Re: APNIC Privacy of customer assignment records - implementation update
> "Matthew" == Matthew Kaufman <[EMAIL PROTECTED]> writes: Matthew> The truth is, it doesn't even need to be a case of "grandma" Matthew> listed in the whois (though that is a legitimate issue these Matthew> days). If as an ISP, I list "Bob's Flower Market" (which has Matthew> a DSL line and IP addresses for every cash register and Matthew> order-fulfillment machine) in whois, all that does is: Matthew> A) Cause "Bob's Flower Market" to get spam at the address Matthew> harvested from whois, Are you talking about email spam or snail-mail here? Matthew> and Matthew> B) Cause people who have issues with virus-infected Matthew> machines to call Bob (who doesn't know jack about viruses) Matthew> instead of calling me (I can remotely shut him off until I Matthew> can drive over there with a CD full of anti-virus software), Matthew> and So list yourself as the contact (but not the network owner) rather than him. There's a world of difference between hiding the whole assignment (which means that, for example, I can't find out the extent of Bob's network in order to block the viruses he's spewing without also affecting traffic from the perfectly clean networks who have the bad luck to be assigned adjacent IPs) and making the contacts point to the ISP rather than the customer in cases where the ISP is the only competent technical contact. Matthew> C) Gives my competition Bob's name and phone number, so Matthew> they can try to sell him their DSL service instead. Cost of doing business. The operational requirements of the rest of the network, who _do_ have a substantial interest in being able to know where one customer network stops and another one starts, and the identity of the customer if it's a business, outweighs any inconvenience you might suffer as a result. Matthew> (Imagine the response if you asked any other local business Matthew> to post their complete customer list, with the names and Matthew> unlisted phone numbers of buyers, on the front door) I don't know about where you are, but where I live it's a legal requirement for any company to display its registered company name on every place where it does business. So if you're a provider of, say, office space, then yes, the complete list of your customers will be on the front door. (Your introduction of "unlisted phone numbers" into the argument is of course wholly spurious - the issue of how much contact info should be listed is a separate one from the issue of whether the network assignment itself should be listed.) Matthew> What it does NOT do is: Matthew> 1) Reduce the amount of virus traffic accountable to Bob Matthew> (might make it worse, if people call him instead of me), or But it stops me from reliably blocking Bob's network without affecting innocent parties who don't have a virus problem but do have adjacent IPs. Matthew> 2) Reduce the amount of spam in the world (probably Matthew> increases it, at least from Bob's point of view), or If Bob happens to be a spammer, it makes it harder to block his networks without affecting innocent bystanders. It makes it harder to detect that his provider is simply shuffling him around in response to blocks or complaints. It makes it harder to link up the connections between otherwise apparently separate spammers or spam gangs. I see no reason why there should not be some flexibility in the whois data regarding who is listed as a contact for what purpose, the extent of information required for listed contacts, etc. But there needs to be a stronger argument than just vaguely saying "privacy concerns" in order to justify not listing the extent of the IPs allocated, and the owner and business address of the recipient of the allocation except where the allocation is to a residential user. As for the ARIN proposal 2004-6, I notice that it would have the effect of essentially nullifying the requirements of the previously adopted policy 2003-5 (requirements for RWhois servers). That policy expressly states that reassignment info must be available to the public and not just to ARIN staff. There is nothing given in the rationale for 2004-6 to explain why 2003-5 should be summarily overruled in this way. -- Andrew, Supernews http://www.supernews.com
Re: Cisco moves even more to china.
Support, do not support... In realiity, Cisco today is not Cisco 5 years ago - it rapidly became very common and fat company. One of the reasons - outsourcing (instead of having 10 good engineers here, they use 100 bad engineers in India... /not beause Indians are worst, but because having 100 engineers, you will always have most of them bad). So, let's just wait a little. - Original Message - From: Joe Johnson To: [EMAIL PROTECTED] Sent: Thursday, September 23, 2004 9:15 PM Subject: Re: Cisco moves even more to china. While it is certainly an operational issue if there are no operators left (or on the flip side, too many), I think even that is quite a stretch. Perhaps the economic discussion can be completed elsewhere? Joe Johnson From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of JosephSent: Thursday, September 23, 2004 9:24 PMTo: [EMAIL PROTECTED]Cc: Suresh RamasubramanianSubject: Re: Cisco moves even more to china. Hello Suresh, I appreciate and respect your opinion. Please offer me that same respect in kind. I am aware of the fact of our diverse global economy and only think as many in US do we should be fair and equitable to all parties WORLDWIDE. Respectfully yours, JosephSuresh Ramasubramanian <[EMAIL PROTECTED]> wrote: Joseph [23/09/04 18:53 -0700]:> Don't Support OutsourcingI suggest you lead by example.> Don't buy from companies that outsource US jobs. Be very vocal andNow please go unplug all your cisco and juniper equipment.Then open up your servers and remove all the RAM / hard disks etc that aremade in Malaysia / Taiwan etc.Oh wait - check the labels on your clothes. The last Macy's I visited had awhole lot of shirts / trousers / underwear that had US brand names but wereall made in Vietnam / China / Bangladesh etc. You might want to strip themoff and wear just your own, all american skin.Sheesh. Please take it to Lou Dobbs, or if you have any more rationalarguments than these to advocate what looks like a boycott of ciscoequipment, please take it to somewhere like Dave Farber's IP .. lots ofposters there love to beat this dead horse even more than you do.srs Do you Yahoo!?New and Improved Yahoo! Mail - Send 10MB messages!
Re: Cisco moves even more to china.
While it is certainly an operational issue if there are no operators left (or on the flip side, too many), I think even that is quite a stretch. Perhaps the economic discussion can be completed elsewhere? Joe Johnson From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joseph Sent: Thursday, September 23, 2004 9:24 PM To: [EMAIL PROTECTED] Cc: Suresh Ramasubramanian Subject: Re: Cisco moves even more to china. Hello Suresh, I appreciate and respect your opinion. Please offer me that same respect in kind. I am aware of the fact of our diverse global economy and only think as many in US do we should be fair and equitable to all parties WORLDWIDE. Respectfully yours, Joseph Suresh Ramasubramanian <[EMAIL PROTECTED]> wrote: Joseph [23/09/04 18:53 -0700]: > Don't Support Outsourcing I suggest you lead by example. > Don't buy from companies that outsource US jobs. Be very vocal and Now please go unplug all your cisco and juniper equipment. Then open up your servers and remove all the RAM / hard disks etc that are made in Malaysia / Taiwan etc. Oh wait - check the labels on your clothes. The last Macy's I visited had a whole lot of shirts / trousers / underwear that had US brand names but were all made in Vietnam / China / Bangladesh etc. You might want to strip them off and wear just your own, all american skin. Sheesh. Please take it to Lou Dobbs, or if you have any more rational arguments than these to advocate what looks like a boycott of cisco equipment, please take it to somewhere like Dave Farber's IP .. lots of posters there love to beat this dead horse even more than you do. srs Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages!
Re: Cisco moves even more to china.
Hello Suresh, I appreciate and respect your opinion. Please offer me that same respect in kind. I am aware of the fact of our diverse global economy and only think as many in US do we should be fair and equitable to all parties WORLDWIDE. Respectfully yours, JosephSuresh Ramasubramanian <[EMAIL PROTECTED]> wrote: Joseph [23/09/04 18:53 -0700]:> Don't Support OutsourcingI suggest you lead by example.> Don't buy from companies that outsource US jobs. Be very vocal andNow please go unplug all your cisco and juniper equipment.Then open up your servers and remove all the RAM / hard disks etc that aremade in Malaysia / Taiwan etc.Oh wait - check the labels on your clothes. The last Macy's I visited had awhole lot of shirts / trousers / underwear that had US brand names but wereall made in Vietnam / China / Bangladesh etc. You might want to strip themoff and wear just your own, all american skin.Sheesh. Please take it to Lou Dobbs, or if you have any more rationalarguments than these to advocate what looks like a boycott of ciscoequipment, please take it to somewhere like Dave Farber's IP .. lots ofposters there love to beat this dead horse even more than you do.srs Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages!
