Searching \ for '[OT]: Workspace Pictures' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/microchip/devices.htm?key=pic
Search entire site for: 'Workspace Pictures'.

Exact match. Not showing close matches.
PICList Thread
'[OT]: Workspace Pictures'
2002\10\30@012933 by James Newton, webhost

face picon face
source= http://www.piclist.com/postbot.asp?id=piclist\2002\10\29\204901a

PICList.com does not impose ANY space limitation and does not require any
ads on the pages (popup or otherwise)

Name the new pages you make with .html extensions if you don't want the nav
aids, feedback form and "ads" (no one pays for the notes I put on the
pages). Use .htm if you want all that.
http://www.piclist.com/idea/website/pageadd.htm

You do have to email pictures and other binary files (or ftp to
ftp://http://www.piclist.com/in and email me to let me know) ... I only grant
direct ftp access to a few trusted people. But you can edit your html pages
at will via a source or wysiwyg editor
http://www.piclist.com/idea/website/pageedit.htm

The feedback form is a great way to get input from people with out giving
out your email address or other contact information. It also insures that
the pages stay moderately up to date, because people just can't stop
themselves from pointing out an error! <GRIN>
http://www.piclist.com/idea/website/pageappend.htm

I like my web site....

---
James Newton: PICList.com webmaster, former Admin #3
spam_OUTjamesnewtonTakeThisOuTspampiclist.com  1-619-652-0593 phone
http://www.piclist.com/member/JMN-EFP-786
PIC/PICList FAQ: http://www.piclist.com

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics


2002\10\30@014332 by James Newton, webhost

face picon face
source= http://www.piclist.com/postbot.asp?id=piclist\2002\10\29\214751a

Actually, at this point, traffic is not a problem. The connection is nicely
handling the bandwidth and serving the pages doesn't even make a blip on the
CPU.

Morons who think they are going to rip a tiny little PIC enthusiast site DO
cause bandwidth problems if they don't realize that each page links to
another and there is over 2GB of content on the site now...
...But the server pretty much stops that on its own. The larger problem
there is getting people to edit the pages and keep them organized and clear.

The damn search engine about kills the thing however...
...I'm looking at another server upgrade for a faster processor and even
more memory again to handle that. Something about searching 2 Gigs of
content seems to slow the box down a bit for some strange reason. I'll
eventually have to setup a second server just to handle the searches.

If it wasn't for *nix boxes being so totally unreliable, I'd look for a
search engine to put on a old box...
...But I've never seen a *nix box that didn't get hacked eventually and I
don't have time to be a security expert on top of everything else. I'll buy
another license for NT eventually, or maybe try the XP server version.

Anyway, people adding pages is NOT going to cause me any headache. HD space
is not even close to being impacted. Just serving the pages is a drop in the
bucket. If I have to, I'll exclude member content from the search engine to
keep it from swamping the box.

---
James Newton: PICList.com webmaster, former Admin #3
.....jamesnewtonKILLspamspam@spam@piclist.com  1-619-652-0593 phone
http://www.piclist.com/member/JMN-EFP-786
PIC/PICList FAQ: http://www.piclist.com

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics


2002\10\30@101731 by Dave Gomez

flavicon
face
On 10/29/02 11:38 PM, "James Newton, webhost" <jamesnewtonspamKILLspamPICLIST.COM>
wrote:
Snip
> If it wasn't for *nix boxes being so totally unreliable, I'd look for a
> search engine to put on a old box...
> ...But I've never seen a *nix box that didn't get hacked eventually and I
> don't have time to be a security expert on top of everything else. I'll buy
> another license for NT eventually, or maybe try the XP server version.
Snip

You have got to be kidding right? (or I would say at the least seriously
misinformed, you didn't drink that microsoftian koolaid did ya?)  With
seemingly 90% plus of systems running windoze, all the crackers/script
kiddies have the inclination and tools that expose those the most, and my
own personal experience is that if I had a windoze server, I would have been
hacked 10 times over, because keeping up with the *new* security holds they
find weekly (my god, they just released not one but FIVE security patches
last week for windoze), you will be hacked.

   I'm not saying that any platform is perfect, but I am a true believer
that many eyes will find the problems faster, and deliver fixes quicker,
rather than Microsofts model.  As an example of the constant bandwidth that
is destroyed by this crap, I have posted an analysis of my web logs,
http://www.dkgomez.com/cgi-bin/hacked.pl , which shows that the crap I get
hit with is all about trying to get into windoze boxes.  I got more
concerned about security, and have shutdown most all of my ports, and made
the ones that were open more secure.

