Re: ICMP Vulnerability
Too much noice on too small problem. The only use of this - BOT wars in IRC world (mopre likely, with a very low success rate). - Original Message - From: Alex Bligh [EMAIL PROTECTED] To: Gwendolynn ferch Elydyr [EMAIL PROTECTED]; Hannigan, Martin [EMAIL PROTECTED] Cc: nanog@merit.edu; Alex Bligh [EMAIL PROTECTED] Sent: Tuesday, April 12, 2005 8:59 AM Subject: Re: ICMP Vulnerability --On 12 April 2005 11:57 -0400 Gwendolynn ferch Elydyr [EMAIL PROTECTED] wrote: http://www.cisco.com/warp/public/707/cisco-sa-=20050412-icmp.shtml Actually http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml Alex
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On Tue, 2005-04-12 at 23:42 -0300, Doug Barton wrote: This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC Would you (read: IANA) also be so kind and give them a nice chunk out of: http://www.iana.org/assignments/ipv6-unicast-address-assignments I guess and am most likely wrong, that many ISP's will be starting out there and buying their equipment now, which, if they are able to get IPv6 too at the same time would give a nice incentive to check out the hardware that does IPv6, bringing Africa directly into the 21st century :) If I divided the list correctly, though based on continent, not on RIR region, there should be a number of IPv6 ISP's already as per: http://www.sixxs.net/tools/grh/tla/all/?continent=africa Btw, is there going to be an LACNIC-alike system for transfering RIPE/ARIN resources to AfriNIC? Greets, Jeroen signature.asc Description: This is a digitally signed message part
Re: New IANA IPv4 allocation to AfriNIC (41/8)
Jeroen Massar wrote: On Tue, 2005-04-12 at 23:42 -0300, Doug Barton wrote: This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC Would you (read: IANA) also be so kind and give them a nice chunk out of: http://www.iana.org/assignments/ipv6-unicast-address-assignments There is already a /23 in 2001::/16 that has AfriNIC's name on it, you'll be hearing more about that tomorr... errr... later today. Allocations of larger IPv6 blocks are still handled on a case by case basis until there is a global IPv6 allocation policy developed in the manner described by the new ASO MOU. A new draft of such a policy will be discussed at ARIN's meeting in Orlando next week. Btw, is there going to be an LACNIC-alike system for transfering RIPE/ARIN resources to AfriNIC? I wouldn't characterize it exactly that way, but resources that have been held in trust and/or managed by the other RIRs in anticipation of an African RIR will be transferred. The details of those arrangements are primarily administrative matters, and while ICANN is happy to assist if necessary, we have confidence that the RIRs will work this out in due time. Regards, Doug -- Doug Barton General Manager, The Internet Assigned Numbers Authority
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
...and hilarity ensued. Not. http://www.icannwatch.org/articles/05/04/11/132201.shtml Sigh. I am certainly not happy to see this and I must confess dismay that the subject rears its ugly head. My life has been better since i stopped paying attention to these people hoping that they would sink beneath the surface of the sea. I looked at the Cave Bear blog and saw nothing there that offered any kind of concise clear picture of WHAT their proposed allocation policy was and why it was bad. This is all a tempest in a teapot and it is all caused by a poor choice of headings and seems to be a knee jerk reaction to several possible ways in which the heading can be misunderstood. The heading in question is IP4 Global Allocation Policy. But the truth of the matter is found in the first clause: Whereas, the ASO Address Council has forwarded a codification of existing global policies for allocation of IPv4 address blocks from IANA to the Regional Internet Registries (RIRs), affirming that the Policy had been approved in accordance with the policy development process adopted and specified by the ASO MOU. This has nothing whatsoever to do with IPv4 allocations to IP network operators or end users, both of which are governed by REGIONAL policies created and administered by the REGIONAL Internet Registries. I think it is a good think that ICANN has accepted a policy which treats all regions evenly and a policy which was created, bottom up, by the regional groups themselves. ICANN is not perfect but it is hard to see anything wrong with this particular action. --Michael Dillon
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On Wed, Apr 13, 2005 at 10:14:05AM +0200, Jeroen Massar [EMAIL PROTECTED] wrote a message of 49 lines which said: Btw, is there going to be an LACNIC-alike system for transfering RIPE/ARIN resources to AfriNIC? AFAIK, all inetnums belonging to Africa in the RIPE-NCC database have already been transferred (I don't know for ARIN): % whois -h whois.ripe.net 217.64.96.0 % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html inetnum: 217.64.96.0 - 217.64.111.255 org: ORG-AFNC1-RIPE netname: AFRINIC-NET-TRANSFERRED-20050223 descr:This network has been transferred to AFRINIC remarks: These IP addresses are assigned in the AFRINIC region. remarks: Authoritative registration information for this network remarks: is available for query and modification in remarks: the AFRINIC whois database: whois.afrinic.net or remarks: web site: http://www.afrinic.net remarks: The routing registry information (route(6) objects) remarks: may be published in any Routing Registry, including remarks: RIPE Whois Database country: EU # country is really somewhere in African Region admin-c: AFRI-RIPE tech-c: AFRI-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-routes: RIPE-NCC-RPSL-MNT changed: [EMAIL PROTECTED] 20050223 source: RIPE
New Outage Hits Comcast Subscribers
BetaNews: New Outage Hits Comcast Subscribers http://www.betanews.com/article/New_Outage_Hits_Comcast_Subscribers/1113367699 - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://spaces.msn.com/members/fergdawg/
Re: Hotmail-- Again??
