Mark Smith wrote:
> On Sat, 17 May 2008 09:34:19 -0500
> [EMAIL PROTECTED] wrote:
>
>> On Sat, May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
>>> I'm sure it'll be good for a number of security providers to hawk their
>>> wares.
>>>
>>> If the way of running this isn't out in the wi
hello All,
Yeah NANOG knowledge base is really great...
thanks to all of you for your help...
regards
Devang Patel
On Fri, May 16, 2008 at 10:25 AM, Christopher Morrow <
[EMAIL PROTECTED]> wrote:
> On Fri, May 16, 2008 at 11:00 AM, Barry Raveendran Greene
> <[EMAIL PROTECTED]> wrote:
> >
> > Th
Drew Weaver wrote:
> (do people still DDoS with ICMP these days? I see a lot of what looks like
> udp.pl and hardly any ICMP attack traffic anymore)
We saw a small attempted attack using ICMP a few weeks ago, but as
you've mentioned I've mostly been seeing UDP floods (and the occasional
TCP SYN
Hi there,
I'm wondering if anyone else has run into this/has heard of/(is responsible
for)/knows the reason behind large IP providers limiting ICMP on outbound
connections to the same amounts regardless of the size of the circuit?
Apparently after one of our upstream providers swit
On Sun, 18 May 2008 09:29:47 +0930
Mark Smith <[EMAIL PROTECTED]> wrote:
> On Sat, 17 May 2008 09:34:19 -0500
> [EMAIL PROTECTED] wrote:
>
> > On Sat, May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
> > > I'm sure it'll be good for a number of security providers to hawk their
> > >
On Sun, 18 May 2008, Mark Smith wrote:
>
> "Reflections on Trusting Trust"
> http://cm.bell-labs.com/who/ken/trust.html
That is the #1 paper on security anyone can read, and reading your email I
was about to ask if you ever read it. It certainly is my fav.
Thanks for reminding us all of the url.
On Sat, 17 May 2008 09:34:19 -0500
[EMAIL PROTECTED] wrote:
> On Sat, May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
> > I'm sure it'll be good for a number of security providers to hawk their
> > wares.
> >
> > If the way of running this isn't out in the wild and it's actually
>
On Sat, 17 May 2008, Felix 'FX' Lindner wrote:
>
> But I don't see a reason for panic and Cisco is at least partially
> right with their response
> (
> http://www.cisco.com/en/US/products/products_security_response09186a0080997783.html
> )
> to the whole issue: someone still needs a privilege lev
> The question isn't IF routers have security vunerabilities,
> but whether Gadi has an example he can demonstrate now of
> installing a root kit on an IOS router NOW or not.
That's not really the question.
In fact, there are two questions. First, are routers really
embedded devices running a s
* Joel Jaeggli:
> The existence proof of a root kit does little if anything to change how
> one protects and secures the control plane.
| Network administrators are not able to observe Lawful Intercept is
| enabled. No Lawful Intercept program messages or error messages are ever
| displayed on t
At 7:41 AM -0700 5/17/08, Zitibake wrote:
>I'm looking for financing sources to help with the purchase of an IRU within
>my metro area. I'd be interested in hearing suggestions of how to describe
>the asset to potential lenders; or in hearing of lenders that are already
>familiar with IRUs as "
Gadi Evron wrote:
>> The question isn't IF routers have security vunerabilities
>
> Nope, the question is not about if routers have security vulnerabilities.
> The question is how operators and organizations can defend their routers
> against rootkits, and cisco's practices.
>
The existence pr
I'm looking for financing sources to help with the purchase of an IRU within my
metro area. I'd be interested in hearing suggestions of how to describe the
asset to potential lenders; or in hearing of lenders that are already familiar
with IRUs as "attachable assets".
___
On Sat, May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
> I'm sure it'll be good for a number of security providers to hawk their
> wares.
>
> If the way of running this isn't out in the wild and it's actually
> dangerous then a pox on anyone who releases it, especially to gain
> p
Check out Unipower. They make a stackable N-1 setup that does 30+ amps
(redundantly) of 110 in 2U.
Just remember to wire up their sync cable if you parallel 2 or more shelves.
--
Tim
On 5/16/08, Gregory Boehnlein <[EMAIL PROTECTED]> wrote:
> Hello all,
> I have some equipment going into
On Sat, 17 May 2008, Matthew Moyle-Croft wrote:
>
>> I'd love to know what magical mystical protection your routers have that
>> will
>> enable them to avoid the same fate as every other device and operating
>> system
>> has. There's only one thing up there that doesn't have known rootkits
>> in
On Sat, 17 May 2008, Matthew Moyle-Croft wrote:
>
>>
>> It is alright to have feelings.
>>
>> Gadi.
> So I ask again, expecting nothing but another flippant answer:
I will honour you flame-bait, but only once.
