Re: IPv6
Why not use the highest-order 32 bits of an IPv6 address for interdomain routing... i.e., overlay them on IPv4 addresses and/or a 32-bit ASN? Yes, it smells of classful routing. Call me shortsighted, but how many billion interdomain routing policies do we really need? One word; multihoming. Pete
Re: IPv6
Andy Dills wrote: Am I the only one that thinks IPv6 is a minimum of ten years out before you see actual non-geek demand? It will probably happen before that. The Japanese government requirement that all businesses be fully ipv6 compliant before 2005 is certainly going to have a major impact on vendor ipv6 implementations, from the core to the desktop So while you may not get 30Mpps on your backbone router, you're probably not going to be stuck with a white elephant rate-limited to 200Kpps either. One day, you may even be able to run an ipv6-only desktop from vendor M, who knows? From one perspective (and not necessarily the best, or even a remotely accurate one), all it's going to take is for Microsoft and a bunch of NAS ADSL equipment vendors to implement stable ipv6 edge connectivity and to prefer over A records. Once this happens, there will be demand from customers by default, and this may create enough of a business case to justify more infrastructural spending on ipv6. This would help those providers who have a partial ipv6 deployment in their core, and may bootstrap the uptake process for those who haven't bothered looking at it yet. I'm a bit more optimistic about its take-up these days, mainly because support from the desktop and the network edge is going to be the main driving factor, and because this is probably going to become much more widespread from now on. Nick
The Cidr Report
This report has been generated at Fri Jun 13 21:46:40 2003 AEST. The report analyses the BGP Routing Table of an AS4637 (Reach) router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/as4637 for a current version of this report. Recent Table History Date PrefixesCIDR Agg 06-06-03122422 87154 07-06-03122772 87221 08-06-03122836 87199 09-06-03122724 87175 10-06-03122603 87211 11-06-03122581 87288 12-06-03122787 87267 13-06-03122864 87343 AS Summary 15267 Number of ASes in routing system 6029 Number of ASes announcing only one prefix 1520 Largest number of prefixes announced by an AS AS701 : ALTERNET-AS UUNET Technologies, Inc. 73222912 Largest address span announced by an AS (/32s) AS568 : SUMNET-AS DISO-UNRRA Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 13Jun03 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 122896873333556328.9% All ASes AS7132 1016 228 78877.6% SBIS-AS SBC Internet Services - Southwest AS11305 647 137 51078.8% INTERLAND-NET1 Interland Incorporated AS701 1520 1076 44429.2% ALTERNET-AS UUNET Technologies, Inc. AS7843 618 174 44471.8% ADELPHIA-AS Adelphia Corp. AS4323 602 179 42370.3% TW-COMM Time Warner Communications, Inc. AS7018 1341 933 40830.4% ATT-INTERNET4 ATT WorldNet Services AS3908 896 527 36941.2% SUPERNETASBLK SuperNet, Inc. AS4755 397 79 31880.1% VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System AS1221 1077 768 30928.7% ASN-TELSTRA Telstra Pty Ltd AS4355 398 111 28772.1% ERMS-EARTHLNK EARTHLINK, INC AS6197 493 207 28658.0% BATI-ATL BellSouth Network Solutions, Inc AS6198 468 184 28460.7% BATI-MIA BellSouth Network Solutions, Inc AS22927 298 15 28395.0% AR-TEAR2-LACNIC TELEFONICA DE ARGENTINA AS1239 956 674 28229.5% SPRINTLINK Sprint AS6347 364 91 27375.0% DIAMOND SAVVIS Communications Corporation AS27364 312 82 23073.7% ACS-INTERNET Armstrong Cable Services AS17676 250 24 22690.4% GIGAINFRA XTAGE CORPORATION AS22773 2188 21096.3% CCINET-2 Cox Communications Inc. Atlanta AS209494 302 19238.9% ASN-QWEST Qwest AS17557 339 159 18053.1% PKTELECOM-AS-AP Pakistan Telecom AS705509 332 17734.8% ALTERNET-AS UUNET Technologies, Inc. AS2048 259 88 17166.0% LANET-1 State of Louisiana AS2386 402 235 16741.5% INS-AS ATT Data Communications Services AS6327 189 24 16587.3% SHAWFIBER Shaw Fiberlink Limited AS13601 205 46 15977.6% ASN-INNERHOST Innerhost, Inc. AS4200 178 21 15788.2% AGIS-NET Apex Global Information Services, Inc. AS690448 293 15534.6% MERIT-AS-27 Merit Network Inc. AS20115 462 310 15232.9% CHARTER-NET-HKY-NC Charter Communications AS3602 226 78 14865.5% SPRINT-CA-AS Sprint Canada Inc. AS2686 256 111 14556.6% AS2686 ATT Global Network Services - EMEA Total 15838 7496 834252.7% Top 30 total Possible Bogus Routes 24.2.128.0/21AS6478 ATT-INTERNET3 ATT WorldNet Services 24.7.10.0/24 AS6478 ATT-INTERNET3 ATT WorldNet
