Re: Security of DNSBL spam block systems
On Tue, Jul 23, 2002 at 10:20:58PM +0200, Brad Knowles wrote: At 2:29 AM -0400 2002/07/23, Phil Rosenthal wrote: IMHO Even the really large DNSBL's are barely used -- I think (much) less than 5% of total human mail recipients are behind a mailserver that uses one... Not true. There are plenty of large sites that use them (e.g., AOL), and many sites use them to help ensure that they themselves don't get added to the black lists. Is true.. those large sites still account for an infinitely small percentage of the net. IMO, there is a serious risk of having DNSBL servers attacked and used as a DoS. Yes, there is a risk but the exposure is negligble if it does occur. I'm all for anti-spam measures but unless they're universally adopted and the world governments start putting spammers out of business, these anti-spam blacklists are more of an annoyance operated by a radical fringe of the net. I get 500-600 pieces of spam a day, and there is nothing I can do about it. This topic has also been discussed to death before, the potential for a DoS atatck is patently obvious to everyone. [snipped] (I also trimmed the Cc list) msg03977/pgp0.pgp Description: PGP signature
packet loss source
Thanks to those who suggested improper duplex negotiation between the 2621 and the 2900. Although show int on the 2621 (running 12.0.7T) indicates full-duplex, sh controller indicates BCR9 =0x (half-duplex). Ralph Doncaster principal, IStop.com
Cisco questions
A couple people pointed out cisco-nsp would be more appropriate for questions like the one I posted about packet loss. http://puck.nether.net/lists/ Ralph Doncaster principal, IStop.com
Re: PSINet/Cogent Latency
Actually RRDTool interpolates any late replys to the nearest specified collection timepoint (e.g., every 5th minute.) It doesn't really resample. Joe Matt ZimmermanTo: [EMAIL PROTECTED] mdz cc: @csh.rit.eduSubject: Re: PSINet/Cogent Latency Sent by: owner-nanog 07/23/2002 09:46 AM On Mon, Jul 22, 2002 at 10:50:03PM -0700, Doug Clements wrote: I think the problem with using rrdtool for billing purposes as described is that data can (and does) get lost. If your poller is a few cycles late, the burstable bandwidth measured goes up when the poller catches up to the interface counters. More bursting is bad for %ile (or good if you're selling it), and the customer won't like the fact that they're getting charged for artifically high measurements. RRDtool takes into account the time at which the sample was collected, and if it does not exactly match the expected sampling period, it is resampled on the fly. See: http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/tutorial/rrdtutorial.html under Data Resampling for more information. RRDtool has some quirks when used for billing purposes, but it is not guilty of the error that you describe. -- - mdz
Re: PSINet/Cogent Latency
On Wed, Jul 24, 2002 at 10:55:43AM -0400, Joe Loiacono wrote: Actually RRDTool interpolates any late replys to the nearest specified collection timepoint (e.g., every 5th minute.) It doesn't really resample. That particular document seems to refer to it as resampling, but yes, interpolation would be more correct. -- - mdz
PASSIVE [D]WDM... Like, Cisco 15216.
