On Tue, Jan 6, 2009 at 12:52 PM, Michael Painter wrote:
>
> I watched the 'Demo Video' and the addresses shown were from AT&T and
> Comcast space. Any idea of what space they might be from in real life or
> is that part of their secret sauce?
>
J.Random ADSL / cable space I dare say. Though wh
- Original Message -
From: "Randy Bush"
Sent: Monday, January 05, 2009 7:30 PM
Subject: Re: Where there's a nanog thread there'll be a vendor solution ..Re:
Ethical DDoS drone network
I cant believe this .. http://www.iprental.com
sheesh! and i thought the rirs had a monopoly on ip
In message <4962e096.7070...@karnaugh.za.net>, Colin Alston writes:
> On 2009/01/05 10:47 PM Randy Bush wrote:
> > perhaps i am a bit slow. but could someone explain to me how trust in
> > dns data transfers to trust in an http partner and other uses to which
> > ssl is put?
>
> I must also be
Martin Hannigan wrote:
> Hibernia has been busy.
>
> "THE COMMUNICATIONS minister Eamon Ryan and the North's Enterprise Minister
> Arlene Foster have announced the awarding of a £30 million (€32 million)
> contract to construct a new direct telecommunications link to North America
> that will bene
Joe Abley writes:
> On 2009-01-05, at 15:18, Jason Uhlenkott wrote:
>
>> If we had DNSSEC, we could do away with SSL CAs entirely. The owner
>> of each domain or host could publish a self-signed cert in a TXT RR,
>
> ... or even in a CERT RR, as I heard various clever people talking about
> in s
I cant believe this .. http://www.iprental.com
sheesh! and i thought the rirs had a monopoly on ip address rental. :)
randy
On Tue, Jan 6, 2009 at 10:54 AM, Jeffrey Lyon
wrote:
> This is new to you? Polymorphic anonymizers have been a way of life
> for a while now.
>
> Jeff
I just thought I'd cite an example. These have been around for a
while, as you say.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
I'm looking for feedback from users of the Hirschmann (Belden)
ethernet switches in a service provider environment. Private or
public appreciated.
Drive Slow,
Paul Wall
This is new to you? Polymorphic anonymizers have been a way of life
for a while now.
Jeff
On Mon, Jan 5, 2009 at 7:55 PM, Suresh Ramasubramanian
wrote:
> On Mon, Jan 5, 2009 at 10:24 PM, BATTLES, TIMOTHY A (TIM), ATTLABS
> wrote:
>> There are some assumptions here. First are you considering vo
Hibernia has been busy.
"THE COMMUNICATIONS minister Eamon Ryan and the North's Enterprise Minister
Arlene Foster have announced the awarding of a £30 million (€32 million)
contract to construct a new direct telecommunications link to North America
that will benefit Northern Ireland and the Republ
On 2009/01/05 10:47 PM Randy Bush wrote:
perhaps i am a bit slow. but could someone explain to me how trust in
dns data transfers to trust in an http partner and other uses to which
ssl is put?
I must also be slow. Can someone tell me how DNSSEC is supposed to
encrypt my TCP/IP traffic?
Will this default route 0.0.0.0/0 be exporting to AS-level neighbors?
On Mon, Jan 5, 2009 at 8:49 PM, Edward B. DREGER
wrote:
> KC> Date: Mon, 5 Jan 2009 18:05:48 -0600
> KC> From: Kai Chen
>
> KC> is this router using a default routing for all the other
> KC> destinations?
>
> Either that:
>
>
KC> Date: Mon, 5 Jan 2009 18:05:48 -0600
KC> From: Kai Chen
KC> is this router using a default routing for all the other
KC> destinations?
Either that:
router> sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
or partial tables with no default:
router> sh ip rou
http://www.theregister.co.uk/2009/01/05/cisco_router_hijacking/
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Jan 6, 2009, at 8:45 AM, Jack Bates wrote:
Sadly, I think money and time have a lot to do with this.
