Re: IPv6

[Petri Helenius]

7200 VXR does not by default have any dedicated packet switching 
hardware. If you are daring enough, you might buy NSE-1 (unless they 
EOLed it already) to get first generation PXF hardware which is
a more or less mission specific CPU matrix/pipeline thingy. 

More robust and reliable generations of the PXF have since appeared
in later models of the hardware. However, your mileage may still vary.

Pete


> 
> I was actually referring to the ASIC issue only.  The VXR's are not
> traditional ASIC basedthe ASIC (I think they actually call the
> device something else) code is loaded on the fly from the IOS and
> configuration.
> 
> Daryl G. Jurbala
> Introspect.net Consulting
> Tel: +1 215 825 8401
> Fax: +1 508 526 8500
> http://www.introspect.net
> 
> PGP Key: http://www.introspect.net/pgp  
> 
> -Original Message-
> From: David Luyer [mailto:[EMAIL PROTECTED] 
> Sent: Friday, June 13, 2003 11:04 AM
> To: Daryl G. Jurbala; [EMAIL PROTECTED]
> Subject: RE: IPv6
> 
> [...]
> 
> The 7206VXR (along with all 7200/7400) supports IPv6
> in IOS 12.2S, 12.2T and 12.3.
> 
> [...]
> 

Re: IPv6

[Nick Hilliard]

Brad Knowles wrote:
I was working at DISA at the height of the GOSIP stuff.  I remember 
the internal discussions and arguments.  I'm fortunate enough to have 
known a guy who was instrumental in helping to finally kill the damn thing.
We all have our OSI horror stories.

Should we hope that the same won't happen to IPv6?
Less likely.  At least there is general consensus among pretty much 
everyone - with the exception of a small number of cranks - that IPv6 is 
good.  This is not something which could have ever have been said about 
the ISO model, which governments loved and everyone else loathed.

IPv6's major implementation problem is going to be apathy.  After all, 
things are working fine at the moment, and who cares that some day there 
might be a big ip address crunch?

Nick

Re: Rescheduled: P2P file sharing national security and personalsecurity risks

[Stephen J. Wilcox]

Hmm where do you draw the line.. peer2peer file sharing, MS Networking, SMTP, 
telephones, snail mail, visiting foreign countries, meeting people at all.. ?

Seems a bit silly to me to be having the conversation at all, its people who 
willingly leak this information not the mechanism used thats at fault

Steve


On Fri, 13 Jun 2003, Richard Irving wrote:

>   After all, how many meetings are there going to
> be assessing the risk SMTP has on National Security ?
> 
>   Or, as you mentioned, MS file sharing...
> 
>   And, remember, SMTP is -already- proven guilty of said Risk,
> and a far more -probable- culprit in future compromises... !
> 
> Reality Check.
> 
> My .02c
> 
> .Richard.
> 
>My, what interesting times we live in,
>   and darn it, important people noticed me! :{
> 
> Sean Donelan wrote:
> > 
> > June 10, 2003
> > 
> > NOTICE OF RESCHEDULED FULL COMMITTEE HEARING
> > The Senate Committee on the Judiciary scheduled for Wednesday, June 11,
> > 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal
> > and National Security Risks Compromise the Potential of P2P File-Sharing
> > Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m.
> > in Room 226 of the Senate Dirksen Building.
> > 
> > By order of the Chairman
> > 
> > 
> > 
> > 
> > 
> > I wonder if anyone is going to mention that Microsoft Network Neighborhood
> > file sharing is a form of P2P file sharing.
> 
> 
> 

RE: Rescheduled: P2P file sharing national security and personal security risks

[McBurnett, Jim]

HMMM... 
Well, in the US, there is even the threat of lawsuit from an Employee that
get pornographic SPAM email... should the employer not make
efforts to block it, the employee can sue.. BUT it is the same argument..
Do we take the bad with the good? do we allow P2P when it can create security issues?
All this should be regulated by corporations not govermentt..

IE: Every business model is different..
A defense contractor should definately block p2p, but does a computer gaming company 
need to block it?


The Entire issue goes back to the job description of security professional
Balancing the operational needs of XYZ vs. the hassle of certain security needs

That is all this is... Some Senator or Congress member got wind of a "potential"
security issue, and in light of Sept 11, EVERYTHING is being scrutinized...

Anyway..

I've said enuf.
J



From: Stephen J. Wilcox
Hmm where do you draw the line.. peer2peer file sharing, MS Networking, SMTP, 
telephones, snail mail, visiting foreign countries, meeting people at all.. ?

