Re: DOS attack tracing
[EMAIL PROTECTED] (Richard) wrote: Ethernet to the primary upstream. I think that the lesson is _always_ use a router powerful enough to handle all ingress traffic at wire rate. Without access to the router, there is nothing you can do. So we are going to switch out the router. If you are mostly concerned about not being able to use the router console during attacks, you may change the CPU scheduling a bit. A brief scheduler allocate 6 2000 has helped me a lot there. The box stays manageable. This does of course not help you with the router going dead in regard to packet forwarding... Yours, Elmi. -- Begehe nur nicht den Fehler, Meinung durch Sachverstand zu substituieren. (PLemken, [EMAIL PROTECTED]) --[ ELMI-RIPE ]---
Re: Internet attack called broad and long lasting
O, my god. Primitive hack, primitive ssh exploit I watched it all 6 years ago, bnothing changed since this. It is _minor_ incident, in reality. - Original Message - From: Sean Donelan [EMAIL PROTECTED] To: nanog@merit.edu Sent: Monday, May 09, 2005 10:32 PM Subject: NYT: Internet attack called broad and long lasting Internet Attack Called Broad and Long Lasting by Investigators By JOHN MARKOFF and LOWELL BERGMAN Published: May 10, 2005 SAN FRANCISCO, May 9 - The incident seemed alarming enough: a breach of a Cisco Systems network in which an intruder seized programming instructions for many of the computers that control the flow of the Internet. [...] See the New York Times for the rest of the story.
Re: Internet attack called broad and long lasting
Alexei Roudnev wrote: O, my god. Primitive hack, primitive ssh exploit I watched it all 6 years ago, bnothing changed since this. It is _minor_ incident, in reality. Primitive I can understand, but _minor_? First, I don't really see why an attack should be estimated by the tool used. If a 10 years old exploit would work, why should an attacker look for and use a 0day? It's silly allocation of resources. Burrowing from that, if the attack is successful, and the loss is significant, I think the way there - although cute, is irrelevant except for the defender. Gadi.
Re: Unusual IN ANY DNS Traffic
On Wednesday 11 May 2005 03:57, Simon Waters wrote: Indeed moderns versions of BIND default to high ports for DNS queries as well unless configured otherwise. I think old versions of BIND and the odd firewall product were the main thing doing source port 53 queries. I was going to suggest email servers as a possible cause -- I think probably you'll have to speak to a customer if it still persists. Make sure they haven't been owned. Might just have been a spam run or mailshot with msn.com as the reply, and you discovering how many email servers are out there or similar. I suspect you're correct; these are probably some DSL customers who have 0wn3d by either a virus or malware and have just been turned on to spam domains at msn.com. Unfortunately we don't do protocol graphs on our major routers or else I would have been able to see a spike of port 25 traffic if it had existed - we just graph our DNS server query which is why I noticed the jump. I assume your not using something daft like MS DNS server, but a recent BIND or DJB cache. Also correct; we're running BIND 9.2.2 and I parse the query logs to see what kind of traffic we're getting via the different query types. -Doug -- Douglas E. Warner[EMAIL PROTECTED] Network Engineer CTI Networks, Inc. http://www.ctinetworks.com+1 717 975 9000 pgpg0a2P48vxT.pgp Description: PGP signature
Squid Cache DNS Lookup Spoofing Vulnerability
Given the recent attention to all matters of DNS cache poisoning (real or imagined), I figured this item might of interest to the list. I know there's a lot of Squid Caches out there... - ferg [snip] Via Secunia: http://secunia.com/advisories/15294/ Secunia Advisory: SA15294 Release Date: 2005-05-11 Impact: Spoofing Where: From local network Solution Status: Vendor Patch Software: Squid 2.x Description: A vulnerability has been reported in Squid, which can be exploited by malicious people to spoof DNS lookups. The vulnerability is caused due to an unspecified error in the DNS client when handling DNS responses and can be exploited to spoof DNS lookups. The vulnerability has been reported in version 2.5 and prior. Solution: Apply patch for version 2.5.STABLE9: http://www.squid-cache.org/Versi...id-2.5.STABLE9-dns_query-2.patch Original Advisory: http://www.squid-cache.org/Versi...ugs/#squid-2.5.STABLE9-dns_query [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Correction: Squid Cache DNS Lookup Spoofing Vulnerability
Mea culpa: The correct link for the appropriate patch(es): http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query - ferg -- Fergie (Paul Ferguson) [EMAIL PROTECTED] wrote: Given the recent attention to all matters of DNS cache poisoning (real or imagined), I figured this item might of interest to the list. I know there's a lot of Squid Caches out there... - ferg [snip] Via Secunia: http://secunia.com/advisories/15294/ Secunia Advisory: SA15294 Release Date: 2005-05-11 Impact: Spoofing Where: From local network Solution Status: Vendor Patch Software: Squid 2.x Description: A vulnerability has been reported in Squid, which can be exploited by malicious people to spoof DNS lookups. The vulnerability is caused due to an unspecified error in the DNS client when handling DNS responses and can be exploited to spoof DNS lookups. The vulnerability has been reported in version 2.5 and prior. Solution: Apply patch for version 2.5.STABLE9: http://www.squid-cache.org/Versi...id-2.5.STABLE9-dns_query-2.patch Original Advisory: http://www.squid-cache.org/Versi...ugs/#squid-2.5.STABLE9-dns_query [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Re: Squid Cache DNS Lookup Spoofing Vulnerability
Description: A vulnerability has been reported in Squid, which can be exploited by malicious people to spoof DNS lookups. The vulnerability is caused due to an unspecified error in the DNS client when handling DNS responses and can be exploited to spoof DNS lookups. The Squid description offers slightly more details: | Malicious users may spoof DNS lookups if the DNS client UDP port | (random, assigned by OS at startup) is unfiltered and your network is | not protected from IP spoofing. http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query This probably means that it's not possible to exploit this in a scalable way, just by manipulating authoritative name server replies. Most stub resolvers suffer from similar problems. Sometimes this is an explicit design decision (to keep the code as simple as possible). It's also not completely fixable because the DNS protocol requires a 16-bit message ID.
