Re: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]

2008-12-15 Thread Gadi Evron 

On Sun, 14 Dec 2008, Christopher Morrow wrote:

On Sun, Dec 14, 2008 at 8:44 PM, Gadi Evron  wrote:

On Sun, 14 Dec 2008, Rich Kulawiec wrote:


On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:


but you need to be much more specific about what you want from
medium and smaller isps, and what the immediate payoffs (cf. the
financial secions of the newpaper) will be to them to justify the costs.


Inferior people look solely for financial payoff.  Superior people
recognize their fundamental obligation to prevent their operation from
being a menace to others, and do it based on ethics.


They don't need t be moral, they need to understand 4 years down the line it
will cost them significantly to the point of losing a lot of business. A
good example is registrars. They lose quite a bit now.


do they lose 'quite a bit' now? how much is 'quite a bit'? and is that
more or less than they take home at the end of the day?

I'm curious because near as I can tell there doesn't seem to be really
any change in how registrars handle transactions... even domains
knowingly bought with stolen credit cards seem to hang around (and
change) long after the CC company frauded out the transaction(s)...

If there really was a large loss, wouldn't they make changes to
process/procedures/activities to limit their exposure?


The ones that don't take the "legal risk" now handle fraud quite 
differently. They are required to handle such purchases with the credit 
companies, and that costs them (the ones which do as they are required 
depending on law) on a scale which is .. very disturbing.





-chris

Re: e300 vs mx240 for border router ?

2008-12-15 Thread Eugeniu Patrascu 

ubaidali_abdul_raz...@3com.com wrote:

Have you tried 3Com's 6040 / MSR-50 routers?


No offense / no flame, but really, do you actually compare 3Com with 
Juniper ?

Re: e300 vs mx240 for border router ?

2008-12-15 Thread Suresh Ramasubramanian 
On Mon, Dec 15, 2008 at 10:13 PM, Eugeniu Patrascu  wrote:
> ubaidali_abdul_raz...@3com.com wrote:
>>
>> Have you tried 3Com's 6040 / MSR-50 routers?
>
> No offense / no flame, but really, do you actually compare 3Com with Juniper
> ?

Patriotism :)


-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Netblock reassigned from Chile to US ISP...

2008-12-15 Thread Stephane Bortzmeyer 
On Fri, Dec 12, 2008 at 01:13:59PM -0600,
 Frank Bulk  wrote 
 a message of 52 lines which said:

> Is there an easy way to get past history on an IP block?  Most sites
> will show you aspects of that *now*

http://www.renesys.com/blog/2008/11/for-sale-clean-lightly-used-ip.shtml

(That's just an idea, not a real service.)

Re: Net Mgmt Tools and supporting OS

2008-12-15 Thread vitto malitani 
Thanks to all who replied.  Due to ease of deployment I will probably go
with the Cent)S based server and tools and modify things as I need it
afterwards.

Best of luck,

Vitto,

On Tue, Dec 9, 2008 at 4:00 PM, Claudia de Luna  wrote:

> Vito,
>
> I"m currently consulting to the state of California corrections department
> on their wan and this question continually comes up.
>
> My recommendation is to get started with CactiEZ as you SNMP management
> tool.  CactiEZ is a CentOS based Cacti server that essentially loads
> everything you need to get up and running.  If you already have an
> authoratative and complete list of all your network infrastructure equipment
> it is then a simple matter of adding the devices to the server.
> Out of the box you get your syslog server (essential) with some basic
> search capabilities, your monitoring for bandwidth utilization, errors,
> latency (ping based) and router CPU.
>
> You can grow from there with notification (it's pretty basic but better
> than nothing), availability reports, and even a weather map.
>
> As someone else already said, use the OS you are most comfortable with.
> Running monitoring on a network is a full time job in and of itself so don't
> complicate things!
>
> Tools like OpenNMS and Nagios are a little more complex.  The CactiEZ CD is
> pretty much turnkey and gives you most, if not all, the tools to get you up
> and running. From there you can see what needs it does not meet and grow
> from there.
>
> Claudia
>
>
> This link lists the "plug ins" available out of the box but there are
> others as Cacti has a very good plug in architecture.
> http://cactiusers.org/wiki/Homepage
>
> Example WeatherMap
>
>
>
> --
> *From:* vitto malitani 
> *To:* nanog@nanog.org
> *Sent:* Tuesday, December 9, 2008 9:17:40 AM
> *Subject:* Net Mgmt Tools and supporting OS
>
> I am fairly new user of nanog mail list so I am not sure if the question
> below is appropriate for this list.  If not, please excuse it.
> - I am building a new low-budget customer WAN/LAN network and need some
> ideas for network management tools.  I've seen couple of email threads
> regarding all sort of "net goodies".  However, since I haven't used them
> all, I am not sure which OS would be the most appropriate for these aps?
> Can anyone share their ideas in regards  of apps and supporting platforms?
> I would be most comfortable with free distribution of linux, but I am not
> sure which distro supports most of the tools?  Is the paid OS required for
> all these tools, like RedHat Server or SuSe or Windows platforms?
>
> Thanks much,
>
> Vitto
>

