I've used the first one, and hacked on the second.
WANGuard, when deployed properly, works amazingly well.
ddosmon is only useful if you have netflow v5 flows (or sflow that can
get converted to nfv5), but also works well when coupled with exabgp /
openbgpd.
I added some per ip limiting / ex
Roland Dobbins wrote:
On 9 Nov 2014, at 10:37, Jon Lewis wrote:
I'm sure it's not always the case, but in my experience as a SP, the
victim virtually always did something to instigate the attack, and is
usually someone you don't want as a customer.
This may be a reflection of your experienc
Also, abusix is not completely accurate (and they've never responded to
my emails reporting problems). For example, any IPs from apnic and
nic.ad.jp return the registry's abuse address, which doesn't do anything.
Don't forget about all the providers with incorrect abuse contacts, or
providers
On 11/09/2014 09:31 AM, Brian Rak wrote:
> Some tips:
> 1) Verify the servers are still vulnerable. This is pretty straightforward,
> and saves everyone
> involved some time
For a DDOS, I'd be concerned that the provider would now think my activity was
malicious.
> 2) Your abuse emails should
Look at the products from RioRey (www.riorey.com). IMHO I think their
technology is much better than some of the other players out here.
On 11/08/2014 07:10 PM, Eric C. Miller wrote:
> Today, we experienced (3) separate DDoS attacks from Eastern Asia, all
> generating > 2Gbps towards a single I
On 11/8/14 6:33 PM, Roland Dobbins wrote:
this is incorrect and harmful, and should be removed:
iii.Consider dropping any DNS reply packets which are larger
than 512 Bytes – these are commonly found in DNS DoS Amplification attacks.
This *breaks the Internet*. Don't do it.
+1
On 9November2014Sunday, at 11:40, Doug Barton wrote:
> On 11/8/14 6:33 PM, Roland Dobbins wrote:
>> this is incorrect and harmful, and should be removed:
>>
>> iii.Consider dropping any DNS reply packets which are larger
>> than 512 Bytes – these are commonly found in DNS DoS Amplifica
On 11/8/14 1:02 PM, Frank Bulk wrote:
> The Google angle is also being discussed on outages. Initial suspicions are
> PTB packets not flowing through tunneled connections.
you can also have problems in the other direction e.g. if your tunnel
ingress sends a ptb towards a load balanced service it
On Sat, Nov 8, 2014 at 6:10 PM, Jeroen Massar wrote:
> Google does not seem to be home.
to be clear, folk who care do know about the problem and are working
on a solution...
Holy molly, thankyou!! I just enrolled.
On 08/11/14 23:00, nanog-requ...@nanog.org wrote:
From: "Wakefield, Thad M." To:
"nanog@nanog.org" Subject: RE: Cisco CCNA Training
Message-ID:
Content-Type: text/plain; charset="utf-8" Until midnight Monday this
course is on sale for $24:
https:/
On 11/9/2014 13:40, Doug Barton wrote:
On 11/8/14 6:33 PM, Roland Dobbins wrote:
this is incorrect and harmful, and should be removed:
iii.Consider dropping any DNS reply packets which are larger
than 512 Bytes – these are commonly found in DNS DoS Amplification
attacks.
This *breaks
On 10 Nov 2014, at 8:23, Larry Sheldon wrote:
> The whole thing> Really?
Breaking DNS for your customers pretty much breaks the Internet for them, yes.
---
Roland Dobbins
All:
A job opportunity just came my way to work with 26 miles of dark fiber in and
around a city in Texas.
The intent is for me to deliver internet and private network services to
business customers in this area.
I relish the thought of starting from scratch to build a network right from the
Thanks Jason.
I've tried to organize them here:
http://www1.icsi.berkeley.edu/~srikanth/tos.html
So please send along any interesting traces, any ideas for tests, or
comments!
- Srikanth
On 11/8/14 9:46 PM, Livingood, Jason wrote:
FYI to this list since I suspect few of you are on the M-
The below is a really sad story. Condolences on the coming trainwreck. I
hope you get someone on staff or on consult that understands outside plant
architecture, because it is much more important and complex topic than you
seem to realize.
On Sun, Nov 9, 2014 at 9:18 PM, Lorell Hathcock wrote:
Hi,
26 miles is not a long distance when working with fiber. I would have just
one active POPs (or two for redundancy). Use DWDM to expand your 6 strands
into as many links as you need. You could also use GPON with splitters,
although that will only deliver 1 Gbps (on a shared 2.4 Gbps) at this ti
WoW !.. that was a rather cruel and un-called for !
How does that saying go.Don't say anything, if you cannot say anything nice
!
Faisal Imtiaz
Snappy Internet & Telecom
- Original Message -
> From: "Fletcher Kittredge"
> To: "Lorell Hathcock"
> Cc: nanog@nanog.org
> Sent: Sunda
Hey come on. Yes it is complex but not impossible to learn "on the job".
You have absolutely no knowledge of his skills and know almost nothing
about the project. How can you say anything about the impossibility of
overcoming the challenges ahead?
One thing that amazes me about NANOG is that while
On Sun, 9 Nov 2014, Lorell Hathcock wrote:
A job opportunity just came my way to work with 26 miles of dark fiber
in and around a city in Texas.
How is the outside plant being built and supported? Who fixes fiber cuts?
Who manages the fiber-cut-fixers? Who monitors the network and handles
I would suggest that you do some rapid field deployment education in regards to
fiber networks.
You might consider joining WISPA and or FISPA (two industry associations),
where you have folks building out fiber networks, who are very willing to share
their experience and tell you what is worki
--- fkitt...@gwi.net wrote:
From: Fletcher Kittredge
The below is a really sad story. Condolences on the coming trainwreck. I
hope you get someone on staff or on consult that understands outside plant
architecture, because it is much more important and complex topic than you
seem to realize.
--
Ah, the famous good-will of NANOG. I knew I would get some interesting
responses.
I was part of the Field Ops group of Enron Broadband years ago. We deployed
DWDM extensively. Admittedly it has been a while.
This 26 miles of dark fiber is deployed by a municipality in and around their
fair c
I would say the OP is starting out right by reaching out to people who can
give advice and point him in the right direction. I would say the first
place to start would be budget.
I don't think calling this is a trainwreck before it even leaves paper
isn't very helpful.
One option might be to sta
:: Ah, the famous good-will of NANOG.
But you got more of the good than the other.
:: I knew I would get some interesting responses.
And you got more of that than non-interesting...
:-)
scott
On 2014-11-09 23:00, Christopher Morrow wrote:
> On Sat, Nov 8, 2014 at 6:10 PM, Jeroen Massar wrote:
>> Google does not seem to be home.
Note that you skipped the rest:
"Google does not seem to be home. They used to have a handy
i...@google.com address, but alas, that does not exist anymore."
25 matches
Mail list logo
