[opensuse] RE:Back Door Prosiak client connection in Linux
Can anyone out there tell me what is a Prosiak Back-door connection in Linux. This is a copy of the first IDS connection which I think is only applicable to Unix/Linux Thanks Scott -------- Original Message -------- Subject: Alert from EventLog Analyzer : IDS03 | 192.168.1.1 | EFW Date: Wed, 13 Jun 2007 12:45:49 +1000 From: secure@aphofis.com To: secure@aphofis.com Host : 192.168.1.1 Application : EFW Time Generated : Wed Jun 13 12:45:28 2007 Criticality : High Number of Occurances : 1 Message : EFW: IDS: prio=3 rule=Http_in action=closing_connection reason=intrusion_detected description="Prosiak client connection attempt" signature="2361:Backdoor Prosiak" idrule="Http_in" srcip=220.229.166.247
On Wednesday 13 June 2007 15:46, Registration Account wrote:
Can anyone out there tell me what is a Prosiak Back-door connection in Linux. This is a copy of the first IDS connection which I think is only applicable to Unix/Linux
From what I can tell from Google searching (ahem), this is an exploit to which only Windows is susceptible. It appears to be somewhat of an old one, at that, dating back to 2005 in its latest version.
Thanks
Scott
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks randall, I should have worked that out for myself. I was browsing and downloading files from dell.com for a troublesome dell PC (No surprises there, as I have never found 1 dell PC that comes close to being 100% IBM compatible - due to their amazing number of BIOS/Chipboard drivers which are needed) and I received a latter response, indicating the Network had been compromised( immediate Internet connect to network shut-down) from an IP in .TW, the whole range I have now placed on reject RTS to any packet from 143.166.0.0/16) I had completely forgotten my 1 Windows XP running PC on the network. Its the last one to await conversion due to internal issues. ALL staff have had ALL user passwords changed and the Windows XP was found with a little bit of nice spyware it is the very nasty and hard to get rid of 'DSO Exploit' I have changed the Windows XP user to a limited user until I can change the O/S Regards Scott P.S So do any other Windows users think they are safe??? My Network is a secure as a Bank and this hacker was still able to compromise 1 windows system. Randall R Schulz wrote:
On Wednesday 13 June 2007 15:46, Registration Account wrote:
Can anyone out there tell me what is a Prosiak Back-door connection in Linux. This is a copy of the first IDS connection which I think is only applicable to Unix/Linux
From what I can tell from Google searching (ahem), this is an exploit to which only Windows is susceptible. It appears to be somewhat of an old one, at that, dating back to 2005 in its latest version.
Thanks
Scott
Randall Schulz
On Wednesday 13 June 2007, Registration Account wrote:
I have never found 1 dell PC that comes close to being 100% IBM compatible -
Not surprising, since IBM does not make PCs. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John are probably be too young to recall the first Personal Computer was released in the form of PS2 - with advanced architecture called micro channel. The because the standard that all clone PC's were designed around. In the early days Clone PC were always boasting as being 100% IBM computable. In those days all code was written to comply with an IBM PC and later with the clones becoming 100% computable. I those days we had PC DOS and there were separate versions for a 8088 and 8086 processor. MS-Dos became the most prolific version of DOS when the Microsoft made significant advertising showing that WINDOWS v2.X would only run IBM or PC DOS. Yes they sell PC's http://www-304.ibm.com/jct03004c/businesscenter/smallbusiness/us/en/product and I have worked in IBM ships were that hardware including the Mainframe was IBM - and IBM invented token ring Scott John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
I have never found 1 dell PC that comes close to being 100% IBM compatible -
Not surprising, since IBM does not make PCs.
On Wednesday 13 June 2007, Registration Account wrote:
John are probably be too young to recall the first Personal Computer was released in the form of PS2 -
Thank you (I think) for chopping 30 years off my age. As I recall, the PS2 was at least the third generation of IBM PCs. There was the PC, the AT, and then some time later came the PS2, an roaring piece of crap if ever there was one. The original PCs and ATs were built like tanks, and I still have the IBM AT bios manual.
Yes they sell PC's http://www-304.ibm.com/jct03004c/businesscenter/smallbusiness/us/en/product
They still sell servers, and they pretend to sell high end workstations. But they sold the PC business to Lenovo. -- _____________________________________ John Andersen
John Andersen wrote:
The original PCs and ATs were built like tanks, and I still have the IBM AT bios manual.
