Home |
Search |
Today's Posts |
#321
|
|||
|
|||
On Sat, 08 Jan 2005 02:06:25 -0500, Silvan
wrote: Ah, so he was a good one, because he _recognized_ that you knew where to go. It's the ones who tell you blatantly wrong things that **** me off. "Reboot and clear your cache." "Um, why exactly?" "Because I can't go on to the next line in my script until you do that." Yeah, me too. "OK, I'm rebooting. Beep. There, I'm rebooted. Next question. Yes, this machine boots very fast. Next question please. It's a, um, Octegenarian 4000. They're new. Next question please." I did tech support for a while. The reason for the script (and the stupid questions) is to weed out the calls that are just someone who is trying to print with the printer off or something. I spent a lot of time on the phone with someone once because their system was running but the monitor was totally dead. I suspected it was unplugged (you sometimes just get a feeling from the person you're talking to). He absolutely *refused* to check to see if it was plugged in "I've been in this industry for x years and I know how to use these things." "OK, let's try it on a different outlet to see if it will work there before I have you ship the monitor back for a replacement." Long silence while he crawls behind the desk to "unplug" it. Suddenly he comes back on the line "Never mind." click. A friend worked support for the local cable company. The "clearing question" for them was "what time does your VCR show?" If it was flashing 12:00 you could safely assume they were incapable of following instructions an you simply terminated the call and dispatched a service guy. The point is that there is usually a reason for the stupid questions. When you deal with a Windows system reboots are a normal part of any debugging cycle because it is too stupid to forget anything until you turn the power off. Especially network stuff. I have had to turn off (power off, not just rebood) every system on my network and bring them back up again in order to restore communication. Win98 is really bad that way, but XP does it quite a bit too. I find it is not uncommon to need to reboot 15-20 times in order to make a network change work. There is no logical explanation (other than that Microsoft writes crummy software), but it *does* work a lot of the time. It frustrates the heck out of me to reboot four times with nothing changing and have it suddenly work on the fifth, but that's life in the MS world. Tim Douglass http://www.DouglassClan.com |
#322
|
|||
|
|||
Silvan wrote in
: Yeah, like I can remember everybody's password for everything. Nine computers, eight routers, six cable/DSL/dialup modems. I don't even have a big "network" but it's big enough I need a crib sheet. I wrote down her particulars some place where *I* can keep up with it this time, so I can deal with future problems over the phone. So why is a certified LINUX geek who can network driving a truck for a job? Patriarch |
#323
|
|||
|
|||
Mark & Juanita wrote:
yep those password policies really helped improve security, didn't they? One client of our has insane IMO requirements: 15 characters, must include at least a number and a special character, and NO WORDS! Usually for requirements like that I'll use the dictionary technique. Open a thick book, use the first word I see, open to another page, use the page number, open to another page & use the first word I see, etc. This client's policy wouldn't accept e.g. banana48file62uses323/count because it said "banana" was a word! However, a password of this form is blessed. g aaaaaaaaaaaaa1/ -- Mark |
#324
|
|||
|
|||
Silvan wrote:
Mark & Juanita wrote: they? Now, I won't say where those passwords are, but suffice it to say, I don't hide them under my keyboard or mousepad -- I have a little bit of operations security sense. They're on a big yellow Post-It note on the front of your monitor, right? It floored me when I saw a machine at a, um, locally owned store which shall remain namless. The server responsible for handling all the credit card transactions for the store. Big yellow Post-It note with usernames and passwords right on it. Gee willakers Mrs. Cleaver, I wonder if I can figure out how to break into that machine? My set up requires new passwords every 30 days. So the password on the second month is a 1 in front of the old ones, on the third month they revert to the original passwords, the fourth month gets the 1 back in front of them, and so on. Fortunately I only have 4 to keep up with. Hardest part is to remember whether this is a 1 or non 1 month. Saw an article about passwords -- the security experts were saying that these foolish ideas about different passwords for everything plus the required frequent changes has caused the opposite result of what was desired. Security is worse because of the very thing you all mentioned -- a post it note with passwords and user names on the computer. If they are conscious of security they use the pale yellow instead of the neon green ones so they don't stand out as much. If they are real conscious of security, they hide it under the keyboard instead of taping it to the monitor. |
