Not working in the Internet access business but as Internet citizen
this sounds interesting.
You would need some motivations to make ISPs register and perhaps some
kind of validation in the future. But as initial step it sounds cool.
.as
On Wed, Jan 29, 2014 at 10:16 AM, Andrei Robachevsky
wro
On Mon, 03 Feb 2014 00:24:08 -0800, Michael DeMan said:
> An NTPv5 solution that could be done with NTP services already
Doesn't matter - the same people that aren't upgrading to a correctly
configured NTPv4 aren't going to upgrade to an NTPv5. No need at all
for a protocol increment (and actuall
On Feb 3, 2014, at 3:24 PM, Michael DeMan wrote:
> I meant mostly that with IPv6 NAT goes away,
I don't know if this is true or not - and even if it is true, it's going to be
a long, long time before the IPv4 Internet goes away (like, maybe, pretty much
forever, heh).
> An NTPv5 solution tha
Hi,
I think I might have already deleted subject matter a few days ago in re: BCP38.
What exactly are you trying to do?
I agree my general comment about the recent NTP weaknesses should be addressed
via IPv6 RFC may have been mis-understood.
I meant mostly that with IPv6 NAT goes away, all devi
On Feb 3, 2014, at 2:55 PM, Dobbins, Roland wrote:
> It would be useful to know whether there are in fact NATs, or are 'DNS
> forwarders' . . .
Another question is whether or not it's possible that in at least some cases,
MITMing boxes on intermediary networks are grabbing these queries and t
On Feb 3, 2014, at 2:22 PM, Dobbins, Roland wrote:
> This is pretty slick, relying upon broken CPE NAT implementations. It's the
> only way I've heard of to remotely infer whether or not a given network
> allows spoofing.
It would be useful to know whether there are in fact NATs, or are 'DNS
On Jan 29, 2014, at 4:47 AM, Nick Olsen wrote:
> After a quick phone conversation with Jared. We concluded that at least in
> the specific case I was speaking about, I was correct in that nothing was
> "Spoofed".
Forgive me for being slow, but doesn't this seem to imply that there isn't any
On Jan 29, 2014, at 3:03 AM, Jared Mauch wrote:
> Sure, but this means that network is allowing the spoofing :)
>
> What I did last night was automated comparing the source ASN to the dest ASN
> mapped to and reported both the IP + ASN on a single line for those that were
> interested.
This
Hi,
Jared Mauch wrote on 1/28/14 9:03 PM:
> I'd rather share some data and how others can observe this to determine how
> we can approach a fix. Someone spoofing your IP address out some other
> carrier is something you may be interested to know about, even if you have a
> non-spoofing network
Jared Mauch wrote on 1/28/14 10:11 PM:
> 192.168.0.1 has a rule that says send UDP/53 packets I process to 172.16.0.1.
> Since i'm "outside" it's "NAT", the rule ends up taking the source IP, which
> isn't part of it's "NAT" set, and ends up copying my "source" IP into the
> packet, then forwar
On Jan 28, 2014, at 2:16 PM, Jared Mauch wrote:
>
> On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
>
>> On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said:
>>
>>> 52731 ASN7922
>>
>>> It includes IP address where you send a DNS packet to it and another IP
>>> address responds
27;s UDP. And TCP would be broken.
Nick Olsen
Network Operations
(855) FLSPEED x106
From: "Jared Mauch"
Sent: Tuesday, January 28, 2014 3:04 PM
To: n...@flhsi.com
Cc: "David Miller" , valdis.kletni...@vt.edu, "NANOG"
Subject: Re:
To: "Jared Mauch"
Cc: n...@flhsi.com, "NANOG"
Subject: Re: BCP38.info
Jarad is correct. There is lack of BCP38 filtering in the CPE ASN.
Either the packet has gone
"probe" -> CPE ->(*) recursive server -> "probe"
or
"probe&
Jarad is correct. There is lack of BCP38 filtering in the CPE ASN.
Either the packet has gone
"probe" -> CPE ->(*) recursive server -> "probe"
or
"probe" -> CPE -> recursive server -> CPE ->(*) "probe"
(*) indicates the packet that should have been blocked depending apon
how
On Jan 28, 2014, at 4:07 PM, Nick Olsen wrote:
> While I see what you're saying. It's still not "Spoofed".
>
> The device in question receives the request. And then generates a response
> with the src address of the egress interface of the device dst to the IP and
> port that requested it...
From: "Jared Mauch"
Sent: Tuesday, January 28, 2014 3:04 PM
To: n...@flhsi.com
Cc: "David Miller" , valdis.kletni...@vt.edu, "NANOG"
Subject: Re: BCP38.info
On Jan 28, 2014, at 2:57 PM, Nick Olsen wrote:
> Agreed.