Re: IPv6
Mind that some of the major content so(u)rcerers will have to adopt their Bind 4.x hacks from the last century to make their DNS respond to 4A queries instead of just timing out as they do today ;) To be fair, this is much less of a problem now than before. Setting a preference for quad-A is now generally feasible, whereas a year ago, it involved daily teeth-gnashing and hair removal. There are a pile of things to fix, including this, and ospfv3 and core-router packet switching rates and end-user dns requests over ipv6 and stable end-user ipv6 stacks which don't bsod or panic all over the place, and so on and so forth. This is why the Japanese government is so important for the uptake of ipv6 globally: it's going to force a population of 130 million highly-wired people to use ipv6 for everyday network connectivity, which is going to 1) wring most of these problems out and 2) cause large vendor software systems to be made ipv6-aware. These are good things. Nick
Re: anyone has netrange - cidr conversion script to share?
On Wed, Jun 11, 2003 at 11:12:54PM -0700, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote a message of 12 lines which said: Does anyone here has a script (or perl procedure) for converting range of ips (i.e. 10.0.0.0 - 10.0.2.255) into cidr (i.e. result would be 10.0.0.0/23,10.0.2.0/24 from the example before). netmask (available as a Debian package or a FreeBSD port) ~ % netmask -c 10.0.0.0:10.0.2.255 10.0.0.0/23 10.0.2.0/24
RE: IPv6
Title: Message I guess that means vendor C has no excuse on the 7200 VXR series (and I believe a few of the newer models). But I still don't see anthing fantastically IPv6 happening there. Daryl G. JurbalaIntrospect.net ConsultingTel: +1 215 825 8401Fax: +1 508 526 8500http://www.introspect.netPGP Key: http://www.introspect.net/pgp -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 12:48 AMTo: [EMAIL PROTECTED]Cc: [EMAIL PROTECTED]Subject: Re: IPv6[.] Most L3 switches shipping today (e.g. the product in question) have particular ethertypes and destination address offsets hardcoded into their ASICs. It's not a matter of supporting 128-bit addresses -- they simply doesn't understand IPv6's header any more than they do DECnet or AppleTalk. While allocation policies may have an effect on how IPv6 FIBs are most efficiently stored, address length is a fairly small part of the problem when you're talking about redesigning every ASIC to handle both IPv4 and IPv6. []
Re: IPv6
Andy Dills wrote: Am I the only one that thinks IPv6 is a minimum of ten years out before you see actual non-geek demand? It will probably happen before that. The Japanese government requirement that all businesses be fully ipv6 compliant before 2005 is certainly going to have a major impact on vendor ipv6 implementations, from the core to the desktop So while you may not get 30Mpps on your backbone router, you're probably not going to be stuck with a white elephant rate-limited to 200Kpps either. One day, you may even be able to run an ipv6-only desktop from vendor M, who knows? Nick I saw a DISA memo yesterday that mandates IPv6 compliance by 2008. --bill
RE: IPv6
Daryl G. Jurbala wrote: I guess that means vendor C has no excuse on the 7200 VXR series (and I believe a few of the newer models). But I still don't see anthing fantastically IPv6 happening there. The 7206VXR (along with all 7200/7400) supports IPv6 in IOS 12.2S, 12.2T and 12.3. 12.2S is not yet the recommended IOS for ISPs using 7200 series routers, but is expected to be the recommended ISP IOS in the future. 12.2T/12.3 are the current recommended IOS for LNSs. The support seems to gradually increase with time. As a 7xxx-based network, IPv6 came as a pleasant surprise when we upgraded IOS for other reasons. Some current significant missing items: NetFlow of IPv6 (...sure we can do the traffic, but can we bill it?!...) Communication by the router to IPv6 hosts for RADIUS, tacacs, NetFlow, etc (...ok, so we can use IPv6, just as long as it's not for anything our routers want to talk to...) But for that matter, NetFlow doesn't work well with MPLS either (in a VPDN environment, where you can't identify a virtual access interface based on SNMP and hoping it was the same when the traffic happened, there's no way currently to identify which VRF the traffic occurred in and thus no way to map traffic back to a customer when multiple VRFs contain the same IPs). David.
