Re: Anyone see a game changer here?

On Thu, 2010-01-21 at 23:19 -0600, James Hess wrote: > On Thu, Jan 21, 2010 at 9:52 PM, Gadi Evron wrote: > > It is not as if there are a wealth of alternatives. There are still > many cases, where IE or MSHTML components are a pre-requisite, to > access a certain product that is important

Re: Network Bandwidth Reporting Tool

Hi, 1. ETINC - www.etinc.com - Really good with a mysql backend and gives you exactly what you are looking for. You can either buy the software and build it into a FreeBSD box or you can get the already built appliance. The price point is also quite good 2. Allot - www.allot.com -Comes with a lot

Re: Anyone see a game changer here?

The problem with IE is the same problem as Windows, the basic design is fundementally insecure and "timely updates" can't fix that. Bruce On Thu, Jan 21, 2010 at 9:19 PM, James Hess wrote: > On Thu, Jan 21, 2010 at 9:52 PM, Gadi Evron wrote: >> On 1/15/10 5:52 PM, Steven Bellovin wrote: > ..> 2

Re: Anyone see a game changer here?

On Thu, Jan 21, 2010 at 9:52 PM, Gadi Evron wrote: > On 1/15/10 5:52 PM, Steven Bellovin wrote: ..> 2. Is Microsoft, while usually timely and responsible, completely > irresponsible in wanting to patch this only in February? While they patched > it sooner (which couldn't have been easy), their ove

policies for 24.0.0.0/8 ?

i'm doing some consulting work for a cable operator in Pakistan. while i'm guessing that realistically we will be approaching RIPE for address space, i'm just wandering what happened to 24.0.0.0/8 and what policies govern who and what can use the address space there. -- Jim Mercerj...@r

Re: fix the edge (was Re: 1/8 and 27/8 allocated to APNIC)

Anton Kapela wrote: > On Thu, Jan 21, 2010 at 8:22 PM, Jon Lewis wrote: > >> I thought there was some other group that had been squatting in 1/8, >> something about radio and peer to peer...but not AnoNet (at least that name >> was totally unfamiliar)...but this was all I could find with a quic

Re: Anyone see a game changer here?

On 1/15/10 5:52 PM, Steven Bellovin wrote: The "difference" this week is motive. In the 1980s-1990s, we had joy-hacking. In the 2000s, we had profit-motivated hacking by criminals. We now have (and have had for a few years) what appears to be nation-state hacking. The differences are in targ

Re: 1/8 and 27/8 allocated to APNIC

On Fri, 22 Jan 2010, Neil Harris wrote: I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google. This? http://lists.arin.net/p

Re: UC phone system for Haiti (was Katrina Response)

We had a major turnout this past weekend here in southern cal. Shout out to the uc system and people. Sent via BlackBerry from T-Mobile

Re: UC phone system for Haiti (was Katrina Response)

> http://www.wired.com/dangerroom/2010/01/texts-tweets-saving-haitians-from-the-rubble/ > there seem to be innovative uses of technology in play. the ushahidi folk () seem pretty pro and have turned their katrina experience really well. randy

Re: 1/8 and 27/8 allocated to APNIC

On Thu, Jan 21, 2010 at 05:13:39PM -0800, George Bonser wrote: [snip] > Some of that water is dirtier than the rest. I wouldn't want to be the > person who gets 1.2.3.0/24 Yeah, I encountered some lovely wireless hotspots that use "visit http://1.1.1.1/ to log out". Seem some vendors encourage th

DIMACS/CCICADA secure routing workshop rescheduled

OK, folks -- we've corrected the scheduling conflict. The secure routing working is now March 10-12. Please come! * DIMACS/CCICADA Workshop on Secure Routing March 10-12, 2010 DIMACS Center, CoRE Building, Rut

Re: UC phone system for Haiti (was Katrina Response)

Per http://www.wired.com/dangerroom/2010/01/texts-tweets-saving-haitians-from-the-rubble/ there seem to be innovative uses of technology in play.

