Re: Cogent Question - Increments Question

JL> Date: Wed, 11 Feb 2009 19:13:59 -0500 JL> From: Jeffrey Lyon JL> With all due respect i'm not sure Cogent's sales practices are on JL> topic for this list. For those interested in this sort of discussion: Try the isp-bandwidth list instead. Eddy -- Everquick Internet - http://www.everquic

hardware choices (Re: real hardware router VS linux router)

DK> Date: Thu, 19 Feb 2009 09:30:16 -0500 DK> From: Deric Kwok [ snip ] Let's blur the line a bit more: CompactPCI? NICs such as those [apparently] offered by Cavium... or any other number of places working ARM/Freescale, MIPS, or PowerPC magic on NICs? What is "real" hardware, anyway? Would

help with connectivity check?

Please keep responses off-list to minimize clutter. Can anyone try ping/traceroute 204.10.190.1? DNS queries against same? Please let me know off-list if this FAILS, and what path you follow / how far you get. Many TIA, Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brots

Re: help with connectivity check?

EBD> Date: Wed, 18 Mar 2009 00:13:48 + (GMT) EBD> From: Edward B. DREGER Many thanks to all who have responded. I think/hope I have enough information now! Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/

Re: rack power question

PG> Date: Sat, 22 Mar 2008 22:02:49 -0400 PG> From: Patrick Giagnocavo PG> Hopefully this classifies as on-topic... PG> PG> I am discussing with some investors the possible setup of new PG> datacenter space. You might also try the isp-colo.com list. PG> Are there cases where more than 6000W pe

RE: Problems sending mail to yahoo?

FB> Date: Thu, 10 Apr 2008 13:48:52 -0500 FB> From: Frank Bulk FB> Q> Does Yahoo! use "greylisting" to reject messages? FB> A> No. FB> FB> http://help.yahoo.com/l/us/yahoo/mail/postmaster/postmaster-05.html First-hand observations trump claims. Eddy -- Everquick Internet - http://www.everquick

Re: [NANOG] Level3 not honoring Broadwing contracts?

JA> Date: Tue, 29 Apr 2008 11:18:07 -0400 JA> From: Joe Abley JA> From recent threads, the increasing price of power and cooling makes JA> me think that colo providers would far rather have half the tenants JA> paying double the price than have to retrofit facilities that are JA> full to meet incr

[NANOG] FUS for IP space fragmentation (Re: fair warning: less than 1000 days left to IPv4 exhaustion)

Talk of IPv6 space hoarding and fragmentation. Ughh. Perhaps we can avoid repeating IPv4 mistakes with IPv6. Exponential problems need linear solutions. The method for handing out blocks is flawed. There's no need for linear stride-N allocations, assuming that a highly-sparse array is acceptab

[NANOG] leave the deck chairs alone (Re: fair warning: less than 1000 days left to IPv4)

RB> Date: Mon, 05 May 2008 05:00:32 +0200 RB> From: Randy Bush RB> i suggest we focus on how to roll out v6 Bingo. Or, I begin to wonder if door #2 might actually have merit: RB> or give up and get massive natting to work well (yuchhh!) For massive NATting to work well, one would need to spec

Re: [NANOG] FUS for IP space fragmentation (Re: fair warning: less than 1000 days left to IPv4 exhaustion)

EBD> Date: Sat, 10 May 2008 04:02:49 + (GMT) EBD> From: Edward B. DREGER EBD> Exponential problems need linear solutions. U that should read: Exponential problems need logarithmic solutions. (Activate... brain... before... engaging... fingers...) Eddy -- Everquick Intern

Re: Level3 tries cell-phone style billing scam on customers

PWG> Date: Thu, 31 Jul 2008 15:34:04 -0400 PWG> From: Patrick W. Gilmore PWG> Calling something a "tax" or "federally mandated" when it is not PWG> sounds both like a class action suit waiting to happen, and illegal PWG> enough to have the company at least fined. I agree. I'm probably not the on

Re: Is Usenet actually dead?