 Performance wise, a *nix system would kick NT's *ss, and if you've had
hacking experience against a *nix system, you chose the wrong system, or
didn't lock it down enough. May I suggest one of properly configured Linux
system, most include firewalls, most services are disabled by default, and
performance is great.  The even more secure services could be offered by a
secure BSD flavor.

Dave Gomez

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics


2002\10\30@105848 by Dale Botkin

flavicon
face
On Wed, 30 Oct 2002, Dave Gomez wrote:

> On 10/29/02 11:38 PM, "James Newton, webhost" <.....jamesnewtonKILLspamspam.....PICLIST.COM>
> wrote:
> Snip
> > If it wasn't for *nix boxes being so totally unreliable, I'd look for a
> > search engine to put on a old box...
> > ...But I've never seen a *nix box that didn't get hacked eventually and I
> > don't have time to be a security expert on top of everything else. I'll buy
> > another license for NT eventually, or maybe try the XP server version.

8<  Snip

>   Performance wise, a *nix system would kick NT's *ss, and if you've had
> hacking experience against a *nix system, you chose the wrong system, or
> didn't lock it down enough. May I suggest one of properly configured Linux
> system, most include firewalls, most services are disabled by default, and
> performance is great.  The even more secure services could be offered by a
> secure BSD flavor.

My fault.  I didn't patch the Apache/OpenSSL/PHP bugs quickly enough,
apparently, in addition to the one I set up being the first time I'd done
a Solaris box for hardened use.  The kiddies managed to get in and install
eggdrop.  There's a new drive being built with a new Solaris install that
I'd bet will be bulletproof for quite a while (I've learned a lot since
then).

I'd also like to point out that despite the box getting hacked, it's still
firewalling his internal systems perfectly well.  All I had to do was
clean up the mess and shut down Apache until the new load is ready.  Had I
been able to install a Linux machine instead of Solaris (based only on my
own abilities, not anything against Solaris) it would have been better; my
own Linux machine has been on a cable modem nonstop since August of 1998
running DNS, Sendmail, Apache, POP3, IMAP, MySQL, PHP4, etc and has yet to
be touched.  Not that the kiddies haven't tried, daily, but so far so
good.

Dale

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics


2002\10\30@153526 by Harold Hallikainen

picon face
On search engines, I'm happy with the Webinator (http://www.webinator.com). I have one running on a linux machine at home (try it out at http://www.hallikainen.org/FCC/FccRules/search/ - use the first search box to search FCC rules, which is Webinator running on my machine and searching content on my machine). http://www.master.com offers free use of the Webinator for a limited number of pages (I think it's 5,000). It also works very well. Try the search box at http://www.dovesystems.com .

Harold





________________________________________________________________
Sign Up for Juno Platinum Internet Access Today
Only $9.95 per month!
Visit http://www.juno.com

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics


2002\10\30@174955 by Jonathan Johnson

flavicon
face
Open BSD comes to mind as one that has a rep for being secure and reliable.
It has been written from the ground up to be secure as its primary goal.

The sheer fact that most 'hackers' are just script kiddies running micro$oft
products such as windoze should be testament to the fact that that is what
they are targeting, check the anti hacking sites and do a bit of research,
look at the number of viri that exist for windows compared to any version of
*nix (including Linux), I think you may have to sit down before you do this
though. In my personal experience I've never seen a WINDOWS! box never be
hacked or attempted to be hacked many times on a daily basis, as Dave said,
just look at the number of security patches that are dealt out on an almost
daily basis for micro$oft products. Microsoft only has one thing going for
it.....ease of use for the majority of the population but even as we speak
that is changing. Microsoft only has its employees checking they're own work
for screwups not the entire development community, ever looked at a simple
problem just too long n missed it coz 'that couldn't possibly be it', well
that's why the micro$oft stuff is so insecure and the reason its bloated is
because ol' Bill is after the quick buck n then just roll out another
version of the OS to cover it all up. If you have a spare box lying around y
don't you try a few of the diff flavours of Unix, Linux etc. lock it down n
give it a honey pot then publicise the IP addy on a few irc channels then go
to a hacking web site n give them ur IP address with a list of 'warez' n
compare how long each lasts, I'll put money on windows coming in last place
(if you've followed a few simple steps to lock down ur box). Just out of
curiosity though, where DID you hear that *nix was insecure? ( I sincerely
hope you didn't believe a micro$oft vendor)

Best of luck

Jonathan

> {Original Message removed}

2002\10\31@004049 by James Newton, webhost

face picon face
source= http://www.piclist.com/postbot.asp?id=piclist\2002\10\30\105848a

You're being hard on yourself Dale. I've worked on 7 NT servers over the
past 12 years and not one has ever been hacked into. I've worked with 3 *nix
boxes in that same time and all three were hacked within a year of
operation. The other two *nix boxes were admin'd by guys who told me "I've
NEVER had a *nix box hacked." I wasn't admin on all of those NT boxes, just
3 of the NT servers and 1 of the *nix.

