Cat-5 cables near 200 Paul, SF
Hi, Hate to be "that guy" but really need help. Anyone know a place near 200 Paul in SF with a major quantity of cat-5 cables? Like 30 8ft blue, 20 8ft grey, 30 5ft blue. Need them today due to ex-employee's poor inventory keeping. Thanks, Tuc
Re: Cat-5 cables near 200 Paul, SF
Hi, Thanks to everyone. I didn't pay enough attention the last time this was discussed, sorry about that. I have my cables, though I need to start working on my sob story when I put in my expense report for 30 cables that should have been 1.44 each, not 6.95. Thanks again, Tuc On Fri, May 31, 2013 at 6:37 PM, Carlos Alcantar wrote: > I don't think they will care how you pay. It's just the question if you > do or don't need an account. > > Carlos Alcantar > Race Communications / Race Team Member > 1325 Howard Ave. #604, Burlingame, CA. 94010 > Phone: +1 415 376 3314 / car...@race.com / http://www.race.com > > > > > > -Original Message- > From: "Majdi S. Abbas" > Date: Friday, May 31, 2013 3:26 PM > To: Tim M Edwards > Cc: "nanog@nanog.org" > Subject: Re: Cat-5 cables near 200 Paul, SF > > On Fri, May 31, 2013 at 12:06:50PM -0700, Tim M Edwards wrote: > > Needs to be a Corporate CC though. > > Nahh, they take my personal card in Phoenix and SF all the time. > > --msa > > > > > -- Tuc Senior Director of Infrastructure p: (646) 532 4510 e: t...@admarketplace.com contact:3 Park Avenue<https://maps.google.com/maps?q=3+Park+Avenue,+New+York,+NY&hl=en&ll=40.746298,-73.980539&spn=0.008006,0.014226&sll=40.697488,-73.979681&sspn=1.025552,1.820984&oq=3+park+&hnear=3+Park+Ave,+New+York,+10016&t=m&z=17&iwloc=A&layer=c&cbll=40.746872,-73.981401&panoid=bJzqzj7BC3soBzluV52H_g&cbp=12,117.81,,0,0.1> | 27th Floor | NY 10016 | 212-925-2022 connect: Twitter <http://twitter.com/admarketplace> | Facebook<http://www.facebook.com/pages/adMarketplacecom/340557839490> | Google+ <https://plus.google.com/108796328406864098232/posts> | Linkedin<http://www.linkedin.com/company/admarketplace> | Blog <http://blog.admarketplace.com/> | Careers<http://www.admarketplace.com/jobs.php> *adMarketplace is #8 on Crain’s New York Fast 50 List<http://www.admarketplace.com/files/Crains%20-%20adMarketplace.com.pdf> !*
Looking for MIX/NOTA members
Hi, I know this is NAnog (Which NOTA may qualify for being in Miami) but I'm in need of help for MIX too. I'm involved with a client that had their range advertised by another AS. We were told by all parties involved that it has stopped, but I still seem to be seeing it on RIPE's MIX and NOTA looking glass. If anyone knows LG's other than RIPE that have access into MIX/NOTA (I did try HE.NET and PCH.NET, they didn't come up with the information I'm looking for) or can do a "sho ip bgp regex _13913$" and email me PRIVATELY, I'd appreciate. Thanks, Tuc
Re: Google's PUE
> > On Oct 1, 2008, at 2:04 PM, Martin Hannigan wrote: > > >> Personally, I think only a self-owned DC could get that low. A > >> general purpose DC would have too many inefficiencies since someone > >> like Equinix must have randomly sized cages, routers and servers, > >> custom-built suites, etc. By owning both sides, GOOG gets a boost. > >> But it's still frickin' amazing, IMHO. > > > > I wonder what it cost? :-) > > What cost to the environment of not doing it? > > OK, green hat off. :) Seriously, I doubt GOOG isn't seeing serious > savings from this over time. If they weren't why would they do it? > They seem to be very environment focused, so I'm sure doing anything that isn't is subject to scrutiny from the rest of the industry. Hopefully it won't come around to bite them. I had read an article on "The Planet" going as green as possible, then they had the huge outage and I'm sure negated 2-3 times what they had done to that point. Tuc/TBOH
Re: The DDOS problem & security BOF: Am i mistaken?
> > Vixie, Conrad, Manning, Woodcock, Curran, Plzak, Ed Lewis, etc all > worked together at ARIN, and have had 22 ARIN employees attend NANOG, > including the ARIN executive secretary. ARIN is giving NANOG $50,000 > checks, even though the Board members have undisclosed conflicts of > interest. ARIN resource analysts have (and probably are now) attending > NANOG. The resource analysts are the guys who make allocation decisions, > so getting chummy with NANOG people is a conflict of interest in the > making. So far, I've discovered two cases where ARIN has made > allocations in 2 hours. > Didn't you get banned temporarily from this list, then banned for life + 5 years, your children and grandchildren also banned for their lives + 5 years once before for all this? Tuc/TBOH
Re: The DDOS problem & security BOF: Am i mistaken?