RES> Date: Tue, 05 Aug 2008 09:19:44 -0400 RES> From: Robert E. Seastrom RES> If trends have continued since last I looked at it, very manageable RES> after you take out the binaries. Insignificant if you could figure RES> out a way to get rid of the flames and spam. :) Usenet - binaries - flam

Re: ingress SMTP

JS> Date: Wed, 03 Sep 2008 11:56:51 -0400 JS> From: Justin Scott JS> Have you ever tried to have Joe Sixpack call BigISP support to ask JS> for an exception to a port block on his consumer-class connection JS> with a dynamic IP? In my experience, most people capable of preventing outbound 25/TCP

Re: Layer 2 vs. Layer 3 to TOR

On Fri, 2009-11-13 at 09:44 +0100, Tore Anderson wrote: > * Jonathan Lassoff > > > Are there any applications that absolutely *have* to sit on the same > > LAN/broadcast domain and can't be configured to use unicast or multicast > > IP? > > FCoE comes to mind. > and in a similar vein, ATAoE

Re: Password repository

On Wed, 2009-11-18 at 20:49 -0800, Darren Bolding wrote: > Pwman ...which has the HUGE advantage of being CLI (so useable over SSH sessions from network devices) and has tagging for searching large databases of passes. pwman3 is current version. For most OSs. I've even used it looped through a m

FW: news from Google

when is the European Union going to sue them for anti-trust, ala Microsoft? -Original Message- From: Seth Mattinen [mailto:se...@rollernet.us] Sent: Thursday, December 03, 2009 1:49 PM To: nanog@nanog.org Subject: Re: news from Google Jorge Amodio wrote: >> now Google DNS, anything mor

Re: Linux shaping packet loss

Apologies to all on handheld devices. If you're not into BSD or Linux TC operationally, skip this post. Due to my usual rambling narrative style for "alternative" troubleshooting I was going to mail this direct to the OP but I was persuaded AMBJ by a co-conspirator to post this to list in full. #

Re: Linux shaping packet loss

On Wed, 2009-12-09 at 08:02 +0200, Bazy wrote: > Hi Chris, > > Try setting txqueuelen to 1000 on the interfaces and see if you still > get a lot of packet loss. > Yes, good point and well worth a try. Rereading Chris's post about "250Mbps" and "forty queues", the "egress" could well be bumping

Re: Linux shaping packet loss

On Wed, 2009-12-09 at 06:38 +, gordon b slater wrote: > If 1000 is too high for your kit try pushing it upwards gradually from > the default of 100 meh! 6am+insomniac blues for a Gigeth it's more likely to be 1000 already, so push it up to 1 in stages - you get the idea.

Re: Consumer Grade - IPV6 Enabled Router Firewalls.

On Mon, 2009-12-14 at 00:58 -0800, Owen DeLong wrote: > However, UPnP is, at it's heart a way > to allow > arbitrary unauthenticated applications the power to amend your security > policy to their will. Can you possibly explain any way in which such a > thing is at all superior to no firewall at

Re: SORBS on autopilot?

On Mon, 2010-01-11 at 11:15 -0500, telmn...@757.org wrote: > > Anyone got some pointers on how to get off SORBS' Dynamic IP lists? > > Our solution was to find new IP space. It was hopeless. > > "me too"; for 2 of my old (smaller sized) customers in the last 4 or 5 month. Nothing seemed to wor

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

Dymo-style solutions are somewhat lacking when it comes to some complex boxes. Equipment configs, mods, firmware versions, etc can all be fitted onto a nice big sheet that can be slipped back into the rack without much problem in most cases A nifty solution I often claim to have invented in th

Re: ASR1002

Inline (and diverse) replies, as it's more of a rant, but slightly relevant to the list ops if not the OP topic: 1 - On Tue, 2010-01-19 at 15:50 +0800, NetYourLife2007 wrote (well, at least his mailer declared itself to be...): > Mailer: > Foxmail 6, 15, 201, 22 [cn] Kenny's mail client may be

Re: OT: old farts recollecting -- Re: ASR1002

On Tue, 2010-01-19 at 11:00 -0500, Jim Mercer wrote: > for days now, i've been trying to remember a quotation, which i vaguely seem > to remember popping up in trn/nn or some USENET newsreader of old, along > the lines of: > > "the telephone, once commonly available in cities, " > > or someth

