> Well Steve, it's like this: There are (a) security experts,
> (b) "security
> experts", and (c) guys that spend their day making things
> usable in spite of
> what the rest of the net throws in their AS's direction.
> You're an example of
> one, I'm an example of another, and the advocates
On Mar 2, 2007, at 12:55 AM, <[EMAIL PROTECTED]> wrote:
One might argue that if a company is not capable of
setting a policy and managing that policy, then you
should not implement the policy at all.
I think this really goes to the heart of the matter - the inability/
unwillingness to prior
BGP Update Report
Interval: 16-Feb-07 -to- 01-Mar-07 (14 days)
Observation Point: BGP Peering with AS4637
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS958320259 1.8% 23.0 -- SIFY-AS-IN Sify Limited
2 - AS701515718 1.4%
This report has been generated at Fri Mar 2 21:47:29 2007 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table Hist
> I think this really goes to the heart of the matter - the inability/
> unwillingness to prioritize and allocate resources to properly
> implement 'good neighbor' policies which are not perceived as having
> any financial benefit to the organization.
>
> So, can this sort of activity someh
Roland Dobbins <[EMAIL PROTECTED]> writes:
> On Mar 1, 2007, at 1:10 PM, Chris L. Morrow wrote:
>
>> So... again, are bogon filters 'in the core' useful? (call 'core' some
>> network not yours)
>
> Antispoofing is 'static' and therefore brittle in nature, people
> change jobs, etc. - so, we shou
On Mar 2, 2007, at 4:12 AM, Robert E. Seastrom wrote:
uRPF isn't always adequate for all antispoofing cases, as you know.
What about iACLs?
bogon
filtering by end sites is the sort of thing that is recommended by
"experts" for whom "security" is an end in and of itself, rather than
a com
On Fri, 02 Mar 2007 08:55:42 GMT, [EMAIL PROTECTED] said:
> > one, I'm an example of another, and the advocates of static bogon filters
> > are
important word alert --> ^^
> policy and management of that policy. Bogon filters are
> an example of a policy implem
> No, the SP can't be the 'Internet
> firewall' for customers,
They can if the SP supplies and manages the CPE device. Nowadays, a lot
of functionality could potentially be provided in a CPE device. Hardware
cost and hardware capabilities are no longer barriers to doing this.
There is still s
Sorry for the long list but we are still having issues to following sites.
Looking for someone at American Express and Yahoo (*most complaints with
those two sites). Also it appears a we are getting stopped on AT&T networks.
Please contact me offline if you have any contacts that deal with the
fol
At 11:43 AM 3/2/2007, John Lubeck wrote:
Sorry for the long list but we are still having issues to following sites.
Looking for someone at American Express and Yahoo (*most complaints with
those two sites). Also it appears a we are getting stopped on AT&T networks.
AT&T has some nice route se
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith <[EMAIL PROTECTED
On Mar 2, 2007, at 7:31 AM, <[EMAIL PROTECTED]> wrote:
Sometimes, network operators have to take the bull
by the horns and develop their own systems to do a job that vendors
simply don't understand.
Concur - but it seems that many seem to be looking for someone else
to do this for them (or
On Fri, 2 Mar 2007, Roland Dobbins wrote:
Sometimes, network operators have to take the bull
by the horns and develop their own systems to do a job that vendors
simply don't understand.
Concur - but it seems that many seem to be looking for someone else to do
this for them (or, perhaps, the l
I think Sean raises a good point. I guess the larger picture is what are we
trying to protect and what are trying to protect that from.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sean
Donelan
Sent: Friday, March 02, 2007 3:19 PM
To: Roland Dobbins
C
On Fri, 2 Mar 2007 15:37:01 -0600
"Eric Ortega" <[EMAIL PROTECTED]> wrote:
>
> I think Sean raises a good point. I guess the larger picture is what
> are we trying to protect and what are trying to protect that from.
>
Bingo.
The problem isn't with "security people", it's with "security peopl
--- [EMAIL PROTECTED] wrote:--
> I think this really goes to the heart of the matter - the inability/
> unwillingness to prioritize and allocate resources to properly
> implement 'good neighbor' policies which are not perceived as having
> any financial benefit to the
Folks,
Anyone have a contact inside Level(3)'s IP Justification team? Telcove or
Wiltel teams might apply here as well.
I'm getting some serious kickback but not getting any details nor contact
with anyone who will discuss anything.
Anyone from ARIN who wants to discuss or review this w
At 04:18 PM 3/2/2007, Sean Donelan wrote:
On Fri, 2 Mar 2007, Roland Dobbins wrote:
Sometimes, network operators have to take the bull
by the horns and develop their own systems to do a job that vendors
simply don't understand.
Concur - but it seems that many seem to be looking for someone
On Mar 2, 2007, at 1:18 PM, Sean Donelan wrote:
How much of a problem is traffic from unallocated addresses?
Backbone operators probably have NetFlow data which they could mine
to find out.
On the other hand, how much of a problem is obsolete bogon filters
causing
everytime IANA delegat
Could someone from Comcast please contact us ([EMAIL PROTECTED]).
Customers behind Comcast on the east coast cannot get to our
216.219.126.0 prefix in Santa Barbara, CA. Comcast's peering with Cox
on ashbbbrj02-ae0.0.r2.as.cox.net may be to blame.
Regards,
Ashe Canvar
Network Engineer
--
Citrix
On Fri, 2007-03-02 at 17:58 -0800, Ashe Canvar wrote:
> Could someone from Comcast please contact us ([EMAIL PROTECTED]).
>
> Customers behind Comcast on the east coast cannot get to our
> 216.219.126.0 prefix in Santa Barbara, CA. Comcast's peering with Cox
> on ashbbbrj02-ae0.0.r2.as.cox.net may
> Could someone from Comcast please contact us
> ([EMAIL PROTECTED]).
>
> Customers behind Comcast on the east coast cannot get to our
> 216.219.126.0 prefix in Santa Barbara, CA. Comcast's peering with Cox
> on ashbbbrj02-ae0.0.r2.as.cox.net may be to blame.
COX has created ticket HD015981
On Fri, 02 Mar 2007 21:08:58 -0500
Jim Popovitch <[EMAIL PROTECTED]> wrote:
> On Fri, 2007-03-02 at 17:58 -0800, Ashe Canvar wrote:
> > Could someone from Comcast please contact us
> > ([EMAIL PROTECTED]).
> >
> > Customers behind Comcast on the east coast cannot get to our
> > 216.219.126.0 pre
Speaking of bogons and more practical daily operation issues, perhaps
you guys can help reaching the fine folks at AS7643 or maybe their
upstream provider can be kind enough to filter out the following:
BGP routing table entry for 123.0.0.0/8, version 14613827
Paths: (1 available, best #1, not
25 matches
Mail list logo