> > >> Vixie, Conrad, Manning, Woodcock, Curran, Plzak, Ed Lewis, etc all > >> worked together at ARIN, and have had 22 ARIN employees attend NANOG, > >> including the ARIN executive secretary. ARIN is giving NANOG $50,000 > >> checks, even though the Board members have undisclosed conflicts of > >> interest. ARIN resource analysts have (and probably are now) > >> attending NANOG. The resource analysts are the guys who make > >> allocation decisions, so getting chummy with NANOG people is a > >> conflict of interest in the making. So far, I've discovered two cases > >> where ARIN has made allocations in 2 hours. > >> > > > > Didn't you get banned temporarily from this list, then banned > >for life + 5 years, your children and grandchildren also banned for > >their lives + 5 years once before for all this? > > I was never temporarilly banned. I was banned in 2000 so that I couldn't > gloat that the CFAA applied to ISPs. See > http://www.iadl.org/nanog/nanog-story.html > > Looks like someone messed up. ;-) > Well, yes and no... I actually was thinking of the ARIN list that you had the temporary ban on : http://lists.arin.net/pipermail/arin-discuss/2008-February/000897.html and then the permanent ban : http://lists.arin.net/pipermail/arin-discuss/2008-June/001058.html as for banning from NANOG, there is a message, purportedly from you : http://lists.arin.net/pipermail/arin-discuss/2008-February/000890.html contains "So Harris banned me from NANOG." . Not sure if thats the meeting, the NANOG list, or one of the NANOG/Merit other lists. Also, in : http://www.iadl.org/nanog/nanog-story.html I see "So, effective May 4 2005, Harris again banned Anderson. Although the new "reformed" rules require a limit of 6 months, Anderson remains banned as of April 16th, 2006. It seems permanent." but I think that refers to another NANOG group, dnsop. Tuc/TBOH
Re: Sprint / Cogent dispute over?
> > On Sun, Nov 02, 2008 at 04:40:20PM -0500, Randy Epstein wrote: > > Problem resolved? > > https://www.sprint.net/cogent.php > Check out the of the document. Me thinks it was a rush job to post up the page and a bit of cut/paste was done. ;) Tuc
Re: Potential Prefix Hijack
> > On Tue, 11 Nov 2008, Mark Tinka wrote: > > Anyone know how we can contact AS16735 and their upstream > > AS27664. We think they are hijacking a number of our > > prefixes (AS24218- and AS17992-originated). > > Have you tried CERT-BR? Uh... I was about to say "they're usually very > responsive, and good at coordinating this sort of thing." And then their > web site failed to load, because the prefix it's in is flapping. Hm. > > Fred, you still awake? > > -Bill > > Odd, we were just hijacked too, one match to the same AS: Prefix: 64.193.164.0/24 AS Path: 27664 16735 Seen by Route Collector: 15 Peer IP: 200.219.130.21 Peer AS Number: 27664 Timestamp (GMT): 1:56, Nov 11 2008 And a match from other AS's Prefix: 192.136.64.0/24 AS Path: 22548 16735 Seen by Route Collector: 15 Peer IP: 200.160.0.130 Peer AS Number: 22548 Timestamp (GMT): 1:59, Nov 11 2008 Prefix: 64.193.164.0/24 AS Path: 22548 16735 Seen by Route Collector: 15 Peer IP: 200.160.0.130 Peer AS Number: 22548 Timestamp (GMT): 1:56, Nov 11 2008 Tuc
Re: Potential Prefix Hijack
> > Hi! > > > We were hijacked aswell, by 27664 16735 > > > > Our affected prefixes were: > > > > 94.46.0.0/16 > > 194.88.142.0/23 > > 194.11.23.0/24 > > 82.102.0.0/18 > > 195.246.238.0/23 > > 194.107.127.0/24 > > 81.92.192.0/19 > > 193.227.238.0/23 > > > > We are trying to contact them in order to get some feedback, and some good > > explanation for this. > > The obviously were leaking full routing, are we all gonna annnounce 'my > prefix was in there also?' > ACTUALLY They didn't hijack ALL my netblocks... I have 3. One was completely untouched, 1 was only hijacked by 1 site, and the last was hijacked by 2 different sites. :) Tuc
Cable re-management
Hi,
I wondered if any of the NANO's (Specifically NYCNANO's) have
ever brought in another company, or offered as a service to the general
world cable re-management. I know Hugh O'Kane is a big place that does
it, but I'm looking for said services in NYC. I have client datatel
closets that REALLY need color coding, cables cut to length, A-B
labeling, etc. For an added bonus, they would potentially be able to
build out an entire FLOOR of a building from scratch.
