|
You can wave your millions in front of my face kel101, I'll never talk, never! Especially since I don't think they are going to tell me any real secrets...
|
well maybe not money, how about a copy of fhm or playboy :P
Personally, i think you will be promoted to a high position in no time, the funny lovable man you are:rolleyes: If you make it (which im sure you will) you wouldnt mind sending a job recommendation my way would you? |
Congrats on the new job. How many hours a week will it be then?
|
@kel101 -- As much as I love free subscriptions, I love my wife ever more ;).
@GavinBKK -- They say it should hover around 15 hours a week, but will depend on the time of year. I'm hoping that the summers will hover around 10, since I have other projects I would like to work on as well. It is a college job, so these hour are just about perfect for me. |
Congrats, I envy you.:) I was interviewed by Apple as a quality engineer for the iPhone but I am sad to report that they didn't hire me.
Maybe one day I to will join you at Apple... |
I'd have to admit I would consider working for Apple, if I ever got the opportunity. I mean as it is now, I am already starting to get both the JAMF people and Apple people to pull me in on conferences calls with people who are looking to manage very large Apple networks.
That doesn't mean I have a shoe in anywhere, but it means that when they need an example they are starting to come to me. That I think is somewhat of a good sign. I definitely will ride out my state pension first before I get a new job though, I got three more years and then I am vested into it. It would be kind of dumb not to at least meet vestment in my state pension. Grats again, let us know exactly how it pans out, and you never answered my other question, are you on the support or sales side? Or do you have one of those in the middle gray positions? |
Quote:
As for support. I'm not contracted to do support, but it is pretty much my job to make sure every Mac person I run into is enjoying their Mac. So, to me it's seems that some support is implied. But no, I'm not specifically being paid to support Mac users. |
As per your request this is what DMZ is networking wise, it does in fact stand for De-militarized zone. How most routers work is that they run a technology called NAT (network address translation) which translates communications between two different subnets. So, you have your public IP from your ISP would could be like 72.73.74.75 for example, and it will translates all communications into your private network which would be a 192.x.x.x or a 10.x.x.x depending on how you have it set up.
DMZ basically just puts that specific machine outside the NAT with no protection at all, since by design NAT does not just allow remote hosts to connect to your system, so even though NAT was designed to help with the limited numbers of IPv4, it also doubles as a layer of security. So, if you put a Mac in a DMZ the routers just allows all traffic right to it, with no filtering or protection. Which is why I suggested it to be a great demonstration of how by design Unix is way more secure than Windows. Now this has to do by design, not really by anything else. OS X follows the basic Unix theory of Kernel > Shell > GUI, where nothing directly from the GUI can ever access the kernel (in theory, there are loop holes and exploits) but can communicate with the kernel via the shell, but the shell requires authentication to do so. Where as with windows, applications, drivers, APIs, so on and so forth can get direct access to the windows kernel via kernel hooks. Now, this allows for easier software development and more robust tools and options when given direct access to an OSes kernel, on the flip side it is also a huge security risk. So, as a great demonstration you could put two machines, 1 mac and 1 windows machine out in the wild world web, both on DMZ (may need multiple routers, not sure if all routers support multiple DMZ machines, typically they only allow one). Then you could have them running every P2P downloading application that is known to be just filled with viruses and you could go to every malicious site you can google or think of and see which one starts to fail first and how long it took to fail. Of course you would want to add in some factors, make sure all security patches are up to date on both OSes, so you don't get that, hey noob they fixed that comment. Then go ahead and be a dumb user and install every codec it asks for or any add on it asks for and see what it does. The results should show you how by design an OS has security level that do not allow self propagating malicious files from the wild just plomp them self on your system and then make babies and infect your system even more. It would be a great demonstration on several things: 1) basic layered network security 2) Basic theory of OS security 3) and of course the don't worry feature when the Windows box has a plethora of things gone amuck to it from the malicious files it picked up, and how OS X doesn't have this issue. |
I think the main thing you've proven to me is that I know absolutely jack about networking... So, what book do I need to read so that he IT departments on campus don't look at me like I'm a moron (oh, and I would prefer that I'm actually not a moron as well. I.e., I'm not out to simply have the appearance of knowing what I'm doing.)
|
Watch all current episodes of the new TV series, Big Bang Theory. Because really, that is what it all sounds like to me as well.
|
See, but I understand the Big Bang Theory.
