Well, considering that Ron works for AOL, I would think he's all over "wierd
applications" and "odd protocols" :)
- Daniel Golding
>
>
>
> On Wed, 6 Mar 2002, Ron da Silva wrote:
>
> >
> > On Wed, Mar 06, 2002 at 03:04:00PM +, Christ
this (DARPA), a tip of the hat to a defense-oriented goal would have been
smart.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Alan Hannan
> Sent: Thursday, March 14, 2002 12:14 AM
> To: [EMAIL PROTECTED]
> Subje
They aren't the only ones
http://www.washtech.com/news/telecom/15783-1.html
Aleron, new owner of Telia USA aka AGIS, has also filed for Chapter 11.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of Alla
Hmm. There is alot of speculation that their network is largely subsidized
by their Yellow Pages franchise. Let your fingers do the walking, et al.
- Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Shawn Solomon
Sent: Tuesday, April 02, 2002 7:24 PM
every day. While Qwest may not have the
greatest customer service, it's not like you were actually down or had a
qwest originated routing issue. If that were the case, my sympathy would be
greater.
- Daniel Golding
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
s usually a customer
misconfiguration or misunderstanding.
- Daniel Golding
> -Original Message-
> From: Gregory Urban [mailto:[EMAIL PROTECTED]]
> Sent: Friday, April 05, 2002 11:14 AM
> To: Daniel Golding; [EMAIL PROTECTED]
> Subject: RE: Qwest Support
>
>
>
>
getting this pushed out (maybe the script died?)
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Andy Dills
> Sent: Friday, April 05, 2002 2:28 PM
> To: Chris Woodfield
> Cc: Daniel Golding; [EMAIL PROTECTED]
&g
And here we go, down the rabbit hole... (see below)
> Steve Naslund Said...
>
>
>
> I would have to disagree on a lot of these points. See below.
>
> Steven Naslund
>
> > Daniel Golding Said...
> >
> >
> >
> >
> > I suppose. E
Even better...the anonymous trolls!
- Dan
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of [EMAIL PROTECTED]
> Sent: Saturday, April 06, 2002 12:30 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: Best provider to use ?
>
>
>
But, are they a Tier I? And if so, are they the Best Tier I?
:)
- Dan
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of Mark Kent
> Sent: Saturday, April 06, 2002 11:52 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: Anyone eve
Hmm. Cogent does require some semi-strict traffic ratios to get the
really good deals. If it's not violating an NDA, is Qwest asking for
similar ones, these days?
- Dan
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of Alex Rubenstein
> Sent: Satu
of ACLs, which can cause downtime. I suspect the best practice,
at this point, is autogeneration of ACLs using IRR database entries, and
tools like RTConfig or their homegrown equivalent.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
I suppose the moral of the story is, if you get into a billing dispute with
an upstream, be cognizant of what's on the line, including issues like IP
space, circuit term liability, etc.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
be such a good idea.
- Daniel Golding
> Ralph Doncaster angrily ruminated
>
> What it tells me is I should have wasted enough space to consume 8 /24s
> long ago, so I could get a /20 directly from ARIN. I assign IPs to
> customers very conservatively. Multiple DSL customers with stat
pefully this will be soon.
- Daniel Golding
> todd glassey Says...
>
>
>
> PAIX is a division of MFN (Metropolitan Fiber Networks) as Above.NET is as
> well. That means they share MFN's connectivity and peering
> agreements and as
> such are incredibly rich environments
ur network.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of Ralph Doncaster
> Sent: Sunday, May 19, 2002 10:29 AM
> To: Majdi S. Abbas
> Cc: [EMAIL PROTECTED]
> Subject: Re: PAIX (was Re: Interconnects)
>
&
been the lowest common denominator "network engineer",
who has no basic knowledge of the principles that underlie the profession,
but instead rely upon rote memorization or quick fixes. That's not to say
that I haven't met a few very good engineers without degrees - I just think
t
amics, thermodynamics, fluids)
- And then some actual network engineering stuff like routing protocols,
wireless, microwave, optics, LAN technologies, etc
Finally, like most modern engineering programs, it would be heavily design
based, and include numerous design projects and a capstone project.
- Daniel Go
Gee. I've know some CCIE's who seemed a little sexually ambiguous, but I'm
not sure that a sweeping generalization is appropriate... :)
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Alexei Roudnev
> S
Andy,
At a larger ISP, you typically need a couple folks for peering.
