On Sat, May 13, 2017 at 12:07:39AM -0500, Joe wrote:
> One word. Linux.
Or BSD, or anything but Windows. Anyone running Microsoft products
is quite clearly an unprofessional, unethical moron and fully deserves
all the pain they get -- including being sued into oblivion by their
customers and clie
Can a charter engineer please contact me off list I am getting slammed from a
charter ip address on a local cable node and normal support channels have been
unhelpful at bet and unwilling to escalate the issue if anyone else has any
suggestion please feel free to contact
Contact may be delayed a
Hello all.
It gives me great pleasure to announce that SAFNOG-3 will be held
between the 4th - 7th September, 2017, in the warm and sunny city of
Durban, South Africa.
The meeting will be held at the Southern Sun Elangeni and Maharani, a
spectacular landmark on the Golden Mile.
What is exciting
On 14 May 2017 at 16:49, Eric Germann wrote:
Hey,
> For example, on the IPv4 side, there arguably is no value to timestamp
> requests and address mask requests externally, so dump them.
It's very dangerous proposal when we start considering everything 0
value which isn't value to ourselves cur
Hi Eric,
in addition to RFC 4980 mentioned in another post you might consider the
following sources as a starting point:
https://insinuator.net/2015/12/developing-an-enterprise-ipv6-security-strategy-part-3-traffic-filtering-in-ipv6-networks-i/
https://insinuator.net/2015/12/developing-an-enterp
The goal isn’t to filter _all_ ICMP. The goal is to permit ICMP that is needed
for correct operation across the global network while protecting from
externally spoofed packets.
For example, on the IPv4 side, there arguably is no value to timestamp requests
and address mask requests externally,
Alarig Le Lay writes:
> So, my advise is simply to not filter ICMP and ICMPv6. And by the way,
> why do want to filter ICMP? You will not be DDoSed with pings.
I tend to agree. But if you still want to do it, then there is some
advice in https://tools.ietf.org/html/rfc4890
Bjørn
On dim. 14 mai 09:29:45 2017, Eric Germann wrote:
> Good morning all,
>
> I’m looking for some guidance on best practices to secure IPv6 on
> Linux end nodes parked in AWS.
>
> Boxes will be running various services (DNS for starters) and I’m
> looking to secure mainly ICMP at this point. Servic
Good morning all,
I’m looking for some guidance on best practices to secure IPv6 on Linux end
nodes parked in AWS.
Boxes will be running various services (DNS for starters) and I’m looking to
secure mainly ICMP at this point. Service filtering is fairly cut and dried.
I’ve reviewed some of
On 5/13/17 5:56 PM, Mike Hammett wrote:
> This debate has spilled onto NANOG from Facebook now...
>
> My point is that while the term tier-1 (meaning no transit) isn't wrong, that
> the whole system is now irrelevant. Look at the Wikipedia list of "Tier 1"
> networks and then look at CAIDA, Dy
On 5/13/17 5:55 PM, Matt Hoppes wrote:
> So there are now Carrier Class carriers and Food Grade Carriers?
>
> Who in the greater community defines terms like this?
Your Sales & Marketing teams :-)...
Mark.
11 matches
Mail list logo