Network Bandwidth Reporting Tool

Oh mighty list, I am curious what tools you use to generate monthly usage and billing reports for your execs? I am not really looking for a RRD type solution, rather a page I can pull up and gives me the numbers (95p, cost, overage, etc.) for the past month. Copy and paste into a spreadsheet, job

Re: 1/8 and 27/8 allocated to APNIC

On Thu, Jan 21, 2010 at 08:22:57PM -0500, Jon Lewis wrote: > On Thu, 21 Jan 2010, George Bonser wrote: > >> Some of that water is dirtier than the rest. I wouldn't want to be the >> person who gets 1.2.3.0/24 > > The whole /8 should be fun. > > http://en.wikipedia.org/wiki/AnoNet > > To avoid add

Re: 2009 Worldwide Infrastructure Security Report available for download.

On Jan 22, 2010, at 8:08 AM, Danny McPherson wrote: > Yep, I think this is simply an artifact of a larger respondent pool > size, with many smaller respondents being represented. Correct, as noted in the text, the change in survey demographics appears to be the cause of this shift. ---

Re: Patents, IETF and Network Operators

may be better to ask this question on the ietf list. they deserve it. randy

Re: 1/8 and 27/8 allocated to APNIC

On 22/01/10 01:22, Jon Lewis wrote: On Thu, 21 Jan 2010, George Bonser wrote: Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24 The whole /8 should be fun. http://en.wikipedia.org/wiki/AnoNet To avoid addressing conflict with the internet it

RE: RE: Enhancing automation with network growth

I think Cacti (www.cacti.net) can do this pretty simply if that’s any help… From: Tom Wright [twri...@internode.com.au] Sent: Thursday, January 21, 2010 4:54 PM To: Steve Bertrand Cc: nanog list Subject: Re: Enhancing automation with network growth Hi Ste

fix the edge (was Re: 1/8 and 27/8 allocated to APNIC)

On Thu, Jan 21, 2010 at 8:22 PM, Jon Lewis wrote: > I thought there was some other group that had been squatting in 1/8, > something about radio and peer to peer...but not AnoNet (at least that name > was totally unfamiliar)...but this was all I could find with a quick google. http://en.wikipedi

Re: 1/8 and 27/8 allocated to APNIC

On Jan 21, 2010, at 5:22 PM, Jon Lewis wrote: > In the event that 1.0.0.0/8 is assigned by IANA, anoNet could > move to the next unassigned /8, though such an event is unlikely, as > 1.0.0.0/8 has been reserved since September 1981. Sounds like a non-winning strategy to me. It's just a (random) m

RE: 1/8 and 27/8 allocated to APNIC

On Thu, 21 Jan 2010, George Bonser wrote: Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24 The whole /8 should be fun. http://en.wikipedia.org/wiki/AnoNet To avoid addressing conflict with the internet itself, the range 1.0.0.0/8 is used. T

RE: 1/8 and 27/8 allocated to APNIC

> -Original Message- > From: Durand, Alain [mailto:alain_dur...@cable.comcast.com] > Sent: Thursday, January 21, 2010 3:58 PM > To: Bulger, Tim; nanog@nanog.org > Subject: Re: 1/8 and 27/8 allocated to APNIC > > Who said the water at the bottom of the barrel of IPv4 addresses will > be >

Re: 2009 Worldwide Infrastructure Security Report available for download.

On Jan 20, 2010, at 8:32 AM, Stefan Fouant wrote: > > > I'm wondering if you can clarify why 'Figure 1' only goes up to 2008 and > states in key findings "This year, providers reported a peak rate of only 49 > Gbps". I happen to personally recall looking at ATLAS sometime last year > and seein

Re: 2009 Worldwide Infrastructure Security Report available for download.

