DDOS attack Microsoft - Microsoft Windows

This is a discussion on DDOS attack Microsoft - Microsoft Windows ; On Sun, 14 Sep 2003 16:26:03 -0500, Mike Byrns wrote: > > > It's amazing to watch you two jerk each other off like this. > Yeh. What else could you say? M$ made one BIG mistake, right in the ...

+ Reply to Thread
Page 9 of 10 FirstFirst ... 7 8 9 10 LastLast
Results 161 to 180 of 195

Thread: DDOS attack Microsoft

  1. Re: M$ attack on Common Sense

    On Sun, 14 Sep 2003 16:26:03 -0500, Mike Byrns wrote:
    >
    >
    > It's amazing to watch you two jerk each other off like this.
    >


    Yeh. What else could you say?

    M$ made one BIG mistake, right in the beginning:

    They tacked the poorly cloned (and un-attributed) X-Window functionality
    on the DOS kernel, which it was not equipped to handle.


    And called it what? (X-)Windows.

    What they should have done is re-write the OS from the ground up.

    They, and all of their customers, have been paying for this mistake every since.


    AC

    --

    take control of your mailbox ----- elrav1 ----- http://tinyurl.com/l55a



  2. Re: M$ attack on Common Sense

    On Sun, 14 Sep 2003 01:05:53 -0500, Sinister Midget wrote:
    >
    >
    > As Alan Connor so eloquently gibbered on Sun, 14 Sep 2003 at 04:13 GMT:
    >
    >
    > --
    > MS could solve all their problems tomorrow regarding security and
    > stability and I wouldn't use them more than I have to now because for years
    > they fed me cow **** and told me it was cake.


    .....and it still is a bloated and baroque travesty of an OS.


    Well said, SM


    AC


    --

    take control of your mailbox ----- elrav1 ----- http://tinyurl.com/l55a



  3. Re: M$ attack on Common Sense

    > Look at all the buffer overrun problems that have been patched in
    > Microsoft products since January, (many large shops have an
    > organization that is dedicated to patching Microsoft products.)

    Look at this too...
    http://www.linuxsecurity.com/advisories/index.html
    Regards,
    Manoj

    wrote in message
    news:bjvt5d$kpm$1@blue.rahul.net...
    > macquigg@ece.arizona.edu writes:
    > >
    > > I must say that the Windows advocates seem to be "winning" this
    > > debate, although still not convincing me that I shouldn't move to
    > > Linux. The key issue for me is security. My limited experience and
    > > reading tells me that Linux is *currently* more secure, and *may* have
    > > some fundemental security advantages, stemming from its multi-user
    > > origin and open-source methodology. I fully expect M$ to make further
    > > progress in security. I don't *think* Linux security will be a
    > > problem in the future, but the discussion here does give me plenty to
    > > worry about.
    > >

    >
    > I use one of everything, daily, (Linux/*BSD/AIX/HPUX and a lot of
    > Windows.) My personal mounts are BSD and Linux. IMHO, Linux is more
    > secure than Windows, but that bars not very high.
    >
    > IMHO, its the *_kind_* of problems that make Windows insecure that is
    > disturbing-its a craftsmanship issue.
    >
    > Look at all the buffer overrun problems that have been patched in
    > Microsoft products since January, (many large shops have an
    > organization that is dedicated to patching Microsoft products.)
    >
    > Even a simple SW QA process would have found the buffer overruns-using
    > a mechanical procedure, no less. For example, compiling with the
    > equivalent of http://www.bigbiz.com/cgi-bin/manpage?3+libefence and
    > having QA run a regression suite would have saved Microsoft, their
    > customers, and the rest of the Internet a lot of grief over the last
    > few months.
    >
    > There are more elegant solutions to the buffer overrun problem, (like
    > used in OpenBSD,) but compiling with memory management QA libraries is
    > a minimal standard in most commercial software shops.
    >
    > SW quality and craftsmanship is not that difficult to do.
    >
    > Just IMHO ...
    >
    > John
    >
    > BTW, not to mention that most commercial shops have standard
    > architectural constructs that have to be used in critical sections of
    > SW, like http://cr.yp.to/ucspi-tcp.html, (which is often used as a SW
    > quality/security example.) That's why Qmail at http://www.qmail.org,
    > (same author,) has a $1K buck bounty from the author for anyone that
    > can crack it. Not that all Open Source software is of such high
    > quality-most isn't. But then its free, too.
    >
    > --
    >
    > John Conover, conover@email.rahul.net, http://www.johncon.com/
    >