- One or more peering coordinators (one is more normal) to interface with
their counterparts. These folks generally need both network engineering and
contract administration tools. If they have one skill set, but not the
othe
, so an outage
there may effect your operations.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Christopher J. Wolff
> Sent: Tuesday, June 25, 2002 3:17 PM
> To: [EMAIL PROTECTED]
> Subject: How important is
nough, I'm sure they would love
to peer with you. Remember - peering that first 50% of your traffic is not
that hard, if you have the resources, contacts and knowledge. It's that last
bit that hurts.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[E
's traffic on your
network (although it does let people cold-potato route your traffic on THEIR
networks.)
Another valid approach for doing this sort of thing is setting your MEDs to
be the same as your IGP metrics to the next hops of the BGP routes - there
are "shortcut" comman
going
to interfere with the normal market processes, doing so through heavyhanded
government regulation, is normally the worst way to go about it.
A vague sense of unfairness or unhappyness is the worst of reasons to
regulate an industry.
- Daniel Golding
>
>
>
> > Usually the pain f
oing, most
can recognize a peering opportunity for what it is, and the effect it will
have on their business. If they were only so good at truthfully reporting
their accounting data...Oh well.
- Daniel Golding
>
>
>
> > when this situation has existed in other industries, gov'
networks fall into any of these categories? It's not like we are
going to overfish our BGP sessions or crash routers into things.
- Daniel Golding
> Paul Vixie Said...
> so, the reason i am puzzled is that while some of those could be argued by
> some people, they _are_not_being_argued_abou
, please be my guest, but it would
be a bit of a stretch.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Richard Irving
> Sent: Monday, July 01, 2002 1:15 PM
> To: Daniel Golding
> Cc: Paul Vixie; [EMAIL PROTEC
RFC1546.
Really, anycast is a bad name for it. "nearcast" or "closecast" might be
better. Anycast just has a nice ring...
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Marshall Eubanks
> Sen
r platform would
be greatly dependent on customer requirements.
Thanks,
- Daniel Golding
> Phil Rosenthal Said
> Yes, I don't think we need it 'right now'. My concern is that at this
> point many companies are still buying routers that as of today have no
> support
Actually, the reverse would be useful, as well. Voice Networking/SS7 stuff
for us IP weenies. (i.e. not voice over IP, just straight voice)
- Dan
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Sean Donelan
> Sent: Thursday, July 11, 2002 3:09 PM
with them, unless they change
their ways.
3) You can pay Verio to accept your routes.
4) You can live with it.
May I suggest #4?
I'm not a big fan of Verio's filtering policies, but as long as you announce
the /20 as an aggregate, you'll be fine.
- Daniel Golding
> -Original
already authoritative reverse delegations. (i.e. AS to IP block mapping)
- Daniel Golding
> > On Thu, 18 Jul 2002, Ralph Doncaster wrote:
> >
> > > And your suggestion has technical deficiencies as well. I
> have a leased
> > > line between Toronto and Ottawa,
ough routes to break
BGP on a customer's 3640 will generate a support call, while causing
reachability problems to people who lack clue to properly advertise their
routes will also generate support calls.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[E
(SNIP)
> > Currently, RIR's will issue an AS and will allow the issuance
> of a /24 to a
> > multihomed enterprise, simply on the basis of being multihomed.
> From this
> > point of view, it's easy to make the case that the proper "RIR-approved"
> > boundary for prefix filtering should be at the
Perhaps they have perfected the Cone of Silence?
http://www.cinerhama.com/getsmart/innovations.html
- Dan
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Scott Granados
> Sent: Wednesday, August 14, 2002 4:09 PM
> To: Al Rowland
> Cc: [EMAIL PROT
es without any interuption of current or light level.
- Daniel Golding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Scott Granados
> Sent: Wednesday, August 14, 2002 11:36 PM
> To: David Lesher
> Cc: nanog list
> Subject: Re: $4
worth the investment required.
- Daniel Golding
On 7/6/05 11:41 AM, "Scott McGrath" <[EMAIL PROTECTED]> wrote:
>
>
> You do make some good points as IPv6 does not address routing scalability
> or multi-homing which would indeed make a contribution to lower OPEX
? $5? $10? I doubt the big ISPs that burn millions of addresses per
> year will be interested in that. Suddenly the transition to IPv6 (or
> recursive NAT...) is going to look very attractive.
>
> So basically the tradeoffs between market forces and regular
> reclaming are similar: e
There are a couple possibilities.
