Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Is Enterprise IT More Difficult To Manage Now Than Ever?

dremspider My take on this... (238 comments)

I have been in IT for about 10 years, so I am not sure I am completely qualified to say since forever, but I would say that the issue is we are now competing with cloud providers as to the expectation of our customers. For example, Gmail offers you 15 GBs for free and IT customers wonder why they only have 2GBs at work. Most cloud services have pretty amazing up times, and people wonder why your IT dept. can't do the same thing (no matter how well staffed it is). People are seeing the consuming of resources as free and then trying to IT accordingly.

5 days ago

Why Is It Taking So Long To Secure Internet Routing?

dremspider trust (85 comments)

Most of these solutions require some sort of central authority to manage the security of all the routes. Sounds great until you realize that there is no one that all the users of the Internet can trust. I am not even sure that users can trust their own governments to manage this without exploiting users for the sake of surveillance let alone other countries trust one another. If you can't trust one another the best thing to do is remain insecure but watch each other like hawks for any foul play.

about 3 months ago

Ask Slashdot: Open Hardware/Software-Based Security Token?

dremspider Smart cards work (113 comments)

I have had a smart card setup for a little while. I use it for both OpenVPN and SSH access. I created the card by making my own CA and then using OpenSC to write to the card itself. There are some other cool things you can do like us it for PGP signing. I got a whole kit for about $100 bucks that came with a reader/writer, 2 cards and one USB thing. https://www.opensc-project.org...

about 5 months ago

Buying New Commercial IT Hardware Isn't Always Worthwhile (Video)

dremspider Re: Slashvertisement? (92 comments)

Is it really still like this? I remember this was an issue 8 years ago... I would have never thought it was still like this.

about 5 months ago

In a Hole, Golf Courses Experiment With 15-inch Holes

dremspider Re:Expensive Middle Class Sport Losing Patrons (405 comments)

BS... for one thing you can get into cycling paying from the $800 - $1200 range and get a pretty decent setup. Even if you spend more (in the $2-3000 dollar range) you can get a really nice set up. Of course if you wanted to buy a used bike then all these numbers would drop. If I bought cheap used clubs for $200 (not really fair because I am looking at crappy used clubs vs. a decent bike). The cost of entry would be lower, BUT you are forgetting one very important thing. I can use my bicycle as must as I want for free after that initial cost. Golfing costs me money every time I want to go play ranging from $8-10 to hit golf balls to $40+ to actually play at a real course. A well maintained bicycle will last at least 8 years even riding it pretty hard.

Fixed costs
$2000 for bike
$300 for clothes, shoes
Annual costs
$200 for maintenance (if you are able to do it on your own this would come down)
5 year total cost = $3300

Fixed costs:
$200 for used golf clubs just to go with your scenario
Annual Costs:
$750 for 15 rounds of golf at $50
$240 for 30 set of balls at a driving range $8
5 Year total cost : $5150
Keep in mind that with bicycling I can ride 3+ times a week. I would also argue that cycling is a better workout as well. Your crazy contrived situation is absurd. I am in a group with a number of people and all their bikes range from $600 to maybe $2000. Some of the bikes are well over 15 years old and none of us really care. The only reason you need to spend that much is if you are a) a professional or b) need to keep up with the Joneses.

about 8 months ago

Ask Slashdot: System Administrator Vs Change Advisory Board

dremspider Get a vulnerability scanner (294 comments)

Buy something like Tenable Nessus or Rapid7. Make reports very easy and works across Windows, Linux, Cisco, etc. If you get Security Center it will track changes over time and you can see trends over time with patching.

about 8 months ago

Interview: Ask Theo de Raadt What You Will

dremspider Any plans of getting a proper auditing daemon? (290 comments)

I know there is systrace, but that really isn't what I am looking for. Will there be plans to have a proper auditing daemon be able to monitor system calls in a log file? Being security centric, I would think this would be something high on the list. I know it puts a lot more load on the system and may be difficult for smaller systems, but auditd logs are considered good practice in Linux and FreeBSD. Any chance this will make it into OpenBSD at some point?

about 9 months ago

FreeBSD Developers Will Not Trust Chip-Based Encryption

dremspider Re:Wise (178 comments)

Oh ye wise and knowledgeable anonymous coward. Pray tell how would like them to store the key to verify the server on another system? If they break into your system as root who the heck cares that they can now masquerade as your system? They already have access to YOUR system so what more damage can they do by man in the middling you as well? Tell us what you would do to fix it and what benefit it would provide.

1 year,5 days

If You Want To Code From Home, Learn JavaScript

dremspider Re: Or properly learn C++, move to DC (152 comments)

$120K is also an exaggeration. Very few people are making that kind of money in DC. *Source: I have been working in the area for a number of years.

