Interesting interaction between Blaster worm variants and Verisign DNS change

I think that an interesting interaction involving: 1) Blaster worm DDoS attack against windows update. 2) The default action of Windows 2000 and XP computers to automatically append the domain name under "Network Identification" or the suffix search list to DNS lookups. 3) The number of non-exist

Re: News of ISC Developing BIND Patch

On Thursday, September 18, 2003, at 02:10 PM, [EMAIL PROTECTED] wrote: manufacturer assigned macs are guaranteed to be globally unique. A specific enterprise reconfiguring the mac is akin to an enterprise using RFC1918 space. I would say _supposed_ to be unique. Surely some cheapo manufacturer

RE: Kill Verisign Routes :: A Dynamic BGP solution

> > I think the whole idea of getting into an escalating > > technical war with > > Verisign is extremely bad. Your suggestion only makes sense if > > you expect > > Verisign to make changes to evade technical solutions. Each > > such change by > > Verisign will cause more breakage. Verisign will

RE: Kill Verisign Routes :: A Dynamic BGP solution

> -Original Message- > From: David Schwartz [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 18, 2003 6:38 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: Kill Verisign Routes :: A Dynamic BGP solution > Sensitivity: Confidential > > I think the whole idea of g

RE: Kill Verisign Routes :: A Dynamic BGP solution

Which is fine with me/my client base. Since what they are doing is essentially a MITM attack, the client base I serve and I would rather have the mail sit in OUR spools for a couple of days, vs. bouncing immediately with the potential of the mail addresses being harvested. Also, from the perspec

Re: Worst design decisions?

On Thu, 18 Sep 2003 16:14:39 PDT, Scott Granados said: > Who thought it was a good idea to put braille on the drive up atms? My dad's legally blind. That braille makes it possible for him to get cash (either from the back seat or step out and walk up) if somebody's giving him a ride, without hi

Re: Worst design decisions?

Once upon a time, Ben Browning <[EMAIL PROTECTED]> said: > The little clippy widgets (looks kind of like @) on some oldschool racks, > that hold the nut in place for the hex-head bolt. Why these were considered > desirable is beyond me. We've got a bunch of racks like that (and my PDP8 rack at

let the lawsuits begin

Let the lawsuits begin. " KNOXVILLE, Tenn.--(BUSINESS WIRE)--Sept. 18, 2003--Popular Enterprises LLC, the parent company of Netster.com, has filed a $100 million dollar lawsuit against VeriSign, Inc. The Complaint alleges antitrust violations, unfair competition and violations of the Decept

Re: Worst design decisions?

At 04:24 PM 9/18/2003, [EMAIL PROTECTED] wrote: The US Congress. "can you say ADA - sure you can" - Fred Rodgers > Who thought it was a good idea to put braille on the drive up atms? While I don't know if the person in question was blind or not, I *have* seen someone use a drive-up ATM from the

Re: Worst design decisions?

I'm still trying to find out the point of labeling the light switches in airplanes. I can see the point of doing it if the button is obvious to the touch, but on some planes they use membrane switches that aren't obvious to the touch. I know the ADA probably requires them to label light switches,

Re: BIND 9 (Re: ISC Patches)

On Wed, 17 Sep 2003, Todd Vierling wrote: > (Although I noticed that NetBSD's pkgsrc version of bind9 doesn't install > the HTML docs, which are now required in order to understand named.conf > changes. I'll probably submit a change request for that.) FreeBSD's does. :) Doug (aka [EMAIL PROTEC

Re: Worst design decisions?

The US Congress. "can you say ADA - sure you can" - Fred Rodgers > Who thought it was a good idea to put braille on the drive up atms? --bill (sorry ren, I couldn't resist)

Re: Worst design decisions?

