their apps won't work via NAT, or who want to run RFC1918 space for a
LAN at home, then find out that lots of stuff can't stand being NATted
twice.
--
--------
Roland Dobbins <[EMAIL PROTECTED]> // 650.776.1024 voice
"
ciated.
Thanks!
---------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Roland Dobbins - that's me asking about the time intervals for the
bins and the TCP flags stuff.
;>
Note that 5-minute bins may not always be optimal for opsec - 5
minutes minimum to see something happening and then 5 minutes to see
if your mitigation action was effective i
?
--
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Everything has been said. But nobody listens.
-- Roger Shattuck
to re-
address at the drop of a hat due to changing business relationships
with their SPs (see RFC 4192 for an exposition on the effort required
to renumber, and discussion on the concept of network renumbering as
a frequent procedure).
---------
staff. I hope that
the operational community will turn to more fruitful lines of enquiry
regarding IPv6 multihoming.
------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Everything has been said. Bu
iness realities -
does- have value, and that's what's being proposed.
------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Everything has been said. But nobody listens.
-- Roger Shattuck
ncept Experiment' to be a success, take
the lessons learned (there are a lot more unresolved and potentially
problematic issues than those mentioned in this thread) into account
and get started on IPv8.
----------
Roland
[ It's been pointed out that, due to various historical reasons, IPv8
might not be the best choice of version-number to use in this
context. So, IPv10 can serve for purposes of discussion, in its
stead. ]
On Mar 5, 2006, at 7:19 PM, Roland Dobbins wrote:
On Mar 5, 2006, at 6:
OmniGraffle Pro for OS/X:
http://www.omnigroup.com/applications/omnigraffle/pro/
It can import and export Visio XML format, as well.
----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Everything has
e clear about that.
----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Everything has been said. But nobody listens.
-- Roger Shattuck
undesirable activity on the networks in question?
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
it premature to speculate about someone else's chain of
reasoning and then attack his logic, in the absence of any concrete
information regarding same.
;>
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
hope.
;>
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
point . . .
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
s a common number transposition, while there certainly is
with linguistic constructs such as letters).
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
/academic/product/
0,1144,0321127005,00.html>
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
ally, 'How does routing
work?'. I would strongly suggest familiarizing oneself with the
reference materials cited in the previous reply, as they provide a
good introduction to the fundamentals of this topic.
--------
?
Or they've already sufficient diversity in terms of peering/transit
relationships and physical interconnectivity to handle the situation
in question - depending upon the situation, of course.
---
Roland Dobbins &l
for prior art when proposing 'solutions' to various problems.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
I don't sound like nobody.
-- Elvis Presley
o-SMS gateway, etc., OOB. And
of course, multiple methods in event of failure of one of them.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
I don't sound like nobody.
-- Elvis Presley
by S/RTBH or
ACLs (or a QoS policy), some of the various DDoS scrubbers available
from different vendors may be able to deal with this via the
anomalous TCP rates associated with these streams of spam, and/or
regexp.
-------
R
er to metered accounts help resolve
some of the problems, assuming that even those metered accounts would
have some QoS-type constraints in order to ensure they don't consume
all available bandwidth?
-------
Roland Dobbins &
desirable applications). It's been stated in the
press that Apple are doing this with the iPhone SDK, too.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy fo
On Dec 3, 2007, at 9:43 AM, John Kristoff wrote:
TCP/IP Illustrated: Volume I
W. Richard Steves
Kozierok is pretty handy, too:
<http://nostarch.com/tcpip.htm>
---
Roland Dobbins <[EMAIL PROTECTED]> //
On Dec 17, 2007, at 9:58 PM, Danny McPherson wrote:
when client-side attacks seem to be more than sufficient.
A self-selected group of victims really helps lower the
reconnaissance opex, heh.
;>
---
Roland Dobb
u tell them what interval
you're using. It's generally considered highly desirable to make use
of this functionality, for the aforementioned reasons.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527
ixed-time basis.
There are folks involved in various NetFlow collection/analysis
efforts on this list, I'm sure one of them or someone from Juniper
will respond. juniper-nsp might also be a good place to ask.
-------
Ro
deployment, heh).