Re: Cisco moves even more to china.
Joseph [23/09/04 18:53 -0700]: >Don't Support Outsourcing I suggest you lead by example. >Don't buy from companies that outsource US jobs. Be very vocal and Now please go unplug all your cisco and juniper equipment. Then open up your servers and remove all the RAM / hard disks etc that are made in Malaysia / Taiwan etc. Oh wait - check the labels on your clothes. The last Macy's I visited had a whole lot of shirts / trousers / underwear that had US brand names but were all made in Vietnam / China / Bangladesh etc. You might want to strip them off and wear just your own, all american skin. Sheesh. Please take it to Lou Dobbs, or if you have any more rational arguments than these to advocate what looks like a boycott of cisco equipment, please take it to somewhere like Dave Farber's IP .. lots of posters there love to beat this dead horse even more than you do. srs
RE: Cisco moves even more to china.
Hello Everyone, Hey, I feel your pain and am seeing the same things happen all over our industry. Sadly, globalization is not a new trend and it will never end but I think its time WE alter its course. Its time for all American Tech workers to stand up and let our voices be heard. Modern capitalism does create a race to the bottom effect for labor which seems to have no end. Workers world wide need to realize they are at risk for the same slippery slope we now see in the United States. No one is insulated. Unless we all mobilize and make our voices heard the economic landscape will leave us behind as another casualty. This made worse by the multinational corporation who's only desire is to satisfy stockholders needs. We as world citizens need to come to grips with the fact that we must compete with workers internationally but we should be doing so on FAIR playing field. Pure free market capitalism has no concept fairness and equity and no room for correcting the drastic changes that can sometimes cause great societal costs. Capitalism is not inherently bad but it is an imperfect system in need of much guidance. Historically the only way this system has been improved is by Labor action, political involvement and transparent government. Getting upset about job losses is useless and futile we need to take action! Don't Support Outsourcing Don't buy from companies that outsource US jobs. Be very vocal and call and mail these companies and let them know you will not support them. Let them know you are watching what they are doing and will vote with your Dollars. Check out the site below to look up any company. http://www.workingamerica.org/ Be Politically Active Be politically aware and active! Remain politically active and tell your state & local politician and the president that they need to be protective of American jobs and leveling the playing field in world wide labor market. Check out these links http://www.pbs.org/now/politics/outsourcedebate.html http://www.workingamerica.org/ Just my 2 cents. =) Jason Graun <[EMAIL PROTECTED]> wrote: I think the IT field as a whole, programmers, network guys, etc... are goingto go the way of the auto workers in the 70's and 80's. I am a CCIE workingand on a second one and it saddens me that all my hard work and advancedknowledge could be replaced by a chop-shop guy because from a businessstandpoint quarter to quarter the chop-shop guy is cheaper on the books.Never mind the fact that I solve problems on the network in under 30mins andsave the company from downtime but I am too expensive. I used to lovetechnology and all it had to offer but now I feel cheated, I feel like weall have been burned by the way the business guys look at the technology, asa commodity. Thankfully I am still young (mid 20's) I can make a careerswitch but I'll still love the technology. Anyway I am going to start thepaper work to be an H1b to China and brush up on my Mandarin.Jason-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ErikHaagsmanSent: Thursday, September 23, 2004 7:55 PMTo: Dan Mahoney, System AdminCc: Nicole; [EMAIL PROTECTED]Subject: Re: Cisco moves even more to china.On Fri, 2004-09-24 at 02:29, Dan Mahoney, System Admin wrote:> I've always personally taken anyone who said "but I'm an MCSE" with a > grain of salt. I've had equal respect for the A-plus and Net-Plus > certifications, which are basically bought.I take most certifications with a grain of salt, including degrees,unless someone clearly demonstrates he know's what he's talking about,is able to make intelligent decisions and learns new techniques quickly.In which case a certification is still just an add-on ;-)> I used to have more trust in the /CC../ certifications but I find I may be> laughing those off too quite soon.The vendor's introductory certs (CCNA, CCNP, JNCIA, JNCIS) don't sayanything about a candidate, except exactly that ("I got the cert"). CCIEand JNCIE are still at least an indicator someone was at a certain levelat the time of getting the certification, but are still no substitutefor experience and a brain in good working order. It's too bad therearen't better "general" (non-vendor specific) certs, since what oftenlacks is general understanding of network architecture and protocols. You can teach anyone the right commands for Vendor X and they'll prollyget a basic config going on a few nodes, but when troubleshooting timecomes it's useless without good knowledge of the underlying technology,which none of the vendor certs teach very well (IMHO anyway ;-)Cheers,Erik-- ---Erik HaagsmanNetwork ArchitectWe Dare BVtel: +31.10.7507008fax: +31.10.7507005http://www.we-dare.nl Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage!
Re: Cisco moves even more to china.
Oh Jesus cry me a river... People, you're in tech. It will never stop changing. That means you should never stop learning. If you stop learning, yes somebody else is going to take your job because as an area of tech matures, tools to manage it become better, less sophisticated people can do the job, and operational cost of that widget goes down. Do you really want to still be hand-editing BGP configs in 5 years time? Should web monkeys still make $80k for writing HTML? Go learn something new and be the badass at that and you'll keep making your 6 figure salary. Or, to look at it from a humorous point of view: It's just a matter of time until neurosurgeons will be coming from ITT tech. ;) John On Thu, Sep 23, 2004 at 08:12:47PM -0500, Jason Graun wrote: > > I think the IT field as a whole, programmers, network guys, etc... are going > to go the way of the auto workers in the 70's and 80's. I am a CCIE working > and on a second one and it saddens me that all my hard work and advanced > knowledge could be replaced by a chop-shop guy because from a business > standpoint quarter to quarter the chop-shop guy is cheaper on the books. > Never mind the fact that I solve problems on the network in under 30mins and > save the company from downtime but I am too expensive. I used to love > technology and all it had to offer but now I feel cheated, I feel like we > all have been burned by the way the business guys look at the technology, as > a commodity. Thankfully I am still young (mid 20's) I can make a career > switch but I'll still love the technology. Anyway I am going to start the > paper work to be an H1b to China and brush up on my Mandarin. > > Jason > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik > Haagsman > Sent: Thursday, September 23, 2004 7:55 PM > To: Dan Mahoney, System Admin > Cc: Nicole; [EMAIL PROTECTED] > Subject: Re: Cisco moves even more to china. > > > On Fri, 2004-09-24 at 02:29, Dan Mahoney, System Admin wrote: > > I've always personally taken anyone who said "but I'm an MCSE" with a > > grain of salt. I've had equal respect for the A-plus and Net-Plus > > certifications, which are basically bought. > > I take most certifications with a grain of salt, including degrees, > unless someone clearly demonstrates he know's what he's talking about, > is able to make intelligent decisions and learns new techniques quickly. > In which case a certification is still just an add-on ;-) > > > I used to have more trust in the /CC../ certifications but I find I may be > > > laughing those off too quite soon. > > The vendor's introductory certs (CCNA, CCNP, JNCIA, JNCIS) don't say > anything about a candidate, except exactly that ("I got the cert"). CCIE > and JNCIE are still at least an indicator someone was at a certain level > at the time of getting the certification, but are still no substitute > for experience and a brain in good working order. It's too bad there > aren't better "general" (non-vendor specific) certs, since what often > lacks is general understanding of network architecture and protocols. > You can teach anyone the right commands for Vendor X and they'll prolly > get a basic config going on a few nodes, but when troubleshooting time > comes it's useless without good knowledge of the underlying technology, > which none of the vendor certs teach very well (IMHO anyway ;-) > > Cheers, > > Erik > > > > -- > --- > Erik Haagsman > Network Architect > We Dare BV > tel: +31.10.7507008 > fax: +31.10.7507005 > http://www.we-dare.nl > > >
RE: Cisco moves even more to china.