Even more than this, it's a skillset and mindset issue. Many
organizations don't know enough about how the underlying technologies
work to understand that they need to incorporate thes
On Mon, Jan 5, 2009 at 10:24 PM, BATTLES, TIMOTHY A (TIM), ATTLABS
wrote:
> There are some assumptions here. First are you considering volumetric
> DDOS attacks? Second, if you plan on harvesting wild bots and using them
> to serve your purpose then I don't see how this can be ethical unless
> th
Roland Dobbins wrote:
In my experience, once one has an understanding of the performance
envelopes and has built a lab which contains examples of the functional
elements of the system (network infrastructure, servers, apps,
databases, clients, et. al.), one can extrapolate pretty accurately wel
On Jan 6, 2009, at 8:01 AM, David Barak wrote:
The types of problems that the ultra-large DoS can ferret out are
the kind which *don't* show up in anything smaller than a 1:1 or 1:2
scale model.
In my experience, once one has an understanding of the performance
envelopes and has built a
If it has a default route, 0.0.0.0/0, in its routing table, then yes,
it is.
If it does not, then no, it is not.
-jasper
On 6/01/2009, at 1:05 PM, Kai Chen wrote:
Hi all I have a question:
I see very few prefixes in a routing table and combining the prefixes
does not cover addresses space,
Hi all I have a question:
I see very few prefixes in a routing table and combining the prefixes
does not cover addresses space, for example, {78.41.184.0/21,
91.103.239.0/24, 91.103.232.0/22, 82.138.64.0/23, 91.103.232.0/21,
77.95.71.0/24} are all prefixes I observed from a BGP speaking router,
I
-- On Mon, 1/5/09, Roland Dobbins wrote:
> From: Roland Dobbins
> Subject: Re: Ethical DDoS drone network
> To: "NANOG list"
> Date: Monday, January 5, 2009, 6:39 PM
> On Jan 6, 2009, at 7:23 AM, David Barak wrote:
>
> > In my opinion, the real thing you can puzzle out of
> this kind of testi
On Mon, Jan 5, 2009 at 4:19 PM, Peter Beckman wrote:
>* UTC can get out of whack with the rotation of the earth around the
> sun, because our rotation is not uniform, but is calculated rather
> than measured (well, sort of)
As Crist Clark points out, leap seconds are about the Ear
On Tuesday 06 January 2009 01:43:25 am Justin Shore wrote:
> I never could get
> IS-IS to work with multiple areas. The 7600s made a
> smelly mess on the CO floor every time I tried. In the
> end I went with a L2-only IS-IS network.
How so?
Cheers,
Mark.
signature.asc
Description: This is
On Jan 6, 2009, at 7:23 AM, David Barak wrote:
In my opinion, the real thing you can puzzle out of this kind of
testing is the occasional hidden dependency.
Yes - but if your lab accurately reflects production, you can discover
this kind of thing in the lab (and one ought to already have a
On Jan 6, 2009, at 6:52 AM, Jack Bates wrote:
(or tell you up front that you'll crater their equipment).
This is the AUP danger to which I was referring earlier. Also, note
that the miscreants will attack intermediate systems such as routers
they identify via tracerouting from multiple p
In my opinion, the real thing you can puzzle out of this kind of testing is the
occasional hidden dependency. I've seen ultra-robust servers fail because a
performance monitoring application living on them was timing out in a remote
query, and I've also seen devices fail well below their expec
Peter Beckman wrote:
* GMT is used to imply UT1, but sometimes UTC, but really GMT is just
massively confusing and you shouldn't use it, either in conversation
or in your servers/routers, because nobody is really sure without
reading a lot of documentation what GMT means for
BATTLES, TIMOTHY A (TIM), ATTLABS wrote:
True, real world events differ, but so do denial of service attacks.
Distribution in the network, PPS, BPS, Packet Type, Packet Size, etc..
