Re: kernel.org dns broken
On Thu, Sep 8, 2011 at 3:44 PM, Atticus wrote: > I can't resolve anything for kernel.org from Verizon's 3G network, or from > HE in California. I'm using HE's nameservers, with Google's as a backup. > Neither of them have any records. Anyone know what's up? > > -- > FT3(SU) Byron Grobe, USN > Maybe related to the hacking that they discovered recently? http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised -Kyle
Re: Saudi Telecom sending route with invalid attributes 212.118.142.0/24
Is this announcement still showing up this way (no easy way to check myself). -Kyle On Thu, Sep 8, 2011 at 4:20 PM, Clay Haynes wrote: > On Thu, Sep 8, 2011 at 7:11 PM, Jonas Frey (Probe Networks) < > j...@probe-networks.de> wrote: > > > Hello, > > > > anyone else getting a route for 212.118.142.0/24 with invalid > > attributes? Seems this is (again) causing problems with some (older) > > routers/software. > > > > Announcement bits (4): 0-KRT 3-KRT 5-Resolve tree 1 > > 6-Resolve tree 2 > >AS path: 6453 39386 25019 I Unrecognized Attributes: 39 > > bytes > >AS path: Attr flags e0 code 80: 00 00 fd 88 40 01 01 02 > > 40 02 04 02 01 5b a0 c0 11 04 02 01 fc da 80 04 04 00 00 00 01 40 05 04 > > 00 00 00 64 > >Accepted Multipath > > > > > > -Jonas > > > > > Yup! We're seeing the same thing too, and we're filtering it out. > Originating AS is 25019 > > -Clay >
Re: Looking Glass Functionality
http://mrlg.op-sec.us/ Its not quite off the shelf, but I found it easier to deploy than anything else I found. -Kyle On Wed, Oct 5, 2011 at 7:05 AM, Positively Optimistic < positivelyoptimis...@gmail.com> wrote: > Greetings > Does anyone know of a off-the-self product that provides looking glass > functionality for a network ? > > Many thanks, > -Optimistic >
Re: RADB/RIR Scraper
I've always found it helpful to use the "inverse query by" feature, where you can query for any object that has x "mnt-by" or "origin" and it will list any objects with that mnt-by or origin you query for. RADB has this built directly into the Advanced Object Query form on the website. -Kyle On Wed, Oct 5, 2011 at 10:10 AM, Mikhail Strizhov < striz...@netsec.colostate.edu> wrote: > A little bit of topic, but is there a way to get the prefix list and AS > number using the description in RADB/others? > For example, for "Commonwealth Bank of Australia" I want to get the > following > > route: 203.202.158.0/24 > descr: Commonwealth Bank of Australia > origin: AS7474 > mnt-by: MAINT-AS7474 > changed:n...@optus.net.au 20080918 > source: RADB > > Thanks. > >
Re: 128.0.0.0/16 configured as martians in some routers
I'm see them from NTT. -Kyle On Mon, Dec 5, 2011 at 11:44 AM, Chris Adams wrote: > Once upon a time, Alex Le Heux said: > > Dear Colleagues, > > > > The correct prefix and pingable address list for the Debogonising > Project is: > > > > prefixpinagble address > > > > 128.0.0.0/21 128.0.0.1 > > 128.0.24.0/24 128.0.24.1 > > > > Our apologies for the oversight. > > Are these prefixes being announced widely? I don't see anything for > 128.0.0.0/16 from my upstreams, nor at many public looking glasses. > > -- > Chris Adams > Systems and Network Administrator - HiWAAY Internet Services > I don't speak for anybody but myself - that's enough trouble. > >
Re: [fyo...@insecure.org: C|Net Download.Com is now bundling Nmapwith malware!]