  4. Re: DDOS attack Microsoft


    "Alan Connor" wrote in message
    news:8%I6b.2581$PE6.2362@newsread3.news.pas.earthl ink.net...
    > On Sun, 07 Sep 2003 15:02:56 GMT, Leythos wrote:
    > >
    > >
    > > In article ,
    > > madodelNOSPAM@ptd.net says...
    > >> On Sun, 7 Sep 2003 11:57:45 UTC, "Manoj Paul Joseph"
    > >> wrote:
    > >>
    > >> -> > Nice to note that it was linux based servers that saved M$ though

    ;-)
    > >> -> Why Linux based servers?
    > >> -> Anyone any idea?
    > >> ->
    > >>
    > >> Because as with almost every worm and virus out there it targets win32
    > >> machines. Linux is immune to these. Therefore microsoft's own
    > >> servers wouldn't be turned against themselves by the worm that
    > >> initiated the the problem by insulating them behind a Linux proxy
    > >> service.
    > >>
    > >> gates may be an unscrupulous bastard, but he certainly isn't stupid.
    > >> Even he knows that Linux is a more secure solution then his own
    > >> products. This is one case where people should take their lead from
    > >> Microsoft. ;-)

    > >
    > > Linux is no more secure than Windows, it's just less of a target and has
    > > less exposure to the people that want to take down MS.
    > >
    > > The problem is not MS, it's the way people use the product and the
    > > complete ignorance of it's users/installers. We've been installing
    > > Windows in industrial and office locations for more than 10 years
    > > without a single instance of a virus or compromise in any station. It's
    > > all in knowing how to secure your OS, even if it's Linux, SCO, AIX,
    > > OS/2, Windows, etc...
    > >

    >
    > The above is, simply, garbage.
    >


    Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    exploit weaknesses in *nix, including the GNU Emacs buffer overflow?



  5. Re: DDOS attack Microsoft

    Trog Dog wrote:
    > "Alan Connor" wrote in message
    > news:8%I6b.2581$PE6.2362@newsread3.news.pas.earthl ink.net...
    >
    >>On Sun, 07 Sep 2003 15:02:56 GMT, Leythos wrote:
    >>
    >>>
    >>>In article ,
    >>>madodelNOSPAM@ptd.net says...
    >>>
    >>>>On Sun, 7 Sep 2003 11:57:45 UTC, "Manoj Paul Joseph"
    >>>> wrote:
    >>>>
    >>>>-> > Nice to note that it was linux based servers that saved M$ though
    >>>

    > ;-)
    >
    >>>>-> Why Linux based servers?
    >>>>-> Anyone any idea?
    >>>>->
    >>>>
    >>>>Because as with almost every worm and virus out there it targets win32
    >>>>machines. Linux is immune to these. Therefore microsoft's own
    >>>>servers wouldn't be turned against themselves by the worm that
    >>>>initiated the the problem by insulating them behind a Linux proxy
    >>>>service.
    >>>>
    >>>>gates may be an unscrupulous bastard, but he certainly isn't stupid.
    >>>>Even he knows that Linux is a more secure solution then his own
    >>>>products. This is one case where people should take their lead from
    >>>>Microsoft. ;-)
    >>>
    >>>Linux is no more secure than Windows, it's just less of a target and has
    >>>less exposure to the people that want to take down MS.
    >>>
    >>>The problem is not MS, it's the way people use the product and the
    >>>complete ignorance of it's users/installers. We've been installing
    >>>Windows in industrial and office locations for more than 10 years
    >>>without a single instance of a virus or compromise in any station. It's
    >>>all in knowing how to secure your OS, even if it's Linux, SCO, AIX,
    >>>OS/2, Windows, etc...
    >>>

    >>
    >>The above is, simply, garbage.
    >>

    >
    >
    > Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    > exploit weaknesses in *nix, including the GNU Emacs buffer overflow?
    >
    >


    IIRC, it was a bug in sendmail as delivered (with back door for
    maintenance that should have been turned off in productions systems).