Private replies please, will summarize to any who ask.
Thanks, Tuc/TBOH
MetroOptical - Anyone know of them?
Hi Guys, We saw them (metrooptical.com) mentioned in Capacity Magazine, but trying to do any other investigation ends up flat. Website hosted at Godaddy, NIC records give a PO Box (So does the website), etc. Anyone know anything about them? Offlists appreciated. Tuc
DDOS - How much is "too much"?
Hi, I have a client who prior to me settled into a non-carrier-neutral facility. They were approached this week for "DoS/DDoS protection" which they could buy in X Mb/s, 2xX Mb/s or 4xX Mb/s scrubbing solutions. Maybe I've been out of the running my larger Managed Server Hosting Company too long, but wasn't the "non-elegant" solutions something ISPs just "did"? Was it only DoS, and when it comes to DDoS they tell you its just too much to handle. And blocking how many netblocks does an ISP consider "too many" before it tells the client there is only so much it can do for them? Do people tell/give clients their own solutions? (Like Zebra boxes that'll inject BGP into their site) They wanted me to come up with 3 reasons FOR the service, 3 against, and what I felt was a fair market value for this. I just need to know if people still did that type of stuff for each other or if everything costs nowadays Thanks, Tuc/TBOH
Email lists pertaining to NA colo sites?
Hi,
I was wondering if someone was running a single repository of
lists run by either Colo sites, or others in support of colo sites,
in the North America. (Like for 25 Broadway {Adam?}, or even more
specifically 118th, 5th floor, room 518 and anyone that might be in
that room in the next week or so. :) ) Maybe there is a general
list where someone can post "Hey, I'm in 25B, 5th floor and I need
a patch cable" or even more specifically "Hey, I need someone who
can get to my cabinet at the specificied location and use a pen
to reboot one of my servers so I can save the $43.75 and not spend
$5 in gas, $6 for tolls, and $17 for parking to press a button, wait
30 seconds, and press again".
Thanks, Tuc
Re: ASN Name of the week
>
>
> This just appeared in my BGP
>
> ASN Number NameHandle
> Location Organization
>40543 1-800-GOT-JUNK [ABI19-ARIN]
> {Vancouver, BC, CA} 1-800-GOT-JUNK
>
> I guess somebody thinks that whois has advertising potential.
>
> Regards
> Marshall
>
Thats actually the company name. They seem to do VERY
well here in NY. I see their trucks constantly.
Tuc/TBOH
Re: San Francisco Power Outage
> On Jul 24, 2007, at 6:54 PM, Seth Mattinen wrote: > > > > I have a question: does anyone seriously accept "oh, power trouble" > > as a reason your servers went offline? Where's the generators? UPS? > > Testing said combination of UPS and generators? What if it was > > important? I honestly find it hard to believe anyone runs a > > facility like that and people actually *pay* for it. > > > > Sad that the little Telcove DC here in Lancaster, PA, that Level3 > bought a few months ago, has weekly full-on generator tests where > 100% of the load is transferred to the generator, while apparently > large DCs that are charging premium rates, do not. > And I could tell you about large DC's that are charging premium rates, had (admittedly) quarterly generator tests that ended up failing and causing down time MULTIPLE TIMES too. Meanwhile the generator at my parents house I had installed has weekly tests and runs fine, but I'm waiting for that unbelievably cold unbelievably harsh winters day where the power goes out and the generator fails... Because its a machine. It has wear, it breaks. I don't know that I'd be comfortable with a full load every time. Rather it be load banks Tuc/TBOH
Re: ASN Name of the week
> Hi, > > ASNV6, no clue... but 32-bit ASN are already prepared, at least in > the registry world. > It was just a joke, since the AS is getting high up there in the 2 byte range (2/3's of the available ones down I think) and was implying that moving to 4 byte would be as fast/efficient/complete as going to IPV6 (Not...) >The end is near see http://ipv4.potaroo.net > "Internet is just routes (217118/774), naming (billions) and... people!" > Sorta in line with your "The end is near"... :)
nanog@nanog.org
> Cisco's problem seems to be have been resolved. > > Also see: > > http://blogs.cisco.com/news/2007/08/update_ciscocom_site.html > > Thanks to everyone for their verification. :-) > I heard, from incredibly unreliable sources, that Cisco was testing a new router that included a flywheel, clutch and diesel engine all on the same shaft. I also understand the DDEC failed which caused major routing instability. But take it with a mine of salt. Tuc/TBOH
Do I or RR need dns clue?