On Thu, 23 Sep 2004, Jason Graun wrote: I think the IT field as a whole, programmers, network guys, etc... are going to go the way of the auto workers in the 70's and 80's. I am a CCIE working and on a second one and it saddens me that all my hard work and advanced knowledge could be replaced by a chop-shop guy because from a business standpoint quarter to quarter the chop-shop guy is cheaper on the books. Never mind the fact that I solve problems on the network in under 30mins and save the company from downtime but I am too expensive. I used to love technology and all it had to offer but now I feel cheated, I feel like we all have been burned by the way the business guys look at the technology, as a commodity. Thankfully I am still young (mid 20's) I can make a career switch but I'll still love the technology. Anyway I am going to start the paper work to be an H1b to China and brush up on my Mandarin. I've felt this way about things at times. It's why I'm getting my CDL. I highly doubt they can find a way to outsource *that* to some third-world country. -Dan Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Haagsman Sent: Thursday, September 23, 2004 7:55 PM To: Dan Mahoney, System Admin Cc: Nicole; [EMAIL PROTECTED] Subject: Re: Cisco moves even more to china. On Fri, 2004-09-24 at 02:29, Dan Mahoney, System Admin wrote: I've always personally taken anyone who said "but I'm an MCSE" with a grain of salt. I've had equal respect for the A-plus and Net-Plus certifications, which are basically bought. I take most certifications with a grain of salt, including degrees, unless someone clearly demonstrates he know's what he's talking about, is able to make intelligent decisions and learns new techniques quickly. In which case a certification is still just an add-on ;-) I used to have more trust in the /CC../ certifications but I find I may be laughing those off too quite soon. The vendor's introductory certs (CCNA, CCNP, JNCIA, JNCIS) don't say anything about a candidate, except exactly that ("I got the cert"). CCIE and JNCIE are still at least an indicator someone was at a certain level at the time of getting the certification, but are still no substitute for experience and a brain in good working order. It's too bad there aren't better "general" (non-vendor specific) certs, since what often lacks is general understanding of network architecture and protocols. You can teach anyone the right commands for Vendor X and they'll prolly get a basic config going on a few nodes, but when troubleshooting time comes it's useless without good knowledge of the underlying technology, which none of the vendor certs teach very well (IMHO anyway ;-) Cheers, Erik -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl -- "Don't be so depressed dear." "I have no endorphins, what am I supposed to do?" -DM and SK, February 10th, 1999 Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
RE: Cisco moves even more to china.
I think the IT field as a whole, programmers, network guys, etc... are going to go the way of the auto workers in the 70's and 80's. I am a CCIE working and on a second one and it saddens me that all my hard work and advanced knowledge could be replaced by a chop-shop guy because from a business standpoint quarter to quarter the chop-shop guy is cheaper on the books. Never mind the fact that I solve problems on the network in under 30mins and save the company from downtime but I am too expensive. I used to love technology and all it had to offer but now I feel cheated, I feel like we all have been burned by the way the business guys look at the technology, as a commodity. Thankfully I am still young (mid 20's) I can make a career switch but I'll still love the technology. Anyway I am going to start the paper work to be an H1b to China and brush up on my Mandarin. Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Haagsman Sent: Thursday, September 23, 2004 7:55 PM To: Dan Mahoney, System Admin Cc: Nicole; [EMAIL PROTECTED] Subject: Re: Cisco moves even more to china. On Fri, 2004-09-24 at 02:29, Dan Mahoney, System Admin wrote: > I've always personally taken anyone who said "but I'm an MCSE" with a > grain of salt. I've had equal respect for the A-plus and Net-Plus > certifications, which are basically bought. I take most certifications with a grain of salt, including degrees, unless someone clearly demonstrates he know's what he's talking about, is able to make intelligent decisions and learns new techniques quickly. In which case a certification is still just an add-on ;-) > I used to have more trust in the /CC../ certifications but I find I may be > laughing those off too quite soon. The vendor's introductory certs (CCNA, CCNP, JNCIA, JNCIS) don't say anything about a candidate, except exactly that ("I got the cert"). CCIE and JNCIE are still at least an indicator someone was at a certain level at the time of getting the certification, but are still no substitute for experience and a brain in good working order. It's too bad there aren't better "general" (non-vendor specific) certs, since what often lacks is general understanding of network architecture and protocols. You can teach anyone the right commands for Vendor X and they'll prolly get a basic config going on a few nodes, but when troubleshooting time comes it's useless without good knowledge of the underlying technology, which none of the vendor certs teach very well (IMHO anyway ;-) Cheers, Erik -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl
Re: Cisco moves even more to china.
On Fri, 2004-09-24 at 02:29, Dan Mahoney, System Admin wrote: > I've always personally taken anyone who said "but I'm an MCSE" with a > grain of salt. I've had equal respect for the A-plus and Net-Plus > certifications, which are basically bought. I take most certifications with a grain of salt, including degrees, unless someone clearly demonstrates he know's what he's talking about, is able to make intelligent decisions and learns new techniques quickly. In which case a certification is still just an add-on ;-) > I used to have more trust in the /CC../ certifications but I find I may be > laughing those off too quite soon. The vendor's introductory certs (CCNA, CCNP, JNCIA, JNCIS) don't say anything about a candidate, except exactly that ("I got the cert"). CCIE and JNCIE are still at least an indicator someone was at a certain level at the time of getting the certification, but are still no substitute for experience and a brain in good working order. It's too bad there aren't better "general" (non-vendor specific) certs, since what often lacks is general understanding of network architecture and protocols. You can teach anyone the right commands for Vendor X and they'll prolly get a basic config going on a few nodes, but when troubleshooting time comes it's useless without good knowledge of the underlying technology, which none of the vendor certs teach very well (IMHO anyway ;-) Cheers, Erik -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl
Re: Cisco moves even more to china.
On Fri, 24 Sep 2004, Erik Haagsman wrote: I've always personally taken anyone who said "but I'm an MCSE" with a grain of salt. I've had equal respect for the A-plus and Net-Plus certifications, which are basically bought. I used to have more trust in the /CC../ certifications but I find I may be laughing those off too quite soon. MCSE - Microsoft-claimed Substitute for Experience. A-Plus - The only possible grade in a pass/fail test. Net-Plus - An accounting term for "how can we net more money with this bull certification" Not one of the above properly teaches you how to run, say, DNS correctly (my opinions on the Active Directory DNS butchery notwithstanding). I'm sure in time I'll come up with others sometime after I have to argue with green CC.. people who think the paper makes them infallible and prove them wrong with a 20-second search of cisco.com. Hmm..we're flooded by CCNA's and CCNP's that often hardly know how logon to a router as it is, so this will probably add a lot more, a bit like the MCSE craze a few years ago ;-) When they say training thousands of students, they're not talking thousands of CCIE-level specialists that actually know what they're doing. If anything it looks like we should feel sorry for people working production for Cisco since it looks like production will be completely based in China in the not too far future. Cheers, Erik On Fri, 2004-09-24 at 01:49, Nicole wrote: Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on their site) During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in giving something back and truly becoming a Chineese company." "China will become the IT center or the world" "China will become the largest economy in the world." CNN Reports: Cisco is investing 32 Million into Changi and is training 10's of thousands of Chineese university students in Cisco technology. So.. I guess we will be cranking out those H1b's...Plan to kiss your raises and or jobs bye bye to some specialized cheap imported Cisco trained networking person from China. *SIGH* Nicole -- |\ __ /| (`\ | o_o |__ ) ) // \\ - [EMAIL PROTECTED] - Powered by FreeBSD - -- "The term "daemons" is a Judeo-Christian pejorative. Such processes will now be known as "spiritual guides" - Politicaly Correct UNIX Page Opportunity is missed by most people because it is dressed in overalls and looks like work. - Thomas Edison "Microsoft isn't evil, they just make really crappy operating systems." - Linus Torvalds -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl -- "She's been getting attacked by these leeches, they're leaving these marks all over her neck. You gotta keep her out of those woods. If one more leech gets her, she's gonna get a smack." -Someone's Mother, December 18th, 1998 Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
Re: Cisco moves even more to china.