    --
    .~. Jean-David Beyer Registered Linux User 85642.
    /V\ Registered Machine 73926.
    /( )\ Shrewsbury, New Jersey http://counter.li.org
    ^^-^^ 10:50am up 24 days, 20:15, 2 users, load average: 2.85, 2.74, 2.44


  6. Re: DDOS attack Microsoft

    In article <4Dj9b.103682$bo1.81682@news-server.bigpond.net.au>,
    Trog Dog wrote:
    ...
    >Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    >exploit weaknesses in *nix, including the GNU Emacs buffer overflow?


    It is acknowledged to be the first true worm that got loose.

    None of the vulnerabilities were in the Unix kernel. None were in
    GNU-Emacs.

    The exploits were:

    - It took advantage of a publicized, hard-wired back door left in
    sendmail.

    - It took advantage of a buffer overflow in the finger daemon.

    Craig



  7. Re: M$ attack on Common Sense

    Centuries ago, Nostradamus foresaw when Jean-David Beyer would write:
    > But what hacking of UNIX over the last 35 years, and what "add ons"
    > were needed for UNIX that the other OSs did not also need? There has
    > been some progress in operating systems since those early days. In
    > fact, at the risk of a flame war, it seems to me that Windows, when
    > it came out, was about 15 years behind what UNIX was delivering at
    > the time. For example, when Windows 95 came out in about 1996, it
    > still did not have the functionality (other than a graphical
    > point-and-click interface) that UNIX had in 1980. And by 1995 UNIX
    > supported the X Window System already.


    There are some areas of weakness to this day vis-a-vis some of the
    "mainframey" sorts of functionality.

    I have yet to see a flexible enough batch scheduling system on Unix to
    correspond to the batching systems on systems like VMS.

    When I need to do anything where queueing and/or load balancing is
    needed, I find I need to construct Yet Another Batch System from
    scratch. (No, "cron" and friends are NOT satisfactory.)

    Of course, that isn't something that naturally lends itself to pretty
    pointy-clicky tools, and Windows is about as bad...
    --
    select 'cbbrowne' || '@' || 'ntlug.org';
    http://www3.sympatico.ca/cbbrowne/nonrdbms.html
    "Cars move huge weights at high speeds by controlling violent
    explosions many times a second. ...car analogies are always fatal..."
    --

  8. Re: M$ attack on Common Sense

    Christopher Browne wrote:

    > I have yet to see a flexible enough batch scheduling system on Unix to
    > correspond to the batching systems on systems like VMS.
    >
    > When I need to do anything where queueing and/or load balancing is
    > needed, I find I need to construct Yet Another Batch System from
    > scratch. (No, "cron" and friends are NOT satisfactory.)


    .... then you havent done enough research.
    ..
    --
    /// Michael J. Tobler: motorcyclist, surfer, skydiver, \\\
    \\\ and author: "Inside Linux", "C++ HowTo", "C++ Unleashed" ///
    \\\ http://pages.sbcglobal.net/mtobler/mjt_linux_page.html ///
    Did you know ... That no-one ever reads these things?


  9. Re: DDOS attack Microsoft


    "Craig A. Finseth" wrote in message
    news:3f65d380$0$171$a1866201@newsreader.visi.com.. .
    > In article <4Dj9b.103682$bo1.81682@news-server.bigpond.net.au>,
    > Trog Dog wrote:
    > ...
    > >Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    > >exploit weaknesses in *nix, including the GNU Emacs buffer overflow?

    >
    > It is acknowledged to be the first true worm that got loose.
    >
    > None of the vulnerabilities were in the Unix kernel. None were in
    > GNU-Emacs.
    >
    > The exploits were:
    >
    > - It took advantage of a publicized, hard-wired back door left in
    > sendmail.