Seems a bit silly to me to be having the conversation at all, its people who 
willingly leak this information not the mechanism used thats at fault

Steve


On Fri, 13 Jun 2003, Richard Irving wrote:

>   After all, how many meetings are there going to
> be assessing the risk SMTP has on National Security ?
> 
>   Or, as you mentioned, MS file sharing...
> 
>   And, remember, SMTP is -already- proven guilty of said Risk,
> and a far more -probable- culprit in future compromises... !
> 
> Reality Check.
> 
> My .02c
> 
> .Richard.
> 
>My, what interesting times we live in,
>   and darn it, important people noticed me! :{
> 
> Sean Donelan wrote:
> > 
> > June 10, 2003
> > 
> > NOTICE OF RESCHEDULED FULL COMMITTEE HEARING
> > The Senate Committee on the Judiciary scheduled for Wednesday, June 11,
> > 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal
> > and National Security Risks Compromise the Potential of P2P File-Sharing
> > Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m.
> > in Room 226 of the Senate Dirksen Building.
> > 
> > By order of the Chairman
> > 
> > 
> > 
> > 
> > 
> > I wonder if anyone is going to mention that Microsoft Network Neighborhood
> > file sharing is a form of P2P file sharing.
> 
> 
> 

RE: Rescheduled: P2P file sharing national security and personalsecurity risks

[Charles Sprickman]

On Sat, 14 Jun 2003, McBurnett, Jim wrote:

> Do we take the bad with the good? do we allow P2P when it can create
> security issues?

Who cares about P2P?  Hasn't malware like Outlook Express been responsible
for far more information leakage than P2P software?  I'll run Acquisition
on my machine long before I'd even think of touching Outlook.

The *only* reason this is being looked at as a security measure is because
the RIAA and MPAA have convinced everyone that P2P = Anarchy, and Anarchy
leads to planes flying into buildings.

A rational person could come up with a much better reason to investigate
whether MS should be allowed to be used at the Pentagon, the CIA, and in
the battlefield instead of wasting time chasing the Napster ghost.

Charles

> I've said enuf.
> J
>
>
>
> From: Stephen J. Wilcox
> Hmm where do you draw the line.. peer2peer file sharing, MS Networking, SMTP,
> telephones, snail mail, visiting foreign countries, meeting people at all.. ?
>
> Seems a bit silly to me to be having the conversation at all, its people who
> willingly leak this information not the mechanism used thats at fault
>
> Steve
>
>
> On Fri, 13 Jun 2003, Richard Irving wrote:
>
> >   After all, how many meetings are there going to
> > be assessing the risk SMTP has on National Security ?
> >
> >   Or, as you mentioned, MS file sharing...
> >
> >   And, remember, SMTP is -already- proven guilty of said Risk,
> > and a far more -probable- culprit in future compromises... !
> >
> > Reality Check.
> >
> > My .02c
> >
> > .Richard.
> >
> >My, what interesting times we live in,
> >   and darn it, important people noticed me! :{
> >
> > Sean Donelan wrote:
> > >
> > > June 10, 2003
> > >
> > > NOTICE OF RESCHEDULED FULL COMMITTEE HEARING
> > > The Senate Committee on the Judiciary scheduled for Wednesday, June 11,
> > > 2003, at 2:00 p.m., on .The Dark Side of a Bright Idea: Could Personal
> > > and National Security Risks Compromise the Potential of P2P File-Sharing
> > > Networks?. has been rescheduled for Tuesday, June 17, 2003 at 2:00 p.m.
> > > in Room 226 of the Senate Dirksen Building.
> > >
> > > By order of the Chairman
> > >
> > >
> > >
> > >
> > >
> > > I wonder if anyone is going to mention that Microsoft Network Neighborhood
> > > file sharing is a form of P2P file sharing.
> >
> >
> >
>
>

Looking for transit

[Etaoin Shrdlu]

Well, sort of.

I have a bunch of old network hardware. I've recently disassembled a test
network, and there are a lot of useful leftovers. Rob Thomas (of cymru.com,
amongst others) would like it. I'd really like him to have it.
Unfortunately, I'm in Southern California, and Rob is in Chicago.

I can get the equipment to Las Vegas, during defcon (http://www.defcon.org,
for the three of you who don't know what it is), which is August 1-3 this
year. If there's anyone driving to defcon from the Chicago area, who could
take it back there, or if there's anyone who is going from SoCal to
Chicago, would you please consider volunteering?