Your all missing my most favorite bad design decision. And I know that in other areas this has been mentioned and made fun of enough but ... Who thought it was a good idea to put braille on the drive up atms? And having a contact in banking I do know that banks pay extra for this feature its n

Re: .ORG problems this evening

On Thu, 18 Sep 2003, Majdi S. Abbas wrote: : > Sucks to be anyone trying to use the service whose routers pick those nodes : > as the only ones available. That's the fault of the implementor, not the : > client. : I think it's out of line to speculate on how UltraDNS has configured : thes

Re: Worst design decisions?

On Thu, Sep 18, 2003 at 03:53:44PM -0700, Ben Browning wrote: > > Procurve switch management interface. Archaic, arcane, insane, unusable. I'm actually quite happy with the HP ProCurve switch interface, the web interface is the first thing to be disabled though. -- Matthew S. Hallacy

Re: Worst design decisions?

> Was doing some upgrades on a UBR7246 (to a VXR), and I got to thinking > about short sighted design considerations. I was curious if any of you > had some pet peeves from a design perspective to rant about. I'll start > with a couple. Here are a few of mine: The little clippy widgets (looks

Re: Kill Verisign Routes :: A Dynamic BGP solution

Thus spake Stephen J. Wilcox ([EMAIL PROTECTED]) [18/09/03 18:54]: > So totallymadeupdomain.com now resolves but is unreachable. That will prevent > you from bouncing emails to non-existent domains immediately.. FWIW, the latest versions of postfix have code in them to block connects from explic

Re: Kill Verisign Routes :: A Dynamic BGP solution

On Thu, 18 Sep 2003, Eric Germann wrote: > > I wanted to discuss the merits of the following: > > I have written a proof of concept solution to nuke a route to sitefinder. > Code to those who care or to the list if anyone cares. Perl is your friend > :) > > Basic concept: Use Net::BGP to set

RE: Kill Verisign Routes :: A Dynamic BGP solution

> I wanted to discuss the merits of the following: > I have written a proof of concept solution to nuke a route to sitefinder. > Code to those who care or to the list if anyone cares. Perl is > your friend > :) > Basic concept: Use Net::BGP to set up a peering session with my route > server.

Re: Worst design decisions?

In article <[EMAIL PROTECTED]>, Todd Vierling <[EMAIL PROTECTED]> wrote: > >On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > >: Without a question: PS/2 style keyboard and mouse connectors. Impossible >: to tell from each other, > >And this part is somewhat funny, too, because the PS/2 connector

Kill Verisign Routes :: A Dynamic BGP solution

I wanted to discuss the merits of the following: I have written a proof of concept solution to nuke a route to sitefinder. Code to those who care or to the list if anyone cares. Perl is your friend :) Basic concept: Use Net::BGP to set up a peering session with my route server. Query DNS for

Re: .ORG problems this evening

On Thu, Sep 18, 2003 at 02:22:19PM -0400, Todd Vierling wrote: > Sucks to be anyone trying to use the service whose routers pick those nodes > as the only ones available. That's the fault of the implementor, not the > client. I have a sneaking suspicion that if UltraDNS's tld cluster tha

Rogers Cable Contact

Can someone from the Rogers Cable NOC (Tier-III) contact me off-list? Thanks, Alexander Kiwerski Senior Network Engineer Winstar-IDT Network Operations & Security Desk: +1 206 574 3121 Mobile: +1 206 571 0274

Re: News of ISC Developing BIND Patch

"Dominic J. Eidson" wrote: > > On Thu, 18 Sep 2003, John Kristoff wrote: > > > Fortunately, this practice rarely occurs these days (token ring / SNA > > shops often did this) although I'd be curious if anyone still does it. > > box:~ # /sbin/lspci | grep 'Happy' > 01:03.1 Ethernet controller: S

RE: Worst design decisions?