    So how come this backdoor was written into sendmail in the first place? I
    thought only Microsoft products had backdoors. :-) If it was so well
    publicized, why didn't more UNIX admins patch reconfigure it to "close the
    door" so to speak? Do you see any parallels between this and your Microsoft
    vulnerability of the week? I mean, look, 1) it was put there on purpose 2)
    everyone supposedly knew about it 3) nobody did squat to protect themselves
    4) it spread like wildfire or prehaps more accurately *ahem* code red ;-)

    > - It took advantage of a buffer overflow in the finger daemon.


    So how come such a simple daemon, with so few lines of source code, that had
    been around so long, with so many, many eyes making all bugs shallow, could
    contain a travesty such as gets(line); rather than fgets(line, sizeof(line),
    stdin);?



  10. Re: DDOS attack Microsoft

    In article ,
    Mike Byrns wrote:
    >
    >"Craig A. Finseth" wrote in message
    >news:3f65d380$0$171$a1866201@newsreader.visi.com.. .
    >> In article <4Dj9b.103682$bo1.81682@news-server.bigpond.net.au>,
    >> Trog Dog wrote:
    >> ...
    >> >Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    >> >exploit weaknesses in *nix, including the GNU Emacs buffer overflow?

    ...
    >> The exploits were:
    >>
    >> - It took advantage of a publicized, hard-wired back door left in
    >> sendmail.

    >
    >So how come this backdoor was written into sendmail in the first place? I


    It was a debug mode.

    >thought only Microsoft products had backdoors. :-) If it was so well
    >publicized, why didn't more UNIX admins patch reconfigure it to "close the
    >door" so to speak? Do you see any parallels between this and your Microsoft


    This worm was released in 1987. It was a different world then, one in
    which protecting yourself against the net was simply not a big concern.

    As a point of fact, this worm marked the turning point after which people
    had to start protecting themselves against the network. It was a sad
    day, indeed.

    >vulnerability of the week? I mean, look, 1) it was put there on purpose 2)
    >everyone supposedly knew about it 3) nobody did squat to protect themselves


    There was no reason to protect ourselves at the time.

    >4) it spread like wildfire or prehaps more accurately *ahem* code red ;-)


    It was impressive, indeed.

    >> - It took advantage of a buffer overflow in the finger daemon.

    >
    >So how come such a simple daemon, with so few lines of source code, that had
    >been around so long, with so many, many eyes making all bugs shallow, could
    >contain a travesty such as gets(line); rather than fgets(line, sizeof(line),
    >stdin);?


    Same reason as above: no one had gone around looking for these things
    because no one had a reason to.

    Also, this was _before_ the open source movement go to Unix. For
    example, even though I was a Unix admin (along with other things), I
    did not have legal access to any Unix source code. The same applied
    to many others.

    If you're going to bring up historical issues, you need to analyze
    them in the context of the day.

    FWIW, I was one of the few people advocating securing systems _before_
    the Morris worm hit. But it was a definite uphill battle.

    Craig


  11. Re: DDOS attack Microsoft

    Mike Byrns wrote:

    >> - It took advantage of a publicized, hard-wired back door left in
    >> sendmail.

    >
    > So how come this backdoor was written into sendmail in the first place? I
    > thought only Microsoft products had backdoors. :-) If it was so well


    >> - It took advantage of a buffer overflow in the finger daemon.

    >
    > So how come such a simple daemon, with so few lines of source code, that
    > had been around so long, with so many, many eyes making all bugs shallow,
    > could contain a travesty such as gets(line); rather than fgets(line,
    > sizeof(line), stdin);?


    .... you're showing your age back in this timeframe,
    exploits were not something anyone thought of or took
    advantage of. the OS (open-source) movement hadnt really
    been frame yet, so all this "source is open to all eyes
    examination didnt apply."
    ..
    --
    /// Michael J. Tobler: motorcyclist, surfer, skydiver, \\\
    \\\ and author: "Inside Linux", "C++ HowTo", "C++ Unleashed" ///
    \\\ http://pages.sbcglobal.net/mtobler/mjt_linux_page.html ///
    Time flies like an arrow, but fruit flies like a banana.


