My read on the situation is Yet Another Intermediate Cacheing Fail in storage,
a well known problem. Yes, do a pull the power test on your storage so you
KNOW what's committed...
George William Herbert
Sent from my iPhone
> On Aug 19, 2015, at 5:44 PM, Sean Donelan wrote:
>
>
> As the sayin
You guys aren't devious enough.
These guys are in violation of CAN-SPAM. To the tune of exceeding the
statutory maximum $1,000,000 per ISP last *month* for some of you, much less in
the statute of limitations period. You could probably point to refusal to
remove as justifying the triple dama
https://bgpstream.com/event/19524
Second Sonatel hijack in last half hour-ish. Anyone on NANOG?...
George William Herbert
Sent from my iPhone
If you're asking if one can get a provider's router to handle the outside
physical part of a DC connection... As an ISP service so you don't need your
own router hardware...
I was working on this for a recent ex client and asked Level 3 exactly that
question. I believe I had the right network
> On Mar 11, 2016, at 11:57 AM, "Mark T. Ganzer" wrote:
>
> but I will instead ask this for your consideration: Do servers in "test,
> stage, development, or any other environment" really need to have the same
> environmental, power and connectivity requirements that "production" servers
er clusters / onsies.
George William Herbert
Sent from my iPhone
> On Mar 13, 2016, at 2:15 PM, Sean Donelan wrote:
>
>> On Sun, 13 Mar 2016, Roland Dobbins wrote:
>>> On 13 Mar 2016, at 3:03, George Herbert wrote:
>>>
>>> It's a symptom of trying to save a
At enterprise storage costs, that much storage will cost more than the OC-12,
and then add datacenter and backups. Total could be 2-3x OC-12 annual costs.
If your org can afford to buy non-top-line storage then it would probably be
cheaper to go local.
However, you should check how much of th
> On Mar 14, 2016, at 12:19 PM, George Metz wrote:
>
> Based on the "standard" (per the Windows admins) file storage space of 700
> meg, that sounds like 3TB for user storage. Even if it were 30TB, I still
> can't see a proper setup costing more than the OC-12 after a period of two
> years.
I know someone (not ops but ha can forward internally); forwarding to him.
George William Herbert
Sent from my iPhone
> On Mar 16, 2016, at 2:18 PM, Christopher Tyler
> wrote:
>
> Does anyone have a contact at Craigslist?
> Some of our IP addresses got blocked and we are getting no response
So...
Before I go on, I have not been in Todd's shoes, either serving nor directly
supporting an org like that.
However, I have indirectly supported orgs like that and consulted at or
supported literally hundreds of commercial and a few educational and nonprofit
orgs over the last 30 years.
> On Mar 16, 2016, at 2:51 PM, "Michael J Wise" wrote:
>
> Let's try that again, once more with feeling.
Put that tablet away
I'm asking you, please, no
It isn't right, it isn't fair!
There were firewalls everywhere
I think that exploit wasn't there...
George William Herbert
Sent from my
My guy (who is coder team not ops) confirmed he got the forwarded email and is
passing it to the right ops folks, but those ops folks will have to reach back
out again to Chris.
You might try Michael's contacts if you don't hear anything in a few hours at
most.
George William Herbert
Sent from
Come on, the audit requirements should have diversity/redundancy concerns in
them.
That's standard in all the audits I have done or participated in.
If these ones don't I have a marketing opportunity to teach a HA seminar and
followon consulting to the IG.
George William Herbert
Sent from my i
from my iPhone
> On Mar 22, 2016, at 11:36 AM, Sean Donelan wrote:
>
>> On Tue, 22 Mar 2016, George Herbert wrote:
>> Come on, the audit requirements should have diversity/redundancy concerns in
>> them.
>>
>> That's standard in all the audits I have
A whole pile of new vulnerabilities including remote code exploit were
revealed against specific models about 3 weeks ago; I had not heard of any
exploits, but, ...
Which is why the models and IOS versions would be very useful.
On Mon, Apr 13, 2015 at 2:59 PM, Rashed Alwarrag
wrote:
> Still I d
Also, what are reliability and redundancy requirements.
10 gigs of bare naked fiber is one thing, but if you need extra paths
redundancy, figure that out now and specify.
Is this latency, bandwidth, both? Mission critical, business critical,
less priority? 24x7x365, or subset of that, or interm
That's nothing.
I was in a business office colo facility in San Jose in the 2001 timeframe,
that had a (as I recall) 12-rack long patch panel setup for the 2 or 3
floors they occupied. All the phones and LANs used the same panels.
They'd used red cable for everything. There was no - zero - cabl
Poisoning a domain's NS records with localhost will most certainly DOS the
domain, yes.
I have not yet seen the source of this; if anyone has a clue where the
updates are coming from please post the info.
