rogers cable
I need someone from Rodgers cable, specifically their DNS administrators to contact me off-list if they could. it appears that one of your DNS cache servers may be mis-configured. Thanks. -- Andrew D Kirch | [EMAIL PROTECTED]| Security Admin | Summit Open Source Development Group | www.sosdg.org
Re: This may be stupid but..
Vadim Antonov writes on 11/8/2003 7:49 PM: Better use networking and referrals, and Internet-based resources. Posting to nanog will already have got him a lot of quality resumes, I think :) -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
Re: Openwave Opinions
Rubens Kuhl Jr. writes on 11/8/2003 7:51 PM: Sometimes outsourcing corporate / isp mail handling to a provider like us, criticalpath, postini etc might be a good way to go. Outsourcing is usually a good way to get a solution with expertise instead of a next->next->finish software installation and license to use it... but for ISP use, integration with internal OSS (billing, tech-support etc.) seems to be a challenge. Outsourcing costs also keeps most ISPs from using such a solution, unless time-to-market is the one and only criteria. Well - there are ways (such as that the outsourcer only handles the MX for the domain[s], and then routes all inbound mail to the ISP, who handles file storage / pop3 / webmail). Or an onsite install of the mta / antispam solution etc, updated by the outsourcer (push updates using rsync, for example) but sitting on racks in the ISP's data center. -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
Re: Openwave Opinions
> > Every mail product that costs lots of money will yield a worse overall > > solution that using a good free/open-source mail software (postfix, qmail, > > exim... pick one) and spending money on people with good technical skills to > > tune and adapt the system. Unless, of course, your financial resources are > > unlimited... > > It is not just financial resources - it is also a factor of time to > build a filter / set of filters from scratch (even with spamassasin + > bogofilter you need to train it extensively, and tweak its rulesets to > suit your mail flow). I think this part of question was referring only to MTAs, not MTA + anti-spam/virus tools. Anti-spam tuning is really a bit slower to do than general performance tuning (MTA or MTA + anti-virus), but this will be true to whatever MTA software and anti-spam one might buy. > Sometimes outsourcing corporate / isp mail handling to a provider like > us, criticalpath, postini etc might be a good way to go. Outsourcing is usually a good way to get a solution with expertise instead of a next->next->finish software installation and license to use it... but for ISP use, integration with internal OSS (billing, tech-support etc.) seems to be a challenge. Outsourcing costs also keeps most ISPs from using such a solution, unless time-to-market is the one and only criteria. Rubens
Re: This may be stupid but..
The only problem - they have no clue about the profession they're recruiting for and tend to judge applicants not by them saying reasonable things but by their self-assuredness and by keywords in resume. Recruiters are only good for initial screening and attracting applicants, and in this economic climate theis services are nearly worthless, too. As for presuming they actually read resumes... well, they may, but they never seem to be able to distinguish between reality and exaggregation or outright lies. In the end, they screen out all geeks and you end up with a bunch of polished liars. Better use networking and referrals, and Internet-based resources. --vadim On Sat, 8 Nov 2003, John Brown (CV) wrote: > > so negotiate with the recruiter. > > benifits of a recuriter are: > > * they take the twit calls > * they read thru the resumes and sort the junk out > * they do the screening > * they do the reference and background checks > * they have more resources to find people than you do > > this saves you time and money on your end. time better > spent building customer base, solving customer problems, etc. > > and if you do a good contract with the recruiter, if the > person you hire is sacked, they find you a new one at no cost :) > > > On Sat, Nov 08, 2003 at 05:16:46PM -0500, Fisher, Shawn wrote: > > > > If this question is inappropriate for this list I apoligize in advance. > > > > I have several open engineering positions that I am trying to fill without > > the use of a recruiter. My thoughts on using a recruiter is they end up > > extracting a fee from the employer that would be better put to the future > > employee. > > > > My question, what is the most effective way to recruit quality engineers? > > Does anyone have experience or opinions to share? > > > > TIA, > > > > Shawn
