ps://en.m.wikipedia.org/wiki/AS_7007_incident
He can thank me later 😜
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI
m (703) 625-6243
Hey!
New message, please read <http://epicuregifts.com/anybody.php?bjtmi>
Stefan Fouant
Hey!
New message, please read <http://shoppingsignal.com/honest.php?r40>
Stefan Fouant
Seriously... Those cert monkeys think they know everything ;)
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI
m (703) 625-6243
On Oct 11, 2013, at 3:28 AM, Randy Bush wrote:
>> Please relay to your CCIE/JNCIE friends, I am giving out
>> name@theccie.comand n...@jncie.com em
Can you give us more information? What do you mean it is causing Layer 3 loops?
Stefan Fouant
Sent from my HTC on the Now Network from Sprint!
- Reply message -
From: "Shahab Vahabzadeh"
Date: Sat, Jul 21, 2012 10:50 am
Subject: Attack on UDP 101
To:
Hi there,
Does any bod
Was waiting for a response from Eric and without fail he comes through in
record time... :-b
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
Sent from my iPad
On Mar 12, 2012, at 4:14 PM, Eric Brunner-Williams wrote
I could be wrong, but I think OP was requesting for BGP communities. I don't
think he was asking for their SNMP community strings - I've never heard of a
situation where a provider would allow their customers to poll their routers
via SNMP.
Or did I miss something?
Stefan Fouant
Not sure how up to date this is, but I believe this is what you are looking for:
http://www.onesc.net/communities/as15412/
Cheers,
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
Sent from my iPad
On Jan 12, 2012, at
inefficiencies.
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
clients,
not tp the server.
Also, IIRC, the LOIC DoS tool had this ability to create random strings in the
URL, and I believe it did so with 5 characters. Might want to do a packet
trace and identify if this is coming from LOIC.
Regards,
Stefan Fouant
Technical Trainer, Juniper Networks
GPG Key
On 10/24/2011 3:53 PM, Christopher Morrow wrote:
On Mon, Oct 24, 2011 at 3:29 PM, Stefan Fouant
but... often the cost of scrubbing includes the cost of transit
to/from the remote provider, which is why 'cheapest' only counts for
an entire process, NOT for 'lookie, I bou
offering up cloud-based services).
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
ld be able to handle a
750Mbps / 1.5 Mpps DoS pretty easy...
HTHs.
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
Sent from my iPad
On Oct 22, 2011, at 9:38 PM, Jack Bates wrote:
> Considered j-nsp, but this ju
ray hairs...
Let me know if you're interested in the slides...
Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ER, JNCI
Technical Trainer, Juniper Networks
Follow us on Twitter @JuniperEducate
On 10/20/2011 4:43 PM, Hank Nussbacher wrote:
At 09:13 19/10/2011 -0400, samuel.cunning...@wellsfargo.
Well considering that native multicast isn't enabled end to end Internet wide,
and class E address space isn't used, it's more like half your IPv4 Internet
goes one way, and ~38% goes the other way... :-b
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, J
, we selected IS-IS largely due to the
fact that it supported MPLS Traffic Engineering extensions before
comparable support was available in OSPF, and the main reason for this
was due to the fact that IS-IS was TLV based.
Stefan Fouant
JNCIE-ER, JNCIE-M, JNCIE-SEC, JNCI
Technical Trainer
book "OSPF and IS-IS: Choosing an IGP for Large-Scale
Networks" by Jeff Doyle. I can't speak highly enough of this book...
Stefan Fouant
JNCIE-ER, JNCIE-M, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
less of an issue
over the last few years however...
Nonetheless, if I was building a greenfield network today, I would personally
go with IS-IS, but that is largely because of my many years working with the
protocol...
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, Ju
IS-IS is decoupled from IP making it less vulnerable to attacks.
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
Sent from my iPad
On Aug 11, 2011, at 8:57 AM, CJ wrote:
> Hey all,
> Is the
Sorry, couldnt help it... that was my Asperger's kicking in...
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
Sent from my iPad
On Aug 10, 2011, at 9:22 PM, Christopher Morrow
Is there an acronym for RTFM when there are a volume of manuals that need to be
read?
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
Sent from my iPad
On Aug 10, 2011, at 5:35 PM, Deric Kwok
Everything from checksums, keys, and sequence numbers is optional. The only
required fields IIRC amount to 2 bytes of overhead. Sounds like they both
interpret what should be included in the GRE header slightly differently.