Re: OT: old farts recollecting -- Re: ASR1002

On Tue, 2010-01-19 at 17:42 -0800, Bill Stewart wrote: > Could the comment actually have been about pay telephones, which were > once common in cities? > Good point Bill, which, if so, would place the comment at or about the start of the cellfone introduction. @Jim, maybe it's more a telco/2600

Re: OT: old farts recollecting -- Re: ASR1002

On Wed, 2010-01-20 at 03:35 -0500, Jim Mercer wrote: > "The telephone, for those of you who have forgotten, was a commonly used > communications technology in the days before electronic mail. > They're still easy to find in most large cities." -- Nathaniel Borenstein Oh, the irony. A quote from M

Re: Emergency power generators

On Thu, 2010-01-21 at 13:17 -0600, Joe Greco wrote: > Seriously, "talk to your vendor." You can frequently get gear with > remote reporting, some of it will do dry contact or even talk RS232. > If you can not, a lot of it can be measured anyways. > > If your gear doesn't "support" it, talk to g

Re: Anyone see a game changer here?

On Thu, 2010-01-21 at 23:19 -0600, James Hess wrote: > On Thu, Jan 21, 2010 at 9:52 PM, Gadi Evron wrote: > > It is not as if there are a wealth of alternatives. There are still > many cases, where IE or MSHTML components are a pre-requisite, to > access a certain product that is important

Re: Strange Cisco 6503 problem

On Thu, 2010-01-28 at 18:36 -0500, Steven Bellovin wrote: > Actually, it's not at all surprising, but it depends on the UART or > equivalent. and the dynamic characteristics of the power rails, to a certain extent. Sun kit is quite sensitive to this sort of thing. Zonker has a good guide to what

Re: Mitigating human error in the SP

On Tue, 2010-02-02 at 12:26 +, gb10hkzo-na...@yahoo.co.uk wrote: > Nothing in the IT / ISP / Telco world is ever going to be perfect, > far too complex with many dependencies. Yes you might play in your > perfect little labs until the cows come home . but there always > has been an

Re: Adopt‐an‐Haitian‐Internet‐techn ician‐or‐facility

On Mon, 2010-02-08 at 12:47 -0500, Steven Bellovin wrote: > As a matter of form, how might one check out the legitimacy of requests like > this? (No, I don't think this one is fake...) (it isn't, for the benefit of any casual observers) Technically, a `Very Good Point`. We'd all like to think w

Re: black listing of web traffic

On Tue, 2010-02-09 at 17:04 -0500, Andrey Gordon wrote: > Thx to all the folks replying off the list. > > The more I trouble shoot the more I'm convinced that it's not the sites that > are doing rate-limiting. I went to a website of one of my previous employers > (a small company). Chances of them

Re: black listing of web traffic

On Tue, 2010-02-09 at 17:44 -0500, Andrey Gordon wrote: > What I don't get is why there is consistency in opening sites. Why does > facebook open all the time and store.apple.com barely opens all the time. > I'd say if it would be NAT exhaustion, they would all behave the same way > meaning open an

Re: Email Portability Approved by Knesset Committee

On Tue, 2010-02-23 at 13:38 +1100, Mark Andrews wrote: > In message <201002230227.o1n2radp021...@mail.r-bonomi.com>, Robert Bonomi > write > s: > > Quick! Somebody propose a snail-mail portability bill. When a renter > > changes to a different landlord, his snail-mail address will be optionally

Re: Email Portability Approved by Knesset Committee

On Mon, 2010-02-22 at 21:20 -0800, Dave CROCKER wrote: > In general, a core problem with the Knesset law is that it presumes > something > that is viable for the phone infrastructure is equally - or at least > tolerably - > viable in the email infrastructure. Unfortunately, the details of the >

Re: log parsing tool?