Re: Openwave Opinions
Rubens Kuhl Jr. writes on 11/8/2003 5:53 PM: Anyone have any openwave mail MX opinions or experience good or bad? Every mail product that costs lots of money will yield a worse overall solution that using a good free/open-source mail software (postfix, qmail, exim... pick one) and spending money on people with good technical skills to tune and adapt the system. Unless, of course, your financial resources are unlimited... It is not just financial resources - it is also a factor of time to build a filter / set of filters from scratch (even with spamassasin + bogofilter you need to train it extensively, and tweak its rulesets to suit your mail flow). Sometimes outsourcing corporate / isp mail handling to a provider like us, criticalpath, postini etc might be a good way to go. Or you might elect to get a managed antispam solution that plugs into your mta (kind of like brightmail or spamsquelcher.org) Design question: Is it better to have integrated or seperate Anti-spam and Anti-virus built into the mail platform? The unix way - one tool per job. Build a mail system out of components - it is often the best way to go. srs -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
Re: Datacenter Spec's
On Sat, 8 Nov 2003, Fisher, Shawn wrote: > Can anyone point me to a good resource for datacenter spec's or best > practices? There isn't a one-size fits all data center spec. I try to outline various considerations for evaluating data center specs on my web site http://www.donelan.com/design/general.html There are very few things which justify the cost of a Level V (Grade AAA) data center design. A Level I computer room is satisfactory for many ordinary business purposes. Heck, most computers used in business wouldn't meet the Orange Book "C" rating for security, why put a "C" rated system in an "A" rated data center. Better concrete won't improve the software. Hire a licensed architect and professional engineering firm with experience designing datacenters. Several vendors have data center white papers, but usually the white paper consists of recommendations to buy a particular vendor's equipment.
RE: Datacenter Spec's
Try here too: http://www.averillpark.net/datacenter/ Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron Malenfant (rmalenfa) Sent: Saturday, November 08, 2003 3:06 PM To: 'Fisher, Shawn'; 'Nanog List (E-mail)' Subject: RE: Datacenter Spec's Hi Shawn, take a look at a few docs here - http://www.cisco.com/warp/public/cc/so/neso/wnso/power/gdmdd_wp.pdf http://whitepapers.comdex.com/data/rlist?o=979246117_954 http://www.apcc.com/go/promo/expo/form4.cfm?tsk=m684y&thepromo=powering_ whitepaper ron -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fisher, Shawn Sent: Saturday, November 08, 2003 5:24 PM To: Nanog List (E-mail) Subject: Datacenter Spec's Can anyone point me to a good resource for datacenter spec's or best practices? Looking for specs related to: Powering Racking Cablemanagement Grounding Raised Floors etc. TIA
RE: Datacenter Spec's
Hi Shawn, take a look at a few docs here - http://www.cisco.com/warp/public/cc/so/neso/wnso/power/gdmdd_wp.pdf http://whitepapers.comdex.com/data/rlist?o=979246117_954 http://www.apcc.com/go/promo/expo/form4.cfm?tsk=m684y&thepromo=powering_ whitepaper ron -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fisher, Shawn Sent: Saturday, November 08, 2003 5:24 PM To: Nanog List (E-mail) Subject: Datacenter Spec's Can anyone point me to a good resource for datacenter spec's or best practices? Looking for specs related to: Powering Racking Cablemanagement Grounding Raised Floors etc. TIA
Re: Openwave Opinions
> Anyone have any openwave mail MX opinions or experience good or bad? Every mail product that costs lots of money will yield a worse overall solution that using a good free/open-source mail software (postfix, qmail, exim... pick one) and spending money on people with good technical skills to tune and adapt the system. Unless, of course, your financial resources are unlimited... > Design question: Is it better to have integrated or seperate Anti-spam and > Anti-virus built into the mail platform? There are some design mistakes (such as trying to do these time-consuming process synchronously) that both integrated and isolated anti-spam/virus solutions have shown... the interesting thing with separate solutions is that you can see the architeture from the configuration instructions, so someone can quickly tell if that solution will scale or not. Using monolithic or separate solutions will have some strategic consequences, but design issues can arise in both. Rubens
Re[2]: This may be stupid but..