Re: Internet attack called broad and long lasting
On Wed, 11 May 2005 13:44:22 +0300, Gadi Evron said: First, I don't really see why an attack should be estimated by the tool used. If a 10 years old exploit would work, why should an attacker look for and use a 0day? It's silly allocation of resources. Burrowing from that, if the attack is successful, and the loss is significant, I think the way there - although cute, is irrelevant except for the defender. Actually, it *is* relevant for the rest of us. Given the number of boxen that got whacked, and the number of sites involved, the defender *is* the rest of us, and we as an industry obviously need to get our collective act in gear. Remember - *Your* boxes may be hardened beyond all belief and plausibility, but you're *STILL* screwed if some teenaged kid on another continent has more effective control of the router at the other end of your OC-48 than the NOC monkey you call when things get wonky pgp3Buvm8eZyB.pgp Description: PGP signature
Re: Internet attack called broad and long lasting
[EMAIL PROTECTED] wrote: [snip] Hi Vladis! Actually, it *is* relevant for the rest of us. Given the number of boxen that got whacked, and the number of sites involved, the defender *is* the rest of us, and we as an industry obviously need to get our collective act in gear. Remember - Which is exactly my point... People keep worrying about 0days, when I'd only start worrying about them once I made sure that current (old) and known vulns can't get me. Once they are inside, it doesn't matter how they got in until a later time when you do forensics and try to make sure it doesn't happen again, which is what I referred to as the defender side. Fact is, the break in was serious because serious data was stolen.. so why should the fact it was an old vuln distract us from that except for perhaps reintroduce the facts that people simply don't do enough security and/or best practices, which we already knew? *Your* boxes may be hardened beyond all belief and plausibility, but you're *STILL* screwed if some teenaged kid on another continent has more effective control of the router at the other end of your OC-48 than the NOC monkey you call when things get wonky Well, I suppose it's not really a great idea to wait until things get wonky to establish good and operational relations with your uplink. Gadi.
Blocking port udp/tcp 1433/1434
Is there still justification for denying transit for ms-sql slammer ports? Thanks, Joe
Re: Blocking port udp/tcp 1433/1434
On Wed, 11 May 2005, Joe Maimon wrote: Is there still justification for denying transit for ms-sql slammer ports? probably not, but that's really a local-to-your-asn decision.
Re: Blocking port udp/tcp 1433/1434
evil grin if you are sure there are no more infected machines out there... /evil grin best regards, marlon borba, cissp Joe Maimon [EMAIL PROTECTED] 11/5/2005 12:51:15 Is there still justification for denying transit for ms-sql slammer ports? Thanks, Joe
Re: Blocking port udp/tcp 1433/1434
You decide: http://www.dshield.org/topports.php http://www.mynetwatchman.com/tp.asp - ferg -- Joe Maimon [EMAIL PROTECTED] wrote: Is there still justification for denying transit for ms-sql slammer ports? Thanks, Joe -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
DNS requests and Bandwidth
Hello List. Wehave one domain setup on our server dns but there is no website or email configured .. Recently we've noticedsome increase inserver Bandwidth usage and after using tcpdump, we were able to find the problem which is a DNS server on the Internet sending many queries per second to resolve MX , A records for that domain whichis not existing of course but it keeps asking. One way was to block requests from that DNS IP but that was not practicle as many users on that DNS won't be able to communicate with our server. so What is the best way to prevent DNS queries consuming bandwidth. tcpdump output extract: 14:40:09.407336 212.26.72.85.34997 ns.MyNameServer.net.domain: 51794 MX? MyDomain.com. (29)(DF)14:40:09.411707 212.26.72.85.34997 ns.MyNameServer.net.domain: 14233 A? MyDomain.com. (29) (DF)14:40:09.415880 212.26.72.85.34997 ns.MyNameServer.net.domain: 39317 MX? MyDomain.com. (29) (DF)14:40:09.419827 212.26.72.85.34997 ns.MyNameServer.net.domain: 49503 A? MyDomain.com. (29) (DF)14:40:09.423700 212.26.72.85.34997 ns.MyNameServer.net.domain: 29362 A? MyDomain.com. (29) (DF)14:40:09.426963 212.26.72.85.34997 ns.MyNameServer.net.domain: 16692 A? MyDomain.com. (29) (DF)14:40:09.430590 212.26.72.85.34997 ns.MyNameServer.net.domain: 65288 A? MyDomain.com. (29) (DF)14:40:09.434350 212.26.72.85.34997 ns.MyNameServer.net.domain: 1341 A? MyDomain.com. (29) (DF)14:40:09.438163 212.26.72.85.34997 ns.MyNameServer.net.domain: 57932 A? MyDomain.com. (29) (DF) --- -aljuhani
RE: DNS requests and Bandwidth
From: aljuhani One way was to block requests from that DNS IP but that was not practicle as many users on that DNS won't be able to communicate with our server. so What is the best way to prevent DNS queries consuming bandwidth. Run an authoritative-only DNS server that won't respond to queries for domains it doesn't handle. tinydns from http://cr.yp.to/djbdns.html would be an example. David
Re: Blocking port udp/tcp 1433/1434
Is there still justification for denying transit for ms-sql slammer ports? Well MS-SQL Worm propagation attempts and MS-SQL version overflow attempts account for 62% of the activity on our Internet facing IDS.