No route to verizon

2008-12-15 Thread Sharlon R. Carty 
Hello,

 

This is my first post. 

Can anyone provide some info or Verizon why there is no connectivity to
Verizon CA(Verizon Business UUNETCA8-A)? 
Can not reach the following net range: 66.48.66.160 - 66.48.66.175

 

--sharlon

Re: No route to verizon

2008-12-15 Thread Martin List-Petersen 
Sharlon R. Carty wrote:
> Hello,
> 
>  
> 
> This is my first post. 
> 
> Can anyone provide some info or Verizon why there is no connectivity to
> Verizon CA(Verizon Business UUNETCA8-A)? 
> Can not reach the following net range: 66.48.66.160 - 66.48.66.175
> 

 11. ae-4-99.edge2.NewYork2.Level  0.0%
 12. mci-level3-xe.newyork2.Level  0.0%
 13. 0.xe-5-0-3.XL4.NYC4.ALTER.NE  0.0%
 14. ???  100.0

It gets into Verizons network and as far as New York. Maybe a fault
between Verizon and the customer ? After all, Alter.net is Verizon.

/Martin
-- 
Airwire - Ag Nascadh Pobal an Iarthar
http://www.airwire.ie
Phone: 091-865 968

Re: No route to verizon

2008-12-15 Thread Roy 
Sharlon R. Carty wrote:
> Hello,
>
>  
>
> This is my first post. 
>
> Can anyone provide some info or Verizon why there is no connectivity to
> Verizon CA(Verizon Business UUNETCA8-A)? 
> Can not reach the following net range: 66.48.66.160 - 66.48.66.175
>
>  
>
> --sharlon
>
>
>   

That network is assigned to a customer:

Tremor Technology Group Inc TREMORUU2 (NET-66-48-66-160-1)
  66.48.66.160 - 66.48.66.175

You would have to contact them.  Lots of possibilities: line failure, 
equipment failure, or they didn't pay their bill.

Re: No route to verizon

2008-12-15 Thread Justin M. Streiner 

On Mon, 15 Dec 2008, Sharlon R. Carty wrote:


This is my first post.

Can anyone provide some info or Verizon why there is no connectivity to
Verizon CA(Verizon Business UUNETCA8-A)?
Can not reach the following net range: 66.48.66.160 - 66.48.66.175


Your best bet might be to call Verizon directly, as a range this small is 
not likely to be seen in the global routing table as a free-standing 
route.  I see 66.48.0.0/16 from my transit providers, originated from 
AS701, which is what I'd expect to see.


Beyond that, your post doesn't contain enough information to do much more 
troubleshooting.


jms

RE: No route to verizon

2008-12-15 Thread Sharlon R. Carty 
Ok thanks everyone.
I'll be contacting Verizon. 

I do not believe the issue lies with the customer not paying their bills.

-Original Message-
From: Justin M. Streiner [mailto:strei...@cluebyfour.org] 
Sent: Monday, December 15, 2008 3:21 PM
To: nanog@nanog.org
Subject: Re: No route to verizon

On Mon, 15 Dec 2008, Sharlon R. Carty wrote:

> This is my first post.
>
> Can anyone provide some info or Verizon why there is no connectivity to
> Verizon CA(Verizon Business UUNETCA8-A)?
> Can not reach the following net range: 66.48.66.160 - 66.48.66.175

Your best bet might be to call Verizon directly, as a range this small is 
not likely to be seen in the global routing table as a free-standing 
route.  I see 66.48.0.0/16 from my transit providers, originated from 
AS701, which is what I'd expect to see.

