Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by ansichild

  1. I'm a bedroom DJ and into electronic dance music. Here's a little to get you started... http://www.garethemerypodcast.com http://www.thethrillseekers.co.uk/podcast/ http://www.andymoor.com/moormusic.rss http://www.myonandshane54.com/id/podcast.xml and of course you can find a zillion tunes on... http://www.beatport.com/ If you enjoy electronic music that should take care of you for a while I would say. :)
  2. I remove all anti-virus software. Then I only web surf or run network apps in limited user mode. Not having anti-virus, anti-malware real time protection nearly doubles the speed of the computer. Then I watch what I install, like an accountant watches pennies. I wouldn't recommend this for normal users, though. Another option would be to install AV software but only run it manually from time to time. As long as it never scans, updates its defs, or runs resident in memory unless you tell it to, it would be just as fast.
  3. Had a lady call me on her cell phone... "Our computers are down, and our phones won't work, what should we do? Power is out for the entire block!!" My Response... "Wait for the power to come back on."
  4. Here's some iptables scripts from my super simple home cookbook to get you going... #turn routing on #echo "1" > /proc/sys/net/ipv4/ip_forward Here's my rules file, it's a default deny policy with explicit statements to allow everything. Ironic eh? But useful. :) eth0 is LAN, eth1 is Internet with static IP. If you just want to join the networks, you don't even really need to NAT. #iptables-restore iptables.rules *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -j ACCEPT -A OUTPUT -j ACCEPT -A FORWARD -j ACCEPT COMMIT Now getting fancier, this logs all traffic but doesn't drop anything (still a "default deny" policy)... *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -j LOG --log-prefix "Bad input " -A INPUT -j ACCEPT -A OUTPUT -j LOG --log-prefix "Bad output " -A OUTPUT -j ACCEPT -A FORWARD -j LOG --log-prefix "Bad forward " -A FORWARD -j ACCEPT COMMIT And here's an example of something really restrictive, forwards only web traffic from the LAN... *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o eth1 -j SNAT --to-source COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -i eth0 -j ACCEPT -A INPUT -j LOG --log-prefix "Bad input " -A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -j LOG --log-prefix "Bad output " -A FORWARD -s -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -s -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A FORWARD -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j LOG --log-prefix "Bad forward " COMMIT
  5. You also need the corresponding routes that would enable the network traffic to go to the right places, I would assume. Let's see the output of your # route -n
  6. Browse as a limited user account. On my home windows boxes I create 2 users. One admin, one limited, and a warning page if you try to open the browser on the Admin account.
  7. I have a strong opinion about this. Dogs need a lot of social attention, more than most humans can give them. So consider that as a factor. They are basically wired to be pack animals, and always need reinforcement from the pack leader, which is you. They can't daydream like humans, read books, watch TV, play video games, etc for entertainment. That's why when you leave them alone, chained, or caged without a place to explore or roam, it's like putting them into a prison of their own mind of desperate boredom and loneliness. Cats on the other hand, don't care. They are "pride" animals, so if you want, get 2 cats, preferably same gender from the same litter, so they won't get territorial and "mark" their territory if you know what I mean. They'll entertain each other while you are gone.
  8. Encryption is meant to keep people out of your data. It works well.
  9. I always like to pick the distro with the biggest user base, since Linux support is entirely driven by the user community. Since Ubuntu is based on Debian, you get double the pleasure, double the fun. At work I run Debian, and Ubuntu on the desktop.
  10. I prefer to think that piracy is only a crime if you are profiting off the work of others without paying them their due. Copyright laws would disagree with that statement, but I feel my philosophy better holds up to ethical boundaries concerning the power of information and the freedom of knowledge for the human race.
  11. I would say that no matter how realistic the graphics get, virtual murder will never have the impact of real murder on your psyche because there is little to no loss involved, and you don't feel the physical sweat of doing the manual work yourself. But in the end it's all about loss. You only have one life, and if you committed a real murder, your empathy for the impact of that situation would lend the gravity of morality that the situation needs.
  12. ansichild