Hi, Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute it went down) or delete it from ARIN IN-ADDR.ARPA records. Isn't the whole point of multiple DNS servers that if one is down the other can still answer queries? Or am I missing something here??? Thanks, Tuc/TBOH
Re: [NANOG] Routing table for BGP
> > Hi, > > > I would like to know what route should i accept from internet full or > partial? > if Partial then what routes should i accept? and how many route does my > router have if i will go for Partial routing table? > > actually I am trying to understand it by concept... my organization is small > but I want to know if it is large organization or small provider then what > kind of routes do i need in my routing table? > Hi, If its only 1 provider, then probably taking just "default route" is necessary. If you have 2, then it depends on your setup. I prefer to always take full routes from upstreams, as long as there are good communities within that feed. This way I can vary what I accept or don't accept without the need to constantly contact the upstream. If not, then I have to fiddle more on my end, but I always keep the control. I personally run 2 routers (Ok, switches with routing code, so my memory footprint is severely limited) each with a link to a provider. I ask for full routes PLUS default route. Internally, I discard /24's on both links, and pref up the communities like customer and send them over to the other router with the default route. Saves me alot of memory, plus gives me alot of control. Tuc/TBOH ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog
Re: [NANOG] IOS rootkits
> > > > I'd love to know what magical mystical protection your routers have that > > will > > enable them to avoid the same fate as every other device and operating > > system > > has. There's only one thing up there that doesn't have known rootkits > > in the wild. Yet. > > > The question isn't IF routers have security vunerabilities, but whether > Gadi has an example he can demonstrate now of installing a root kit on > an IOS router NOW or not. > Rootkit for 2500, 3000 and 4000.. Load this onto your router and you'll have root and much more. http://tinyurl.com/29duah Tuc/TBOH ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog
Re: Hurricane season starts June 1: Carriers harden networks
> > > > > > The official spokespeople don't mention it, but there is also a tendency > > for local officials to divert fuel delivery trucks for their use instead > > of maintaining communication facilities. > > > > Perhaps a company will get in the business of labeling trucks that > normally say fuel to something like "spoiled milk" during such events > and specialize in refueling certain customers. ;) > > I *think* I'm kidding. > After we went down at Telehouse 25 Broadway during 9/11 because the National Guard halted one of the deliveries... I'm open to just about any suggestions incase of another incident. Maybe "Firefighting Foam Refill Truck" would be better. Or just "HAZMAT CLEANUP". Tuc/TBOH
Re: Hurricane season starts June 1: Carriers harden networks
> > > On May 27, 2008, at 6:47 PM, Jerry Dixon wrote: > > > Jared nailed it on the head. It is absolutely critical to get to > > know who > > your State JFO POC is, State EOC POC, and have the National > > Communication > > Systems Hotline on speed dial or at least in your cell. They can help > > facilitate needs such as getting human resources from your company > > or mutual > > aide in to help with a crisis (credentialing issues), fuel trucks, > > and other > > supplies as needed. > > > > Also you might want to check to see if your company has a govt. > > affairs > > person within your organization who might all ready have a lot of > > this info > > and the contacts to assist. > > > I think there's something else to make note of. > > NCS wants to make sure that a number of the ISPs and critical > infrastructure operators have WPS/GETS available to the people who > rightly need them. If you're not sure, give them a ring and chat with > them about what resources you should have at your disposal. If there > is a major communication disruption, this may help your operations > team communicate. > > You can fill out the forms online at gets.ncs.gov > > - Jared > Thanks to everyone for their suggestions. Its alot of information. Unfortunately, next time something like that happens I'm getting out of there. It won't be my company, so I'm gonna get outta there. Living at Ground Zero (1 BUILDING away before, a few blocks inside during as well as after) was just plain stupid. No more Port Authority or Japanese pieces of paper saying I was "Critical" to be down there and could come/go as I please. No, I wouldn't be wheezing pretty bad this week if I was smart and did get out. Yea, next time.. I'm SO outta there. :) Hopefully someone else read all this and did the right things. Tuc
Network meltdowns anywhere in US?
Hi,
Sorry, would have posted this elsewhere, but I can't get
to alot of places...
I originally started chasing not being able to get to
71.74.56.243 (RR Mail server). I then found out neither L3 nor
my other connection saw it in the table. I checked a few other
router servers, some had it, some didn't.
Now, though, I'm trying to get a few other places and
most of them oddly seem to hang off L3 (Like the outages
list. :) )
Any ideas of there is some meltdown happening
in L3 or elsewhere?
