RE: ENUM/E.164 books
I've put some ENUM resources on http://www.itprc.com/tcp_ip.htm Irwin -Original Message- From: Pete Kruckenberg [mailto:[EMAIL PROTECTED] Sent: Saturday, February 22, 2003 11:08 PM To: [EMAIL PROTECTED] Subject: ENUM/E.164 books Anyone have recommendations on good books (or similar resources) on ENUM/E.164 for education, planning, design, implementation and/or operation? Pete.
RE: Symantec detected Slammer worm hours before
Apologies if this is old news. It's from Thursday, but I didn't see it until today. Symantec comes clean Somewhat: http://www.theregister.co.uk/content/56/29406.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sean Donelan Sent: Thursday, February 13, 2003 12:00 PM To: [EMAIL PROTECTED] Subject: Symantec detected Slammer worm hours before Wow, Symantec is making an amazing claim. They were able to detect the slammer worm hours before. Did anyone receive early alerts from Symantec about the SQL slammer worm hours earlier? Academics have estimated the worm spread world-wide, and reached its maximum scanning rate in less than 10 minutes. I assume Symantec has some data to back up their claim. http://enterprisesecurity.symantec.com/content.cfm?articleid=1985EID=0 For example, the DeepSight Threat Management System discovered the Slammer worm hours before it began rapidly propagating. Symantec's DeepSight Threat Management System then delivered timely alerts and procedures, enabling administrators to protect against the attack before their environment was compromised.
Re: 223.255.255.0/24
I can imagine there is some reason why this was originally reserved thats probably not valid any more.. It definately is not valid unless someone is living in the stone ages. The network corresponds to the numerically highest Class C network, and is reserved for a potential future classful special purpose (as is 128.0.0.0/16, 191.255.0.0/16, and 192.0.0.0/24). Similar actual special usage is 0.0.0.0/8 and 127.0.0.0/8. So, it relies upon the assumption that there are still pre-cidr systems out there, and that a special-usage /24 would be needed in the future. While I can see some Classful gear still being out there, I doubt any new special-purpose blocks will be needed, and if they are, they will likely just be pulled out from somewhere in the middle. However seems like a lot of effort to change documents and policies for a single /24 ! I could go either way. I highly doubt we really need to preserve the reserved status, but if it ceases to be reserved, someone really needs to explicitly state that. So far, I've received no response from IANA or APNIC on the subject. Steve
Re: 223.255.255.0/24
On Sun, 23 Feb 2003 [EMAIL PROTECTED] wrote: So far, I've received no response from IANA or APNIC on the subject. http://www.apnic.net/mailing-lists/apops/archive/2003/02/msg9.html -- Simon Lyall.| Newsmaster | Work: [EMAIL PROTECTED] Senior Network/System Admin | Postmaster | Home: [EMAIL PROTECTED] Ihug Ltd, Auckland, NZ | Asst Doorman | Web: http://www.darkmere.gen.nz
Re: 223.255.255.0/24
hi Simon, In light of the discussions on this list and subsequent to the posting referenced below, use of this network has been added to the agenda of the Address Policy SIG as an AOB discussion item by the community. http://www.apnic.net/meetings/15/sigs/policy/index.html The Address Policy SIG is part of the 15th APNIC Open Policy Meeting which is taking place in Taiwan this week in conjunction with APRICOT. See: http://www.apnic.net/meetings/index.html The session will be multicast - multicast info will be on the website later today. The outcome of the discussions at the Address Policy SIG will be posted to this list. regards, Anne _ Anne Lord, Manager, Policy Liaison [EMAIL PROTECTED] Asia Pacific Network Information Centre phone: +61 7 3858 3100 http://www.apnic.netfax: +61 7 3858 3199 _ On Mon, 24 Feb 2003, Simon Lyall wrote: On Sun, 23 Feb 2003 [EMAIL PROTECTED] wrote: So far, I've received no response from IANA or APNIC on the subject. http://www.apnic.net/mailing-lists/apops/archive/2003/02/msg9.html
Re: 223.255.255.0/24
The outcome of the discussions at the Address Policy SIG will be posted to this list. where, one hopes, discussion will continue, yes? randy