On Mon, 2010-02-22 at 18:14 -0600, Dale W. Carder wrote: > Take a look at SLCT, also by Risto Vaarandi: > > http://ristov.users.sourceforge.net/slct/ > > SLCT can parse huge amounts of logs very fast. We use it to > crunch firewall logs and also to find ports that are flapping > excessively. +1

Re: Email Portability Approved by Knesset Committee

On Tue, 2010-02-23 at 10:53 +, Leigh Porter wrote: > > Just wait till customers start wanting to take their IP address with > them when they move... Oh wow, I think I've still got a log (somewhere) of all the dialup IPs I was assigned during the early 90s. Since I might be able to claim them

Re: Email Portability Approved by Knesset Committee

On Tue, 2010-02-23 at 09:34 -0500, Jeff Kell wrote: > Well, clearly, the planet just needs to join Active Directory, and the > user convert to Outlook, and use the Global Address List, and... > Ahem! If they (M$) were to go back to the LDAP specs, they could save a lot of time. They could even

Re: 1.0.0.0/8 route from MERIT ?

On Wed, 2010-02-24 at 14:21 -0500, Jim Popovitch wrote: > 2010/2/24 Alex H. Ryu : > > > > Today I jumped into one of our routers, and I found that 1.0.0.0/8 is > > announced from AS237, which is MERIT. > > IIRC, there was an email/wiki/announcement last month about 1/8 > undergoing some testing so

Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]

On Fri, 2010-02-26 at 09:40 -0600, Jorge Amodio wrote: > I guess nobody needs ITU-T anymore, or do we ? ZCZC well, from vague memory, H.264, G711/729, H323, X.509 were/are ITU-T standards - maybe X.25 too though I could have that one wrong. I'll just sit on the fence: as an old radiocomms guy,

Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]

On Fri, 2010-02-26 at 09:09 -0800, Kevin Oberman wrote: > Oh, and X.25 and X.509 are from an older organization that merged into > the ITU-T when it was created, the CCITT (International Telegraph > and Telephone Consultative Committee). It became the ITU-T in 1992. Yeah, CCITT - thanks for the jo

Re: Future timestamps in /var/log/secure

On Fri, 2010-02-26 at 11:29 -0700, Brielle Bruns wrote: > Isn't the timestamps inserted by syslog rather then the reporting > program itself? > that's my understanding also (clarification: syslogs of your server have timestamps of your syslegsserver's time, IMHO) eg: on my Debain systems I don't

Re: Future timestamps in /var/log/secure

On Fri, 2010-02-26 at 10:51 -0800, Wade Peacock wrote: > I was thinking timezone but we are PST (-8:00) so I can not explain > the > +12:00 difference. whois gives India? 12 hrs maybe? From a brief recon of it looks a bit, shall we say, "soft" - get your hat on just in case. I can confirm that c

Re: Future timestamps in /var/log/secure

On Fri, 2010-02-26 at 10:55 -0800, Wade Peacock wrote: > the proftpd line happened to be the next line in the log. the > next simular ssh lines looks like (duplicate removed) > > Feb 26 10:08:48 mx sshd[22165]: Did not receive identification string from > UNKNOWN > Feb 26 10:09:27 mx sshd[22261]

Re: Future timestamps in /var/log/secure

On Fri, 2010-02-26 at 13:17 -0600, William Pitcock wrote: > On Fri, 2010-02-26 at 11:29 -0700, Brielle Bruns wrote: > > Isn't the timestamps inserted by syslog rather then the reporting > > program itself? > > The syslog message sent to the local unix socket (/dev/log > or /dev/syslog) may contai

Re: Locations with no good Internet (was ISP in Johannesburg)

On Fri, 2010-02-26 at 19:20 -0500, Daniel Senie wrote: > Hopefully someone will bother to cover the rural areas with cell > service eventually. > I'm finding a fair number (about 40%+) of the tech-savvy "must-have-for-business-emails" users here in very rural UK out of reach of RA-ADSL) are usin

Re: Cisco hardware question

On Thu, 2010-03-04 at 16:46 -0700, Brielle Bruns wrote: > fsck is not just for failing hard drives. fsck is used any time you > want to check a disk (may it be ssd, optical, magnetic) for any kind of > errors or inconsistencies. It's a standard part of any UNIX toolkit. > > On Linux systems w

