Brian Sierakowski

Ah, that sounds perfect! I will try that tomorrow! Thanks, -Brian

As a similar question, would the advice be the same for someone trying to get OUT of the US? I have a friend who is trying to watch motor bike races on WorldSBK, but it blocks us unfortunate USers out. Get a shell account with a UK hosting company and SSH through?

IMHO, you can't go wrong with getting A+ and Net+ certified. Neither represent a significant time drain, and you'll get your feet lightly wet in all aspects of PC's and Networking respectively. Good to give you the big picture and fill in any gaps your independent study may have left, and at the end of the process you have two marketable certs under your belt.

Correct, the shares that I can't browse to via hostname are on the 10.x.x.x network, aka my work network. Switching the DNS is not going to do me much good, as since its going to be bound to the 192.168.x.x network, I'll need to route to get to a 10.x.x.x DNS server, which requires me to go through the VPN. Which, of course, we're already doing. I think the way to get this fixed is by finding a way to specify that any DNS that cant be found should be searched on all the routing tables, if not found there search the DNS server, failing that go to the NEXT interface. That of course becomes a time out issue, since I have 2 NICs, 2 VM Interfaces, 2 Firewire Interfaces, and then the VPN interface. This is quickly seeming that doing a hosts file is the way to go, lol. -B

Yep, wouldn't resolve to 127.0.0.1 unless there was a DNS record for it, else wise you'd get "Ping request could not find host rtt.hak5.org. Please check the name and try again." Next time, you're just going to have to be one of the winners (like me :D )!

I think he was referring to the fact that it was a LMGTFY, which I think we can all agree has gotten completely out of control. Funny the first 20 times...

I would do that, however I'm only periodically attached to the VPN, using it mainly to look at network shares, etc. I thought for sure that adding our internal DNS server (.25) as 3rd on my list of the DNS servers for my primary NIC would work, but it hasn't. I guess that doesn't make sense, because my primary NIC is on a 192.168 network, and the other network is 10.7 network. My Virtual VPN NIC has the correct DNS server, I think I'm just going to have to hard code in the locations I'm looking for, because unless the IP starts with 10.x.x.x, DNS will assume that its on the 192.168.x.x network, unless anyone knows a way to force queries across all defined DNS servers? Thanks, -B

Hey guys, sorry for the lame question... I'm connected to my work network via VPN, the DHCP is handled by our DC, so I get all the goodies from there (IP, Sub, DHCP, DNS, etc). However, I am unable to resolve hostnames on my work network, it appears that since we're using a split tunnel it's only allowing me to use the DNS on my primary internet connection. Is there any way to "fix" this without doing a hosts file? Thanks, -B

Test to make sure the power supplied to those stations is clean? Is it always the same stations? Do you use a UPS? This next statement is going to be no help, but try to isolate whats different about these servers that have caused them to die twice.

I'm interested in this as well, considering I have a 2 year degree (in music). I thought about maybe going back and getting a 4 year in some sort of business program, that way my degree can speak to my business skills, and my certs and experience can speak for my tech skills.

Being the benevolent technical supervisor that I am, I typically regard such mistakes with pity instead of scorn. I think it's just mind blowing to us the place that these people are coming from, it's surely the same feeling my mechanic feels when I come in. Me: "The stoppies make noise" Him: "The what? Do what?" Me: "The stoppies, they're making a squeek noise" Him: "The brakes?" Me: "Yeah, that's the one."

Yeah, I feel its foolish for a company to be anti-certification. I mean, this is why we do these things, get certifications, get college degrees, etc. No prospective employer or client has the time to sit down with you for a week or two and find out what exactly you know or don't know. So, whilst people turn up their noses at getting certified as "real world experience is the best," I would rather be the certified idiot who gets the job instead, and then I can learn OTJ.

Well, there is a small component of how much you actually learn from the course :). I think you want to say a cert is only as lucrative as how management types think it is. It's only as valuable as how much you learn. Not that that isn't stating the obvious for everyone on the board :).

I think this can be better said thusly:

Whats a legit source for C+A? Here: http://www.oxid.it/cain.html ? If that's the case I'll bring up a VM tonight and test that theory. -B

You need more info from your host as to what the nature of the DDOS is. Is it coming from many different sources, or multiple sources from the same network? Bot nets tend to be difficult to shield against since the attacks are coming from a geographically disperse source. That's supposing they have a net, they could be using some other unsuspecting network(s) to amplify the attack against your page. As mentioned above, I'd recommend getting in touch with whoever is hosting your site and getting them to investigate. Make sure they aren't exploiting a weakness in the companies servers or network infrastructure. They should be able to screen for all the silly named attacks (smurf, fraggle, etc), and make sure you're not in a syn flood situation. If they let you know what exactly is happening but don't know how to guard against it (first, get a new host), let us know what's going on and we can recommend how best to defend.

