hey, we made fuckedcompany! Cool, I need to go check. :)

Rumors of our demise are greatly exaggerated. NL's just shutting down 
unpaid access to the web database. I've a press release somewhere if 
someone wants the official word. We're doing fine other than that--lots of 
companies are paying us for things. (ObPlug: If someone's got a company 
that might want to pay us for stuff, get in touch with me and I'll hook 
everyone up)

Sponsorship will always help--if I have more than spare time to work on 
parrot, things will move faster. So go donate! Even 10 will help out. (I'm not sure if YAS is going to do 
partial grants or not)

Dan

--"it's like this"---
Dan Sugalski  even samurai
[EMAIL PROTECTED] have teddy bears and even
  teddy bears get drunk

Re: [Boston.pm] dotbomb crosspost

[Simon Cozens]

On Wed, Jan 09, 2002 at 11:20:13AM -0600, Chris Devers wrote:
>  * O'Reilly are laying off 16 people
>Are they in trouble?

No.

>In danger?

Who isn't, right now? There'll be lots of talk, I'm sure. For the
reality, wait and see.

>What would the repurcussions of this be? 

Less money for me, that's for sure!

>They seem to be pretty big advocates (biggest?) of a lot of the 
>open source stuff, particularly Perl. These projects may not end if
>O'Reilly suffers or disappears, but they might be impeded badly, no?

I can't speak for ORA, nor would I ever do if I could, but... I'm sure
that all at O'Reilly believe that one of the great strengths of Open
Source projects is their independence from commercial pressure. If ORA
folds (which it won't) then Perl will continue, Perl 6 development will
continue, Perl conferences will continue to happen, and people around
the world will still love Perl and enjoy programming in it and exploring
its boundaries. You wouldn't notice a difference. (Unless you're looking
at perl.com ;)

-- 
You advocate a lot of egg sucking but you're not very forthcoming with the 
eggs. - Phil Winterbottom (to ken)

Re: [Boston.pm] dotbomb crosspost

[Ron Newman]

On Wed, 9 Jan 2002, Chris Devers wrote:

>  * NorthernLight may be shutting down
>Doesn't Dan Sugalski work there? Will this impact Parrot/Perl6? Or
>will the sponsorship thing help out here (in a recession, when not
>as many people are going to be able to donate, and there will be 
>two sponsored developers this time around)?

Northern Light is not shutting down!  I work there, I should know.

--
Ron Newman   [EMAIL PROTECTED]
URL: http://www2.thecia.net/users/rnewman/

Re: black hat hackers

[anathema]

the hatter <[EMAIL PROTECTED]> wrote:
>It warms my heart to beleive that abuse@bt would hold
>me/you/whoever-was-actually-asking in such high regard as to give us
>special treatment unlike the luser whose machine is causing the grief to
>begin with, who they were happy to do nothing about.

The same rules for everyone.  If the kids were prosecuted, so would you.


>Not that any of my
>suggestions were actually destructive.

This is the point I traditionally point out that "destruction" is not what
these things are judged by.  A script that would trawl the net and FIX nimda
would still be regarded as hacking, and I'm sure I don't have to explain why,
right?

>Which isn't to say that I'd be too surprised to see "clueful internet user
>given 25 years for telling user they've got security problems, using
>security problems" on the reg one day.

/me rolls eyes
I do believe it's already been reported, though you can't believe everything
you read on the Reg.
--
http://www.the-anathema.org
 "Lemon bars were thrown in anger" - Caroline In The City

Re: black hat hackers

[the hatter]

On Wed, 9 Jan 2002, anathema wrote:

> the hatter <[EMAIL PROTECTED]> wrote:

[snip some of my suggestions, some naughty, some not ]

> Would cause *you* to be prosecuted as a hacker.

It warms my heart to beleive that abuse@bt would hold
me/you/whoever-was-actually-asking in such high regard as to give us
special treatment unlike the luser whose machine is causing the grief to
begin with, who they were happy to do nothing about.  Not that any of my
suggestions were actually destructive.  However, if there is anyone on
here who would do what I tell them, without considering the consequences
for themself, please mail me as I'm sure I could find a use for you.

Which isn't to say that I'd be too surprised to see "clueful internet user
given 25 years for telling user they've got security problems, using
security problems" on the reg one day.


the hatter

Re: black hat hackers

[anathema]

the hatter <[EMAIL PROTECTED]> wrote:
>More direct alternatives, such as netsend'ing the user a message that
>their machine has been hacked, or using the holes which an infected
>machine has to alert the user in some other way (log in, remove adsl
>driver ?  or change their subnet mask to not include you (though I'm not
>sure if the worms target your actual subnet, or just anything on the same
>/24), leave a few batch files or rude messages around for the user, or
>some helpful hints ?)

Would cause *you* to be prosecuted as a hacker.



--
http://www.the-anathema.org
"If love is the answer, could you rephrase the question?" - Lily Tomlin
n

Re: black hat hackers

[Paul Mison]

On Wed, Jan 09, 2002 at 08:14:25PM +, robin szemeti wrote:
> smoothwall is good and just requires an old 486 or similar.

a) have you tried to buy a 486 or similar? Anyway, all my old Pentium-
   class machines are busted now
b) it didn't support ADSL via USB, so I gave up and used FreeBSD
   instead, what with it actually working and stuff.

This has been a minor rant brought to you two weeks after the fact.

-- 
:: paul
:: husk 

Damian in Belfast

[David Cantrell]

I have, foolishly, volunteered to be the Group Travel Organising Tsar for
this.  Please could people contact me off-list by the end of the week if
they are interested in going.  Let me know if you are definitely going,
or if you are merely interested in going.