Re: DNS requests and Bandwidth
aljuhani wrote: Hello List. We have one domain setup on our server dns but there is no website or email configured .. Recently we've noticed some increase in server Bandwidth usage and after using tcpdump, we were able to find the problem which is a DNS server on the Internet sending many queries per second to resolve MX , A records for that domain which is not existing of course but it keeps asking. One way was to block requests from that DNS IP but that was not practicle as many users on that DNS won't be able to communicate with our server. so What is the best way to prevent DNS queries consuming bandwidth. tcpdump output extract: 14:40:09.407336 212.26.72.85.34997 ns.MyNameServer.net.domain: 51794 MX? MyDomain.com. (29)(DF) 14:40:09.411707 212.26.72.85.34997 ns.MyNameServer.net.domain: 14233 A? MyDomain.com. (29) (DF) 14:40:09.415880 212.26.72.85.34997 ns.MyNameServer.net.domain: 39317 MX? MyDomain.com. (29) (DF) 14:40:09.419827 212.26.72.85.34997 ns.MyNameServer.net.domain: 49503 A? MyDomain.com. (29) (DF) 14:40:09.423700 212.26.72.85.34997 ns.MyNameServer.net.domain: 29362 A? MyDomain.com. (29) (DF) 14:40:09.426963 212.26.72.85.34997 ns.MyNameServer.net.domain: 16692 A? MyDomain.com. (29) (DF) 14:40:09.430590 212.26.72.85.34997 ns.MyNameServer.net.domain: 65288 A? MyDomain.com. (29) (DF) 14:40:09.434350 212.26.72.85.34997 ns.MyNameServer.net.domain: 1341 A? MyDomain.com. (29) (DF) 14:40:09.438163 212.26.72.85.34997 ns.MyNameServer.net.domain: 57932 A? MyDomain.com. (29) (DF) As happy as I'd be to go and yell DoS!! (I love that word)... there are other possibilities here. As an example, it is more than possible someone is trying to send mail to you, and that their server is broke so that it keeps re-trying forever in a DoS fashion (give me a buck for every time that happened to me...). Are you announcing this domain anywhere else? The A records are a bit more difficult to explain (but it's certainly possible), but I do ask you this.. if it's just one server.. did you try contacting them? That's probably a lot easier than any other course of action you can follow-up with. It could be a simple matter of a misconfiguration. You could also be a secondary victim of someone else's attack.. but if it's just one server.. try getting them on the horn.. then their uplink, and then just add them to your ACL.. sometimes there are no other options. Does this bandwidth consumption bother you, though? Or is this just out of curiosity? Gadi.
Re: Internet attack called broad and long lasting
On Wed, 11 May 2005 16:59:56 +0400, Gadi Evron said: Well, I suppose it's not really a great idea to wait until things get wonky to establish good and operational relations with your uplink. Fortunately for me, we've got such good operational relations with our primary uplink that I don't even have to go outside to get to their NOC. ;) The problem is that for most sites, good operational relations with the uplink isn't 100% congruent to uplink has their security act together. As a result, you get to have the Hello, Uplink? You guys get hacked? Umm.. yeah phone call... pgpCLP7RrGNqE.pgp Description: PGP signature
Re: Blocking port udp/tcp 1433/1434
Jeff Rosowski wrote: Is there still justification for denying transit for ms-sql slammer ports? Well MS-SQL Worm propagation attempts and MS-SQL version overflow attempts account for 62% of the activity on our Internet facing IDS. It changes from 40% to 70% here at AS8867, as well. Gadi.
Re: Blocking port udp/tcp 1433/1434
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe Maimon wrote: | | Is there still justification for denying transit for ms-sql slammer ports? on my at work small network, slammer (or slammer like) traffic is still around 2% of inbound blocked traffic. (just a dead end off of asn 6467) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCgkBh0STXFHxUucwRAjQ6AJsFHzi9/bof9L7kM+6pFfybkzNMJwCffZ2+ 76QYWAivNlOOT7DREixKMgU= =HIV3 -END PGP SIGNATURE-
Re: DNS requests and Bandwidth
On Wed, May 11, 2005 at 07:30:35PM +0300, aljuhani wrote: Recently we've noticed some increase in server Bandwidth usage and after using tcpdump, we were able to find the problem which is a DNS server on the Internet sending many queries per second to resolve MX , A records for that domain which is not existing of course but it keeps asking. One way was to block requests from that DNS IP but that was not practicle as many users on that DNS won't be able to communicate with our server. so What is the best way to prevent DNS queries consuming bandwidth. Stop running a DNS server? All joking aside, I've seen similar problems in cases where there's a lame delegation (with certain clients asking over and over for the same records). If mydomain.com is a domain which is pointed to your nameserver from the authoritative servers for that TLD, but which your nameserver is not authoritative for, you may want to setup a dummy zone. tcpdump output extract: 14:40:09.407336 212.26.72.85.34997 ns.MyNameServer.net.domain: 51794 MX? MyDomain.com. (29)(DF) 14:40:09.411707 212.26.72.85.34997 ns.MyNameServer.net.domain: 14233 A? MyDomain.com. (29) (DF) If your domains aren't mynameserver.net or mydomain.com, perhaps you'd get a more helpful response by including the actual hostnames / domains in question? You don't gain much by stripping this information, and it's much easier for people to figure out what might be going on if you include the actual domain(s). I'm assuming that if you're running a publicly accessible nameserver which is serving names for these domains, it's probably not sooper sekrit information. Also, if you MUST use a bogus domain, at least use a bogus domain reserved for that purpose (like example.com) or something ending in .invalid. w
Re: Blocking port udp/tcp 1433/1434
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chip Mefford wrote: on my at work small network, slammer (or slammer like) traffic is still around 2% of inbound blocked traffic. (just a dead end off of asn 6467) Almost every time I update our border ingress ACL (which removes the ACL for as long as it takes to load the new one, perhaps a few seconds) it triggers IDS alerts on 1433/1434, often specifically the slammer packet itself. (usually thanks to AS209) The SANS ISC currently gives an Internet Survival Time of 24 minutes for an unpatched windows box. I would give an unpatched Windows server with an old copy of MSSQL a considerably shorter lifespan :-) Jeff -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCgkREot2VatFbXMERAhbeAJ9GLe6HUa8nuOB5AeYfbSEcyfEsNwCgiqG+ flADbuPxyxr06xaBIRROcXw= =lqFY -END PGP SIGNATURE-