#325
|
|||
|
|||
On Sat, 08 Jan 2005 19:52:23 GMT, "Mark Jerde"
wrote: Mark & Juanita wrote: yep those password policies really helped improve security, didn't they? One client of our has insane IMO requirements: 15 characters, must include at least a number and a special character, and NO WORDS! Ostensibly this is to prevent dictionary-driven programs from trying combinations of words and numbers to break into a user's account. Now, applying the common sense rule here, coupled with the fact that most security protocols either lock out the user for a certain period of time (30 minutes, 2 hours, etc) or permanently (requiring sysadmin to reset the password) after 3 (or some other number) of failed login attempts -- given that the user hasn't chosen aardvark1 as a password, how long is it going to take an automated hacking program to get user access with brute-force attacks? Given the example you cite below, just because banana may be a word is not an aid to an attack on a system with a password lock policy. Usually for requirements like that I'll use the dictionary technique. Open a thick book, use the first word I see, open to another page, use the page number, open to another page & use the first word I see, etc. This client's policy wouldn't accept e.g. banana48file62uses323/count because it said "banana" was a word! However, a password of this form is blessed. g aaaaaaaaaaaaa1/ Oooh, I can see how that is *much* more secure than the banana password :-) -- Mark +--------------------------------------------------------------------------------+ Now we'll just use some glue to hold things in place until the brads dry +--------------------------------------------------------------------------------+ |
#326
|
|||
|
|||
On Sat, 08 Jan 2005 10:31:04 -0800, Tim Douglass
wrote: .... snip The point is that there is usually a reason for the stupid questions. When you deal with a Windows system reboots are a normal part of any debugging cycle because it is too stupid to forget anything until you turn the power off. Especially network stuff. You ought to try Windows systems on Novell networks. Not only do you have to power off, you have to unhook the LAN cable (and shake the bits out) before you can reboot and Novell forgets you were connected to the network. Part of this may be because of a stupid policy that only allows one simultaneous network logon per user id -- it's irritating as all get out when an app freezes the computer and simply re-booting won't get you back on the network. I have had to turn off (power off, not just rebood) every system on my network and bring them back up again in order to restore communication. Win98 is really bad that way, but XP does it quite a bit too. I find it is not uncommon to need to reboot 15-20 times in order to make a network change work. There is no logical explanation (other than that Microsoft writes crummy software), but it *does* work a lot of the time. It frustrates the heck out of me to reboot four times with nothing changing and have it suddenly work on the fifth, but that's life in the MS world. Tim Douglass http://www.DouglassClan.com +--------------------------------------------------------------------------------+ Now we'll just use some glue to hold things in place until the brads dry +--------------------------------------------------------------------------------+ |
#327
|
|||
|
|||
Patriarch wrote:
down her particulars some place where *I* can keep up with it this time, so I can deal with future problems over the phone. So why is a certified LINUX geek who can network driving a truck for a job? Have you looked at any of the help wanted ads for Linux geeks? I'm not selling myself short here. I'm just really not remotely qualified for any job I've ever seen advertised. The home desktop arena where I play has almost nothing in common with the corporate world. I've never used a computer in a professional setting, except for a brief stint working as a typist in a copy center in college, and I have no computer experience. No training, no education, just a couple decades as a competent hobbiest. I've never worked in an office environment either. Plus I guess I tolerate it pretty well. I could talk about it for quite a long time, both the ups and downs. There are ups, there are downs. Everything is always a balancing act. Up, having a lot of time off. Down, having to work ridiculous hours during busy times. Up, being free to do my job my own way, without being micromanaged. Down, spending long periods of time by myself, without any coworkers to socialize