Thanks, Tuc
Re: Network meltdowns anywhere in US?
> On Wed, May 28, 2008 at 4:05 PM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> wrote: > > > Hi, > > > >Sorry, would have posted this elsewhere, but I can't get > > to alot of places... > > > >I originally started chasing not being able to get to > > 71.74.56.243 (RR Mail server). I then found out neither L3 nor > > my other connection saw it in the table. I checked a few other > > router servers, some had it, some didn't. > > > >Now, though, I'm trying to get a few other places and > > most of them oddly seem to hang off L3 (Like the outages > > list. :) ) > > > >Any ideas of there is some meltdown happening > > in L3 or elsewhere? > > > >Thanks, Tuc > > > > > >From a cursory glance seems to be ok from where I'm currently looking from > (at&t), then again I haven't done my technical diligence. Will need to look > further and I'm sure someone will pipe up. > > Do you have any traceroutes, route stats, etc to give us as to what you are > experiencing? > No, no traceroutes since when I'd query BGP, it just said that the network didn't exist in the table like : ***route-server***>sho ip bgp 71.74.56.243 % Network not in table ***route-server***>sho ip route 71.74.56.243 % Subnet not in table (Only output I captured... But I know that Cerfnet did this too.) Tuc
Re: Network meltdowns anywhere in US?
> On Wed, May 28, 2008 at 4:05 PM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> wrote: > > > Hi, > > > >Sorry, would have posted this elsewhere, but I can't get > > to alot of places... > > > >I originally started chasing not being able to get to > > 71.74.56.243 (RR Mail server). I then found out neither L3 nor > > my other connection saw it in the table. I checked a few other > > router servers, some had it, some didn't. > > > >Now, though, I'm trying to get a few other places and > > most of them oddly seem to hang off L3 (Like the outages > > list. :) ) > > > >Any ideas of there is some meltdown happening > > in L3 or elsewhere? > > > >Thanks, Tuc > > > > > >From a cursory glance seems to be ok from where I'm currently looking from > (at&t), then again I haven't done my technical diligence. Will need to look > further and I'm sure someone will pipe up. > > Do you have any traceroutes, route stats, etc to give us as to what you are > experiencing? > A bit more "clue"... :) 1) If its been discussed before, I was out that day... But it seems that CERF NET route-server isn't quite authoritative: route-server>sho ip bgp 204.107.90.128 % Network not in table route-server>sho ip bgp route-server> 2) The other route-server it wasn't showing up in is my "backup" provider. I'm trying to get clarification, but I think my backup provider relies too heavily on my primary provider. So yea, it would make sense, if Level3 had an issue, that the provider USING L3 would have an issue. 3) I've gotten zip from L3 about any of this. Can anyone atleast, once again, despite a certain list members contentions, tell me I'm not crazy. That someone else SOMEWHERE saw it? (Or more DIDN'T see RR. :) ) Thanks, Tuc
Re: L3/RR "incident" (Previously Network meltdowns anywhere in US?)
Hi,
Another case of getting much better help via NANOG than through a NOC.
Turns out there was an issue, and it subsequently was fixed in a
relatively small timeframe. Atleast a /20 of RR was not visible inside of L3,
I'm not sure if it was more.
Thanks again to those people from L3 that DID help me who are on this
list.
Tuc/TBOH
Re: [OFFTOPIC] Re: NANOG NYC Event
> > Datavision on 5th avenue near 40th street (Manhattan) has saved me in a > pinch when I've needed multimode cables (still dunno where to buy smf at > a retail shop in nyc). > Just be careful you pay 100% attention to what you want and what you get. I went for a disk drive, brought it upstairs, paid for it, and when they were checking it they found the item in the box wasn't the same I paid for (Serial numbers didn't match). I didn't even get out the store, so I asked for a refund. Store credit only, and its only good for a year. SIGH Tuc
Re: NANOG NYC Event
> NYC is so large and interesing that I wouldn't spend much time chasing > food. You're in foodie heaven. See the Statute of Liberty, the 9/11 > memorial, Empire State Building, ride the subway, go to Hoboken, or > catch a glimpse of the UN. All great sites. Personally, I'd like to > find a karaoke bar and sing "NY NY" with my Red Sox hat on. :-) > Why hasn't anyone talking about putting together a trip to the various datacenters in the area 25 Broadway... 111 8th... and the grandaddy of them all... 60 Hudson. Tuc
Re: How not to make an error page (was: OT: www.Amazon.com down?)
Maybe they should buy time on their own EC2 if they are short of webservers. :)
The staus page http://status.aws.amazon.com/ shows them "Green and Clean"
Tuc
>
> I've no idea what Amazon uses for Load Balancers, but I'm pretty sure
> that error message is the default error message served up by a Netscaler
> LB if no web services are available in the pool...