Hmm..we're flooded by CCNA's and CCNP's that often hardly know how logon to a router as it is, so this will probably add a lot more, a bit like the MCSE craze a few years ago ;-) When they say training thousands of students, they're not talking thousands of CCIE-level specialists that actually know what they're doing. If anything it looks like we should feel sorry for people working production for Cisco since it looks like production will be completely based in China in the not too far future. Cheers, Erik On Fri, 2004-09-24 at 01:49, Nicole wrote: > > Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on > their site) > > During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in > giving something back and truly becoming a Chineese company." "China will > become the IT center or the world" "China will become the largest economy in the > world." > > CNN Reports: Cisco is investing 32 Million into Changi and is training > 10's of thousands of Chineese university students in Cisco technology. > > > So.. I guess we will be cranking out those H1b's...Plan to kiss your raises > and or jobs bye bye to some specialized cheap imported Cisco trained networking > person from China. > > > *SIGH* > > > Nicole > > > -- > |\ __ /| (`\ > | o_o |__ ) ) > // \\ > - [EMAIL PROTECTED] - Powered by FreeBSD - > -- > "The term "daemons" is a Judeo-Christian pejorative. > Such processes will now be known as "spiritual guides" > - Politicaly Correct UNIX Page > > Opportunity is missed by most people because it is dressed in overalls and > looks like work. >- Thomas Edison > > "Microsoft isn't evil, they just make really crappy operating systems." >- Linus Torvalds -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl
Re: Cisco moves even more to china.
Nicole wrote: Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on their site) During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in giving something back and truly becoming a Chineese company." "China will become the IT center or the world" "China will become the largest economy in the world." CNN Reports: Cisco is investing 32 Million into Changi and is training 10's of thousands of Chineese university students in Cisco technology. So.. I guess we will be cranking out those H1b's...Plan to kiss your raises and or jobs bye bye to some specialized cheap imported Cisco trained networking person from China. Oh, I don't know, somebody has to stay over there and assist the spammers and their colo websites. Jeff
Re: Cisco moves even more to china.
> Date: Thu, 23 Sep 2004 16:49:11 -0700 (PDT) > From: Nicole <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Cisco moves even more to china. > > > > > Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on > their site) > > During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in > giving something back and truly becoming a Chineese company." "China will > become the IT center or the world" "China will become the largest economy in the > world." > > CNN Reports: Cisco is investing 32 Million into Changi and is training > 10's of thousands of Chineese university students in Cisco technology. > > So.. I guess we will be cranking out those H1b's...Plan to kiss your raises > and or jobs bye bye to some specialized cheap imported Cisco trained networking > person from China. Yeah, but don't they already have a company over there that is producing Cisco stuff? Or did I mis-read a lawsuit? > > > *SIGH* > > > Nicole > > > -- > |\ __ /| (`\ > | o_o |__ ) ) > // \\ > - [EMAIL PROTECTED] - Powered by FreeBSD - > -- > "The term "daemons" is a Judeo-Christian pejorative. > Such processes will now be known as "spiritual guides" > - Politicaly Correct UNIX Page > > Opportunity is missed by most people because it is dressed in overalls and > looks like work. >- Thomas Edison > > "Microsoft isn't evil, they just make really crappy operating systems." >- Linus Torvalds > > --- Gregory Hicks| Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400 San Jose, CA 95134 | Internet: [EMAIL PROTECTED] I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton
Cisco moves even more to china.
Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on their site) During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in giving something back and truly becoming a Chineese company." "China will become the IT center or the world" "China will become the largest economy in the world." CNN Reports: Cisco is investing 32 Million into Changi and is training 10's of thousands of Chineese university students in Cisco technology. So.. I guess we will be cranking out those H1b's...Plan to kiss your raises and or jobs bye bye to some specialized cheap imported Cisco trained networking person from China. *SIGH* Nicole -- |\ __ /| (`\ | o_o |__ ) ) // \\ - [EMAIL PROTECTED] - Powered by FreeBSD - -- "The term "daemons" is a Judeo-Christian pejorative. Such processes will now be known as "spiritual guides" - Politicaly Correct UNIX Page Opportunity is missed by most people because it is dressed in overalls and looks like work. - Thomas Edison "Microsoft isn't evil, they just make really crappy operating systems." - Linus Torvalds
Re: [nanog] Re: APNIC Privacy of customer assignment records - implementation update
Note that draft-daigle-rfc954bis-01.txt was approved and is sitting in the RFC Editor's queue. It removes all of the policy language in RFC 954, but is otherwise the same (and it will likewise be issued as a Draft Standard, the current status of RFC 954). regards, Ted Hardie At 6:00 PM -0400 9/23/04, Joe Abley wrote: On 23 Sep 2004, at 16:36, Dan Mahoney, System Admin wrote: http://rfc-ignorant.org/policy-ipwhois.php There you go. They do this, they're in violation of RFC 954. RFC 954 is a description of how one whois service, "running on the SRI-NIC machine (26.0.0.73 or 10.0.0.51)". How can any other whois service be in violation of that? Joe
Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004, Leo Bicknell wrote: > In a message written on Thu, Sep 23, 2004 at 05:56:42PM -0400, Joe Abley wrote: > > The proposal (which comes from APNIC members, not from APNIC staff) > > concerns non-portable addresses assigned to end-users. I don't know > > about anybody else, but I've never had any luck getting a response from > > people in that category anyway; it's invariably the upstream ISPs who > > respond (if anybody does), and there is no suggestion that their > > contact details will be able to be hidden. > > There are several proposals in various stages before ARIN and RIPE > about this same issue. APNIC simply beat everyone to the punch, but > most of the other groups are going down the same path. Going down the path does not mean it'll happen. > The interesting case brought by several providers is that some > residential DSL providers are now assigning /29's to end users to > support multiple boxes. In some cases these additional boxes are > service provider boxes to provide value-add services (think, a voice > or video gateway box). This creates the very real situation where > "grandma" is now published in whois. > > "grandma" doesn't like the spam, doesn't want to be listed (she > already has an unlisted phone number) and even if her machine is > owned and spewing forth spam contacting her is just going to result > in confusion. To that end the service provider would like to not > list her, protect her privacy, and when people query have only their > block and contact show up so they can field the call and either > block her port, or have a (hopefully more helpful) customer service > person help her clean her infected machine or whatever. For ARIN, in case of grandma or any other residentual customer, there exist "residential customer privacy" policy, so her name need not be listed. > Generally the people who actually work abuse all have a similar report: > end user assignments in whois are worthless. End users fall into one > of two catagories: > > 1) "grandma", where contacting her is going to get you nowhere because >they don't know what you're talking about. > > 2) An abuser (spammer, ddoser, whatever). These people either won't >respond, or will respond but take no action, in both cases hoping >to string you along and make you either go away, or at least buy >some more time while they tie you up dealing with them. > > Because of this most of the people dealing with abuse are already > ignoring end user contact information and going straight to the > upstream ISP anyway. This is not the same thing. What we're talking about is not the record itself but who is listed as point of contact. And for most small records the person is not listed as point of contact, the ISP is. But info about actual customer still makes it possible to correlate multiple cases of abuse together and it is more difficult for spammers to run from one ISP to another. > This brings us to why these proposals are getting traction in all the > RIR's. Spending thousands of hours maintaining data that many (most? > nearly all?) of the users say is useless is silly. But the proposals to hide the information do not change any of that, ISPs are still REQUIRED to provide all the same information to RIR they can just hide it from the public. > Chicken and egg, or egg and chicken? I'm not really sure. That > said, the current rules basically ensure that at some point in the > future, when everyone needs a /29, everyone on the planet will be > listed in whois. That I don't like either. I think ARIN database is overpopulated by otheless small records and this is a problem both for ARIN and for those tyring to use the data. But NOT ALL the records are useless and if we simply let ISPs not report anything at all, this is even worth. I actually do have proposal to make on this issue that will: 1. Reduce amount of data in arin whois by not requirying ISPs to report each small allocatoin and assignment 2. Keeps data about all small residential and small-business customers private out of whois (these represent 90% of all assignments) 3. Still keeps records that allow to determine general geographical location of service (for those of us mapping the net) 4. Still keeps records for almost all the types of cases where abuse and spam does happen. I'll now take this to ppml for further discussion. I don't have a concrete proposal text, but basic set of ideas that can be worked on further. --- William Leibzon Elan Networks [EMAIL PROTECTED]