Stefan Fouant
GPG Key ID: 0xB4C956EC
Sent from my HTC EVO
a sure sign this
is related to what others have seen...
Sorry for the top post, I'm on my iPad.
Stefan Fouant
JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
Sent from my iPad
On Jul 29, 2011, at 2:
hese latencies are
generally acceptable when a site is under attack, but not desired under normal
circumstances.
Stefan Fouant
JNCIE-M #513, JNCIE-ER #70, JNCI
GPG Key ID: 0xB4C956EC
for some reason we could never convince the marketing folks to do just
that...
Agreed though, it is super-easy to use and competitively priced.
Stefan Fouant
JNCIE-M #513, JNCIE-ER #70, JNCI
GPG Key ID: 0xB4C956EC
adjustment, but serves to provide a buttressed
> front-end IP that can restore service "instantly" [faster than getting
> someone on the phone to coordinate the change, etc].
Heck, if it's good enough for fast-flux, it's good enough for me ;)
Stefan Fouant
JNCIE-M #513, JNCIE-ER #70, JNCI
GPG Key ID: 0xB4C956EC
e sense than trying to deal with heterogeneous
offerings from many disparate providers, much less having to open tickets
with each provider, having to deal with typical response times, etc. In my
experience, reducing the number of cogs usually results in dramatically
lower mitigation times, wh
ces/application-acceleration/wxc-
series/
http://www.cisco.com/en/US/products/ps5680/Products_Sub_Category_Home.html
Stefan Fouant
23.115.0/24
Most of those are for Verisign's DNS resolution services. Definitely
nothing to be suspicious about here. Move along. These aren't the droids
you are looking for.
Stefan Fouant
ting folks... oh, wait, 1 customer isn't really enough to
demonstrate how well it isolates after all I guess ;)
> > primary drivers behind our decision to utilize the NS-5400 for
> Verizon's
> > NBFW (you remember that place right Chris, heh')
>
> i do, occasionally via the twitching :)
Hehe...
Stefan Fouant
can limit the amount of CPU, Sessions,
Policies, MIPs and DIPs (used for NAT), and other user defined objects such
as address book entries, etc. that each VSYS can avail. This was one of the
primary drivers behind our decision to utilize the NS-5400 for Verizon's
NBFW (you remember that place right Chris, heh')
Stefan Fouant
o offer such an offering to more than one
customer using such a device.
Stefan Fouant
> -Original Message-
> From: Stefan Fouant [mailto:sfou...@shortestpathfirst.net]
> Sent: Thursday, April 21, 2011 2:58 PM
> To: 'harbor235'; 'NANOG list'
> Subject: RE: riverbed steelhead
>
> I've had generally good experiences w/ Riverbe
t/Benefit analysis, but most of the ROI calculators show a return
after as little as just a few months.
Stefan Fouant
standing IPv6 addressing formats, subnetting, etc.
Either one of those should be able to answer most of your questions.
Stefan Fouant
tolerant applications when setting
buffer sizes to a temporal value rather than based on a _fixed_ number of
packets.
Stefan Fouant
s you are using
above based on some broad analysis or study of multiple providers, or are
you deriving these numbers likewise you're your own personal observations?
Thanks,
Stefan Fouant
Hi Bogdan,
If you are on Cisco, you can accomplish this using the attribute-map argument
to the as-set statement. On Juniper, this is fairly easy to accomplish with
routing policy (learning RegEx will make your life easier).
HTHs.
Stefan
(sorry for the top post, I'm on my mobile...)
- Re
o honestly say
> "IPv6 is in da
> house!" every time the person formerly known as Owen walked into the
> room at ARIN meetings. :D
+1 | That, or "The evangelist formerly known as Owen..." :p
Stefan Fouant
le and sustained amount of legal pressure by selling over a
quarter million pre-registrations at $75 each, generating over $20M in
revenue...
Stefan Fouant
operating costs and open the industry to more regulation.
I can't seem to find anyone that would benefit from this, with the exception
of Stuart and ICM's shareholders.
Stefan Fouant
rguments then. IMHO this was snake oil 15 years ago, and it is
> even
> more snake oil now.
And I'm afraid we'll be seeing a whole heckuva lot more of this snake oil
once ICANN finalizes the Generic TLD process in June:
http://www.pcmag.com/article2/0,2817,2382233,00.asp
Stefan Fouant
are amongst us as we've now given would-be
registrars the right to print money and companies are forced to purchase
useless domain names in order to protect their trademarks, prevent
squatting, etc. When will sanity prevail?