On Jan 21, 2010, at 4:34 AM, Pekka Savola wrote: > Thanks to Arbor for collecting the report and your observations. > > One thing I found extremely strange is that almost 50% report they use > BCP38/Strict uRPF at peering edge, yet only about 33% use it in customer > direction. (Figure 13, p20

Re: 1/8 and 27/8 allocated to APNIC

Ricky Beam wrote: > But it's not all bad. It's assigned to APNIC, so a lot of people will > gladly continue blocking it. > Yeah cause seriously, who does business in Asia or the Pacifc...

Re: Enhancing automation with network growth

Hi Steve, Our MRTG is fully automated. We ditched cfgmaker (too slow) in favour of our own developed Perl using the Net::SNMP module from CPAN. If you use 'non-blocking' SNMP calls, Net::SNMP can be blisteringly fast. In the case of our routers/switches, we query our NMS (assume this is just a

Re: 1/8 and 27/8 allocated to APNIC

- Original message - > Who said the water at the bottom of the barrel of IPv4 addresses will be > very pure? We ARE running out and the global pain is increasing. > +1 - Cameron >    - Alain. > > > On 1/21/10 6:47 PM, "Bulger, Tim" wrote: > > > Having 1/8 allocated cannot be a blessing

Re: 1/8 and 27/8 allocated to APNIC

On Thu, 21 Jan 2010 18:47:39 -0500, Bulger, Tim wrote: Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic. I was thinking the same thing. I know of many installations w

Re: 1/8 and 27/8 allocated to APNIC

Who said the water at the bottom of the barrel of IPv4 addresses will be very pure? We ARE running out and the global pain is increasing. - Alain. On 1/21/10 6:47 PM, "Bulger, Tim" wrote: > Having 1/8 allocated cannot be a blessing... There must be thousands of > underskilled in the wild wit

RE: 1/8 and 27/8 allocated to APNIC

Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic. -Tim -Original Message- From: Leo Vegoda [mailto:leo.veg...@icann.org] Sent: Thursday, January 21, 2010 6:37 PM

1/8 and 27/8 allocated to APNIC

Hi, The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in January 2010: 1/8 and 27/8. You can find the IANA IPv4 registry at: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml http://www.iana.org/assignments/ipv4-address-space/

Re: Enhancing automation with network growth

On 1/21/2010 4:29 PM, Matthew Palmer wrote: On Wed, Jan 20, 2010 at 10:52:39PM -0500, Erik L wrote: One thing that would take a major load off would be if my MRTG system could simply update its config/index files for itself, instead of me having to do it on each and every port change. Can anyo

Re: Enhancing automation with network growth

On Wed, Jan 20, 2010 at 10:52:39PM -0500, Erik L wrote: > > One thing that would take a major load off would be if my MRTG system > > could simply update its config/index files for itself, instead of me > > having to do it on each and every port change. > > > > Can anyone offer up ideas on how yo

Re: Housing situations sought for the family of Reynold Guerrier

Eric Brunner-Williams wrote: Naturally, I didn't make all the local connections I could have before I needed them when I went to NANOG-45, graciously hosted by Terremark. I think it is unlikely that any of the three paths -- parole from Homeland Security, visa from State, and Congressional act

Housing situations sought for the family of Reynold Guerrier

Naturally, I didn't make all the local connections I could have before I needed them when I went to NANOG-45, graciously hosted by Terremark. I think it is unlikely that any of the three paths -- parole from Homeland Security, visa from State, and Congressional action, are likely to occur with

Re: Emergency power generators

Joe Greco wrote: On Thu, 21 Jan 2010, Mike wrote: site owners a solution to test and verify generator operation. Does anyone have any pointers to possible solutions or vendor white papers I could look at? We probably want to verify start, read voltage to verify output, and maybe even gauge fu

IPv6 deployment scenarios

Hi, Sheng Jiang (Huawei) and Brian Carpenter (University of Auckland, research consultant to Huawei) are currently running a questionnaire on IPv6 deployment, addressed to every ISP. The purpose is to provide facts for a document about deployment scenarios that we are drafting for discussion in th

