Re: Level3 newyork - london, anyone else seeing issues?

On Jul 26, 2008, at 7:49 AM, John Menerick wrote: I was seeing the same thing around the same time. However, the "issue" corrected itself after 10 minutes. Not quite long enough to get Level3 support on the phone. Support's answer: "OOps, our bad." John Menerick http://www.icehax

Re: Level3 newyork - london, anyone else seeing issues?

I was seeing the same thing around the same time. However, the "issue" corrected itself after 10 minutes. Not quite long enough to get Level3 support on the phone. Support's answer: "OOps, our bad." John Menerick http://www.icehax.us twitter: aeonice aim: glacilwing On Jul 25, 2008,

RE: Exploit for DNS Cache Poisoning - RELEASED

Lack of accountability, heavily bureacratic, and dirigiste. Oh, and generally irrelevant/impotent in the real world of the streets/net and crime/insurgency/dictatorship. > -Original Message- > From: Alexander Harrowell [mailto:[EMAIL PROTECTED] > Sent: Friday, July 25, 2008 10:54 AM >

Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)

On Fri, Jul 25, 2008 at 5:52 PM, Matthew Petach <[EMAIL PROTECTED]> wrote: > I'm sure when Gmail gets close to the same number of users > as Yahoo, they will discover how challenging and painful it is > to support that many simultaneous short-lived SSL connections. True, however GMail has the adva

Re: Exploit for DNS Cache Poisoning - RELEASED

On Fri, 2008-07-25 at 23:25 +0100, Graeme Fowler wrote: > I saw this earlier in the week, along with queries for a domain name > which happens to have been registered by Dan Kaminsky, so I emailed him > about it. The addresses in question at Georgia Tech appear to be in use > as part of Doxpara's s

Re: Exploit for DNS Cache Poisoning - RELEASED

On Fri, 2008-07-25 at 18:14 -0400, Pete Carah wrote: > I saw much more than this *from the same address* starting two days ago, > and from several other blocks belonging to the same university starting > last week, to my home router and another server. So far my better > connected servers haven

Re: Exploit for DNS Cache Poisoning - RELEASED

Paul Vixie wrote: in we see this text: The DNS attacks are starting!!! Below is a snippet of a logwatch from last night. Be sure all DNS servers are updated if at all possible. The spooks are out in

Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)

On 7/24/08, Hank Nussbacher <[EMAIL PROTECTED]> wrote: > On Thu, 24 Jul 2008, Jeffrey Ollie wrote: > > > Interestingly enough, Google just added a feature to GMail to force > > secure connections: > > > http://googlesystem.blogspot.com/2008/07/force-gmail-to-use-secure-connection.html > > > > Jeff

Re: Exploit for DNS Cache Poisoning - RELEASED

in we see this text: The DNS attacks are starting!!! Below is a snippet of a logwatch from last night. Be sure all DNS servers are updated if at all possible. The spooks are out in full on this

Re: Federal Government Interest in your patch progress

The question is how can we as an interdependent industry close the gaps of the "Bubba" SPs and their software upgrade policies? The depends upon your definition of a "Bubba SP" I guess. Does that mean small? If so we might qualify. Or does "Bubba" mean not listening to lists like this?

Re: Federal Government Interest in your patch progress

On Fri, 25 Jul 2008, brett watson wrote: Unfortunately, several of the public "testing" sites have been generating false-positives. It would be good of you to list those here if you know which ones are generating false positives, so folks can avoid using them. Under the right (or wrong) cond

Weekly Routing Table Report

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. Daily listings are sent to [EMAIL PROTECTED] For historical data, please see http://thyme.apnic.net. If you have any comments please contact Philip Smith <[EMAIL PROTECTED]

Re: Federal Government Interest in your patch progress

On Jul 25, 2008, at 10:32 AM, Sean Donelan wrote: Unfortunately, several of the public "testing" sites have been generating false-positives. It would be good of you to list those here if you know which ones are generating false positives, so folks can avoid using them. -b

Re: Software router state of the art

> Would you rather deploy a $3000 cisco edge box which is a unexpandable, > 100 mbit piece of crap, or throw two $2000 Dell boxes and have a 1 GigE > platform? You don't need two $2000 Dell boxes to get a 1G platform, but this isn't the list for that. You also don't need a ton of money to do op

Re: Exploit for DNS Cache Poisoning - RELEASED

In what way is the EU's governance model the same as, or anything similar, to the UN's or ITU's? This argument gets increasingly silly. Hell, when did ITU last let someone randomly take over a chunk of the e164 name space? On Fri, Jul 25, 2008 at 4:06 PM, David Conrad <[EMAIL PROTECTED]> wrote: >

Re: Software router state of the art

It would be very useful if there was an effort from the telecom community to develop a dynamic routing frontend like Quagga. The amount of human work that it requires in order to build up a product is enormous. If only someone with millions of dollars could donate engineers. It would allow the

Re: Federal Government Interest in your patch progress

On Fri, 25 Jul 2008, Jared Mauch wrote: They wanted someone to apporach those NANOG guys to see if they'll get off their butts and upgrade. Personally, I share some of their frustration in getting the reasonable people to upgrade their software, knowing that the unreasonable folks won't.