Stefan Fouant
ing to) is an awesome thing in my opinion.
> >
> Makes a good change from a 5 octet IP number I remember them using in
> one episode revolving around an adult webcam website.
I remember seeing that show. I think they had Jim Fleming on as a
consultant. ;>
Stefan Fouant
x27;t
> do anything until they authenticate through the controller's web GUI.
> They we have access lists to control what they can do while on the
> wireless.
James,
Just out of curiosity, how does this solution prevent unauthorized users
from gaining access to the system by the aforementioned MAC spoofing
technique?
Stefan Fouant
poof
(simply clone the MAC of an authenticated user and you are clear for
takeoff)... Why incur the overhead of managing credentials with something
that can so easily circumvented.
Leave things wide open on a sandboxed subnet with the usual protections
(rate limits, blocked ports), IMO is the easiest approach...
Stefan Fouant
ok a while back:
http://www.shortestpathfirst.net/2009/11/30/book-review-mpls-aplications/
This book is awesome. You won't regret buying it.
Stefan Fouant
> -Original Message-
> From: Michael Helmeste [mailto:mhelm...@uvic.ca]
> Sent: Thursday, December 23, 2010 5:49
> -Original Message-
> From: Mike. [mailto:the.li...@mgm51.com]
> Sent: Wednesday, December 15, 2010 3:29 PM
> To: nanog@nanog.org
> Subject: Re: Alleged backdoor in OpenBSD's IPSEC implementation.
>
> On 12/15/2010 at 10:25 AM Bryan Irvine wrote:
> |
> |Anyone know the trustworthy-ness of
> -Original Message-
> From: mikea [mailto:mi...@mikea.ath.cx]
> Sent: Wednesday, December 15, 2010 8:28 AM
> To: nanog@nanog.org
> Subject: Re: Alleged backdoor in OpenBSD's IPSEC implementation.
>
> >
> > Someone is confusing FBI with NSA, methinks. And yes, if this is
> > the kind of th
> -Original Message-
> From: Marshall Eubanks [mailto:t...@multicasttech.com]
> Sent: Saturday, December 11, 2010 10:20 AM
> To: North American Network Operators Group
> Subject: LOIC tool used in the "Anonymous" attacks
>
> Interesting analysis of the 3 "LOIC" tool variants used in the
>
The one thing I found interesting was the InfoSecIsland poll where the majority
of Security Practitioners polled actually supported the Jester's methods...
Stefan Fouant
Sorry for the top post. Sent from my iPad
On Nov 28, 2010, at 9:29 PM, "andrew.wallace"
wrote:
> Hi N
Webmetrics provides such a service (full disclosure I used to work for these
guys)...
http://www.webmetrics.com/
Stefan Fouant
Sent from my iPad
On Nov 26, 2010, at 12:14 PM, "Michael Ruiz" wrote:
> Hey folks,
>
>
>
>I had a situation recently t
Go to the following URL -http://mailman.nanog.org/mailman/listinfo/nanog
At the bottom of the page you should see a section for subscription management.
You should be able to change your settings there.
Sorry for the top post. Sent from my iPad
Stefan Fouant
On Nov 11, 2010, at 9:07 AM
Path prepending is used to influence the
secondary providers.
Stefan Fouant
My apologies for the top post. Sent from my iPad
On Nov 10, 2010, at 4:12 PM, Joe Maimon wrote:
>
>
> Stefan Fouant wrote:
>>> -Original Message-
>
>>
>> IMO, a combina
tter protections in IOS preventing
this and other associated "buffer overflow" issues, but at the time there
were no such protections. The very next day we received a patched IOS from
Cisco which contained the maxas-limit commands.
Stefan Fouant
ovider.
IMO, a combination of both community tagging to influence localpref coupled
with AS Path prepending on the secondary link is the best approach, and
seems to accommodate both steady state as well as failure scenarios
properly.
Stefan Fouant
ies called J-Net
Perspectives and they had decent coverage of topics like High Availability,
Multicast VPNs, and VPLS to name a few with the likes of Pedro Marques,
Lenny Giuliano, and some other Juniper notables. See the URL below for the
iTunes links...
http://itunes.apple.com/us/podcast/j-net-perspectives/id279754930
Stefan Fouant
For you Juniper and Arbor wonks out there, you can find some decent podcasts
on iTunes... I can't remember the name of the Juniper Podcast but you
should be able to find it on iTunes without much effort... I believe the
Arbor one is called "Security to the Core".