Re: Emergency power generators

On Thu, Jan 21, 2010 at 3:21 PM, gordon b slater wrote: > On Thu, 2010-01-21 at 13:17 -0600, Joe Greco wrote: > > If your gear doesn't "support" it, talk to generator service guys who > > are well-thought-of in your area. I'd place good odds that they'll be > > happy to outfit you with a computer

Re: Emergency power generators

On Thu, 2010-01-21 at 13:17 -0600, Joe Greco wrote: > Seriously, "talk to your vendor." You can frequently get gear with > remote reporting, some of it will do dry contact or even talk RS232. > If you can not, a lot of it can be measured anyways. > > If your gear doesn't "support" it, talk to g

Re: Emergency power generators

> On Thu, 21 Jan 2010, Mike wrote: > > > site owners a solution to test and verify generator operation. Does anyone > > have any pointers to possible solutions or vendor white papers I could look > > at? We probably want to verify start, read voltage to verify output, and > > maybe even gauge f

Re: Emergency power generators

On 1/21/2010 1:04 PM, Antonio Querubin wrote: Start with the generator owner's manual. RTFM? I thought that kind of stuff was OT here. -- "Government big enough to supply everything you need is big enough to take everything you have." Remember: The Ark was built by amateurs, the Titanic

Re: Emergency power generators

Start with the generator owner's manual. You'd be amazed at what helpful maintenance suggestions can be found there. Sometimes they're even online... :) "Put oil in machine"

Re: Emergency power generators

On Thu, 21 Jan 2010, Mike wrote: site owners a solution to test and verify generator operation. Does anyone have any pointers to possible solutions or vendor white papers I could look at? We probably want to verify start, read voltage to verify output, and maybe even gauge fuel in the tanks if

Re: Patents, IETF and Network Operators

On Jan 21, 2010, at 1:29 PM, George Bonser wrote: > > >> -Original Message- >> From: Shane Ronan >> Sent: Thursday, January 21, 2010 9:33 AM >> >> The real question is why Patent something? >> >> The reality is even if you patent any idea/feature, other vendors will >> come out with

Re: Patents, IETF and Network Operators

> The purpose of a patent is not to keep others from using your idea but > exactly the opposite.  It gives you exclusive use of an idea but also > makes for a mechanism where your idea is then documented and can be used > and improved upon by others once your exclusive use expires. Explain that to

RE: Patents, IETF and Network Operators

> -Original Message- > From: Shane Ronan > Sent: Thursday, January 21, 2010 9:33 AM > > The real question is why Patent something? > > The reality is even if you patent any idea/feature, other vendors will > come out with a similar (although not patent infringing) version of > the same

AS3549

Just wondering if other people on this list experience similar problems with BGP sessions behind AS3549 ? It seems our trouble ticket is currently being taken care of and the GlobalCrossing NOC is investigating. If other people experience the same thing please let me know. PS: we are located in

Re: Patents, IETF and Network Operators

On Thu, Jan 21, 2010 at 11:32 AM, Shane Ronan wrote: > The real question is why Patent something? Patents are a good source of revenue for companies that invest a lot on R&D and to create "intellectual property" (well sometimes not that much). As far as I know in the US you can patent any "orig

Emergency power generators

Hi Folks, Northern California is getting pounded hard by storms, as we do most every year, and have quite a few electric outages as a result. Of particular note however is that we have experienced a number of remote and inaccessible microwave backhaul sites where the on-site generator has fai

Re: Patents, IETF and Network Operators

The real question is why Patent something? The reality is even if you patent any idea/feature, other vendors will come out with a similar (although not patent infringing) version of the same idea/feature. While you might get a short term jump on other vendors, if the idea is really good, ev