    got a question

    That's a good question, what do you do if you have a user that is installing a bunch of insecure crap on his web site? Like old versions of phpBB and Wordpress and such?
  13. I had an incident where an office called me up on their cell phones and said the following... "Our power is out, what should we do with our computers?" Apparently the power was out for a whole section of their town. I told them to patiently wait for the power to return.
  14. Where I work, we run SNORT, but I swear it's voodoo magic. Sometimes it works, sometimes it doesn't. I would love to know more about it, but the online docs I've read are just not that engaging. I've tried binary mode logging, all that crap. I'd say it has about a 35% accuracy monitoring on my 100mbit connection. It'll catch things if they're repeated, but if they only hit once, it's usually a no-go. And it's noisy, I have to shut off about 50% of its detection rules just to make it worth running. False positives up the wazoo.
  15. Only if the buyer is also geek, and you put in fiber.
  16. I use vi and sometimes vim. or #echo "" >> output.fil
  17. For me, there's only one law. That law is software. Macs can run more software than PCs, because they are PCs (can run windows, *nix, etc) and also Macs. So the "Mac Tax" as you would call it, enables you to run almost any software on the planet made for a desktop computer. QFT.
  18. Great sites. Add... http://www.newzleech.com/ - nzb search engine for all you Usenetophiles. Please don't DoS This. http://www.milw0rm.com/ - 0days http://www.us-cert.gov/current/ - lowest hanging fruit paid for by US tax dollars. http://www.schneier.com/blog/ - Bruce Schneier's Blog Edit, add... http://www.metasploit.com/ - this should be obvious http://sectools.org/ - top 100 security tools.
  19. I have this issue with my old Linksys wifi router. Has anyone used a router that's completely rock-solid that they could recommend? It might be worth the extra bucks for a more reliable connection.
  20. Local Usenet Mirror, with 100 day retention. Probably need a very high-speed connection to an internet backbone for faster mirroring. Storage goes without saying. Gig ethernet with lots of hardwire links locally. Then add a nice recording studio setup for fiddling around with electronic music for months on end. Probably 4-5 iMacs, loaded with software like Pro-Tools, Logic Pro, Ableton Live, Reason, Cubase, and 20-30 of the best hardware synths money can buy, not to mention CDJs, and mixers to play with other peoples tracks. HI-FI Digital monitoring/Home theater audio setup goes without saying. I'm going to need one of those multi-touch tables from Microsoft, and top of the line digital photography and video equipment along with some Runco 1080p projectors. I'll also need a render farm to encode all the 1080p video I take from my many trips to the edges of the earth. An IBM System Z mainframe should be sufficient. Out back I'm going to need a large RTG (radioisotope thermoelectric generator) to use as a power source. This setup will be located on the big island of Hawaii, with a fiber link to the Keck observatory for some midnight star gazing. I also require hard links into CIA and NSA databases so I can do background checks on the people that I meet, or research on political issues around the world. Hm, well I guess that's a start.
  21. Not really an e-zine, but I contend that 2600 magazine still qualifies as good infotainment. http://www.2600.com/
  22. I think you might be missing something. I assume the ppp0 interface has some kind of a default gateway for the next hop? What is it? networks usually set up like... LAN Workstations -> Firewall eth0 ( eth1 ( -> router gateway ( ppp0 ( -> dialup gateway ( So if I want the workstation (on the LAN) to use the dialup interface as its gateway I'd add a line on the firewall like... # route add -host gw Come to think of it, you'll probably have to do a NAT on that interface too. Something like... # iptables -A POSTROUTING -o ppp0 -j SNAT --to-source Then you'd want to allow all the traffic like... iptables -A FORWARD -s -i eth0 -j ACCEPT iptables -A FORWARD -d -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT These are just examples mind you, so insert your own IPs instead of mine, don't type them verbatim.
  • Create New...