Mice and Men and INS both make software that can "front-end" BIND servers
via a secure web interface. You can also utilize a secure DNS appliance to
serve your customer DNS - Infoblox, Bluecat, and INS all make these. They
generally have a pretty rich multi-user
Since the talk was actually delivered - does anyone have a transcript or a
torrent for audio/video?
- Dan
On 7/27/05 8:10 PM, "Jeff Kell" <[EMAIL PROTECTED]> wrote:
>
> Cisco's response thus far:
>
>http://www.cisco.com/en/US/about/security/intelligence/MySDN_CiscoIOS.html
>
> Jeff
PR point of view, they probably should
have let things ride and allowed the Blackhat talk to occur. They look like
bullies now, which is never good. Hindsight is 20/20, though.
That being said, their policy of offering free updates for certain bug fixes
to those who don't pay them for support is generous. See that hand feeding
you? Don't bite it.
--
Daniel Golding
is listed on the quote for pretty much every new piece of
gear you buy from a vendor.
Take it from Ice-T - "don't hate the player, hate the game". Words to live
by.
[snip]
> Geo.
>
> George Roettger
> Netlink Services
Daniel Golding
On 7/29/05 12:56 PM, "John C. A. Bambenek" <[EMAIL PROTECTED]> wrote:
>
> Remind me why I bother with information security when industry and the
> government seems to want to ensure things can be pwn3d as easily as
> possible...
>
If the "digital pearl harbor" does come to pass, this won't
I suspect the problem is not the operation aspects of the discussion, but
rather the nasty and sometimes personal invectives flying around. They were
particularly prevalent in the "Cisco gate" thread, and generally absent in
the other threads.
Just my 2 cents. YMMV
- Dan
On 8/2/05 11:28 AM, "[
bole to scare people?
Of course, making IPv4 a fungible commodity would help with this (yes, I'm a
broken record). When prices get too high, you know its time for v6.
>
>
> Regards,
> Daniel
--
Daniel Golding
On 8/4/05 6:49 PM, "Steve Feldman" <[EMAIL PROTECTED]> wrote:
>
>> I meant to ask this at a nanog or this IETF... why don't some of the
>> larger content providers (google, msn, yahoo, to name 3 examples) put
>> records in for their maint content pieces? why don't they get v6
>> connecti
On 8/7/05 4:54 PM, "Christopher L. Morrow" <[EMAIL PROTECTED]>
wrote:
>
> On Sun, 7 Aug 2005, William Warren wrote:
>
>>
>> I think i did not make myself clear. The corrections off-list are
>> valid..:) However the modems are accessed by the providers using
>> RFC1918 space and not public IP
On 8/15/05 4:46 PM, "Randy Bush" <[EMAIL PROTECTED]> wrote:
>
I'm not nearly confident enough to decide on behalf of almost
billion other people how they should benefit from the Internet
and how not to.
>>> thanks for that!
>> Indeed. Also see
>> http://www.iab.org/documents/doc
to keep asking questions, Abhishek. Just remember that the
inmates of this particular asylum get testy now and again :)
Thanks,
Daniel Golding
(*There are additional questions on where you should do this blocking.
That's an entirely separate can of worms)
On 8/18/05 6:38 AM, "Abhish
ptions in
> the specification. It can also uncover a broken design, but I hope
> and believe this is relatively rare. (And it's not like a broken
> design is automatically unimplementable, so implementation is
> certainly not guaranteed to bring out design problems.)
small number. Contrast that with the US
where the population is far more spread out.
This is an issue of both distribution and density, not just density.
>
> Not that this necessarily means anything, but I thought your
> sentiments above could do with some numbers. I don't see a strong
> correlation between broadband penetration and population density here.
>
>
> Joe
>
--
Daniel Golding
attacks have
really occurred, so we must act without that knowledge.
This is a great book for two audiences: enterprise network engineers who are
getting asked if their new MPLS VPN is secure (for some definition of
secure) and carrier network engineers trying to answer that question.
- Daniel Gold
Getting back on-topic - how can this be? I thought only service providers
(with downstream customers) could get PI v6 space. Isn't this what policy
proposal 2005-1 is about? Can someone (from ARIN?) explain the current
policy?
- Daniel Golding
On 9/9/05 2:16 PM, "Steven J. Sobo
On 10/5/05 3:02 PM, "Matthew Crocker" <[EMAIL PROTECTED]> wrote:
> Is it really that hard to understand?