On Wed, 13 Apr 2005 07:18:41 +0530 Suresh Ramasubramanian [EMAIL PROTECTED] wrote: On 4/12/05, Matthew Black [EMAIL PROTECTED] wrote: 2. After given a numeric SMTP error response code between 500 and 599 (also known as a permanent non-delivery response), the sender must not attempt to retransmit that message to that recipient. Microsoft Outlook doesn't follow this rule. Outlook perpetually retries sending messages which encounter an SMTP permanent error between 500 and 599. How interesting that their on-line e-mail service has rules that prevent use of the parent company's own products. 8-) Outlook is not an MTA and it is not going to connect to MSN/Hotmail's servers to deliver mail. And Hotmail is run by a rather different group of people than those that code Outlook. You missed the point of my message. I am fully aware that Outlook is an MUA and Hotmail does not let their free customers use MUAs. Paid Hotmail customers are permitted to use their own MUA. The point of my original post is that Microsoft owns an on-line e-mail portal that follows RFC-[2]821 (or is it [2]822) by requiring connecting systems to obey the 5xx response codes as permanent failures and never attempt redelivery of the errant message. Microsoft Outlook and Exchange do NOT understand that 5xx error codes are permanent and will attempt redelivery, indefintely in the case of Outlook. matthew black california state university, long beach
Comcast Contact
Could someone from Comcast please email me off list. Ross Hosman [EMAIL PROTECTED]
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
I thought you were doing these on a blog now On 4/12/2005 8:25 PM, Fergie (Paul Ferguson) wrote: ...and hilarity ensued. Not. http://www.icannwatch.org/articles/05/04/11/132201.shtml - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://spaces.msn.com/members/fergdawg/ -- Eric A. Hallhttp://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocati on
I am. - ferg -- Eric A. Hall [EMAIL PROTECTED] wrote: I thought you were doing these on a blog now -- Eric A. Hallhttp://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
This is all a tempest in a teapot and it is all caused by a poor choice of headings and seems to be a knee jerk reaction to several possible ways in which the heading can be misunderstood. Auerbach complains about ICANN. He challenges process rather than outcomes. He even cites the absence of protracted, public dialogue as 'proof' that input is being ignored. The input turns out to be markedly minimal, where he comprises 25% of it. An anti-ICANN website publishes it. Why is it anyone thinks this sort of icann-bashing-as-usual, is somehow significant and worthy of burdening nanog? d/ --- Dave Crocker Brandenburg InternetWorking +1.408.246.8253 dcrocker a t ... WE'VE MOVED to: www.bbiw.net
RE: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gordon Cook Sent: Tuesday, April 12, 2005 9:22 PM To: nanog@merit.edu Subject: Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation ...and hilarity ensued. Not. http://www.icannwatch.org/articles/05/04/11/132201.shtml - ferg Sigh. I am certainly not happy to see this and I must confess dismay that the subject rears its ugly head. My life has been better since i stopped paying attention to these people hoping that they would sink beneath the surface of the sea. [ SNIP ] I'm paying attention and when I saw that announcement I contacted an ARIN AC ASO rep and asked for some detail. The explanation I received was that this was documenting some existing practice which seems to be line up with the meeting notes and other comments I've read. Is there an operational problem with what happened? -M
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
Why is it anyone thinks this sort of icann-bashing-as-usual, is somehow significant and worthy of burdening nanog? we should return to fergie's endless news items? procmail is your friend randy
Re: New Outage Hits Comcast Subscribers
During the first outage this week I used Bluetooth DUN via my Treo to dial-up from home and check Comcast's customer support web page. There was a note on the network health page stating that Internet access was down for all cable modem subscribers. Uh no, it wasn't down - just their DNS was down (which I suppose to most is the same as the Internet being down). Of course, none of Comcast's subscribers could actually get to that page unless they had an alternative service or could manually modify their DNS settings to point elsewhere. (I'm reminded of Less Nessmen's famous broadcast announcing that WKRP was off the air). Irwin From: Fergie (Paul Ferguson) [EMAIL PROTECTED] Date: Wed, 13 Apr 2005 14:15:50 GMT To: nanog@merit.edu Subject: New Outage Hits Comcast Subscribers BetaNews: New Outage Hits Comcast Subscribers http://www.betanews.com/article/New_Outage_Hits_Comcast_Subscribers/1113367699 - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://spaces.msn.com/members/fergdawg/