Re: IPv6
On 6/13/2003 at 07:54:01 -0700, [EMAIL PROTECTED] said: I saw a DISA memo yesterday that mandates IPv6 compliance by 2008. Ah, government memos. There's been ones mandating OSI protocols, UNIX workstations for all government employees... Government mandates aren't going to force a protocol by themselves. The marketplace is where v6 will be made or broken, and history shows the marketplace has two requirements: need and painlessness. This might give the vendors a nudge, but it isn't going to be the reason the Great Changeover happens. -Dave
Re: IPv6
On 6/13/2003 at 07:54:01 -0700, [EMAIL PROTECTED] said: I saw a DISA memo yesterday that mandates IPv6 compliance by 2008. Ah, government memos. There's been ones mandating OSI protocols, UNIX workstations for all government employees... Government mandates aren't going to force a protocol by themselves. The marketplace is where v6 will be made or broken, and history shows the marketplace has two requirements: need and painlessness. This might give the vendors a nudge, but it isn't going to be the reason the Great Changeover happens. -Dave too right. (having the scars from the OSI compliance tussle) the point being that this is one more grain added to the side of IPv6 in my lifetime... DISA does occasionally have some impact on the marketplace that the rest of us play in. speaking of which, v6 zelots and cheerleaders may find this URL interesting: http://www.usipv6.com/ --bill
Re: IPv6
PH Date: Fri, 13 Jun 2003 09:37:59 +0300 PH From: Petri Helenius PH One word; multihoming. How many billion different interdomain routing policies do we really need? Eddy -- Brotsman Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita
Re: IPv6
On Fri, 13 Jun 2003, E.B. Dreger wrote: PH One word; multihoming. How many billion different interdomain routing policies do we really need? Just 1 is enough to cause trouble. Given strict provider-based addressing, multihoming leads to rather nasty interactions between host-based selection of (source address, destination address) things like the following: o routing policy o anti-spoofing... filtering o quality of service The IETF drafts I've read have not yet offered what I consider viable solutions to those issues. Jay Ford, Network Engineering Group, Information Technology Services University of Iowa, Iowa City, IA 52242 email: [EMAIL PROTECTED], phone: 319-335-, fax: 319-335-2951
DNS resolution to Yahoo.
So I got 2 dns servers that resolve www.yahoo.com differently. Server A goes to 216.109.125.69. The Server B goes to 66.218.71.92. The 66.218.71.92 is a faster route for me. How do I get Server A to resolve to 66.218.71.92? Alan
Rescheduled: P2P file sharing national security and personal securityrisks
June 10, 2003 NOTICE OF RESCHEDULED FULL COMMITTEE HEARING The Senate Committee on the Judiciary scheduled for Wednesday, June 11, 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal and National Security Risks Compromise the Potential of P2P File-Sharing Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m. in Room 226 of the Senate Dirksen Building. By order of the Chairman I wonder if anyone is going to mention that Microsoft Network Neighborhood file sharing is a form of P2P file sharing.
Re: DNS resolution to Yahoo.
http://www.yahoo.com/ differently. Server A goes to 216.109.125.69. The Server B goes to 66.218.71.92. The 66.218.71.92 is a faster route for me. How do I get Server A to resolve to 66.218.71.92? Have Server A declare itself authoritative for www.yahoo.com and set up an A record pointing to 66.218.71.92 -- /ak
Re: DNS resolution to Yahoo.