On Thu, 18 Sep 2003, Ejay Hire wrote: > Who needs a console port on a Bay? Site angler will save the day! Get it right! Site Mangler! What fond memories... > ... Err, sorry, coming off of a power outage with nothing to do but > drink coffee. > > -e > > -Original Message- > From: Pete

RE: DNS anycast considered harmful (was: .ORG problems this evening)

> On Thu, 18 Sep 2003, Leo Bicknell wrote: > > A truely robust anycast setup has two "addresses" (or networks, or > > whatever), but only one per site. From the momentary outage while > > BGP reconverges to the very real problem of the service being down > > and the route still being announced

RE: Worst design decisions?

On Thu, 18 Sep 2003, Luke Starrett wrote: > True but there are also snagless connectors available where the release > tab actually makes a V shape such as to not catch when you're pulling it > through a cable raceway. They definitely do cost a few more $$ though. > I believe the usual suspects..

Re: ICANN - Formal Complaint re Verisign

Michael Dillon wrote: >Complaining on this mailing list achieves very little but [...] It did one useful thing; it gave a wide number of operators across the ISP and infrastructure industries a chance to see what was happening and put in their two cents. My initial impression was that the wildc

Re: "Class A Data Center"

[EMAIL PROTECTED] wrote: Particularly of interest would be "established standards" for "Class A Datacenter" specifically relating to the physical plant -- Power, cooling, physical security, etc. I think we can all agree in general on N+1 everything, and we can go round and round again on what exac

Re: News of ISC Developing BIND Patch

* sigh * s/there/their/ s/mps/mbs/ s/:)/:}/ 8-) Richard Irving wrote: Mr. James W. Laferriere wrote: Hello Whoever , On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: On Wed, 17 Sep 2003 [EMAIL PROTECTED] wrote: manufacturer assigned macs are guaranteed to be globally unique. A specific enterpris

Re: News of ISC Developing BIND Patch

Mr. James W. Laferriere wrote: Hello Whoever , On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: On Wed, 17 Sep 2003 [EMAIL PROTECTED] wrote: manufacturer assigned macs are guaranteed to be globally unique. A specific enterprise reconfiguring the mac is akin to an enterprise using RFC1918 space.

RE: Worst design decisions?

Who needs a console port on a Bay? Site angler will save the day! ... Err, sorry, coming off of a power outage with nothing to do but drink coffee. -e -Original Message- From: Peter E. Fry [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:02 AM To: [EMAIL PROTECTED] Sub

RE: "Class A Data Center"

Particularly of interest would be "established standards" for "Class A Datacenter" specifically relating to the physical plant -- Power, cooling, physical security, etc. I think we can all agree in general on N+1 everything, and we can go round and round again on what exactly constitutes "Tier-1

consider fewer posts, more substance please...

To all parties who have posted to NANOG a dozen times or more in the past 24 hours... For a good time please check out: http://www.nanog.org/listfaq.html#topics * Think Before You Post * When you send mail to the NANOG list, it will be received by thousands of current and potential peers,

RE: "Class A Data Center"

This is the assumption I have come to as well. Are there any established standards for enterprise datacenters at all, aside from the obvious, N+1 redundant everything, diverse paths, etc.? On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > On Thu, 18 Sep 2003 12:08:43 EDT, Bob German <[EMAIL PROTE

Re: News of ISC Developing BIND Patch

On Thu, 18 Sep 2003, John Kristoff wrote: > Fortunately, this practice rarely occurs these days (token ring / SNA > shops often did this) although I'd be curious if anyone still does it. box:~ # /sbin/lspci | grep 'Happy' 01:03.1 Ethernet controller: Sun Microsystems Computer Corp. Happy Meal (r

Re: News of ISC Developing BIND Patch

Speaking on Deep Background, the Press Secretary whispered: > > > On Thu, 18 Sep 2003 15:10:57 -0400 (EDT) > [EMAIL PROTECTED] wrote: > > > manufacturer assigned macs are guaranteed to be globally unique. > > Theoretically. I didn't experience it personally, but I believe there > was at least