>
> -andy
>
> > -Original Message-
> > From: Kevin Day [mailto:[EMAIL PROTECTED]
> > Sent: Friday, June 06, 2008 11:40 AM
> > To: Lasher, Donn
> > Cc: nanog@nanog.org
> > Subject: How not to make an error page (was: OT: www.Amazon.com down?)
> >
> >
> > On Jun 6, 2008, at 1:24 PM, Lasher, Donn wrote:
> >
> > > Checked, and doublechecked, not just me
> > >
> > > www.amazon.com returns:
> > >
> > > Http/1.1 Service Unavailable
> > >
> > > Anyone have a URL for a network/etc status page, or info on the
> > > outage?
> > > Been that way for a while this morning.
> > >
> > > -donn
> > >
> > >
> >
> > Even worse, the page they're displaying is actually a HTTP 200
> > response code(OK/no error), with no "Don't cache this" header - which
> > means their error page is considered cacheable by some browsers/
> > proxies. So, you may find users who tried to visit Amazon while they
> > were down are still seeing it down long after they fix it.
> >
> > Lesson to high profile websites: add these to your error pages so you
> > don't have people complaining you're still down long after you're
> > fixed.
> >
> > * Don't return a 200 response code. Use 500 or 503. Nothing from 2xx
> > or 4xx.
> > * Add a "Cache-control: no-cache, must-revalidate, max-age=0" header,
> > as well as an "Expires: 0" header for good measure.
> > * If your server is really borked and you can't add headers at all,
> > add '' to the
> > section. That's not as good, but helps at least on the browser end.
> > * If possible, add a timestamp to the page somewhere (even if it's in
> > an HTML comment) so you can troubleshoot with users still seeing the
> > error.
> >
> > -- Kevin
> >
>
>
>
Re: Cable Colors
> > Hello Newbie here (hopefully I have the correct list), > > I was just wondering if anyone knows of a website with recommended > colors for cables for a new datacenter? > I have written some things down but I don't want to get stuck saying > 'darn, I wish I would have bought this color for this type, now I am > stuck'. > What standard color to use if voice and data on same interface etc. Thanks. > Hi, We solved the problem of remembering what color was for what by getting our suppliers to use clear jackets on the wiring. That way we see whats actually going over the copper and can tell that way. It costs us more, we do have a bit of an issue putting plugs on it, but in the long run its definitely worth it. Otherwise, our old system was : Black - Infrastructure/critical Green - Colocation/Customer White - KVM Blue - X-connect (Later changed to Orange when we went full fiber) Yellow- Someone threw a spare patch cord up and didn't custom create/ cut it and if I find them I'm gonna create/cut them something! White+Red spot or stripe - The junior guy was cutting KVM cables again, expect a health benefit claim later in the day. We also used the ID zip ties on each end if it was an X-over with "X-over" written on it. All plugs had boots too. Tuc/TBOH (Insert ;) as needed... ;) )
Re: ICANN opens up Pandora's Box of new TLDs
> > Two years ago I posed the question here about the need for TLDs > (http://www.mcabee.org/lists/nanog/May-06/msg00110.html). > This all should have been solved by allowing those who wanted/applied for TLDs to be granted them back in 1995 when originally requested : http://www.gtld-mou.org/gtld-discuss/mail-archive/00990.html There was a procedure, people followed it, and IANA decided to go other ways with it. Now years later there is all this red tape restricting things. And if the "powers that be" decide to go back to it, you can replace stormking.com with t-b-o-h.net and I look forward to it! ;) Tuc / Scott Ellentuch
Re: ICANN opens up Pandora's Box of new TLDs
> > Once upon a time, Ken Simpson <[EMAIL PROTECTED]> said: > > Oooh -- dibs on that one. And .some, so you can register awe.some, > > trouble.some, and fear.some. And .ous, which would allow humm.ous, > > seri.ous, fabul.ous, etc.. > > Somebody on /. mentioned .dot, so you could tell someone to go to: > > eych tee tee pee colon slash slash slash dot dot dot > Yea, I thought that was funny when I owned www . wwwdotnet . net tooLost a bit later on trying to explain to people. Then again TTSG (PPFG? TPSG? TPFG?) and "T dash B dash O dash H" aren't so fun either. Tuc
Re: what problem are we solving? (was Re: ICANN opens up
>
> One way to provide protection is too allow those who have the domain portion
> of any domain.(com|net|org|...) to have first dibs for the domain of any new
> gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have first dibs
> on nanog.thisisgreatstuff.
>
> Or is that too simplistic and fraught with division?