And if any of the Belfast.pm crowd have suggestions for hotels, we'd be
grateful for your advice.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

May your blessings always outweigh your blotches!
-- Dianne van Dulken,
   in alt.2eggs.sausage.beans.tomatoes.2toast.largetea.cheerslove

Re: black hat hackers

[Mike Jarvis]

On Wed, 2002-01-09 at 17:38, Jonathan Stowe wrote:
> On Wed, 9 Jan 2002, Greg McCarroll wrote:
> 
> >
> > It's a BT openworld IP which I am also a member of, so i've already
> > contacted [EMAIL PROTECTED] , however they suggest I contact the
> > cops.
> 
> 
> That's lame - point them to their AUP and tell them to sort it out ...
> 
> ... Alternatively we can take the offender down from here ;-}

Great, I've got a whole slew of these from Korean and Chinese machines. 
We know from the spamwars how well abuse departments work in these
places, evem if you can manage to make yourself understood.

-- 
mike

Re: black hat hackers

[David Cantrell]

On Wed, Jan 09, 2002 at 06:49:49PM +, Greg McCarroll wrote:
> So for 2 days now I've been portscanned and attacked by CGI
> vunerability "tewls" from the same address 217-35-113-70. I'm start to
> get a bit irritated, so what advice do people have for me? Baring in
> mind I'm with the same ISP as the attacker (or at least the attackers
> IP)
> 
> It's a BT openworld IP which I am also a member of, so i've already
> contacted [EMAIL PROTECTED] , however they suggest I contact the
> cops.

So do it, and tell them that BT Openworld refused to do anything about it
when they a) are providing the luser's connectivity and b) were given
notice.  (Lawrence Godfrey)++ :-)

> I'm writing to london.pm for two reasons, 
> 
> 1.) advise, do you think i should just ignore it and accept it as
>   just one of those things that happen on the 'Net

Yes, I would.  I get kiddies hitting me occasionally.  They find nothing
interesting and go away.  Your retaliatory scans (I think it was you that
mentioned doing that?) will have made you a more interesting target.

Remember, kiddies do this because they are bored.  Make yourself boring.

> or am i gonna be a total git when i get the cops involved? 

I wouldn't hold it against you :-)

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

  There is no sigmonster

Re: diagrams

[David Cantrell]

On Wed, Jan 09, 2002 at 06:08:49PM +, [EMAIL PROTECTED] wrote:
> Why am I drawing class diagrams based on code?
> 
> Didn't I buy a computer to extract this sort of information for me?

This would be where Aaron pipes up "autodia!".

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

 If a job's worth doing, it's worth dieing for

Re: [Boston.pm] dotbomb crosspost

[Elaine -HFB- Ashton]

Dan Sugalski [[EMAIL PROTECTED]] quoth:
*>
*>At the moment it won't make much difference. The only O'Reilly person 
*>involved is Nat. There are OSCon issues potentially, but they wouldn't keep 
*>running conventions, and adding more (BioCon, P2PCon, at least) if they 
*>weren't showing a profit from 'em.

TPC lost money last year from what I understand. 16 people is a lot in
such a small company to begin with so unless things pick up quite a bit it
wouldn't be all that surprising to see ORA postpone or nix the OSCon this
year in favour of regrouping for next year. We just lost a whole group of
people today too...it's going to be a long rough year economically for a
lot of companies. 

*>Rumors of our demise are greatly exaggerated. NL's just shutting down 
*>unpaid access to the web database. I've a press release somewhere if 

Well, that's good news :)

e.

Re: black hat hackers

[Jonathan Stowe]

On Wed, 9 Jan 2002, Greg McCarroll wrote:

>
> It's a BT openworld IP which I am also a member of, so i've already
> contacted [EMAIL PROTECTED] , however they suggest I contact the
> cops.


That's lame - point them to their AUP and tell them to sort it out ...

... Alternatively we can take the offender down from here ;-}

/J\

Re: black hat hackers

[the hatter]

On Wed, 9 Jan 2002, Greg McCarroll wrote:

> It's a BT openworld IP which I am also a member of, so i've already
> contacted [EMAIL PROTECTED] , however they suggest I contact the
> cops.

If it looks like automated stuff (repeated nimda/code red/etc scans) then
maybe contact abuse@bt again and make it clear that you doubt the user is
aware of this, and that it puts their network at risk, both by it being
able to participate in DoS attacks, and by also actively trying to infect
other bt users machines, thus potentially causing even more trouble on bts
network.  If you're feeling particularly generous, then enclose a
suggested mail for them to send to the customer on what has happened to
their machine, how to fix it, and how to stop it happening again (3 URLs
for other peoples docs, that is)  Although useful in itself, I would hope
that it will also get your mail past 1st line support, and up to someone
who might actually care.

More direct alternatives, such as netsend'ing the user a message that
their machine has been hacked, or using the holes which an infected
machine has to alert the user in some other way (log in, remove adsl
driver ?  or change their subnet mask to not include you (though I'm not
sure if the worms target your actual subnet, or just anything on the same
/24), leave a few batch files or rude messages around for the user, or
some helpful hints ?)  Be creative, if bt aren't being cooperative.

> BT have advised me to contact the cops, i don't want to do this but
> i'm talking to my wife about it at the moment.

Like you guess, it's unlikely to get very far, unless a lot of people are
making some noise about it (maybe even enough for bt to change their
stance and be a bit more helpful ?  ntl or telewest were reportedly
pulling the connection on anyone whose machine was nimda scanning)
 
> 1.) advise, do you think i should just ignore it and accept it as
>   just one of those things that happen on the 'Net

If it was somewhere remote, as a fair chunk of scans will be, then I'd
live with it as long as it's not likely to cause you any damage.  However
people on your subnet are people with very fast access to your machine,
and the potential to make openworld a slow service.
 