We're looking to get glass between three buildings, and looking closely at the 15216 (passive WDM, ie, a prism). A couple of rambling questions, that perhaps folks here have experience with. First, has anyone had experience with ITU Grid Optic GBICs? Do they even exist? Second, does anyone know of a 'back-box' that will take standard 1310 or 1550 nm signal, and 'convert' it to an ITU grid? Any pointers, help, or a kick in arse would be appreciated. -- Alex Rubenstein, AR97, K2AHR, [EMAIL PROTECTED], latency, Al Reuben -- --Net Access Corporation, 800-NET-ME-36, http://www.nac.net --
Re: effects of NYC power outage
[NANOG has been bouncing my attempts to reply to this thread for several days, possibly because I quoted the word u n st a b l e early on, apparently triggering the un subs cribe filter for words that start with uns and contain a b.. If your posts to NANOG have been silently bounced in the past, and your network's operational issues lead you to start your posts with words like uns tab le or uns ol vable or uns uit able or u nsp eak able, wonder no more. ] At any rate, about two days ago Senthil wrote: BGP was more [un st a ble] during code red propagation(http://www.renesys.com/projects/bgp_instability/.) A quick peek into both the graphs will make one thing clear: *BGP is robust enough to withstand any extreme congestion.* Anyone interested in this might also like to look at our report titled Internet Routing Behavior on 9/11 and in the Following Weeks. http://www.renesys.com/projects/reports/renesys-030502-NRC-911.pdf Note in particular the minute-by-minute changes in routing table size around critical events on pages 9 through 11. Fine time granularity is important to avoid missing all the interesting features. --jim
Juniper security appnote + martians
Gents, I thought I would pose the martians question here as well... I'm trying to find out additional information on the reasoning behind adding these martians to the Juniper's security appnote found on their website: Prefix Description 19.255.0.0/16 Ford Motor Company 129.156.0.0/16 Sun Microsystems 192.5.0.0/24no match 192.9.200.0/24 no match 192.9.99.0/24 Sun Microsystems I don't see a single reference to these in Cisco's IOS Essentials www.cisco.com/public/cons/isp/documents/IOSEssentialsPDF.zip , Bill Manning's draft, www.ietf.org/internet-drafts/draft-manning-dsua-08.txt or Rob T's Bogon List. www.cymru.com/Documents/bogon-list.html I base my bogon filtering for the JUNOS Secure Template and JUNOS Secure BGP Template at www.qorbit.net/documents/junos-template.pdf www.qorbit.net/documents/junos-bgp-template.pdf www.qorbit.net/documents/junos-bgp-appnote.pdf on Rob's list. What are your thoughts on filtering the above prefixes? Are some of these worthy of being added to the master bogon list? Now, on to some of Juniper default martians: 128.0.0.0/16 191.255.0.0/16 192.0.0.0/24 223.255.255.0/24 These prefixes seem to be based on www.ietf.org/internet-drafts/draft-iana-special-ipv4-03.txt. I'm curious what the reasoning is behind selecting these prefixes only. Also, given that these may be allocated in the future (per the draft) what are your thoughts on having these in Juniper's default config? Perhaps these would be good additions to a dynamic (up-to-date) bogon list instead of a static placement in JUNOS even though they can be overridden if necessary. Thoughts? -- steve
Re: Juniper security appnote + martians
Now, on to some of Juniper default martians: 128.0.0.0/16 191.255.0.0/16 192.0.0.0/24 223.255.255.0/24 These prefixes seem to be based on www.ietf.org/internet-drafts/draft-iana-special-ipv4-03.txt. I'm curious what the reasoning is behind selecting these prefixes only. Also, given that these may be allocated in the future (per the draft) what are your thoughts on having these in Juniper's default config? Perhaps these would be good additions to a dynamic (up-to-date) bogon list instead of a static placement in JUNOS even though they can be overridden if necessary. Thoughts? -- steve These nets were the boundary networks that defined classful delegations. To round it out properly, one should include the following: 0.255.255.0/24 126.0.0.0/24 127.255.255.0/24 ... and the top end of the D space with the advent of classless addressing (circa 1997) these martian spaces are vestigal. They can be assigned although it is unlikely that they will be placed into active use until there is much more of the v4 space delegated. The IANA draft is retro by including them as special. They aren't these days. --bill
Re: Juniper security appnote + martians