For me the problem is, has and always will be lingo. As soon as I understand the lingo, things start to come together. Until then...ugh. Networking is foreign now, but I understand computers and I understand the principles behind networks. I figure all that I need is a good book to put all the pieces together and give them some names... |
.
Congratulations, Zalister! :) :D That’s brilliant!! |
Well, basically an IP address is like a house or apartment address, its a number representing a client on a network. Each ISP is assigned a set of public IPs, which they then assign to their clients on their own network. Public IPs are accessible via the world wide web, and are used for websites and what not. Private IPs are set ranges that are reserved for private networks and can not be accessed unless routed through a public IP. That is where NAT comes in. It translates requests from outside the network to inside the network. It was designed to help with the limited number of IPv4. So, once corporation can buy a couple of public IPs, and then use private IPs for the rest of the company and everything can communicate via NAT. It also doubles as a layer of security since by design it does not allow a remote host to connect. You have to set up port forwarding.
You're smart enough to go read the wiki page on basic networking and NAT to explain and understand the differences, and DMZ. Then, as a demonstration about how well a Mac out of the box can defend itself against the evil all powerful interwebs simply put one out on a DMZ and let everything and its sister hits it and see how it fares. To be fair though, there isn't much out in the wild that can infect the Mac, so that can also be a strong point for you to show the security side of it. I know that an un-patched non secured windows box won't last too long. You could also use that as a point of why one would seek a mac over a windows box. |
Private addresses fall in these ranges:
10.0.0.0 - 10.255.255.255 -- an extremely large group (24 bits out of 32) most often used by large corporate intranets. 172.16.0.0 - 172.31.255.255 -- not used all that often. 192.168.0.0 - 192.168.255.255 -- where most small routers set up their NAT. 0.0.0.0 - default route -- the router from the LAN 127.x.x.x - loopback address -- your own address from within. zeros at the end refer to the network x.x.255.255 is a broadcast address to all machines on x.x. |
So, let me see if I can get this straight.
If I but the computer out on the DMZ, it's basically that it's outside of the NAT. Thus it has to deal with all sorts of access requests from various (most likely unknown sources). Since Mac's block requests for root they should be safe in these instances, but because windows "leaves the door open" all those requests will simply walk strait into the windows box, bringing it to it's knees in a matter of hours. Is that about right? @ArcticStone -- Thanks :). |
Quote:
|
Quote:
|
Quote:
Of course it can be locked down just like any other OS, the problem is it is just easier to find a way around. I wouldn't call it less secure, I would just call it a bit harder to manage. I can lock down windows just like I can lock down OS X, it just takes more effort with windows. |
When you say more effort, how much effort are we talking? OSX comes locked down out of the box, as I recall. Is the normal "Joe/Jane Citizen" going to be able to lock down Windows to that same extent right out of the box (and can they do it before they get tired of all the stupid pop ups?)
|
Quote:
Nope, your average person cares not how it works rather just that it works. If I tell you how to set registry keys, create accounts and lock down things by policy and permission you'd probably think I was talking about some complex system of mathematics or what not. Your average user will never be immune to social engineering attacks regardless of what platform they choose to run. However, when it comes to self propagating viruses that are network active, then yeah, out of the box OS X is more secure. That is unless you leave all your passwords blank, because I am sure most viruses try a blank password if they are required authentication. |
| All times are GMT -5. The time now is 04:31 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.