> 2.) because i gave my IP address to this list (for xfrisk reasons)
>   just a few hours before i can't help wondering if it is someone
>   on this list or someone who reads it in an archive

Possible but unlikely.  That said, I'd guess you can drop your dhcp lease
and pick up a new IP, then only give it out to people who ask you directly
for it.


the hatter

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[David Cantrell]

On Wed, Jan 09, 2002 at 02:57:55PM +, robin szemeti wrote:
> On Wednesday 09 January 2002 14:26, Mark Fowler wrote:
> > If I choose to do a full
> > backup of my box via dump and ssh, it may take a day or so, but it'll do
> > it for free. 
> rsync -avuv -e ssh  \
>   my.host.somwhere.com:/  \
>   /backups/somewhere_com/

One thing to bear in mind is that while rsync -a does preserve permission
bits, it does *not* preserve owner and group information.  When I do my
backups, I do ...

ls -AlR /bin /boot /etc [tum to tum[ > /ls -Alr
rsync ...

so that I have a record.  I could use tar to pack all the data up, complete
with ownership information, but of course, then I would be backing up a
load of unchanged data which is wasteful of bandwidth.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

This is a signature.  There are many like it but this one is mine.

Re: Fantasy Film League

[David Cantrell]

On Wed, Jan 09, 2002 at 01:11:41PM +, Greg McCarroll wrote:
> * David Cantrell ([EMAIL PROTECTED]) wrote:
> > Considering that they have already done all the shooting for LotR 1 2 and 3,
> > they do have the time to make other flims.
> damn cunning, damn cunning that man. you would make an excellent
> mornington crescent player Sir!

Why thankyou.

Canada Water (mwuhahahaha)

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

   23.5 degrees of axial tilt is the reason for the season

Re: high fidelity

[hipps]

Pulled from Chris Benson's mail (Sun, Jan 06, 2002 at 11:13:08PM +):
> On Sun, Jan 06, 2002 at 09:49:11PM +, Greg McCarroll wrote:
> > * Greg McCarroll ([EMAIL PROTECTED]) wrote:
> > > 
> > > So top 5 films for london.pm .. ;-)
> > > 
> > 
> > Ack, I mean't to say top 5 songs (damn)
> 

Hmmm. At this moment:

  - Solitary Man (Johnny Cash, American III, 2001). 
  (Written by Neil Diamond)
  - Who Knows Where the Time Goes (Fairport Convention, Unhalfbricking[0], 1969)
  - Anthem (Roky Erickson, Gremlins Have Pictures, Recorded 1976)
  - Sabotage (Beastie Boys, Ill Communication, 1994)
  - Search and Destroy (Iggy and the Stooges, Raw Power, 1973)

Oh, except it's changed already. Damn.
-- 
Alex Hooper

Re: hmmm, i was just thinking

[anathema]

David H. Adler <[EMAIL PROTECTED]> wrote:
>Personally I've always been fond of someone's sigfile that had "I am the
>Hamster, and you will obey me!"

Squeak!
--
http://www.the-anathema.org
She looked like something that might have occurred to Ibsen in one of
his less frivolous moments.  - P. G. Wodehouse

Re: black hat hackers

[Steve Mynott]

Greg McCarroll <[EMAIL PROTECTED]> writes:

> So for 2 days now I've been portscanned and attacked by CGI
> vunerability "tewls" from the same address 217-35-113-70. I'm start to
> get a bit irritated, so what advice do people have for me? Baring in
> mind I'm with the same ISP as the attacker (or at least the attackers
> IP)

I would just forget it.  

The chances of anyone (police, ISP) being interested is quite frankly
low unless real (monetary) harm can be demonstrated.  How do you know
that UK ip address hasn't been hacked by someone aboard?  What are the
chances of some 14 year old boy in Korea being arrested unless he has
been messing with .mils?

If you put a random box on the net it seems to attract (last time I
checked) about the order of 10 port scans/windowish CGI exploit
attempts a day.

With worms, automated and distributed attack tools and scanners (with
their own userland networking stacks optimised for speed) which can
scan 10 hosts/sec so I can only see this problem getting worse.

Packet filtering is the only action you can take.  The script kiddies
will eventually grow up and become programmers anyway.

-- 
Steve Mynott <[EMAIL PROTECTED]>

Re: black hat hackers

[Chris Devers]

On Wed, 9 Jan 2002, Chris Benson wrote:

> If you're running iptables and don't mind wasting bandwidth, try 
>   -s  -j MIRROR
> 'cuz this seems like an ideal use for it ... it might even stop when it
> recognizes 'another' owned machine.
 
If they're hitting Apache, you can do something like:

RedirectMatch /(.*\.exe.*) http://127.0.0.1/$1

...which should, theoretically, have the hijacked machine trying to
further en-hijack itself (provided that you aren't legitimately serving
any Windows executables -- just zip anything meant for download). Not sure
if it'll work as intended, but it should deflect some traffic anyway...



-- 
Chris Devers

"People with machines that think, will in times of crisis, 
make up stuff and attribute it to me" - "Nikla-nostra-debo"

Re: black hat hackers

[Chris Benson]

On Wed, Jan 09, 2002 at 07:21:19PM +, robin szemeti wrote:
> 
> if they *are* hackers feel free to have them shot .. slowly.

Nah, shooting's too good for them.  one joint at a time with a blunt
spoon.

If you're running iptables and don't mind wasting bandwidth, try 
-s  -j MIRROR
'cuz this seems like an ideal use for it ... it might even stop when it
recognizes 'another' owned machine.
-- 
Chris Benson

Re: black hat hackers

[Robert Shiels]

From: "robin szemeti" <[EMAIL PROTECTED]>

> On Wednesday 09 January 2002 18:49, Greg McCarroll wrote:
>
> > BT have advised me to contact the cops, i don't want to do this but
> > i'm talking to my wife about it at the moment.
>
> well ... personally I'd just drop a ipchains rule in as I do with all the
> others ...
>
> FWIW it is *unlikely* that they even know they are doing this .. its no
doubt
> an infected M$ machine thats simply scanning all the host on the same
subnet
>
I'm on BT Openworld, and a windows luser, though I don't have a  permanent
IP as it's the surf anytime package so I don't think it's me messing with
Greg. I am online nearly all day though.