  12. Re: DDOS attack Microsoft

    mjt wrote:

    >> So how come such a simple daemon, with so few lines of source code, that
    >> had been around so long, with so many, many eyes making all bugs shallow,
    >> could contain a travesty such as gets(line); rather than fgets(line,
    >> sizeof(line), stdin);?

    >
    > ... you're showing your age


    Thank you. You're right. Back then nobody worried about these things.
    Including the UNIX folks :-)

    > back in this timeframe,
    > exploits were not something anyone thought of or took
    > advantage of. the OS (open-source) movement hadnt really
    > been frame yet, so all this "source is open to all eyes
    > examination didnt apply."


    Nor does it really now. Few OpSo users examine anything to this day.


  13. Re: DDOS attack Microsoft

    Craig A. Finseth wrote:

    > In article ,
    > Mike Byrns wrote:
    >>
    >>"Craig A. Finseth" wrote in message
    >>news:3f65d380$0$171$a1866201@newsreader.visi.com.. .
    >>> In article <4Dj9b.103682$bo1.81682@news-server.bigpond.net.au>,
    >>> Trog Dog wrote:
    >>> ...
    >>> >Wasn't the Worm as devised by RTM the first of it's kind, and didn't it
    >>> >exploit weaknesses in *nix, including the GNU Emacs buffer overflow?

    > ...
    >>> The exploits were:
    >>>
    >>> - It took advantage of a publicized, hard-wired back door left in
    >>> sendmail.

    >>
    >>So how come this backdoor was written into sendmail in the first place? I

    >
    > It was a debug mode.
    >
    >>thought only Microsoft products had backdoors. :-) If it was so well
    >>publicized, why didn't more UNIX admins patch reconfigure it to "close the
    >>door" so to speak? Do you see any parallels between this and your
    >>Microsoft

    >
    > This worm was released in 1987. It was a different world then, one in
    > which protecting yourself against the net was simply not a big concern.
    >
    > As a point of fact, this worm marked the turning point after which people
    > had to start protecting themselves against the network. It was a sad
    > day, indeed.
    >
    >>vulnerability of the week? I mean, look, 1) it was put there on purpose
    >>2) everyone supposedly knew about it 3) nobody did squat to protect
    >>themselves

    >
    > There was no reason to protect ourselves at the time.
    >
    >>4) it spread like wildfire or prehaps more accurately *ahem* code red ;-)

    >
    > It was impressive, indeed.
    >
    >>> - It took advantage of a buffer overflow in the finger daemon.

    >>
    >>So how come such a simple daemon, with so few lines of source code, that
    >>had been around so long, with so many, many eyes making all bugs shallow,
    >>could contain a travesty such as gets(line); rather than fgets(line,
    >>sizeof(line), stdin);?

    >
    > Same reason as above: no one had gone around looking for these things
    > because no one had a reason to.
    >
    > Also, this was _before_ the open source movement go to Unix. For
    > example, even though I was a Unix admin (along with other things), I
    > did not have legal access to any Unix source code. The same applied
    > to many others.
    >
    > If you're going to bring up historical issues, you need to analyze
    > them in the context of the day.
    >
    > FWIW, I was one of the few people advocating securing systems _before_
    > the Morris worm hit. But it was a definite uphill battle.


    THX for the effor Craig.

  14. Re: M$ attack on Common Sense

    User wrote:

    > "Alan Connor" wrote in message
    > news:RJb7b.4118$PE6.2994@newsread3.news.pas.earthl ink.net...
    >> On Tue, 09 Sep 2003 03:13:50 GMT, Leythos wrote:
    >> linux is more stable and more efficient and more secure than Windoze.
    >>
    >> This could be proven in a court of law.

    >
    > I have been asking for good solid evidence to be posted from Alan about
    > this for some time but he simply repeats this claim without any evidence.
    >
    > Just because the US President told the world 1000 times that Iraq had and
    > were going to use nuclear weapons doesn't mean it was actually true. Just
    > because you say something 1000 times it doesn't mean it is true.
    >
    > I want proof.