Etc.. Etc.. So really I don't get the point either in staging a real
life do it yourself test. So, you put pieces
In message <20090105201859.gc15...@ferrum.uhlenkott.net>, Jason Uhlenkott write
s:
> On Fri, Jan 02, 2009 at 15:33:05 -0600, Joe Greco wrote:
> > This would seem to point out some critical shortcomings in the current SSL
> > system; these shortcomings are not necessarily technological, but rather
On Tue, Jan 06, 2009 at 06:09:34 +0900, Randy Bush wrote:
> to use your example, the contractor who serves dns for www.bank.example
> could insert a cert and then fake the web site having (a child of) that
> cert. whereas, if the site had its cert a descendant of the ca for all
> banks, this at
On 01/05/09 12:47, Randy Bush wrote:
> perhaps i am a bit slow. but could someone explain to me how trust in
> dns data transfers to trust in an http partner and other uses to which
> ssl is put?
Because I have to trust the DNS anyway. If the DNS redirects my users
to a bad site, they may not no
>>> On 1/5/2009 at 1:19 PM, Peter Beckman wrote:
> I've gleened from this thread that:
>
> * everyone uses UTC, or should, because UTC is a uniform time scale,
>except for those leap seconds
Local time is totally appropriate in some circumstances, but it
is pretty much always define
Randy Bush wrote:
perhaps i am a bit slow. but could someone explain to me how trust in
dns data transfers to trust in an http partner and other uses to which
ssl is put?
randy
It wouldn't, which is why the original suggestion is a bad idea.
They're different issues (finding the actual ad
> On 09.01.06 05:59, Joe Abley wrote:
> >> perhaps i am a bit slow. but could someone explain to me how trust in
> >> dns data transfers to trust in an http partner and other uses to which
> >> ssl is put?
> >
> > If I can get secure answers to "www.bank.example IN CERT?" and
> > "www.bank.example
On Tue, 06 Jan 2009 06:09:34 +0900, Randy Bush said:
> to use your example, the contractor who serves dns for www.bank.example
> could insert a cert and then fake the web site having (a child of) that
> cert. whereas, if the site had its cert a descendant of the ca for all
> banks, this attack
I've gleened from this thread that:
* everyone uses UTC, or should, because UTC is a uniform time scale,
except for those leap seconds
* UTC is sourced from the frequence of a radio emission from cesium
atoms which are extremely constant
* UTC can get out of whack with the
True, real world events differ, but so do denial of service attacks.
Distribution in the network, PPS, BPS, Packet Type, Packet Size, etc..
Etc.. Etc.. So really I don't get the point either in staging a real
life do it yourself test. So, you put pieces of your network in
jeopardy night after nig
On 09.01.06 05:59, Joe Abley wrote:
perhaps i am a bit slow. but could someone explain to me how trust in
dns data transfers to trust in an http partner and other uses to which
ssl is put?
If I can get secure answers to "www.bank.example IN CERT?" and
"www.bank.example IN A?" then perhaps when
On 2009-01-05, at 15:47, Randy Bush wrote:
perhaps i am a bit slow. but could someone explain to me how trust
in dns data transfers to trust in an http partner and other uses to
which ssl is put?
If I can get secure answers to "www.bank.example IN CERT?" and "www.bank.example
IN A?" the
perhaps i am a bit slow. but could someone explain to me how trust in
dns data transfers to trust in an http partner and other uses to which
ssl is put?
randy
On 2009-01-05, at 15:18, Jason Uhlenkott wrote:
If we had DNSSEC, we could do away with SSL CAs entirely. The owner
of each domain or host could publish a self-signed cert in a TXT RR,
... or even in a CERT RR, as I heard various clever people talking
about in some virtual hallway the othe
On Fri, Jan 02, 2009 at 15:33:05 -0600, Joe Greco wrote:
> This would seem to point out some critical shortcomings in the current SSL
> system; these shortcomings are not necessarily technological, but rather
> social/psychological. We need the ability for Tom, Dick, or Harry to be
> able to crank
> FWIW, I'm primarily concerned about testing PPS loads and not
> brute force bandwidth.
Simple solution.
Write some DDoS software that folks can install on their own
machines. Make its so that the software is only triggered by
commands from a device under the same administrative control,
i.e.
I'm looking for an AIM/ICQ security contact. If someone has any names I
can direct my requests to please contact me unicast so we can keep the
S/N as low as possible.