Beyond that, your post doesn't contain enough information to do much more 
troubleshooting.

jms

Re: No route to verizon

2008-12-15 Thread Matthew Black 

On Mon, 15 Dec 2008 15:05:44 -0400
 "Sharlon R. Carty"  wrote:

Hello,

This is my first post. 


Can anyone provide some info or Verizon why there is no connectivity to
Verizon CA(Verizon Business UUNETCA8-A)? 
Can not reach the following net range: 66.48.66.160 - 66.48.66.175


My traceroute also ends with ALTER.NET:
traceroute to 66.48.66.160 (66.48.66.160), 30 hops max, 40 byte packets
...
 7  los-edge-01.inet.qwest.net (63.147.28.181)  1.701 ms  1.870 ms  1.734 
ms
 8  los-core-01.inet.qwest.net (205.171.32.33)  1.755 ms  1.670 ms  1.823 
ms
 9  lap-brdr-01.inet.qwest.net (205.171.32.10)  1.722 ms  2.082 ms  2.676 
ms
10  0.so-4-3-0.BR1.LAX7.ALTER.NET (204.255.169.193)  2.094 ms  2.046 ms 
1.720 ms



matthew black
e-mail postmaster
california state university, long beach

Re: No route to verizon

2008-12-15 Thread William Warren 

Matthew Black wrote:

On Mon, 15 Dec 2008 15:05:44 -0400
 "Sharlon R. Carty"  wrote:

Hello,

This is my first post.
Can anyone provide some info or Verizon why there is no connectivity to
Verizon CA(Verizon Business UUNETCA8-A)? Can not reach the following 
net range: 66.48.66.160 - 66.48.66.175


My traceroute also ends with ALTER.NET:
traceroute to 66.48.66.160 (66.48.66.160), 30 hops max, 40 byte packets
...
 7  los-edge-01.inet.qwest.net (63.147.28.181)  1.701 ms  1.870 ms  
1.734 ms
 8  los-core-01.inet.qwest.net (205.171.32.33)  1.755 ms  1.670 ms  
1.823 ms
 9  lap-brdr-01.inet.qwest.net (205.171.32.10)  1.722 ms  2.082 ms  
2.676 ms
10  0.so-4-3-0.BR1.LAX7.ALTER.NET (204.255.169.193)  2.094 ms  2.046 
ms 1.720 ms



matthew black
e-mail postmaster
california state university, long beach


whoops meant that to go to the list.  I thought i had their website..but 
i didn't.

Re: No route to verizon

2008-12-15 Thread Alex H. Ryu 
It may be.
If the customer is BGP customer, and they have connectivity problem,
your traffic will flow into Verizon since Verizon have supernet.
But within Verizon network, Verizon router doesn't have specific route
info to route into.
So you may see time-out as soon as it hit Verizon network.

Alex


Sharlon R. Carty wrote:
> Ok thanks everyone.
> I'll be contacting Verizon. 
>
> I do not believe the issue lies with the customer not paying their bills.
>
> -Original Message-
> From: Justin M. Streiner [mailto:strei...@cluebyfour.org] 
> Sent: Monday, December 15, 2008 3:21 PM
> To: nanog@nanog.org
> Subject: Re: No route to verizon
>
> On Mon, 15 Dec 2008, Sharlon R. Carty wrote:
>
>   
>> This is my first post.
>>
>> Can anyone provide some info or Verizon why there is no connectivity to
>> Verizon CA(Verizon Business UUNETCA8-A)?
>> Can not reach the following net range: 66.48.66.160 - 66.48.66.175
>> 
>
> Your best bet might be to call Verizon directly, as a range this small is 
> not likely to be seen in the global routing table as a free-standing 
> route.  I see 66.48.0.0/16 from my transit providers, originated from 
> AS701, which is what I'd expect to see.
>
> Beyond that, your post doesn't contain enough information to do much more 
> troubleshooting.
>
> jms
>
>
>
>
>
>   

begin:vcard
fn:Alex Ryu
n:Ryu;Alex
org:Norlight Large Enterprise / KDL, Inc. ;IP Engineering
adr:;;13935 Bishops Drive;Brookfield;WI;53005;USA
email;internet:r.hyuns...@ieee.org
title:Senior Network Engineer
tel;work:+1-262-792-7965
tel;fax:+1-812-206-4682
tel;cell:+1-262-389-0638
x-mozilla-html:FALSE
url:www.kdlinc.com
version:2.1
end:vcard