http://krebsonsecurity.com/2011/12/download-com-bundling-toolbars-trojans/ Its already getting some press... He could always send them a Cease and Desist letter like Wireshark had to do -Kyle On Tue, Dec 6, 2011 at 9:00 AM, Eric Tykwinski wrote: > Maybe it's just me, but I would think that simply getting them listed on > stopbadware.org and other similar sites would probably have much more of > an > effect. > The bad publicity can cause them to change tactics, but it takes some time. > I've seen much quicker results from blacklisting on Google and other search > engines. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > F: 610-429-3222 > > > -Original Message- > From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] > Sent: Tuesday, December 06, 2011 11:48 AM > To: andrew.wallace > Cc: fyo...@insecure.org; nanog@nanog.org > Subject: Re: [fyo...@insecure.org: C|Net Download.Com is now bundling > Nmapwith malware!] > > On Mon, 05 Dec 2011 22:14:48 PST, "andrew.wallace" said: > > Using fruitful language and acting like a child isn't going to see you > taken seriously. > > No, he *does* want fruitful language - one that produces results. I think > you meant some other word instead. > > As far as "acting like a child", I'm reasonably sure that if CNet was doing > the same thing to the good name of your consulting company, you'd react > similarly. > > > - Forwarded message from Fyodor > > On the other hand, just being Fyodor is sufficient to get him taken > seriously. > > > > > > >
Re: [fyo...@insecure.org: C|Net Download.Com is now bundling Nmap with malware!]
http://download.cnet.com/8301-2007_4-57338809-12/a-note-from-sean-regarding-the-download.com-installer/ In case no one saw this yet. -Kyle
MRLG Missing?
I know we just had a small discussion about this, looking glass stuff and such, but I had a copy of MRLG (the one from John Fraizer - OP-SEC.US) a while ago about I cannot seem to find the tarball anymore. The op-sec site appears to be dead, and so is a mirror site someone else put online a while ago (https://arpa.com/code/mrlg-5.4.1.tgz). Does anyone know what happened to John and his version of MRLG, I found it to be one of the best/most comprehensive looking glass setups available. thanks, Kyle
RE: Potential Prefix Hijack
I too have noticed the slip-up from Brazil, here at AS26935, all of our prefixes appear from them also, PHAS also did nothing for me, but RIPE tools and BGPmon both show issues. If anyone from RIPE reads this, awesome job on the tools guys! If anyone from GLBX reads this, have you had any contact with the offenders? -Kyle
RE: Power/temperature monitoring
We have had great luck, with Ravica Bitsight: http://ravica.com/products/index.php We use the smallest model, the Bitsight2, we have it at a solar site, monitoring the voltage of a 12v battery bank (which also powers the unit), along with 2 microwave radios and a 12v switch. It works great for this, and they many other sensor types, but it is a bit pricey. It has a nice web gui and users snmp and other forms of notification, and has built in graphing. We used email messages with alerts when certain voltage levels were reached. -Kyle -Original Message- From: Frank Bulk [mailto:[EMAIL PROTECTED] Sent: Fri 5/30/2008 10:58 AM To: nanog@nanog.org Subject: Power/temperature monitoring Hopefully monitoring the status of a network is on-topic. I'm looking for temperature and power monitoring unit to install in some remote BWA cabinets. We had two incidents where we lost power in a town and we weren't aware of it until the backup batter drained to empty, and another situation where the cabinet became too cold. Because these cabinets are less than 19" wide and just 3-5" deep, I need something quite small. I did find one product but it requires four components (unit with built-in temperature sensor, adapter, and AC power sensor, plus power supply) Perhaps there's someone on this list who has gone down this road and can point me to a good product. Required: - temperature sensor - 110 VAC power monitoring (on/off, not necessarily current) - Ethernet interface (at least SNMP, Web GUI and Optional: - fed via 12 VDC power - 12 VDC power monitoring (current) - humidity sensor Frank
Re: where are all the IPv6 tools?
On Wed, May 25, 2011 at 11:54 AM, Jay Borkenhagen wrote: > Hi, > > I depend on a number of shell tools for manipulating IPv4 addresses, > CIDR blocks, etc. like: > > aggis > ipsort.pl > grepcidr > aggregate > > I have not yet found much in terms of similar shell utilities for > IPv6. I've spoken to authors of some of these tools and they admit > they have not yet produced IPv6-capable versions. (Not trying to name > and shame: those tools are great, I just want more!) > > Do folks here know of IPv6 tools that might provide some of the > functions the above tools provide for IPv4? > > Thanks! > > Jay B. > > > > > > > I recommend IPv6gen. http://code.google.com/p/ipv6gen/ Very useful. Granted its not what you were asking for exactly >From the site: "ipv6gen is tool which generates list of IPv6 prefixes of given length from certain prefix according to RFC 3531. (A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block)" -Kyle