Re: .ORG problems this evening

On Thu, 18 Sep 2003, John Fraizer wrote: : Todd, you don't make the announcement for the anycast address from your : border.. You do it from within the anycast cluster as a CONDITIONAL : announcement. IE; you use a specially written BGP daemon that makes the : announcement when the service is a

Re: News of ISC Developing BIND Patch

There was another manufacturer one of the really low budget cards, I forget the brand but they were shipped in a box which looked like a dunkin's munchkins box. If you bought several boxes of these, I think six in a box and the entire package was $30 you were likely to find more than 2 or 3 with

Re: News of ISC Developing BIND Patch

On Thu, 18 Sep 2003 15:10:57 -0400 (EDT) [EMAIL PROTECTED] wrote: > manufacturer assigned macs are guaranteed to be globally unique. Theoretically. I didn't experience it personally, but I believe there was at least one fairly well known event a few years back where a manufacturer shipped cards

Re: News of ISC Developing BIND Patch

Hello Whoever , On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > > On Wed, 17 Sep 2003 [EMAIL PROTECTED] wrote: > > > MAC addresses are not without authority delegation. The IEEE is the ultimate > > > authority in said case. > > > Any solution which requires uniqueness also requires a singu

Re: Worst design decisions?

Hello All , On Thu, 18 Sep 2003, Gerald wrote: > On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > > Actually, as awkward as those rubber hoods are, what I like about them is > > that when you're pulling a disconnected patch cable through a rat's nest > > of wires, they prevent the plastic t

Re: "Class A Data Center"

On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > On Thu, 18 Sep 2003 12:08:43 EDT, Bob German <[EMAIL PROTECTED]> said: > > > Can anyone point me to a set of standards that define a "Class A Data > > Center?" I'm not asking for requirements, but an actual pointer to > > standards hammered out by

Re: News of ISC Developing BIND Patch

> On Wed, 17 Sep 2003 [EMAIL PROTECTED] wrote: > > > > If the goal were unique identification, MAC addresses would do just fine. > > > No need for DNS. > > > > MAC addresses are not without authority delegation. The IEEE is the ultimate > > authority in said case. > > Yep... But have you seen a

Re: News of ISC Developing BIND Patch

> On Wed, 17 Sep 2003 [EMAIL PROTECTED] wrote: > > MAC addresses are not without authority delegation. The IEEE is the ultimate > > authority in said case. > > > > Any solution which requires uniqueness also requires a singular ultimate > > authority. > > Even MACs aren't entirely unique. Some

Re: Worst design decisions?

> Hello all, > > Was doing some upgrades on a UBR7246 (to a VXR), and I got to thinking > about short sighted design considerations. I was curious if any of you > had some pet peeves from a design perspective to rant about. I'll start > with a couple. try cisco-nsp. Single vendor stuff is

Re: Worst design decisions?

On Thu, Sep 18, 2003 at 02:39:51PM -0400, [EMAIL PROTECTED] wrote: > > Actually, as awkward as those rubber hoods are, what I like about them is > that when you're pulling a disconnected patch cable through a rat's nest > of wires, they prevent the plastic tab from being bent backward. Not a sh

RE: Worst design decisions?

> Actually, as awkward as those rubber hoods are, what I like > about them is that when you're pulling a disconnected patch > cable through a rat's nest of wires, they prevent the plastic > tab from being bent backward. True but there are also snagless connectors available where the release ta

Re: .ORG problems this evening

> Date: Thu, 18 Sep 2003 11:36:37 -0700 (PDT) > From: bmanning > > Bill, I know you know better, so let's try more facts and less > > FUD. Mmmmkay? Your above paragraph is a red herring that is > > analogous to saying "all multihomed services must be run on the > > router itself". > > ye

Re: Worst design decisions?