Thanks
Thomas
> It's theoretically possible for leap seconds to be introduced
> at the end of March and September.
As I recall, NTP supports leap seconds every month,
for which there is a prediction that even this
would be insufficient at some point in this
millennium (depending, of course, on the actual
rot
But I don't think his boss would be too happy when their network is up and down
for days because he irk'ed a scriptkiddie on irc just to test their limits :)
-r
-Original Message-
From: Seth Mattinen [mailto:se...@rollernet.us]
Sent: Monday, January 05, 2009 1:36 PM
To: na...@merit.edu
Ray Corbin wrote:
Until you get hit at 8GB/s and then don't have a nice 'off' button..
However, it would very accurately simulate a real-world attack where you
don't get to have an "off" button.
~Seth
Thanks all for sharing information!
regards
Devang Patel
On Mon, Jan 5, 2009 at 11:43 AM, Justin Shore wrote:
> Kevin Oberman wrote:
>
>> I would hope you have a backbone well enough secured that you don't need
>> to rely on this, but it does make me a bit more relaxed and makes me
>> wish we we
Until you get hit at 8GB/s and then don't have a nice 'off' button..
-r
-Original Message-
From: Michael Gazzerro [mailto:mike.gazze...@nobistech.net]
Sent: Monday, January 05, 2009 1:14 PM
To: 'Jeffrey Lyon'; na...@merit.edu
Subject: RE: Ethical DDoS drone network
You could just troll
JL> Date: Mon, 5 Jan 2009 12:54:24 -0500
JL> From: Jeffrey Lyon
JL> FWIW, I'm primarily concerned about testing PPS loads and not brute
JL> force bandwidth.
Which underscores my point: bps with minimally-sized packets is even
higher pps than bps with "normal"-sized packets, for any non-minimal
You could just troll people on IRC until you get DDOS'd. All the fun, none
of the work!
-Original Message-
From: Jeffrey Lyon [mailto:jeffrey.l...@blacklotus.net]
Sent: Monday, January 05, 2009 11:54 AM
To: na...@merit.edu
Subject: Re: Ethical DDoS drone network
FWIW, I'm primarily conc
TAB> Date: Mon, 5 Jan 2009 11:54:06 -0500
TAB> From: "BATTLES, TIMOTHY A (TIM), ATTLABS"
TAB> assuming your somewhat scaled, I would think this could all be done
TAB> in the lab.
And end up with a network that works in the lab. :-)
- bw * delay
- effects of flow caching, where applicable
- jitte
FWIW, I'm primarily concerned about testing PPS loads and not brute
force bandwidth.
Best regards, Jeff
On Mon, Jan 5, 2009 at 12:51 PM, Edward B. DREGER
wrote:
> RD> Date: Mon, 5 Jan 2009 15:54:50 +0800
> RD> From: Roland Dobbins
>
> RD> AUPs are a big issue, here..
>
> And AUPs [theoretically]
On 05/01/2009 6:01, "Nick Hilliard" wrote:
[...]
> But seriously. Leap seconds occur every couple of years, either on July
> 30th and Dec 31. Sometimes both. And sometimes every consecutive year for
> a couple of years on the run.
It's theoretically possible for leap seconds to be introduced
RD> Date: Mon, 5 Jan 2009 15:54:50 +0800
RD> From: Roland Dobbins
RD> AUPs are a big issue, here..
And AUPs [theoretically] set forth definitions.
Of course, there exist colo providers with "unlimited 10 Gbps bandwidth"
whose AUPs read "do not use 'too much' bandwith or we will get angry",
thus
Kevin Oberman wrote:
I would hope you have a backbone well enough secured that you don't need
to rely on this, but it does make me a bit more relaxed and makes me
wish we were using ISIS for IPv4, as well. The time and disruption
involved in converting is something that will keep us running OSPF
PWG> Date: Mon, 5 Jan 2009 06:53:49 -0500
PWG> From: Patrick W. Gilmore
PWG> But back to your original point, how can you tell it is shit data?