Re: Patents, IETF and Network Operators

On Thu, Jan 21, 2010 at 10:09 AM, Scott Brim wrote: > Jorge Amodio allegedly wrote on 01/21/2010 10:41 EST: >> As an starting point you should read "The Tao of the IETF" RFC4677 >> (currently, >> update draft in progress). >> >> About your particular question read section 8.4.5. >> >> Regards >>

Re: Patents, IETF and Network Operators

Jorge Amodio allegedly wrote on 01/21/2010 10:41 EST: > As an starting point you should read "The Tao of the IETF" RFC4677 (currently, > update draft in progress). > > About your particular question read section 8.4.5. > > Regards > Jorge Right. And it's subtler than you think. Some network op

Re: Patents, IETF and Network Operators

As an starting point you should read "The Tao of the IETF" RFC4677 (currently, update draft in progress). About your particular question read section 8.4.5. Regards Jorge On Thu, Jan 21, 2010 at 9:35 AM, Abhishek Verma wrote: > Hi, > > Network Ops folks use the IETF standards for their operatio

Re: Patents, IETF and Network Operators

On Thu, Jan 21, 2010 at 10:35 AM, Abhishek Verma wrote: > Is interop the only issue because of which most ideas get released > into IETF? I guess interop is *an* issue since nobody wants a single > vendor network. I would point you at the 14+ frame-relay networks (that can't interconnect in a me

Patents, IETF and Network Operators

Hi, Network Ops folks use the IETF standards for their operations. I see lot of nifty things coming out from the IETF stable and i was wondering why those dont get patented? Why bother releasing some really good idea to IETF (i.e. open standards bodies) when the vendor could have patented it. The

Hardware recommendations for DWDM

Hi everyone. I am looking for some recommendations on implementation and hardware to handle a DWDM at 500Mbps with growth to 1Gbps over the next 2 years. My experience stops at 100Mb Ethernet services but my company may be taking on a large account that would dramatically increase our needs for

UC phone system for Haiti (was Katrina Response)

I am willing to help/lead this effort. Bob Roswell System Source brosw...@syssrc.com (410) 771-5544 ext 4336 -Original Message- From: Reynold Guerrier [mailto:rey...@gmail.com] Sent: Tuesday, January 19, 2010 5:39 PM To: Rodney Joffe Cc: nanog@nanog.org Subject: Re: Katrina response, p

Re: 2009 Worldwide Infrastructure Security Report available for download.

Pekka Savola wrote: > On Wed, 20 Jan 2010, Stefan Fouant wrote: >> Completely agree on the disturbing observation of the increase in >> rate-limiting as a primary mitigation mechanism for dealing with >> DDoS. I've >> seen more and more people using this as a mitigation strategy, against my >> adv

Speaking slots at APRICOT 2010 still available

Hi everyone, For those folks who may be going to NANOG 48 in Austin at the end of February, how about extending that trip a little and heading over to Kuala Lumpur in Malaysia for APRICOT which conveniently takes place the following week. :-) We still have a few speaking slots available for the m

RE: 2009 Worldwide Infrastructure Security Report available for download.

On Wed, 20 Jan 2010, Stefan Fouant wrote: Completely agree on the disturbing observation of the increase in rate-limiting as a primary mitigation mechanism for dealing with DDoS. I've seen more and more people using this as a mitigation strategy, against my advice. For anyone interested in more

Re: OT: old farts recollecting -- Re: ASR1002

On 21/01/2010 07:25, Randy Bush wrote: >> It's funny how we circle around with technology, folks are dumping >> their phone land lines and adopting wireless/mobile that required a >> substantial technology leap and investment and now we are using the >> mobile phone to "text" an incompressible dial

Re: Idiotic Newstar Networking Equipment Sales Droid

On Wed, Jan 20, 2010 at 8:43 PM, Scott Weeks wrote: > > > If they see all of us saying we won't buy from them when they do idiotic > things like spamming nanog folks (I can't think of too many groups it world > be worse to spam... ;-) they will realize that doing this will not only not > generat