>
> As a paying Cogent customer I expect to be able to get to the
> Internet through them. Isn't that the business they are in?
>
Break your contract for non-performance and call it a d
ansit.
We will now return this thread to the normal stream of "why is Cogent
broken", "Level(3) is a bunch of meanies", and "my traceroutes feel FUNNY".
;)
- Daniel Golding
On 10/6/05 1:41 AM, "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
>
> On Oct 5, 2005, at 4:13 PM, Daniel Golding wrote:
>
>> They can. Cogent has transit and is preventing traffic from
>> traversing its
>> transit connection to reach Level(3). Leve
On 10/6/05 6:43 AM, "tony sarendal" <[EMAIL PROTECTED]> wrote:
>
> Is being a tier-1 now a good or bad sales argument when selling
> internet access ?
Its a great sales argument. That's why everyone claims to be one. It just
sounds SO good. And its not like the Peering Police are going to enf
On 10/6/05 10:30 AM, "Randy Bush" <[EMAIL PROTECTED]> wrote:
>>> Is being a tier-1 now a good or bad sales argument when
>>> selling internet access ?
>> Its a great sales argument. That's why everyone claims to be
>> one. It just sounds SO good. And its not like the Peering
>> Police are going t
On 10/6/05 10:37 AM, "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
>
> On Oct 6, 2005, at 10:19 AM, tony sarendal wrote:
>
>> This is not the first and certainly not the last time we see this kind
>> of event happen.
>> Purchasing a single-homed service from a Tier-1 provider will
>> guarante
sibility not to bite the hand that feeds it - the
laise faire, unregulated Internet.
Shame on them. Google is not suffering at all from this.
> Ross Hosman
>
>
--
Daniel Golding
On 10/12/05 3:13 PM, "Randy Bush" <[EMAIL PROTECTED]> wrote:
>
> geoff's predictions for a very lively market in v4 space will
> seriously come into play.
Maybe its time to have a serious talk about IPv4 commodity trading schemes.
Anyone interested in this enough to have a BOF at ARIN/NANOG?
T
On 10/17/05 4:51 PM, "Tony Li" <[EMAIL PROTECTED]> wrote:
> Fred,
>
>> If we are able to reduce the routing table size by an order of
>> magnitude, I don't see that we have a requirement to fundamentally
>> change the routing technology to support it. We may *want* to (and
>> yes, I would like to
On 10/28/05 5:45 PM, "JC Dill" <[EMAIL PROTECTED]> wrote:
>
> Christopher Woodfield wrote:
>>
>> "...the companies have agreed to the settlement-free exchange of
>> traffic subject to specific payments if certain obligations are not met."
>>
>> So it does look like Cogent bent somwhat...I'm
On 10/28/05 7:37 PM, "Crist Clark" <[EMAIL PROTECTED]> wrote:
>
> Eric Louie wrote:
>> Now, one really needs to wonder why the agreement could not be reached
>> *prior* to the depeering on 10/5
>>
>> It's not rocket science.
>
> As people have pointed out repeatedly, this was surely not rocket
SFI
relationships in North America? I realize this is more like a consent decree
than true regulation, but its an interesting move by the regulators.
Regulation is generally a bad thing, but publishing SFI requirements - and
even SFI relationships - won't hurt anyone, IMHO.
--
Daniel Golding
N'T paying you money. The
funny thing is that your customers ARE paying you money for access to Google
and Yahoo. Broadband gets a lot less compelling without content, so don't
push it.
--
Daniel Golding
at will affect how our networks and services will
> interact, either by policy based decisions (FCC regulations, for example)
> or actual legislation (ala new and pending spam bills). A simple note in
> threads like these to remind people to stick to the effects and not their
> personal, o
else got anything else? send to martin, myself, both of us, or
>> the nanog@ mailing list if you want to put something on the sunday night
>> agenda.
>
> (steve feldman clarified that he's speaking not moderating.)
>
> (we've not heard yet whether betty or susan from merit will also be speaking.)
> --
> paul vixie
> martin hannigan
> (moderators)
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
How much has the second number changed? Is this the result of worsening
aggregation or simply more address space being advertised?
Core routers won't even blink at 200k routes. I wonder how many enterprise
3x00/7x00 routers will fall over due to memory issues.
Also, as we have learned previous
The (many) authors of the NANOG-Reform proposal would like to put out this
brief clarification to address some concerns from the community...