Re: DNS requests and Bandwidth
so What is the best way to prevent DNS queries consuming bandwidth. Run an authoritative-only DNS server that won't respond to queries for domains it doesn't handle. tinydns from http://cr.yp.to/djbdns.html would be an example. with BIND9, you just have to install a zone by that name, containing an A/127.0.0.1 for every name you're seeing queries for. that'll get action by whoever made the mistaken delegation toward your server... (i promise.) -- Paul Vixie
Re: DNS requests and Bandwidth
On Wed, 11 May 2005, Gadi Evron wrote: 14:40:09.407336 212.26.72.85.34997 ns.MyNameServer.net.domain: 51794 MX? MyDomain.com. (29)(DF) 14:40:09.411707 212.26.72.85.34997 ns.MyNameServer.net.domain: 14233 A? MyDomain.com. (29) (DF) 14:40:09.415880 212.26.72.85.34997 ns.MyNameServer.net.domain: 39317 MX? MyDomain.com. (29) (DF) 14:40:09.419827 212.26.72.85.34997 ns.MyNameServer.net.domain: 49503 A? MyDomain.com. (29) (DF) 14:40:09.423700 212.26.72.85.34997 ns.MyNameServer.net.domain: 29362 A? MyDomain.com. (29) (DF) 14:40:09.426963 212.26.72.85.34997 ns.MyNameServer.net.domain: 16692 A? MyDomain.com. (29) (DF) 14:40:09.430590 212.26.72.85.34997 ns.MyNameServer.net.domain: 65288 A? MyDomain.com. (29) (DF) 14:40:09.434350 212.26.72.85.34997 ns.MyNameServer.net.domain: 1341 A? MyDomain.com. (29) (DF) 14:40:09.438163 212.26.72.85.34997 ns.MyNameServer.net.domain: 57932 A? MyDomain.com. (29) (DF) As happy as I'd be to go and yell DoS!! (I love that word)... there are other possibilities here. The one time this happened to a DNS server for which I was responsible, it was a misconfigured Windows 2000 server with Active Directory installed. myNameServer.net is a generic enough domain name that someone might have used it as an example in a HOWTO document on setting up AD. (just a thought, FWIW) -- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED The wisdom of a fool won't set you free --New Order, Bizarre Love Triangle
Re: DNS requests and Bandwidth
On Wed, May 11, 2005 at 20:33, Will Yardley wrote: If your domains aren't mynameserver.net or mydomain.com, perhaps you'd get a more helpful response by including the actual hostnames / domains in question? You don't gain much by stripping this information, and it's much easier for people to figure out what might be going on if you include the actual domain(s). I'm assuming that if you're running a publicly accessible nameserver which is serving names for these domains, it's probably not sooper sekrit information. Also, if you MUST use a bogus domain, at least use a bogus domain reserved for that purpose (like example.com) or something ending in .invalid. First. thanks all for the prompt responses to my message. Second. The incident actually started late 2003 and the magnitude of DNS requests peaked our bandwidth usage to 170 GB which was a huge increase when compared to normal average bandwidth. Why it happened? There was a worm that is still crawling around the internet that sends mega emails to [EMAIL PROTECTED] ; usually [EMAIL PROTECTED], [EMAIL PROTECTED], and many others. During 2004 the worm was still there but then it died down but now it is up again ... so what I think is that those IPs attacking our DNS server are actually PCs infected by that worm .. It ends up as a DoS type attack as thousands of PCs around the world requesting DNS records from our nameservers. Now I changed the DNS server to a dynamic DNS provider, and I am pointing the MX record to my home server sitting on a DSL connection which does not annoy much bandwidth wise and I've started creating SMTP rules that blocks every address except [EMAIL PROTECTED] and [EMAIL PROTECTED] .. If you want to see the magnitude of attacks you can search google for mxserver.com: http://groups-beta.google.com/groups?q=%22mxserver.com%22hl=enlr=sa=Ntab =wg once again thanks all for your help. -aljuhani
what will all you who work for private isp's be doing in a few years?
why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long.
Re: what will all you who work for private isp's be doing in a few years?
It's simple, A DSL provider like speakeasy offers much more to a technical user like myself than Comcast does, plus they have an incentive to keep me happy, if i'm not i can leave and go with a competitor, comcast does, and has on many occasions, simply told me to go f*ck myself when i have service issues. (Sorry your modem died sir, the next we can get a tech out to your place is 2 weeks, when i don't need a tech I know what it means when a modem has a failure code). The fact is, DSL is a competitive market, Cable is not, competitive markets keep customers happy, monopolies anger people. Adam On May 11, 2005, at 2:08 PM, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. !DSPAM:42824b1926542573616784!
RE: what will all you who work for private isp's be doing in a few years?
Title: Re: what will all you who work for private isp's be doing in a few years? I have to second this one, having used Comcast and qwest. I look for the small guy, they have something to loss if I drop them and switch. I also like that I can drive down to there office and sit on someone's desk if I am not getting the service I want. Shaun From: [EMAIL PROTECTED] on behalf of Adam Jacob MullerSent: Wed 5/11/2005 12:33 PMTo: Matt BazanCc: [EMAIL PROTECTED]Subject: Re: what will all you who work for private isp's be doing in a few years? It's simple,A DSL provider like speakeasy offers much more to a technical userlike myself than Comcast does, plus they have an incentive to keep mehappy, if i'm not i can leave and go with a competitor, comcast does,and has on many occasions, simply told me to go f*ck myself when ihave service issues. (Sorry your modem died sir, the next we can geta tech out to your place is 2 weeks, when i don't need a tech I knowwhat it means when a modem has a failure code).The fact is, DSL is a competitive market, Cable is not, competitivemarkets keep customers happy, monopolies anger people.AdamOn May 11, 2005, at 2:08 PM, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. !DSPAM:42824b1926542573616784!
Re: what will all you who work for private isp's be doing in a few years?
Wow! You can buy groceries at Kohls now? :-) -Jim P. On Wed, 2005-05-11 at 11:08 -0700, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long.
RE: what will all you who work for private isp's be doing in a few years?