Re: 223.255.255.0/24
The outcome of the discussions at the Address Policy SIG will be posted to this list. where, one hopes, discussion will continue, yes? randy why would an APNIC/AP region specific issue need to be discussed on the NANOG list and not the RIPE/AFNOG/et.al. regional ops lists? This is a prefix delegated to the APregion and so they should be the ones who set the policies for the prefixes they are responsible for. I appreciate their willingness to share the outcome of their deliberations, but why NAites have any special say in AP policies is a bit beyond me. --bill
untied
could someone else please check the dns for www.united.com? the servers for united.com seem to delegate www.united.com, but the delegatee seems not to return an soa. i get very confusing results. randy, feeling stoopid
Re: untied
[EMAIL PROTECTED] host -a www.united.com Trying null domain Trying domain isprime.com rcode = 3 (Non-existent domain), ancount=0 Trying null domain Host not found, try again. Sincerely, Scott Kupferschmidt ISPrime, Inc. 866.502.4678 ext. 3 AIM: Scott ISPrime - ICQ: 174337249 On Mon, 24 Feb 2003, Randy Bush wrote: could someone else please check the dns for www.united.com? the servers for united.com seem to delegate www.united.com, but the delegatee seems not to return an soa. i get very confusing results. randy, feeling stoopid
Re: 223.255.255.0/24
On Sun, 23 Feb 2003 [EMAIL PROTECTED] wrote: why would an APNIC/AP region specific issue need to be discussed on the NANOG list and not the RIPE/AFNOG/et.al. regional ops lists? This is a prefix delegated to the APregion and so they should be the ones who set the policies for the prefixes they are responsible for. I appreciate their willingness to share the outcome of their deliberations, but why NAites have any special say in AP policies is a bit beyond me. The question is really whether IANA properly implemented the relevant RFC's by delagating a block containing a reserved special use address to a registry without maintaining the previous reservations on those addresses. Its not up to APNIC how to handle the reserved special use addresses, just like the other special use addresses in ARIN's space are really outside of ARIN's scope. ARIN can't re-assign special use addresses in its space for other purposes. Nor should APNIC or RIPE or LANIC or any other registry which is assigned a /8 block containing special use addresses. Its not APNIC bashing. If the ARIN board got to gether and decided to assign 128.0.0.0/16 I think folks would be raising questions about ARIN. IANA should have properly excluded the IANA reserved special use block from the delegation to APNIC, just like the other reserved special use blocks are reserved from ARIN's use.
Re: untied
btw, when querying bind9 and requesting 'any www.united.com', i get servfail, but when requesting 'A www.united.com', i do get a response. that is the reaction to their misconfiguration. i am in a dual-stack universe over here (iij/tokyo). so the browser, looking for an A or , probably issues a query for ANY. united's dns is sorely broken. anyone know how to get their attention. i can't email to [EMAIL PROTECTED] for the same reason. randy
Re: untied
On Mon, Feb 24, 2003 at 02:03:30PM +0900, Randy Bush wrote: could someone else please check the dns for www.united.com? the servers for united.com seem to delegate www.united.com, but the delegatee seems not to return an soa. i get very confusing results. Hmm host -t NS united.com: united.com name server dns02.uls-prod.com. united.com name server dns01.uls-prod.com. host -t A www.united.com dns01.uls-prod.com: www.united.com has address 64.95.89.8 host -t A www.united.com dns02.uls-prod.com: www.united.com has address 64.95.89.8 host -t SOA united.com dns01.uls-prod.com: united.com SOA ns0.uls-prod.com. hostinfo.ualloyalty.com. 2002112102 300 3600 604800 86400 host -t SOA united.com dns02.uls-prod.com: united.com SOA ns0.uls-prod.com. hostinfo.ualloyalty.com. 2002112102 300 3600 604800 86400 -- Avleen Vig Say no to cheese-eating surrender-monkeys Systms Admin Fast, Good, Cheap. Pick any two. www.silverwraith.com Move BSD. For great justice!