On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote: > Actually, as awkward as those rubber hoods are, what I like about them is > that when you're pulling a disconnected patch cable through a rat's nest > of wires, they prevent the plastic tab from being bent backward. Since you are the second person t

Re: anycast (Re: .ORG problems this evening)

On Thu, 18 Sep 2003, E.B. Dreger wrote: : EBD> That's why one uses a daemon with main loop including : EBD> something like: : EBD> : EBD> success = 0 ; : EBD> for ( i = checklist ; i->callback != NULL ; i++ ) : EBD> success &= i->callback(foo) ; : EBD> if ( success ) : EBD> s

Re: .ORG problems this evening

TV> Date: Thu, 18 Sep 2003 14:22:19 -0400 (EDT) TV> From: Todd Vierling TV> Sucks to be anyone trying to use the service whose routers TV> pick those nodes as the only ones available. That's the TV> fault of the implementor, not the client. Yes. TV> The major issue here is that no *gTLD*, pa

Re: .ORG problems this evening

> Bill, I know you know better, so let's try more facts and less > FUD. Mmmmkay? Your above paragraph is a red herring that is > analogous to saying "all multihomed services must be run on the > router itself". yes, it does lean that way... but to expose a sigma-six blip in how

Re: Worst design decisions?

Actually, as awkward as those rubber hoods are, what I like about them is that when you're pulling a disconnected patch cable through a rat's nest of wires, they prevent the plastic tab from being bent backward. On Thu, 18 Sep 2003, John Palmer wrote: > > Thats to prevent it from being disconne

Re: Worst design decisions?

>The hands-down winner, so far, is the Cisco >CMS-formerly-known-as-Arrowpoint, which has an RJ45 console cable >which WILL NOT WORK, full stop, with the RJ45 connectors on Cisco's >own console servers. > >*wild applause* Ah, yes. I've run into that bad boy. It really stinks to come in to work in

Re: .ORG problems this evening

On Thu, 18 Sep 2003, John Fraizer wrote: : As has been stated by others, UltraDNS, like the roots and other TLD hosts : is under nearly constant attack. Perhaps your local nodes were effected : by an attack. IE; the pipe was full but the service was still alive so the : anycast prefix wasn't ret

Re: anycast (Re: .ORG problems this evening)

EBD> Date: Thu, 18 Sep 2003 18:01:07 + (GMT) EBD> From: E.B. Dreger EBD> That's why one uses a daemon with main loop including EBD> something like: EBD> EBD>success = 0 ; EBD>for ( i = checklist ; i->callback != NULL ; i++ ) EBD>success &= i->callback(foo) ; EBD>if (

Re: .ORG problems this evening

> Date: Thu, 18 Sep 2003 11:00:53 -0700 (PDT) > From: bmanning > Sorry no zebra. Perhaps I should run my TLDs > DNS service on my Juniper Routers. some expect/cron > work should provide the needed glue... Bill, I know you know better, so let's try more facts and less FUD. M

Re: .ORG problems this evening

On Thu, 18 Sep 2003, Keptin Komrade Dr. BobWrench III esq. wrote: : And, I might add, in the case of a highly complex anycast application, : you will need to check not only for correctness, but for timeliness. All this still assumes that DNS should be trusting a single anycast location as the on

Re: .ORG problems this evening

> Date: Thu, 18 Sep 2003 10:29:06 -0700 (PDT) > From: bmanning > Ick. you really believe that BGP can or should be augmented to > understand application "liveness"? BGP reaching past the And why not? BGP deals in reachability information. Perhaps it conventionally represents interface and

Re: Worst design decisions?

In the immortal words of Justin Shore ([EMAIL PROTECTED]): > > > > I can think of 6 different console cable pinouts and connectors that > Enterasys (Cabletron) has used over the years. No wait, make that 7. How > could I forget the inherited Fore ATM architecture and subsequent blades. >

anycast (Re: .ORG problems this evening)

> Date: Thu, 18 Sep 2003 13:47:01 -0400 > From: Keptin Komrade Dr. BobWrench III esq. > And, I might add, in the case of a highly complex anycast > application, you will need to check not only for correctness, > but for timeliness. In a realtime system, something that is late is considered inco

Re: .ORG problems this evening

> > BGP has no way to know that an internal network problem occurred. If > > someone mistakenly tripped over a network cable that disconnected DNS > > clusters from a router, how would the router know to drop anycast > > advertisements? > > > > (Sure, you could run zebra on the cluster. But wha

Re: Worst design decisions?