Stefan Fouant
talking to the
Verisign folks as they really seem to be attracting all the top talent right
now - I'd be willing to bet their offering is the one that others will
eventually emulate.
Cheers,
Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
r his address from the list.
But just to be safe, should probably filter anything with a reference to
ipv3, ipv5, ipv7, ipv8, and any other cockamamie address schemes... ;)
Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
Name: ipv3.com
Registered at http://www.dynadot.com
Registrant:
Jim Fleming
1163 E. Ogden Ave. 705-205
Naperville, IL 60563
United States
Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
Sounds like this guy could benefit from some carpeting and a few Roombas in his
Data Center ;)
Stefan Fouant
--Original Message--
From: Randy Bush
To: IPv3.com
Cc: nanog@nanog.org
Subject: Re: Tidbits & the "NANOG Community"
Sent: Apr 4, 2010 6:23 AM
Sent from my Ve
2:10, Guillaume FORTAINE wrote:
> > nymshifting son of a .
> >
> > More stringent measures are required.
> >
> >
> I second this. I want this guy gone. (The frog, not Larry)
Hey now, I don't like this guys tactics either, but frog??? ;)
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
r.net/mailman/listinfo/juniper-nsp
But while we are on the topic, you can disable the IPv4 routing for a VRF
with the following:
'set routing-instances protocols isis no-ipv4-routing'
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
t wouldn't be a DDoS, but could certainly lead to DOS.
If you can get your hands on a PCAP from a previous attack, you could also use
something like Bit-Twist which will allow you to manipulate things like the
destination IP and also the transmission rate, etc. Pretty useful tool to
include
27;re apt to experience some
noise in that scenario too ;)
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
didn't warn you. This is *NOT* the box for DDoS testing.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
support for IPsec is
absolutely there.
HTHs.
Stefan Fouant
--Original Message--
From: Voll, Toivo
To: Chris Campbell
To: Dawood Iqbal
Cc: nanog@nanog.org
Subject: RE: Best VPN Appliance
Sent: Mar 8, 2010 11:56 AM
We're generally happy with our Juniper SA6500s, but they, and a lot o
n approach -
http://vijaygill.wordpress.com/2009/07/22/infrastructure-is-software/
That stuff is light years ahead of anything anybody is doing today (well, apart
from maybe Vijay himself ;) ... but IMO it's where we need to start heading.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst
Can you give us a little more details around how you're trying to convert the
BGP routes received into an ACL?
While we're on the topic, I'd really love for the Team Cymru folks to turn
their bogon list into a Flowspec feed ;)
Sorry for the top post, I'm on m
anything
> but Google's DNS. Google's DNS is a little too nefarious for my taste.
Level 3's 4.2.2.1 and 4.2.2.2 are excellent options for tracking.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
per interface? or
> sessions setup/second? or remote-addresses tracked? or ?
sessions setup/second = ddos mitigation fail ;)
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
ts a
full range of Managed Objects and Mitigation Templates which can be applied to
individual prefixes, etc.
Sorry for the top post, I'm on my Blackberry.
Stefan Fouant
--Original Message--
From: Korten, Sean
To: nanog@nanog.org
To: tsa...@rackspace.com
Subject: RE: DDoS mitigation
of the things they claim to be able to do - I was once a proponent of
theirs until I really got under the hood, save yourself the headache and
look at the other alternatives.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
think this would go a long way towards allowing companies to better quantify
their risk-score and associated spend based on their associated industry.
Otherwise, really good stuff. Thanks for sharing!
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
quot;.
http://www.npr.org/templates/story/story.php?storyId=122540813
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
for lots of BGP scalability
testing. I used it a lot back in my testing days at UU. Basically you just
saved the contents of "show ip route" and you could replay that using the tool.
Man I wish I saved that tool somewhere, it was incredibly valuable.
You might be able find someone
ical if they'll go through with it...
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> From: Ken Chase [mailto:m...@sizone.org]
> Sent: Wednesday, January 13, 2010 12:24 AM
> To: nanog@nanog.org
> Subject: more ne
Ummm... there is some proprietary information I would have to remove first.
Will NANOG accept a message to the forum with an attachment? If not I can
put it up on my site.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> Fro
Precisely - I was saying that in order to add more point to your argument.
I wasn't disagreeing with you :)
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> From: christopher.mor...@gmail.com
> [mailto:christopher.mo
hop of the scrubbers.
