Gadi Evron wrote:
On Thu, 19 Apr 2007, Will Hargrave wrote:
Gadi Evron wrote:
"A 21-year-old college student in London had his internet service
terminated and was threatened with legal action after publishing details
of a critical vulnerability that can compromise the security of the
This report has been generated at Fri Apr 20 21:48:02 2007 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table Hist
On Thu, Apr 19, 2007 at 06:20:50PM +0100, Will Hargrave wrote:
[...]
> In his blog post [1] he did admit to accessing other routers of Be's
> customers using the backdoor password; this is probably [2] a criminal
> offence in the UK. I'm not sure I have as much sympathy for him as you do.
> [2] I
On Fri, 20 Apr 2007, Simon Lyall wrote:
>
> On Thu, 19 Apr 2007, Gadi Evron wrote:
> > Looking at the lack of security response and seriousness from this ISP, I
> > personally, in hindsight (although it was impossible to see back
> > then) would not waste time with reporting issues to them, now.
I dont have the reference to hand but with Cisco the crash reason hinted at
something very odd which was either a hardware failure or cosmic ray - i think
it was a parity error or something similar.
I remember this because I had such a reload and it was during a period of heavy
cosmic activit
Hi Steve,
[EMAIL PROTECTED] (Stephen Wilcox) wrote:
> I remember this because I had such a reload and it was during a period of
> heavy cosmic activity.. as the hardware had always been reliable and was
> reliable after this was beleived to be the cause
We have also started to use this as the
On Fri, Apr 20, 2007 at 04:52:04PM +0200, Daniele Arena wrote:
>
> >> I remember this because I had such a reload and it was during a period
> >of heavy cosmic activity.. as the hardware had always been reliable and
> >was reliable after this was beleived to be the cause
> >
> >We have also sta
[EMAIL PROTECTED] wrote:
I'm not sure if Simon's comment was tongue-in-cheek.
I think if you are referring to "public disclosure", yes, I think there's
little point of doing this, unless you are seeking attention. Of course,
reporting a problem to vendor privately always makes sense.
I'm no
BGP Update Report
Interval: 06-Apr-07 -to- 19-Apr-07 (14 days)
Observation Point: BGP Peering with AS4637
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS912132228 3.0% 28.1 -- TTNET TTnet Autonomous System
2 - AS477529436 2
> I remember this because I had such a reload and it was during a period of
heavy cosmic activity.. as the hardware had always been reliable and was reliable
after this was beleived to be the cause
We have also started to use this as the standard excuse.
Up to now, people believe us...
Well
On Fri, 20 Apr 2007, Gadi Evron wrote:
>
> On Fri, 20 Apr 2007, Simon Lyall wrote:
> >
> > On Thu, 19 Apr 2007, Gadi Evron wrote:
> > > Looking at the lack of security response and seriousness from this
> > > ISP, I personally, in hindsight (although it was impossible to see
> > > back then) wo
On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
>
> On Thu, 19 Apr 2007, Will Hargrave wrote:
> >
> > Gadi Evron wrote:
> >
> > > "A 21-year-old college student in London had his internet service
> > > terminated and was threatened with legal action after publishing details
> > > of
It *is* a criminal offence under extensions to the original CMA1990 in the
Police and Justice Act 2006. The maximum penalty was also increased to two
years imprisonment.
I don't think this particular incident is enough to attract a custodial
sentence, but he will almost certainly end up with a
On Fri, 20 Apr 2007 15:51:20 BST, Stephen Wilcox said:
> what other examples are there as you suggest a trend in hushing security
> vulns?
Skylarov ended up in jail for a while for daring to point out that a certain
foolish vendor had used ROT-13 as their encryption scheme.
Raven Adler had her
On Fri, 20 Apr 2007 [EMAIL PROTECTED] wrote:
> On Fri, 20 Apr 2007, Gadi Evron wrote:
> > Now, that is off-topic to NANOG.
> Just because you disagree with someone's opinion, doesn't make it
> offtopic.
> I'm not sure the debate on public disclosure vs private falls under NANOG
> AUP.
Do y
On Fri, 20 Apr 2007, Stephen Wilcox wrote:
> On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
> >
> > I am generally worried about the trend that is emerging of reporting
> > security issues resulting in legal threats.
>
> well in this case i dont know the nature of the threat but ask
On Fri, 20 Apr 2007, J. Oquendo wrote:
> [EMAIL PROTECTED] wrote:
> >
> > I'm not sure if Simon's comment was tongue-in-cheek.
> >
> > I think if you are referring to "public disclosure", yes, I think
> > there's little point of doing this, unless you are seeking attention.