>
I think the point some people are trying to make is that a person could
pony up the fees, get a new TLD, and then EXPECT ${FORTUNE__COMPANY} to buy
theirname.NEWTLD . Instant market. Might even be able to make the investment
back
the first year, and nice profit the subsequent ones just for companies keeping
their name protected.
Tuc/TBOH
Re: ICANN opens up Pandora's Box of new TLDs
> > This requires serious elaboration. How could you use a domain in > > ".exe" to actually attack someone? (No handwaving, please, actual > > study.) > > > > I think it would be the other way around - I would assume that that > was a near worthless TLD, as it > would come with a built in DOS : If I had (say) program.exe as a > domain name, > what Windows user would ever type it in ? > I think this would be one of the TLDs that they'd refuse. Then again, there are DOS commands that do end in .com (CHOICE, COMMAND, CMD, DISKCOMP, HELP,etc). More can be seen at : http://support.microsoft.com/kb/72188 Tuc/TBOH
Re: ICANN opens up Pandora's Box of new TLDs
> > You do have a choice if you're not concerned about the deliverability of > your e-mail. Remember, the Internet remains a group of service > providers/organizations/subscribers that voluntarily work together and can > choose what goes in or out. And so if they decide not to receive traffic > from you, for any reason at all, there's no legal requirement. If they > require that all e-mail servers that want to send e-mail to them have rDNS > entries then persons who want to deliver e-mail to that entity need to > comply. > > Frank > So can I change my SMTP greeting to be : 220-host.example.com SMTP 220-Company agrees to the following rate chart to accept mail : 220-EHLO - $5.00 220-HELO - $2.50 220-MAIL FROM:<*> - Free 220-RCPT TO:<*> - 1-5/$4.00 , 6-10/$6.00, 11-15/$8.00, 15+/$10.00 220-DATA: $.01 per character until final "." 220-Delivery confirmation (Return-Receipt-To, X-Confirm-Reading-To, Disposition-Notification-To) - $1.50 220 Sending HELO/EHLO constitutes acceptance of this agreement Thanks, Tuc/TBOH
Re: Multiple DNS implementations vulnerable to cache poisoning
> Reading through the JavaScript that drives <http://www.doxpara.com/>, > it appears to be pretty easy to write a non-AJAX client to query Dan's > service. I threw one together in perl, named "noclicky", that allows you > to use Dan's service against any nameserver specified on the command line. > You can download a copy from <http://michael.toren.net/code/noclicky/>. > It looks like Dan changed what it returns, and noclicky 1.00 gets confused. You can fix this, atleast until MCT comes out with a new version, by putting : my $date = shift @data; before the line : print "Requests seen for $domain:\n"; Tuc/TBOH
Re: Exploit for DNS Cache Poisoning - RELEASED
>
> Now, there is an exploit for it.
>
> http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
>
For anyone looking to use it, you MUST update the frameworks
libraries. Some of the code only came out ~5 hours ago that
it needs.
Tuc/TBOH
Re: Exploit for DNS Cache Poisoning - RELEASED
> - -- "Robert D. Scott" <[EMAIL PROTECTED]> wrote: > > >Now, there is an exploit for it. > > > >http://www.caughq.org/exploits/CAU-EX-2008-0002.txt > > Now also (mirrored) here: > > http://www.milw0rm.com/exploits/6122 > > ...and probably a slew of other places, too. ;-) > The changes the put into metasploit for this don't seem to work if running from FreeBSD 5.5, possibly other BSD's and versions from talking to the author. Tuc/TBOH
Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
> > Jorge Amodio wrote: > > > /etc/hosts rulez !!! :-) > > Wonder if SRI wstill has the files. > Using the methods in RFC-952 and RFC-953 I wasn't able to get them. I can't find if there is an updated RFC/name to use. Tuc/TBOH ;)
Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
> > Jorge Amodio wrote: > > > /etc/hosts rulez !!! :-) > > Wonder if SRI wstill has the files. > UNOFFICIAL copy from 15-Apr-94 : http://ftp.univie.ac.at/netinfo/netinfo/hosts.txt Tuc/TBOH
2nd Exploit for DNS Cache Poisoning - RELEASED
Hi,
Not sure if anyone has seen yet, but there is a 2nd
exploit being circulated. I just picked it up on metasploits
SVN trunk
The first was called "baliwicked_host", and the
description was :
This exploit attacks a fairly ubiquitous flaw in DNS implementations which
Dan Kaminsky found and disclosed ~Jul 2008. This exploit caches a single
malicious host entry into the target nameserver by sending random hostname
queries to the target DNS server coupled with spoofed replies to those
queries from the authoritative nameservers for that domain. Eventually, a
guessed ID will match, the spoofed packet will get accepted, and due to the
additional hostname entry being within bailiwick constraints of the original
request the malicious host entry will get cached.