Rob's contributions are so worthwhile, I'd really like him to have the
goods. Otherwise, I'll just be donating them to a local trade school.

I've blind carbonned this to a few folk who are probably not on Nanog, and
who may or may not be able to help. Please, reply privately. No sense in
starting yet another off topic thread.

Here's the part that sucks. Don't volunteer if you can't be vouched for in
some way. Either Rob should know you, or someone well-known on Nanog should
know you, or I should know you. I want it to go to Rob.

Sorry for disturbing everyone, but I'm really hopeful that this'll work
out.

--
"They had discovered Mr. Slippery's True Name and it was Roger Andrew
Pollack TIN/SSAN 0959-34-2861, and no amount of evasion, tricky
programming, or robot sources could ever again protect him from them."

Re: IPv6

[Vadim Antonov]

On Sat, 14 Jun 2003, Nick Hilliard wrote:

> At least there is general consensus among pretty much 
> everyone - with the exception of a small number of cranks - that IPv6 is 
> good. 

Now I'm officially a crank because i fail to see why IPv6 is any better
than slightly perked up IPv4 - except for the bottom line of box vendors
who'll get to sell more of the new boxes doing essentially the same thing.

--vadim

(NSI) LAME-DELEGATION.ORG hijacking IP space ??

[John Brown]

could someone explain this

shorts# nslookup LAME2850.LAME-DELEGATION.ORG
Server:  ns1.chagres.net
Address:  216.223.236.233
Aliases:  233.236.223.216.in-addr.arpa

Non-authoritative answer:
Name:LAME2850.LAME-DELEGATION.ORG
Address:  1.1.1.1




or this



shorts# nslookup LAME41178.LAME-DELEGATION.ORG
Server:  ns1.chagres.net
Address:  216.223.236.233
Aliases:  233.236.223.216.in-addr.arpa

Non-authoritative answer:
Name:LAME41178.LAME-DELEGATION.ORG
Address:  4.3.145.66

shorts# nslookup 4.3.145.66
Server:  ns1.chagres.net
Address:  216.223.236.233
Aliases:  233.236.223.216.in-addr.arpa

Name:lsanca1-145-066.biz.dsl.gtei.net
Address:  4.3.145.66


seems 4.3.146.66 is some DSL link in GTEI / BBN / Name today



if NSI is going to use this as a way to deal with lame zones, fine,
but how about using RFC 1918 space, or a public IP and a machine that
returns NXDOMAIN. 

instead of what looks like random IP allocations, some of which may
cause pain for others...

Hey, better yet, why not just learn how to DELETE host records from 
a zone ???

Re: rr style scanning of non-customers

[Sean Donelan]

On Fri, 13 Jun 2003 [EMAIL PROTECTED] wrote:
> The last time this topic came up, it was suggested by others that either
> trojan or virus software was installing/creating open proxies.  I wrote
> that off as people being overly paranoid.  I'm sorry to say that I now
> know this to be true and have seen many installations of at least one
> strain of such proxy software.

According to a study by America Online, 89% of the computers with
broadband connections are not safely configured.  91% of the computers had
what AOL categorized as spyware installed.  In reality, the connection
method isn't the determining factor.

http://www.staysafeonline.info/press/060403.pdf

Although firewalls and anti-virus helps, it doesn't prevent a determined
user from infecting his own system.  Honeypots and passive detection
systems aren't picking up the whole story.  The user is an important
part of evaluating the security equation.

Re: rr style scanning of non-customers

[Randy Bush]

> According to a study by America Online, 89% of the computers with
> broadband connections are not safely configured.  91% of the computers had
> what AOL categorized as spyware installed.  In reality, the connection
> method isn't the determining factor.
> 
> http://www.staysafeonline.info/press/060403.pdf
> 
> Although firewalls and anti-virus helps, it doesn't prevent a determined
> user from infecting his own system.  Honeypots and passive detection
> systems aren't picking up the whole story.  The user is an important
> part of evaluating the security equation.

so where is the authoritative web site 

   

to which we can point all our friends (and use to lock down
our kids' machines/sites)?

randy

Re: rr style scanning of non-customers

[E.B. Dreger]

RB> Date: Sat, 14 Jun 2003 21:59:29 -0700
RB> From: Randy Bush


RB> so where is the authoritative web site
RB>
RB>

Plenty of *ix idiots running vulnerable systems and "servers",
too.  Follow a Cobalt mailing list and live in fear.