Re: Cisco hardware question

On Thu, 2010-03-04 at 19:16 -0500, Ricky Beam wrote: > It's a DOS FAT > filesystem. h. hmm. FAT. Ah well, there must be a reason I guess. Not exactly what I'd choose for a high security snort box ;) But, horses for courses I suppose. Yes, as others say, good idea to check the s/n'

Re: Need advise for a linux firewall

On Thu, 2010-03-11 at 11:00 -0500, Abdul Nazeer wrote: > iptables, but if anyone has any other suggestion, I'd love to hear it. PFsense, (being freeBSD-based, comes under your "other" category) It uses the OpenBSD-based pf firewall, with a web-based GUI for almost everything (except maybe consol

Re: Need advise for a linux firewall

On Thu, 2010-03-11 at 09:01 -0800, Marty Anstey wrote: > +1 for pfsense. I've been running it for over 18 months with no problems > whatsoever. It does everything I needed it to do, and quite a bit more. actually, reading back on the nanog list for a few plays (playing catch-up here) pfsense wou

Re: OBESEUS - A new type of DDOS protector

On Tue, 2010-03-16 at 04:47 +0100, Guillaume FORTAINE wrote: > c) Its code is Open Source. > > http://www.loud-fat-bloke.co.uk/tools/obeseusvB.tar.gz > > > My conclusion is that I give far more credit to Obeseus than to Arbor > Networks. > Hmm, the "hey! it's open source!" factor doesn't hol

Re: Network Naming Conventions

On Mon, 2010-03-15 at 18:51 -0400, Patrick W. Gilmore wrote: > but they just don't realize how many there are. wow, deja-vu ! A few years ago I went into a large SSI infrastructure undergoing reconfiguration where the cluster nodes were named along the lines of biscuits, pizzas, vegetables, sw

Re: NEED ANY LINK OR SAMPLE TEMPLATE FOR ROUTINE NETWORK (ISP) MAINTENANCE PLAN

On Tue, 2010-03-16 at 12:03 +0300, sakthi vadivel wrote: > Hi all, > > If someone have come across with this topic "Network / preventive > maintenance plan”, please offer me some url to obtain more info on this. > > Regards, > > sakthi > Maybe this will help / give some ideas about further rea

Re: Network Naming Conventions

On Tue, 2010-03-16 at 14:15 +0100, Pierre-Yves Maunier wrote: > par = city (Paris, using the 3 letters IATA City code, not the Airport code > such as CDG for Paris) definitely +1 for IATA city codes. Less problems than the airport ones. ^

Re: anti-ddos test solutions ?

On Wed, 2010-03-17 at 07:45 +0100, jul dit: > But a solution to test basic attack (synflood, slowloris, socktress, > ...) with 10 to hundred computers would be interesting, so not a tool > but more a service. > > Found only Parabon [1] on Google > > Does someone know something similar ? If you h

Re: anti-ddos test solutions ?

On Wed, 2010-03-17 at 08:07 +, gordon b slater wrote: (large file as input), iperfs or nmap+nmapscripting) through a _good_ > switch stack. Set a low mtu on the interfaces for maximum pps. ^ ~fail~ correcting myself: set low packet/payload sizes (fragment

Re: Using private APNIC range in US

On Thu, 2010-03-18 at 14:50 -0400, Daniel Senie wrote: > As you note, debugging this type of thing is often not intuitive, as > everything appears to work from almost everywhere I got curious yesterday and set off a couple (very slow {option -T0}, very polite, very restrictive) nmap single port sc

Re: Using private APNIC range in US

On Fri, 2010-03-19 at 06:08 +, gordon b slater wrote: > It looks like chaos-squared out there. I don't envy anyone fathoming > that stuff out for real. clarification: `chaos` due to our ISP running internal boxes on the range in question, rather than external chaos. The implic

Re: Google's PUE

> > On Oct 1, 2008, at 2:04 PM, Martin Hannigan wrote: > > >> Personally, I think only a self-owned DC could get that low. A > >> general purpose DC would have too many inefficiencies since someone > >> like Equinix must have randomly sized cages, routers and servers, > >> custom-built suites, e

Re: The DDOS problem & security BOF: Am i mistaken?