Alex Kamantauskas wrote: Have Server A declare itself authoritative for www.yahoo.com and set up an A record pointing to 66.218.71.92 ...and then be prepared to deal with a flood of customer complaints when yahoo renumbers and is no longer reachable from your network. cf. http://www.amazon.com/exec/obidos/tg/detail/-/0596001584/
Re: DNS resolution to Yahoo.
I was just answering the question How do I get Server A to resolve to 66.218.71.92? The rest was up to him. On Fri, 13 Jun 2003, Mike wrote: Alex Kamantauskas wrote: Have Server A declare itself authoritative for www.yahoo.com and set up an A record pointing to 66.218.71.92 ...and then be prepared to deal with a flood of customer complaints when yahoo renumbers and is no longer reachable from your network. cf. http://www.amazon.com/exec/obidos/tg/detail/-/0596001584/ -- /ak
Re: Rescheduled: P2P file sharing national security and personalsecurity risks
IMHO: No more, or less, than SMTP. It is -that- simple. (Of course, SMTP is how China got Nuclear Secrets out of America :( ) FWIW: This is more tempestuous reactions at High Levels, that would normally have been laughed off. Except P2P's are annoying the Recording Industry execs, and they have $$$ on the line, so. $$$ has a way a bringing things to light that would otherwise simply have been ignored But, for this to make it to the NS Risk Assessment groups just demonstrates the licentious influence between the Current Administration Policies and Money Men. After all, how many meetings are there going to be assessing the risk SMTP has on National Security ? Or, as you mentioned, MS file sharing... And, remember, SMTP is -already- proven guilty of said Risk, and a far more -probable- culprit in future compromises... ! Reality Check. My .02c .Richard. My, what interesting times we live in, and darn it, important people noticed me! :{ Sean Donelan wrote: June 10, 2003 NOTICE OF RESCHEDULED FULL COMMITTEE HEARING The Senate Committee on the Judiciary scheduled for Wednesday, June 11, 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal and National Security Risks Compromise the Potential of P2P File-Sharing Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m. in Room 226 of the Senate Dirksen Building. By order of the Chairman I wonder if anyone is going to mention that Microsoft Network Neighborhood file sharing is a form of P2P file sharing.
RE: DNS resolution to Yahoo.
Yahoo uses akamai technology (bgp path analysis) to determine what content server is "closest" to a given host and bases its' dns response on that data. You could contact Akamai and, explain your network, and see if they can make the necessary adjustments, or if you are large enough ask them to drop a couple of servers in your site. (or they maywant you to send them a BGP feed) -Ejay -Original Message-From: Alan Sato [mailto:[EMAIL PROTECTED]Sent: Friday, June 13, 2003 12:17 PMTo: [EMAIL PROTECTED]Subject: DNS resolution to Yahoo. So I got 2 dns servers that resolve www.yahoo.com differently. Server A goes to 216.109.125.69. The Server B goes to 66.218.71.92. The 66.218.71.92 is a faster route for me. How do I get Server A to resolve to 66.218.71.92? Alan
RE: DNS resolution to Yahoo.
-- On Friday, June 13, 2003 13:18 -0500 -- Ejay Hire [EMAIL PROTECTED] supposedly wrote: Yahoo uses akamai technology (bgp path analysis) to determine what content server is closest to a given host and bases its' dns response on that data. You could contact Akamai and, explain your network, and see if they can make the necessary adjustments, or if you are large enough ask them to drop a couple of servers in your site. (or they may want you to send them a BGP feed) It is a bit more complex that BGP path analysis. :) But we are happy to work with you to make things faster / better. Any particular reason you have a problem with multiple answers? We do it intentionally for several reasons (e.g. load balancing and redundancy). It is fully RFC compliant and has been working well for many years now on most of the large web sites on the Internet. -- TTFN, patrick
Re: Rescheduled: P2P file sharing national security and personalsecurity risks
Not sure what is scarier the money to influence government or the money spent on litigation. The latest tactic is using a legal bit called self help. Usually self help is used if someone steals your car and you find it in their driveway, you can trespass on their property to retrieve your property. The RIAA version of this is they can hack into p2p systems and spike files, tamper with search results, and generally wreak havoc on anything that has a copyrighted file on it. Even scarier I was listening to a panel of lawyers who all thought this was a great idea. It did not seem to bother them at all that these actions would/could wreck the system for all the legitmate users or that the burden of proving that legit systems had been hacked/screwed would