jamie wrote:
> Anyone seeing the same?
Yep. When you try to dig a domain on their NS, it refers back to the
root-servers. Nice.
cr1:~# dig cunamutual.com @198.6.1.202
; <<>> DiG 9.3.4 <<>> cunamutual.com @198.6.1.202
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<-
Anyone seeing the same?
Summary : Multiple sites primary'd by auth*.uu.net nses being served
SERVFAILs for queries.
Implications are obvious
VZN : pls contact off list. Meanwhile, we'll be lighting up some phone
lines...
*nog : TIA,
jamie
; <<>> DiG 9.3.3 <<>> cunamutual.com ns
;; global
Anyone seeing the same?
VZN engineer : pls contact off list, sev-0
; <<>> DiG 9.3.3 <<>> cunamutual.com ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32159
___
NANOG mailing list
NANOG@nanog.org
http
* [EMAIL PROTECTED] (Janet Sullivan) [Thu 08 May 2008, 23:35 CEST]:
>1) Yes, Microsoft blocks ICMP for the most part, which will break Path
>MTU Discovery. This is a known issue. If you run into it, its most
>likely because the servers you are trying to talk to in MS-land don't
>have black hol
I thought I'd post a few constructive comments on this thread. (Full
disclosure: I am an ex-Microsoft employee. I do not speak for the
company, I'm just trying to help out the network community.)
1) Yes, Microsoft blocks ICMP for the most part, which will break Path
MTU Discovery. This is a
On Wed, 7 May 2008, Michael Sinatra wrote:
> Nathan Anderson/FSR wrote:
>> Here is a brief update on the situation:
>>
>> I have been in contact with someone at Microsoft's service operations
>> center, who has confirmed for me that MS does in fact block _all_ ICMP
>> at the edge of their network,
-- [EMAIL PROTECTED] wrote: ---
First of all I would like to thank everyone for their support and concern.
We certainly have a lot of things to "fix" at Microsoft. In fact, I can
tell you that we have several brand new positions open (working on my team
and for teams near m
A few comments on your comments below.
RM=for(1)
{manage_risk(identify_risk(product[i++]) &&
(identify_threat[product[i++]))}
[EMAIL PROTECTED] giac
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> On Behalf Of Iljitsch van Beijnum
> Sent: Thursday, May 08, 20
First of all I would like to thank everyone for their support and concern.
We certainly have a lot of things to "fix" at Microsoft. In fact, I can
tell you that we have several brand new positions open (working on my team
and for teams near mine) and could use more hands at the tiller.
My apo
On Thu, 8 May 2008, NetSecGuy wrote:
> Anyone else not able to access the PCH BGP Archive?
> http://www.pch.net/resources/data/routing-tables/archive/
> I'm getting a 403 Forbidden.
Fixed again now. The front-end web server was having trouble with its
connection to the back-end
On Thu, 8 May 2008, NetSecGuy wrote:
> Anyone else not able to access the PCH BGP Archive?
> http://www.pch.net/resources/data/routing-tables/archive/
> I'm getting a 403 Forbidden.
Oop, you're right, I just replicated the problem, about to take a look at
fixing it. Our apologi
Anyone else not able to access the PCH BGP Archive?
http://www.pch.net/resources/data/routing-tables/archive/
I'm getting a 403 Forbidden.
___
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog
On Wed, 7 May 2008, Deepak Jain wrote:
>
> I know of a tool that a major financial institution uses when certifying
> your networks security -- that scrapes the version number from your
> ESTMP banner to decide whether you comply or not (and other banners).
> (Rather than actually testing for a spe
On 8 mei 2008, at 9:53, Joel Jaeggli wrote:
> Oddly enough there is a draft on the subject of icmp filtering
> recomendations is making the rounds.
> http://tools.ietf.org/wg/opsec/draft-gont-opsec-icmp-filtering-00.txt
> The opsec working group ([EMAIL PROTECTED]) and the authors would
> apprec
I am having a bit of difficulty resolving a Flickr issue. Can someone point
me to contact in Flickr?
Cheers
Gareth
___
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog
Bjørn Mork wrote:
> Iljitsch van Beijnum <[EMAIL PROTECTED]> writes:
> After all, Microsoft must have a reason to block all icmp. Or?
>
>> However, in that case the only workable course of action would be TO
>> DISABLE PATH MTU DISCOVERY!
>>
>> You can't have your cake and eat it too.
>
> B
Iljitsch van Beijnum <[EMAIL PROTECTED]> writes:
> Now Microsoft is also the company that built the OS that could be
> crashed by a maliciously crafted fragmented IP packet, so maybe
> there's something to this security policy. (One hopes that this bug
> and others like it are now fixed.)
A
17 matches
Mail list logo