Is there anything about ztomy.com that has been seen that's supicious as in
they might be th
At the DNS Servers or service provider level, one can (and I often do) have
redundant providers.
At the registrar level? ...
Not with our current infrastructure, as far as I know how.
The Internet: Discovering new SPOF since 1969!
George William Herbert
Sent from my iPhone
On Jun 20, 2013,
The indications and claim are that the root cause was registrar internal
goof, not hostile action against name servers.
The story is not yet detailed enough to add up; getting from point A to
point B requires steps that so far don't really make sense. A more
detailed explanation is hopefully to b
I know how we got here, but perhaps we can take corporate parentage and how big
.com is now to -discuss?
What happened with the registry data that caused the outage and what can /
should be done about it / to prevent it happening again still seem to me to be
operational topics.
George Willia
On Tue, Jun 25, 2013 at 4:38 PM, Larry Sheldon wrote:
>
> What is it about people that makes them free-load on services like NTP
> chimes and DNSBLS but refuse to stay in contact with(or at least
> contactable by) the providers when important stuff is pending?
>
Several generations of employees p
Numbers from memory and filed off a bit for anonymity, but
A site I was consulting with had statistically large numbers of x86 servers
(say, 3000), SPARC enterprise gear (100), NetApp units (60) and NetApp drives
(5000+) go through a roughly 42C excursion. It was much hotter at ceiling
lev
http://abcnews.go.com/International/wireStory/sudan-security-clashes-subsidy-protesters-20360418
On Wed, Sep 25, 2013 at 5:34 PM, Tammy Firefly wrote:
> On 9/25/13 18:29:58, Jeff Kell wrote:
> > On 9/25/2013 8:25 PM, Tammy Firefly wrote:
> >> with the old fashioned pair of diagonal cutters appli
On Fri, Nov 1, 2013 at 3:26 PM, Niels Bakker wrote:
> * mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]:
>
> Its about the CPU cost of the crypto. I was once told the number of CPUs
>> required to do SSL on web search (which I have now forgotten) and it was a
>> bigger number than
On Fri, Nov 1, 2013 at 4:01 PM, Masataka Ohta <
mo...@necom830.hpcl.titech.ac.jp> wrote:
> Anthony Junk wrote:
>
> > It seems as if both Yahoo and Google assumed that since they were
> > private circuits that they didn't have to encrypt.
>
> According to Snowden, there are government agents at key
On Fri, Nov 1, 2013 at 4:37 PM, Randy Bush wrote:
> > Anyone familiar with secure organizations
>
> there are such things?
>
> we should be more cautious with absolutes, usually :)
>
Nothing is absolute, but there are certainly "white" organizations which
have no attempt to be secure, and much
On Wed, Feb 2, 2011 at 8:55 AM, Iljitsch van Beijnum wrote:
> On 2 feb 2011, at 17:14, Dave Israel wrote:
>
>>> I understand people use DHCP for lots of stuff today. But that's mainly
>>> because DHCP is there, not because it's the best possible way to get that
>>> particular job done.
>
>> So w
On Wed, Feb 2, 2011 at 1:13 PM, Leo Bicknell wrote:
> In a message written on Wed, Feb 02, 2011 at 09:55:30PM +0100, Iljitsch van
> Beijnum wrote:
>> Can you explain what exactly the problems with DHCPv6 are that you're
>> running into that are inherent to DHCP and/or IPv6 host configuration and
On Wed, Feb 2, 2011 at 5:07 PM, Carlos Martinez-Cagnazzo
wrote:
> Disconnected networks have a bothersome tendency to get connected at
> some point ( I have been severely bitten by this in the past ), so
> while I agree that there is no need to coordinate anything globally,
> then a RFC 1918-like
On Thu, Feb 3, 2011 at 1:27 PM, Jeffrey Lyon
wrote:
> Pragmatically, compelling the release of a legacy allocation to a
> major company could be difficult, however, if the ARIN community were
> to draft a resolution to reclaim the space it may have a profound
> effect on public sentiment toward th
On Thu, Feb 3, 2011 at 1:52 PM, wrote:
> On Thu, 03 Feb 2011 13:39:25 PST, George Herbert said:
>
>> It's probably most practical for them to renumber into a subset of
>> their existing space, collapsing down from the whole /8 into a /10 or
>> something longer, wh
On Thu, Feb 3, 2011 at 3:17 PM, Fernando Gont wrote:
> On 03/02/2011 10:07 a.m., Rob Evans wrote:
>
>>> You must be kiddin'... You're considering going through this mess
>>> again in a few decades?
>>
>> I'm mildly surprised if you think we're going to be done with *this*
>> mess in a few decades.