RE: APNIC Privacy of customer assignment records - implementation update
The truth is, it doesn't even need to be a case of "grandma" listed in the whois (though that is a legitimate issue these days). If as an ISP, I list "Bob's Flower Market" (which has a DSL line and IP addresses for every cash register and order-fulfillment machine) in whois, all that does is: A) Cause "Bob's Flower Market" to get spam at the address harvested from whois, and B) Cause people who have issues with virus-infected machines to call Bob (who doesn't know jack about viruses) instead of calling me (I can remotely shut him off until I can drive over there with a CD full of anti-virus software), and C) Gives my competition Bob's name and phone number, so they can try to sell him their DSL service instead. (Imagine the response if you asked any other local business to post their complete customer list, with the names and unlisted phone numbers of buyers, on the front door) What it does NOT do is: 1) Reduce the amount of virus traffic accountable to Bob (might make it worse, if people call him instead of me), or 2) Reduce the amount of spam in the world (probably increases it, at least from Bob's point of view), or 3) Make the world a better place to live (there's much better avenues to pursue if that's your goal) Matthew Kaufman [EMAIL PROTECTED]
Re: APNIC Privacy of customer assignment records - implementation update
In a message written on Thu, Sep 23, 2004 at 05:56:42PM -0400, Joe Abley wrote: > The proposal (which comes from APNIC members, not from APNIC staff) > concerns non-portable addresses assigned to end-users. I don't know > about anybody else, but I've never had any luck getting a response from > people in that category anyway; it's invariably the upstream ISPs who > respond (if anybody does), and there is no suggestion that their > contact details will be able to be hidden. There are several proposals in various stages before ARIN and RIPE about this same issue. APNIC simply beat everyone to the punch, but most of the other groups are going down the same path. The interesting case brought by several providers is that some residential DSL providers are now assigning /29's to end users to support multiple boxes. In some cases these additional boxes are service provider boxes to provide value-add services (think, a voice or video gateway box). This creates the very real situation where "grandma" is now published in whois. "grandma" doesn't like the spam, doesn't want to be listed (she already has an unlisted phone number) and even if her machine is owned and spewing forth spam contacting her is just going to result in confusion. To that end the service provider would like to not list her, protect her privacy, and when people query have only their block and contact show up so they can field the call and either block her port, or have a (hopefully more helpful) customer service person help her clean her infected machine or whatever. Generally the people who actually work abuse all have a similar report: end user assignments in whois are worthless. End users fall into one of two catagories: 1) "grandma", where contacting her is going to get you nowhere because they don't know what you're talking about. 2) An abuser (spammer, ddoser, whatever). These people either won't respond, or will respond but take no action, in both cases hoping to string you along and make you either go away, or at least buy some more time while they tie you up dealing with them. Because of this most of the people dealing with abuse are already ignoring end user contact information and going straight to the upstream ISP anyway. This brings us to why these proposals are getting traction in all the RIR's. Spending thousands of hours maintaining data that many (most? nearly all?) of the users say is useless is silly. Indeed, this is the same thing many of the people who have alredy responded to this thread have said, only turned on it's head. "I treat all APNIC data as worthless" easily translates into "APNIC shouldn't keep the data" when you're one of the people paying the costs to upkeep the data. Chicken and egg, or egg and chicken? I'm not really sure. That said, the current rules basically ensure that at some point in the future, when everyone needs a /29, everyone on the planet will be listed in whois. That to me is the truely absurd part. I don't understand people who think every DSL, and every cable modem user should be listed in whois /purely by the fact that they have a couple of static IP addresses/. I can't imagine how that makes anything better for anyone. Many people will automatically tie this into another issue, but it is a separate issue. Upstreams, or more importantly LIR's (in registry speak) need to have valid contact information and need to act on complaints. I'm not quite sure how we enforce those requirements. However, the lack of being able to enforce those requirements does not make listing everyone any better of a solution. -- Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - [EMAIL PROTECTED], www.tmbg.org pgpx6vVNt3du2.pgp Description: PGP signature
RE: APNIC Privacy of customer assignment records - implementation update
Ok, I'll bite... I find the idea that an ISP must publish customer information offensive. There is no reason why a guy who wants to get a T-1 into his house and a /24 to support all the stuff he's doing at home should be forced to publish his full name and home address to the world (or worse, should have that information published to the world by his ISP without his knowledge). Didn't we already have this discussion back when it was about static /32s, /29s, and the like? And didn't those people get to keep their privacy? You can always track down the actual registrant and talk to them if you have a problem, and as has already been pointed out, they're a lot more likely to respond than the person listed in the assignment record. Believing that the "spam problem" would be solved if only the source IP addresses of the spam could be tracked to a physical address is a fallacy anyway. Matthew Kaufman [EMAIL PROTECTED] Ps. The legitimate business reason of trying to keep your customer list private so your competitors don't spend all day calling your customers should apply too, but I'm a lot less worried about that than the simple privacy issues for the end users.
Re: APNIC Privacy of customer assignment records - implementation update
On 23 Sep 2004, at 18:06, Matt Ghali wrote: Effectively none. APNIC has always served out unverified and obvious garbage from their whois servers. And they are different from every other RIR in this respect how? Joe
Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004 17:56:42 -0400, Joe Abley <[EMAIL PROTECTED]> wrote: > The proposal (which comes from APNIC members, not from APNIC staff) > concerns non-portable addresses assigned to end-users. I don't know > about anybody else, but I've never had any luck getting a response from > people in that category anyway; it's invariably the upstream ISPs who > respond (if anybody does), and there is no suggestion that their > contact details will be able to be hidden. > > So what difference will it make? Effectively none. APNIC has always served out unverified and obvious garbage from their whois servers. What I find offensive is that they are now codifying this lack of cooperation, and tacit complicity with spammers and other anonymous miscreants as official policy. matto
Re: [nanog] Re: APNIC Privacy of customer assignment records - implementation update
On 23 Sep 2004, at 16:36, Dan Mahoney, System Admin wrote: http://rfc-ignorant.org/policy-ipwhois.php There you go. They do this, they're in violation of RFC 954. RFC 954 is a description of how one whois service, "running on the SRI-NIC machine (26.0.0.73 or 10.0.0.51)". How can any other whois service be in violation of that? Joe
Re: APNIC Privacy of customer assignment records - implementation update
On 23 Sep 2004, at 16:20, Matt Ghali wrote: Does anyone else find this as offensive as I do? I guess the answer is yes, but I'm interested to know why. The proposal (which comes from APNIC members, not from APNIC staff) concerns non-portable addresses assigned to end-users. I don't know about anybody else, but I've never had any luck getting a response from people in that category anyway; it's invariably the upstream ISPs who respond (if anybody does), and there is no suggestion that their contact details will be able to be hidden. So what difference will it make? Joe
Re: Need qualified packers/shippers for racked equipment
With that kind of gear, and only 8 racks I really wonder how much the colo provider was charging you to justify bringing the application in-house.. eesh. DJ C. Bensend wrote: Hi all, I have received marching orders to pull our hardware out of a datacenter in Chicago and have it distributed within our company. We are migrating to the next generation of the application hosted there and bringing everything in-house. This decision is all about the money and has nothing to do with the colocation company. I have read through the similar thread started by Mr. Zito in August of 2003 (http://tinyurl.com/5g9ug), but my requirements are slightly different. They include: 1) Must be able to insure for more than $50,000 per shipment 2) No real rush - 5-7 days should be acceptable 3) Must be able to ship full racks _including_ packing/crating - we will have staff on-site to pull the site down, but we would rather have the shipper handle packaging 4) Should have solid experience shipping high-value data equipment 5) Multiple shipments to different destinations within a week's timeframe 6) Not all destinations will have a dock for offloading 7) There will be ~8 racks, plus two HP XP256 cabinets I am open to emails from salesfolk as long as they're reasonable. For right now, I just need contacts with shippers that are qualified and recommended by the community, so we can start working on quotes. I'm looking at the first (small) shipment leaving Chicago around the first week of November, with the remainder of the site shipping the first week of December. I will of course summarize back to the list, so feel free to email me off-list if you like. Thanks much! Benny
