Jump to content

ansichild

Active Members
  • Posts

    47
  • Joined

  • Last visited

Recent Profile Visitors

1,077 profile views

ansichild's Achievements

Newbie

Newbie (1/14)

  1. I'm a bedroom DJ and into electronic dance music. Here's a little to get you started... http://www.garethemerypodcast.com http://www.thethrillseekers.co.uk/podcast/ http://www.andymoor.com/moormusic.rss http://www.myonandshane54.com/id/podcast.xml and of course you can find a zillion tunes on... http://www.beatport.com/ If you enjoy electronic music that should take care of you for a while I would say. :)
  2. I remove all anti-virus software. Then I only web surf or run network apps in limited user mode. Not having anti-virus, anti-malware real time protection nearly doubles the speed of the computer. Then I watch what I install, like an accountant watches pennies. I wouldn't recommend this for normal users, though. Another option would be to install AV software but only run it manually from time to time. As long as it never scans, updates its defs, or runs resident in memory unless you tell it to, it would be just as fast.
  3. Had a lady call me on her cell phone... "Our computers are down, and our phones won't work, what should we do? Power is out for the entire block!!" My Response... "Wait for the power to come back on."
  4. Here's some iptables scripts from my super simple home cookbook to get you going... #turn routing on #echo "1" > /proc/sys/net/ipv4/ip_forward Here's my rules file, it's a default deny policy with explicit statements to allow everything. Ironic eh? But useful. :) eth0 is LAN, eth1 is Internet with static IP. If you just want to join the networks, you don't even really need to NAT. #iptables-restore iptables.rules *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1 COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -j ACCEPT -A OUTPUT -j ACCEPT -A FORWARD -j ACCEPT COMMIT Now getting fancier, this logs all traffic but doesn't drop anything (still a "default deny" policy)... *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1 COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -j LOG --log-prefix "Bad input " -A INPUT -j ACCEPT -A OUTPUT -j LOG --log-prefix "Bad output " -A OUTPUT -j ACCEPT -A FORWARD -j LOG --log-prefix "Bad forward " -A FORWARD -j ACCEPT COMMIT And here's an example of something really restrictive, forwards only web traffic from the LAN... *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1 COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -i eth0 -j ACCEPT -A INPUT -j LOG --log-prefix "Bad input " -A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -j LOG --log-prefix "Bad output " -A FORWARD -s 192.168.1.0/255.255.255.0 -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -s 192.168.1.0/255.255.255.0 -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A FORWARD -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j LOG --log-prefix "Bad forward " COMMIT
  5. You also need the corresponding routes that would enable the network traffic to go to the right places, I would assume. Let's see the output of your # route -n
  6. Browse as a limited user account. On my home windows boxes I create 2 users. One admin, one limited, and a warning page if you try to open the browser on the Admin account.
  7. I have a strong opinion about this. Dogs need a lot of social attention, more than most humans can give them. So consider that as a factor. They are basically wired to be pack animals, and always need reinforcement from the pack leader, which is you. They can't daydream like humans, read books, watch TV, play video games, etc for entertainment. That's why when you leave them alone, chained, or caged without a place to explore or roam, it's like putting them into a prison of their own mind of desperate boredom and loneliness. Cats on the other hand, don't care. They are "pride" animals, so if you want, get 2 cats, preferably same gender from the same litter, so they won't get territorial and "mark" their territory if you know what I mean. They'll entertain each other while you are gone.
  8. Encryption is meant to keep people out of your data. It works well.
  9. I always like to pick the distro with the biggest user base, since Linux support is entirely driven by the user community. Since Ubuntu is based on Debian, you get double the pleasure, double the fun. At work I run Debian, and Ubuntu on the desktop.
  10. I prefer to think that piracy is only a crime if you are profiting off the work of others without paying them their due. Copyright laws would disagree with that statement, but I feel my philosophy better holds up to ethical boundaries concerning the power of information and the freedom of knowledge for the human race.
  11. I would say that no matter how realistic the graphics get, virtual murder will never have the impact of real murder on your psyche because there is little to no loss involved, and you don't feel the physical sweat of doing the manual work yourself. But in the end it's all about loss. You only have one life, and if you committed a real murder, your empathy for the impact of that situation would lend the gravity of morality that the situation needs.
  12. ansichild

    got a question

    That's a good question, what do you do if you have a user that is installing a bunch of insecure crap on his web site? Like old versions of phpBB and Wordpress and such?
  13. I had an incident where an office called me up on their cell phones and said the following... "Our power is out, what should we do with our computers?" Apparently the power was out for a whole section of their town. I told them to patiently wait for the power to return.
  14. Where I work, we run SNORT, but I swear it's voodoo magic. Sometimes it works, sometimes it doesn't. I would love to know more about it, but the online docs I've read are just not that engaging. I've tried binary mode logging, all that crap. I'd say it has about a 35% accuracy monitoring on my 100mbit connection. It'll catch things if they're repeated, but if they only hit once, it's usually a no-go. And it's noisy, I have to shut off about 50% of its detection rules just to make it worth running. False positives up the wazoo.
×
×
  • Create New...