Gents, I thought I would pose the martians question here as well... I'm trying to find out additional information on the reasoning behind adding these martians to the Juniper's security appnote found on their website: PrefixDescription 19.255.0.0/16 Ford Motor Company 129.156.0.0/16Sun Microsystems 192.5.0.0/24 no match 192.9.200.0/24no match 192.9.99.0/24 Sun Microsystems A number of these prefixes were used in early documentation and as such were widely deployed by early adopters of IP. In the bad old days a large number of sites stood up IP networks in isolation, only interconecting -after- inital rollout was done. Consider it as an early empirical trials with RFC 1918 space :) Based on the confusion, 192.0.2.0/24 was earmarked for use in documentation... :) I know of no good reason why Juniper continues to flag these legacy blocks. --bill
Draft of Rep. Berman's bill authorizes anti-P2P hacking
Thought this would be considered on-topic as guess who would have to clean up the resulting messes... Regards Marshall Eubanks - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - From: Declan McCullagh [EMAIL PROTECTED] Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking To: [EMAIL PROTECTED] Date: Tue, 23 Jul 2002 20:29:35 -0400 X-URL: http://www.mccullagh.org/ X-URL: Politech is at http://www.politechbot.com/ http://news.com.com/2100-1023-945923.html?tag=politech Could Hollywood hack your PC? By Declan McCullagh July 23, 2002, 4:45 PM PT WASHINGTON--Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading. A draft bill seen by CNET News.com marks the boldest political effort to date by record labels and movie studios to disrupt peer-to-peer networks that they view as an increasingly dire threat to their bottom line. Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., the measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a reasonable basis to believe that piracy is taking place. Berman and Coble plan to introduce the 10-page bill this week. The legislation would immunize groups such as the Motion Picture Association of America and the Recording Industry Association of America from all state and federal laws if they disable, block or otherwise impair a publicly accessible peer-to-peer network. Anyone whose computer was damaged in the process must receive the permission of the U.S. attorney general before filing a lawsuit, and a suit could be filed only if the actual monetary loss was more than $250. According to the draft, the attorney general must be given complete details about the specific technologies the copyright holder intends to use to impair the normal operation of the peer-to-peer network. Those details would remain secret and would not be divulged to the public. The draft bill doesn't specify what techniques, such as viruses, worms, denial-of-service attacks, or domain name hijacking, would be permissible. It does say that a copyright-hacker should not delete files, but it limits the right of anyone subject to an intrusion to sue if files are accidentally erased. [...] - POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ - Like Politech? Make a donation here: http://www.politechbot.com/donate/ - - End forwarded message - -- Regards Marshall Eubanks T.M. Eubanks Multicast Technologies, Inc 10301 Democracy Lane, Suite 410 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : [EMAIL PROTECTED] http://www.multicasttech.com Test your network for multicast : http://www.multicasttech.com/mt/ Status of Multicast on the Web : http://www.multicasttech.com/status/index.html
RE: Juniper security appnote + martians
So as not to cause confusion, the complete current JUNOS martian list is: 0.0.0.0/8 127.0.0.0/8 128.0.0.0/16 191.255.0.0/16 192.0.0.0/24 223.255.255.0/24 240.0.0.0/4 My questions were on a select portion of these, and a portion of the ones listed in the security appnote on their website. Cheers, -- steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 24, 2002 10:53 AM To: Stephen Gill Cc: [EMAIL PROTECTED] Subject: Re: Juniper security appnote + martians Now, on to some of Juniper default martians: 128.0.0.0/16 191.255.0.0/16 192.0.0.0/24 223.255.255.0/24 These prefixes seem to be based on www.ietf.org/internet-drafts/draft-iana-special-ipv4-03.txt. I'm curious what the reasoning is behind selecting these prefixes only. Also, given that these may be allocated in the future (per the draft) what are your thoughts on having these in Juniper's default config? Perhaps these would be good additions to a dynamic (up-to-date) bogon list instead of a static placement in JUNOS even though they can be overridden if necessary. Thoughts? -- steve These nets were the boundary networks that defined classful delegations. To round it out properly, one should include the following: 0.255.255.0/24 126.0.0.0/24 127.255.255.0/24 ... and the top end of the D space with the advent of classless addressing (circa 1997) these martian spaces are vestigal. They can be assigned although it is unlikely that they will be placed into active use until there is much more of the v4 space delegated. The IANA draft is retro by including them as special. They aren't these days. --bill
Boston Qwest Issues?
Heya... Anyone know if something is up on Qwest's run from Boston to NYC today? Eric :)
RE: QoS/CoS in the real world?