Change of Providers - time to migrate IP addresses
Is there a generally-accepted "best practice" that dictates the time frame for relinquishing address space when changing providers? I have a client with a /24 from provider X; we've built the infrastructure for connectivity to provider Y (with new address space from them) but still have a few hosts that we've not migrated to the new address space. We'll certainly be rid of the old addresses within the next 60 days but would like to terminate the circuit to provider X sooner than that. I think this is a pretty typical thing but Googling hasn't turned-up too much in the way of evidence of this. Is this a reasonable thing to do? I appreciate any feedback from NANOGers. Thanks, Ben
Re: APNIC Privacy of customer assignment records - implementation update
This proposal would be harmful in tracking hack attacks, ddos attacks and other forms of annoyance, spyware tracking and things that are beyond the capability for any agency to handle because of largese Technical fiefdoms were one of the worries of the 90's now we are here and that is becoming the direction, patenting rfc's and the like are harming the very fabric of the internet and detering the ability to keep it running.I am very disappointed -Henry --- "william(at)elan.net" <[EMAIL PROTECTED]> wrote: > > > On Thu, 23 Sep 2004, Matt Ghali wrote: > > > On Thu, 23 Sep 2004 16:19:19 +1000, George > Michaelson <[EMAIL PROTECTED]> wrote: > > > > > This is an important announcement on the > implementation of APNIC > > > approved proposal prop-007-v001 regarding > privacy of customer assignment > > > records. The proposal document, presentation, > minutes, and discussion > > > are available at: > > > > > > > http://www.apnic.net/docs/policy/proposals/prop-007-v001.html > > > > Does anyone else find this as offensive as I do? > > Yes. > > And worst of all similar proposal is under > discussion at ARIN, see > http://www.arin.net/policy/2004_6.html > So if you don't want the same unaccountability > problem for ARIN, join > ppml mail list and let argue against it. > > My own view is that this will make it a lot easier > for spammers to get > away with their works and easier for them to move > from one isp to another. > > At the same time reassignment information is used by > me and some others > for geographical mapping of ip space and this will > make harm this > research activity as well. So if you're involved in > something similar > you may want to speak up about it as well. > > --- > William Leibzon > Elan Networks > [EMAIL PROTECTED] > >
Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004, Patrick W Gilmore wrote: > But that will also depend on how APNIC responds to problems. If > Network X has a customer who is a problem, and we can't find out > customer's name / e-mail / whatever, then Network X better be > responsive. If not, then APNIC better be responsive. I guess the thinking is that apnic address space is so widely nullrouted already, so things cant get any worse. -Dan
Need qualified packers/shippers for racked equipment
Hi all, I have received marching orders to pull our hardware out of a datacenter in Chicago and have it distributed within our company. We are migrating to the next generation of the application hosted there and bringing everything in-house. This decision is all about the money and has nothing to do with the colocation company. I have read through the similar thread started by Mr. Zito in August of 2003 (http://tinyurl.com/5g9ug), but my requirements are slightly different. They include: 1) Must be able to insure for more than $50,000 per shipment 2) No real rush - 5-7 days should be acceptable 3) Must be able to ship full racks _including_ packing/crating - we will have staff on-site to pull the site down, but we would rather have the shipper handle packaging 4) Should have solid experience shipping high-value data equipment 5) Multiple shipments to different destinations within a week's timeframe 6) Not all destinations will have a dock for offloading 7) There will be ~8 racks, plus two HP XP256 cabinets I am open to emails from salesfolk as long as they're reasonable. For right now, I just need contacts with shippers that are qualified and recommended by the community, so we can start working on quotes. I'm looking at the first (small) shipment leaving Chicago around the first week of November, with the remainder of the site shipping the first week of December. I will of course summarize back to the list, so feel free to email me off-list if you like. Thanks much! Benny
Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004, Matt Ghali wrote: > On Thu, 23 Sep 2004 16:19:19 +1000, George Michaelson <[EMAIL PROTECTED]> wrote: > > > This is an important announcement on the implementation of APNIC > > approved proposal prop-007-v001 regarding privacy of customer assignment > > records. The proposal document, presentation, minutes, and discussion > > are available at: > > > > http://www.apnic.net/docs/policy/proposals/prop-007-v001.html > > Does anyone else find this as offensive as I do? Yes. And worst of all similar proposal is under discussion at ARIN, see http://www.arin.net/policy/2004_6.html So if you don't want the same unaccountability problem for ARIN, join ppml mail list and let argue against it. My own view is that this will make it a lot easier for spammers to get away with their works and easier for them to move from one isp to another. At the same time reassignment information is used by me and some others for geographical mapping of ip space and this will make harm this research activity as well. So if you're involved in something similar you may want to speak up about it as well. --- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: APNIC Privacy of customer assignment records - implementation update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Matt! On Thu, 23 Sep 2004, Matt Ghali wrote: > Does anyone else find this as offensive as I do? Yes, the spammers are gonna love this. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBUzJT8KZibdeR3qURAiIYAJ4/PUMHJlIAL/TO2NB1CBsGQtRzMwCgmZ4d L1CUzZEjOQm2d61XoMHv50U= =1afL -END PGP SIGNATURE-
Re: [nanog] Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004, Matt Ghali wrote: Oh look. http://rfc-ignorant.org/policy-ipwhois.php There you go. They do this, they're in violation of RFC 954. And there's already a blacklist ready and waiting. -Dan Does anyone else find this as offensive as I do? matt ghali On Thu, 23 Sep 2004 16:19:19 +1000, George Michaelson <[EMAIL PROTECTED]> wrote: This is an important announcement on the implementation of APNIC approved proposal prop-007-v001 regarding privacy of customer assignment records. The proposal document, presentation, minutes, and discussion are available at: http://www.apnic.net/docs/policy/proposals/prop-007-v001.html -- "Let me tell you something about regrowing your dead wife Lucy, Harry. It's probably illegal, potentially dangerous, and definitely crazy." -Harry nods- Vincent Spano, as Boris in "Creator". Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
Re: APNIC Privacy of customer assignment records - implementation update
On Sep 23, 2004, at 4:20 PM, Matt Ghali wrote: Does anyone else find this as offensive as I do? Dunno if "offensive" is the right word. "Worrisome", definitely. Maybe after I have time to understand it better, it might become offensive. But that will also depend on how APNIC responds to problems. If Network X has a customer who is a problem, and we can't find out customer's name / e-mail / whatever, then Network X better be responsive. If not, then APNIC better be responsive. Perhaps this was covered in the docs, I dunno, haven't read them all yet. It definitely was not covered in the FAQ, even though I figured it would be one of the most Frequently Asked Questions -- TTFN, patrick
Re: [nanog] Re: APNIC Privacy of customer assignment records - implementation update
On Thu, 23 Sep 2004, Matt Ghali wrote: Does anyone else find this as offensive as I do? matt ghali I think at this point it becomes a matter of "if they're not listed, blacklist them". It could potentially be a huge filter set, but there's so much crap coming from that corner of the globe anyway that this just gives a good, solid, hard fast reason. Needless to say, I'm joining the list specifically for the purpose of commenting on the above. -Dan On Thu, 23 Sep 2004 16:19:19 +1000, George Michaelson <[EMAIL PROTECTED]> wrote: This is an important announcement on the implementation of APNIC approved proposal prop-007-v001 regarding privacy of customer assignment records. The proposal document, presentation, minutes, and discussion are available at: http://www.apnic.net/docs/policy/proposals/prop-007-v001.html -- "I wish the Real World would just stop hassling me!" -Matchbox 20, Real World, off the album "Yourself or Someone Like You" Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
Re: APNIC Privacy of customer assignment records - implementation update
Does anyone else find this as offensive as I do? matt ghali On Thu, 23 Sep 2004 16:19:19 +1000, George Michaelson <[EMAIL PROTECTED]> wrote: > This is an important announcement on the implementation of APNIC > approved proposal prop-007-v001 regarding privacy of customer assignment > records. The proposal document, presentation, minutes, and discussion > are available at: > > http://www.apnic.net/docs/policy/proposals/prop-007-v001.html
paging the postmaster from adelphia
Your mail is bouncing. Your support reps claim that they have no control over blacklisting. Your mail servers say that socrates.berkeley.edu is on a blacklist that it isn't. Please mail me, we've been trying to resolve this for a week. Matt Ghali berkeley.edu mail ops
RE: Website contact for www.cisco.com