Yes they sell PC's http://www-304.ibm.com/jct03004c/businesscenter/smallbusiness/us/en/product
They still sell servers, and they pretend to sell high end workstations. But they sold the PC business to Lenovo.
I recently purchased an IBM Netfinity X232 server, for $150 (CDN). It's also built like a tank. I've got SUSE 10.2 on it. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 13 June 2007, Registration Account wrote:
and IBM invented token ring
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP. -- _____________________________________ John Andersen
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
and IBM invented token ring
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
You are mixing your physical, datalink and transport layers up! You could do TCP/IP networking on Token Ring (802.11 SNAP framing if memory serves me correctly). Physical layer did have some rather annoying structural limits however (but nothing that serious). Damn site more secure than ethernet, physical packet addressing was a characteristic of the datalink layer (one needed a special promiscuous token ring card to access traffic not intended for the card). At that time with a 4/16Mb bandwidth range, dual ring tolerance (you had to chop the cable twice to break the ring) and a very stable loading characteristic, it was a faster and more reliable option than ethernet at a max of 10Mbs. Token Ring networks only tended to slow down when all tokens were in use, whereas for ethernet because of contention issues the only time you are likely to use the full bandwidth was if you have only two machines on the line working in duplex. One or two machines can flatten a whole segment, something that impossible with token ring. Variants of the technology are still in use high speed backbones. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGcQB/asN0sSnLmgIRAtXGAKCLpF7Dn4jKEo49vmjGFpJfXvloUACeI3vg Bzsk4tf6JkzzGc+6m+mfAXs= =fx2u -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
G T Smith wrote:
At that time with a 4/16Mb bandwidth range, dual ring tolerance (you had to chop the cable twice to break the ring) and a very stable loading characteristic, it was a faster and more reliable option than ethernet at a max of 10Mbs. Token Ring networks only tended to slow down when all tokens were in use, whereas for ethernet because of contention issues the only time you are likely to use the full bandwidth was if you have only two machines on the line working in duplex. One or two machines can flatten a whole segment, something that impossible with token ring.
Variants of the technology are still in use high speed backbones.
http://www.cse.wustl.edu/~jain/cse473-05/ftp/i_9lan/sld015.htm ;-) -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Knott wrote:
G T Smith wrote:
<snip>
at a max of 10Mbs. Token Ring networks only tended to slow down when all tokens were in use, whereas for ethernet because of contention issues
<snip>
http://www.cse.wustl.edu/~jain/cse473-05/ftp/i_9lan/sld015.htm ;-)
Very nice.... :-) I was oversimplifying a tad bit... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGcTPVasN0sSnLmgIRApHcAKDvxqknYty604BVbal0Us67BU7VggCfU1YT WyjGoQfAAttIEwk1KS4xYDg= =s2iq -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
TCP/IP I am sorry will go down in history as the most insecure and worst collection of protocols ever conceived. The origins of TCP/IP are well know as it was created by the US Government and bell Labs in 1979. It was to provide a vehicle that could network US Military missile silos and internal comms. It was abandoned because the protocol was subject to potential abuse and not considered a secure comms protocol. I think you need to have a look at the beginnings of TCP/IP and realise why is was dumped. http://64.233.167.104/search?q=cache:CCf8DOW0v1QJ:csrc.nist.gov/publications/secpubs/ipext.ps+tcp/IP+fails+bell+labs&hl=en&ct=clnk&cd=5&gl=au&client=firefox-a But so much money was spent on development, Microsoft saw an instant market for its use. TCP/IP because of its flexibility provided the vehicle for the world wide web which was essentially meant to transfer information. As the web grew the issues of innate design flaws in the protocol needed patching up to provide HTTP/SSL. It is important to realise that the TCP/IP fundamentally failed as a secure comms transport because of the ability for an intermediate intercept being not only able to join the a data stream from A - B, but more over was capable of permitting a third party to escalate their own authority, despite not being a part of the communications from A - B. In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked. You will recall the latest computer fraud in the USA where a merchant lost over 200.000 customer credit details etc. http://www.merchantaccountblog.com/archives/268 http://www.google.com.au/search?q=data+loss++in+us+merchant+in+2007&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a ALL government Mainframes and law enforcement use SNA here and we are not about to dup it in the short term. We don't have Data high jacking in this country as a result. With respect to token ring - Do not dismiss the topology as it is capable of carrying many transport layers. The issues of speed that have been tanked about are wrong. Token ring submits 1 token at a time - It does not use multiple tokens. The topology is dependant on the speed it takes from 1 token to pass the logical LAN with many Lans coming from different routers (not MAU's). Speed issues have improved out of sight since original design. The major issue early on was that the cable that token ring requires is as expensive as hell, Unshielded twisted pair is a cheap as chips. http://www.google.com.au/search?q=token+ring+multiple+protocols&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a Scott ;-) G T Smith wrote:
John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
and IBM invented token ring Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
I'm not quite sure where to start, but there are a lot of errors in your message. Registration Account wrote:
TCP/IP I am sorry will go down in history as the most insecure and worst collection of protocols ever conceived.
