garry_g (106621) writes "Going through my bi-yearly Windows re-install, I was wondering what Firewall solutions could be recommended... for the last couple years, I've been using the free Ashampoo Firewall, which has served me (and my requirements) pretty well, especially with being able to control which applications are allowed to connect out. Anyway, being a *ix-guy in heart, I miss the configurability of stuff like iptables. I.e., allowing not only whether an app can connect to a server at all, but rather allowing it on a destination IP range/network.
Any suggestions? Freeware/open source preferred, but if quality and abilities warrant it, a commercial solution is also acceptable..." top
garry_g (106621) writes "As of this morning around 2AM GMT, IDS, Firewalls and trusty DenyHosts have been running like crazy with a large-scale distributed SSH attack across our networks (/16,/19, several/24), albeit only the IPv4 part of it...
It is centrally controlled, as one can see from the nice alphabetically increasing usernames attempted...
Dec 27 10:55:50 mx sshd: Invalid user rhiannon from::ffff:126.96.36.199 Dec 27 10:58:58 mx sshd: Invalid user rhodes from::ffff:188.8.131.52 Dec 27 11:01:35 mx sshd: Invalid user rhona from::ffff:184.108.40.206 Dec 27 11:03:49 mx sshd: Invalid user rhonda from::ffff:220.127.116.11 Dec 27 11:05:34 mx sshd: Invalid user rhonda from::ffff:18.104.22.168 Dec 27 11:06:17 mx sshd: Invalid user rhoslyn from::ffff:22.214.171.124 Dec 27 11:08:03 mx sshd: Invalid user rhoslyn from::ffff:126.96.36.199 Dec 27 11:08:56 mx sshd: Invalid user rhoswen from::ffff:188.8.131.52 Dec 27 11:12:37 mx sshd: Invalid user rhys from::ffff:184.108.40.206
Now, I'm pretty much used to zombie (D)DoS/Scan/Spam from Windows machines, but what I'm worrying about is the large number (if not all) of the initiating hosts are Linux based. Though only conducting some random probes to some of the machines attempting logins, of which some weren't scannable, the ones I could reach had at least SSH ports open, others were listed by NMAP with a whole variety of open ports. No definite ID on the systems I attempted to identify with NMAP, though the list always had Linux systems in it...
Are we at the dawn of a wide-spread 0day exploit for Linux systems? Are Botnets moving from Windows to Linux?" top
garry_g (106621) writes "The infamous german lawyer Günther Freiherr von Gravenreuth, known since the times of C64 and other home computers for his dubious legal procedings against minors, has been sentenced to jail time without probation by a german court.
In 2006, he sued the german news magazine "TAZ" for UCE mails he was receiving — in fact, the mails in question were double-opt-in requests. The first court confirmed his claims and forbid the magazine to send any further mails (this court decision was later overturned by the next court); also, they had to cover court and lawyer cost of approx. $750, which they paid. Shortly after, Gravenreuth seized their main domain, taz.de, advertised that act on his homepage, and tried to auction it off, claiming he never received the payment.
In a court-ordered search, documents were found at his office that proved he had received the money after all. In court, Gravenreuth claimed his written statement of not having received the payment were based on both the "chaos" in his office as well as insufficient knowledge of legal procedings (!)
Gravenreuth earned his reputation with German Computer enthusiasts' in the early 80s by countless dubious cases in which he "supposedly" tricked children and teenagers in sending out copied games and programs in reply to letters written by a "poor young girl" looking for some programs. Once the victims did, he followed up with a bill and threat to sue for copyright violations.
In other cases, he (ab)used the German legal system with cease-and-desist orders (with attached bills) for abhorent amounts of money, based on him being the legal defender for trade mark owners, e.g. when he went against the "Rainbow BBS", claiming they could be mistaken as operated by Rainbow Arts.
In newer history, he had already been sentenced for 60 cases of document forgery, which was the basis for the sentence being without parole. To quote the judge: "Public has to be defended from you".
garry_g (106621) writes "After running Windows on my workplace boxes for way too long due to certain requirements (Lotus Notes, M$ Office, and the likes), I just got my brand new notebook, which — with a Core2 Duo Processor & 2Gig of ram — I would like to run with Linux as my primary OS. Most Windows requirements I have should be more than covered by installing VMWare, XP & the required apps in the VM. I plan on adding a small (30G) partition for the cases in which I would require to run some high-performance native Windows apps (I know, it's an oxymoron) or something requiring large amounts of memory.
Anyway, I already gave SuSE Enterprise Desktop 10 a try, which seems to have some quirks with the new HW (Dell Latitude D520). Before I go through half a dozen of Distros (Debian, Ubuntu, OpenSuSE,...) — what's your opinion on a decent Linux Distribution for a Notebook?
Please note, I've been using Unix/Linux since something like 1988 (obviously not Linux then, but since Kernel 0.99PL12), so I'm not afraid of getting my hands dirty from some low-level configs and stuff...:) So it doesn't have to be a polished End-User-Only distribution..."