Even better: the old bay switches had a backdoor password, that you could always use no matter what. Great security there. G. I had to deal with a campus full of them, and since they had of course forgotten all the passwords, so it was a good thing in that case, I could actually reconfigur

Re: .ORG problems this evening

On Thu, 18 Sep 2003, Todd Vierling wrote: BGP has no way to know that an internal network problem occurred. If someone mistakenly tripped over a network cable that disconnected DNS clusters from a router, how would the router know to drop anycast advertisements? (Sure, you could run z

Re: .ORG problems this evening

E.B. Dreger wrote: TV> Date: Thu, 18 Sep 2003 13:01:18 -0400 (EDT) TV> From: Todd Vierling TV> BGP doesn't know when a DNS server dies. Therein lies the TV> findamental problem of using anycast as an application TV> redundancy scheme. But it can and should. Again, seeing if the process is runnin

Re: Worst design decisions?

On Thu, 18 Sep 2003 17:04:47 + (GMT), E.B. Dreger <[EMAIL PROTECTED]> wrote: You have reminded me of Bay's config GUI. I shall have nightmares tonight. Back in the winter of '00, I had the pleasure of working on a friend's old Bay. He was using it for a home-based ISP, and, well, I believe

Re: .ORG problems this evening

Todd Vierling wrote: BGP doesn't know when a DNS server dies. Therein lies the findamental problem of using anycast as an application redundancy scheme. You ever think that maybe, just maybe, Ultra wrote some code to do this? Yes, it might have concievably failed in a way that seems to have left

Re: Worst design decisions?

- Original Message - From: "E.B. Dreger" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, September 18, 2003 1:04 PM Subject: Re: Worst design decisions? > You have reminded me of Bay's config GUI. I shall have > nightmares tonight. Ah, the days wh

Re: .ORG problems this evening

On Thu, 18 Sep 2003, Todd Vierling wrote: > > On Thu, 18 Sep 2003, E.B. Dreger wrote: > > : TV> Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT) > : TV> From: Todd Vierling > : > : TV> DNS site A goes down, but its BGP advertisements are still in > : TV> effect. > : > : Or are they? > > I couldn't

Re: .ORG problems this evening

> TV> BGP doesn't know when a DNS server dies. Therein lies the > TV> findamental problem of using anycast as an application > TV> redundancy scheme. > > But it can and should. Again, seeing if the process is running > is easy; verifying correct functionality requires more work, but > definitel

videotron contact

If anyone from Videotron is around, please contact me off-list. Thanks. Todd Mitchell --

Re: Worst design decisions?

On Thu, 18 Sep 2003, E.B. Dreger wrote: > PEF> From: Peter E. Fry > PEF> Is that the best example you can come up with? Ever use any > PEF> Bay equipment...? > > You have reminded me of Bay's config GUI. I shall have > nightmares tonight. How about BCC? bcc#config ... wait ... -- Dominic

Re: Worst design decisions?

David Barak wrote: Personally my issues are console-cable related: is there a benefit to the HUGE variety of console pinouts used by the various hardware vendors? Just look at vendor C as an example [...] Makes me remember when representatives from mentioned vendor made funny looks when I

Re: .ORG problems this evening

TV> Date: Thu, 18 Sep 2003 12:52:29 -0400 (EDT) TV> From: Todd Vierling TV> I couldn't know for sure from some sites, but traceroutes TV> sure got there. That would imply that (at their end) the TV> advertisements were still up. Which would be an implementation flaw, not something inherently w

Re: .ORG problems this evening

TV> Date: Thu, 18 Sep 2003 13:01:18 -0400 (EDT) TV> From: Todd Vierling TV> BGP doesn't know when a DNS server dies. Therein lies the TV> findamental problem of using anycast as an application TV> redundancy scheme. But it can and should. Again, seeing if the process is running is easy; verif

Re: Worst design decisions?