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
party, but for many others, as well.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
thods.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
rist groups want the comms to stay up so
that they can make use of them, and the governments want the comms to
stay up so that they can monitor the terrorist group comms).
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527
lackhole list post-cleanup, in Trend's case?
Is there a notification mechanism so that folks who may not subscribe
to Trend's service but who are unwittingly hosting a botnet C&C are
made aware of same?
-------
<http://www.wired.com/techbiz/it/multimedia/2008/03/
gallery_one_wilshire>
---
Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile
If you don't know what to do, it&
s at layer-7,
including HTTP and DNS. S/RTBH is also an option, keeping in mind
some of the caveats you mentioned (staying mindful of attacking hosts
behind proxies, botted hosts of legit customers, et. al.).
-------
Rola
ndors is
also key, so that you can get assistance when you need it.
---
Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile
It doesn't pay to dispute what you know to be true.
-- Fred Reed
ansit/hosting/colo customers, and some provide it as an OTT/overlay
service.
---
Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile
It doesn't pay to dispute what you know to be true.
-- Fred Reed
, but then it became apparent that the value of the
information in the cache and the ability to export it as telemetry
were of more value, as there were other, more efficient methods of
moving the packets around.
---
Roland
s bodies must
understand the seriousness of these issues for customers and work to
address them (pardon the pun, heh).
------------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
One of the main causes of the fall o
n question.
--------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
One of the main causes of the fall of the Roman Empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs.
-- Robert Firth
sible.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.
ss potential for breakage:
http://www.nanog.org/mtg-0405/mcdowell.html
Note that a good infrastructure addressing plan is a prerequisite for
both of these methods.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376
ns of commercial
airliners, it's unclear whether such a service will attract
sufficient subscribers to become economically viable, IMHO.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information se
battery capacity.
And coach is where most people fly. Many business travelers are
forced to fly coach by their travel departments unless/until they
acquire enough frequent-flyer miles to occasionally upgrade, or pay
out of pocket.
--
personal opinion; I would -love- for
this service to be economically viable so that I could use it. I
just believe that there are certain preconditions which must be met
for it to succeed.
---
Roland Dobbins <[EMAIL PROTEC
igher.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be conside
nt it
out later.
And, of course, this thread is now irretrievably off-topic, heh.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be c
l, as well.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.
-- The Lucy Van Pelt Pri
ommon interests to whom discussion of the topic(s) at
hand will come naturally, without the need for artificial stimulus.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Any information security mechanism,
n.com
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
All battles are perpetual.
-- Milton Friedman
NetFlow. There are several good commercial NetFlow-based anomaly-
detection systems (Arbor, Lancope, Narus, Q1, etc.) and even an open-
source project (currently fallow) called Panoptis.
---
Roland Dobbins <[EMAIL PROTEC
#x27;, and would also allow more accurate documentation (many
products and tools have special handling for the designated private
ASNs which make documentation difficult).
-------
Roland Dobbins <[EMAIL PROTECTED]> // 40
ublicly or privately) as to what IANA
should do here.
Are IANA considering operating a BGP routeserver infrastructure?
What about LDAP and other mechanisms?
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
with these kinds of issues
already, or are anticipating doing so in the not-so-distant future.
Any insight or informed speculation greatly appreciated!
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.63
e amenable to metered billing?
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
All battles are perpetual.
-- Milton Friedman
s a very interesting and thought-provoking paper, but it
doesn't answer the questions I was asking, I'm sorry if that wasn't
clear.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
P2P filesharing apps.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
All battles are perpetual.
-- Milton Friedman
ns', as it were.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
All battles are perpetual.
-- Milton Friedman
ser-configurable?
Will you insert ads into the content? If so, will you offer a
revenue-sharing model for SPs who wish to participate?
Many thanks!
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.637
On Jan 7, 2007, at 12:28 PM, Roland Dobbins wrote:
Colm, a few random questions as they came to mind:[;>]
Two more questions:
Do you plan to offer the Venice Project for mobile devices? If so,
which ones?
Will you support offline storage/playback?
Thanks ag
entirely relevant to network operations, heh.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
, and much appreciated!
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
more than a
little ironic) to watch as various elements within the infringing-
oriented P2P community attempt to outwit and police one another's
behavior, especially when compared/contrasted with the same classes
of ongoing conflict between the infringing-oriented P2P community,
content p
nfigs?