How could I find out if it was my machine doing the nasty stuff?

And also, how would I know if someone was trying to hack into my machine?

/Robert

PS - agree with robin, what are the police going to do anyway.

Re: black hat hackers

[Tom Insam]

On Wed, Jan 09, 2002 at 07:21:19PM +, robin szemeti wrote:
> if your scans and probes look like ...
> 

--snip some nimda rubbish--
> [2] scripts/..?%pc../winnt/system32/cmd.exe
--snip some nimda rubbish--

> its just nimda doing its thing .. windows lusers, ignore em, lifes too short

..or, if you're in a bad mood, you can assume that one of the above paths
/does/ exist on their computer. It is, of course, a remote admin shell. Not
that I'm suggesting anything.

Tom

black hat hackers

[Greg McCarroll]

So for 2 days now I've been portscanned and attacked by CGI
vunerability "tewls" from the same address 217-35-113-70. I'm start to
get a bit irritated, so what advice do people have for me? Baring in
mind I'm with the same ISP as the attacker (or at least the attackers
IP)


It's a BT openworld IP which I am also a member of, so i've already
contacted [EMAIL PROTECTED] , however they suggest I contact the
cops.

The person in question hasn't really done any harm, sure I can
probably do them for loss of earnings due to the time i've had to
devote to watching them, but they haven't deleted anything yet.

BT have advised me to contact the cops, i don't want to do this but
i'm talking to my wife about it at the moment.

I'm writing to london.pm for two reasons, 

1.) advise, do you think i should just ignore it and accept it as
  just one of those things that happen on the 'Net

and

2.) because i gave my IP address to this list (for xfrisk reasons)
  just a few hours before i can't help wondering if it is someone
  on this list or someone who reads it in an archive

anyway i'd like advice or in an ideal world the person to come
forward, raise their hand and buy me a beer and not do it again,

or am i gonna be a total git when i get the cops involved? 

all opinions welcome

Greg

   

-- 
Greg McCarroll http://217.34.97.146/~gem/

Re: hmmm, i was just thinking

[David H. Adler]

On Wed, Jan 09, 2002 at 10:21:11AM -, Robert Price wrote:
> Dave Cross wrote:
> 
> [snipped the idea about making a Dr Who episode]
> 
> >You can only do this if I get to play the Master :)
> 
> 
> Totally the wrong attitude, the right candidate to play the Master would of
> said, "I _AM_ the Master, and you will obey!". No arguments or discussion
> about it.

Canonically, it tends to be "...you will obey me!".  But that's just a
nitpick.

Personally I've always been fond of someone's sigfile that had "I am the
Hamster, and you will obey me!"

dha
-- 
David H. Adler - <[EMAIL PROTECTED]> - http://www.panix.com/~dha/
"You're quite free to convert your strings to byte arrays and do the
entire pattern tree by hand in pure logic code if you'd like.  By the
time you finish most of the rest of us will be doing contract work on
Mars."  - Zenin on comp.lang.perl.misc

Re: diagrams

[Alex Gough]

On Wed, 9 Jan 2002 [EMAIL PROTECTED] wrote:

> Why am I drawing class diagrams based on code?
>
> Didn't I buy a computer to extract this sort of information for me?
>

*cough* GraphViz *cough*

Even works for OO-Fortran...

Alex Gough

Re: high fidelity

[Lucy McWilliam]

On Mon, 7 Jan 2002, Barbie [home] wrote:

> > > 1) Nkosi Sikelel' iAfrika
>
> I got to hear of the song because of Peter Gabriel, when I started finding
> out who Steve Biko was back in 1980. Needless to say it impressed the hell
> out of me then and still moves me when I hear even now.

The student union building in Manchester is named after Steve Biko.


L.
Very very tired.

dotbomb crosspost

[Chris Devers]

Ok, so I never look at F*ckedcompany & maybe that's a good thing, but I'm
looking right now and they're running two rumors of interest:

 * O'Reilly are laying off 16 people
   Are they in trouble? In danger? What would the repurcussions of this
   be? They seem to be pretty big advocates (biggest?) of a lot of the 
   open source stuff, particularly Perl. These projects may not end if
   O'Reilly suffers or disappears, but they might be impeded badly, no?

 * NorthernLight may be shutting down
   Doesn't Dan Sugalski work there? Will this impact Parrot/Perl6? Or
   will the sponsorship thing help out here (in a recession, when not
   as many people are going to be able to donate, and there will be 
   two sponsored developers this time around)?


-- 
Chris Devers, worried that I might have to give VB another look... :(

"People with machines that think, will in times of crisis, 
make up stuff and attribute it to me" - "Nikla-nostra-debo"

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Dominic Mitchell]

Tom Hukins <[EMAIL PROTECTED]> writes:
> That's fine if you're working with a typical filesystem, but what if
> you're working with database tables?  I'd normally dump the tables to
> a file and backup the dump.  However, I guess you'd end up rsyncing
> the whole database if you did this.  I guess you could archive
> transaction logs, but for a frequently changing database the logs will
> get quite large.

Like you say, dump the tables to a file.  Then use rsync on the dump
file.

Of course, one must also remember to /not/ rsync the actual database. :)

-Dom

-- 
| Semantico: creators of major online resources  |
|   URL: http://www.semantico.com/   |
|   Tel: +44 (1273) 72   |
|   Address: 33 Bond St., Brighton, Sussex, BN1 1RD, UK. |

RE: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Ivor Williams]

Tom Hukins [mailto:[EMAIL PROTECTED]] wrote:

> That's fine if you're working with a typical filesystem, but what if
> you're working with database tables?  I'd normally dump the tables to
> a file and backup the dump.  However, I guess you'd end up rsyncing
> the whole database if you did this.  I guess you could archive
> transaction logs, but for a frequently changing database the logs will
> get quite large.