Steve, Hope this info helps answer your questions about QoS, implementations and customers. Forwarded from a product person person in our org... Sorry I didn't see this note earlier, but wanted to make you aware that Masergy Communications is actually offering such a service on a native MPLS based IP network. We provide differentiated IP services via customer DSCP marking at the network edge. QoS is supported end to end through the Masergy core via promotion to the MPLS EXP marking. Masergy closely manages its network by service class. This allows each marking to have its own end-to-end SLA, customized to the type of customer traffic sent with each marking. Customers see the need for QoS in two broad categories: 1) Prioritizing business applications for performance reasons 2) Providing guaranteed performance to real-time IP applications such as IP voice and IP videoconferencing Some real examples: A Masergy customer does file backups overnight. When the backups continued into the next morning performance of daily business activities suffered. By lowering priority of the backup traffic, acceptable performance for both the backups and day users can be provided at a lower cost to the customer. Most of our customers have similar stories (the p2p example mentioned previously is another good one). An interesting application is that customers can mark all outbound traffic as priority--this is a simple config and requires little smarts on the part of the edge router. Any traffic that originates and terminates on the Masergy network is prioritized. All traffic from outside, non-business sites (i.e. surfing, p2p, radio etc.) gets best-effort treatment. Note that many of the applications that need priority are not high bandwidth--MS Exchange for example is a low BW app, but notoriously sensitive to network quality issues. QoS in the manner described above can enhance performance even for lower BW applications. Another customer application is video conferencing - specifically replacing current ISDN video architectures with IP equivalents. IP QoS and MPLS allow Masergy to engineer a class of service for voice and video that provides low jitter and 100% guaranteed throughput across our core. MPLS fast fail-over improves application performance in the case of a core network link or hardware failure. Without differentiated QoS, we would not be able to guarantee this level of performance. One of the major issues with properly utilizing QoS is giving the customer the ability to view and manage performance. Masergy customers use the Service Control Center - a secure, web-based interface for managing their service. It provides per QoS level and application statistics on network utilization and performance. Customers can change their access bandwidth and enable additional QoS capabilities in real time. http://www.masergy.com -- --- Jeff HancockP: 703-846-0161 Senior Engineer F: 703-846-0149 Masergy Communications, Inc.C: 2901 Telstar, Ct. E: mailto:[EMAIL PROTECTED] Falls Church, VA, 22042 W: http://www.masergy.com --- -Original Message- From: Stephen J. Wilcox [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 18, 2002 5:26 PM To: John Evans Cc: [EMAIL PROTECTED] Subject: RE: QoS/CoS in the real world? On Thu, 18 Jul 2002, John Evans wrote: I realise this is a US-centric list, however, a significant number of providers in Europe have deployed Diffserv as a means of supporting (and selling) differential SLAs. Of these, some have deployed Diffsev at the edge and some both the edge and core. See Clarence Filsfils presentation at NANOG 25 for a description of typical core deployments. 2. Hype aside, to what extent do customers actually want this Surely end customers want a service with SLAs that will support their applications, and at low cost? It then becomes a provider cost consideration as to whether these SLA assurances can most competitively satisfied with mechanisms such as Diffserv or without. I have to say that the majority of users barely understand how their outlook client works let alone the difference between applications. I'm starting to think theres no demand for these services other than that which the hype says is there. THis is in line with what people said about using qos behind the scenes but customers dont know.. kind of what I thought to begin with STeve I conclude either the people doing this are successful and keep their secret safe or the world is yet to sell largescale QoS across IP. or perhaps they are just
Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking
Would malicious actions on the part of copyright holders violate the AUP of most networks? Or are service providers more willing to tolerate denial of service attacks by large corporations than say, spam? If this legislation is passed, they certainly will earn Null0 on mine. Regards, James Thomason On Wed, 24 Jul 2002, Marshall Eubanks wrote: Thought this would be considered on-topic as guess who would have to clean up the resulting messes... Regards Marshall Eubanks - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - From: Declan McCullagh [EMAIL PROTECTED] Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking To: [EMAIL PROTECTED] Date: Tue, 23 Jul 2002 20:29:35 -0400 X-URL: http://www.mccullagh.org/ X-URL: Politech is at http://www.politechbot.com/ http://news.com.com/2100-1023-945923.html?tag=politech Could Hollywood hack your PC? By Declan McCullagh July 23, 2002, 4:45 PM PT WASHINGTON--Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading. A draft bill seen by CNET News.com marks the boldest political effort to date by record labels and movie studios to disrupt peer-to-peer networks that they view as an increasingly dire threat to their bottom line. Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., the measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a reasonable basis to believe that piracy is taking place. Berman and Coble plan to introduce the 10-page bill this week. The legislation would immunize groups such as the Motion Picture Association of America and the Recording Industry Association of America from all state and federal laws if they disable, block or otherwise impair a publicly accessible peer-to-peer network. Anyone whose computer was damaged in the process must receive the permission of the U.S. attorney general before filing a lawsuit, and a suit could be filed only if the actual monetary loss was more than $250. According to the draft, the attorney general must be given complete details about the specific technologies the copyright holder intends to use to impair the normal operation of the peer-to-peer network. Those details would remain secret and would not be divulged to the public. The draft bill doesn't specify what techniques, such as viruses, worms, denial-of-service attacks, or domain name hijacking, would be permissible. It does say that a copyright-hacker should not delete files, but it limits the right of anyone subject to an intrusion to sue if files are accidentally erased. [...] - POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ - Like Politech? Make a donation here: http://www.politechbot.com/donate/ - - End forwarded message - -- Regards Marshall Eubanks T.M. Eubanks Multicast Technologies, Inc 10301 Democracy Lane, Suite 410 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : [EMAIL PROTECTED] http://www.multicasttech.com Test your network for multicast : http://www.multicasttech.com/mt/ Status of Multicast on the Web : http://www.multicasttech.com/status/index.html
RE: Draft of Rep. Berman's bill authorizes anti-P2P hacking
I second that. If I see any of my clients having any sort of malicious activity directed at them, then there is no chance of me allowing their traffic through. I would be more than happy to send all their traffic to packet hell. Large corporations do not get any special consideration if it comes down to the stability of my network vs. receiving their traffic. Derek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of James Thomason Sent: Wednesday, July 24, 2002 2:10 PM To: Marshall Eubanks Cc: [EMAIL PROTECTED] Subject: Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking Would malicious actions on the part of copyright holders violate the AUP of most networks? Or are service providers more willing to tolerate denial of service attacks by large corporations than say, spam? If this legislation is passed, they certainly will earn Null0 on mine. Regards, James Thomason On Wed, 24 Jul 2002, Marshall Eubanks wrote: Thought this would be considered on-topic as guess who would have to clean up the resulting messes... Regards Marshall Eubanks - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - From: Declan McCullagh [EMAIL PROTECTED] Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking To: [EMAIL PROTECTED] Date: Tue, 23 Jul 2002 20:29:35 -0400 X-URL: http://www.mccullagh.org/ X-URL: Politech is at http://www.politechbot.com/ http://news.com.com/2100-1023-945923.html?tag=politech Could Hollywood hack your PC? By Declan McCullagh July 23, 2002, 4:45 PM PT WASHINGTON--Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading. A draft bill seen by CNET News.com marks the boldest political effort to date by record labels and movie studios to disrupt peer-to-peer networks that they view as an increasingly dire threat to their bottom line. Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., the measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a reasonable basis to believe that piracy is taking place. Berman and Coble plan to introduce the 10-page bill this week. The legislation would immunize groups such as the Motion Picture Association of America and the Recording Industry Association of America from all state and federal laws if they disable, block or otherwise impair a publicly accessible peer-to-peer network. Anyone whose computer was damaged in the process must receive the permission of the U.S. attorney general before filing a lawsuit, and a suit could be filed only if the actual monetary loss was more than $250. According to the draft, the attorney general must be given complete details about the specific technologies the copyright holder intends to use to impair the normal operation of the peer-to-peer network. Those details would remain secret and would not be divulged to the public. The draft bill doesn't specify what techniques, such as viruses, worms, denial-of-service attacks, or domain name hijacking, would be permissible. It does say that a copyright-hacker should not delete files, but it limits the right of anyone subject to an intrusion to sue if files are accidentally erased. [...] - POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ - Like Politech? Make a donation here: http://www.politechbot.com/donate/ - - End forwarded message - -- Regards Marshall Eubanks T.M. Eubanks Multicast Technologies, Inc 10301 Democracy Lane, Suite 410 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : [EMAIL PROTECTED] http://www.multicasttech.com Test your network for multicast : http://www.multicasttech.com/mt/ Status of Multicast on the Web : http://www.multicasttech.com/status/index.html