I also ran into this problem yesterday, I contacted Cisco and they said that they were not block any of my addresses or ranges which I found to be strange since from what I could tell out of an entire /22 only one IP address was affected. As of around 0500 PDT this morning I was able to access Cisco's website again though. Chris Burton Network Engineer Walt Disney Internet Group - Network Services The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact Walt Disney Internet Group at 206-664-4000. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crist Clark Sent: Thursday, September 23, 2004 9:47 AM To: Temkin, David Cc: nanog Subject: Re: Website contact for www.cisco.com Temkin, David wrote: > Can someone responsible for either security or operations of > www.cisco.com please contact me? We are seeing an issue where you may > be blocking one of our source IP addresses from accessing the website. Hmmm... Weird. We're having a similar issue. If you are at liberty to, could you please publicly or privately let me know what's going on here and whether it is a bug or feature? -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications(408) 933-4387
Re: Website contact for www.cisco.com
Temkin, David wrote: Can someone responsible for either security or operations of www.cisco.com please contact me? We are seeing an issue where you may be blocking one of our source IP addresses from accessing the website. Hmmm... Weird. We're having a similar issue. If you are at liberty to, could you please publicly or privately let me know what's going on here and whether it is a bug or feature? -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications(408) 933-4387
Website contact for www.cisco.com
Can someone responsible for either security or operations of www.cisco.com please contact me? We are seeing an issue where you may be blocking one of our source IP addresses from accessing the website. Thanks, -Dave David Temkin S-I-G IMPORTANT: The information contained in this email and/or its attachments is confidential. If you are not the intended recipient, please notify the sender immediately by reply and immediately delete this message and all its attachments. Any review, use, reproduction, disclosure or dissemination of this message or any attachment by an unintended recipient is strictly prohibited. Neither this message nor any attachment is intended as or should be construed as an offer, solicitation or recommendation to buy or sell any security or other financial instrument. Neither the sender, his or her employer nor any of their respective affiliates makes any warranties as to the completeness or accuracy of any of the information contained herein or that this message or any of its attachments is free of viruses.
Re: The worst abuse e-mail ever, sverige.net
> > [EMAIL PROTECTED]: > >> The solution I am working toward is quickly identifying user > >> infections. We are almost there. I collect and record all traffic > > Umm ... you mean you wire-tap all "my" email messages? (Anyone > still wonders why I don't trust my ISP?) > > I wonder if my Teclo listens in on all my telephone conversations > too? And the post office! My letters? Chill out. I am just collecting source and destination IP pairs, that is all I record. > > (Oops, sorry, shouldn't make analogies. ;-) > > >> from the users going to dark space > > Umm ... please define "dark space". See either the posts Paul Vixie or Rob Thomas on this. james
Re: [nanog] Re: The worst abuse e-mail ever, sverige.net
On Thu, 23 Sep 2004, Lars-Johan Liman wrote: [EMAIL PROTECTED]: Correction, the world *can't* let you be a well functioning exception. People always scream 'no censorship', but there is only that many more mail servers and preprocessing machines you can throw at a $20/month account. Hmm. "You get what you pay for.", you mean? I can If you mean that if I pay enough money, I can get a DSL (or even leased line) service with fixed IP address, and proper rDNS, that is not filtered by recipient MTAs. Sure. I probably could - theoretically. the real question is, how much money is it worth it for you. But don't put to blame on us for not adding another rack of mailservers so people like you can get their mail out. I'm opposed to marketing systems that actively (means it costs them money) put in restrictions in systems to make me pay more to have them remove it again. It's not worth the 5-fold amount that they will charge me, but if I can't use the 'net propersly, it might not be worth connecting to at all, so they'll lose me as customer. One port blocked is not much to quarrel over in practice, but this is a trend. Mail goes first. Web comes next ("we funnel all your web traffic through our cache"). VOIP is around the corner. It's like a phone system where the won't let you call anyone on the phone system. "If you want to call to this part of the world, you will have to call through our listening station, and if you don't want to do that, you can buy our premium service for $200 per minute." Sorry, it doesn't strike me as tempting at all. If that's the case, then you learn to rise above it with tunneling, IPSEC, VPN or any of a number of technologies that have been around for the past ten years. And yes, this requires a box on the outside. We're in the era of the $50 a month dedicated server, here. If you're trying to put a commercial grade service on a consumer grade line, deal with it. This is getting really far off-topic at this point. We're clear people are of two opinions on things, and nobody's going to change their mind. Anyone care to let it rest? -Dan -- "A mother can be an inspiration to her little son, change his thoughts, his mind, his life, just with her gentle hum." -No Doubt, "Different People", from "Tragic Kingdom" Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
Re: FW: The worst abuse e-mail ever, sverige.net
I was just going to stay out of this, but I can't... Steven Champeon wrote: on Thu, Sep 23, 2004 at 10:37:10AM +0200, Lars-Johan Liman wrote: [EMAIL PROTECTED]: Congrats. Ask your ISP for non-generic rDNS, in your domain, so I know where to send the abuse reports. I did. "Reverse *what*?" So explain it to them in words of two syllables or less, where possible. I recommend using "I am finding a new eye ess pee". There's plenty of them out there that will welcome you, as well. When I call tech support, I never get the nonsense about rebooting my machine to fix things. In fact, I usually have someone on the line who has heard of Slackware and OpenBSD. You get what you pay for. Because that's how things are today. You're a 1-in-50-million chance, as far as I can tell from my mail server. With that attitude you're never going to improve things ... /My/ attitude? You're the one giving your money to a bunch of incompetents. You know, it's just not that hard. I have what is termed "Business Class" SDSL, which may be pricier than the average geek wants to pay, but so what? If you want to be treated as _not one of the crowd_ of random clueless users, you need to differentiate yourself in a way that is simple for others, _not for yourself_. I have friends who have only one dedicated IP, but it's from an ISP that takes reverse seriously, and that will happily delegate to them, if desired. It isn't everyone else's responsibility to cater to you, if you can't get even the simplest stuff (rdns) fixed. Oh, and mine isn't delegated to me, but I don't worry about it, since it has a nice rdns that I'm find with (and I like the anonymity when I browse elsewhere). -- You've confused equality of opportunity for equality of outcomes, and have seriously confused justice with equality. -- Woodchuck
Re: The worst abuse e-mail ever, sverige.net
[EMAIL PROTECTED]: > Correction, the world *can't* let you be a well functioning > exception. > People always scream 'no censorship', but there is only that many more > mail servers and preprocessing machines you can throw at a $20/month > account. Hmm. "You get what you pay for.", you mean? I can If you mean that if I pay enough money, I can get a DSL (or even leased line) service with fixed IP address, and proper rDNS, that is not filtered by recipient MTAs. Sure. I probably could - theoretically. > the real question is, how much money is it worth it for you. But > don't put to blame on us for not adding another rack of mailservers > so people like you can get their mail out. I'm opposed to marketing systems that actively (means it costs them money) put in restrictions in systems to make me pay more to have them remove it again. It's not worth the 5-fold amount that they will charge me, but if I can't use the 'net propersly, it might not be worth connecting to at all, so they'll lose me as customer. One port blocked is not much to quarrel over in practice, but this is a trend. Mail goes first. Web comes next ("we funnel all your web traffic through our cache"). VOIP is around the corner. It's like a phone system where the won't let you call anyone on the phone system. "If you want to call to this part of the world, you will have to call through our listening station, and if you don't want to do that, you can buy our premium service for $200 per minute." Sorry, it doesn't strike me as tempting at all. The cost cannot be motivated in a personal budget - and it becomes a class thing. "We could only afford limited Internet." No, I don't like it. But then again, I'm just the rare exception ... > Correction, the world *can't* let you be a well functioning exception. [EMAIL PROTECTED]: >> not true. it can but many have decided not to. Well, what Paul's saying (in my understanding) is "the world *can't* let you be a well functioning exception ... *FOR THAT SMALL AMOUNT OF MONEY*, because their ends will not meet (... with enough overlap ;-)". ... which is probably what you mean too. (Correct me if I'm wrong, Paul.) Cheers, /Liman
Re: FW: The worst abuse e-mail ever, sverige.net
on Thu, Sep 23, 2004 at 10:37:10AM +0200, Lars-Johan Liman wrote: > > [EMAIL PROTECTED]: > > Congrats. Ask your ISP for non-generic rDNS, in your domain, so I know > > where to send the abuse reports. > > I did. > > "Reverse *what*?" So explain it to them in words of two syllables or less, where possible. I recommend using "I am finding a new eye ess pee". > > Because that's how things are today. You're a 1-in-50-million chance, > > as far as I can tell from my mail server. > > With that attitude you're never going to improve things ... /My/ attitude? You're the one giving your money to a bunch of incompetents. -- join us! http://hesketh.com/about/careers/web_designer.html join us! hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com join us! http://hesketh.com/about/careers/account_manager.htmljoin us!