with. Up, paying the bills. Down, having a job I'm just not really very proud of, because I have the intellectual potential to do more exciting sounding things. I guess on balance, the thing that bothers me most of all is not having any friends to spend time with in person. I'm not a very sociable guy to start with, but I used to have some semblance of a social life. That all ended eight years ago, and I live a very solitary life now. I have my family, the people on the other side of a computer monitor, and a couple of people who work in furniture stores in distant cities. Most of that time this doesn't really bother me at all, but sometimes it does. I guess even hermits like me like to have a little human contact now and again. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#328
|
|||
|
|||
Tim Douglass wrote:
before I have you ship the monitor back for a replacement." Long silence while he crawls behind the desk to "unplug" it. Suddenly he comes back on the line "Never mind." click. Dad's job, growing up, was similar. I remember those conversations at 2:00 AM. "Is it plugged in?" Pause. "Is it PLUGGED IN?" Longer pause. "Is it turned on?" The point is that there is usually a reason for the stupid questions. Yeah, I know. That's why I humor them. crummy software), but it *does* work a lot of the time. It frustrates the heck out of me to reboot four times with nothing changing and have it suddenly work on the fifth, but that's life in the MS world. Right, which is why I don't run Windows at my house. I *can* do it, but it's not worth the hassle. Although, I guess I won't be saying that too much longer. I'm going to throw Windows on my son's computer. I can't quite expect him to learn the Linux way of programming his Lego Mindstorms, and he's on the team at school. The trick is going to be making sure that pile of monkey guts doesn't figure out how to get onto the internet even though it will be plugged into a router. The last time I tried this, it said "Oh, I see you have installed a router. Now Internet Exploder is ready to acquire viruses for you." Maybe that would be friendly to some people, but I actually like having complete control over every aspect of my system. I'm not used to things happening without my express permission, and that annoys the hell out of me. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#329
|
|||
|
|||
Mark & Juanita wrote:
that the user hasn't chosen aardvark1 as a password, how long is it going to take an automated hacking program to get user access with brute-force attacks? Given the example you cite below, just because banana may be a Reminds me... I had a bit of fun once, for no particular reason. I decided to list out all the possible passwords for a... I don't remember, maybe 7 character password and write them to a file. I ran the program, and it filled up my 40 gig hard drive in practically no time, probably less than five minutes, and hadn't gotten much past stuff like @@@@@@! or whatever. Of course I knew there were 13.4 bajillion different combinations, but that really drove it home. I never really thought about how big the resulting text file would be to hold them all listed out. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#330
|
|||
|
|||
Hey Michael,
I think you can block a range of ip addresses that the router will pass with a subnet mask. Set a static IP on your son's computer (say 192.168.0.129) and set the ROUTER subnet mask to 255.255.255.128. This should pass all addresses between 192.168.0.0 and 192.168.0.127, and reject all else (assuming you set your lan address to that particular block address). I THINK that's the right approach ... you can still use the hub portion to allow connections on your lan, but the subnet mask will prevent him from crossing the divide to the real world. Or, for even more fun, set the subnet mask on all your home computers to 0.0.0.0 (allow all to communicate), leave your router subnet mask set as 255,255,255,0; and set your son's computer to 192.168.x.y, where x is 1-255 (just not zero), and y is 0-255. ***** Wouldn't WINE be a better approach however? It would allow you to retain your linux administration stuff, but allow the windows application a place to run (er die?). BSOD only kills the windows app, not the supporting OS. HTH, Rick "Silvan" wrote in message ... Although, I guess I won't be saying that too much longer. I'm going to throw Windows on my son's computer. I can't quite expect him to learn the Linux way of programming his Lego Mindstorms, and he's on the team at school. The trick is going to be making sure that pile of monkey guts doesn't figure out how to get onto the internet even though it will be plugged into a router. The last time I tried this, it said "Oh, I see you have installed a router. Now Internet Exploder is ready to acquire viruses for you." Maybe that would be friendly to some people, but I actually like having complete control over every aspect of my system. I'm not used to things happening without my express permission, and that annoys the hell out of me. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#331