Some protocols aren't that great. Others are fine and some have been fixed.
The origins of TCP/IP are well know as it was created by the US Government and bell Labs in 1979. It was to provide a vehicle that could network US Military missile silos and internal comms.
It was developed on behalf of DARPA, a defence dept research organization as a result of investigations into robust networks that could survive a fair amount of damage. It was initially used to link the military and research institutions, such as universities.
It was abandoned because the protocol was subject to potential abuse and not considered a secure comms protocol.
I think you need to have a look at the beginnings of TCP/IP and realise why is was dumped. http://64.233.167.104/search?q=cache:CCf8DOW0v1QJ:csrc.nist.gov/publications/secpubs/ipext.ps+tcp/IP+fails+bell+labs&hl=en&ct=clnk&cd=5&gl=au&client=firefox-a
That article was written 14 years ago. A lot has happened since then. Some of the things it discusses have been replaced by more secure methods, such as the "r" commands with secure shell etc.
But so much money was spent on development, Microsoft saw an instant market for its use. TCP/IP because of its flexibility provided the vehicle for the world wide web which was essentially meant to transfer information. As the web grew the issues of innate design flaws in the protocol needed patching up to provide HTTP/SSL.
MS initially resisted it and Windows 95 was originally planned to not use it. It was only after many other companies started adopting it, that MS did as well. For example, OS/2 had it included with Warp 3, which was released in 1994, more than a year before Windows 95. Novell was also starting to work with it then too.
It is important to realise that the TCP/IP fundamentally failed as a secure comms transport because of the ability for an intermediate intercept being not only able to join the a data stream from A - B, but more over was capable of permitting a third party to escalate their own authority, despite not being a part of the communications from A - B.
In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked. You will recall the latest computer fraud in the USA where a merchant lost over 200.000 customer credit details etc.
http://www.merchantaccountblog.com/archives/268 http://www.google.com.au/search?q=data+loss++in+us+merchant+in+2007&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
ALL government Mainframes and law enforcement use SNA here and we are not about to dup it in the short term. We don't have Data high jacking in this country as a result.
With respect to token ring - Do not dismiss the topology as it is capable of carrying many transport layers. The issues of speed that have been tanked about are wrong. Token ring submits 1 token at a time - It does not use multiple tokens. The topology is dependant on the speed it takes from 1 token to pass the logical LAN with many Lans coming from different routers (not MAU's). Speed issues have improved out of sight since original design. The major issue early on was that the cable that token ring requires is as expensive as hell, Unshielded twisted pair is a cheap as chips. http://www.google.com.au/search?q=token+ring+multiple+protocols&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
Ethernet also used fairly expensive cable initially. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Dear James, Yes we both know that improvements have been made and you have indicate a great knowledge of the groups of protocols we know as TCP/IP. I agree we have made inroads since the early inception of the protocols - however you understand that - Particularly Windows relies on the ability we have within the protocol for escalation of authority which we can never fundamentally change as we are dependant on this at the Client PC - The main issue in this article is the ability to escalate authority - Yes I agree with you HTTP/SSL where we can dump 'r' commands. With your obvious knowledge I think you will agree that our only escape from the innate issues about the protocol are solved with TCP/IP V6. You know as well as I do that the world root servers run TCP/IP V6. The issues of escalation have been dealt with in V6 - however would wide adoption of V6 at the client end will take decades. WE with Suse Linux attribute our security because it runs on V6. There is mass translation in the product as you well know and if you run your own DNS server, any enquiry made to a another DNS server; if it can communicate by V6 IT WILL. This is very easy to see when you look at a real time log of the DNS server created in a Suse Linux platform. Its not had to log all activity into the system log and view it. Thank you for bringing sensible and constructive conversation about comms issues. It is nice to be able to discuss comms with another who has an understanding of its role. Have a great Day James Scott ;-) James Knott wrote:
I'm not quite sure where to start, but there are a lot of errors in your message.