Re: Sunspot Activity Radio Blackouts
--On Tuesday, July 23, 2002 10:11 PM -0700 Andy Ellifson [EMAIL PROTECTED] wrote: ( CORRECTED ) MAJOR SUNSPOT ACTITVITY I passed this on to a neighbor for comment wrt 802.11b. His response appears below: These blackouts generally affect communications in the HF (high frequency) range. This means that frequencies below about 30-40Mhz will be affected. The reason is that the F layers of the ionosphere are used to skip signals for long distance communications. The solar storms cause massive disturbances in the ionosphere which cause this skip effect to shut down. It is actually impressive to listen to by virtue of the total absence of normal noise, or any other signal, on these bands of frequencies. These frequencies are used, on occasion, for extremely low speed commercial/military digital communications (110 baud). This should have no effect on us. The R3 classification will shut down HF radio communications for a bit, but the G2 geomagnetic classification is not too bad and should not affect the power grids. Severe geomagnetic storms can shift the magnetic poles by many degrees. There are many places to get more information about sunspots. Being an amateur radio operator who likes HF communications, I have a bit of an interest in the topic. The most succinct monitoring and information site I have found is run by a group of short wave listeners in the Netherlands: http://www.dxlc.com/solar/ Many of the measurements used are taken in Boulder (Boulder K index). Nasa usually has some great photos of the big CMEs/Flares
RE: Draft of Rep. Berman's bill authorizes anti-P2P hacking
Agreed here. Has this even got a bill number yet? On Wed, 2002-07-24 at 13:15, Derek Samford wrote: I second that. If I see any of my clients having any sort of malicious activity directed at them, then there is no chance of me allowing their traffic through. I would be more than happy to send all their traffic to packet hell. Large corporations do not get any special consideration if it comes down to the stability of my network vs. receiving their traffic. Derek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of James Thomason Sent: Wednesday, July 24, 2002 2:10 PM To: Marshall Eubanks Cc: [EMAIL PROTECTED] Subject: Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking Would malicious actions on the part of copyright holders violate the AUP of most networks? Or are service providers more willing to tolerate denial of service attacks by large corporations than say, spam? If this legislation is passed, they certainly will earn Null0 on mine. Regards, James Thomason On Wed, 24 Jul 2002, Marshall Eubanks wrote: Thought this would be considered on-topic as guess who would have to clean up the resulting messes... Regards Marshall Eubanks - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - From: Declan McCullagh [EMAIL PROTECTED] Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking To: [EMAIL PROTECTED] Date: Tue, 23 Jul 2002 20:29:35 -0400 X-URL: http://www.mccullagh.org/ X-URL: Politech is at http://www.politechbot.com/ http://news.com.com/2100-1023-945923.html?tag=politech Could Hollywood hack your PC? By Declan McCullagh July 23, 2002, 4:45 PM PT WASHINGTON--Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading. A draft bill seen by CNET News.com marks the boldest political effort to date by record labels and movie studios to disrupt peer-to-peer networks that they view as an increasingly dire threat to their bottom line. Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., the measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a reasonable basis to believe that piracy is taking place. Berman and Coble plan to introduce the 10-page bill this week. The legislation would immunize groups such as the Motion Picture Association of America and the Recording Industry Association of America from all state and federal laws if they disable, block or otherwise impair a publicly accessible peer-to-peer network. Anyone whose computer was damaged in the process must receive the permission of the U.S. attorney general before filing a lawsuit, and a suit could be filed only if the actual monetary loss was more than $250. According to the draft, the attorney general must be given complete details about the specific technologies the copyright holder intends to use to impair the normal operation of the peer-to-peer network. Those details would remain secret and would not be divulged to the public. The draft bill doesn't specify what techniques, such as viruses, worms, denial-of-service attacks, or domain name hijacking, would be permissible. It does say that a copyright-hacker should not delete files, but it limits the right of anyone subject to an intrusion to sue if files are accidentally erased. [...] - POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ - Like Politech? Make a donation here: http://www.politechbot.com/donate/ - - End forwarded message - -- Regards Marshall Eubanks T.M. Eubanks Multicast Technologies, Inc 10301 Democracy Lane, Suite 410 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : [EMAIL PROTECTED] http://www.multicasttech.com Test your network for multicast : http://www.multicasttech.com/mt/ Status of Multicast on the Web : http://www.multicasttech.com/status/index.html -- Larry Rosenman http://www.lerctr.org/~ler
Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking
On 2002-07-24-14:10:00, James Thomason [EMAIL PROTECTED] wrote: If this legislation is passed, they certainly will earn Null0 on mine. Unless, of course, the RIAA, MPAA, and friends carry out their cracking through throw-away dial and DSL accounts, like they purportedly use now to troll for copyright offenders, and send automated nasty-grams to their upstream providers. Carrying out their cracking from a uniform netblock or AS, which we could all identify and filter, would be too easy. They're flagrant, but they're not stupid. -a
Re: IGP metrics on WAN links
Just curious as to what people are using for metrics in their IGP and what their reasons are; bandwidth? geographical distance? latency? We have a survey paper on techniques for setting IGP weights http://www.research.att.com/~jrex/papers/ieeecomm02.ps http://www.research.att.com/~jrex/papers/ieeecomm02.pdf and a longer version http://www.research.att.com/~jrex/papers/ieeecomm02.long.ps http://www.research.att.com/~jrex/papers/ieeecomm02.long.pdf that might be of interest. We discuss how to tune the IGP weights in a systematic, automated fashion based on measurement data (of topology and traffic) and an optimization algorithm, and show that good weights settings allow IGPs like OSPF and IS-IS to perform almost as well as optimal routing schemes that have complete flexibility in selecting paths for the traffic. -- Jen
Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking
On 7/24/02 11:31 AM, Adam Rothschild [EMAIL PROTECTED] wrote: On 2002-07-24-14:10:00, James Thomason [EMAIL PROTECTED] wrote: If this legislation is passed, they certainly will earn Null0 on mine. Unless, of course, the RIAA, MPAA, and friends carry out their cracking through throw-away dial and DSL accounts, like they purportedly use now to troll for copyright offenders, and send automated nasty-grams to their upstream providers. Carrying out their cracking from a uniform netblock or AS, which we could all identify and filter, would be too easy. They're flagrant, but they're not stupid. The Business Software Alliance appears to be using this technique to flush out people distributing their Members' software via Gnutella and others. I have received the obligatory nasty-gram advising me as the owner of an IP (not taking into account the IP has been allocated and then assigned to consecutive downstream providers) that I could be held liable for the actions of this particular user. Mike
RE: Draft of Rep. Berman's bill authorizes anti-P2P hacking
If it starts happening, just unplug whoever's doing it and treat them like a DDOSer...poof, you just lost your Internet connectivity. Something Sony or MCA would love to have happen...huh? Sorry, your'e causing malicious problems on the Internet, operational procedure requires us to disable your address block..click... What these slugs in Kongress don't realize, this will trigger a war, and one they can not win... Who are they going to give waivers to, to damage personal property next, the ACLU, the ADL, the eco-terrorists? the politically korrect? This is a war they can not hope to win, and all it will do is create chaos on the Internet, chaos that WE will bear the brunt of...like there isn't enough problems now? All this because the media leeches won't recognize they have been trumped by technology...pitu! At 14:15 7/24/02 -0400, you wrote: I second that. If I see any of my clients having any sort of malicious activity directed at them, then there is no chance of me allowing their traffic through. I would be more than happy to send all their traffic to packet hell. Large corporations do not get any special consideration if it comes down to the stability of my network vs. receiving their traffic. Derek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of James Thomason Sent: Wednesday, July 24, 2002 2:10 PM To: Marshall Eubanks Cc: [EMAIL PROTECTED] Subject: Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking Would malicious actions on the part of copyright holders violate the AUP of most networks? Or are service providers more willing to tolerate denial of service attacks by large corporations than say, spam? If this legislation is passed, they certainly will earn Null0 on mine. Regards, James Thomason On Wed, 24 Jul 2002, Marshall Eubanks wrote: Thought this would be considered on-topic as guess who would have to clean up the resulting messes... Regards Marshall Eubanks - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - From: Declan McCullagh [EMAIL PROTECTED] Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking To: [EMAIL PROTECTED] Date: Tue, 23 Jul 2002 20:29:35 -0400 X-URL: http://www.mccullagh.org/ X-URL: Politech is at http://www.politechbot.com/ http://news.com.com/2100-1023-945923.html?tag=politech Could Hollywood hack your PC? By Declan McCullagh July 23, 2002, 4:45 PM PT WASHINGTON--Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading. A draft bill seen by CNET News.com marks the boldest political effort to date by record labels and movie studios to disrupt peer-to-peer networks that they view as an increasingly dire threat to their bottom line. Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., the measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a reasonable basis to believe that piracy is taking place. Berman and Coble plan to introduce the 10-page bill this week. The legislation would immunize groups such as the Motion Picture Association of America and the Recording Industry Association of America from all state and federal laws if they disable, block or otherwise impair a publicly accessible peer-to-peer network. Anyone whose computer was damaged in the process must receive the permission of the U.S. attorney general before filing a lawsuit, and a suit could be filed only if the actual monetary loss was more than $250. According to the draft, the attorney general must be given complete details about the specific technologies the copyright holder intends to use to impair the normal operation of the peer-to-peer network. Those details would remain secret and would not be divulged to the public. The draft bill doesn't specify what techniques, such as viruses, worms, denial-of-service attacks, or domain name hijacking, would be permissible. It does say that a copyright-hacker should not delete files, but it limits the right of anyone subject to an intrusion to sue if files are accidentally erased. [...] - POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ - Like Politech? Make a donation here: http://www.politechbot.com/donate/
Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking
The BSA is even flexing it's muscles here in the GWN. http://www.istop.com/BSALetter.txt Although they seem to have lots of money for scanning services and lawyers, they expect ISPs to provide services (assisting them enforce their copyrights) for free. Ralph Doncaster principal, IStop.com
Re: Sunspot Activity Radio Blackouts
Also check http://www.maj.com/sun/ for current solar info...nice site.. There are many places to get more information about sunspots. Being an amateur radio operator who likes HF communications, I have a bit of an interest in the topic. The most succinct monitoring and information site I have found is run by a group of short wave listeners in the Netherlands: http://www.dxlc.com/solar/ Many of the measurements used are taken in Boulder (Boulder K index). Nasa usually has some great photos of the big CMEs/Flares
Re: Sunspot Activity Radio Blackouts
Does anyone know of work done (from a network operations point of view rather than from a solar science point of view) that correlates errors on the copper part of networks, and/or machines in datacenters, with sunspot activity? scott On Tue, 23 Jul 2002, Andy Ellifson wrote: : : For anyone that operates a wireless network or a : copper based network: : : : Official Space Weather Advisory issued by NOAA Space : Environment Center : Boulder, Colorado, USA : : SPACE WEATHER ADVISORY BULLETIN #02- 2 : 2002 July 23 at 12:00 p.m. MDT (2002 July 23 1800 UTC) : : ( CORRECTED ) MAJOR SUNSPOT ACTITVITY : : A major sunspot region has rotated onto the visible : face of the sun. : This region, designated as Region 39 by NOAA Space : Environment Center : forecasters, is believed to have been the source of : three large coronal : mass ejections on the far side of the sun beginning on : July 16. This : region will rotate across the visible side of the sun : over the next two : weeks and is expected to produce more solar activity. : : Since appearing on the visible side yesterday (July : 22) this region has : already produced a major flare at 6:35 pm Mountain : Daylight Time (MDT) : on July 22 (0035, July 23 UTC). Radio blackouts : reached category R3 : (Strong) on the NOAA space weather scales. In : response to the major : flare, a geomagnetic storm is possible and is expected : to begin between : 8:00 pm MDT on July 23 and 8 am MDT on July 24 (0200 - : 1400, July 24 : UTC). The geomagnetic storm may reach category G2 : (moderate) levels on : the NOAA space weather scales. : : Category R3 radio blackouts result in widespread HF : radio communication : outages on the dayside of the Earth and can also : degrade low frequency : navigation signals. Category G2 geomagnetic storms : can lead to minor : problems with electrical power systems, spacecraft : operations, : communications systems, and some navigational systems. : Aurora : Borealis / Australis (northern / southern lights) may : be seen down into : the mid latitudes (New York, Madison, Boise, : Vladivostok, Rome, : Tasmania, Wellington - NZ, Puerto Montt - Chile) : : Data used to provide space weather services are : contributed by NOAA, : USAF, NASA, NSF, USGS, the International Space : Environment Services : and other observatories, universities, and : institutions. For more : information, including email services, see SEC's Space : Weather : Advisories Web site http://sec.noaa.gov/advisories or : (303) 497-5127. : The NOAA Public Affairs contact is Barbara McGehan at : [EMAIL PROTECTED] or (303) 497-6288. : :
How secure should it be? (was RE: password stores?)
On Tue, 23 Jul 2002, Shawn Solomon wrote: One common solution is a hash based on the cpe site name or some other unique key provided by the cpe information (address, ph #, etc). Changing the hash occasionally provides new passwords, and it is all easily scripted.. Most burglar alarms in the US don't meet UL installation standards for burglar alarms. Although the box is usually UL listed, and when configured properly could meet UL installation standards, neither customers nor alarm companies feel the need. Other than banks and museums, it seems to be pretty rare. The most common variance is similar to the statement above, although not as sophisticated. Should we secure routers better, worse or the same as burglar alarms? While I agree there are settings which are insecure, its seems like we haven't figured out the optimum level of security yet. Which may be less than what the experts think.