be on the system owner and not the RIAA. Maybe we should set up tire shredders on the interstate and then check all the wrecked cars to see if they were stolen or carrying drugs. - Original Message - From: Richard Irving [EMAIL PROTECTED] Date: Friday, June 13, 2003 2:19 pm Subject: Re: Rescheduled: P2P file sharing national security and personal security risks IMHO: No more, or less, than SMTP. It is -that- simple. (Of course, SMTP is how China got Nuclear Secrets out of America :( ) FWIW: This is more tempestuous reactions at High Levels, that would normally have been laughed off. Except P2P's are annoying the Recording Industry execs, and they have $$$ on the line, so. $$$ has a way a bringing things to light that would otherwise simply have been ignored But, for this to make it to the NS Risk Assessment groups just demonstrates the licentious influence between the Current Administration Policies and Money Men. After all, how many meetings are there going to be assessing the risk SMTP has on National Security ? Or, as you mentioned, MS file sharing... And, remember, SMTP is -already- proven guilty of said Risk, and a far more -probable- culprit in future compromises... ! Reality Check. My .02c .Richard. My, what interesting times we live in, and darn it, important people noticed me! :{ Sean Donelan wrote: June 10, 2003 NOTICE OF RESCHEDULED FULL COMMITTEE HEARING The Senate Committee on the Judiciary scheduled for Wednesday, June 11, 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal and National Security Risks Compromise the Potential of P2P File-Sharing Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m. in Room 226 of the Senate Dirksen Building. By order of the Chairman I wonder if anyone is going to mention that Microsoft Network Neighborhood file sharing is a form of P2P file sharing.
[afisnews_sender@DTIC.MIL: New Internet Protocol Version Slated ForDebut]
Since the use of IPv6 has been discussed - Forwarded message from Press Service [EMAIL PROTECTED] - Date: Fri, 13 Jun 2003 15:39:01 -0400 From: Press Service [EMAIL PROTECTED] Subject: New Internet Protocol Version Slated For Debut To: [EMAIL PROTECTED] By Gerry J. Gilmore American Forces Press Service WASHINGTON, June 13, 2003 An improved version of the Internet, featuring enhancements that improve system security and data delivery, will be part of DoD's integrated information-communications network, a senior U.S. defense official said here today. Users will realize improved service when Internet Protocol Version 6 is incorporated across DoD systems, John Stenbit, assistant secretary of defense for networks and information integration, remarked to reporters during a Pentagon press conference. DoD currently uses Version 4 of the Internet, Stenbit explained. That system, he noted, has some flaws. There are lots of issues that have come up with Internet Version 4, Stenbit pointed out, noting many commercial fixes have been made to address some of those problems. One Version 4 fix, Stenbit said, concerns the number of Internet addresses that can be accessed. Yet, this issue, he pointed out, isn't of particular import to DoD. However, DoD is concerned about the lack of information security safeguards that are inherent in Internet Version 4, Stenbit noted. And the department is aware of the current Internet system's lack of dependability in delivering electronic packages of information, which, Stenbit points out, has a negative impact on quality of service. Today, if you send a 'packet' on the Internet, nobody is guaranteeing you that it is going to get to the other end, Stenbit observed. For example, he noted, sometimes Internet provider-generated video or audio conferences may lose sight or sound during transmission. This, he explained, is caused by Version 4 limitations. Improvements addressing such quality of service issues are part of Internet Version 6, Stenbit explained. And Version 6 development has gotten far enough along so that people now deliver hardware and software that are compatible with both standards, Stenbit noted. Version 6 is what we're going to be using as the standard for DoD, Stenbit declared, noting, We're anticipating moving the department to the use of IP 6 in about 2008. Consequently, DoD acquisition officials must begin purchasing Version 6- compatible equipment now, Stenbit concluded. ___ NOTE: This is a plain text version of a web page. If your e-mail program did not properly format this information, you may view the story at http://www.defenselink.mil/news/Jun2003/n06132003_200306134.html Any photos, graphics or other imagery included in the article may also be viewed at this web page. Visit the Defense Department's Web site for the latest news and information about America's response to the Sept. 11, 2001, terrorist attacks and the war against terrorism: Defend America at http://www.DefendAmerica.mil. Visit the Department of Defense Homeland Security Web site at http://www.defenselink.mil/specials/homeland/ to learn more about the Department of Defense role in homeland security. Unsubscribe from or Subscribe to this mailing list: http://www.defenselink.mil/news/subscribe.html - End forwarded message - -- I must study politics and war that my sons | may have liberty to study mathematics and |[EMAIL PROTECTED] philosophy. -- John Adams | pgp0.pgp Description: PGP signature