Registration Account wrote:
TCP/IP I am sorry will go down in history as the most insecure and worst collection of protocols ever conceived.
Some protocols aren't that great. Others are fine and some have been fixed.
The origins of TCP/IP are well know as it was created by the US Government and bell Labs in 1979. It was to provide a vehicle that could network US Military missile silos and internal comms.
It was developed on behalf of DARPA, a defence dept research organization as a result of investigations into robust networks that could survive a fair amount of damage. It was initially used to link the military and research institutions, such as universities.
It was abandoned because the protocol was subject to potential abuse and not considered a secure comms protocol.
I think you need to have a look at the beginnings of TCP/IP and realise why is was dumped. http://64.233.167.104/search?q=cache:CCf8DOW0v1QJ:csrc.nist.gov/publications/secpubs/ipext.ps+tcp/IP+fails+bell+labs&hl=en&ct=clnk&cd=5&gl=au&client=firefox-a
That article was written 14 years ago. A lot has happened since then. Some of the things it discusses have been replaced by more secure methods, such as the "r" commands with secure shell etc.
But so much money was spent on development, Microsoft saw an instant market for its use. TCP/IP because of its flexibility provided the vehicle for the world wide web which was essentially meant to transfer information. As the web grew the issues of innate design flaws in the protocol needed patching up to provide HTTP/SSL.
MS initially resisted it and Windows 95 was originally planned to not use it. It was only after many other companies started adopting it, that MS did as well. For example, OS/2 had it included with Warp 3, which was released in 1994, more than a year before Windows 95. Novell was also starting to work with it then too.
It is important to realise that the TCP/IP fundamentally failed as a secure comms transport because of the ability for an intermediate intercept being not only able to join the a data stream from A - B, but more over was capable of permitting a third party to escalate their own authority, despite not being a part of the communications from A - B.
In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked. You will recall the latest computer fraud in the USA where a merchant lost over 200.000 customer credit details etc.
http://www.merchantaccountblog.com/archives/268 http://www.google.com.au/search?q=data+loss++in+us+merchant+in+2007&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
ALL government Mainframes and law enforcement use SNA here and we are not about to dup it in the short term. We don't have Data high jacking in this country as a result.
With respect to token ring - Do not dismiss the topology as it is capable of carrying many transport layers. The issues of speed that have been tanked about are wrong. Token ring submits 1 token at a time - It does not use multiple tokens. The topology is dependant on the speed it takes from 1 token to pass the logical LAN with many Lans coming from different routers (not MAU's). Speed issues have improved out of sight since original design. The major issue early on was that the cable that token ring requires is as expensive as hell, Unshielded twisted pair is a cheap as chips. http://www.google.com.au/search?q=token+ring+multiple+protocols&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
Ethernet also used fairly expensive cable initially.
On Thursday 14 June 2007, Registration Account wrote:
In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked.
Huh? No on line banking in Australia? Could have fooled me. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, June 14, 2007 10:07 pm, John Andersen wrote:
On Thursday 14 June 2007, Registration Account wrote:
In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked.
Huh? No on line banking in Australia? Could have fooled me.
He could be referring to internal. As an example, in order to increase the security (by obscurity) of our voting tally systems, we use Token Ring on all election tally systems. There's only one machine with a token ring/ethernet bridge used to pass data out. Heh - does SUSE support token ring? -- k -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Kai Ponte wrote:
On Thu, June 14, 2007 10:07 pm, John Andersen wrote:
On Thursday 14 June 2007, Registration Account wrote:
In Australia we will NOT use TCP/IP for government or direct Banking requirements. Thats why do don't worry about massive amounts of data being hijacked.
Huh? No on line banking in Australia? Could have fooled me.
He could be referring to internal.
As an example, in order to increase the security (by obscurity) of our voting tally systems, we use Token Ring on all election tally systems. There's only one machine with a token ring/ethernet bridge used to pass data out.
How does that improve security? IP doesn't care what the physical layer is.
Heh - does SUSE support token ring?