Re: New Outage Hits Comcast Subscribers
Dear Comcast, Let me inform you of an exciting new concept... Anycast DNS... It is not difficult... Get with the freaking program... Peter On Apr 13, 2005, at 7:15 AM, Fergie (Paul Ferguson) wrote: BetaNews: New Outage Hits Comcast Subscribers http://www.betanews.com/article/New_Outage_Hits_Comcast_Subscribers/ 1113367699 - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://spaces.msn.com/members/fergdawg/
Re: Comcast Contact
On Wednesday April 13 2005 08:04, Ross Hosman wrote: Could someone from Comcast please email me off list. Ross Hosman [EMAIL PROTECTED] http://www.nanog.org/email.html Follow directions.. -- Scott Grayban Security/Abuse Engineer FCT Enterprises -- www.fctsupport.com
Re: New Outage Hits Comcast Subscribers
On Wed, 13 Apr 2005, Peter John Hill wrote: Let me inform you of an exciting new concept... Anycast DNS... It is not difficult... Get with the freaking program... I attempted to get DNS deployed under anycast when I worked there. As you can see, I don't work there any more. Draw your own conclusions. -- Brandon Ross AIM: BrandonNRoss Director, Network Engineering ICQ: 2269442 InternapYahoo: BrandonNRoss
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
On 4/13/2005 6:20 AM, [EMAIL PROTECTED] wrote: ICANN is not perfect but it is hard to see anything wrong with this particular action. what's got to be wrong about it? ICANNwatch is the unelected opposition party to ICANN's unelected majority party. Whatever ICANN does, ICANNwatch finds somebody who opposes it or comes out and opposes it themselves if they must, cause that's what opposition parties do. Being right or wrong or in the service of the community has nothing to do with it. -- Eric A. Hallhttp://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: New IANA IPv4 allocation to AfriNIC (41/8)
Thank you for that information. I can leave 41/8 in my router bogon list and hopefully eliminate the Nigerian 419 problem somewhat. - Original Message - From: Doug Barton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 12, 2005 21:42 Subject: New IANA IPv4 allocation to AfriNIC (41/8) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC For a full list of IANA IPv4 allocations please see: http://www.iana.org/assignments/ipv4-address-space This is the first allocation to AfriNIC after their recent recognition as a Regional Internet Registry. The ICANN staff would like to offer its congratulations to AfriNIC for this significant achievement. - -- Doug Barton General Manager, The Internet Assigned Numbers Authority -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCXIcvwtDPyTesBYwRAi3eAJ9/+Dr9XZcD4xEeEhGv8f51YjYaEACgib9Z HBliA/KP+Xsbe1Bp/poOJfM= =+Z/c -END PGP SIGNATURE-
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On 4/13/05, John Palmer [EMAIL PROTECTED] wrote: Thank you for that information. I can leave 41/8 in my router bogon list and hopefully eliminate the Nigerian 419 problem somewhat. Personally, I believe we should give them the chance to fail before we cut them off from the rest of the world. I don't think the majority of 419 email comes from addresses actually sourced in Nigeria. -Steve
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
On Wed, 13 Apr 2005 09:24:13 PDT, Dave Crocker said: (citing out of order to make a point...) The input turns out to be markedly minimal, where he comprises 25% of it. Whether Karl is in fact right or a raving net.loon, there is indeed something very wrong with the process if he's 25% of the input. He even cites the absence of protracted, public dialogue as 'proof' that input is being ignored. Exactly. This is the Internet, remember? Even a mostly-obvious statement like ISPs should prevent their customers from leaking rfc1918-sourced addresses will start a flamefest. So the *lack* of a flame-fest regarding *any* action taken by ICANN should tell you something about the perception of ICANN - even the majority of net.loons have learned it's not worth the effort pgpFaSZSXgbg2.pgp Description: PGP signature