1 year,22 days

Ask Slashdot: Best SOHO Printer Choices?

dremspider Re:laser all the way (381 comments)

With my family it was the opposite. We printed so little that all our cartridges would dry up. The cartridges generally only last about a year assuming you don't use them up before that so we would print maybe 100 pages/year and then need to buy $70 worth of cartridges which comes to $.70 per page. An outrageous amount.
With toner I bought an all in one networked with a duplexer (black and white) for $150 and the starter cartridge will probably end up lasting us years therefore in a little over two years the printer will pay for itself. I can get refilled cartridges for about $30 that supposedly last 3K pages. Even if I buy the OEM cartridges that last 3K pages I will probably never have to buy a cartridge again at our current rate of printing before the printer breaks.

about a year ago

Ask Slashdot: Best SOHO Printer Choices?

dremspider I have an older one of these... (381 comments)

Canon All in one. The printing works easily in Linux. You install a driver and it just works in Ubuntu. I never got the network scanning to work in Linux though. Works well in Windows as well. I don't use the wireless option (it is hard wired into my network). I have heard people complain about the wireless strength in reviews. http://www.amazon.com/Canon-imageCLASS-MF4890dw-Wireless-Monochrome/dp/B008YD1V76/ref=sr_1_2?ie=UTF8&qid=1382541608&sr=8-2&keywords=canon+all+in+one+laser+printer

about a year ago

Book Review: The Practice of Network Security Monitoring

dremspider Re:Pay Attention To Your Network! (15 comments)

I personally have an oscilloscope hooked up to my network as an IDS. I have been staring at it for 3 days straight now as my co-worker has been off. Still haven't seen any computer attacks yet, but I will be ready!

about a year ago

Tiny $45 Cubic Mini-PC Supports Android and Linux

dremspider Re:smaller isnt always better (197 comments)

You can connect into the serial port (same cable as most phones use) and then use putty to serial in on the 2 higher end devices. It is very nice and works well. You can also use SSH once it is all set up. I have the older unit.

about a year ago

Tiny $45 Cubic Mini-PC Supports Android and Linux

dremspider Some insight into their prior unit. (197 comments)

I have their older 700MHz unit (single core) 2 GB of memory I bought not too long ago (of course, that is how it always works). So far the unit has actually exceeded my expectations and is a lot of fun to play with. For me I wanted something that I could install Kali Linux on (the successor to Backtrack Linux) to do some simple type attacks on a network (I teach part time at a community college an information security class). First what I don't like: The shipping comes for Isreal. The price of shipping is $30 which raises the cost of the product. That they came out with a new one shortly after I already bought one that includes a lot of features I wanted. What I like: Gigabit ethernet They have this thing called u-boot which is pretty slick. You stick a file on a usb memory stick and stick it into the top USB port. Connect the ethernet and then boot up and it asks you what OS you want to install. You can select Ubuntu, Opensuse, Fedora, XBMC and a bunch more and it just installs them to the SD card. Very slick. It has the ability to serial into the unit so you don't have to set up a mouse, keyboard and monitor to install OSes. Works in Linux and Windows (with putty fine). I can then do SSH X forwarding really easy from the network if you want a GUI. I have been able to run a slew of python things on it and the performance is reasonable. I really have been having fun with it.

about a year ago

Amazon Angling For Same-Day Delivery Beyond Groceries

dremspider Re:Maybe they deserve it (193 comments)

My favorite example of this is Best Buy. Best Buy online now has prices that sometimes beat Amazon, particularly on games but their stores do not. I went online and saw Best Buy had and item for $30. Went to the store and it was $40. I was then told that Best Buy doesn't price match their own website, wtf? So from my phone, I ordered it and did the pick up from store option. Told the person that I got it online and they went back retrieved the item for me and I walked out paying $10 less.

about a year ago

T-Mobile Wi-Fi Calling Was Vulnerable to Trivial MITM Attack

dremspider Of course.. (24 comments)

This vulnerability is in a TON of software. Python 2.X (which most people are still using) doesn't even allow you to verify the CN without adding a bunch of code to make it happen yourself. http://bugs.python.org/issue1589 Most APIs allow you to do it both ways, but I think it is time that they stop making it optional. If you want to use SSL, use it properly otherwise it isn't worth wasting your time with it.

about a year and a half ago



Decreasing cost of IT in the Federal Government.

dremspider dremspider writes  |  more than 5 years ago

dremspider writes "How the federal government could save money on IT by increasing collaboration of federal agencies through Open Source. By requiring agencies to open source their products it will be possible to quickly lower costs across the board for all agencies. This details why the government needs to be considering opening up their applications."
Link to Original Source

A technical career in information security?

dremspider dremspider writes  |  more than 5 years ago

dremspider writes "I have been working as the life as a System Administrator since getting my undergrad degree for a few years. I really enjoy what I do and I like the hands on life of being an SA. I have been enrolled in a Information Security Masters which I attend part time. The master's is very technical (under the CS dept.) with a lot of programming. The problem I have is a lot of jobs I have been seeing in security seem to be more managerial/pencil pusher. My question is if I want to remain technical will I do better not continuing to pursue a degree in Information Security?"


dremspider has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?