> > Vixie, Conrad, Manning, Woodcock, Curran, Plzak, Ed Lewis, etc all > worked together at ARIN, and have had 22 ARIN employees attend NANOG, > including the ARIN executive secretary. ARIN is giving NANOG $50,000 > checks, even though the Board members have undisclosed conflicts of > interest. A

Re: The DDOS problem & security BOF: Am i mistaken?

> > >> Vixie, Conrad, Manning, Woodcock, Curran, Plzak, Ed Lewis, etc all > >> worked together at ARIN, and have had 22 ARIN employees attend NANOG, > >> including the ARIN executive secretary. ARIN is giving NANOG $50,000 > >> checks, even though the Board members have undisclosed conflicts of >

Re: Sprint / Cogent dispute over?

> > On Sun, Nov 02, 2008 at 04:40:20PM -0500, Randy Epstein wrote: > > Problem resolved? > > https://www.sprint.net/cogent.php > Check out the of the document. Me thinks it was a rush job to post up the page and a bit of cut/paste was done. ;) Tuc

Re: Potential Prefix Hijack

> > On Tue, 11 Nov 2008, Mark Tinka wrote: > > Anyone know how we can contact AS16735 and their upstream > > AS27664. We think they are hijacking a number of our > > prefixes (AS24218- and AS17992-originated). > > Have you tried CERT-BR? Uh... I was about to say "they're usu

Re: Potential Prefix Hijack

> > Hi! > > > We were hijacked aswell, by 27664 16735 > > > > Our affected prefixes were: > > > > 94.46.0.0/16 > > 194.88.142.0/23 > > 194.11.23.0/24 > > 82.102.0.0/18 > > 195.246.238.0/23 > > 194.107.127.0/24 > > 81.92.192.0/19 > > 193.227.238.0/23 > > > > We are trying to contact them in order

Cable re-management

datatel closets that REALLY need color coding, cables cut to length, A-B labeling, etc. For an added bonus, they would potentially be able to build out an entire FLOOR of a building from scratch. Private replies please, will summarize to any who ask. Thanks, Tuc/TBOH

MetroOptical - Anyone know of them?

Hi Guys, We saw them (metrooptical.com) mentioned in Capacity Magazine, but trying to do any other investigation ends up flat. Website hosted at Godaddy, NIC records give a PO Box (So does the website), etc. Anyone know anything about them? Offlists appreciated.

DDOS - How much is "too much"?

Hi, I have a client who prior to me settled into a non-carrier-neutral facility. They were approached this week for "DoS/DDoS protection" which they could buy in X Mb/s, 2xX Mb/s or 4xX Mb/s scrubbing solutions. Maybe I've been out of the running my larger Managed Server Hosting C

Email lists pertaining to NA colo sites?

Hi, I was wondering if someone was running a single repository of lists run by either Colo sites, or others in support of colo sites, in the North America. (Like for 25 Broadway {Adam?}, or even more specifically 118th, 5th floor, room 518 and anyone that might be in that room in the next

Re: ASN Name of the week

> > > This just appeared in my BGP > > ASN Number NameHandle > Location Organization >40543 1-800-GOT-JUNK [ABI19-ARIN] > {Vancouver, BC, CA} 1-800-GOT-JUNK > > I guess somebo

Re: San Francisco Power Outage

> On Jul 24, 2007, at 6:54 PM, Seth Mattinen wrote: > > > > I have a question: does anyone seriously accept "oh, power trouble" > > as a reason your servers went offline? Where's the generators? UPS? > > Testing said combination of UPS and generators? What if it was > > important? I honestly

Re: ASN Name of the week

> Hi, > > ASNV6, no clue... but 32-bit ASN are already prepared, at least in > the registry world. > It was just a joke, since the AS is getting high up there in the 2 byte range (2/3's of the available ones down I think) and was implying that moving to 4 byte would be as fast/efficient/

nanog@nanog.org

> Cisco's problem seems to be have been resolved. > > Also see: > > http://blogs.cisco.com/news/2007/08/update_ciscocom_site.html > > Thanks to everyone for their verification. :-) > I heard, from incredibly unreliable sources, that Cisco was testing a new router that included a flywh

Do I or RR need dns clue?