While I haven't tried it with SUSE, I have used Linux on a token ring network. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, June 15, 2007 12:09 pm, James Knott wrote:
As an example, in order to increase the security (by obscurity) of our voting tally systems, we use Token Ring on all election tally systems. There's only one machine with a token ring/ethernet bridge used to pass data out.
How does that improve security? IP doesn't care what the physical layer is.
I didn't know they had IP drivers for token ring. We're using some netBIOS sort of thing, AFAIK. As it is, we're being forced by the state to replace it probably. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Kai Ponte wrote:
On Fri, June 15, 2007 12:09 pm, James Knott wrote:
As an example, in order to increase the security (by obscurity) of our voting tally systems, we use Token Ring on all election tally systems. There's only one machine with a token ring/ethernet bridge used to pass data out.
How does that improve security? IP doesn't care what the physical layer is.
I didn't know they had IP drivers for token ring. We're using some netBIOS sort of thing, AFAIK.
You apparently get some layers of the protocol stack mixed up. The drivers are for the specific card, whether ethernet, token ring or other. Unix & Linux systems always support IP, no matter what the network type. Take a look at the ISO network protocol stack some time. While not a perfect match for TCP/IP, it conveys the general idea. The bottom layer is physical, describing cable types etc. Next up is the datalink, i.e. Ethernet, Token Ring etc. On top of that is the network layer, where IP fits. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, June 15, 2007 2:19 pm, James Knott wrote:
I didn't know they had IP drivers for token ring. We're using some netBIOS sort of thing, AFAIK.
You apparently get some layers of the protocol stack mixed up.
OSI layers? Man, I haven't looked at those in years. In any case, TCP/IP is not running on that network. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Kai Ponte wrote:
On Fri, June 15, 2007 2:19 pm, James Knott wrote:
I didn't know they had IP drivers for token ring. We're using some netBIOS sort of thing, AFAIK.
You apparently get some layers of the protocol stack mixed up.
OSI layers? Man, I haven't looked at those in years. In any case, TCP/IP is not running on that network.
No, TCP/IP doesn't run on OSI, but the OSI model is often used to help understand other stacks. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, June 16, 2007 12:29 pm, James Knott wrote:
Kai Ponte wrote:
On Fri, June 15, 2007 2:19 pm, James Knott wrote:
I didn't know they had IP drivers for token ring. We're using some netBIOS sort of thing, AFAIK.
You apparently get some layers of the protocol stack mixed up.
OSI layers? Man, I haven't looked at those in years. In any case, TCP/IP is not running on that network.
No, TCP/IP doesn't run on OSI, but the OSI model is often used to help understand other stacks.
Correct me if I'm wrong - and I know this is going way OT - but ALL transport protocols run in the OSI. AFAIK, layers 3 and 4 define the protocols being used. You're gonna make me break out my books, aren't you?? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 16 June 2007 21:42, Kai Ponte wrote:
On Sat, June 16, 2007 12:29 pm, James Knott wrote:
...
No, TCP/IP doesn't run on OSI, but the OSI model is often used to help understand other stacks.
Correct me if I'm wrong - and I know this is going way OT - but ALL transport protocols run in the OSI. AFAIK, layers 3 and 4 define the protocols being used.
OSI refers to both a reference model and an actual protocol specification. The reference model does not define actual protocols, just an abstract way of organizing them. The rapid rise of the IP-based protocols displaced any widespread implementation or deployment of the OSI protocol suite as well as other such as the Xerox's XNS family. Other protocol families did gain widespread use but are nonetheless now waning. The latter includes those used by NetWare.
You're gonna make me break out my books, aren't you??
Only if you're going to share photos of the steam coming out of your ears... RRS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Kai Ponte wrote:
On Sat, June 16, 2007 12:29 pm, James Knott wrote:
No, TCP/IP doesn't run on OSI, but the OSI model is often used to help understand other stacks.
Correct me if I'm wrong - and I know this is going way OT - but ALL transport protocols run in the OSI. AFAIK, layers 3 and 4 define the protocols being used.
You're gonna make me break out my books, aren't you??