PEF> Date: Thu, 18 Sep 2003 11:02:08 -0500 PEF> From: Peter E. Fry PEF> Is that the best example you can come up with? Ever use any PEF> Bay equipment...? You have reminded me of Bay's config GUI. I shall have nightmares tonight. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division

Re: .ORG problems this evening

On Thu, 18 Sep 2003, E.B. Dreger wrote: : TV> Anycasting only works as a redundancy scheme when you have a : TV> mesh of *partially* overlapping BGP advertisements, so that a : TV> client has a guarantee that at least one address in the mix : TV> is located elsewhere from the rest. : : Don't be s

Re: ICANN - Formal Complaint re Verisign

On Thu, Sep 18, 2003 at 11:11:12AM -0500, Dominic J. Eidson wrote: > > On Thu, 18 Sep 2003, Marc MERLIN wrote: > > > On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: > > > And you can get SSL certs from alternative sources such as GeoTrust > > > http://www.geotrust.com/ > > > >

RE: ICANN - Formal Complaint re Verisign

On Thu, 18 Sep 2003, Matthew Zito wrote: > As someone who has dealt extensively with GeoTrust, I can assure you, they > are not owned by Verisign. They're a totally separate company that has the > old equifax root cert. Agreed. I used Equifax before they handed off to Geotrust. Both have done

Re: .ORG problems this evening

On Thu, 18 Sep 2003, E.B. Dreger wrote: : TV> Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT) : TV> From: Todd Vierling : : TV> DNS site A goes down, but its BGP advertisements are still in : TV> effect. : : Or are they? I couldn't know for sure from some sites, but traceroutes sure got there. That

New routeviews service available (Address/Prefix -> AS/ASPATH mappings)

All, In response to requests from many folks asking for prefix to AS mappings, routeviews is now providing 2 new services mapping and address or prefix to its origin AS and to its ASPath. These services are available via two zones: (i).asn.ro

Re: .ORG problems this evening

TV> Date: Thu, 18 Sep 2003 11:39:17 -0400 (EDT) TV> From: Todd Vierling TV> And guess what: neither of the two addresses supplied by TV> UltraDNS worked last night for some sites, because their TV> anycast configuration is not allowing DNS redundancy. It is TV> depending on every site somehow

Re: "Class A Data Center"

On Thu, 18 Sep 2003 12:08:43 EDT, Bob German <[EMAIL PROTECTED]> said: > Can anyone point me to a set of standards that define a "Class A Data > Center?" I'm not asking for requirements, but an actual pointer to > standards hammered out by an organization or governing body. "must have connectiv

Re: ICANN - Formal Complaint re Verisign

On Thu, 18 Sep 2003 09:59:27 MDT, John Neiberger <[EMAIL PROTECTED]> said: > If GeoTrust is Verisign, why do they make a big deal out of competing > with Verisign? And Chevy competes with Pontiac and Buick. Your point? pgp0.pgp Description: PGP signature

Re: .ORG problems this evening

TV> Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT) TV> From: Todd Vierling TV> DNS site A goes down, but its BGP advertisements are still in TV> effect. Or are they? Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Pho

Re: Worst design decisions? (Cisco 4x00 rails)

My vote goes to the EMI gasket Cisco's BPX 8600 cards. The gasket was tacky enough to maintain a nice seal between cards ... enough to remove one or two adjacent cards when you pulled the card out. Special runner up nominee is whatever do-gooder decided it was a good idea to have a cell phone bee

"Class A Data Center"

Can anyone point me to a set of standards that define a "Class A Data Center?" I'm not asking for requirements, but an actual pointer to standards hammered out by an organization or governing body. Thanks.