Getting that "your box was used to attack my box" email is NOT fun.

The key point is that somebody has to know HOW to "properly configure" the
*nix boxes and that is not a simple thing. Microsoft may be issuing multiple
hole plugs, but any idiot can install them and they are then... plugging the
holes... see? You don't have to know anything, just run windowsupdate on a
regular basis.

At the office, I run a firewall and I use a little program called
"WallWatcher" to log and report ever inappropriate port request and report
it to
http://www.dshield.org Believe me, most of the ports I see people trying on
are *nix based port, NOT NT.

My guess is the bulk of the Windows based hacks are via email attachments or
backdoors in viruses or other such "social hacking" attacks.

Anyway, maybe I've just been lucky (knock wood) but I just don't have time
to learn all the in's and out's of *nix. I offer a stable (so far) safe (so
far) web server and I spend my time keeping the content up, not the server.

---
James Newton: PICList.com webmaster, former Admin #3
EraseMEjamesnewtonspam_OUTspamTakeThisOuTpiclist.com  1-619-652-0593 phone
http://www.piclist.com/member/JMN-EFP-786
PIC/PICList FAQ: http://www.piclist.com

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.


2002\10\31@011716 by Dale Botkin

flavicon
face
On Wed, 30 Oct 2002, James Newton, webhost wrote:

> source= http://www.piclist.com/postbot.asp?id=piclist\2002\10\30\105848a
>
> You're being hard on yourself Dale. I've worked on 7 NT servers over
> the past 12 years and not one has ever been hacked into. I've worked
> with 3 *nix boxes in that same time and all three were hacked within a
> year of operation.

Actually this is a first for me.  I've cleaned up a few after they'd been
hacked, but this is actually the first time one of mine has been gotten
into.  It's also the first time I've personally put a Solaris box on the
net, though I do it for a living indirectly.  Fortunately, I have some
very good Solaris guys working for me.  But remember, I used to run an ISP
-- we had plenty of BSD and Linux machines up with no problems for several
years.  And we were a BIG target.

I can tell you that where I work there has never been an incident of a
UNIX machine being hacked -- not even once.  There have been incidents of
another widely used OS getting hacked, though.  Actually, it wasn't all
the OS's fault, since they were running IIS (a singularly bad idea), but
it's the same vendor.  This was in spite of IDS, firewalls, etc -- when
there are massive holes that can be gotten to via port 80 there's a limit
to what you can do (regardless of the OS, as this recent incident proves).

> The key point is that somebody has to know HOW to "properly configure" the
> *nix boxes and that is not a simple thing. Microsoft may be issuing multiple
> hole plugs, but any idiot can install them and they are then... plugging the
> holes... see? You don't have to know anything, just run windowsupdate on a
> regular basis.

Here, just drink this Kool-Aid...  8-)  That may work for you, but in a
production environment you simply can't do that.  Too many things get
broken by the "fixes" too many times.  Whichever OS you're using, you have
to have some really good people running them if you're going to get the
performance and reliability demanded in a production environment.  At any
rate, in this case it was more a matter of not getting a patch for a known
hole in place quickly enough -- my bad, I was depending on the relative
obscurity of the box to keep it out of the way until I had time to get to
it.  Obviously a bad idea.  Point is, once a server is set up properly,
it's extremely rare that I have to touch it -- I average once a year or
so, between BIND, Sendmail, Apache and whatever else.  Never the OS itself
so far.

> At the office, I run a firewall and I use a little program called
> "WallWatcher" to log and report ever inappropriate port request and
> report it to http://www.dshield.org Believe me, most of the ports I
> see people trying on are *nix based port, NOT NT.

Odd...  the majority of what I see normally are ports used by Windowes
file sharing (137/139 mostly), and of course those incessant probes for
IIS holes launched by every broken IIS zombie server on the planet, and
there are hordes of them.  My web server log is 90% IIS attacks, 10% real
traffic.  It's disgusting.  I told you about the redirect I put in...
8-)

> Anyway, maybe I've just been lucky (knock wood) but I just don't have time
> to learn all the in's and out's of *nix. I offer a stable (so far) safe (so
> far) web server and I spend my time keeping the content up, not the server.