On Sat, 8 Nov 2003 15:33:52 -0700 "John Brown (CV)" <[EMAIL PROTECTED]> wrote: > and if you do a good contract with the recruiter, if the > person you hire is sacked, they find you a new one at no cost :) i'd also suggest using an independent recruiter, and check references. the big firms that do recruiting often take a cut that is all out of proportion to the amount of work they actually do. an independent will often be more reasonable. richard -- Richard Welty [EMAIL PROTECTED] Averill Park Networking 518-573-7592 Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
Re: Web hijacking by router - a new method of advertisement by Belkin
May be they simply flag your router to not redirect to any web site, but the router still goes every x hours to their site to verify the current redirect status of your product. This wouldn't require admin privileges on your box to be done... but could make every router with such firmware DoS'able; just blackhole the Belkin site and every such request would need to timeout before the router resumes normal behaviour. Rubens - Original Message - From: "Steven M. Bellovin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Saturday, November 08, 2003 11:44 AM Subject: Re: Web hijacking by router - a new method of advertisement by Belkin > > In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > an.net writes: > > > >Would be interesting to see if their current advertisement (every 8 hours) > >page would now be replaced with "We're so sorry that you're seeing this > >page, please make sure to download our latest patch so your router never > >bother you again and would keep us out of legal trouble" message... > > The Belkin posting reproduced on Slashdot indicates that when you > unsubscribe via their Web page, it modifies the configuration of your > router. Say, what? There are ways in which an external Web server can > change things on my box? How is that secured? I can think of lots of > bad answers to that question, and not very many good ones. > > --Steve Bellovin, http://www.research.att.com/~smb > > >
Re: This may be stupid but..
so negotiate with the recruiter. benifits of a recuriter are: * they take the twit calls * they read thru the resumes and sort the junk out * they do the screening * they do the reference and background checks * they have more resources to find people than you do this saves you time and money on your end. time better spent building customer base, solving customer problems, etc. and if you do a good contract with the recruiter, if the person you hire is sacked, they find you a new one at no cost :) On Sat, Nov 08, 2003 at 05:16:46PM -0500, Fisher, Shawn wrote: > > If this question is inappropriate for this list I apoligize in advance. > > I have several open engineering positions that I am trying to fill without > the use of a recruiter. My thoughts on using a recruiter is they end up > extracting a fee from the employer that would be better put to the future > employee. > > My question, what is the most effective way to recruit quality engineers? > Does anyone have experience or opinions to share? > > TIA, > > Shawn
Openwave Opinions
Anyone have any openwave mail MX opinions or experience good or bad? Design question: Is it better to have integrated or seperate Anti-spam and Anti-virus built into the mail platform? Thanks, Shawn
Datacenter Spec's
Can anyone point me to a good resource for datacenter spec's or best practices? Looking for specs related to: Powering Racking Cablemanagement Grounding Raised Floors etc. TIA
This may be stupid but..
If this question is inappropriate for this list I apoligize in advance. I have several open engineering positions that I am trying to fill without the use of a recruiter. My thoughts on using a recruiter is they end up extracting a fee from the employer that would be better put to the future employee. My question, what is the most effective way to recruit quality engineers? Does anyone have experience or opinions to share? TIA, Shawn
Re: hinet.net contact
--- Suresh Ramasubramanian <[EMAIL PROTECTED]> wrote: > John Obi writes on 10/30/2003 12:22 PM: > > > Hello folks, > > > > I can tell you that hinet.net hosts being > exploited by > > script kiddies and no one in hinet.net cares. > > > > And I really failed to get a contact of their > abuse > > department, or any live person bothers to reply. > > You might want to contact the TW-CERT people at > http://www.cert.org.tw/eng/index.htm > > -- Folks, I tried that with no luck, I also tried other listed conacts in the whois list with no luck. I found that AT&T , UUNet, and Sprint are the NSPs of this ISP. Can anyone from these ISPs get hinet.net to deal with the abuse emails? Please contact me off list if you can help. Thanks, -J __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree
Re: Web hijacking by router - a new method of advertisement byBelkin
Dave Stewart wrote: > > At 11:42 PM 11/7/2003, Kee Hinckley wrote: > > >It appears that they've learned their lesson. This is tacked at the > >bottom of the front page at Belkin. > > > >>Important message from Belkin: > >>We at Belkin apologize for the recent trouble our customers have > >>experienced with the wireless router/browser redirect issue. We will be > >>offering firmware fixes available for download early next week. We do not > >>have exact details yet but we can tell you now that each router's > >>firmware that incorporates Parental Control as an option will be changed. > >> > >>Please expect more detailed information to follow early next week. Thank > >>you. > > Imagine that... they listened to the community. > > Should they actually follow up on this and remove this abomination from > their firmware, I'd suggest they should earn back some respect. I'll look to see if they are making something I'd be willing to buy (buggy whips, perhaps?) in 200 years. The time to be cautious about your reputation is before you do some- thing criminally stupid.
