Call for papers - Second Nordnog
(Apologies for eventual off-topic posting) The second Nordic Operator Conference, Nordnog-2, will be held 12-13/2 2003 at the Quality Globe Hotel in Stockholm, Sweden. For information on the hotel, please see http://www.globehotel.se/default_1.html. If you have something you want to present, please contact [EMAIL PROTECTED] To see the agenda, please look at http://www.nordnog.org. For registration please send email to [EMAIL PROTECTED] with the followoing information : First name: Last name: Company: Attending Day1: Attending Day2: Best regards, - kurtis -
Re: Call for papers - Second Nordnog
This was the call for papers - kurtis - On måndag, nov 11, 2002, at 16:10 Europe/Stockholm, Rasmus Aveskogh wrote: Unfortunately there's a 404 on http://www.nordnog.org/nordnog2/agenda.html -ra - Original Message - From: Kurt Erik Lindqvist [EMAIL PROTECTED] Date: Monday, November 11, 2002 12:06 pm Subject: Call for papers - Second Nordnog (Apologies for eventual off-topic posting) The second Nordic Operator Conference, Nordnog-2, will be held 12- 13/2 2003 at the Quality Globe Hotel in Stockholm, Sweden. For information on the hotel, please see http://www.globehotel.se/default_1.html. If you have something you want to present, please contact [EMAIL PROTECTED] To see the agenda, please look at http://www.nordnog.org. For registration please send email to [EMAIL PROTECTED] with the followoing information : First name: Last name: Company: Attending Day1: Attending Day2: Best regards, - kurtis -
Re: VeriSign Moves DNS Server To Boost Security
Thus spake Gil Cohen [EMAIL PROTECTED] In an effort to protect the Internet from future hacking attacks, VeriSign (Nasdaq: VRSN - news) has moved one of the Net's root servers to an undisclosed physical and virtual location. Maybe I'm missing something... J's virtual location aka IP address is now available from every DNS server in the world, not to mention the public announcement that VeriSign made to various lists. How is this undisclosed? S
Re: VeriSign Moves DNS Server To Boost Security
Stephen Sprunk wrote: Thus spake Gil Cohen [EMAIL PROTECTED] In an effort to protect the Internet from future hacking attacks, VeriSign (Nasdaq: VRSN - news) has moved one of the Net's root servers to an undisclosed physical and virtual location. Maybe I'm missing something... J's virtual location aka IP address is now available from every DNS server in the world, not to mention the public announcement that VeriSign made to various lists. How is this undisclosed? And how does it help anybody if a root server's address is made secret? Wouldn't an off-line backup be just as useful and cheaper to implement? -- David
RE: Could someone from Bell Nexxia contact me offlist
The Bell Nexxia looking glass is (I got this from traceroute.org): http://looking-glass.in.bellnexxia.net:8080/ Mind sharing the Nexxia looking glass URL? Thanks, Joel -Original Message- From: [EMAIL PROTECTED] [mailto:nanog;jamesstewartsmith.com] Sent: November 10, 2002 12:35 PM To: [EMAIL PROTECTED] Subject: Could someone from Bell Nexxia contact me offlist I'm having a routing issue where anyone on the Bell Nexxia network can't connect to my web server, but they can get to every other IP address on the same network. There seems to be something odd I found in a Bell Nexxia looking glass. Any help would be appreciated. -- James Smith CCNP Certified Sun Certified Systems Administrator for Solaris 8 -- James Smith CCNP Certified Sun Certified Systems Administrator for Solaris 8
telis
Just a note, telis has cleared their bogan filters on 69.x.x.x and it appears it was a couple weeks ago my fault:). THey also were very responsive with this so hats off to them. THanks again! Scott
huge power outage in sj
Just a note, about ten minutes ago a big jult went through our building at 35 S. Market and we lost power entirely. It looks like 55 S market is also with out power although I assume generators have kicked in. Cause is unknown yet but there is lots of fire and police activity near by so probably a substation or something blew up.
Re: huge power outage in sj
I have a couple of companies I work with reporting 55 South Market San Jose also lost AC power temporarily, but the generators are on and stable at this time. No word as to the cause from either of them. -george william herbert [EMAIL PROTECTED]
PCCW/CAIS as transit
Hi, Can someone give me a few impressions (offline) about PCCW/BtN (ex CAIS) as transit supplier. Thanks, Tim --- Be different. Think.
Re: huge power outage in sj
No effects here in South San Jose! Scott Granados wrote: Just a note, about ten minutes ago a big jult went through our building at 35 S. Market and we lost power entirely. It looks like 55 S market is also with out power although I assume generators have kicked in. Cause is unknown yet but there is lots of fire and police activity near by so probably a substation or something blew up.