> Any alternatives?

The database vendor will provide tools to sync and backup databases.
Depending on the level of sophistication required, this can be done by
offlining a mirror copy of the database - needed for 24x7 availability if
this is a requirement.

The database usually also provides open transaction recovery journalling,
and after image journalling. The former permits the database to be rolled
back to a consistent state in the event of a system failure, and the latter
allows replay of transactions from a sync point (a backup snapshot).

Don't know if this helps. I suggest looking on the DB vendor's website for
more technical info.

Ivor.


---
The information contained in this e-mail is confidential and solely 
for the intended addressee(s). Unauthorised reproduction, disclosure, 
modification, and/or distribution of this email may be unlawful. If you 
have received this email in error, please notify the sender immediately 
and delete it from your system. The views expressed in this message 
do not necessarily reflect those of LIFFE (Holdings) Plc or any of its 
subsidiary companies.
---

Fwd: Re: TWYD

[Simon Wistow]

Sounds like an experiment for the next social meet :)

- Forwarded message from 300list -

Date: Wed, 9 Jan 2002 15:25:14 -
To: 
Subject: Re: TWYD

> On a related topic, I was quite pleasantly surprised when, combining
> Guinness and redbull in a drunken experiment, it tasted quite nice.
> Does it have a name?

Black ball?

Martin


- End forwarded message -

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Tom Hukins]

On Wed, Jan 09, 2002 at 02:57:55PM +, robin szemeti wrote:
> On Wednesday 09 January 2002 14:26, Mark Fowler wrote:
> > If I choose to do a full
> > backup of my box via dump and ssh, it may take a day or so, but it'll do
> > it for free. 
> 
> once you get sorted with rsync you'll never need to do this ...
> 
> because rsync only copies down the changed bits, you can do it pretty much as 
> often as you like with no huge bandwidth penalty ... 

That's fine if you're working with a typical filesystem, but what if
you're working with database tables?  I'd normally dump the tables to
a file and backup the dump.  However, I guess you'd end up rsyncing
the whole database if you did this.  I guess you could archive
transaction logs, but for a frequently changing database the logs will
get quite large.

Any alternatives?

Tom

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Mark Fowler]

On Wed, 9 Jan 2002, David Cantrell wrote:

> I backup my server by rsync.  That accounts for well under 100Mb of
> traffic a day.  WELL under.  It's only the biggest most insane days that
> go above that.  Most days it's more like 20Mb.

Cool.  I shall definatly be bothering you for help with that then... ;-) 
On the most insane day I create well over 10MB of data.  On an average day 
I probably get at least half a megabyte of mail alone...

I guess what I'm worried about is potential billing for unplanned useage.  
I like the fact with my current deal that I can use as much bandwidth as I 
am able to and it won't effect my billing.   If I choose to do a full 
backup of my box via dump and ssh, it may take a day or so, but it'll do 
it for free.  If I want to run X off my box, then it's a little slow but 
works for emacs.  If I want to fetch 100MB file to my box and then scp it 
down (as blue younder's transproxy is being shite) then I can...

Maybe I'm being stuck in my ways.  Maybe I just need to learn to be a bit 
more conservative over my bandwidth useage.

For the record, I've done lots and lots of looking around on the net, and 
blackcatsnetworks are pretty competative.  dipsy knows about my results 
(keyed under "$isp" or "$isp cost") if you want to look.

*sigh*

Mark.

-- 
s''  Mark Fowler London.pm   Bath.pm
 http://www.twoshortplanks.com/  [EMAIL PROTECTED]
';use Term'Cap;$t=Tgetent Term'Cap{};print$t->Tputs(cl);for$w(split/  +/
){for(0..30){$|=print$t->Tgoto(cm,$_,$y)." $w";select$k,$k,$k,.03}$y+=2}

Re: Fantasy Film League

[Dave Cross]

On Wed, Jan 09, 2002 at 12:39:25PM +, Tony Kennick ([EMAIL PROTECTED]) wrote:
> 
> On Wed, 9 Jan 2002 10:32:23 +
> Dave Cross <[EMAIL PROTECTED]> wrote:
> 
> > On Wed, Jan 09, 2002 at 10:16:07AM +, Greg McCarroll 
>([EMAIL PROTECTED]) wrote:
> > > There are two questions to that then, is there a Matrix movie out this
> > > summer, and does it have a certain elven lord in it.
> > 
> > There's also the second X-Men movie that may well star a certain wizard :)
> 
> And episode 2 of a certain saga that definitely has got a wizard in
> it...

Er... different Wizard I think.

Dave...

-- 

  "Don't you boys know any _nice_ songs?"

Re: Fantasy Film League

[Greg McCarroll]

* David Cantrell ([EMAIL PROTECTED]) wrote:
> On Wed, Jan 09, 2002 at 09:39:34AM +, Dave Cross wrote:
> > On Wed, Jan 09, 2002 at 03:56:00AM -0500, Andy Williams ([EMAIL PROTECTED]) wrote:
> > > Probably something to do with having nearly all the cast of Lord of the
> > > Rings I think :)
> > It's a risky strategy. Guaranteed a huge scroe in the first few weeks and
> > another small boost at the end of the year, but will the actors do anything
> > in the middle of the year?
> 
> Considering that they have already done all the shooting for LotR 1 2 and 3,
> they do have the time to make other flims.
> 

damn cunning, damn cunning that man. you would make an excellent
mornington crescent player Sir!

-- 
Greg McCarroll http://217.34.97.146/~gem/

Re: Fantasy Film League

[Tony Kennick]

On Wed, 9 Jan 2002 10:32:23 +
Dave Cross <[EMAIL PROTECTED]> wrote:

> On Wed, Jan 09, 2002 at 10:16:07AM +, Greg McCarroll 
>([EMAIL PROTECTED]) wrote:
> > There are two questions to that then, is there a Matrix movie out this
> > summer, and does it have a certain elven lord in it.
> 
> There's also the second X-Men movie that may well star a certain wizard :)

And episode 2 of a certain saga that definitely has got a wizard in
it...