AFAIK, RFC 3514 is the only standards document that has addressed this.
I have yet to see it implemented. ;-)
Eddy
--
Everquick Internet - http://www.e
On Mon, 05 Jan 2009 06:53:49 EST, "Patrick W. Gilmore" said:
> Knowing whether the systems - internal _and_ external - can handle a
> certain load (and figuring out why not, then fixing it) is vital to
> many people / companies / applications. Despite the rhetoric here, it
> is simply not po
On Jan 5, 2009, at 11:30 AM, Adrian Chadd wrote:
This begs the question - how the heck do timekeepers and politicians
get
away with last minute time changes?
Surely there's -some- pushback from technology related interest
groups to
try and get more than four weeks warning? :)
Having b
Adrian Chadd wrote:
> Wow, how'd I miss that, I wonder? :)
I would recommend lodging a complaint to the relevant authorities. That's
sure to help.
But seriously. Leap seconds occur every couple of years, either on July
30th and Dec 31. Sometimes both. And sometimes every consecutive year for
There are some assumptions here. First are you considering volumetric
DDOS attacks? Second, if you plan on harvesting wild bots and using them
to serve your purpose then I don't see how this can be ethical unless
they are just clients from your own network making it less distributed.
You would the
Adrian Chadd wrote:
> This begs the question - how the heck do timekeepers and politicians get
> away with last minute time changes?
>
> Surely there's -some- pushback from technology related interest groups to
> try and get more than four weeks warning? :)
>
>
>
> Adrian
>
>
The first notice
On Mon, Jan 05, 2009, Nick Hilliard wrote:
> Notice for the leap second was issued on July 4 2008.
>
> http://hpiers.obspm.fr/iers/bul/bulc/bulletinc.36
>
Wow, how'd I miss that, I wonder? :)
I'm just angry at the jack moves pulled by last minute timezone changes
back in Australia, and the mas
On Tue, Jan 06, 2009 at 01:30:51AM +0900, Adrian Chadd wrote:
> This begs the question - how the heck do timekeepers and politicians get
> away with last minute time changes?
>
> Surely there's -some- pushback from technology related interest groups to
> try and get more than four weeks warning? :
Adrian Chadd wrote:
> This begs the question - how the heck do timekeepers and politicians get
> away with last minute time changes?
>
> Surely there's -some- pushback from technology related interest groups to
> try and get more than four weeks warning? :)
?
Notice for the leap second was issue
This begs the question - how the heck do timekeepers and politicians get
away with last minute time changes?
Surely there's -some- pushback from technology related interest groups to
try and get more than four weeks warning? :)
Adrian
On Mon, Jan 05, 2009, Frank Bulk wrote:
> A report from a D
Thanks for all those who responded on and off-list. Several persons
confirmed for me using their Akamai account that the address space was
correctly listed in Akamai's database, and between Google's quasi-generic
online form (http://google.com/support/bin/request.py?contact_type=ip) and a
Google e
A report from a DHCP/DNS appliance vendor here:
Several customers have reported a complete lock-up of their Proteus system
around the beginning of January 1st 2009. We believe that we have traced
this to a problem in the underlying kernel and NTP and the handling of the
date ch
On Jan 5, 2009, at 2:54 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 3:04 PM, Patrick W. Gilmore wrote:
I can think of several instances where it _must_ be external. For
instance, as I said before, knowing which intermediate networks are
incapable of handling the additional load is useful i
On Jan 5, 2009, at 3:39 AM, Gadi Evron wrote:
On Sun, 4 Jan 2009, kris foster wrote:
On Jan 4, 2009, at 11:11 PM, Gadi Evron wrote:
On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
I can thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
The IANA IPv4 registry has been updated to reflect the allocation
of two /8 IPv4 blocks to ARIN in December 2008: 108/8 and 184/8. You can
find the IANA IPv4 registry at:
http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml
h
On Sun, 4 Jan 2009, kris foster wrote:
On Jan 4, 2009, at 11:11 PM, Gadi Evron wrote:
On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
I can think of several instances where it _must_ be exte
72 matches
Mail list logo