Clarification: There has been concern that this proposal would limit NANOG
mailing list reading/posting privileges or meeting attendance privileges.
Kim,
Its terribly important that your routers' management traffic be encrypted
all the way to the device. For this reason, the best practice is to use
ssh2. There are some other hacks that can be used, but they are hacks, and
are not scalable.
Bastion hosts are a good thing and can be a great pl
It would be fairly useful if Cisco had a published document that detailed
the minimum configuration for each major router line to support BGP with 1
to 4 full views. Of course, this would have to be periodically updated. By
this, I mean a separate overlay document for their entire router product
On 1/12/05 8:46 AM, "Erik Haagsman" <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2005-01-12 at 12:37, David Gethings wrote:
>> On Wed, 2005-01-12 at 12:25 +0100, Iljitsch van Beijnum wrote:
>>> IPv6 is also very useful in providing non-IPv4 management.
>> Well if we're offering protocols other than IP
On 1/12/05 12:05 PM, "Joe Abley" <[EMAIL PROTECTED]> wrote:
>
>
> On 12 Jan 2005, at 11:53, Hannigan, Martin wrote:
>
>>> You mean you'd *request* a different path from different providers.
>>
>> Provisioning a circuit from two different ^providers^, other than
>> your OC3 provider.
>
> I re
eer.
>>
>>
>> On Wed, 19 Jan 2005 22:25:37 + (GMT), Stephen J. Wilcox
>> <[EMAIL PROTECTED]> wrote:
>>> On Wed, 19 Jan 2005, andrew matthews wrote:
>>>
>>>> Anyone have any suggestions on graphing peering on a cisco router? I'm
Is there an RFC or other standards document that clearly states that static
bogon filter lists are a bad idea? While this seems like common sense, there
was just an RFC published on why IP addresses for specific purposes (like
NTP) shouldn't be encoded into hardware.
Using a dynamic feed needs t
Andrew,
The 32 bit counters are a significant problem when using gigabit ethernet
public peering interfaces. Needless to say, MAC accounting was not designed
for gigabit speeds. Frequent polling is, sadly the only solution. If you
write your own scripts, make sure to account for counter wrapping.
Additional information on MAC accounting from Hakan Lindholm...
(specifically, the SNMPv2c object to pull 64bit MAC accounting counters)
- Dan
-- Forwarded Message
From: Hakan Lindholm <[EMAIL PROTECTED]>
Date: Fri, 21 Jan 2005 20:36:45 +0100 (CET)
To: Daniel Golding <[EMAIL
/www.nanog-reform.org. If you
agree with the contents, please endorse it by "signing".
Thanks. We will now return to our regularly scheduled thread, which seems to
be intent on convincing people to violate their NDA's with a major network
equipment vendor :)
Thanks,
Daniel Golding
of some VoIP providers. Of course, even
paranoids have enemies, as they say :)
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
On 2/15/05 1:22 PM, "Majdi Abbas" <[EMAIL PROTECTED]> wrote:
>
> On Tue, Feb 15, 2005 at 11:53:59AM -0600, Adi Linden
g" by companies inventing
solutions to "fix" the problem which may not exist. (Mac Anti-virus
software, anyone? ;)
Is anyone aware of actual "pharming" in the wild? Please reply off-list and
I will summarize answers to the list.
Thanks,
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
Why block TFTP at your borders? To keep people from loading new versions of
IOS on your routers? ;)
Not trying to be flippant, but what's the basis for this?
- Dan
On 2/15/05 1:45 PM, "Eric Gauthier" <[EMAIL PROTECTED]> wrote:
>
>>> On Tue, Feb 15, 2005 at 11:53:59AM -0600, Adi Linden wrote:
Considering the fairly high quality security guides that have come out of
the NSA in recent years, this is probably the right choice.
- Dan
On 2/15/05 3:30 PM, "Fergie (Paul Ferguson)" <[EMAIL PROTECTED]> wrote:
>
>
> ...and following up on my last post, it would appear that the
> U.S. gummi
I've gotten a couple emails on this. To summarize:
1) some malware uses tftp. However much malware now uses other ports, such
as 80
2) There are numerous buffer overflow bugs with tftp. This would seem to be
better resolved with rACLs or ACLs towards loopback/interface blocks. (and,
of course,
doesn't need to phone home for config. The device is
>>> programmed (router) and it registers with the call manager.
>>> If you analyze the transactions it's about 89% SIP and 11% SDP.
