[Best Programming Music?]

I'm a bedroom DJ and into electronic dance music. Here's a little to get you started...

http://www.garethemerypodcast.com

http://www.thethrillseekers.co.uk/podcast/

http://www.andymoor.com/moormusic.rss

http://www.myonandshane54.com/id/podcast.xml

and of course you can find a zillion tunes on...

http://www.beatport.com/

If you enjoy electronic music that should take care of you for a while I would say. :)

[Best Buy PC Optimization]

I remove all anti-virus software. Then I only web surf or run network apps in limited user mode. Not having anti-virus, anti-malware real time protection nearly doubles the speed of the computer.

Then I watch what I install, like an accountant watches pennies.

I wouldn't recommend this for normal users, though.

Another option would be to install AV software but only run it manually from time to time. As long as it never scans, updates its defs, or runs resident in memory unless you tell it to, it would be just as fast.

[For people working in IT (or any job really) - dumbest remarks you've heard from higher up people?]

Had a lady call me on her cell phone...

"Our computers are down, and our phones won't work, what should we do? Power is out for the entire block!!"

My Response...

"Wait for the power to come back on."

[iptables question 3.0]

Here's some iptables scripts from my super simple home cookbook to get you going...

#turn routing on

#echo "1" > /proc/sys/net/ipv4/ip_forward

Here's my rules file, it's a default deny policy with explicit statements to allow everything. Ironic eh? But useful. :)

eth0 is LAN, eth1 is Internet with static IP.

If you just want to join the networks, you don't even really need to NAT.

#iptables-restore iptables.rules

*nat

:PREROUTING ACCEPT [0:0]

:POSTROUTING ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1

COMMIT

*filter

:INPUT DROP [0:0]

:FORWARD DROP [0:0]

:OUTPUT DROP [0:0]

-A INPUT -j ACCEPT

-A OUTPUT -j ACCEPT

-A FORWARD -j ACCEPT

COMMIT

Now getting fancier, this logs all traffic but doesn't drop anything (still a "default deny" policy)...

*nat

:PREROUTING ACCEPT [0:0]

:POSTROUTING ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1

COMMIT

*filter

:INPUT DROP [0:0]

:FORWARD DROP [0:0]

:OUTPUT DROP [0:0]

-A INPUT -j LOG --log-prefix "Bad input "

-A INPUT -j ACCEPT

-A OUTPUT -j LOG --log-prefix "Bad output "

-A OUTPUT -j ACCEPT

-A FORWARD -j LOG --log-prefix "Bad forward "

-A FORWARD -j ACCEPT

COMMIT

And here's an example of something really restrictive, forwards only web traffic from the LAN...

*nat

:PREROUTING ACCEPT [0:0]

:POSTROUTING ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A POSTROUTING -o eth1 -j SNAT --to-source 123.221.123.1

COMMIT

*filter

:INPUT DROP [0:0]

:FORWARD DROP [0:0]

:OUTPUT DROP [0:0]

-A INPUT -i eth0 -j ACCEPT

-A INPUT -j LOG --log-prefix "Bad input "

-A OUTPUT -o eth0 -j ACCEPT

-A OUTPUT -j LOG --log-prefix "Bad output "

-A FORWARD -s 192.168.1.0/255.255.255.0 -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT

-A FORWARD -s 192.168.1.0/255.255.255.0 -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT

-A FORWARD -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT

-A FORWARD -j LOG --log-prefix "Bad forward "

COMMIT

[Iptables Question]

You also need the corresponding routes that would enable the network traffic to go to the right places, I would assume.

Let's see the output of your # route -n

[Why I'm happy with Linux instead of windows sometimes]

Browse as a limited user account. On my home windows boxes I create 2 users. One admin, one limited, and a warning page if you try to open the browser on the Admin account.

[Cats vs. Dogs]

I have a strong opinion about this.

Dogs need a lot of social attention, more than most humans can give them. So consider that as a factor. They are basically wired to be pack animals, and always need reinforcement from the pack leader, which is you. They can't daydream like humans, read books, watch TV, play video games, etc for entertainment.

That's why when you leave them alone, chained, or caged without a place to explore or roam, it's like putting them into a prison of their own mind of desperate boredom and loneliness.

Cats on the other hand, don't care. They are "pride" animals, so if you want, get 2 cats, preferably same gender from the same litter, so they won't get territorial and "mark" their territory if you know what I mean. They'll entertain each other while you are gone.

[Decrypt Windows XP files encrypted with EFS]

Encryption is meant to keep people out of your data. It works well.

[what is the best liux to use on a pc and on note book would love to here from all your point a views]

Ubuntu is probably the best distro to start with, simply due to its relaxed attitude towards proprietary drivers and the fact that it puts ease of use over ideological commitments. However this is a double-edged sword, as you will not learn as much as you would from a distro with a steeper learning curve. If you just want a free OS that works, then use it. But if you want to learn linux then look at something like debian instead.

I always like to pick the distro with the biggest user base, since Linux support is entirely driven by the user community. Since Ubuntu is based on Debian, you get double the pleasure, double the fun. At work I run Debian, and Ubuntu on the desktop.

[Have you ever pirated anything?]

I prefer to think that piracy is only a crime if you are profiting off the work of others without paying them their due.

Copyright laws would disagree with that statement, but I feel my philosophy better holds up to ethical boundaries concerning the power of information and the freedom of knowledge for the human race.