On Mon, Feb 7, 2011 at 2:23 PM, Ryan Wilkins wrote:
>
> On Feb 7, 2011, at 4:06 PM, Michael Painter wrote:
>>
>> Hi Denys
>> I doubt it's intentional jamming since I've had the same problem.
>> Aegis radar is very high power in full radiate mode and as such creates
>> problems for Low Noise Ampli
On Tue, Feb 8, 2011 at 2:04 PM, Mark Andrews wrote:
>
> I wish people would actually read RFC 1918.
>
> Category 1: hosts that do not require access to hosts in other
> enterprises or the Internet at large; hosts within
> this category may use IP addresses th
On Tue, Feb 8, 2011 at 3:08 PM, wrote:
> On Tue, 08 Feb 2011 14:59:12 PST, George Herbert said:
>
>> It's easy to say "Well, foo on them", but for those of us who provide
>> services or consulting to those who failed to follow the directions,
>> we still
On Tue, Feb 8, 2011 at 6:54 PM, David Barak wrote:
>
>
>>From: R. Benjamin Kessler
>
>>>From: George Herbert [mailto:george.herb...@gmail.com]
>
>>>"Let's just grab 2/8, it's not routed on the Internet..."
>
>>+1
>
>&g
On Wed, Feb 9, 2011 at 12:05 PM, Iljitsch van Beijnum
wrote:
> [...] Once we're at 128-bit addresses then we can migrate to IPvA (7 - 9 are
> already taken) without much trouble. But then, 32-bit ASes interoperate with
> 16-bit ones with no trouble and still after a decade the support for that i
On Wed, Feb 9, 2011 at 1:17 PM, Jon Lewis wrote:
> On Wed, 9 Feb 2011, Crooks, Sam wrote:
>
>> Is it permissible, from a policy perspective, for a multi-homed end user
>> to announce the numbering resource allocation received from one RIR (for
>> discussion purposes, let's say ARIN) to upstream se
On Wed, Feb 9, 2011 at 6:11 PM, Fred Richards wrote:
> On Wed, Feb 9, 2011 at 6:47 PM, George Bonser wrote:
>
>> I have yet to see a broadband provider that configures a network so that
>> individual nodes in the home network get global IPs.
>>
>
> One huge reason to adopt ipv6.
Any of the ones
On Mon, Feb 14, 2011 at 3:08 PM, Adrian Chadd wrote:
> There's a wikipedia article:
>
> http://en.wikipedia.org/wiki/AS_7007_incident
>
> .. that a post I wrote up for a local computer club magazine somehow suffices
> as primary reference material for.
>
> Even though I think this is partially hil
Related topic - ACM's CHIMIT (Computer Human Interfaces for the
Management of Information Technology) workshop 2010 was co-located
with the Usenix LISA conference this year
(http://www.chimit10.org/home.html); I was on a panel discussion on
mobile devices in system administration.
This topic and t
On Tue, Mar 8, 2011 at 1:32 PM, Randy Bush wrote:
>> Even more suspicious is the fact that there is no organisational
>> information attached to the request and the sender used a gmail
>> address. They supplied an Indian telephone number.
>
> it is about this point where i realize that i am overlo
On Tue, Mar 8, 2011 at 8:40 PM, Owen DeLong wrote:
> You have ignored the probability of disaggregation due to IP trading markets,
> especially
> given the wild-west nature of the APNIC transfer policy.
>
> Many of the legacy blocks will get dramatically disaggregated in the likely
> market whic
On Wed, Mar 9, 2011 at 9:28 AM, Owen DeLong wrote:
>
> On Mar 9, 2011, at 4:06 AM, Arturo Servin wrote:
>
>>
>> On 9 Mar 2011, at 07:18, Joel Jaeggli wrote:
>>>
>>> one of these curves is steeper than the other.
>>
>> That's what we wanted for the first one.
>>
>>>
>>> http://www.cidr-report
We're seeing damage in harbors on the west coast - live imagery of
Santa Cruz harbor with multiple piers broken up, boats loose, boats
sunk, from local geography focusing waves that were only 2-3 foot
surges (personal Ouch - I used to own a boat in that harbor). Phone
reporting from Crescent City
On Fri, Mar 11, 2011 at 8:14 PM, Jeff Wheeler wrote:
> It's the same thing that happens if you toss a /8 on an IPv4 LAN and
> start banging away at the ARP table, while expecting all of your
> legitimate hosts within that /8 to continue working correctly. We all
> know that's crazy, right?
This
On Tue, Mar 22, 2011 at 6:20 PM, Ryan Malayter wrote:
>
>
> On Mar 22, 7:47 pm, Jeff Kell wrote:
>> Now getting "We re sorry, the Netflix website and the ability to
>> instantly watch movies are both temporarily unavailable." out of Charter.