I spent many happy years on Comcast, during which time they offered $25 dollar specials every so often, but it always creeped back up to $40. Bellsouth adsl seems to be no different in quality and service. I think they are all quite aware of the 'going price', and do not intend to kill that goose, at least not down here. Thanks, Harold -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Jacob Muller Sent: Wednesday, May 11, 2005 2:33 PM To: Matt Bazan Cc: [EMAIL PROTECTED] Subject: Re: what will all you who work for private isp's be doing in a few years? It's simple, A DSL provider like speakeasy offers much more to a technical user like myself than Comcast does, plus they have an incentive to keep me happy, if i'm not i can leave and go with a competitor, comcast does, and has on many occasions, simply told me to go f*ck myself when i have service issues. (Sorry your modem died sir, the next we can get a tech out to your place is 2 weeks, when i don't need a tech I know what it means when a modem has a failure code). The fact is, DSL is a competitive market, Cable is not, competitive markets keep customers happy, monopolies anger people. Adam On May 11, 2005, at 2:08 PM, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. !DSPAM:42824b1926542573616784!
RE: what will all you who work for private isp's be doing in a few years?
On Wed, 2005-05-11 at 12:43 -0600, Shaun Bryant wrote: I have to second this one, having used Comcast and qwest. I look for the small guy, they have something to loss if I drop them and switch. I also like that I can drive down to there office and sit on someone's desk if I am not getting the service I want. OK, I agree with sitting on someone's desk when needed as well as rooting for the small guy. But what happens when insert_any_ilec gobbles up all the small competitors? We will be back at square one having 256K competing against 5MB (dollar for dollar) in large territories. What incentive is there, at that point, for insert_any_ilec to continue rolling out inferior DSL service in areas where big-cable already has coverage? It is true that there are areas where DSL can compete, but that technology is not increasing fast enough to trump cable. Therefore insert_any_ilec is spending their research money elsewhere (i.e. wireless). -Jim P.
Re: what will all you who work for private isp's be doing in a few years?
On Wed, May 11, 2005 at 02:49:50PM -0400, Harold A. Mackey wrote: I spent many happy years on Comcast, during which time they offered $25 dollar specials every so often, but it always creeped back up to $40. Bellsouth adsl seems to be no different in quality and service. I think they are all quite aware of the 'going price', and do not intend to kill that goose, at least not down here. Comcast is hit or miss. My experience with them in Fremont CA was good, but Union City was a nightmare, the service was down all the time. Their support is among the worst I've ever experienced. I switched to a regional DSL provider (Sonic.net) and have never looked back. --Adam
Re: what will all you who work for private isp's be doing in a few years?
It won't be long before the telco's respond by offering DSL at the same speed/price. I've heard (but don't *know*) that SBC is selling 6 down and 1 up in Houston and Dallas for $35. We're doing a fair business selling accelerated dial up for $15. Its surprising how many folks don't want broadband. You don't need 4mb down to read your email. And once you get outside of the city limits there's a good sized market that can't get any type of broadband, especially cable. We may decline some, but I don't think that ISP's are going away anytime soon. Bob Martin Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long.
FW: what will all you who work for private isp's be doing in a few years?
yep, bryan brings up a good point too. looks like the private dsl reseller ship will soon be taking on more water and floundering yet further. -Original Message- From: Brian Battle [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 11:32 AM To: Matt Bazan Subject: RE: what will all you who work for private isp's be doing in a few years? You forgot to mention Verizon's Fios (fiber to the house) which will definitely put smaller dsl resellers out of business, unless Verizon gives them access to resell that as well. 15Mbs/2Mbs for $49.95 is going to make even the cable operators scramble to increase bandwidth to maintain customers. -Original Message- From: Matt Bazan [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 2:09 PM To: [EMAIL PROTECTED] Subject: what will all you who work for private isp's be doing in a few years? why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long.
Re: Blocking port udp/tcp 1433/1434
Joe Maimon wrote: Is there still justification for denying transit for ms-sql slammer ports? Thanks, Joe Thanks all for your responses. To me it appears that a) If you block 135/445 you should block slammer as well b) If the number of potential infected hosts connected to your network can threaten your service, you should block. c) If you are more concerned about eliminating crap on the net than in accomodating every whim of your users and are not doing pure transit, block it. d) Microsoft should consider migrating to a new port for sql server. e) if you are doing pure transit and not blocking anything, nobody will expect you to block slammer either. f) slammers half life is incredibly long Does anybody have any idea of the rate of NEW slammer infections? Thanks, Joe
Re: what will all you who work for private isp's be doing in a few years?
Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. If/When the internet splits into the bad neighborhood/good neighborhood and-never-the-twain-shall-meet, there are strong odds that the comcasts,sbc, and all mass providers to clueless users will not be on the clean side of the breakup. Either that or their costs will go up. Or everyone elses will go down. How about refer to the constant threads which always touch upon the differentation to be made for these market model targets. pure transit managed transit pur access managed access residential comcast is here. managed residential There are hundereds of things you can call up small dsl providers and ask for. Assuming clue and enable, they can generally give you if not what you want, then what you need. For example: Try calling up sbc and getting urpf turned off for a specific prefix and having them do IGP default announcements so that when their dsl goes down you will prefer a different link automatically. How many large market pppoe providers support ppp multilink? Its hardly a foregone conclusion. As it stands, the largest cause of broadband market aggregation is the erosion of fair access provisions and a sleeping(drunk?)-at-the-wheel FCC. Joe
Re: Blocking port udp/tcp 1433/1434
f) slammers half life is incredibly long Worms have a very long life on the Internet, we still see swen.. and we still see (although interesting) niche worms that attacked just one specific personal firewall. :/ Does anybody have any idea of the rate of NEW slammer infections? The net is an incredible maze, it still happens (or more to the point RE-happens). But I believe that if you will look at the IP's (or at least DHCP ranges) sending the packets, you will find some similarities. Gadi.