Re: New IANA IPv4 allocation to AfriNIC (41/8)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Steve! On Wed, 13 Apr 2005, Steve Meuse wrote: Personally, I believe we should give them the chance to fail before we cut them off from the rest of the world. I don't think the majority of 419 email comes from addresses actually sourced in Nigeria. Yeah, but the only thing I get from Nigeria is 419s. YMMV. So much so that my users demanded I block Nigerian IPs. Still, I'll wait until 41/8 is abused before I block it. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCXYX48KZibdeR3qURAlDaAJ9ml/yR19/ROIZgqjxFkC9YQeucQQCgvxZo lQvvAzxcMmPdzS07gAclYrw= =d4fe -END PGP SIGNATURE-
Re: New IANA IPv4 allocation to AfriNIC (41/8)
This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC To those suggesting a block of 41/8 to stop the Nigerian 419 problem or any other percieved problem: C'mon Africa != Nigeria. It's an entire friggin' continent with 53 other countries besides Nigeria. How does that saying go? I encourage my competitors to do this. (Oh yeah, don't forget to block all Chinese IP addresses while you're at it. That's only one country... 8-) Do you REALLY think blocking 41/8 will stop those emails? AfriNIC just received final recognition as the 5th RIR by ICANN a few days ago after 8 years of hard work. Give 'em a break! See www.afrinic.net scott
Re: djbdns: An alternative to BIND
Thanks for the clarification. I agree, it is very unusual to transfer a trademark without transferring the product it identifies. I didn't know it was impossible. Since you are an expert on the subject, I would like to have your opinion regarding how ISC can claim a trademark on BIND, assuming no transfer ever took place. Or if you think it cannot reasonably make such a claim. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
RE: djbdns: An alternative to BIND
I'd prefer it if you gave an opinion on how this was operationally relevant? Thanks for the clarification. I agree, it is very unusual to transfer a trademark without transferring the product it identifies. I didn't know it was impossible. Since you are an expert on the subject, I would like to have your opinion regarding how ISC can claim a trademark on BIND, assuming no transfer ever took place. Or if you think it cannot reasonably make such a claim.
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
[EMAIL PROTECTED] wrote: Whether Karl is in fact right or a raving net.loon, there is indeed something very wrong with the process if he's 25% of the input. It may be useful to keep in mind that this is the tail end of a long process that we're talking about here. There was already a lot of discussion about this in the RIR regional forums when the policy was being developed, so far from being symptomatic of a problem I think that the lack of controversy here is a good sign that the system works. FWIW, Doug -- If you're never wrong, you're not trying hard enough
Re: New IANA IPv4 allocation to AfriNIC (41/8)
You do know that I was joking, don't you?? Sorry, I didn't know that NANOG has a humor filter on it. - Original Message - From: Scott Weeks [EMAIL PROTECTED] To: nanog@merit.edu Sent: Wednesday, April 13, 2005 16:26 Subject: Re: New IANA IPv4 allocation to AfriNIC (41/8) This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC To those suggesting a block of 41/8 to stop the Nigerian 419 problem or any other percieved problem: C'mon Africa != Nigeria. It's an entire friggin' continent with 53 other countries besides Nigeria. How does that saying go? I encourage my competitors to do this. (Oh yeah, don't forget to block all Chinese IP addresses while you're at it. That's only one country... 8-) Do you REALLY think blocking 41/8 will stop those emails? AfriNIC just received final recognition as the 5th RIR by ICANN a few days ago after 8 years of hard work. Give 'em a break! See www.afrinic.net scott
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On Wed, 13 Apr 2005, John Palmer wrote: : To those suggesting a block of 41/8 to stop the Nigerian 419 problem or : any other percieved problem: : You do know that I was joking, don't you?? : Sorry, I didn't know that NANOG has a humor filter on it. You weren't the only one suggesting it and I was worried there were more lurking that might consider it. Also, there was no smiley face... :) scott
Re: Auerbach Accuses ICANN Board of Dereliction of Duty on IP Allocation