There are some providers who do auto-mitigation on behalf of the customer,
but IMO this approach is asking for trouble.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
r cost than Arbor but can handled more.
>
> Do they? VerizonBusiness's solution was $3250US/month so ~$90USk over
> 2yrs. Arbor, I think, for a TMS + collectors was +100k.
Don't forget to factor in OpEx. This can often tilt the scales in favor of
one vs. the other.
Stefan Fo
their offering.
If anyone is interested, I did pretty exhaustive research into the Service
Provider marketplace last summer (before Verisign came out with their VIDN).
I've got some slides which outline the costs, mitigation capacity, etc. of
many different providers. The provider option isn&
> -Original Message-
> From: Dobbins, Roland [mailto:rdobb...@arbor.net]
> Sent: Saturday, January 09, 2010 10:03 AM
>
> On Jan 9, 2010, at 9:57 PM, Stefan Fouant wrote:
>
> > Firewalls do have their place in DDoS mitigation scenarios, but if
> used as
> &g
quire
surgical mitigation, not to mention a host of other attack vectors.
Firewalls do have their place in DDoS mitigation scenarios, but if used as
the "ultimate" solution you're asking for trouble.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> From: Hank Nussbacher [mailto:h...@efes.iucc.ac.il]
> Sent: Tuesday, January 05, 2010 1:02 AM
>
> On Tue, 5 Jan 2010, Stefan Fouant wrote:
>
> > Almost all of the scalable DDoS mitigation architectures deployed in
> > carriers or othe
perator to press the "big red button" to
offramp and enable the mitigation.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
ploy the use of an offramp method.
These devices perform a lot better when you can forward just the subset of
the traffic through as opposed to all. It just a simple matter of using
static routing / RTBH techniques / etc. to automate the offramp.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
ering the question. I wonder if Stefan Fouant would offer some of
> his experience with 'not arbor' vendor solutions to be used when other
> techniques come up short?
Interesting thread! And I'm happy to chime in - thanks Chris! I too would
have to strongly agree with Rol
There have been several DNS based DDoS observed throughout the day targetting
Ultra as well as a few other companies. They were first observed earlier in
the morning on the East coast.
--Original Message--
From: Richard A Steenbergen
To: Shrdlu
Cc: Nanog
Subject: Re: UltraDNS Failure?
S
; traffic between multicast routers.
I think OP meant that he only wants an integrity check of the control
traffic, not confidentiality, hence the statement that he does not want to
encrypt the control traffic.
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
es, it's the new norm... same as the old norm... I'm surprised they didn't
try to upsell you on some type of managed DDoS solution...
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
gards,
Stefan Fouant
www.shortestpathfirst.com
--Original Message--
From: jul
To: Joseph Jackson
To: nanog@nanog.org
Subject: Re: DNS query analyzer
Sent: Dec 2, 2009 12:47 AM
Joseph Jackson wrote on 01/12/09 01:06:
> Anyone know of a tool that can take a pcap file from wireshark that was us
ain. I'm sure there are a few people who would find it highly
useful and would work on it to add to its utility.
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
oment but you should be
able to find it on the NLnet Labs site -
http://www.nlnetlabs.nl/projects/dns-analyzer/
HTHs.
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
iders adopted BCP 38 this wouldn't be a problem, but that doesn't seem
to be happening anytime soon...
I'd try to identify which providers the customer is connected to and take it
from there...
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
estination AS traffic utilization.
Depending on your price range, you might want to take a look at Arbor's
Peakflow SP. There is some pretty top notch traffic and routing analysis
tools in their package.
Regards,
Stefan Fouant
GPG Key ID: 0xB5E3803D
om" and "independent" in the same
sentence? More like guns for hire. I've rarely seen a test report they
came out with that wasn't commissioned by a particular vendor with the
testing done in such a way as to slant the results in their favor.
Stefan Fouant
GPG Key ID: 0xB5E3803D
heard a few and now I'd like to hear what others have to
say. BTW, I realize this is a sensitive subject and I can understand why
some of you might not want to respond on-list (security through obscurity
eh' ;). To those of you who have taken the time to respond to me off-list,
I appre
> -Original Message-
> From: Florian Weimer [mailto:fwei...@bfk.de]
> Sent: Friday, November 06, 2009 4:52 AM
> To: Stefan Fouant
> Cc: 'Jeffrey Lyon'; 'NANOG list'
> Subject: Re: Pros and Cons of Cloud Computing in dealing with DDoS
>
> So
1 - 100 of 106 matches
Mail list logo