>>
>> Vonage devices initiate an outbound TFTP connection back to Vonage to
>> snarf their configs on initial connection and also
>> (presumably) on reboot.
>
> I tested the reboot. I didn't see it. I agree in general
> and think that providers shouldn't block tftp, IMHO.
>
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
relay. ISPs filter port 25 outbound, but leave 587
open with the idea that users would have to authenticate against distant
mail servers on that port. Everything works well.
587 running SMTP auth (and relaying for authenticated users) and port 25 for
local (non relay) delivery without authentication should be the default on
all servers.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
Was it part of a plea agreement?!
Maybe this is like the FBI employing forgers and burglars to get advice on
stopping crime?
Well, probably not... :(
- Dan
On 2/24/05 9:30 AM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
>
> Former chief privacy officer of Gator has been appointed to the
ere?
>
> For those that don't know... I am now the COO of UnitedLayer. It sounds
> like, since I am not going to pay the "extortion" fee to Bandwidth
> Advisors, that their consultants won't know about our pricing and
> services. Even if I did pay the fee, that means that their clients
> can't get the best deal as I need to raise my fees to client to cover
> the "small residual payment" going to "Bandwidth Advisors".
>
> Tim
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
t; * By previous requests here is an explanation of what "ASN" is, by Joe
>St Sauver:
>http://darkwing.uoregon.edu/~joe/one-pager-asn.pdf
>
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
ethodology. "Digested" is insufficient when ISPs
and hosters are being called out by name.
- Dan
On 3/28/05 2:19 PM, "Gadi Evron" <[EMAIL PROTECTED]> wrote:
> Daniel Golding wrote:
>> Forgive me for being skeptical, but...
>
> I would prefer you being s
And I appreciate Gadi's efforts. I hope they will soon be willing to make
this methodology public, as their work continues. And to take down some
phishing sites of course :)
- Dan
On 3/29/05 8:12 AM, "Gadi Evron" <[EMAIL PROTECTED]> wrote:
> We provided Daniel with all the information he reque
On the attack, are we? Its a free market. If folks don't like what
unregulated, non-monopoly ISPs are doing, they can go elsewhere.
I dislike the moralizing. This is business, not a battle of good vs evil.
- Dan
On 3/30/05 7:51 PM, "Eric A. Hall" <[EMAIL PROTECTED]> wrote:
>
>
> On 3/30/200
This is a matter of human nature, I suppose. Everyone is terribly pleasant
when they hear what they want. The true test is what happens when folk hear
the "wrong" answer.
I've depeered and I've been depeered. I've seen folks on the receiving end
of bad peering news handle it with consummate prof
t;> Doesn't mean that FT didn't know this would be a problem when they took
>> the step, though.
>
> Well, FT took the step as you say.. they are the instigator here.
>
> But, they are in their right to do so and would have given proper written
> notice
> to Cogent so this isnt as much a surprise to them as is being suggested
> either.
>
> Steve
>
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
f well-configured laptops.
>>
>> I guess one could argue that the chance of misconfiguration go up as
>> the number of systems goes up.
>>
>> --
>> TTFN,
>> patrick
>
> I didn't say "I hope a few cluefull people don't do this."
n the roots and TLD servers.
It might be interesting to pull query data on a root server and correlate it
with known dynamic IP address pools to spot a trend.
- Dan
On 4/15/05 9:54 AM, "Patrick W Gilmore" <[EMAIL PROTECTED]> wrote:
>
> On Apr 15, 2005, at 8:59 AM, Daniel Go
=96168964
>>
>
>
> At least in my neighborhood, Comcast appears to be running BIND 9.2.4rc6
>
> --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
>
>
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
Aside from individual OS behavior, doesn't this seem like very bad advice?
What sort of DNS cache poisoning attack could possibly work against a
workstation that has a caching resolver but no DNS server? If a hacker
really wished to do a name resolution attack against workstations, wouldn't
they
On that note, I suggest that folks from the NANOG community get involved
with CircleID. Its a great site with articles on everything from DNS and
addressing issues to domain naming and ICANN. It sometimes misses the
network operator perspective - a few articles or comments by some of the
folks on
Do all of Comcast's markets block port 25? Is there a correlation between
spam volume and the ones that do (or don't)?
In any event the malware is already ahead of port 25 blocking and is
leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
- Dan
On 4/26/05 2:49 PM, "Hank Nus
1 - 100 of 205 matches
Mail list logo