Re: what will all you who work for private isp's be doing in a few years?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam Jacob Muller wrote: | | It's simple, | A DSL provider like speakeasy offers much more to a technical user like | myself than Comcast does, plus they have an incentive to keep me happy, | if i'm not i can leave and go with a competitor, comcast does, and has | on many occasions, simply told me to go f*ck myself when i have service | issues. (Sorry your modem died sir, the next we can get a tech out to | your place is 2 weeks, when i don't need a tech I know what it means | when a modem has a failure code). | | The fact is, DSL is a competitive market, Cable is not, competitive | markets keep customers happy, monopolies anger people. | And more than the technical user is the benefit to corporations and businesses that DSL providers offer. We see many companies using DSL as a cost effective replacement for backup services formerly run over dialup, ISDN, and other on-demand technologies. The AUPs, filtering policies, routing policies, etc of cable operators are simply not geared to meet the needs of even the most simplistic of corporate requirements. - -- = bep -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCgl0nE1XcgMgrtyYRAnKBAJ9kPK2/CQ9A+bqMIe4S/9oEZOEFjwCgw/bY k1AnnyyKLRIsNMZby0KBa/8= =dsjN -END PGP SIGNATURE-
RE: what will all you who work for private isp's be doing in a few years?
well i doubt that ma and pa smith and their herd of pigs will keep many isps in business. and a few years down the road technical innovations will allow those without access to readily have broadband for todays dial up prices. (no offense all you hog farmers - my grandparents were hog farmers. and true - cant say they had much use for a fat pipe.) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bob Martin Sent: Wednesday, May 11, 2005 12:08 PM To: [EMAIL PROTECTED] Subject: Re: what will all you who work for private isp's be doing in a few years? It won't be long before the telco's respond by offering DSL at the same speed/price. I've heard (but don't *know*) that SBC is selling 6 down and 1 up in Houston and Dallas for $35. We're doing a fair business selling accelerated dial up for $15. Its surprising how many folks don't want broadband. You don't need 4mb down to read your email. And once you get outside of the city limits there's a good sized market that can't get any type of broadband, especially cable. We may decline some, but I don't think that ISP's are going away anytime soon. Bob Martin
Re: what will all you who work for private isp's be doing in a few years?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You mean those of us who ARE private isps? Probably doing what we are doing today, reacting to the enviroment. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCgl5b0STXFHxUucwRAjlIAJ4wxqmzrBbV8tqemqPwyQsqHnhY2wCgpbX4 JkKOd8KXsXzEYtNcXCcswO4= =1NC0 -END PGP SIGNATURE-
RE: what will all you who work for private isp's be doing in a fe w years?
That's where I was going.. Residential fine.. have fun with a shared medium - but look at the offering cable companies have for their commercial clients (only can speak about NY). Monthly Fee $109.95 Downstream up to 3Mbps Upstream up to 384Kbps Monthly Fee $299.95 Downstream up to 3Mbps Upstream up to 512Kbps Monthly Fee $209.95 Downstream up to 768Kbps Upstream up to 768Kbps shawn. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bruce Pinsky Sent: Wednesday, May 11, 2005 3:30 PM To: Adam Jacob Muller Cc: Matt Bazan; [EMAIL PROTECTED] Subject: Re: what will all you who work for private isp's be doing in a few years? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam Jacob Muller wrote: | | It's simple, | A DSL provider like speakeasy offers much more to a technical user like | myself than Comcast does, plus they have an incentive to keep me happy, | if i'm not i can leave and go with a competitor, comcast does, and has | on many occasions, simply told me to go f*ck myself when i have service | issues. (Sorry your modem died sir, the next we can get a tech out to | your place is 2 weeks, when i don't need a tech I know what it means | when a modem has a failure code). | | The fact is, DSL is a competitive market, Cable is not, competitive | markets keep customers happy, monopolies anger people. | And more than the technical user is the benefit to corporations and businesses that DSL providers offer. We see many companies using DSL as a cost effective replacement for backup services formerly run over dialup, ISDN, and other on-demand technologies. The AUPs, filtering policies, routing policies, etc of cable operators are simply not geared to meet the needs of even the most simplistic of corporate requirements. - -- = bep -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCgl0nE1XcgMgrtyYRAnKBAJ9kPK2/CQ9A+bqMIe4S/9oEZOEFjwCgw/bY k1AnnyyKLRIsNMZby0KBa/8= =dsjN -END PGP SIGNATURE-
Re: what will all you who work for private isp's be doing in a few years?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Bob! On Wed, 11 May 2005, Bob Martin wrote: It won't be long before the telco's respond by offering DSL at the same speed/price. I've heard (but don't *know*) that SBC is selling 6 down and 1 up in Houston and Dallas for $35. BendTel here is offering ADSL2 3up/8 down for $35. That sure beats cable! RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCgl/08KZibdeR3qURAsBsAJ9/Cxej+4avZdLsc45kEiz40PXsrwCghKcw /qEPzI+83MtCBYL8c+sDb9Q= =efV+ -END PGP SIGNATURE-
GLBX security department contact
Contact me offlist please.
Re: what will all you who work for private isp's be doing in a few years?
On Wed, 11 May 2005 12:31:51 PDT, Matt Bazan said: well i doubt that ma and pa smith and their herd of pigs will keep many isps in business. Oddly enough, a famous BBN pioneer has a sheep farm the next county over, and he's contributing to a local ISP's bottom line pgpMgIpu0gxhS.pgp Description: PGP signature
Re: what will all you who work for private isp's be doing in a few years?
On Wed, 11 May 2005 11:08:41 PDT, Matt Bazan said: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? What date does Comcast project the *reliable* availability of that service at that price point in *my* area? Make note - I'm at the end of Virginia that's closer to the coal mines than to civilization - there is a county adjacent to this one that has one (singular, less than 2, etc) traffic light in the entire county. Although people in the 3 major towns right in this area have connectivity, there's *large* geographic areas in the vicinity that are well over 20K cable-feet from the local telco CO, and a similar distance from a cable head end. Yes, both the cable and DSL providers have major infrastructure challenges for entire counties around here. There's a lot of people around here who are lucky to get 19.2 dialup over the existing copper, and a number of small ISPs operating in the area. I have a friend who is making money by selling the entire range from 150 hours/ mo of dialup for $8.95/mo to co-lo of servers to web/mail hosting to providing dedicated leased lines - and one of his big selling points is that if you get service from netZero or AOL or other big providers, the CTO will stop by your office in 20 mins and help you fix it isn't an available service, nor can you say this isn't *quite* the combo I wanted, can we negotiate?. And I'm sure that he has a good long-term market niche selling personal-service DSL to all the customers that are outside the cable plant's reach, but have good enough telco copper. And even when there's fiber to everybody in *this* area, he's *still* going to be able to make a living reselling the concept of value-added personal local human support. (Yes, anybody who tries to take on Comcast's 4M/384k/$25 deal head-on in a major metro area is going to have a hard time - however, Comcast probably can't *sustain* that price point and at the same time provide any other services. There's plenty of niche markets on every side of that pipe-size/custom-service/ price-point/location combo). pgpGmIEF55bkT.pgp Description: PGP signature
Re: what will all you who work for private isp's be doing in a few years?