Hi, Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute i

Re: [NANOG] Routing table for BGP

> > Hi, > > > I would like to know what route should i accept from internet full or > partial? > if Partial then what routes should i accept? and how many route does my > router have if i will go for Partial routing table? > > actually I am trying to understand it by concept... my organization

Re: [NANOG] IOS rootkits

> > > > I'd love to know what magical mystical protection your routers have that > > will > > enable them to avoid the same fate as every other device and operating > > system > > has. There's only one thing up there that doesn't have known rootkits > > in the wild. Yet. > > > The question

Re: Hurricane season starts June 1: Carriers harden networks

> > > > > > The official spokespeople don't mention it, but there is also a tendency > > for local officials to divert fuel delivery trucks for their use instead > > of maintaining communication facilities. > > > > Perhaps a company will get in the business of labeling trucks that > normally

Re: Hurricane season starts June 1: Carriers harden networks

> > > On May 27, 2008, at 6:47 PM, Jerry Dixon wrote: > > > Jared nailed it on the head. It is absolutely critical to get to > > know who > > your State JFO POC is, State EOC POC, and have the National > > Communication > > Systems Hotline on speed dial or at least in your cell. They can h

Network meltdowns anywhere in US?

Hi, Sorry, would have posted this elsewhere, but I can't get to alot of places... I originally started chasing not being able to get to 71.74.56.243 (RR Mail server). I then found out neither L3 nor my other connection saw it in the table. I checked a few other router servers, so

Re: Network meltdowns anywhere in US?

> On Wed, May 28, 2008 at 4:05 PM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> wrote: > > > Hi, > > > >Sorry, would have posted this elsewhere, but I can't get > > to alot of places... > > > >I originally started chasing not bein

Re: Network meltdowns anywhere in US?

> On Wed, May 28, 2008 at 4:05 PM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> wrote: > > > Hi, > > > >Sorry, would have posted this elsewhere, but I can't get > > to alot of places... > > > >I originally started chasing not bein

Re: L3/RR "incident" (Previously Network meltdowns anywhere in US?)

Hi, Another case of getting much better help via NANOG than through a NOC. Turns out there was an issue, and it subsequently was fixed in a relatively small timeframe. Atleast a /20 of RR was not visible inside of L3, I'm not sure if it was more. Thanks again to those pe

Re: [OFFTOPIC] Re: NANOG NYC Event

> > Datavision on 5th avenue near 40th street (Manhattan) has saved me in a > pinch when I've needed multimode cables (still dunno where to buy smf at > a retail shop in nyc). > Just be careful you pay 100% attention to what you want and what you get. I went for a disk drive, brought it

Re: NANOG NYC Event

> NYC is so large and interesing that I wouldn't spend much time chasing > food. You're in foodie heaven. See the Statute of Liberty, the 9/11 > memorial, Empire State Building, ride the subway, go to Hoboken, or > catch a glimpse of the UN. All great sites. Personally, I'd like to > find a karaoke

Re: How not to make an error page (was: OT: www.Amazon.com down?)

Maybe they should buy time on their own EC2 if they are short of webservers. :) The staus page http://status.aws.amazon.com/ shows them "Green and Clean" Tuc > > I've no idea what Amazon uses for Load Balancers, but I'm pretty sure > that error message is the default erro

Re: Cable Colors

> > Hello Newbie here (hopefully I have the correct list), > > I was just wondering if anyone knows of a website with recommended > colors for cables for a new datacenter? > I have written some things down but I don't want to get stuck saying > 'darn, I wish I would have bought this color for thi

Re: ICANN opens up Pandora's Box of new TLDs

p://www.gtld-mou.org/gtld-discuss/mail-archive/00990.html There was a procedure, people followed it, and IANA decided to go other ways with it. Now years later there is all this red tape restricting things. And if the "powers that be" decide to go back to it, you can replace

Re: ICANN opens up Pandora's Box of new TLDs

/. mentioned .dot, so you could tell someone to go to: > > eych tee tee pee colon slash slash slash dot dot dot > Yea, I thought that was funny when I owned www . wwwdotnet . net tooLost a bit later on trying to explain to people. Then again TTSG (PPFG? TPSG? TPFG