Well, so far I'm about 50-1, so I'm not feeling too bad, but it does just
kind of piss me off.  And of course it has to be a remote box, too.  By
the way, I should have the replacement drive and maybe a couple of CPUs to
ship this weekend.  Let me know (offlist) if I should bother installing
SQL or not.

Dale

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.


2002\10\31@034250 by Nate Duehr

face
flavicon
face
On Tue, 2002-10-29 at 23:38, James Newton, webhost wrote:

> If it wasn't for *nix boxes being so totally unreliable, I'd look for a
> search engine to put on a old box...
> ...But I've never seen a *nix box that didn't get hacked eventually and I
> don't have time to be a security expert on top of everything else. I'll buy
> another license for NT eventually, or maybe try the XP server version.

Oh my.

Not meaning to sound mean or anything James, but my experience has been
100% the opposite... lots of Windows machines that were misconfigured
were hacked in the data center environment I used to work in, and the
*nix boxes just ran and ran... But the real reason for that was many of
our customers didn't have a clue what they were doing when setting up
their Windows machines -- I've seen both OS's do a fine job when a pro
is working on them.

I think what you meant to say was, "I know NT like the back of my hand
and can secure it properly, but I don't know Unix and it'd get hacked."
I sure hope so anyway.

I have had (in a past life) over 200 Linux boxes on public networks, and
security was not a problem... we gave many of them birthdays for their
uptime stats.

What do you need help with on the search engine?  If you're interested
in doing something on Unix, that's more up my alley than PIC's... Unix
boxes are what I do for a living, and I do some network security
consulting on the side.  I'm learning PIC stuff for fun.

I don't have access to anything with "high" bandwidth right now (well,
that I could offer up to the PICList, but I'll check around - a friend
actually just worked a deal with someone who wants the box to do MORE
bandwidth, strangely enough for another "community" server similar to
PICList), so actually hosting stuff is out...

But if you need help with the set up and configuration of a new *nix box
there at your site for search stuff, let me know.  Would be glad to help
out.  Feel free to contact me off the list anytime...

Nate

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.


2002\10\31@185915 by James Newton, webhost

face picon face
source= http://www.piclist.com/postbot.asp?id=piclist\2002\10\31\034250a

I do hear a lot of people say that their *nix boxes never got hacked, etc...
and I don't doubt that for them, this is true.

I just know my own experience. The first time I was with a company that
tried to get a server up, we spend about 4 months reading and learning about
Linux and setting up a Red Hat server. We even paid a "security expert" to
harden the box. It went up, and was hacked in 1 week. We had setup an NT
server (NT 3.51) for in-house use and we copied our content to that (really
quick) and put it up. This box had not been hardened, had not been setup by
anybody that "knew NT like the back of his hand" and it ran until we
replaced it with a bigger box about 2 years later. We restarted it once a
week just to be sure, and applied all the updates from MS; but it never
crashed and was never hacked. I tried again a few years later when I wanted
to setup the PICList.com site, but my Red Hat box was soon hacked as well.
In the mean time, I served PICList.com on a Win 98 machine using Personal
Web Server (Anyone remember getting the "too many users" when I first
started? It was because you could only have 10 concurrent sessions).
Reliable? No. But it never got hacked. Then I was able to afford an NT
license and I was very happy with it. Any moron can set it up and run it. I
learned what I could, and went on. I wanted another box for SQL and email
(and backup web) so I asked around for anyone with real security experience
to admin a *nix box and I would pay for the internet connection. Dale tried,
but his *nix version isn't what he was used to, and the damn thing... got
hacked. Reliable as all hell, but it seems like hackers are looking for *nix
boxes.

Anyway, on the search engine topic, I heard from a guy off list that Index
Server runs a lot faster if you use an external SQL server to host the index
file. I'm about to buy another NT license and I have a license for SQL
server 7, so I'm going to set that up soon.

I would really like to know what keeps people from using their member pages
on PICList.com and why people go to these popup ad people for hosting...

---
James Newton: PICList.com webmaster, former Admin #3
jamesnewtonspamspam_OUTpiclist.com  1-619-652-0593 phone
http://www.piclist.com/member/JMN-EFP-786
PIC/PICList FAQ: http://www.piclist.com

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.


2002\10\31@210729 by Alan Brumley

flavicon
face
I can't believe how hard y'all are prodding our Admin!