On Wed, 11 May 2005, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. Matt, first whats your affiliation and experience in this arena? That these markets exist and more profitably so than the large carriers suggest the problems you are raising dont exist. What is your theory based on, you only cite your personal preference to buy from Comcast which cannot be said to be indicative of the market. Grocery stores are not comparable, this is a different industry and different market. Also bandwidth is not a pure commodity, and DSL is not pure bandwidth. I think your argument is at best uninformed, at worst non-existent.. you need to provide some references, examples, figures, whatever.. else this is little more than trolling. Steve
RE: what will all you who work for private isp's be doing in a few years?
On this I am wondering what the user market would chose with an offer from a DSL provider of a guaranteed bandwidth purchase with a contention based cap on max speed. For example DSL sold with a guaranteed bandwidth availability of 256K (or 512K, 768K etc based on 256K increments) with a up to maximum of 7-10Mbps. Would the typical user understand the difference between this the standard Comcast marketing of up to speeds without any service guarantee? Shane It won't be long before the telco's respond by offering DSL at the same speed/price. I've heard (but don't *know*) that SBC is selling 6 down and 1 up in Houston and Dallas for $35. We're doing a fair business selling accelerated dial up for $15. Its surprising how many folks don't want broadband. You don't need 4mb down to read your email. And once you get outside of the city limits there's a good sized market that can't get any type of broadband, especially cable. We may decline some, but I don't think that ISP's are going away anytime soon. Bob Martin
Re: what will all you who work for private isp's be doing in a few years?
That sums it up nicely. Bob Martin Joe Maimon wrote: -snip- Its hardly a foregone conclusion. As it stands, the largest cause of broadband market aggregation is the erosion of fair access provisions and a sleeping(drunk?)-at-the-wheel FCC. Joe
RE: what will all you who work for private isp's be doing in a few years?
Folks, I'm going to butt in here. Correct me if I'm wrong. Several years ago, here in California, the word was spread that a cable company has the right to the data and to the information which can be derived from it: rational was that cable is PRIVATE whereas things like POTS lines, DSL, T1, etc. were PUBLIC CARRIER. I, personally, was told, during a job interview in the San Jose area, for a position as a Forth programmer, that the desired outcome of the project was for the cable company to derive access information and purchasing information from the streams of electrons coursing through their cable medium. Maybe I have been mislead, maybe things have changed, but, just to be on the safe side - my household is sticking to analog cable, and several DSL lines, much to Comcast's disgust. Dave Hilton
Re: what will all you who work for private isp's be doing in a few years?
You mean those of us who ARE private isps? Probably doing what we are doing today, reacting to the enviroment. Amen. And, might I add, doing it faster and more efficiently (although on a smaller scale) than any BigCo can. (I feel like troll bait... but will elaborate sense others have taken up this thread.) In the world of slow moving BigCo dinosaurs, I'm just a little quickly adapting rodent looking for scraps. Right now, the efficiencies of big business leave plenty of scraps for the taking. If the getting gets to difficult, there are plenty of other things that I'm over qualified to do. Some days, I think those other things would pay better, and be more satisfying. But alas, I knew that when I decided to start up this little ISP in '96, with 8 modems, a couple of Macs, and a 2511. I knew that if the internet ever got popular and main stream enough, Big Co would jump in, and make it impossible to compete. I figured Oh, what the heck, I might as well give it a go. And yes, that's happened on several fronts, but at each turn, I find new and different things that I can do, and do better, and cheaper than BigCo. If I'm forced all the way out of the market, fine... I'll adapt. If my company goes away because it can't offer what people want, so be it. I'll find something else to do. So will my employeesthey're all smart enough to do different things, and knowing them all well, I know they'd eventually welcome the change of scenery. Any company that doesn't adapt, will go extinct. ANY company. (Unless it's a monopoly) Capitalism, and free markets dictate this. Living in a small town that recently had a major highway bypass it, I've lost some popularity points for stating that. Just because some main street business has been there for 40 years, always doing it the same way from when they started, they think they have some God-given-right to be in business. In reality, it's quite the opposite. Every day a business does the exact same thing that it did the day before, is one less day that company will be in business. That should be the tag line of every small business. -Jerry
Re: what will all you who work for private isp's be doing in a few years?
On Wed, May 11, 2005 at 12:29:43PM -0700, Bruce Pinsky wrote: ISDN, and other on-demand technologies. The AUPs, filtering policies, routing policies, etc of cable operators are simply not geared to meet the needs of even the most simplistic of corporate requirements. FSVO * policies. Bright Hose Tampa Bay's business account policies are certainly loose enough for all of my clients, at least, as well as my own server garden. [0] Cheers, -- jra [0] if I called 4 servers a farm, someone would laugh at me[1]. [1] more than they already do. -- Jay R. Ashworth[EMAIL PROTECTED] Designer Baylink RFC 2100 Ashworth AssociatesThe Things I Think'87 e24 St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274 If you can read this... thank a system administrator. Or two. --me
Re: what will all you who work for private isp's be doing in a few years?
