David,
While I agree with you that there is no excuse for the general IPv6 brokenness
across all vendors, they are just doing what participants on lists like this
one tell them. Name&Shame may help a little, but until a large number of people
get serious and stop prioritizing IPv4 in their purc
On Wed, 27 May 2015 09:13:47 +0530, Anil Kumar said:
> that link, since I have two-step verification set up, I was presented
> with a demand for a number provided by the Google Authenticator
> app on my phone. I provided that number and only then was I allowed
> to reset the password.
And you have
On 5/27/2015 03:17, valdis.kletni...@vt.edu wrote:
On Wed, 27 May 2015 09:13:47 +0530, Anil Kumar said:
that link, since I have two-step verification set up, I was presented
with a demand for a number provided by the Google Authenticator
app on my phone. I provided that number and only then was
On 27/May/15 01:27, Ca By wrote:
> Had ipv4 ever hurt you ?
>
> Me too.
IPv4 still hurts me (in some ways, worse than IPv6), and it's 2015.
Figures...
You just need to open cases with your vendors and help them fix these
issues. Sadly, no way around this. Software is not perfect. The humans
tha
On 27/May/15 06:52, Bogdan wrote:
> hello
>
> what software do you use for looking glass. for cisco ios and ios-xr?
> i use the old cougar/version6.net for ios, but ios-xr is not supported.
> i came across https://github.com/tmshlvck/ulg/ but did't installed yet.
> are there any other interesting
On Tue, 26 May 2015, David Sotnick wrote:
> Arista EOS code — and it only appears to affect Virtual Machines which are
> behind our RedHat Enterprise Virtualization cluster. None of the hundreds
> of VMware-connected hosts are affected. The symptom is basically the same
> as the Palo Alto bug. Nei
Can anyone here tell a bit of a history on the Indy Telcom Center? What
operators (network and datacenter) have occupied what properties over the
years? There's about a dozen buildings that were all railroad related in the
past. You can see abandoned tracks running through the property at differ
> On May 26, 2015, at 6:11 PM, Saku Ytti wrote:
>
> On (2015-05-26 17:44 +0200), Owen DeLong wrote:
>
> Hey,
>
>> I think opt-out of password recovery choices on a line-item basis is not a
>> bad concept.
>
> This sounds reasonable. At least then you could decide which balance of
> risk/conv
On 27 May 2015, at 13:19, Owen DeLong wrote:
If someone has the ability to hijack your BGP, then you’ve got
bigger problems than
having them take over your Gmail account.
Could we perhaps summarise this entire thread with "if you have tighter
security requirements for your e-mail than a pa
I am primarily wanting something that will act like a DELL MD1200, SAS
connected to a server, then run a clustered filesystem on the server(s) which
will serve up NFS or iSCSI to client devices.
Graham Johnston
Network Planner
Westman Communications Group
204.717.2829
johnst...@westmancom.com
On (2015-05-27 14:19 +0200), Owen DeLong wrote:
Hey,
> If someone has the ability to hijack your BGP, then you???ve got bigger
> problems than
> having them take over your Gmail account.
This is second reply to this notion. I don't understand what is attempted to
communicate. I'm sure no one on
You can also register a U2F key.
On Wed, May 27, 2015 at 3:17 AM, wrote:
> On Wed, 27 May 2015 09:13:47 +0530, Anil Kumar said:
> > that link, since I have two-step verification set up, I was presented
> > with a demand for a number provided by the Google Authenticator
> > app on my phone. I pro
I also suspect not every telco validates number porting requests against
social engineering properly.
A telephone number isn't something you have, it is something your provider
has.
On Wednesday, May 27, 2015, Saku Ytti wrote:
> On (2015-05-27 14:19 +0200), Owen DeLong wrote:
>
> Hey,
>
> > If
"Security is an illusion" - Confucius probably
On Wed, May 27, 2015 at 8:42 AM, Joel Maslak wrote:
> I also suspect not every telco validates number porting requests against
> social engineering properly.
>
> A telephone number isn't something you have, it is something your provider
> has.
>
> O
MD1200 is a great bet then.
Other options -- SuperMicro has lots:
http://www.supermicro.com/products/chassis/2U/?chs=216
Quanta:
http://www.quantaqct.com/Product/Rack-Systems/Rackgo-X/JBODs/JBR-p247c77c86c88c92
On Wed, May 27, 2015 at 01:06:09PM +, Graham Johnston wrote:
> I am primarily w
On Tue, May 26, 2015 at 4:10 PM, Scott Howard wrote:
> On Tue, May 26, 2015 at 12:28 PM, Aaron C. de Bruyn
> wrote:
>> If they can e-mail you your existing password (*cough*Netgear*cough*),
>> it means they are storing your credentials in the database
>> un-encrypted.
>
> No, it doesn't mean that
Who makes the 7250?