OSI was actually a network standard, that never became popular. While in some respects it's similar to the TCP/IP stack, there are significant differences, particularly at the upper layers. So, bottom line is the OSI model is used to explain the concept of the various levels and then applied loosely to TCP/IP. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2007-06-13 at 23:49 -0800, John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
and IBM invented token ring
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
Token ring is a data link protocol (Ethernet being another), and TCP/IP is a network/transport protocol (ipx/spx, sna, appletalk etc). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2007-06-13 at 23:49 -0800, John Andersen wrote:
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
Token ring was invented in 1960, tcp/ip in the 70's. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGcQ9HtTMYHG2NR9URAlbDAJ0cP8uEnOEtjbhiV06wJti0cAro8ACcDE4H EmKyM0nY7ax8J5NMQttboDg= =+CiA -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Wednesday 2007-06-13 at 23:49 -0800, John Andersen wrote:
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
Token ring was invented in 1960, tcp/ip in the 70's.
Actually, TCP, not including IP predates token ring by almost a decade. The oldest computer network technology that I've worked on is the TDM loops used with the Collins line of computers. These computers were MIL spec versions of IBM gear and were networked back in the mid '60. The networks used time slots, instead of packets to share the cable. The original "TDM" system ran at 2 Mb/s and the later "TDX" loop was 8 Mb/s. The network was connected in a ring or loop. The network used relays to connect devices, such as CPU, tape and disk drives, card readers etc. to the loop. In TDX systems, high speed devices, such as the CPU, tape and disk drives were connected directly to the TDX loop. Lower speed devices were connected to the TDM loop, which in turn, connected to the TDX loop via an interface box. There was also a "loop sync" box, which maintained loop syncronization. Here's a picture of what is in fact the 8401 model of the Collins system, even though it says 8500C. The "CN" referred to in the picture is for Canadian National Railways. I started my career working for their telecommunications division about 35 years ago and work on the 8500C, though occasionally did minor work on the 8500B, along with many other mini-computer types. That picture would have been taken in the office I worked in, but I don't recognize the person in the picture. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Carlos E. R. wrote:
The Wednesday 2007-06-13 at 23:49 -0800, John Andersen wrote:
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
Token ring was invented in 1960, tcp/ip in the 70's.
Actually, TCP, not including IP predates token ring by almost a decade. The oldest computer network technology that I've worked on is the TDM loops used with the Collins line of computers. These computers were MIL spec versions of IBM gear and were networked back in the mid '60. The networks used time slots, instead of packets to share the cable. The original "TDM" system ran at 2 Mb/s and the later "TDX" loop was 8 Mb/s. The network was connected in a ring or loop. The network used relays to connect devices, such as CPU, tape and disk drives, card readers etc. to the loop. In TDX systems, high speed devices, such as the CPU, tape and disk drives were connected directly to the TDX loop. Lower speed devices were connected to the TDM loop, which in turn, connected to the TDX loop via an interface box. There was also a "loop sync" box, which maintained loop syncronization.
Here's a picture of what is in fact the 8401 model of the Collins system, even though it says 8500C. The "CN" referred to in the picture is for Canadian National Railways. I started my career working for their telecommunications division about 35 years ago and work on the 8500C, though occasionally did minor work on the 8500B, along with many other mini-computer types. That picture would have been taken in the office I worked in, but I don't recognize the person in the picture.
Hmmm... I forgot the link. http://216.94.16.48/comm_comp/index_choice.cfm?id=71&photoid=96003559 -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
and IBM invented token ring
Another roaring success story. Gad what a hopelessly complex and expensive network. The sad part is they "invented" it while the unix world was happily running TCP/IP.
You're confusing stack levels. TCP/IP runs fine over token ring as it does over most other network technologies. Also, years ago, token ring had many performance advantages over the ethernet of the day. For example, with ethernet, collisions had a significant limiting effect on usable bandwidth. Token rings are also deterministic, which means you knew the maximum time for the data to be transferred. This is important in some critical situations. The change to ethernet switches eliminated or greatly reduced those advantages. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Registration Account wrote:
John are probably be too young to recall the first Personal Computer was released in the form of PS2 - with advanced architecture called micro channel.
Actually, the PS/2 came later. The first of the "PC" types, was of course the IBM PC, which had an 8088 CPU, running at 4.77 MHz, 16 KB (IIRC) of memory, floppy disks, no hard drive. There was even a cassette port! It was released in Aug 1982. Shortly after, an improved version, the XT came out, which included a hard drive. Next was the AT, which used an 80286 CPU etc. There was also the "Peanut" which was a home version of the PC and didn't do that well.