Re: FW: The worst abuse e-mail ever, sverige.net
Lars-Johan Liman <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED]: >> Congrats. Ask your ISP for non-generic rDNS, in your domain, so I >> know where to send the abuse reports. > I did. "Reverse *what*?" I took my home ADSL to a company that delegates appropriate bits of in-addr.arpa to my servers. I suggest you might want to do the same. -- PGP key ID E85DC776 - finger [EMAIL PROTECTED] for full key
Re: The worst abuse e-mail ever, sverige.net
> > Our system is similar, except we block port 25 completely via RADIUS > > after we detect an outgoing virus or spam, > > Detect how? We don't sniff traffic for suspicious signatures at this point.Viruses are eventually caught by the assumption that "send to everyone in the address book" eventually will hit an address on the same mail server. Quarantined viruses are categorized by local user and IP address to identify the sender from RADIUS accounting records. Spam is based only on reports - those Spamcop reports are acted on by some people!
Re: FW: The worst abuse e-mail ever, sverige.net
On Thu, 23 Sep 2004, Randy Bush wrote: The problem is that the world *won't let me* be a well functioning exception. Correction, the world *can't* let you be a well functioning exception. not true. it can but many have decided not to. Just like I also 'chose' to not read messages tagged by software as spam. There is no choice. Paul -- "Non cogitamus, ergo nihil sumus"
Re: The worst abuse e-mail ever, sverige.net
[EMAIL PROTECTED]: >> The solution I am working toward is quickly identifying user >> infections. We are almost there. I collect and record all traffic Umm ... you mean you wire-tap all "my" email messages? (Anyone still wonders why I don't trust my ISP?) I wonder if my Teclo listens in on all my telephone conversations too? And the post office! My letters? (Oops, sorry, shouldn't make analogies. ;-) >> from the users going to dark space Umm ... please define "dark space". >> and am almost finished with the system that will identify who held >> that IP at a specific time. It is all in SQL so that is easy. Mmm. User privacy in its glory? [EMAIL PROTECTED]: > Our system is similar, except we block port 25 completely via RADIUS > after we detect an outgoing virus or spam, Detect how? > then notify the customer. This eliminates the ACL's on the border > routers. The user can still surf freely to download patches while > not causing further damage. Some users just don't want to be > bothered and just use webmail to send E-mail and keep the block > forever. This latter part is OK. It opens up a way out for those who want to, and a different service for those who don't. Cheers, /Liman
Re: FW: The worst abuse e-mail ever, sverige.net
>> The problem is that the world *won't let me* be a well functioning >> exception. > Correction, the world *can't* let you be a well functioning exception. not true. it can but many have decided not to. randy
Re: FW: The worst abuse e-mail ever, sverige.net
On Thu, 23 Sep 2004, Lars-Johan Liman wrote: I *understand* that I'm a rare exception. The problem is that the world *won't let me* be a well functioning exception. Correction, the world *can't* let you be a well functioning exception. People always scream 'no censorship', but there is only that many more mail servers and preprocessing machines you can throw at a $20/month account. You don't hear me complaining the $0.50 washing powder couldn't get the motor oil out of my velvet shirt. People don't scream 'cripple ware' at the washing powder. My ISP won't let me have my own rDNS, and "you" won't let me use port 25 properly. And Unilever won't let me clean my shirt. Because that's how things are today. You're a 1-in-50-million chance, as far as I can tell from my mail server. With that attitude you're never going to improve things ... If you ditched your ISP for the non-service they are offering, and go to one that does allow your rDNS records, things would improve not only for you, but for the world too as this IP is losing customers and either goes away or changes their policy. the real question is, how much money is it worth it for you. But don't put to blame on us for not adding another rack of mailservers so people like you can get their mail out. Paul -- "Non cogitamus, ergo nihil sumus"
Re: FW: The worst abuse e-mail ever, sverige.net
[EMAIL PROTECTED]: > Congrats. Ask your ISP for non-generic rDNS, in your domain, so I know > where to send the abuse reports. I did. "Reverse *what*?" Just to clue you in. They used to have the only two authoritative servers for their reverse zone sitting on the same LAN with the IP#s next to each other. Then that LAN goes out (happens from time to time) ther is *NO* rDNS, with the obvious "lame delegation" time-outs from servers I (as a customer of theirs) try to access. (In all fairness, I just checked my facts, and it seems as they have recently improved on that situation.) Like I said, I barely trust them to move bits to my box. > I don't mind at all. Get rDNS that provides a clue that you have a clue, > and I'm happy as all get out to accept mail from you. Otherwise, you're > functionally identical to fifty million spam zombies, as far as I have > time to determine. > Understand me? You're the /rare exception/. I *understand* that I'm a rare exception. The problem is that the world *won't let me* be a well functioning exception. My ISP won't let me have my own rDNS, and "you" won't let me use port 25 properly. > Because that's how things are today. You're a 1-in-50-million chance, > as far as I can tell from my mail server. With that attitude you're never going to improve things ... Cheers, /Liman
Re: FW: The worst abuse e-mail ever, sverige.net
[EMAIL PROTECTED]: > You block port 25 until a customer says that they're claim to have > setup a responsible mail submission agent and demonstrate the > necessary clue density. Then in all fairness block also port 80. A comparable amount of junk is sent using port 80. > This can be readily determined by having customer support mail > a short form with relevant questions such as "Is your mail server > RFC2505 compliant?", "Please list the mechanism used to secure > mail submission to your server?", and "Are you prepared to handle > SPAM reports for all email originated or relayed?" No problem for > someone who knows what they're doing but enough to deter the > random end user. Ditto | sed -e 's/25/80/' -e 's/SMTP/HTTP/' -e 's/MIME/HTML/' :-) Cheers, /Liman
Re: FW: The worst abuse e-mail ever, sverige.net
[EMAIL PROTECTED]: > Most DSL providers that hand out static addressing also have the means > to delegate the rDNS. Sounds like it is time to get your own DNS on. They have the means (by definition). They don't have the willingness. Cheers, /Liman
Visualization of Hurrican Ivan Internt Outages
Thoughts folks might find this bit from John Quarterman's Internet Perils outfit, by way of Martin Dodge, interesting: https://www.internetperils.com/perilwatch/20040914.php Visualizes the impact of the loss of an undersea cable to the Cayman Islands