Awesome, again, thanks so much for all the great info. Agreed with the CTO idea. I think what we'll really need to bring on is a lead programmer, someone that can take our concepts, write the code that they can, and delegate and manage the production of code from the other members. My partner and I both have technical and management backgrounds, so between the two of us we should be able to handle most of the big-medium picture tasks. And the company equity was an idea we are considering too. I'm unsure if outright payment or equity is more attractive, either way the company will have to succeed in order for the team member to get their payday, but cash seems like it would come quicker, allowing someone to have a middle level involvement (as opposed to the long term involvement would take). All of our advisory board members have at least two contacts with venture capital organizations, so if we can get a nice beta knocked out, it will not be such a stretch to get everyone paid when funding comes in. And, all of our advisers have volunteered to help 100% free, not asking for any sort of equity since they believe in the project. This sort of creates an awkward feeling for me, as the people who are in this field at the highest level are not receiving any compensation for their time. Anyway, again, thanks for all the great info, when we finally have our designs done I'll be spreading more love, and then when we have a beta up I'll be very annoying :). Thanks, -Brian

Correct, if it is a quad core (which it sounds like), the older programs do not know how to handle multiple cores, hence 25% utilization. You may be able to play with the affinity, but likely it would be best to open the program 4 times and start them in different spots. Unless anyone knows any programs that utilize multiple cores? Its been my understanding that a LOT of programs have the issue of not being able to handle multiple cores as they should, so it's unsurprising that you're running into that issue.

I've heard great things about Lenovo, should be worth checking out. I feel like you have to spend at least over a grand to get a good dell, we use dell for our severs and laptops and I've had nothing but trouble with the Vostros (and dell support). That said, cheap laptops handled gently will probably do just as well as an expensive laptop handled roughly, just don't expect your cheap laptop to kick ass for 8 hours a day and not have some issues.

I think the bigger question is why you want to spoof Chinese traffic? Not to be a buzzkill, but there is probably a better way to do whatever it is you're trying to accomplish.

Ha, dude, we're coming from the exact same page. I'm thinking since I'm going to have 3 certs this year, I'll beg and plead that my reward be funding for CEH. Ideally, I'd like to do Sec+, then do CEH, and then after a few years go for CISSP (once they decide to let me in that is). Above all, being able to whip out your cert and be like "Everyone remain calm, Certified Ethical Hacker here" is basically bad ass. Plus, if you do their classes you get through it in a week, compared to the 2 months I'm taking on Sec+. But, I digress, we'll see what happens when I get there, I haven't heard from anyone that CEH isn't good.

Hats off to Mnemonic for his sick tech translations skills.

I've not had any problems with ATT service in Baltimore (besides the fact that they seem to be a shady company). Sitting in my home office, my iPhone has full service, and my Verizon work phone has 1 bar... I typically find between Verizon and ATT, you're likely to have good service no matter where you go.

I was in almost the same exact situation with my old motherboard. In my experience, if the CPU is dead, you don't get anything (no power, etc). Especially when it gets burned out, since most motherboard have fail safes that stop the computer from being powered when it feels the CPU is bad. I know you mentioned all the lights being on being a CPU issue, however a bad motherboard can give incorrect codes too. So, IMHO, if you have $70 to gamble, I would go for it. If not, you could find yourself a pretty good deal on newegg, when I went to replace my cpu I wound up getting a core2 quad, mobo, and 4 gb of ram for something silly like $300. My older mobo also had rambus ram, which was very fast at the time, but, way to expensive to upgrade, so that was another reason I jumped on the mainstream intel chipset bandwagon.

Hey, you guys are absolutely right, my sparse posts was partially from inexperience, and partially from laziness. I suppose I thought that since this was somewhat of a unique project, that it would be easier to discuss it with interested individuals on a one to one basis.... but as you guys have noticed, it's a bit difficult to get too excited without more information. As for Hac-Dan's comment, I definitely don't want to go blabbing our "secret sauce" around, but I didn't want to go into that too much... Not that I don't think our team and our idea are great, I do, but it seems a bit cliche to come in and talk about our top secret world shattering billion dollar idea. This is a bit of a large project, so my partner and I are trying to distill all of our concepts down into something digestible. When we have that, if there is still any interest, I'll put that up for people to further peruse. We have a really amazing board of advisers forming, so we'll likely also bounce it off them to make sure that we can appropriately disperse this information to get the right people involved. For compensation, we would not be able to pay up front, we need to get funding before we can start handing out the checks, and we need a beta before we can get funding... I'm sure most everyone here is familiar with that whole cycle. My idea was to log time for our team while we're building the beta, and then when we have it together and get funding, we'll establish rates to pay our team for the future, and reimburse for back time. Depending on how things work out, we may start with a few programmers to get it build, and then scale back after its up and working... or vice versa. Ultimately, we will make sure that anyone who helps in the process is taken care of financially. Also what pushes back my ability to be too specific is the fact that we're forming our design team right now. We want to have the website 100% designed before we write any code, at that point it will be very easy to see what buttons are supposed to do what. Also, we kinda feel like a lot of these websites are done with the code first, so the front end website for the end users winds up being clunky or hard to use. So, it looks like I've gone from too short a post to too long of one... and somehow have managed to leave out most of the important information :D. Still, if anyone wants to put their name in the hat please let me know, and I'll post more info when I have it. Thanks, -B