The because the standard that all clone PC's were designed around. In the early days Clone PC were always boasting as being 100% IBM computable.
In those days all code was written to comply with an IBM PC and later with the clones becoming 100% computable.
I those days we had PC DOS and there were separate versions for a 8088 and 8086 processor.
From a software perspective, there's no difference between an 8088 and
8086. The difference is only in external bus width. Perhaps you're thinking of CP/M, which was originally for the 8080 and Z80 eight bit CPU's.
MS-Dos became the most prolific version of DOS when the Microsoft made significant advertising showing that WINDOWS v2.X would only run IBM or PC DOS.
Yes they sell PC's http://www-304.ibm.com/jct03004c/businesscenter/smallbusiness/us/en/product
and I have worked in IBM ships were that hardware including the Mainframe was IBM - and IBM invented token ring
Actually, IIRC, they got the technology from someone else and then developed it further.
John Andersen wrote:
On Wednesday 13 June 2007, Registration Account wrote:
I have never found 1 dell PC that comes close to being 100% IBM compatible -
Not surprising, since IBM does not make PCs.
-- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Other security issues involved with pre-install Dell Windows XP - Dell PC that have the pre load installed at factory contain a dell login that needs to be disabled, along Ms support Login and anonymous login, these, particular user accounts need to have these accounts disabled. You can only find the existence of these hidden accounts via the use of control panel
Administrative tools >computer Management>users. If you choose to try an add a user you will get a list of inbuilt accounts that should not be added to the default users in computer management, but certainly the default Microsoft "support_38" and Help Assistant.accounts need to be disabled as well as anonymous login - refer to document details below.
The Network compromise was directed as I was downloading a great deal of dell drivers so the assumption is that the user has not disabled the escalated privileged user that default dell installations of Dell XP Include. As audit trails were turned on during the network compromise the hacker attempted to login to the Dell PC with the escalated privileges of inbuilt dell support account, however it has been disabled an can be found in most all newish type of pre installed Dell XP Pro The following document may enlighten you as to the changes from default that ANY XP Pro user needs to understand and execute to safeguard unauthorised access I will leave it up for a while for those who want to take a copy - Its a lot of work as the standard install of Windows XP from original disk does not address many security concerns the O/S has in particular escalation of authority Reading this document may give you some understanding on how much work needs to be done to default install if you site is to be rated as secure via .MIL agencies which fortunately I spend a lot of time on as a consultant to these type articles. http://users.tpg.com.au/adslmi38//winxp-security-nsa.pdf Regards Scott Registration Account wrote:
Thanks randall,
I should have worked that out for myself. I was browsing and downloading files from dell.com for a troublesome dell PC (No surprises there, as I have never found 1 dell PC that comes close to being 100% IBM compatible - due to their amazing number of BIOS/Chipboard drivers which are needed) and I received a latter response, indicating the Network had been compromised( immediate Internet connect to network shut-down) from an IP in .TW, the whole range I have now placed on reject RTS to any packet from 143.166.0.0/16) I had completely forgotten my 1 Windows XP running PC on the network. Its the last one to await conversion due to internal issues.
ALL staff have had ALL user passwords changed and the Windows XP was found with a little bit of nice spyware it is the very nasty and hard to get rid of 'DSO Exploit'
I have changed the Windows XP user to a limited user until I can change the O/S
Regards
Scott
P.S So do any other Windows users think they are safe??? My Network is a secure as a Bank and this hacker was still able to compromise 1 windows system.
Randall R Schulz wrote:
On Wednesday 13 June 2007 15:46, Registration Account wrote:
Can anyone out there tell me what is a Prosiak Back-door connection in Linux. This is a copy of the first IDS connection which I think is only applicable to Unix/Linux From what I can tell from Google searching (ahem), this is an exploit to which only Windows is susceptible. It appears to be somewhat of an old one, at that, dating back to 2005 in its latest version.
Thanks
Scott
Randall Schulz
Geeze, it's so fun to watch a bunch of old guys arguing about whos dick is older. -- In what was destined to be a short-lived spectacle, a chicken, suspended by a balloon, drifted through the Samurai bar's doorway. --Gary Larson San Francisco, CA -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (10)
-
Carlos E. R.
-
G T Smith
-
James Knott
-
John Andersen
-
Kai Ponte
-
M Harris
-
Michael Nelson
-
Randall R Schulz
-
Registration Account
-
rudolf