> Do you actually have live examples of this or able to demonstrate it or are
>
>
>
> > I'd love to know what magical mystical protection your routers have that
> > will
> > enable them to avoid the same fate as every other device and operating
> > system
> > has. There's only one thing up there that doesn't have known rootkits
> > in the wild. Yet.
> >
> The question
> I'd love to know what magical mystical protection your routers have that will
> enable them to avoid the same fate as every other device and operating system
> has. There's only one thing up there that doesn't have known rootkits
> in the wild. Yet.
>
The question isn't IF routers have secur
>
> It is alright to have feelings.
>
> Gadi.
So I ask again, expecting nothing but another flippant answer:
Do you actually have live examples of this or able to demonstrate it or
are you just theorising about it all?
MMC
___
NANOG mailing lis
On Sat, 17 May 2008 07:03:58 -0500 (CDT)
Gadi Evron <[EMAIL PROTECTED]> wrote:
> On Sat, 17 May 2008, Matthew Moyle-Croft wrote:
> >
> >> The question is who can't afford for these things to happen...
> >>
> >>Gadi.
> >>
> >>
> > I can't help but feel you're pushing fear to further some ot
On Sat, 17 May 2008, Matthew Moyle-Croft wrote:
>
>> The question is who can't afford for these things to happen...
>>
>> Gadi.
>>
>>
> I can't help but feel you're pushing fear to further some other interest here
> Gadi.
It is alright to have feelings.
Gadi.
__
> The question is who can't afford for these things to happen...
>
> Gadi.
>
>
I can't help but feel you're pushing fear to further some other interest
here Gadi.
Do you actually have live examples of this or able to demonstrate it or
are you just theorising about it all?
MMC
_
On Sat, 17 May 2008, Simon Lockhart wrote:
> On Sat May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
>> Paul Wall wrote:
>>> What if some good comes from this "root kit"?
>>>
>> I'm sure it'll be good for a number of security providers to hawk their
>> wares.
>
> How long before we need
On Sat, 17 May 2008, Suresh Ramasubramanian wrote:
> On Sat, May 17, 2008 at 12:47 PM, Matthew Moyle-Croft
> <[EMAIL PROTECTED]> wrote:
>> If the way of running this isn't out in the wild and it's actually
>> dangerous then a pox on anyone who releases it, especially to gain
>> publicity at the exp
On Sat, May 17, 2008 at 11:12 AM, Suresh Ramasubramanian
<[EMAIL PROTECTED]> wrote:
> On Sat, May 17, 2008 at 12:47 PM, Matthew Moyle-Croft
> <[EMAIL PROTECTED]> wrote:
>> If the way of running this isn't out in the wild and it's actually
>> dangerous then a pox on anyone who releases it, especiall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Suresh Ramasubramanian wrote:
> On Sat, May 17, 2008 at 12:47 PM, Matthew Moyle-Croft
> <[EMAIL PROTECTED]> wrote:
>> If the way of running this isn't out in the wild and it's actually
>> dangerous then a pox on anyone who releases it, especially to ga
On Sat, May 17, 2008 at 12:47 PM, Matthew Moyle-Croft
<[EMAIL PROTECTED]> wrote:
> If the way of running this isn't out in the wild and it's actually
> dangerous then a pox on anyone who releases it, especially to gain
> publicity at the expensive of network operators sleep and well being.
> May yo
On Sat, 17 May 2008, Paul Wall wrote:
> What if some good comes from this "root kit"?
>
> For instance, what if it lets us fix things like DOM on non-Cisco
> XENPAKs and SFPs? Or lets us un-cripple our 6500 chassis to run the
> code we want?
>
> Of course, given the messenger, I'm sure it's just h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You certainly don't have to. However, as other folks have indicated
here, that is the way that some folks read it. My guess is that this
was purely for network topology and administrative reasons.
Chris
On 16 May 2008, at 12.51, Colin A
On 17/05/2008, at 5:53 PM, Matthew Moyle-Croft wrote:
> Nathan Ward wrote:
>> If the foreign AS really wants to send you routes that way, they
>> can do it regardless of how you stop your advertisements being
>> accepted by/ reaching them. We're hardly talking high security here.
>>
>> ip rout
Simon Lockhart wrote:
>
> How long before we need to install Anti-virus / Anti-root-kit software on
> our routers?
>
Nah - we'll just replace them all with Macs. They don't need anti-virus ...
:-)
MMC
> Simon
>
___
NANOG mailing list
NANOG@nano
On Sat May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
> Paul Wall wrote:
> > What if some good comes from this "root kit"?
> >
> I'm sure it'll be good for a number of security providers to hawk their
> wares.
How long before we need to install Anti-virus / Anti-root-kit software
Paul Wall wrote:
> What if some good comes from this "root kit"?
>
I'm sure it'll be good for a number of security providers to hawk their
wares.
If the way of running this isn't out in the wild and it's actually
dangerous then a pox on anyone who releases it, especially to gain
publicity at
34 matches
Mail list logo
