[CLUE-Talk] What's with Microsoft's upgrade ultimatum?

Wed May 16 08:50:59 MDT 2001

David Anselmi wrote:
> 
> The article mentions .Net technology (which is no doubt going to bring
> eternal bliss to all mankind).  Anyone know what that is?
> 
.Net is the concept of distributed applications.  They reside and
execute partially on the server.  They are delivered in a "byte code"
format, much like Java is.  The intent is to centralize authentication
(Hailstorm) and applications so that upgrades happen for everyone and
therefore everyone has compatible versions, and all of the patches.

There are a couple of downsides:
1)  Hailstorm.  In order for this to work and give all of the goodness
they claim, you will have to trust them with all of your personal
information.  No company gets that from me.  Also because of the central
point of control here, all of the software, even what you write, could
be forced into a subscription model.  You could theoretically be forced
to pay for running software you wrote.

2)  Performance.  The reason Java is having a hard time is that the byte
code model has proven to be a performance killer.  The .Net initiative
will include even lower level languages that have been historically
compiled rather than interpreted for reasons of performance (C, C++)

3)  Network traffic.  Try to tell me that the already overloaded
corporate networks, and your slow little dial-up connection are the
ideal way to get Word off some server every time you want to use it?  I
don't think so.

4)  Java's problems without its solutions.  This will have the problems
of Java (byte code) without its solutions (cross-platform.)  MS claims
that there will be MSIL (MicroSoft Intermediate Language) runtimes for
all platforms, but whay would they do this to help their competitors. 
DOn't bet on it working, and if it does, don't bet on it working well. 
When it works poorly, bet that they will claim that it is because of the
poor quality of the other platforms.

I think that while this has some interesting possibilities in concept,
there are better ways to deliver these promises.  I personally believe
that .Net is doomed to failure, and with Windows XP banking so heavily
on it, I do not know what the future of MS will look like, if it is at
all.

MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15104.1472.843423.651041 at swordfish.havenrock.com>
Date: Mon, 14 May 2001 10:20:16 -0600 (MDT)
From: Matt Gushee <mgushee at havenrock.com>
To: clue-talk at clue.denver.co.us
Subject: Re: [CLUE-Talk] Preventing Hack Attempts before they Happen
In-Reply-To: <F175xRKYblf8nFJ3VTP0000664a at hotmail.com>
References: <F175xRKYblf8nFJ3VTP0000664a at hotmail.com>
Sender: clue-talk-admin at clue.denver.co.us
Errors-To: clue-talk-admin at clue.denver.co.us
Precedence: bulk
Reply-To: clue-talk at clue.denver.co.us

Jim Intriglia writes:

 > course, I can't remember where I saw it. Where can I find a listing of ports 
 > and their use/definition?

Well, there's always /etc/services. Or were you looking for more
detail?

Matt

Received: from deimos.frii.net (deimos.frii.com [216.17.128.2])
	by clue.denver.co.us (8.9.3/8.9.3) with ESMTP id MAA13587
	for <clue-talk at clue.denver.co.us>; Mon, 14 May 2001 12:53:29 -0600
Received: from io.frii.com (walter at io.frii.com [216.17.128.3])
	by deimos.frii.net (8.11.3/8.11.3) with ESMTP id f4EI5dt27475;
	Mon, 14 May 2001 12:05:39 -0600 (MDT)
Date: Mon, 14 May 2001 12:05:40 -0600 (MDT)
From: Walter Pienciak <walter at frii.com>
To: "lug at lug.boulder.co.us" <lug at lug.boulder.co.us>
cc: CLUE TALK <clue-talk at clue.denver.co.us>
In-Reply-To: <3B001393.BEDD5843 at americanisp.net>
Message-ID: <Pine.BSF.4.30.0105141203580.75169-100000 at io.frii.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: [CLUE-Talk] Re: [lug] Cisco 675 security
Sender: clue-talk-admin at clue.denver.co.us
Errors-To: clue-talk-admin at clue.denver.co.us
X-BeenThere: clue-talk at clue.denver.co.us
X-Mailman-Version: 2.0beta2
Precedence: bulk
Reply-To: clue-talk at clue.denver.co.us
List-Id: CLUE non-technical discussions. <clue-talk.clue.denver.co.us>

FWIW, I keep my 675 in bridging mode, and it's unreachable
except for that serial cable.  Doesn't have an IP address.
I do all my filtering and NAT, etc., on another piece of
hardware on the LAN side of the 675.

Walter

On Mon, 14 May 2001, B O'Fallon wrote:

> Hello,
>
> This might be of interest to owners of Cisco 675 ASDL modems.
>
> I am using a Cisco 675 modem for my ASDL connection. The other day, I
> ran Steve Gibson's port scanner (www.grc.com) against my ISP address
> and found the telnet and http ports to be open.
>
> When I called Qwest to see why, I was told that these modems were set
> up with these ports disabled, until the user connected to the CBOS, at
> which time they were enabled. I disabled them by telnetting in and
> then issuing, as root, the commands "set telnet disable" and "set web
> disable". Of course, this means that in the future that the ONLY way I
> can connect to configure the modem is by use of the serial cable.
>
> Now I went back Gibson's site and ran the port scanner again. It still
> showed the ports as open. However, when I try to connect I immediately
> get disconnected. This occurs both under NT and Linux.
>
> Running nmap against my IP address revealed:
>
>     -- if nmap -sT -sU is used, all ports are closed. This took 31
> seconds.
>
>     -- if nmap -P0 is used, the telnet and http port are open. This
> took 671 seconds.
>
> Apparently leaving these ports open, according to Qwest, is a design
> "feature" on the part of Cisco and there has never been any
> explanation for it. While it would appear that although the ports may
> be open, connections to them are refused, so I am making the
> assumption that my 675 is secure.
>
> Comments, anyone?
>
> --
> B. O'Fallon
> bof at americanisp.net
>
> I wrote it down so that I wouldn't have to remember.
>
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>