Re: Software router state of the art

> Last thing to say is, I haven't tried upgrading since Vyatta abandoned > the XORP platform and moved to the Quagga platform, but I'm guessing > (based on experience w/ Quagga) that they have a lot fewer of these > quirks that I've described. Quagga is pretty decent, but it is not uncommon for

Re: Federal Government Interest in your patch progress

[EMAIL PROTECTED] (Jared Mauch) writes: > That being said, is there anyone keeping metrics of what upgrades > have been done so far? yes. OARC is coordinating that, with data from its own test tool, and from kaminsky's test tool, and from passive DNS traces seen at ISC SIE. OARC is also c

Re: Federal Government Interest in your patch progress

On Fri, 25 Jul 2008 12:07:40 -0400 Jared Mauch <[EMAIL PROTECTED]> wrote: > On Fri, Jul 25, 2008 at 11:04:59AM -0500, Jorge Amodio wrote: > > > > > >So, you say that(sarcasm). I just got off a 45 minute > > > call where the US > > > Federal government is interested in how to effectively >

Re: Federal Government Interest in your patch progress

On Fri, Jul 25, 2008 at 11:04:59AM -0500, Jorge Amodio wrote: > > > >So, you say that(sarcasm). I just got off a 45 minute call where > > the US > > Federal government is interested in how to effectively communicate to the > > infrastructure operators the importance and risks of not upgrad

Re: Federal Government Interest in your patch progress

> >So, you say that(sarcasm). I just got off a 45 minute call where > the US > Federal government is interested in how to effectively communicate to the > infrastructure operators the importance and risks of not upgrading the > resolvers. Just tell them to call the head of DoC and explai

Re: Software router state of the art

Yes. We put in some Vyatta routers to extend our corporate network into another building as a temporary solution (the building had a very short lease, so our boss didn't want to spend any money on Juniper which is our usual net gear vendor). Consequently, we are still there.. go figure. When w

Federal Government Interest in your patch progress

On Fri, Jul 25, 2008 at 09:59:35AM -0500, Jorge Amodio wrote: > > > >Regarding Bubba, he won't likely move until there is a real problem, > > this makes it on CNN, and even then, he may not understand what is going > > on. That win2k server in the corner never got updated. But when he > >

Re: Exploit for DNS Cache Poisoning - RELEASED

Valdis, On Jul 24, 2008, at 6:05 PM, [EMAIL PROTECTED] wrote: On Thu, 24 Jul 2008 17:43:10 PDT, David Conrad said: On Jul 24, 2008, at 4:24 PM, Tomas L. Byrnes wrote: The problem is, once the ICANNt root is self-signed, the hope of ever revoking that dysfunctional mess as authority is gone.

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

> >Regarding Bubba, he won't likely move until there is a real problem, > this makes it on CNN, and even then, he may not understand what is going > on. That win2k server in the corner never got updated. But when he > realizes > his business is at risk due to the buggy software, our pal B

Re: Level3 newyork - london, anyone else seeing issues?

Drew- Contact me offlist, that CAR router is our border. We pass to another entity after that. regards -Craig * Drew Weaver was thought to have said: > 915 ms17 ms17 ms ae-93-93.ebr3.Washington1.Level3.net > [4.69.134.173] > 1022 ms18 ms18 ms ae-3.ebr3.NewYork1.Le

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

On Fri, Jul 25, 2008 at 07:31:30PM +1200, Nathan Ward wrote: > So uh, is this patch available for download over HTTPS with a key that > was generated by the vendor and signed by well trusted root CAs on a > boxes with OpenSSL versions not released by Debian? > > PATCH NOW PATCH NOW seems like

Level3 newyork - london, anyone else seeing issues?

C:\Users\aweaver>tracert 123.237.32.1 Tracing route to 123.237.32.1 over a maximum of 30 hops 5 5 ms 5 ms 5 ms ae-2-6.bar2.Cleveland1.Level3.net [4.69.132.202] 6 5 ms 4 ms 4 ms ae-0-11.bar1.Cleveland1.Level3.net [4.69.136.185] 713 ms17 ms17 ms ae-6-6.e

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

On Thu, Jul 24, 2008 at 08:37:55PM -0400, [EMAIL PROTECTED] wrote: > On Thu, 24 Jul 2008 17:31:01 EDT, "Jay R. Ashworth" said: > > But it seems to me that Paul, you are here espousing the opinion that > > there's no business value in people being able to trust that the domain > > name they heard on

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

> > > So is this patch a "true" fix or just a temporary fix until further > work can be done on the problem? I guess you need to read some of the related papers/presentations/advisories/etc related to a subject that has been under discussion for more 20+ years. Answering your questions, as said

The Cidr Report

This report has been generated at Fri Jul 25 21:14:54 2008 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date

BGP Update Report

BGP Update Report Interval: 23-Jun-08 -to- 24-Jul-08 (32 days) Observation Point: BGP Peering with AS2.0 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS4538 209277 2.9% 41.8 -- ERX-CERNET-BKB China Education and Research Network Center 2

Re: Multiple DNS implementations vulnerable to cache poisoning

On Jul 11, 2008, at 7:58 AM, Tuc at T-B-O-H.NET wrote: Reading through the JavaScript that drives , it appears to be pretty easy to write a non-AJAX client to query Dan's service. I threw one together in perl, named "noclicky", that allows you to use Dan's service a

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

On 25/07/2008, at 6:45 AM, Scott Berkman wrote: Is it just me or is the test page below down now? Or maybe some poisoned the NS record for dns-oarc.net and sent it to nowhere to stop testing! (J/K since I can get to the rest of the page fine). Hmm, cute. So uh, is this patch available for d