>
> Our's liste
On Jan 28, 2014, at 2:57 PM, Nick Olsen wrote:
> Agreed.
>
> Our's listed for AS36295 are two customers, Which I know for a fact have
> their default route set out of a GRE tunnel interface. So while we hand them
> the request to their interface IP we've assigned them. The response is
> actu
On Jan 28, 2014, at 2:46 PM, David Miller wrote:
>
>
> On 1/28/2014 2:16 PM, Jared Mauch wrote:
>>
>> On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
>>
>>> On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said:
>>>
52731 ASN7922
>>>
It includes IP address where you se
) FLSPEED x106
From: "David Miller"
Sent: Tuesday, January 28, 2014 2:47 PM
To: "Jared Mauch" , valdis.kletni...@vt.edu
Cc: "NANOG"
Subject: Re: BCP38.info
On 1/28/2014 2:16 PM, Jared Mauch wrote:
>
> On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
&
David,
* David Miller (dmil...@tiggee.com) wrote:
> > On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
> >> Hang on Jared, I'm trying to wrap my head around this. You're saying that
> >> AS7922 has over 50K IP addresses which, if you send a DNS query to that IP,
> >> you get an answer
On 1/28/2014 2:16 PM, Jared Mauch wrote:
>
> On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
>
>> On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said:
>>
>>> 52731 ASN7922
>>
>>> It includes IP address where you send a DNS packet to it and another IP
>>> address responds to the q
On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote:
> On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said:
>
>> 52731 ASN7922
>
>> It includes IP address where you send a DNS packet to it and another IP
>> address responds to the query, e.g.:
>
>> The data only includes those where
On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said:
> 52731 ASN7922
> It includes IP address where you send a DNS packet to it and another IP
> address responds to the query, e.g.:
> The data only includes those where the source-ASN and dest-asn of these
> packets dont match.
Hang on
We see this all the time with banking sites and some of the stock
trading ones
Todd
On 1/28/2014 5:06 AM, Jared Mauch wrote:
On Jan 26, 2014, at 12:47 PM, Jay Ashworth wrote:
something like 6 years ago, and couldn't get any traction on it then;
I'm not sure I think much has changed -- appar
On Jan 26, 2014, at 12:47 PM, Jay Ashworth wrote:
> something like 6 years ago, and couldn't get any traction on it then;
> I'm not sure I think much has changed -- apparently, extracting your
> BP thoughts from mailing list postings and putting them into a wiki is
> more effort than most NANOG
- Original Message -
> From: "Chris Grundemann"
> Perhaps instead of trying to do this as a new independent activity
> (with
> all of the difficulties that entails), the community would be better
> served
> by documenting this information as a BCOP or two or three???
>
> >>> http://bcop.
Good stuff on this topic assembled by Barry Greene here:
http://confluence.senki.org/pages/viewpage.action?pageId=1474569
Tony
On Sat, Jan 25, 2014 at 7:57 PM, Chris Grundemann wrote:
> Perhaps instead of trying to do this as a new independent activity (with
> all of the difficulties that entai
Perhaps instead of trying to do this as a new independent activity (with
all of the difficulties that entails), the community would be better served
by documenting this information as a BCOP or two or three???
>>> http://bcop.nanog.org/ <<<
$0.02
~Chris
On Sun, Jan 26, 2014 at 4:08 AM, Jay As
Well,
Out of 25 accounts, 22 where for spamming. Even with captcha, etc.
Since then I put a mention to contact modera...@bcp38.info for
account creation.
You'll see it if you are going through the [Log in] link
http://www.bcp38.info/index.php?title=Special:UserLogin&returnto=Ma
Well,
Usual failure from my part =D.
But I think I see what's happening...
ns1.bcp38.org
ns2.bcp38.org
Are not yet registered.
I've move them to "production" servers until it complete.
Let me know.
-
Alain Hebertaheb...@pubnix.net
I get amusing results as well:
delong-dhcp227:owen (182) ~/idisk_backup/draft-delong-ula-example % host
www.bcp38.info
www.bcp38.info has address 192.172.250.28
www.bcp38.info has IPv6 address 2607:2a00:1:6::c0ac:fa1c
Host www.bcp38.info not found: 3(NXDOMAIN)
Owen
On Mar 29, 2013, at 15:24 , P
On Fri, Mar 29, 2013 at 3:14 PM, Jay Ashworth wrote:
> - Original Message -
> > From: "Alain Hebert"
>
> > http://www.BCP38.info is up.
> >
>
I can't prove that from my neck of the woods...
$ dig www.bcp38.info
; <<>> DiG 9.7.6-P1 <<>> www.bcp38.info
;; global options: +cmd
;; Got ans
32 matches
Mail list logo