-- 
Tony Kennick
TechnoPhobia Limited.
Phone: +44 (0)114 2212123  Fax: +44 (0)114 2212124
Email: [EMAIL PROTECTED]
WWW: http://www.technophobia.com
Registered in England and Wales Company No. 3063669
VAT registration No. 598 7858 42

The contents of this e-mail are confidential to the addressee and are
intended solely for the recipients use. If you are not the addressee, you
have received this e-mail in error. Any disclosure, copying, distribution or
action taken in reliance on it is prohibited and may be unlawful.

Any opinions expressed in this e-mail are those of the author personally and
not TechnoPhobia Limited who do not accept responsibility for the contents
of the message.

All e-mail communications, in and out of TechnoPhobia, are recorded for
monitoring purposes.

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Steve Mynott]

Mark Fowler <[EMAIL PROTECTED]> writes:

> 155*1024*1024/256/60/60/24 = 7.348 days at maximum transfer rate to become 


s/1024/1000/g


-- 
Steve Mynott <[EMAIL PROTECTED]>

Re: Damn Hackers

[Steve Mynott]

David Cantrell <[EMAIL PROTECTED]> writes:

> On Tue, Jan 08, 2002 at 08:19:09PM +, Chris Benson wrote:
> > On Tue, Jan 08, 2002 at 07:10:55PM +, David Cantrell wrote:
> > > On Tue, Jan 08, 2002 at 08:42:49AM -0500, Andy Williams wrote:
> > > > Can anyone think of anything else?
> > > Once a machine has been rooted you can not trust it.  Wipe it, reinstall
> > > from scratch or from known-good backups.
> > Amen. 
> 
> I did miss out one crucial step - take an image of the disk so you can
> analyse it in the safety of either an un-networked machine or at least
> a tool like Virtual PC or VMware, firewalled to buggery and back.  It
> can be very educational.



although usually you will just find binaries of exploits and backdoors
with irc bouncers and irc bots and the like.

-- 
Steve Mynott <[EMAIL PROTECTED]>

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[David Cantrell]

On Wed, Jan 09, 2002 at 10:51:20AM +, the hatter wrote:
> On Wed, 9 Jan 2002, Mark Fowler wrote:
> 
> > Assuming 1GB of actual data backed up once a week (both to and from 
> > box)
> 
> You're really not wanting to do that, I suspect.

I backup my server by rsync.  That accounts for well under 100Mb of
traffic a day.  WELL under.  It's only the biggest most insane days that
go above that.  Most days it's more like 20Mb.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

 If a job's worth doing, it's worth dieing for

Re: Fantasy Film League

[David Cantrell]

On Wed, Jan 09, 2002 at 09:39:34AM +, Dave Cross wrote:
> On Wed, Jan 09, 2002 at 03:56:00AM -0500, Andy Williams ([EMAIL PROTECTED]) wrote:
> > Probably something to do with having nearly all the cast of Lord of the
> > Rings I think :)
> It's a risky strategy. Guaranteed a huge scroe in the first few weeks and
> another small boost at the end of the year, but will the actors do anything
> in the middle of the year?

Considering that they have already done all the shooting for LotR 1 2 and 3,
they do have the time to make other flims.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

 Gehyrst þu, sælida, hwæt þis folc segeð? 
 Hi willað eow to gafole garas syllan, 
 ættrynne ord and ealde swurd, 
 þa heregeatu þe eow æt hilde ne deah. 
-- Brithnoth

Re: Fantasy Film League

[Roger Burton West]

On Wed, Jan 09, 2002 at 10:16:07AM +, Greg McCarroll wrote:

>There are two questions to that then, is there a Matrix movie out this
>summer, and does it have a certain elven lord in it.

In order, no and yes:

http://www.imdb.com/Title?0234215
http://www.imdb.com/Title?0242653

Roger

-- 
He's a lounge-singing drug-addicted cop fleeing from a secret
government programme. She's a bloodthirsty out-of-work snake charmer
with a birthmark shaped like Liberty's torch. They fight crime!

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Mark Fowler]

On Wed, 9 Jan 2002, the hatter wrote:

> I'm guessing that if you had
> somewhere with enough bandwidth to spare for anything bigger than that,
> then you wouldn't be looking for a colo elsewhere. 

Nope.  Bandwidth is easy, serving from it less so. And note that I said 
backups *to* and from the box.

a) Direct backup to and from other co-lo boxes (to be negotiated)
b) Backup using idle bandwidth at work (where we have very fat pipes)

Later.

Mark.

-- 
s''  Mark Fowler London.pm   Bath.pm
 http://www.twoshortplanks.com/  [EMAIL PROTECTED]
';use Term'Cap;$t=Tgetent Term'Cap{};print$t->Tputs(cl);for$w(split/  +/
){for(0..30){$|=print$t->Tgoto(cm,$_,$y)." $w";select$k,$k,$k,.03}$y+=2}

Re: Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[the hatter]

On Wed, 9 Jan 2002, Mark Fowler wrote:

> Assuming 1GB of actual data backed up once a week (both to and from 
> box)

You're really not wanting to do that, I suspect.  If you're actually
getting 64k/sec between your colo and your backup server, that'll take >24
hours (64k/s for a whole month works out as about 20GB)  If you happen to
have fast networked machines elsewhere, and can get say 256k/s then
obviously that reduces to a mere 6 hours.  I'm guessing that if you had
somewhere with enough bandwidth to spare for anything bigger than that,
then you wouldn't be looking for a colo elsewhere.  Tape is your friend,
leave them a box of tapes and a box of prepaid envelopes, get them to post
you one when you feel the need for an off-site backup.  Or host somewhere
you can drop in on and pick up the backups yourself.


the hatter

Re: London.pm List Weekly Summary 2001-12-31

[Dominic Mitchell]

robin szemeti <[EMAIL PROTECTED]> writes:

> On Tuesday 08 January 2002 20:29, Dave Hodgkinson wrote:
> > Leon Brocard <[EMAIL PROTECTED]> writes:
> > > On of the Daves asked about how anti-spam technologies are going
> > > thesedays. Razor looks interesting, as does spam assassin:
> > > http://razor.sourceforge.net/
> > > http://spamassassin.taint.org/
> >
> > FEATURE(dnsbl,`bl.spamcop.net')dnl
> 
> ooh .. you just reminded me the happy few hours I spent once discovering that 
> m4 needs `...' around args and if you put '...' it just silently ignores them 
> ..  top fun.