The fact is, you need to understand your OS to really secure it.  I ran 2k
as my firewall and development machine for several years (starting with the
early beta) and never had a problem.  And yes, I was running a webserver off
of it.  I kept what I didn't need turned off and of course I removed netbios
bindings from my external adapter.  Even running a website didn't give me
problems because I moved so many directories around script kiddies scripts
never worked.

I recently switched to Linux and I'm really digging it.  I still don't feel
as safe as I did running my NT box.  Iptables is what helps me sleep at
night but that's another topic.  I should probably be more worried than I
am.

It's still amazing to see how many security alerts I get in my inbox from
redhat though!  Again, IPtables makes me feel a little better.

I am slowly falling more in love with *nix in general, but the comment about
the vast number of script kiddies being attributed to the lack of security
of the microsoft products gets me.  The fact is, more people use Windows
than any other OS.  There's more fingers probing ports on the OS because if
you find a weakness, the payoff is better.  I'm not a hacker, but I'd rather
crack into 100,000 dialup/cable modem machines rather than 10 webservers.
You can do a lot more damage and cause a lot more havoc.  Case in point..
Macintosh.   The OS is surrounded by the same secrecy, but they are hacked
far less.   Why?  Not as many people trying and the payoff isn't as grand!
The developer community for *nix is not that large.  Don't get me wrong,
it's BIG, and on paper, it should be better than "Corporate owned" OSes, but
in reality today, it's barely better, not a slam-dunk like is often
portrayed.

Another thing is, most of these "kiddies" are barely smart enough to get the
OS going.  SO they appreciate the cookie cutter utilities delivered to them
by the "Script daddies".

If a hacking utility written for a *nix, you most likely gotta compile it
and then configure it.  What does "compile" mean?  Where's setup icon?

Anyway, those are the two points that "bothered" me.

I'm off the soapbox now.


PS: if anybody is a linux security "expert" and has some time to chat, drop
me an email.


Thanks.

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.


2002\10\31@233905 by Dave Gomez

flavicon
face
Since were on the security kick, here is a link to an article that describes
trends etc for break ins.   btw, it was noted that macs, as someone stated
in one of the previous posts, actually does not suffer from being that
obscure, and therefore not being attacked, as suggested.


http://mi2g.com/cgi/mi2g/press/311002.php

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.



'[OT]: Workspace Pictures'
2002\11\01@021223 by c Scheepers
flavicon
face
Hi there James,

I am just wondering why only NT boxes get hacked according to Dale and not  the *nix boxes. Maybe , just maybe the hackers is all *nix guys and they have to prove something to the world or maybe because most of the servers out there is NT boxes or
maybe because it is not fun hacking *nix boxes anymore because it is so easy to hack and NT boxes gives them
the adrenalin shot they need.

According to my experience any piece of software is hackable you just need the time to find the loophole that the programmers of the systems left intentionally or unintentionally:-)

regards
Nic

> {Original Message removed}

2002\11\01@033544 by tony

flavicon
face
Just had another look on the workspace website.
Rick C (picture #2) now thats a workspace I truly love it.
One question though, Rick do you have shares in the
drawer tray manufactures?

Once again truly impressive

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email @spam@listservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body


2002\11\01@092839 by Dale Botkin

flavicon
face
On Fri, 1 Nov 2002, Nic Scheepers wrote:

> I am just wondering why only NT boxes get hacked according to Dale and
> not the *nix boxes.

I have to respond to this.  I **NEVER** said that.  Certainly Unix and
Linux systems get hacked every day.  I believe you will find, however,
that hacked Windows machines are far more common, and there are many more
vulnerabilities to be found there.

What I said was that I personally had never had a UNIX machine get hacked,
either at home or at work, but have seen multiple instances of Windows
servers getting hacked.  Neither group are maintained by unskilled people.

> Maybe , just maybe the hackers is all *nix guys and they have to prove
> something to the world or maybe because most of the servers out there
> is NT boxes or maybe because it is not fun hacking *nix boxes anymore
> because it is so easy to hack and NT boxes gives them the adrenalin
> shot they need.

This is simple OS bashing, so I'm going to resist the temptation to
respond.  It's just silly on so many levels.

> According to my experience any piece of software is hackable you just
> need the time to find the loophole that the programmers of the systems
> left intentionally or unintentionally:-)

True, some are just more easily hacked than others.

Dale

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email KILLspamlistservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body


More... (looser matching)
- Last day of these posts
- In 2002 , 2003 only
- Today
- New search...