Re: untied
At 2:03 PM +0900 2/24/03, Randy Bush wrote: could someone else please check the dns for www.united.com? Doesn't look good... [EMAIL PROTECTED] Home 3% dig @a.gtld-servers.net www.united.com ; DiG 8.3 @a.gtld-servers.net www.united.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; QUERY SECTION: ;; www.united.com, type = A, class = IN ;; AUTHORITY SECTION: united.com. 2D IN NSDC1LBS1.ULS-PROD.com. united.com. 2D IN NSDC2LBS1.ULS-PROD.com. ;; ADDITIONAL SECTION: DC1LBS1.ULS-PROD.com. 2D IN A 64.95.89.4 DC2LBS1.ULS-PROD.com. 2D IN A 64.95.88.4 ;; Total query time: 104 msec ;; FROM: emily.isdn.uiuc.edu to SERVER: a.gtld-servers.net 192.5.6.30 ;; WHEN: Sun Feb 23 23:37:35 2003 ;; MSG SIZE sent: 32 rcvd: 117 [EMAIL PROTECTED] Home 4% dig @DC1LBS1.ULS-PROD.com. www.united.com. any ; DiG 8.3 @DC1LBS1.ULS-PROD.com. www.united.com. any ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; www.united.com, type = ANY, class = IN ;; Total query time: 55 msec ;; FROM: emily.isdn.uiuc.edu to SERVER: DC1LBS1.ULS-PROD.com. 64.95.89.4 ;; WHEN: Sun Feb 23 23:37:57 2003 ;; MSG SIZE sent: 32 rcvd: 32 [EMAIL PROTECTED] Home 5% dig @DC2LBS1.ULS-PROD.com. www.united.com. any ; DiG 8.3 @DC2LBS1.ULS-PROD.com. www.united.com. any ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; www.united.com, type = ANY, class = IN ;; Total query time: 72 msec ;; FROM: emily.isdn.uiuc.edu to SERVER: DC2LBS1.ULS-PROD.com. 64.95.88.4 ;; WHEN: Sun Feb 23 23:38:32 2003 ;; MSG SIZE sent: 32 rcvd: 32 [EMAIL PROTECTED] Home 6%
Re: untied (fwd)
fwd per request... (I'm not sure how to contact united, though I'd guess PNAP/InterNap might know, since I see the fictional www.united.com through there) -- Forwarded message -- Date: Mon, 24 Feb 2003 14:36:00 +0900 From: Randy Bush [EMAIL PROTECTED] To: Christopher L. Morrow [EMAIL PROTECTED] Subject: Re: untied bingo!! so, please post to nanog and if you know how to get to untied, ... So, looks like: dig www.united.com returns: dig www.united.com ; DiG 8.1 www.united.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; www.united.com, type = A, class = IN ;; ANSWER SECTION: www.united.com. 5S IN A 64.95.89.8 ;; Total query time: 32 msec ;; FROM: sharpie.argfrp.us.uu.net to SERVER: default -- 153.39.56.91 ;; WHEN: Mon Feb 24 05:22:35 2003 ;; MSG SIZE sent: 32 rcvd: 48 then: dig www.united.com ; DiG 8.1 www.united.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13 ;; QUERY SECTION: ;; www.united.com, type = A, class = IN ;; ANSWER SECTION: www.united.com. 4S IN A 64.95.89.8 ;; AUTHORITY SECTION: COM.1d20h32m39s IN NS A.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS G.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS H.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS C.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS I.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS B.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS D.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS L.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS F.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS J.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS K.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS E.GTLD-SERVERS.NET. COM.1d20h32m39s IN NS M.GTLD-SERVERS.NET. ;; ADDITIONAL SECTION: A.GTLD-SERVERS.NET. 4d20h43m26s IN A 192.5.6.30 G.GTLD-SERVERS.NET. 21h40m30s IN A 192.42.93.30 H.GTLD-SERVERS.NET. 21h40m30s IN A 192.54.112.30 C.GTLD-SERVERS.NET. 21h40m30s IN A 192.26.92.30 I.GTLD-SERVERS.NET. 21h40m30s IN A 192.43.172.30 B.GTLD-SERVERS.NET. 21h11m25s IN A 192.33.14.30 D.GTLD-SERVERS.NET. 21h31m38s IN A 192.31.80.30 L.GTLD-SERVERS.NET. 5h52m10s IN A 192.41.162.30 F.GTLD-SERVERS.NET. 21h40m30s IN A 192.35.51.30 J.GTLD-SERVERS.NET. 7h42m59s IN A 192.48.79.30 K.GTLD-SERVERS.NET. 7h43m IN A 192.52.178.30 E.GTLD-SERVERS.NET. 10h26m34s IN A 192.12.94.30 M.GTLD-SERVERS.NET. 23h34m11s IN A 192.55.83.30 ;; Total query time: 10 msec ;; FROM: sharpie.argfrp.us.uu.net to SERVER: default -- 153.39.56.91 ;; WHEN: Mon Feb 24 05:22:36 2003 ;; MSG SIZE sent: 32 rcvd: 483 and that repeats over and over and over... HOWEVER, dig NS united.com ; DiG 8.1 NS united.