    Sorry, this Alan person does seem to circumvent his own veracity by failing
    to respond to these requests. I guess he's just banking on signal to noise
    preventing him from coming clean. Among those like you and I it won't work
    but among the great (well tiny) unwashed masses of linux children it's seen
    as gospel from anyone that can write well enough to be read.

  15. Re: M$ attack on Common Sense

    Alan Connor wrote:

    > On Sun, 14 Sep 2003 16:26:03 -0500, Mike Byrns
    > wrote:
    >>
    >>
    >> It's amazing to watch you two jerk each other off like this.
    >>

    >
    > Yeh. What else could you say?
    >
    > M$ made one BIG mistake, right in the beginning:
    >
    > They tacked the poorly cloned (and un-attributed) X-Window functionality
    > on the DOS kernel, which it was not equipped to handle.


    Cloning indicates a common source which you must know it untrue. Due to
    underlying architecture the X Window system is incompatible with MS-DOS.

    > And called it what? (X-)Windows.


    Should they have called it Doors(TM)?

    > What they should have done is re-write the OS from the ground up.
    >
    > They, and all of their customers, have been paying for this mistake every
    > since.


    Well they actually did rewrite it. As much as linux did. They both took
    the top OSs of the time and revised it. With MS is was VMS and with Linus
    it was linux. Look who's ahead of the game right now.

    More power to you linux. You've got a LONG way to go!



  16. Re: DDOS attack Microsoft

    > Craig A. Finseth scribbled:

    >> Mike Byrns wrote:


    >>>> Wasn't the Worm as devised by RTM the first of it's kind, and
    >>>> didn't it exploit weaknesses in *nix, including the GNU Emacs
    >>>> buffer overflow?

    ...
    >>> The exploits were:
    >>> - It took advantage of a publicized, hard-wired back door left in
    >>> sendmail.


    >> So how come this backdoor was written into sendmail in the first
    >> place? I


    > It was a debug mode.


    >> thought only Microsoft products had backdoors. :-) If it was so well
    >> publicized, why didn't more UNIX admins patch reconfigure it to
    >> "close the door" so to speak? Do you see any parallels between this
    >> and your Microsoft


    > This worm was released in 1987. It was a different world then, one in
    > which protecting yourself against the net was simply not a big
    > concern.


    Like so many OSS/Linux users/advocates claim today? That it's not a
    concern for them to protect themselves from viruses, because they're
    using OSS/Linux?

    > As a point of fact, this worm marked the turning point after which
    > people had to start protecting themselves against the network. It
    > was a sad day, indeed.


    >> vulnerability of the week? I mean, look, 1) it was put there on
    >> purpose 2) everyone supposedly knew about it 3) nobody did squat to
    >> protect themselves


    > There was no reason to protect ourselves at the time.


    Just like so many OSS/Linux user claim today because they're using *nix?

    >> 4) it spread like wildfire or prehaps more accurately *ahem* code
    >> red ;-)


    > It was impressive, indeed.


    >>> - It took advantage of a buffer overflow in the finger daemon.


    >> So how come such a simple daemon, with so few lines of source code,
    >> that had been around so long, with so many, many eyes making all
    >> bugs shallow, could contain a travesty such as gets(line); rather
    >> than fgets(line, sizeof(line), stdin);?


    > Same reason as above: no one had gone around looking for these things
    > because no one had a reason to.


    I guess that's why so many OSS/Linux users like to say *nix is
    inherently secure because it's *nix..... Why look for things that cant
    possibly be there....

    > Also, this was _before_ the open source movement go to Unix. For
    > example, even though I was a Unix admin (along with other things), I
    > did not have legal access to any Unix source code. The same applied
    > to many others.
    > If you're going to bring up historical issues, you need to analyze
    > them in the context of the day.


    So lets stick with today's reality's in the OSS/Linux world......

    FYI (repost YET AGAIN....)
    Just some of last weeks bugs and flaws in OSS/*nix.