The new one is called "baliwicked_domain" and its described
as :
This exploit attacks a fairly ubiquitous flaw in DNS implementations which
Dan Kaminsky found and disclosed ~Jul 2008. This exploit replaces the target
domains nameserver entries in a vulnerable DNS cache server. This attack works
by sending random hostname queries to the target DNS server coupled with spoofed
replies to those queries from the authoritative nameservers for that domain.
Eventually, a guessed ID will match, the spoofed packet will get accepted, and
the nameserver entries for the target domain will be replaced by the server
specified in the NEWDNS option of this exploit.
Tuc/TBOH
Re: 2nd Exploit for DNS Cache Poisoning - RELEASED
> - -- "Tuc at T-B-O-H.NET" <[EMAIL PROTECTED]> wrote: > > >Not sure if anyone has seen yet, but there is a 2nd > >exploit being circulated. I just picked it up on metasploits > >SVN trunk > > I haven't seen that one yet, but I just ran across this: > > http://www.milw0rm.com/exploits/6123 > > - - ferg > > Sorry, block from the new one : ===/ Exploit ID: CAU-EX-2008-0003 Release Date: 2008.07.23 Title: bailiwicked_domain.rb Description:Kaminsky DNS Cache Poisoning Flaw Exploit for Domains Tested: BIND 9.4.1-9.4.2 Attributes: Remote, Poison, Resolver, Metasploit Exploit URL:http://www.caughq.org/exploits/CAU-EX-2008-0003.txt Author/Email: I)ruid H D Moore ===/==== Tuc/TBOH
Re: Exploit for DNS Cache Poisoning - RELEASED
> > On Thu, Jul 24, 2008 at 10:32 AM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> > wrote: > > > > - -- "Robert D. Scott" <[EMAIL PROTECTED]> wrote: > > > > > > >Now, there is an exploit for it. > > > > > > > >http://www.caughq.org/exploits/CAU-EX-2008-0002.txt > > > > > > Now also (mirrored) here: > > > > > > http://www.milw0rm.com/exploits/6122 > > > > > > ...and probably a slew of other places, too. ;-) > > > > > The changes the put into metasploit for this don't seem > > to work if running from FreeBSD 5.5, possibly other BSD's and > > versions from talking to the author. > > > >Tuc/TBOH > > > > > True. On FreeBSD 7.0-STABLE (updated on Fri May 23) it fails to create raw > socket: > ... > [-] This module is configured to use a raw IP socket. On Unix systems, only > the root user is allowed to create raw sockets.Please run the framework as > root to use this module. > > [*] Attempting to inject poison records for example.com.'s nameservers into > 202.72.241.4:55088... > [-] Auxiliary failed: undefined method `sendto' for nil:NilClass > Sorry, I just checked it on 7.0 earlier today. If you happen to know any FreeBSD Ruby programmers with heavy socket experience, it would really be helpful. :-D I haven't tried the Python one yet. Probably later today. Tuc/TBOH
Re: So why don't US citizens get this?
Hi, So far with 2 test messages, neither have been delivered. It also does claim it leaves your IP in the email so there IS some "tracking" approximately where it came from. I can't verify, of course, since 2 messages have gone into never never land for me. Doesn't look like it ever got delivered. Maybe one of my RBL's are stopping it. Tuc > > deadfake.com offer anonymised email services with no signup. Does this > not immediately raise questions in itself? > > Or am I just unnaturally suspicious of such services? > > Have to admitt as soon as I see traffic relayed by a system such as that, > I stop putting much stock in its content... > > Mark. > > On Sat, 26 Jul 2008, Kameron Gasso wrote: > > > Laurence F. Sheldon, Jr. wrote: > >> What in the world does that say? > > > > Not to add too much noise to the list, but that MUA (x-mailer: DeadFake > > Mailer) is sending HTML that's base64 encoded... but with a text/plain > > content type. Oops? > > > > -- Kameron > > > > > > >
Silly PUCK/Outages question
Hi,
I hate to use NANOG for outages... But can anyone else get to
puck.nether.net or the outages.org list? A traceroute gets me into
Chicago with NTT and then dies...(Along with high ping times between
NY and IL for NTT)
I'm looking to see if anyone has more info about an S&D power
event at 111 8th this morning. (And I contacted S&D and am getting
nothing from them).
Thanks, Tuc/TBOH
Re: Silly PUCK/Outages question
>
> http://downforeveryoneorjustme.com can't resolve it, either.
>
Sorry, I should have mentioned that.
Tuc/TBOH
