Strict RFC 4893 (4-byte ASN support) BGP4 implementations are vulnerable to a
session reset by distant (not directly connected) ASes. This vulnerability is a
feature of the standard, and unless immediate action is taken an increasingly
significant number of networks will be open to attack. Accident
Also there is the JRadius: http://coova.org/wiki/index.php/JRadius
Very easy to run it and also it is developed in Java.
But I never tested its scalability in large environments.
regards,
./diogo -montagner
On Thu, Jan 15, 2009 at 6:43 PM, Hugh Irvine wrote:
>
> Hello John -
>
> Radiator inc
* Jeff Mitchell:
> I've been seeing some odd behavior today with some of the servers that
> respond to smtp.comcast.net on port 587. Some, but not all, of the
> servers are presenting self-signed certs, causing my own server to
> balk at making a connection. (The Organization is RTFM, Inc. -- it'd
On Fri, Jan 16, 2009, Florian Weimer wrote:
> There's no PKI for Internet Mail routing, so I don't see what you get
> by checking certificates at all.
Function, non-broken Outlook integration.
Adrian
(Who is -fed up- with outlook just randomly spewing crap at you from time
to time if you use
* Adrian Chadd:
> On Fri, Jan 16, 2009, Florian Weimer wrote:
>
>> There's no PKI for Internet Mail routing, so I don't see what you get
>> by checking certificates at all.
>
> Function, non-broken Outlook integration.
Oops, silly me. I assumed that this was about SMTP, it's about
message submis
Comments below.
Rob Shakir wrote:
Strict RFC 4893 (4-byte ASN support) BGP4 implementations are vulnerable to a
session reset by distant (not directly connected) ASes. This vulnerability is a
feature of the standard, and unless immediate action is taken an increasingly
significant number of netw
On Fri, 16 Jan 2009, Florian Weimer wrote:
>
> There's no PKI for Internet Mail routing, so I don't see what you get
> by checking certificates at all.
That's not entirely true. SMTP over TLS is intended to work for
inter-domain SMTP, and it is in fact quite frequently used. However it is
utterly
Tony Finch wrote:
That's not entirely true. SMTP over TLS is intended to work for
inter-domain SMTP, and it is in fact quite frequently used.
My understanding is that Comcast uses it simply for encryption, not for
authentication.
* Most SMTP software does not check certificates and many certifi
On Fri, 16 Jan 2009, Jeff Mitchell wrote:
> You're right; certificate verification was turned on on my end simply because
> I'd never had a reason to turn it off (since in recent times the majority of
> my mail goes through their gateway, which has never presented an invalid
> certificate to me be
I submitted a ticket to Comcast yesterday around 10:00 AM EST regarding
this issue (ticket #151689315), received a standard reply last night,
but as of yesterday 14:45 EST, the issue seems to have resolved itself.
Here's the certificate I saw:
Issued To
Common Name (CN) - localhost
Organization
Eric Tow wrote:
I submitted a ticket to Comcast yesterday around 10:00 AM EST regarding
this issue (ticket #151689315), received a standard reply last night,
but as of yesterday 14:45 EST, the issue seems to have resolved itself.
I can verify that it was still happening as of about 12:10 AM EST t
On Jan 16, 2009, at 8:54 AM, Tony Finch wrote:
On Fri, 16 Jan 2009, Jeff Mitchell wrote:
You're right; certificate verification was turned on on my end
simply because
I'd never had a reason to turn it off (since in recent times the
majority of
my mail goes through their gateway, which has
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to bgp-st...@lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith .
Routing
On Thu, 15 Jan 2009, Antonio Querubin wrote:
We've detected a large drop in the IPv4 multicast prefix count over the past
few days. Anybody know what's going on?
At this point I haven't seen any problems, nor have customers reported any
to me. I did see my multicast prefix count drop from a
Hi all,
This is a mail that I have been meaning to send ever since I moved
back to the NoVA area, but have only gotten around to now...
Many years ago I used to provide emergency, smart hands type
assistance to those in need, but had to give this up when I moved out
of the area. Anyway, I
We've grown to the point that "The MCI T-1 in Ontario" or "Bob's
ethernet to port 6/23 on switch 7" aren't scaling. Also in working with
carriers we are frequently asked to provide our internal circuit number.
I've seen a lot of the the LEC scheme NN--NN where has some
significan
I think it is really depending on what kind of provisioning system you
have.
Circuit ID is determined by your provisioning system for CLR/DLR reference.
As long as you can find circuit info quickly, it doesn't matter that much.
Alex
Jay Hennigan wrote:
> We've grown to the point that "The MCI T-
On Fri, 16 Jan 2009, Jay Hennigan wrote:
Any suggestions from those who have been down this road as to a schema that
makes sense and is scalable? Are there documented best practices?
Many of the RBOCs (if they can be called that anymore) use the Common
Language Circuit Identifier (CLCI) nome
I came across this article on /.:
http://www.networkworld.com/news/2009/011509-bgp.html?page=1
I'm not too familiar with security of routing protocols, but it became
immediately evident as I read this article that much of the work has
been accomplished with soBGP. I'm wondering why there is a new
- j...@west.net wrote: --
thing and horrendously long circuit numbers including CLLI codes such as
101/T3/SNLOCAGTH07/SNLOCA01K15.
---
That is what's used by the transport section (I'm in the IP section) in the
company where I work. Even though the descrip
Jay Hennigan wrote:
We've grown to the point that "The MCI T-1 in Ontario" or "Bob's
ethernet to port 6/23 on switch 7" aren't scaling. Also in working
with carriers we are frequently asked to provide our internal circuit
number.
I've seen a lot of the the LEC scheme NN--NN where XXX
On Sat, 17 Jan 2009 00:14:17 +
Naveen Nathan wrote:
> I came across this article on /.:
> http://www.networkworld.com/news/2009/011509-bgp.html?page=1
>
> I'm not too familiar with security of routing protocols, but it became
> immediately evident as I read this article that much of the work
warren, way cool and deeply generous of you. i wish i was clueful
enough about where colos are and how things work in otemachi to offer to
help folk who have kit here.
fwiw, the seattle/westin community is very helpful in this way, with the
seattle internet exchange lists a good place to beg
On 1/16/09, Warren Kumari wrote:
>
> Hi all,
>
> This is a mail that I have been meaning to send ever since I moved back to
> the NoVA area, but have only gotten around to now...
>
> Many years ago I used to provide emergency, smart hands type assistance to
> those in need, but had to give this up
24 matches
Mail list logo