Re: Rescheduled: P2P file sharing national security and personalsecurity risks
on 6/13/2003 1:19 PM Richard Irving wrote: But, for this to make it to the NS Risk Assessment groups just demonstrates the licentious influence between the Current Administration Policies and Money Men. Uhh, this is a senate committee, not an administrative effort. And folks like Berman (the RIAA vigilante bill) and Feinstein (the MPAA) are Democrats. And you misused licentious. http://news.com.com/2100-1023-954591.html shows that this kind of effort has been going for a while. -- Eric A. Hallhttp://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
RE: IPv6 Services/Products
That would be Maxis Communications Berhad or www.maxis.com.my ... -Original Message- From: Irwin Lazar [mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 6:29 AM To: [EMAIL PROTECTED] Subject: IPv6 Services/Products Thanks to all who responded, below is what I've compiled so far (vendors/service providers): Hurricane Electric - http://www.he.net/ Maxis (IPv6 for 3G) - www.maxis.com Equinix (IPv6 exchange for Hurricane Japan Telecom) - www.equinix.com BTExact (http://www.uk6x.com) NEC (IPv6 video content distribution system with China Netcom, Asia Netcom Japan, and Sky Perfect) 6Wind (IPv6 in China w/ BII Group) Internet Initiative Japan Inc (IIJ) - IPv6 Gateway Service Global Crossing (announce beta plans last year, haven't been able to find anything further) Also, ISS just released an IDS/IPS for IPv6 (the first one I believe?) Thanks for the feedback, Irwin
rr style scanning of non-customers
Hey gang, Some ISPs, such as RR, appear to be implementing what I personally would consider quite aggressive approaches to guarding their network by implementing "proactive" scanning of non-customers, similar to what's described at http://security.rr.com/probing.htm In this case, sending email to @rr.com appears to trigger this scanning business (mind you, this is not about the scanning their subs biz; I don't care to get into that in this thread). But, the question is.. How many people here are doing this sort of thing? And where does this stop, short of nmapping the entire box? Some time ago, when Code Red first came around, discussions raged as to how to deal with it and other infestations of customer owned/operated equipment. And this kind of is a different slant on the same issue. Except that it goes quite a bit further than your own prefixes. I'm not looking to start a flamewar, I'm interested in a discussion or consensus discovery of how far "proactive" tasks can/should/shouldn't go. Regards, Christian * "The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers."
Re: rr style scanning of non-customers
On Fri, 13 Jun 2003, Kuhtz, Christian wrote: Some ISPs, such as RR, appear to be implementing what I personally would consider quite aggressive approaches to guarding their network by implementing proactive scanning of non-customers, similar to what's described at http://security.rr.com/probing.htm http://security.rr.com/probing.htm In this case, sending email to @rr.com appears to trigger this scanning business (mind you, this is not about the scanning their subs biz; I don't Proactive = scanning for open systems before they come to you. Reactive = scanning the IPs that connect to you to see if they're open. They spell this out very clearly on the page referenced above and say that they're doing proactive scanning of their own network and reactive scanning of the rest of the internet. Do you have any reason to believe they're not doing as they say? Is it time for the monthy nanog spam debate again already? :) Unfortunately, what they're looking for is only a small sub-set of the commonly used ports by various proxy software typically installed wide open on broadband connected systems. If they're serious about reactive scanning, they ought to either update the ports tested or just ally with one of the various dnsbls that does this sort of testing (less/more effective testing would be the result). The last time this topic came up, it was suggested by others that either trojan or virus software was installing/creating open proxies. I wrote that off as people being overly paranoid. I'm sorry to say that I now know this to be true and have seen many installations of at least one strain of such proxy software. -- Jon Lewis [EMAIL PROTECTED]| I route System Administrator| therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_