Re: what problem are we solving? (was Re: ICANN opens up

> > One way to provide protection is too allow those who have the domain portion > of any domain.(com|net|org|...) to have first dibs for the domain of any new > gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have first dibs > on nanog.thisisgreatstuff. > > Or is that too simplistic a

Re: ICANN opens up Pandora's Box of new TLDs

> > This requires serious elaboration. How could you use a domain in > > ".exe" to actually attack someone? (No handwaving, please, actual > > study.) > > > > I think it would be the other way around - I would assume that that > was a near worthless TLD, as it > would come with a built in DOS :

Re: ICANN opens up Pandora's Box of new TLDs

> > You do have a choice if you're not concerned about the deliverability of > your e-mail. Remember, the Internet remains a group of service > providers/organizations/subscribers that voluntarily work together and can > choose what goes in or out. And so if they decide not to receive traffic >

Re: Multiple DNS implementations vulnerable to cache poisoning

> Reading through the JavaScript that drives , > it appears to be pretty easy to write a non-AJAX client to query Dan's > service. I threw one together in perl, named "noclicky", that allows you > to use Dan's service against any nameserver specified on the command line. >

Re: Exploit for DNS Cache Poisoning - RELEASED

> > Now, there is an exploit for it. > > http://www.caughq.org/exploits/CAU-EX-2008-0002.txt > For anyone looking to use it, you MUST update the frameworks libraries. Some of the code only came out ~5 hours ago that it needs. Tuc/TBOH

Re: Exploit for DNS Cache Poisoning - RELEASED

> - -- "Robert D. Scott" <[EMAIL PROTECTED]> wrote: > > >Now, there is an exploit for it. > > > >http://www.caughq.org/exploits/CAU-EX-2008-0002.txt > > Now also (mirrored) here: > > http://www.milw0rm.com/exploits/6122 > > ...and probably a slew of other places, too. ;-) > The change

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

> > Jorge Amodio wrote: > > > /etc/hosts rulez !!! :-) > > Wonder if SRI wstill has the files. > Using the methods in RFC-952 and RFC-953 I wasn't able to get them. I can't find if there is an updated RFC/name to use. Tuc/TBOH ;)

Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

> > Jorge Amodio wrote: > > > /etc/hosts rulez !!! :-) > > Wonder if SRI wstill has the files. > UNOFFICIAL copy from 15-Apr-94 : http://ftp.univie.ac.at/netinfo/netinfo/hosts.txt Tuc/TBOH

2nd Exploit for DNS Cache Poisoning - RELEASED

Hi, Not sure if anyone has seen yet, but there is a 2nd exploit being circulated. I just picked it up on metasploits SVN trunk The first was called "baliwicked_host", and the description was : This exploit attacks a fairly ubiquitous flaw in DNS implementations which Dan Kam

Re: 2nd Exploit for DNS Cache Poisoning - RELEASED

> - -- "Tuc at T-B-O-H.NET" <[EMAIL PROTECTED]> wrote: > > >Not sure if anyone has seen yet, but there is a 2nd > >exploit being circulated. I just picked it up on metasploits > >SVN trunk > > I haven't seen that one yet, but I just ran acr

Re: Exploit for DNS Cache Poisoning - RELEASED

> > On Thu, Jul 24, 2008 at 10:32 AM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> > wrote: > > > > - -- "Robert D. Scott" <[EMAIL PROTECTED]> wrote: > > > > > > >Now, there is an exploit for it. > > > > > > > >

Re: So why don't US citizens get this?

Hi, So far with 2 test messages, neither have been delivered. It also does claim it leaves your IP in the email so there IS some "tracking" approximately where it came from. I can't verify, of course, since 2 messages have gone into never never land for me. Doesn't look like it ever got d

Silly PUCK/Outages question

Hi, I hate to use NANOG for outages... But can anyone else get to puck.nether.net or the outages.org list? A traceroute gets me into Chicago with NTT and then dies...(Along with high ping times between NY and IL for NTT) I'm looking to see if anyone has more info about an S&D pow

<    1   2   3   4   >