RB> to which we can point all our friends (and use to lock down
RB> our kids' machines/sites)?

You can lead a horse to water...


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~
Date: Mon, 21 May 2001 11:23:58 + (GMT)
From: A Trap <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to
be blocked.

Re: Looking for transit

[Etaoin Shrdlu]

Etaoin Shrdlu wrote:
> 
> Well, sort of.
> 
> I have a bunch of old network hardware...

[snippety snip]

> Sorry for disturbing everyone, but I'm really hopeful that this'll work
> out.

It worked out very quickly. I even have backup volunteers. Thank you all, a
whole lot, from me, and from Rob, too. Oh, and for those that wondered, I
should have specified, it's a lot (router and other fun things).

--
"They had discovered Mr. Slippery's True Name and it was Roger Andrew
Pollack TIN/SSAN 0959-34-2861, and no amount of evasion, tricky
programming, or robot sources could ever again protect him from them."

Re: rr style scanning of non-customers

[Randy Bush]

>> so where is the authoritative web site
>>
> Plenty of *ix idiots running vulnerable systems and "servers",
> too.  Follow a Cobalt mailing list and live in fear.

for which there are system-specific sites telling you how to
lock it down, e.g., as david lesher just pointed out,



that fools don't use the resources is another matter.  "a fool
and their data are soon parted."  -- monty williams

but where is the equivalent for windoze, the very common and very
vulnerable opsys?

randy

Re: rr style scanning of non-customers

[John Brown]

http://www.nsa.gov/snac/win2k/download.htm

http://www.arstechnica.com/tweak/win2k/security/begin-1.html

might be places to start

john brown



On Sat, Jun 14, 2003 at 10:22:50PM -0700, Randy Bush wrote:
> 
> >> so where is the authoritative web site
> >>
> > Plenty of *ix idiots running vulnerable systems and "servers",
> > too.  Follow a Cobalt mailing list and live in fear.
> 
> for which there are system-specific sites telling you how to
> lock it down, e.g., as david lesher just pointed out,
> 
> 
> 
> that fools don't use the resources is another matter.  "a fool
> and their data are soon parted."  -- monty williams
> 
> but where is the equivalent for windoze, the very common and very
> vulnerable opsys?
> 
> randy
> 

Re: rr style scanning of non-customers

[E.B. Dreger]

RB> Date: Sat, 14 Jun 2003 22:22:50 -0700
RB> From: Randy Bush


RB> > Plenty of *ix idiots running vulnerable systems and "servers",
RB> > too.  Follow a Cobalt mailing list and live in fear.
RB>
RB> for which there are system-specific sites telling you how to
RB> lock it down, e.g., as david lesher just pointed out,
RB>
RB> 
RB>
RB> that fools don't use the resources is another matter.  "a fool

Perhaps.  That doesn't make the problem any less severe, though.
One even could argue that's worse -- people running vulnerable
systems despite the availability of lockdown information.


RB> and their data are soon parted."  -- monty williams
RB>
RB> but where is the equivalent for windoze, the very common and very
RB> vulnerable opsys?

Google search for something like

securing windows lockdown

is a reasonable start.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
_
  DO NOT send mail to the following addresses :
  [EMAIL PROTECTED] -or- [EMAIL PROTECTED] -or- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.

Re: rr style scanning of non-customers

[John Brown]

hope randy doesn't mind the xlate from private post to list post

http://www.nsa.gov/snac/winxp/guides/wxp-1.pdf

http://www.giac.org/practical/GSEC/Trevor_Cuthbert_GSEC.pdf

http://www.microsoft.com/windowsxp/pro/using/itpro/default.asp#section6

john brown



On Sat, Jun 14, 2003 at 10:28:42PM -0700, Randy Bush wrote:
> > http://www.nsa.gov/snac/win2k/download.htm
> > http://www.arstechnica.com/tweak/win2k/security/begin-1.html
> 
> cool.  how about xp?
> 
> randy
> 

Re: rr style scanning of non-customers

[Randy Bush]

> http://www.nsa.gov/snac/winxp/guides/wxp-1.pdf
> http://www.giac.org/practical/GSEC/Trevor_Cuthbert_GSEC.pdf
> http://www.microsoft.com/windowsxp/pro/using/itpro/default.asp#section6

cool.  thanks.  in a side conversation, a friend from redmond says

> http://www.microsoft.com/security/
> Has links to all the important info, such as hardening guides.

randy