It's all in the man page...

Useful link if you want to find out more about Unix tools:

http://www.cs.bell-labs.com/7thEdMan/

Contains the original papers on m4, lex, yacc, make and so on.

-Dom

-- 
| Semantico: creators of major online resources  |
|   URL: http://www.semantico.com/   |
|   Tel: +44 (1273) 72   |
|   Address: 33 Bond St., Brighton, Sussex, BN1 1RD, UK. |

Patterns in Perl : decorator model

[Ivor Williams]

Nigel

I have been looking at the "decorator" model, and I would do it differently.

Instead of using inheritance, I would use AUTOLOAD to implement
quasi-inheritance. The relation is "Emulates" rather than "ISA". Does your
design model have to be language independent, or can we use perl specific
stuff like AUTOLOAD?

Attached is an example (factor.pl, bignum.pm, strnum.pm) of this
quasi-inheritance. As an exercise and alternative to Math::BigInt, I wanted
a quickly implementable representation for arbitrarily large positive
integers. I knocked this up first as strnum (objects are digit strings), but
wanted something more fast and juicy: bignum (objects are arrays of ints),
which required more human programming effort.

Having strnum available first meant that I could prototype all the methods
needed for a bignum object, and code them one by one, while having a working
application at all stages. This is called the evo methodology. bignum has an
AUTOLOAD method which makes a strnum object, calls the corresponding method
and unwraps the return value if this is an object reference.

There are a few assumptions here, but it would be possible to do something
more generic, particularly for methods which pass and return different
object of different classes, but you get the idea.

Coming back to your "decorator" model. I suggest implementing your debug
class as follows. This is generic and can be used with any classes, and
copes with arbitrarily complex arguments and return values.

#---

# calling code (all you need to do for each class)

package foo::Debug;
use MethodTracer;
@ISA = qw(MethodTracer);

   .
   .

$fred = new foo:Debug(@blah);   # was new foo(@blah)
foo:Debug->debug(1) # Turn on debugging of foo objects

#---

MethodTracer.pm

# This is called via inheritance to construct an object
# of class blah::blah::Debug. This assumes that the "real"
# class is called blah::blah

package MethodTracer;
use Data::Dumper;

sub new
{
my ($pkg) = @_;

$pkg =~ /\:\:\w+$/;
my $underly = $`;

$underly::new(@_);  # relies on constructor respecting package
param
}

sub debug   # get and set debug at a class level
{
my $pkg = shift;

@_ ? (${$pkg}::_debug = shift) : ${$pkg}::_debug;
}

sub DESTROY
{
1;  # to stop AUTOLOAD being called
}

sub AUTOLOAD
{
my ($self,@args) = @_;

my $method = $AUTOLOAD;
$method =~ s/\:\:Debug//;
my $pkg = ref $self;

print "called $method. Parameters:",Dumper(@args) if
${$pkg}::_debug;

if (wantarray)
{
my @rv = &$method(@_);
print "Return from $method. List context,
values:",Dumper(@rv)
if ${$pkg}::_debug;
@rv;
} else
my $rv = &$method(@_);
print "Return from $method. Scalar context,
returned:",Dumper($rv)
if ${$pkg}::_debug;
$rv;
}
}

1;

#--

I intend to go to tonight's meeting.

C U There.

Ivor.

-Original Message-
From: Nigel Wetters [mailto:[EMAIL PROTECTED]]
Sent: 08 January 2002 17:12
To: [EMAIL PROTECTED]
Subject: Patterns in Perl reminder


Study group starts tomorrow. For details, see 
http://london.pm.org/pipermail/london.pm/2002-January/007171.html



_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




---
The information contained in this e-mail is confidential and solely 
for the intended addressee(s). Unauthorised reproduction, disclosure, 
modification, and/or distribution of this email may be unlawful. If you 
have received this email in error, please notify the sender immediately 
and delete it from your system. The views expressed in this message 
do not necessarily reflect those of LIFFE (Holdings) Plc or any of its 
subsidiary companies.
---



bignum.pm
Description: Binary data


factor.pl
Description: Binary data


strnum.pm
Description: Binary data

Re: Fantasy Film League

[Dave Cross]

On Wed, Jan 09, 2002 at 10:16:07AM +, Greg McCarroll ([EMAIL PROTECTED]) 
wrote:
> * Dave Cross ([EMAIL PROTECTED]) wrote:
> > 
> > It's a risky strategy. Guaranteed a huge scroe in the first few weeks and
> > another small boost at the end of the year, but will the actors do anything
> > in the middle of the year?
> > 
> 
> There are two questions to that then, is there a Matrix movie out this
> summer, and does it have a certain elven lord in it.

There's also the second X-Men movie that may well star a certain wizard :)

Dave...

-- 

  Drugs are just bad m'kay

RE: hmmm, i was just thinking

[Robert Price]

Dave Cross wrote:

[snipped the idea about making a Dr Who episode]

>You can only do this if I get to play the Master :)


Totally the wrong attitude, the right candidate to play the Master would of
said, "I _AM_ the Master, and you will obey!". No arguments or discussion
about it.