> > Of course, reporti
On Fri, 20 Apr 2007 12:33:26 EDT, [EMAIL PROTECTED] said:
> > How would you feel if you used a product a company KNOWS lacks
> > fundamental security controls and does little to fix it. How would you
> > feel if AFTER the fact someone leveraged a method to affect you. How
> > would you feel AFTER
In article <[EMAIL PROTECTED]>, Peter Corlett
<[EMAIL PROTECTED]> writes
In his blog post [1] he did admit to accessing other routers of Be's
customers using the backdoor password; this is probably [2] a criminal
offence in the UK. I'm not sure I have as much sympathy for him as you do.
[2]
Hi,
I am Shai from Rogers Cable Inc. ISP in Canada. We have IP block
99.x.x.x assigned to our customers. Which happened to be bogons block in
the past and was given to ARIN in Oct 2006. As we have recently started
using this block, we are getting complains from our customers who are
unable to sur
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith <[EMAIL PROTECTED
Please provide a pingable IP address on each block so that we can check.
Thanks,
Frank
-Original Message-
Sent: Friday, April 20, 2007 1:09 PM
To: 'nanog@merit.edu'
Subject: IP Block 99/8
Hi,
I am Shai from Rogers Cable Inc. ISP in Canada. We have IP block
99.x.x.x assigned to our cus
"well-deserved criminal record for his stupidity." Where is the
criminal record for the idiot who allowed remote access with a
single username and password to every single cable modem? That's
pretty damned stupid.
Honetly- when did we all become such vindictive assholes? Had the
guy cau
We recently started to assign these blocks. So all the ranges are not
assigned yet. Following are some...
99.245.135.129
99.246.224.1
99.244.192.1
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Frank Bulk
Sent: Friday, April 20, 2007 2:14 PM
To: nano
On Fri, Apr 20, 2007 at 01:54:37PM -0400, Shai Balasingham wrote:
>
> Hi,
>
> I am Shai from Rogers Cable Inc. ISP in Canada.
>
> We own the following blocks:
>
> 99.224.0.0/12
> 99.240.0.0/13
> 99.248.0.0/14
> 99.252.0.0/16
> 99.253.128.0/19
>
> Shai.
Own? ARIN gave you title?
--
Gentlemen and Ladies,
I think we should shut down this line of argument.
Enjoy the beautiful weather here and Europe and have a good weekend.
Regards,
Roderick S. Beck
Hibernia Atlantic
30 Dongan Place, NY, NY 10040
http://www.hiberniaatlantic.com
Landline: 1-212-942-3345
Wireless: 1-212-44
On Friday 20 April 2007 10:51, Stephen Wilcox wrote:
> On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
> > On Thu, 19 Apr 2007, Will Hargrave wrote:
> > > Gadi Evron wrote:
> > > > "A 21-year-old college student in London had his internet service
> > > > terminated and was threatened w
If we had "clean" registries and signed/verifiable advertisements this would
not be an issue. Most of you know that DHS was pushing the Secure Protocols
for the Routing Infrastructure initiative
(http://www.cyber.st.dhs.gov/spri.html). Due to budget cuts this program is
on the shelf for now. Ho
In my personal opinion, ISPs, vendors, and such should legally be held
responsible for their product's security and unconditionally be made to
repair any security holes. -- if a vendor or ISP maintains good security
practices, there will be nothing for them to fear from this.
What's really upset
The discussion started out regarding an IP-over-cable ISP. Please
point me at places where there is significant *real* competition (i.e.
addresses that have more than one copper cable-TV line running into the
consumer residence).
There are a number of cable overbuilders out there. Knology,
On Fri, 20 Apr 2007 14:56:06 EDT, Kradorex Xeron said:
> In my personal opinion, ISPs, vendors, and such should legally be held
> responsible for their product's security and unconditionally be made to
> repair any security holes. -- if a vendor or ISP maintains good security
> practices, there
On Friday 20 April 2007 16:16, [EMAIL PROTECTED] wrote:
> On Fri, 20 Apr 2007 14:56:06 EDT, Kradorex Xeron said:
> > In my personal opinion, ISPs, vendors, and such should legally be held
> > responsible for their product's security and unconditionally be made to
> > repair any security holes. --
On 20-apr-2007, at 21:32, Marcus H. Sachs wrote:
If we had "clean" registries and signed/verifiable advertisements
this would
not be an issue.
I wouldn't count on that. If such a mechanism would become available
(which isn't completely unthinkable, see http://www.bgpexpert.com/
article.p
33 matches
Mail list logo