Re: ICANN - Formal Complaint re Verisign

On Thu, 18 Sep 2003, Marc MERLIN wrote: > On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: > > And you can get SSL certs from alternative sources such as GeoTrust > > http://www.geotrust.com/ > > Bzzz, geotrust is Verisign > > http://www.google.com/search?sourceid=mozclient&ie=u

RE: ICANN - Formal Complaint re Verisign

As someone who has dealt extensively with GeoTrust, I can assure you, they are not owned by Verisign. They're a totally separate company that has the old equifax root cert. Thanks, Matt -- Matthew Zito GridApp Systems Email: [EMAIL PROTECTED] Cell: 646-220-3551 Phone: 212-358-8211 x 359 http:

Re: ICANN - Formal Complaint re Verisign

Once upon a time, Marc MERLIN <[EMAIL PROTECTED]> said: > On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: > > And you can get SSL certs from alternative sources such as GeoTrust > > http://www.geotrust.com/ > > Bzzz, geotrust is Verisign > > http://www.google.com/search?source

Re: .ORG problems this evening

Speaking on Deep Background, the Press Secretary whispered: > > : I think you'll find most people on the list would disagree with you > : on this point. Many ISP's run anycast for customer facing DNS > : servers, and I'll bet if you ask the first reason why isn't because > : they provide faster

Re: Worst design decisions?

David Barak wrote: > Personally my issues are console-cable related: is > there a benefit to the HUGE variety of console pinouts > used by the various hardware vendors? Just look at > vendor C as an example [...] Is that the best example you can come up with? Ever use any Bay equipment...?

Re: Worst design decisions?

On Thu, 18 Sep 2003 09:53:38 -0400 "Daryl G. Jurbala" <[EMAIL PROTECTED]> wrote: > * And how about this: Cisco: PICK A BUSINESS END ON YOUR SMALL OFFICE > ROUTING EQUIPMENT. Most of my less clued customer like to "help out" > and rack the equipment ahead of time. And it always gets done pretty

Re: ICANN - Formal Complaint re Verisign

Marc MERLIN <[EMAIL PROTECTED]> 9/18/03 9:27:11 AM >>> > >On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: >> And you can get SSL certs from alternative sources such as GeoTrust >> http://www.geotrust.com/ > >Bzzz, geotrust is Verisign > >http://www.google.com/search?sourc

Re: ICANN - Formal Complaint re Verisign

Speaking on Deep Background, the Press Secretary whispered: > > > On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: > > And you can get SSL certs from alternative sources such as GeoTrust > > http://www.geotrust.com/ > > Bzzz, geotrust is Verisign And braindead. Go to that add

Re: Virus uptick?

At 10:08 AM 18/09/2003, David Lesher wrote: I'm suddenly getting 3-4x the "M$ patch" and "bounced mail" virus attacks as compared to 2-3 days ago. This virus seems to depart from the standard "Click on mine patches pleases" type text. Instead, it has quite an elaborate message complete with in

Re: IP issues with .com/.net change?

On Wed, 17 Sep 2003, Alex Kamantauskas wrote: > Not really operational content, but I was wondering if there was an > intellectual property issue with the Verisign .com/.net redirect? > > For instance, brings you to a > Verisign search engine. > > Or, ev

Re: Worst design decisions?

On Thu, 18 Sep 2003, John Palmer wrote: : > ...and combine that with the RJ45 connecters that have a rubber hood over : > the release. Gr! : Thats to prevent it from being disconnected accidentally : (or for any other reason :->) Actually, the original intent of those hoods was to snagproof

Re: ICANN - Formal Complaint re Verisign

On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: > And you can get SSL certs from alternative sources such as GeoTrust > http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclient&ie=utf-8&oe=utf-8&q=Thawte+was+b ought+by+Verisign Marc

  1   2   >