Not so. The idea of an opposition party suggests the editors of ICW have some desire to be in control. Not at all. Further, we run a slash server. Most of the content is contributed. We don't have to go hunt for it. If ICANN ran decent discussion boards, it would put us out o business. One can only hope and dream. On Wed, 13 Apr 2005, Eric A. Hall wrote: On 4/13/2005 6:20 AM, [EMAIL PROTECTED] wrote: ICANN is not perfect but it is hard to see anything wrong with this particular action. what's got to be wrong about it? ICANNwatch is the unelected opposition party to ICANN's unelected majority party. Whatever ICANN does, ICANNwatch finds somebody who opposes it or comes out and opposes it themselves if they must, cause that's what opposition parties do. Being right or wrong or in the service of the community has nothing to do with it. -- http://www.icannwatch.org Personal Blog: http://www.discourse.net A. Michael Froomkin |Professor of Law| [EMAIL PROTECTED] U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | http://www.law.tm --It's cool here.--
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On Wed, 13 Apr 2005 20:38:44 UTC Steve Meuse [EMAIL PROTECTED] wrote: On 4/13/05, John Palmer [EMAIL PROTECTED] wrote: Thank you for that information. I can leave 41/8 in my router bogon list and hopefully eliminate the Nigerian 419 problem somewhat. Personally, I believe we should give them the chance to fail before we cut them off from the rest of the world. I don't think the majority of 419 email comes from addresses actually sourced in Nigeria. The largest part (90%) does originate in Nigeria. The remainder comes from countries adjacent to Nigeria such as Togo, Senegal, etc (~6%) or from the Netherlands (~4%) Unfortunately, the traffic originating in Nigeria comes out on satellite connections which have established IP ranges assigned to the Satellite operator and configured as part of his ASN. In other words, they will mostly match the location of the Satellite downlink - UK, Denmark, or Israel etc. Typically less than 10% of the traffic from Nigeria uses IPs assigned on the basis of the network actually being in Nigeria. The 419 scammers are so used now to port 25 on their own IP addresses being blocked (either by their own ISP or by the recipient network) that they have all but given up on direct mailing. Their main methods are to send through Webmail on a network that doesn't take subscription security sufficiently seriously (Tiscali, Microsoft Hotmail, etc) or to use a compromised server such one running PHPNuke webmail. Leaving 41/8 as a bogon, or otherwise filtering it, will make less than 1% overall difference in the volume of 419-style spam that you receive. Just for completeness, the lottery style scams, which are another form of Advance Fee Fraud, also originate in Nigeria even though they may claim to be from people in the UK or in other parts of the EEC. Just to keep this on topic I will relate the tale of a systems engineer who I called, to point out the volume of 419 mail coming through their mailservers. I can't look at that now, he said, the current load on our smarthosts is so high that the mail is backing up - and I have to get this proposal for four new servers finished for the Board tonight Then it suddenly dawned on him why his mail load had become so high ... -- Richard Cox
where 419 scams come from (was: Re: New IANA IPv4 allocation to AfriNIC (41/8))
on Wed, Apr 13, 2005 at 02:38:44PM -0600, Steve Meuse wrote: On 4/13/05, John Palmer [EMAIL PROTECTED] wrote: Thank you for that information. I can leave 41/8 in my router bogon list and hopefully eliminate the Nigerian 419 problem somewhat. Personally, I believe we should give them the chance to fail before we cut them off from the rest of the world. I don't think the majority of 419 email comes from addresses actually sourced in Nigeria. I can't speak to the whole world's perceptions, but for 419/aff mail seen here, the vast majority comes from IPs assigned to the following ISO country codes: (africa|AR|BF|BG|BJ|BW|CI|DK|ES|GH|IL|KE|KR|LB|LV|ML|MR|NG|NL|RW|SN|TG|ZA|ZW) Where 'africa' means IP space delegated to africa-online.com (216.104.192/20). Also see quite a bit from BR, the occasional one or two from space in the US, satellite connections, and some from FR. I know this because I use the Received: and various X-Originating-IP format headers (usually originating via some compromised or unmonitored webmail software) to extract the injection IP and reject messages if the source matches the ISO codes above in a crossref of IP to ISO code or other keyword. I used to see quite a bit from Australia, but bigpond seems to have cleaned up its act significantly. Steve -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com join us! http://hesketh.com/about/careers/account_manager.htmljoin us!
