Also, if you're just staying in Illinois because of the booze, Michigan has WAY better beer and is just across the Lake. You could literally stop in damn near any small town throughout the state and find a decent brewery.
Even if you only consider Three Floyd's brewery in Munster, Indiana has way better beer than Illinois. If you also throw in Upland's wheat they win hands down.
And, well, Wisconsin has always been superior to Illinois in booze and alcoholics.
I can't think of a good reason to move to Iowa, Misery, or any other state to the South...
Screw Chicago, I am from Southern Illinois, damn arrogant bastards up north. If you really want my opinion.......
Anything South of 80 is Southern Illinois, right?
That is the traditional Mason-Dixon line for Illinoisians.
Remember that BtrFS like ZFS is designed for everything except performance. Being fast was never expected or intended to the goals of filesystems of these types. Anyone looking for performance from them is quite lost. They are "fast enough" for sure, but never were they expected to compete with traditional filesystems that do so much less.
While I generally agree, I'd hate to have btrfs or XFS as the backing storage for XenServer, even at small scale single server settings.
Why? Why do you feel that a tiny bit of filesystem performance is going to be a big deal in most cases? What is driving you to react in that way to it?
XFS is super fast, the polar opposite of BtrFS. Why would you hate both? What would make you happy?
Doh, meant ZFS, not XFS.
Considering how many people clamor to get ZFS or BtrFS for virtualization then rave about the performance, I think that the reaction proves the point - the performance never mattered in the first place :)
The hack itself is alarmingly simple. In versions >= 2.6.0, MongoDB includes a default configuration file that binds MongoDB to 127.0.0.1 by default. As a result, the database will only listen to local connections.
Before version 2.6.0, that wasn’t true. By default, MongoDB was left open to remote connections. Authentication is also not required by default, which means that out of the box installs of MongoDB before version 2.6.0 happily accept unauthenticated remote connections.
Users could still restrict access to local connections if they took the time to configure the install but that meant manually adding a line to their mongodb.conf file. Since that wasn’t the default configuration, many existing installs never included this critical step.
Making matters worse is that it’s easy to identify potential MongoDB attack candidates. MongoDB’s default port is 27017. Using a search engine such as ZoomEye, you can query for MongoDB installs, see what port they’re available over, and find around 100,000 vulnerable candidates.
The vulnerability itself is hardly new. The issue was first raised back in 2012 and released somewhere around 2015. Also, in early 2015, John Matherly made some noise when he reported finding around 30,000 insecure installs of MongoDB. In other words, this is something that everyone could have known about for a while.
That's not a vulnerability, that is STILL a half configured system AND no firewall on the server. And MongoDB 2.6 is relatively old, we are on 3.3 these days. This is a database cluster component, not a complete database piece on its own. Whatever "security" professional is writing this piece clearly isn't aware of what they are writing about. What they write is half true, 27017 is listening on 0.0.0.0, but it does so for a reason and is only vulnerable in places where someone did not finish setting up their database AND their server. It's not a vulnerability in the product.
This is where credit fraud protection comes into place, and class action law-suits start for all of the declined claims from people who have had their credit cards used illegally, and the bills not dropped by Visa.
I'd be surprised if there aren't already commericals on TV for 'Do you have a Visa credit card? Has your credit card been used without your consent, and the charges not dropped by Visa, call us now, you may be entitled to X"
Call J. G. Wetworth! 1-877-CASH-NOW....
Sorry... I'll see myself out now.
Let's all jump on board for lawsuits that only make the lawyers money!