|
|||
|
|||
On Sat, 08 Jan 2005 23:15:06 -0500, Silvan
calmly ranted: Patriarch wrote: down her particulars some place where *I* can keep up with it this time, so I can deal with future problems over the phone. So why is a certified LINUX geek who can network driving a truck for a job? Have you looked at any of the help wanted ads for Linux geeks? I'm not selling myself short here. I'm just really not remotely qualified for any job I've ever seen advertised. The home desktop arena where I play has almost nothing in common with the corporate world. I've never used a computer in a professional setting, except for a brief stint working as a typist in a copy center in college, and I have no computer experience. No training, no education, just a couple decades as a competent hobbiest. Well, Glenn misspelled "certifiable" and you misspelled "hobbyist." I guess that makes you even. I'm fairly certain that the idiots who write up want ads have never even heard of the technologies they require for any given job. Some seem to want people younger than 22 with a Bachelors in Arts, a Masters in Computer Sciences, and a PHD in something else, know 27 different computer languages fluently, be able to levitate, etc. Oh, and they're offering minimum wage + perqs. --- - Sarcasm is just one more service we offer. - http://diversify.com Web Applications |
#332
|
|||
|
|||
Larry Jaques wrote:
On Sat, 08 Jan 2005 23:15:06 -0500, Silvan calmly ranted: Patriarch wrote: down her particulars some place where *I* can keep up with it this time, so I can deal with future problems over the phone. So why is a certified LINUX geek who can network driving a truck for a job? Have you looked at any of the help wanted ads for Linux geeks? I'm not selling myself short here. I'm just really not remotely qualified for any job I've ever seen advertised. The home desktop arena where I play has almost nothing in common with the corporate world. I've never used a computer in a professional setting, except for a brief stint working as a typist in a copy center in college, and I have no computer experience. No training, no education, just a couple decades as a competent hobbiest. Hmm. I think you /are/ selling yourself short. Well, Glenn misspelled "certifiable" and you misspelled "hobbyist." I guess that makes you even. I'm fairly certain that the idiots who write up want ads have never even heard of the technologies they require for any given job. Some seem to want people younger than 22 with a Bachelors in Arts, a Masters in Computer Sciences, and a PHD in something else, know 27 different computer languages fluently, be able to levitate, etc. Oh, and they're offering minimum wage + perqs. A year after NT was released, I remember seeing an ad looking for someone with 5 years of NT experience. (: BTW, when the unpaid overtime is figured in, a lot of the young software H1B types ended up making /far/ less than minimum wage. I recall 7 young Indian programmers in San Jose sharing an apartment because none of them could afford a single bedroom unit of their own. When I asked if it wasn't uncomfortably crowded, the answer I got was there were almost never more than two or three at home - because the other four or five would be at work. These guys typically worked twelve to eighteen hours a day and got paid for only eight. Not all the sweatshops are on the /other/ side of the Pacific rim... -- Morris Dovey DeSoto Solar DeSoto, Iowa USA http://www.iedu.com/DeSoto/collectors.html |
#333
|
|||
|
|||
Larry Jaques wrote:
training, no education, just a couple decades as a competent hobbiest. Well, Glenn misspelled "certifiable" and you misspelled "hobbyist." I guess that makes you even. I have to turn off the on-the-fly splee cheker because it makes my 2 GHz machine feel like a 200 MHz machine, and I get about 20 words ahead of it typing. I never have been able to spelee wroth a damn. In English anyway. My spelling in Spanish is damn near perfect. I'm fairly certain that the idiots who write up want ads have never even heard of the technologies they require for any given job. Some seem to want people younger than 22 with a Bachelors in Arts, a Masters in Computer Sciences, and a PHD in something else, know 27 different computer languages fluently, be able to levitate, etc. Oh, and they're offering minimum wage + perqs. That's an apt summary of the ads anyway, except you forgot 15 years of Linux kernel hacking experience. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#334
|
|||
|
|||
Rick wrote:
I think you can block a range of ip addresses that the router will pass with a subnet mask. Set a static IP on your son's computer (say Yeah, sumpin' like that. I'll save this post for later. Thanks. Wouldn't WINE be a better approach however? It would allow you to retain your linux administration stuff, but allow the windows application a place to run (er die?). BSOD only kills the windows app, not the supporting OS. I doubt it. I've never found WINE to be particularly useful for anything. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#335
|
|||
|
|||
Years ago, one of my Windows NT instructors mentioned two passwords to use
that most people would never think of.. 1. Rather than using conventional keyboard characters, use something from the extended ASCII character set by holding down the Alt key and using the numeric keypad to enter the ASCII equivilant number representing the character. I believe he demonstrated by using the ASCII number equivilant to 'backspace'. Hold down the Alt key and enter using the numeric keypad, 008 then let off the Alt key. Not only would most people never think of it, it wouldn't display anything on the screen. 2. The other simpler example he used, was based on the fact that in NT at least, in User Manager for Domains, you can look up any user, but the field that lists the users password, displays 14 *'s no matter what the password is. Simply use a password of 14 *'s. (**************) One of the Salemen at our company, has a company issued laptop. He was having some problems with it one day, so he asked me to come take a look at it for him. Yep, right on the OUTSIDE lid of the laptop was a piece of paper perhaps 4x6" with both his login name for the corporate network AND the password! Didn't even tape it to the INSIDE of the lid! At least the way he taped it to the lid was such that when the laptop was open, anybody from across the room that looked at it would see it upside down.... "Silvan" wrote in message ... Mark & Juanita wrote: that the user hasn't chosen aardvark1 as a password, how long is it going to take an automated hacking program to get user access with brute-force attacks? Given the example you cite below, just because banana may be a Reminds me... I had a bit of fun once, for no particular reason. I decided to list out all the possible passwords for a... I don't remember, maybe 7 character password and write them to a file. I ran the program, and it filled up my 40 gig hard drive in practically no time, probably less than five minutes, and hadn't gotten much past stuff like @@@@@@! or whatever. Of course I knew there were 13.4 bajillion different combinations, but that really drove it home. I never really thought about how big the resulting text file would be to hold them all listed out. -- Michael McIntyre ---- Silvan Linux fanatic, and certified Geek; registered Linux user #243621 http://www.geocities.com/Paris/Rue/5407/ http://rosegarden.sourceforge.net/tutorial/ |
#336
|
|||
|
|||
"Silvan" wrote in message I doubt it. I've never found WINE to be particularly useful for anything. -- I find it very useful. Most women like it and . . . . . . . . . |
#337
|
|||
|
|||
On Sun, 09 Jan 2005 17:43:53 GMT, "Edwin Pawlowski" wrote:
"Silvan" wrote in message I doubt it. I've never found WINE to be particularly useful for anything. -- I find it very useful. Most women like it and . . . . . . . . . Ahh, pantie remover.... |
#338
|
|||
|
|||
On Sun, 09 Jan 2005 11:27:54 -0500, Silvan
calmly ranted: Larry Jaques wrote: training, no education, just a couple decades as a competent hobbiest. Well, Glenn misspelled "certifiable" and you misspelled "hobbyist." I guess that makes you even. I have to turn off the on-the-fly splee cheker because it makes my 2 GHz machine feel like a 200 MHz machine, and I get about 20 words ahead of it typing. I never have been able to spelee wroth a damn. In English anyway. My spelling in Spanish is damn near perfect. So write a new spel chuker, Mr. 15-y/o Linux Wiz. I'm fairly certain that the idiots who write up want ads have never even heard of the technologies they require for any given job. Some seem to want people younger than 22 with a Bachelors in Arts, a Masters in Computer Sciences, and a PHD in something else, know 27 different computer languages fluently, be able to levitate, etc. Oh, and they're offering minimum wage + perqs. That's an apt summary of the ads anyway, except you forgot 15 years of Linux kernel hacking experience. Right, 15 years with a 12-y/o system. --- - Sarcasm is just one more service we offer. - http://diversify.com Web Applications |
#339
|
|||
|
|||
Naw. Actually, the kids bought them for me, so I guess I had better
hang on to them a while longer. |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
ebay sucks big time | UK diy | |||
OT-John Kerry | Metalworking | |||
OT - Gunner Quote | Metalworking | |||
Making a ruin into something habitable. | UK diy |