    FYI....
    http://www.partyvibe.com/flavour/linux/security.htm
    http://www.linuxsecurity.com/advisories/index.html
    http://www.opennet.ru/base/linux/
    http://www.securityfocus.com/news/19
    http://lists.debian.org/debian-security-announce/

    Linux and the virus/worm risk:
    FYI
    http://networking.earthweb.com/netos/article.php/625211
    http://www.viruslist.com/eng/virusli...&findTxt=linux
    http://www.claymania.com/unix-viruses.html
    http://www.zdnet.com.au/itmanager/te...0275738,00.htm
    http://www.virusbtn.com/magazine/arc...0304/linux.xml

    --
    mlvburke@#%&*.net.nz
    Replace the obvious with paradise to email me.
    See Found Images at:
    http://homepages.paradise.net.nz/~mlvburke


  17. Re: DDOS attack Microsoft

    [Bit of a side digression here:]

    On Tue, 16 Sep 2003 18:07:02 +1200, Max Burke wrote:

    > http://homepages.paradise.net.nz/~mlvburke


    "Best Viewed at 1024 x 768"

    "Click to view Images"

    If you're going to advertise your site in your .sig, then at least
    take a little time and learn why both of the above are Bad Ideas.

    Oh, and your URL is improperly formed; it should have a / on the end.


  18. Re: DDOS attack Microsoft

    > Ed Murphy scribbled:
    > [Bit of a side digression here:]


    > On Tue, 16 Sep 2003 18:07:02 +1200, Max Burke wrote:


    >> http://homepages.paradise.net.nz/~mlvburke


    > "Best Viewed at 1024 x 768"


    > "Click to view Images"


    > If you're going to advertise your site in your .sig, then at least
    > take a little time and learn why both of the above are Bad Ideas.


    Care to enlighten me?

    > Oh, and your URL is improperly formed; it should have a / on the end.


    Should it?

    Does it cause an error when you try to go there?




    --
    mlvburke@#%&*.net.nz
    Replace the obvious with paradise to email me.
    See Found Images at:
    http://homepages.paradise.net.nz/~mlvburke/


  19. Re: DDOS attack Microsoft

    On Tue, 16 Sep 2003 21:51:31 +1200, Max Burke wrote:

    >> Ed Murphy scribbled:
    >> [Bit of a side digression here:]

    >
    >> On Tue, 16 Sep 2003 18:07:02 +1200, Max Burke wrote:

    >
    >>> http://homepages.paradise.net.nz/~mlvburke

    >
    >> "Best Viewed at 1024 x 768"

    >
    >> "Click to view Images"

    >
    >> If you're going to advertise your site in your .sig, then at least
    >> take a little time and learn why both of the above are Bad Ideas.

    >
    > Care to enlighten me?


    1) Web sites should look good when viewed at any resolution. (Well, I
    wouldn't worry about less than 640 x 480, unless you're specifically
    targeting a Palm audience.) "Best Viewed at " annoys
    anyone who can't, or doesn't want to, devote that much screen real
    estate to the browser window.

    2) Link text shouldn't include "click here" (or similar), because it
    ass-u-mes the viewer is using a WIMP [1] interface. What if they're
    using a text-only browser like Lynx? What if they're blind, and using
    software that reads the contents of the page to them? Okay, your
    site is visual/graphic in nature anyway, but it's still just generally
    inelegant. Whatever *follows* (or would follow) "click here" is
    usually a good candidate for link text.

    >> Oh, and your URL is improperly formed; it should have a / on the end.

    >
    > Should it?


    Yes.

    http://www.ietf.org/rfc/rfc2518.txt

    There is a standing convention that when a collection is referred to
    by its name without a trailing slash, the trailing slash is
    automatically appended. Due to this, a resource may accept a URI
    without a trailing "/" to point to a collection. In this case it
    SHOULD return a content-location header in the response pointing to
    the URI ending with the "/". For example, if a client invokes a
    method on http://foo.bar/blah (no trailing slash), the resource
    http://foo.bar/blah/ (trailing slash) may respond as if the operation
    were invoked on it, and should return a content-location header with
    http://foo.bar/blah/ in it. In general clients SHOULD use the "/"
    form of collection names.