Re: Web hijacking by router - a new method of advertisement by Belkin
In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] an.net writes: > >Would be interesting to see if their current advertisement (every 8 hours) >page would now be replaced with "We're so sorry that you're seeing this >page, please make sure to download our latest patch so your router never >bother you again and would keep us out of legal trouble" message... The Belkin posting reproduced on Slashdot indicates that when you unsubscribe via their Web page, it modifies the configuration of your router. Say, what? There are ways in which an external Web server can change things on my box? How is that secured? I can think of lots of bad answers to that question, and not very many good ones. --Steve Bellovin, http://www.research.att.com/~smb
Re: Web hijacking by router - a new method of advertisement by Belkin
On Fri, 7 Nov 2003, Bradley Dunn wrote: > Peter Galbavy wrote: > > I hope that the US - the largest single market for technology products I > > assume - has a similar bunch of useful [consumer] law. > > I don't. Who needs a bunch of laws (and accompanying bureaucrats and > lawyers) when market pressure dealt with the issue quickly and forcefully. No doubt. But still it should have been clear to them this is not allowed in the first place... And besides that haven't we just seen how "market pressure" works in case of Verisign where there were getting millions of dollars of extra income and did not care what others say! Btw - here is Belkin's apology posted on usenet: "From: Eric Deming ([EMAIL PROTECTED]) Subject: Re: [OT-evil marketing] Belkin does Verislime one better - router spam! Newsgroups: news.admin.net-abuse.email Date: 2003-11-07 20:00:08 PST All, We at Belkin apologize for the recent trouble our customers have experienced with the wireless router/browser redirect issue. We unintentionally overlooked the effect this feature would have. We never intended to compromise the trust of our customers, and we never intend to do so in the future. We are taking responsibility for this, and we will be offering firmware fixes early next week. We do not have exact details yet as we are still working on them, and will continue to work on them over the weekend. What we can tell you now is that each Router's firmware that incorporates Parental Control as an option will be changed. I'll keep posting as things develop. Stay tuned..." I have to note that first email post by the same person from Belkin has been removed from google (the post where he revealed why the did it in the first place). This was surprising as it would seem belkin did not know usenet is not google-only service so if it appeared at google groups, many many others would have had copy locally at thousands of places. And for those who did not, somebody made sure an extra copy was available on the web at: http://slashdot.org/comments.pl?sid=85076&threshold=1&commentsort=0&tid=153&mode=thread&cid=7419497 I'm not sure if its the hundreds of people saying they will never buy from belkin again or if its the actual legal problems (what they did probably broke laws and if it did not it would make them liable in certain cases of redirection happen at very inconvient moment) that forced belkin to react so quickly, but I'm happy they are doing it and taking responsibilityh and hopefully this will establish good precident in case somebody else was considering something similar (i.e. don't you dare imitate verisign!) Would be interesting to see if their current advertisement (every 8 hours) page would now be replaced with "We're so sorry that you're seeing this page, please make sure to download our latest patch so your router never bother you again and would keep us out of legal trouble" message... -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: Web hijacking by router - a new method of advertisement by Belkin
Peter Galbavy wrote: I hope that the US - the largest single market for technology products I assume - has a similar bunch of useful [consumer] law. I don't. Who needs a bunch of laws (and accompanying bureaucrats and lawyers) when market pressure dealt with the issue quickly and forcefully. Bradley
Re: Web hijacking by router - a new method of advertisement by Belkin
[EMAIL PROTECTED] wrote: > How original of them! But for other router manufactures present on > this > list, make notice - DO NOT DO IT IN YOUR OWN PRODUCT EVER. I (and from > newsgrousp there are appears to be many others with same opinion > about it) > do not want routers modifying my network packets without my knowledge > about it and definetly not for marketing of your own products. Note, I am no legal professional here, but to looking forward to others being stupid; In the UK I am reasonable certain that this breaks a number of separate laws that no amount of "EULA" type small print can get around. For those interested, I suggest looking at the protection offered (assuming this product is sold to consumers in the first instance) the various "Sale of Goods" acts, UK and EU "unfair terms in [consumer] contracts" ("but the small print says..."), "computer misuse act" (modification of data without permission), data protection (leaked URLs) and I am sure many more. Now if only we had government departments that actually cared and helped lean on these types of idiot. I hope that the US - the largest single market for technology products I assume - has a similar bunch of useful [consumer] law. Peter