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; QUERY SECTION: ;; united.com, type = NS, class = IN ;; ANSWER SECTION: united.com. 23h59m52s IN NS dns01.uls-prod.com. united.com. 23h59m52s IN NS dns02.uls-prod.com. ;; ADDITIONAL SECTION: dns01.uls-prod.com. 1d11h2m40s IN A 64.95.89.200 dns02.uls-prod.com. 1d11h2m40s IN A 64.95.88.200 ;; Total query time: 1 msec ;; FROM: sharpie.argfrp.us.uu.net to SERVER: default -- 153.39.56.91 ;; WHEN: Mon Feb 24 05:22:51 2003 ;; MSG SIZE sent: 28 rcvd: 112 and then querying from one of them direct gets: timeouts for: 64.95.89.200 and 64.95.88.200 So, their DNS is busted it seems :( bummer for them. (or was this not what you were seeing?) --Chris ([EMAIL PROTECTED]) ### ## UUNET Technologies, Inc. ## ## Manager ## ## Customer Router Security Engineering Team ## ## (W)703-886-3823 (C)703-338-7319 ## ### On Mon, 24 Feb 2003, Randy Bush wrote: could someone else please check the dns for www.united.com? the servers for united.com seem to delegate www.united.com, but the delegatee seems not to return an soa. i get very confusing results. randy, feeling stoopid
Re: untied
-BEGIN PGP SIGNED MESSAGE- Hash: MD5 Hello Randy, Monday, February 24, 2003, 12:03:30 AM, you wrote: RB could someone else please check the dns for www.united.com? the servers RB for united.com seem to delegate www.united.com, but the delegatee seems RB not to return an soa. i get very confusing results. This is just a guess, but it appears that the two servers authoritative for www.united.com are load balancers: dc1lbs1.uls-prod.com dc2lbs1.uls-prod.com And it looks like you are correct: vbind.com /home/allan#dig @dc1lbs1.uls-prod.com www.united.com SOA ; DiG 9.2.1 @dc1lbs1.uls-prod.com www.united.com SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 168 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.united.com.IN SOA ;; Query time: 37 msec ;; SERVER: 64.95.89.4#53(dc1lbs1.uls-prod.com) ;; WHEN: Mon Feb 24 00:52:08 2003 ;; MSG SIZE rcvd: 32 But that may be intentional... allan - -- Allan Liska [EMAIL PROTECTED] http://www.allan.org -BEGIN PGP SIGNATURE- Version: 2.6 iQCVAwUAPlmyBSkg6TAvIBeFAQHHLQP/X91jZgjX9ghH0MaVRCbrPDb3Jl55+8u3 CE9cOHnqQBOv+XtuHdX/m2+Sqc2zIlf3puowgEafnncs4D8MlpiJhB1wh1pxB3xn yKy+0t3pgX/+1scimqbcS4t8zBh1C3mV2Y0Z1YnbSNmxflvU61sCrJHR8VxfvPLh 9o/7dzATUT0= =yasW -END PGP SIGNATURE-
Re: untied
ross? lazarus arises! wow! could someone else please check the dns for www.united.com? Doesn't look good... they seem to be making similar messes with ual.com, ua2go, ... and all the stuff that links from their pages. but it probably 'works' if your host is not dual stack, could you please confirm? it's a plot to keep me from getting a reservation to ietf! randy ps: really nice to know you're still out there hackin'
Re: untied
On Mon, Feb 24, 2003 at 02:46:44PM +0900, Randy Bush wrote: ross? lazarus arises! wow! could someone else please check the dns for www.united.com? Doesn't look good... they seem to be making similar messes with ual.com, ua2go, ... and all the stuff that links from their pages. Just so United doesn't feel bad, www.aol.com also fails in a dual stack environment. -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)