On Tue, May 26, 2015 at 10:07 PM, Brant Ian Stevens <
bra...@argentiumsolutions.com> wrote:
> Any feedback on the new 7250’s yet?
>
>
>
>
> On 5/26/15, 3:02 PM, "NANOG on behalf of Chris Lane" <
> nanog-boun...@nanog.org on behalf of clane1...@gmail.com> wrote:
>
> >We use Bro
Brocade.
From: Colton Conor
Date: Wednesday, May 27, 2015 at 12:52 PM
To: branto
Cc: Chris Lane, Daniel Rohan, NANOG
Subject: Re: 10Gb CPE
Who makes the 7250?
On Tue, May 26, 2015 at 10:07 PM, Brant Ian Stevens
wrote:
Any feedback on the new 7250’s yet?
On 5/26/15, 3:02 PM, "NANOG on
On Wed, 27 May 2015 16:11:19 +0300, Saku Ytti said:
> This is second reply to this notion. I don't understand what is attempted to
> communicate. I'm sure no one on nanog thinks BGP hijacks are rare, difficult
> or yield to consequences when called out.
What *is* rare is a BGP hijack done solely
On May 27, 2015 at 10:28 b...@herrin.us (William Herrin) wrote:
> On Tue, May 26, 2015 at 4:10 PM, Scott Howard wrote:
> > On Tue, May 26, 2015 at 12:28 PM, Aaron C. de Bruyn
> > wrote:
> >> If they can e-mail you your existing password (*cough*Netgear*cough*),
> >> it means they are storin
The OP was correct, if they can send you your cleartext password then
their security practices are inadequate, period.
Unless I misunderstand what you're saying (I sort of hope I do) this
is Security 101.
As I've said a couple of times already, but perhaps without the capital
letters, from a s
> On May 27, 2015, at 11:22, John R. Levine wrote:
> As I've said a couple of times already, but perhaps without the capital
> letters, from a security point of view, generating a NEW PASSWORD and sending
> it in cleartext is no worse than sending you a one time reset link. Either
> way, if
On May 27, 2015 at 14:22 jo...@iecc.com (John R. Levine) wrote:
> > The OP was correct, if they can send you your cleartext password then
> > their security practices are inadequate, period.
> >
> > Unless I misunderstand what you're saying (I sort of hope I do) this
> > is Security 101.
>
One weakness with sending a new cleartext password rather than a link
is that a cleartext password (probably) has to be engineered to be
easy to type in and maybe even remembered.
Typically one uses some concatenation of CVC
(consonant-vowel-consonant) with common punctuations and/or digits
other
I also used brocade icx series for this. Depending on feature requirements
the juniper ex3300 might be cheaper.
On Tue, May 26, 2015, 12:04 PM Chris Lane wrote:
> We use Brocade ICX 6450s for this.
>
> -Chris
>
> On Tue, May 26, 2015 at 2:40 PM, Daniel Rohan wrote:
>
> > With the deluge of 10Gb
On Tue, May 26, 2015 at 04:19:25PM -0700, David Sotnick wrote:
> Hi NANOG,
>
> The company I work for has no business case for being on the IPv6-Internet.
> However, I am an inquisitive person and I am always looking to learn new
> things, so about 3 years ago I started down the IPv6 path. This wa
On 5/27/2015 3:20 PM, Jared Mauch wrote:
On Tue, May 26, 2015 at 04:19:25PM -0700, David Sotnick wrote:
Hi NANOG,
The company I work for has no business case for being on the IPv6-Internet.
However, I am an inquisitive person and I am always looking to learn new
things, so about 3 years ago I
On Wed, May 27, 2015 at 1:51 PM, Barry Shein wrote:
> On May 27, 2015 at 10:28 b...@herrin.us (William Herrin) wrote:
> > On Tue, May 26, 2015 at 4:10 PM, Scott Howard wrote:
> > > It means they are storing it unhashed
> > > which is probably what you mean.
> >
> > It means they're storing i
On Wed, May 27, 2015 at 01:51:35PM -0400, Barry Shein wrote:
> Getting a copy of the database of hashes and login names is basically
> useless to an attacker.
Not any more, if the hash algorithm isn't sufficiently strong:
25-GPU cluster cracks every standard Windows password in <6
On 26 May 2015 at 23:43, Anil Kumar wrote:
>
> According to this page, the 2-factor authentication does kick in when you
> finally try to reset the password.
>
>
> http://webapps.stackexchange.com/questions/27258/is-there-a-way-of-disabling-googles-password-recovery-feature
>
> “… I was presented
On Wed, May 27, 2015 at 4:52 PM, Harald Koch wrote:
>
> Y'all are way too trusting ;)
Or we are much more comfortable with our knowledge. Six in one,
> If I recall from a brief experiment yesterday, three of the four options on
> that page are variations on "I'd like to bypass 2-factor auth
I am looking for some rough estimates of the ratio of capacity
(equipment) pricing declines versus average increase in end user capacity.