Re: VeriSign Moves DNS Server To Boost Security
On Mon, 11 Nov 2002 09:39:25 CST, Stephen Sprunk [EMAIL PROTECTED] said: Maybe I'm missing something... J's virtual location aka IP address is now available from every DNS server in the world, not to mention the public announcement that VeriSign made to various lists. How is this undisclosed? You know that, and think it's silly. I know that, and think it's silly. But it keeps the CEOs from getting distracted from their management by buzzword path. Something Is Being Done, and It's All OK Now. msg06587/pgp0.pgp Description: PGP signature
Breaking Stuff by Fixing NAT
We have some dial-up-like customers behind a device doing the dreaded Network Address Translation (NAT). We are doing one-to-one NAT. Customers get PPP connections with 10/8 addresses. The NAT is done far down stream from our end of the point-to-point connnection at the border with our ISP. Do not ask me why it was done that way. The network engineers want to discontinue doing NAT. From our point of view, NAT doesn't provide any benefits (it did take a while to get it to sink in that it provides no security, and we do need to add some BGP complexity since before packets could get NATed at any egress point and find their way back). NAT only created continuous headaches. But there are still management reservations, the only reservation we do not have a good answer for is the (arbitrary) claim that turning off NAT may break stuff for customers who depend on it. Now we have customers that do some pretty messed up stuff, and everybody knows about various commercial apps that do really, really messed up stuff, but none of us can think of anything that turning NAT off will break. But perhaps all of our minds are just too cluttered with all of the weird stuff that turning off NAT will allow to _work._ Has anyone here been in a similar situation? Did turning off NAT break anything? Is anyone aware of or can think of anything that turning off NAT might break? (Ignore the fact any customers connected during the actual change may have service intrupted. I am only worried about something that doesn't work next time they dial-up after the change.) Thanks. -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/| [EMAIL PROTECTED]
Re: Breaking Stuff by Fixing NAT
Crist J. Clark wrote: But there are still management reservations, the only reservation we do not have a good answer for is the (arbitrary) claim that turning off NAT may break stuff for customers who depend on it. Now we have customers that do some pretty messed up stuff, and everybody knows about various commercial apps that do really, really messed up stuff, but none of us can think of anything that turning NAT off will break. But perhaps all of our minds are just too cluttered with all of the weird stuff that turning off NAT will allow to _work._ I have to admit a certain amount of amusement when I read this. In general you should be okay. The things that could break are likely those things that have IP addresses hardcoded. None of the following checks is any different than what you would do to renumber a network. So, check your access lists on your routers, check any UNIX configuration files, as well as any SSL certificates that were somehow gotten with 10/8 addresses. Also, if you do H.323, check your gateway configurations. Users that make use of personal firewalls may have some minor complications along these same lines, particularly if servers are changing addresses. The one change that you should be mindful of is this: if the company *was* relying in some way on security through obscurity, you may need to add a few additional protections, particularly if you want to prevent peer-to-peer access, such as Gnutella. Make sure that you have a real firewall in place, as you should have before ;-) Regards, Eliot
[no subject]
Hi, Can anyone please tell me the answer to the following question? How do ISPs manage the allocations they get from the RIRs? More specifically, do they make the assignments from this sequentially or not? Are multihoming assignments to customers amidst non-multihoming assignments? I ask this because /23s and /24s seem to be scattered over a wide area - they are not adjacent to each other. Harsha.
RE:
-Original Message- From: [EMAIL PROTECTED] [mailto:owner-nanog;merit.edu] On Behalf Of Harsha Narayan Sent: Monday, November 11, 2002 9:40 PM To: [EMAIL PROTECTED] Subject: How do ISPs manage the allocations they get from the RIRs? More specifically, do they make the assignments from this sequentially or not? Are multihoming assignments to customers amidst non-multihoming assignments? I ask this because /23s and /24s seem to be scattered over a wide area - they are not adjacent to each other. Single-homed customers migrating to multi-homed is one thing that would cause this. --Phil
Re: Breaking Stuff by Fixing NAT
On Mon, 11 Nov 2002 16:04:07 PST, Crist J. Clark [EMAIL PROTECTED] said: Has anyone here been in a similar situation? Did turning off NAT break anything? Is anyone aware of or can think of anything that turning off NAT might break? (Ignore the fact any customers connected during the If the users have been getting a static address in the 10/8 range, they may have it hardcoded someplace. If they've been getting their address/netmask/ DNS/etc via DHCP, then they'd already have discovered it breaks when they hardcode it since the next time they connect they'll be up a creek. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech msg06592/pgp0.pgp Description: PGP signature