    RFC 2616 is said to have something on this issue as well, but it's
    apparently a non-obvious implication of something else.

    > Does it cause an error when you try to go there?


    No. Fortunately for you, your web server is configured to detect and
    correct the error automatically. Some web servers can be configured
    to behave differently when you include or exclude the trailing slash:

    http://www.w3.org/Daemon/User/Config/General.html

    and some automated systems have trouble dealing with the concept of
    auto-correction by adding the missing trailing slash:

    http://lists.w3.org/Archives/Public/...rJun/0247.html


  20. Re: DDOS attack Microsoft

    > Ed Murphy scribbled:

    >> Max burke wrote:


    > [Bit of a side digression here:]
    > On Tue, 16 Sep 2003 18:07:02 +1200, Max Burke wrote:
    > http://homepages.paradise.net.nz/~mlvburke
    > "Best Viewed at 1024 x 768"
    > "Click to view Images"


    > If you're going to advertise your site in your .sig, then at least
    > take a little time and learn why both of the above are Bad Ideas.


    >> Care to enlighten me?


    > 1) Web sites should look good when viewed at any resolution. (Well, I
    > wouldn't worry about less than 640 x 480, unless you're
    > specifically targeting a Palm audience.) "Best Viewed at
    > " annoys anyone who can't, or doesn't want to, devote
    > that much screen real estate to the browser window.


    So it's not an actual fault then? I design the pages around the 1024x768
    screen resolution, therefore that's the best screen size to view them.
    It's not like I'm forcing anyone to view them at that resolution....
    ;-)

    > 2) Link text shouldn't include "click here" (or similar), because it
    > ass-u-mes the viewer is using a WIMP [1] interface.


    Which is why *I* include that link. Of course I could leave it out all
    together and have no indication at all on how to view the images.....

    > What if
    > they're using a text-only browser like Lynx?


    Then pray tell how would they SEE the images?

    > What if they're
    > blind, and using software that reads the contents of the page to
    > them?


    It's a minimalist website to display my photographs Ed.
    If I could I'd not have any text at all..... In fact I think I'll do
    that the next time I update it. That way there will be no distracting
    text to confuse the 'punters'.... ROTFLOL

    > Okay, your site is visual/graphic in nature anyway,


    Which is the sole reason for it's existence....

    > but
    > it's still just generally inelegant. Whatever *follows* (or would
    > follow) "click here" is usually a good candidate for link text.


    "click here" *is* link text......

    >>> Oh, and your URL is improperly formed; it should have a / on the
    >>> end.


    >> Should it?


    > Yes.
    > http://www.ietf.org/rfc/rfc2518.txt


    > There is a standing convention that when a collection is referred
    > to by its name without a trailing slash, the trailing slash is
    > automatically appended. Due to this, a resource may accept a URI
    > without a trailing "/" to point to a collection. In this case it
    > SHOULD return a content-location header in the response pointing to
    > the URI ending with the "/". For example, if a client invokes a
    > method on http://foo.bar/blah (no trailing slash), the resource
    > http://foo.bar/blah/ (trailing slash) may respond as if the
    > operation were invoked on it, and should return a content-location
    > header with http://foo.bar/blah/ in it. In general clients SHOULD
    > use the "/" form of collection names.


    > RFC 2616 is said to have something on this issue as well, but it's
    > apparently a non-obvious implication of something else.


    >> Does it cause an error when you try to go there?


    > No. Fortunately for you, your web server is configured to detect and
    > correct the error automatically. Some web servers can be configured
    > to behave differently when you include or exclude the trailing slash:
    > http://www.w3.org/Daemon/User/Config/General.html
    > and some automated systems have trouble dealing with the concept of
    > auto-correction by adding the missing trailing slash:
    > http://lists.w3.org/Archives/Public/...rJun/0247.html


    --
    mlvburke@#%&*.net.nz
    Replace the obvious with paradise to email me.
    See Found Images at:
    http://homepages.paradise.net.nz/~mlvburke/


+ Reply to Thread
Page 9 of 10 FirstFirst ... 7 8 9 10 LastLast