For instance, say end user average capcity usage increases 50% over 3
years, would the ISP's costs also increase by 50% ? Or would increased
efficency of equip
I am truly relieved that this was just a misunderstanding!
-b
On May 27, 2015 at 16:05 b...@herrin.us (William Herrin) wrote:
> On Wed, May 27, 2015 at 1:51 PM, Barry Shein wrote:
> > On May 27, 2015 at 10:28 b...@herrin.us (William Herrin) wrote:
> > > On Tue, May 26, 2015 at 4:10 PM, Sc
Good name in man and woman, dear my lord,
Is the immediate jewel of their souls.
Who steals my purse steals trash; 'tis something, nothing;
'Twas mine, 'tis his, and has been slave to thousands;
But he that filches from me my good name
Robs me of that which not enriches him,
And make
On 27/May/15 23:36, Jean-Francois Mezei wrote:
> I am looking for some rough estimates of the ratio of capacity
> (equipment) pricing declines versus average increase in end user capacity.
>
> For instance, say end user average capcity usage increases 50% over 3
> years, would the ISP's costs als
LinkedIn used SHA-1, a fast algorithm. At 350-billion guesses per second on
the mentioned rig for fast algorithms, yeah, you can get through a lot of
passwords quickly. Hopefully LinkedIn has changed their ways.
In that same article:
"...functions such as Bcrypt, PBKDF2, and SHA512crypt are
> I was thinking about using the last 2 digits of the year as the
> cost factor, but that might not scale with hardware linearly.
How about: 2 ^ (last 2 digits of year / 2)
This would track per Moore's Law.
John
John Souvestre - New Orleans LA
But if this happens over a period where there have been improvements in
equipment/efficiency, then one would think the increase in costs would be
less than 20%.
The above hypothesis why imply that the 20% linear increase is not fair, vs
directly making the case that the base rate, s
On 15-05-27 19:20, Faisal Imtiaz wrote:
> The above hypothesis why imply that the 20% linear increase is not fair, vs
> directly making the case that the base rate, set in some point in the past is
> not fair/appropriate anymore ?
These rates cover aggregation between an end user's CO and a c
I have half a dozen servers in the Netstream DC that I need moved to the
Cyberwurx DC in Atlanta.
I'm looking for some remote hands to assist with moving these machines.
Cheers Don
http://www.netstreamcom.net/
200 Sandy Springs Place
Atlanta, GA 30328
Cyberwurxhttps://cyberwurx.com/datacente
On Wed, May 27, 2015 at 6:04 PM, Peter Beckman wrote:
[snip]
> I was thinking about using the last 2 digits of the year as the cost
> factor, but that might not scale with hardware linearly.
It is strongly recommended that when used for password storage, the
work factor for BCRYPT, SCRYPT, or PB
If I understand your question correctly, the answer is: it depends. You can
model the cost of delivering your service and keep track of three types of
cost: fixed, variable and marginal. Here is a really good video that
explains these:
https://youtu.be/bBQVaRnHqLs
You might find an industry avera
Hi,
I have half a dozen servers in a DC in Renton, WA 98057, USA.
I'm looking for quotes 7 RU with 100mbit PIR. I do need A and B side power.
The pricing from my current provider has got out of hand and they have
burnt the relationship. As a result I am interested in hearing from
others wh
Hi,
I am looking at deterministic ways (perhaps employing data science) to
predict TCP throughput that i can expect between two end points. I am using
the latency (RTT) and the packet loss as the parameters. Is there anything
else that i can use to predict the throughput?
A related question to th
Telco's cost structure model is very different from Cable Co's. Additionally
the way they are regulated is also very different.
Based on the additional details you have shared, you are saying that Bell
charges $1016/100meg of Colo to Colo Transport ?
Now you also need to add a bit more info, lik
On Thu, May 28, 2015 at 03:07:45AM +, Faisal Imtiaz wrote:
> Telco's cost structure model is very different from Cable Co's. Additionally
> the way they are regulated is also very different.
>
> Based on the additional details you have shared, you are saying that Bell
> charges $1016/100meg
What I am looking for is the networking equivalent to Moore's law:
"on average, every year, cost of 1gbps capacity goes down by x%"
The immediate goal is to show that rates that are fixed for 10 years are
not "just and reasonable" (text from the canadian Telecom Act) and need
a review.
In the ca
You need to account for window size as well. You should also account for
the details of the specific implementation of the TCP stack you are dealing
with if you truly need a deterministic result.
On Wed, May 27, 2015 at 8:15 PM, Glen Kent wrote:
> Hi,
>
> I am looking at deterministic ways (perh
On Wed, 27 May 2015 17:36:23 -0400, Jean-Francois Mezei said:
> For instance, say end user average capcity usage increases 50% over 3
> years, would the ISP's costs also increase by 50% ?
Depends. If the current gear had enough capacity to absorb the additional
50%, the ISP's costs didn't change
49 matches
Mail list logo