[Can Games Become 'Virtual Murder?']

I would say that no matter how realistic the graphics get, virtual murder will never have the impact of real murder on your psyche because there is little to no loss involved, and you don't feel the physical sweat of doing the manual work yourself.

But in the end it's all about loss. You only have one life, and if you committed a real murder, your empathy for the impact of that situation would lend the gravity of morality that the situation needs.

[Anyone have any awards that they are really proud of?]

Won a 5 ball endurance juggling contest twice. :)

[got a question]

The main problem is probably the software installed on the web server and not really the network.

That's a good question, what do you do if you have a user that is installing a bunch of insecure crap on his web site? Like old versions of phpBB and Wordpress and such?

[Desktop Support stories]

I had an incident where an office called me up on their cell phones and said the following...

"Our power is out, what should we do with our computers?"

Apparently the power was out for a whole section of their town.

I told them to patiently wait for the power to return.

[IDS IPS - they exist but who really uses them ?]

Where I work, we run SNORT, but I swear it's voodoo magic. Sometimes it works, sometimes it doesn't. I would love to know more about it, but the online docs I've read are just not that engaging. I've tried binary mode logging, all that crap.

I'd say it has about a 35% accuracy monitoring on my 100mbit connection. It'll catch things if they're repeated, but if they only hit once, it's usually a no-go.

And it's noisy, I have to shut off about 50% of its detection rules just to make it worth running. False positives up the wazoo.

[May Desktops]

The Macbook...

[Etherneting house value increase]

Only if the buyer is also geek, and you put in fiber.

[iWork '09]

I use vi and sometimes vim. or #echo "" >> output.fil

[Windows, Linux, Or Mac? (NO FLAMEZ PLZ!)]

For me, there's only one law. That law is software.

Macs can run more software than PCs, because they are PCs (can run windows, *nix, etc) and also Macs. So the "Mac Tax" as you would call it, enables you to run almost any software on the planet made for a desktop computer.

QFT.

[How many 'puterz have you guys hacked]

RISC is good.

[Post your favourite Hacking/Security/Mod/Torrent/Other website that you like]

Great sites. Add...

http://www.newzleech.com/ - nzb search engine for all you Usenetophiles. Please don't DoS This.

http://www.milw0rm.com/ - 0days

http://www.us-cert.gov/current/ - lowest hanging fruit paid for by US tax dollars.

http://www.schneier.com/blog/ - Bruce Schneier's Blog

Edit, add...

http://www.metasploit.com/ - this should be obvious

http://sectools.org/ - top 100 security tools.

[Wifi drop's at random intervals]

I have this issue with my old Linksys wifi router. Has anyone used a router that's completely rock-solid that they could recommend? It might be worth the extra bucks for a more reliable connection.

[What would your "ultimate setup be"]

Local Usenet Mirror, with 100 day retention. Probably need a very high-speed connection to an internet backbone for faster mirroring. Storage goes without saying. Gig ethernet with lots of hardwire links locally.

Then add a nice recording studio setup for fiddling around with electronic music for months on end. Probably 4-5 iMacs, loaded with software like Pro-Tools, Logic Pro, Ableton Live, Reason, Cubase, and 20-30 of the best hardware synths money can buy, not to mention CDJs, and mixers to play with other peoples tracks.

HI-FI Digital monitoring/Home theater audio setup goes without saying.

I'm going to need one of those multi-touch tables from Microsoft, and top of the line digital photography and video equipment along with some Runco 1080p projectors.

I'll also need a render farm to encode all the 1080p video I take from my many trips to the edges of the earth. An IBM System Z mainframe should be sufficient.

Out back I'm going to need a large RTG (radioisotope thermoelectric generator) to use as a power source.

This setup will be located on the big island of Hawaii, with a fiber link to the Keck observatory for some midnight star gazing. I also require hard links into CIA and NSA databases so I can do background checks on the people that I meet, or research on political issues around the world.

Hm, well I guess that's a start.

[Mags like Phrack]

Not really an e-zine, but I contend that 2600 magazine still qualifies as good infotainment.

http://www.2600.com/

[iptables help 2.0]

I think you might be missing something.

I assume the ppp0 interface has some kind of a default gateway for the next hop? What is it? networks usually set up like...

LAN Workstations   -> Firewall
192.168.1.12              eth0 (192.168.1.1)
192.168.1.10              eth1 (197.98.1.22) -> router gateway (197.98.1.1)
192.168.1.11              ppp0  (10.33.44.22) -> dialup gateway (10.33.44.1)

So if I want the workstation 192.168.1.12 (on the LAN) to use the dialup interface as its gateway I'd add a line on the firewall like...

# route add -host 192.168.1.12 gw 10.33.44.1

Come to think of it, you'll probably have to do a NAT on that interface too. Something like...

# iptables -A POSTROUTING -o ppp0 -j SNAT --to-source 10.33.44.22

Then you'd want to allow all the traffic like...

iptables -A FORWARD -s 192.168.1.12 -i eth0 -j ACCEPT

iptables -A FORWARD -d 192.168.1.12 -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT

These are just examples mind you, so insert your own IPs instead of mine, don't type them verbatim.

route add -host 192.168.1.12 gw <insert the IP of the default gw of ppp0 here> fails...

with that 192.168.1.12 can't even access 192.168.1.1