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
s with non-DRMed .mp3s and
a subscription model; perhaps (an official) P2P distribution might be
a logical next step for a service of this type. I think it would be
a very interesting experiment.
-----------
Roland Dobbins <[EMAIL
/3634931 (roofnet SP/
facilitator)
http://www.meraki.net/
http://www.microsoft.com/technet/network/p2p/pnrp.mspx (built into
Vista, enabled by default, I think)
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
bandwdith consumption is taking place now and try to extrapolate some
trends; a good topic for a PhD dissertation, IMHO.
;>
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is le
hink there's interest from the consumer level, already:
http://torrentfreak.com/review-the-wireless-BitTorrent-router/
It's early days, but if this becomes the norm, then the end-users
themselves will end up doing the caching.
------
bandwidth at various points in the topology.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
d distribution might be
an interesting approach for SPs to consider, as it would reduce the
CAPEX and OPEX for caching services and encourage the users
themselves to subsidize the bandwidth costs to one degree or another.
--------
much
antibiotics you're getting per hour after your open-heart surgery?)
for purposes which aren't suited to direct connectivity to/from
anyone on the global Internet.
-------
Roland Dobbins <[EMAIL PROTECTED]>
ble) ways to work
around such problems, in many cases.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
l's),
Of course.
c) toys exist that some people clearly don't know about yet ;)
Indeed.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
ecome more common as more of these types of
relationships are established.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
le down the road.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
eness in
any given situation is entirely subjective.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
T' debate is of minor importance compared
to more fundamental questions.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Technology is legislation.
-- Karl Schroeder
the delay)
Moral issues aside, I'd love to see this litigated.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
ple of how the miscreants can change their
focus as needs must).
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
n't help at all with email-delivered malware,
browser exploits, etc.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
ng to firewalls/NATs.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
principle actually encompasses).
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
chy in application-layer email routing (or DNS infrastructure,
etc.) has nothing to do with the actual end-to-end principle, except
as a good example of honoring it.
-----------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.
namic enough in nature to
accommodate updates when new blocks are cracked open. 'Static'
shouldn't be read as 'eternal', although that's often what ends up
happening.
;>
-----------
Roland Dobbins <
unced,
and Team Cymru maintain examples which are updated regularly.
But, of course, you know this, so I suspect somehow you're trying to
make a different kind of point.
;>
-------
Roland Dobbins <[EMAIL PROTECTED]&
better/easier functionality' type
of problem, a 'need the SPs to do a better job with this' kind of
problem, or is it more in the realm of a 'TCP/IP in its current
incarnation(s) lends itself these kinds of issues' type of problem?
---------
rds bodies
(or some combination thereof)?
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
brittle mechanisms for
same. Until such time as they're invented and deployed, let's not
make the perfect the enemy of the merely good, yes?
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands complete participation.
-- Marshall McLuhan
is for them (or, perhaps, the lack of someone to do it for
them as an excuse to do nothing at all).
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
The telephone demands compl
delegates another block to an RIR?
Or by the way, how much spoofed traffic uses allocated addresses?
No one has done the digging required to answer any of these
questions, unfortunately.
---
Roland Dobbins <[EMAIL PROTEC
n't offer; when they wish to do so, it'll become an
issue, IMHO.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
ow, they're all overlay
networks which the SPs don't view as being directly monetizable. If/
when they offer such services themselves, however, I, predict this
will change.
-----------
Roland Dobbins <[EMAIL PROTECTED]&g
consumer
broadband SPs who offer metered service? Is their revenue model more
amenable to doing capacity-expansion buildouts, vs. all-you-can-eat
(except when you eat too much, heh) revenue models?
---
Roland Dobbins <[EM
impact the equation?
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
WiMAX?
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
nnel' for their customers.
Just another example of how network effects tend to lead to
disintermediation, which is of course extremely disruptive to
traditional distribution models.
-----------
Roland Dobbins <[EMAIL
On Mar 14, 2007, at 7:07 PM, Justin M. Streiner wrote:
NOC (insert generic group name here)?
NOC NOC?
[Who's there?]
;>
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come
ng from it.
-------
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
;d go through the
above exercise, first.
---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
1 - 100 of 119 matches
Mail list logo
