I will be completely anit-war as soon as every other fucker on the planet is too. I am not holding my breath waiting for that. Peace through superior firepower.

example.com=192.168.0.1

No, there is all kinds of committe-decided shit that I have learned and forgotten and relearned 4 times in the last 12 years, that are necessary for your domain to “show up”. I swear, the people who write these specs are working for the union of people who have to admin this stuff.

I am writing this after looking at what intodns.com had to say about my domain. Arghhh. Try and get reverse lookups working if you are leasing a few IPs from a big provider – they either outright refuse, or insist upon you using BIND for some kind of zone updates. And the reverse lookup of your domain always is 192-168-0-1.ghetto.reseller.dumbshithosting.com

The current clusterfuck of DNS is unfortunately something we have to live with for a long time, like HTML, but DNS admin is always like having dental work done, but HTML is like a grilled cheese sandwich your girlfriend makes for you. I will end this post with that ridiculous analogy.

AusCERT UNIX and Linux Security Checklist v3.0 : http://www.auscert.org.au/5816
and
UNIX and Linux Security Checklist v3.0 Notes – Linux : http://www.auscert.org.au/5817

Helpful to know when “exploring” using nmap in hostile territory, if you know what I mean. (wink, wink, say no more!)

As far as I can tell it doesn’t have anything to do with syn floods and everything with either avoiding detection or attempting to learn what ports are actually open on a host.

I’ve never heard Eric Raymond rant about CUPS. BUt I would urge you to give Ubuntu a try. It is super slick out of the box. Easy to use, easier to hack, based on Debian, very active community, and the Ubuntu team has really moved linux from the server to the desktop. I’d advise you grab a copy of Hearty Heron ISO and install it (http://releases.ubuntu.com/hardy/ubuntu-8.04.1-desktop-i386.iso.torrent). I think I recall you saying you preferred KDE at one point, and they have a flavor that uses KDE instead of Gnome, called Kubuntu, but I cannot seem to find a torrent of it at the moment.

Since I started using Ubuntu, I use the system instead of coaxing it to do what I want it to, as I did with so many distros before. Really, I think you’d dig it. Redhat might be your standby, for servers or workhorse machines, but Ubuntu is really excelling at putting Linux on the desktop.

To this day, I select “print to file”, and save a postscript file, which I can then, on the command line, FTP it into my nice old LaserJet 2100M.

THAT is why Linux is not on every desktop, because it does not work as well as the Mac OS did in that regard, 24 years ago. At least it is as relable as the old Mac OS. And in my work, reliability trumps having glitzy tools. And I do not want to call H.K a glitzy tool, as long as he is not sporting a diamond earrring .

Yeah, the exit node op could sniff your traffic, but that’s all. Inner-node communication is encrypted, client connections are encrypted, so even if he DID sniff exit-node traffic, the data cannot be tied to you in any way. Remember, Tor uses onion routing, so each hop only knows about it’s single hop neighbors and no more.

Like the old programming adage, Garbage In, Garbage Out. Insecure in, insecure out.

If you are conducting anonymous communications, you do not want with whom you are conducting your anonymous communications with leaked to your local provider IT department.

While single pad is secure, but the thing that gets you in initial key exchange. You must transfer keys via secure channel, which in this day and age is pretty much only face to face in the shower with the radio blaring.

Thanks for the info, I have another page in my notebook.

I am not such a fan of TOR, because the exit node can still sniff your traffic and determine where you are connecting to; the sniffing is not such a big deal for SSH sesions, but still they know where you are talking. There was a case publicized about a year ago where some “researchers” ran an exit node and analyzed the traffic – not cool. But then again, it is a gaping hole in TOR.

It is funny to note that the research lab I used to work at blacklisted the TOR homepage, and if you tried to go there you got a warning page like you were trying to surf porn. And they probably paid good money for the block list. Oh well.

The whole tor-resolve thing seems a little weak; yeah, they don’t know the domain name of the machine you are connecting to, but unless it is some shared hosting site, with a zillion domains at that IP, how hard is a reverse DNS? Even so, in this age of Total Information Awareness, they probably already know what domain you are going to, and it is dutifully logged in an SQL database.

The thing that gets me is that there are technologies available for completely secure communications, but most people are too damn lazy to use them. They are very inconvenient, unfortunately.

Single pad, anyone? It is COMPLETELY secure, with the inconvenience of large key exchanges between sender and recipient that must be through a secure channel. That is the ONLY completely secure way to encode a message. How to completely securely hide the source and destination? That is the subject of another comment…

What’s that saying? “A fool and his money….”

I am happy to say that at the research lab I used to work at, old hard drives left that place lookling like aluminum rice.

I won’t even discuss the “recycling” of these computers that happen in 3rd world countries, where they burn huge piles of PVC insulated wire, to get to the copper underneath… melt down the aluminum hard drive cases over charcoal fires….scavenge the lead based solder in pans they later use for cooking…extract the gold plating with cyanide solutions, or even worse, liquid mercury.

But this in itself is not a bad thing… it is just a market indicator that market forces in developed countries need to get on top of this shit, and establish sound recycling processes.

Did you know that you can get more gold out of a ton of old cell phones, than a ton of contemporary gold ore at most mines?