Rob






** For great Emap magazine subscription & gift offers visit 
http://www.emapmagazines.co.uk **


The information in this email is intended only for the addressee(s) named above.
Access to this email by anyone else is unauthorised.
If you are not the intended recipient of this message any disclosure, copying, 
distribution or any action taken in reliance on it is prohibited and may be unlawful. 

Emap plc and or its subsidiaries do not warrant that any attachments are free from 
viruses or other defects and accept no liability for any losses resulting from 
infected email transmissions.

Please note that any views expressed in this email may be those of the originator 
and do not necessarily reflect those of this organisation.

Co-lo, was Re: London.pm List Weekly Summary 2001-12-31

[Mark Fowler]

On Wed, 9 Jan 2002, Chris Ball wrote:

> Mark mentions looking for co-lo at a price/scheme similar to Mailbox's.
> I'd recommend http://blackcatnetworks.co.uk/colo.html - AIUI, it's in
> RedBus and at the same price as Mailbox's deal.  The Black Cat people
> are nice, too.

I assume you mean http://www.blackcatnetworks.co.uk/colo.html

50ukp/m x 12 = 600 ukp/a
mailbox cost = 775 ukp/a (375 + 250 + 150)

775 - 600 = 175 ukp to spend on extra bandwidth
175 / 5ukp/Gb = 35Gb extra bandwidth

12*10GB = 120GB free transfer = 155Gb transfer before black cats are 
  more expensive

155*1024*1024/256/60/60/24 = 7.348 days at maximum transfer rate to become 
more expensive

Hmm.  Not bad...but...

Assuming 1GB of actual data backed up once a week (both to and from 
box)

1GB = 8Gb
155Gb/8Gb = 20 weeks till bandwidth limit exceeded.

Arse.

Mark.

(Yes, yes, I know I can use rsync to somewhat reduce the bandwidth use, 
but I haven't even counted mail and web and other use yet)

-- 
s''  Mark Fowler London.pm   Bath.pm
 http://www.twoshortplanks.com/  [EMAIL PROTECTED]
';use Term'Cap;$t=Tgetent Term'Cap{};print$t->Tputs(cl);for$w(split/  +/
){for(0..30){$|=print$t->Tgoto(cm,$_,$y)." $w";select$k,$k,$k,.03}$y+=2}

Re: Fantasy Film League

[Greg McCarroll]

* Dave Cross ([EMAIL PROTECTED]) wrote:
> 
> It's a risky strategy. Guaranteed a huge scroe in the first few weeks and
> another small boost at the end of the year, but will the actors do anything
> in the middle of the year?
> 

There are two questions to that then, is there a Matrix movie out this
summer, and does it have a certain elven lord in it.

Greg

-- 
Greg McCarroll http://217.34.97.146/~gem/

Re: Fantasy Film League

[Dave Cross]

On Wed, Jan 09, 2002 at 03:56:00AM -0500, Andy Williams ([EMAIL PROTECTED]) wrote:
> On Tue, 8 Jan 2002, David Cantrell wrote:
> 
> > The results for the first week are in.  One of us is the first-placed
> > producer overall!
> >
> > http://www.fantasyfilmleague.com
> >
> 
> Probably something to do with having nearly all the cast of Lord of the
> Rings I think :)

It's a risky strategy. Guaranteed a huge scroe in the first few weeks and
another small boost at the end of the year, but will the actors do anything
in the middle of the year?

Dave...

-- 

  .sig missing...

Re: hmmm, i was just thinking

[Greg McCarroll]

* David H. Adler ([EMAIL PROTECTED]) wrote:
> > dha i reckon should be the doctor,
> 
> *blush*
> 

well, it would be a bit like london.pm hiring a big f.o. tank and not
letting evil dave drive it

Greg

-- 
Greg McCarroll http://217.34.97.146/~gem/

Re: Damn Hackers

[Jonathan Stowe]

On Tue, 8 Jan 2002, David Cantrell wrote:

> On Tue, Jan 08, 2002 at 08:42:49AM -0500, Andy Williams wrote:
> > Just to let you guys know what this Medanhacking group had done to my
> > mates server this is what I found (so far :)
> >
> > [snip]
> >
> > Can anyone think of anything else?
>
> Once a machine has been rooted you can not trust it.  Wipe it, reinstall
> from scratch or from known-good backups.
>

We have rooted boxes on the shelf in the secure store at work 


/J\

Re: hmmm, i was just thinking

[David H. Adler]

On Tue, Jan 08, 2002 at 03:10:42PM +, Greg McCarroll wrote:
> * Dave Cross ([EMAIL PROTECTED]) wrote:
> > I know people who have actually done this before. They have (or, at least,
> > had) a TARDIS set and everything (paper plates stuck on a wall IIRC).
> > 
> > You can only do this if I get to play the Master :)
> > 
> 
> i reckon, if you gelled your hair back, got a dodgy moustache & goatie
> and put some dark powder below your eyes you could make a good master,
> mind you richard c. might also do well if he grew some hair shaved it
> into a "ming" shape and then dyed it black.

Of course, anyone playing the master will need an evil laugh, to go
along with the Beard of Evil(tm).

> dha i reckon should be the doctor,

*blush*

> i'm willing to bed he already has a costume in mind

Strangely, I've not given it any thought.  Maybe I can steal ideas at
the Gallifrey con next month... :-)

dha

-- 
David H. Adler - <[EMAIL PROTECTED]> - http://www.panix.com/~dha/
I believe myself to be the daughter of a one-eyed space robot named
Malcolm. -Fallon Young, http://www.bobbins.org/d/2915.html

Re: Fantasy Film League

[Andy Williams]

On Tue, 8 Jan 2002, David Cantrell wrote:

> The results for the first week are in.  One of us is the first-placed
> producer overall!
>
> http://www.fantasyfilmleague.com
>

Probably something to do with having nearly all the cast of Lord of the
Rings I think :)



Andy (Guilty of a few LOTR cast members and who is 2nd in the little
league)