Re: New IANA IPv4 allocation to AfriNIC (41/8)
The largest part (90%) does originate in Nigeria. The remainder comes from countries adjacent to Nigeria such as Togo, Senegal, etc (~6%) or from the Netherlands (~4%) would love to see the cite for this, please randy
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On 4/13/05, Richard Cox [EMAIL PROTECTED] wrote: The largest part (90%) does originate in Nigeria. The remainder comes from countries adjacent to Nigeria such as Togo, Senegal, etc (~6%) or from the Netherlands (~4%) So we should spank the rest of the *continent* for one countries issues? -- -Steve
Re: New IANA IPv4 allocation to AfriNIC (41/8)
On Wed, 13 Apr 2005, Randy Bush wrote: The largest part (90%) does originate in Nigeria. The remainder comes from countries adjacent to Nigeria such as Togo, Senegal, etc (~6%) or from the Netherlands (~4%) would love to see the cite for this, please randy I have a collected archive of nearly 1000 nigerian scam emails if anyone would like to do an analysis. From what I recall a large % of origin IP (where origin IP is identifiable) are registered directly to Lagos. -Dan
Today's tech news highlights
For your perusal: Fed Panel Approves Tyco's Sale of Undersea Cable To India's Tata Microsoft Worm Cleaner Goes Rootkit Hunting Standards and specs: Naturally occurring standards Senators pledge action on data brokers Anti-spyware group collapses Florida Wins First Injunction Against Spammers Yahoo offers free hosting to small businesses One-Third Of Large Enterprises Favor Managed VoIP New Outage Hits Comcast Subscribers GM MasterCard warns of security theft Phishy behaviour or harmless spin? Telstra BigPond disconnecting Trojan-infected customers Sanswire to launch Stratellite Airships Articles links available via: http://spaces.msn.com/members/fergdawg/ Cheers, - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://spaces.msn.com/members/fergdawg/
Re: Comcast Contact
On 4/13/05, Ross Hosman [EMAIL PROTECTED] wrote: Could someone from Comcast please email me off list. Ross Hosman [EMAIL PROTECTED] If you have an AS, get yourself an inoc-dba phone. Easiest way to contact network operators that I know of. -- Suresh Ramasubramanian ([EMAIL PROTECTED])
NOC-DBA Phone (was Re: Comcast Contact)
I have one, and its cool. However the time I *really* needed it was because I couldn't reach a particular AS... and of course neither could my INOC-DBA phone (sigh...). -Jeff On Wed, 2005-04-13 at 23:12, Suresh Ramasubramanian wrote: On 4/13/05, Ross Hosman [EMAIL PROTECTED] wrote: Could someone from Comcast please email me off list. Ross Hosman [EMAIL PROTECTED] If you have an AS, get yourself an inoc-dba phone. Easiest way to contact network operators that I know of. -- = Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice [EMAIL PROTECTED]
Re: INOC-DBA Phone (was Re: Comcast Contact)
On Thu, 14 Apr 2005, Jeffrey I. Schiller wrote: I have one, and its cool. However the time I *really* needed it was because I couldn't reach a particular AS... and of course neither could my INOC-DBA phone (sigh...). There are several ways around that... Probably the easiest is to have your INOC-DBA phone number ring not only the SIP phone on your NOC desk, but a couple of commercial gateways like Vonage and BroadVoice and so forth, which would not, under most circumstances, all be affected by the same outage. One hopes. They would then ring PSTN numbers for you. Another way around the problem, which has been the most common one historically, is to put the INOC-DBA phones on different DSL/cable providers' lines run into your NOC, as well as on your own network. Three phones, reached through three ASNs, and _something_ should ring. A third way, which only a few ISPs have done, is to run a separate infrastructure out to a few exchanges, just to support those VoIP calls. That probably only makes sense if you're doing it anyway, for broader VoIP peering. -Bill
Re: Router choice for medium size hosting provider
Cisco's web site has a Miercom report http://www.cisco.com/application/pdf/en/us/guest/products/ps5854/c1244/cdccont_0900aecd8017382b.pdf that tested a bidirectional UDP flow between two 10/100 ports, with big IP packets, firewall and NAT running and logging turned on, and they got 130 Mbps. Your mileage may vary, depending on what a 50 Mbps fibre link is and what hardware and protocols you're using to support it (ATM? 51 Mbps SONET channel on OC3? Some kind of fiber Ethernet device?), and if you're using only 10/100 Mbps Ethernet cards, you'll want to enable full duplex if you can. Presumably a real application is much faster, if you don't need all the firewalling and NAT services. Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.