>>
>> Campus getting same routed via 1239 209 2906.
>>
On Thu, Mar 24, 2011 at 2:39 PM, Franck Martin wrote:
>
>
> - Original Message -
>> From: "Roland Dobbins"
>> To: "nanog group"
>> Sent: Friday, 25 March, 2011 9:33:27 AM
>> Subject: Re: The state-level attack on the SSL CA security model
>> On Mar 24, 2011, at 6:41 PM, Florian Weimer wr
On Tue, Apr 5, 2011 at 1:01 PM, Matthew Petach wrote:
> On Tue, Apr 5, 2011 at 12:17 PM, Jack Carrozzo wrote:
>> Anycast works.
>>
>
> ...with some caveats.
>
>> [...] we are looking for ideas on
>>> how to 1) ensure clients are routed to the closest geographical server 2)
>>> ensure the client h
On Tue, Apr 5, 2011 at 2:54 PM, Patrick W. Gilmore wrote:
> On Apr 5, 2011, at 4:12 PM, George Herbert wrote:
>
>> I've seen that with clients. It seems like there's a promised anycast
>> land, out where Akamai is (where you really do have "local" nearly
&
On Fri, Apr 15, 2011 at 6:52 AM, Marshall Eubanks wrote:
>
>
> On Apr 15, 2011, at 9:37 AM, Greg Moore wrote:
>
>> When I did this years ago I found 5 was really a minimum so that I could
>> cover weekends and then had extra coverage as needed during the week.
>>
>> I did find it was good to swap
On Mon, May 2, 2011 at 2:04 PM, Jeroen van Aart wrote:
> valdis.kletni...@vt.edu wrote:
>>
>> On Mon, 02 May 2011 12:27:34 PDT, Jeroen van Aart said:
>>
>>> It surprised me because I, perhaps naively, assumed IT workers in general
>>> have a rather broad knowledge
>
>> Sorry to break it to you.
>
On Thu, May 5, 2011 at 10:45 AM, Ryan Malayter wrote:
>
>
> On May 1, 2:29 pm, Jeff Wheeler wrote:
>
>> What it really boils down to is this: if application developers are
>> doing their jobs, a given service can be easy and inexpensive to
>> distribute to unrelated systems/networks without a hug
On Thu, May 5, 2011 at 11:03 AM, Michael Holstein
wrote:
>
>> We have a door-way that said server cabinet must fit through, measuring up
>> at 620mm.
>>
>>
>
> A 24" door? .. dang, that's tiny. Did someone mix up OD and ID when
> considering what a 19" rack meant?
>
>
>> 1) Have you ever had to fi
On Sat, May 7, 2011 at 6:49 AM, Support wrote:
> Can anyone give me their recommendation for current hardware to take 2 x
> full BGP feeds over 1Gb/s ports with a third Gb port for the local network?
>
> I did this about 6/7 years ago with a Cisco 7200VXR NPE300 256MB RAM
> but I'm guessing things
On Thu, May 12, 2011 at 2:58 PM, Dorn Hetzel wrote:
>>
>> Does no one remember EGP? ASNs are MUCH older than BGP. And we were
>> using BGPv3 prior to the existence of V4. We used BGPv4 back in the days
>> when Tony Li would chastise us for reporting a bug in a 10 day old Cisco
>> build saying that
On Thu, May 12, 2011 at 3:44 PM, Jay Ashworth wrote:
> - Original Message -
>> From: "Valdis Kletnieks"
>
>> On Thu, 12 May 2011 14:53:53 CDT, Michael Sabino said:
>> > If you are a big corporation, and it is 1995, how likely is it that
>> > you'll utilize bgp for advertising your address
On Mon, Jun 6, 2011 at 3:39 PM, wrote:
>
> its not always about money. sometimes its reputation.
And also reasonably hygene, and both individual and community self defense.
There are some less competent network operators out there (and even
good ones have bad days). And some of the people out
As much as I admire a good pointless wide-ranging political and human
rights flame-war, this is not even vaguely on topic for NANOG, and
everyone posting content here on this should be ashamed of themselves.
Free speech is a wonderful thing to have, but that is not a mandatory
requirement that eve
On Fri, Jun 10, 2011 at 7:03 PM, Owen DeLong wrote:
>> And like I said before, we have more pressing things to do than tinker some
>> more with DHCPv6.
>
> Meh... We can achieve a big win for relatively low cost very quickly and make
> IPv6 much
> more palatable to a wide audience of enterprise
Update: apparently Salt Typhoon got in through the Lawful Intercept systems at
ISPs.
https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=byoB7m
Some of you probably already knew, but was news to me…
-george
Sent from my iPhone
Sent from my iP
201 - 262 of 262 matches
Mail list logo