Jim Popovitch wrote: Wow! You can buy groceries at Kohls now? :-) (1) Kohls is/was a regional (Wisconsin) grocery store chain[0]. (2) Please do not feed the trolls. On Wed, 2005-05-11 at 11:08 -0700, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. [0] That's kind of a funny reference when you know what happened to Kohls Foods. They were bought by AP who subsequently closed or sold off the individual stores. Kohls Foods suffered the ma and pa-like fate described above. -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications(408) 933-4387
Re: what will all you who work for private isp's be doing in a few years?
Stephen J. Wilcox wrote: I think your argument is at best uninformed, at worst non-existent.. you need to provide some references, examples, figures, whatever.. else this is little more than trolling. Not only that... since there isn't anything operational in nature about the question or discussion, it's off-topic trolling. OTOH, this is a perfectly valid topic for a list like inet-access. http://inet-access.net/mailman/listinfo/list jc
Re: Blocking port udp/tcp 1433/1434
On Wed, 11 May 2005, Jeff Kell wrote: The SANS ISC currently gives an Internet Survival Time of 24 minutes for an unpatched windows box. I would give an unpatched Windows server with an old copy of MSSQL a considerably shorter lifespan :-) See: http://www.bbcworld.com/content/clickonline_archive_14_2005.asp?pageid=665co_pageid=3 Took 8 seconds for an unprotected PC to get infected. I would give the IST at under 1min from my personal experience - plus my firewall records 2 hits on port 445 every minute from external infected systems. -Hank
Re: what will all you who work for private isp's be doing in a few years?
The fact is, DSL is a competitive market, Cable is not, competitive markets keep customers happy, monopolies anger people. How are they different? With DSL, you are usually using the ILECs copper to provide service and paying them. With cable, there are some places that offer a choice in provider on the same coax. You are always free to obtain a franchise and run your own coax. Just because the incumbent cable company does not allow every tom dick and harry ISP to use their copper doesn't mean you can't provide the same service. sam
RE: what will all you who work for private isp's be doing in a few years?
I, personally, was told, during a job interview in the San Jose area, for a position as a Forth programmer, that the desired outcome of the project was for the cable company to derive access information and purchasing information from the streams of electrons coursing through their cable medium. Maybe I have been mislead, Yep, you were mislead or more likely, just misunderstood what they wanted to accomplish. sam
RE: what will all you who work for private isp's be doing in a few years?
Matt, your questions seem extremely prejudiced to a determined outcome. In my opinion resellers are in the long run going to lose because of lack of tangible assets (there is my Bias, on the table. I have my own facilities, and equipment). However because pure resellers lack the facilities they can be resellers(and often are) of whatever the technology of the day is. Strangely, many resellers, grow into facilities based carriers, but if they do not, then they can always move to the next thing. If you sold ISDN, in the 90's, and you knew how to walk someone through configuring their pipeline, you were better than Bell (read PSI Net). If you could accurately test, and deliver DSL, to a client 3-5 years ago, (read COVAD) you were better than Bell. In the future, who knows what it will be, (my bet is wireless, and we all cook like chickens in a Showtime rotisserie) the prevailing trait of those that have been in this for a long time is adaptation. There was a day when selling access off an ISDN connection was doable. I got out of the straight access market in the late 90's. I provide, and resell connectivity, with static routes to applications I host, or maintain. Hopefully the straight resellers of today will be selling microwave, or implant connectivity, or whatever in a few years. Bottom-line public or not, Mom, and Pop, or not no matter what you do in this business you have to be ready to adapt. If you are huge and don't catch the next wave you could be just as dead as the smaller guys that don't catch that next wave. Mark D. Bodley President Cyrix Systems [EMAIL PROTECTED] www.cyrixsys.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stephen J. Wilcox Sent: Wednesday, May 11, 2005 4:12 PM To: Matt Bazan Cc: [EMAIL PROTECTED] Subject: Re: what will all you who work for private isp's be doing in a few years? On Wed, 11 May 2005, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. Matt, first whats your affiliation and experience in this arena? That these markets exist and more profitably so than the large carriers suggest the problems you are raising dont exist. What is your theory based on, you only cite your personal preference to buy from Comcast which cannot be said to be indicative of the market. Grocery stores are not comparable, this is a different industry and different market. Also bandwidth is not a pure commodity, and DSL is not pure bandwidth. I think your argument is at best uninformed, at worst non-existent.. you need to provide some references, examples, figures, whatever.. else this is little more than trolling. Steve
RE: what will all you who work for private isp's be doing in a few years?
bottom line is that in a few years everything will be virtualized and cosolodation will rule the land. there will be single turnkey solutions for the end user / corporate environment that will be infinitely configurable to meet the latest trends and needs. there will be no use for the small time 'innovator' or 'player' except in a purely academic environment. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark D. Bodley Sent: Wednesday, May 11, 2005 2:44 PM To: 'Stephen J. Wilcox'; Matt Bazan Cc: [EMAIL PROTECTED] Subject: RE: what will all you who work for private isp's be doing in a few years? Matt, your questions seem extremely prejudiced to a determined outcome. In my opinion resellers are in the long run going to lose because of lack of tangible assets (there is my Bias, on the table. I have my own facilities, and equipment). However because pure resellers lack the facilities they can be resellers(and often are) of whatever the technology of the day is. Strangely, many resellers, grow into facilities based carriers, but if they do not, then they can always move to the next thing. If you sold ISDN, in the 90's, and you knew how to walk someone through configuring their pipeline, you were better than Bell (read PSI Net). If you could accurately test, and deliver DSL, to a client 3-5 years ago, (read COVAD) you were better than Bell. In the future, who knows what it will be, (my bet is wireless, and we all cook like chickens in a Showtime rotisserie) the prevailing trait of those that have been in this for a long time is adaptation. There was a day when selling access off an ISDN connection was doable. I got out of the straight access market in the late 90's. I provide, and resell connectivity, with static routes to applications I host, or maintain. Hopefully the straight resellers of today will be selling microwave, or implant connectivity, or whatever in a few years. Bottom-line public or not, Mom, and Pop, or not no matter what you do in this business you have to be ready to adapt. If you are huge and don't catch the next wave you could be just as dead as the smaller guys that don't catch that next wave. Mark D. Bodley President Cyrix Systems [EMAIL PROTECTED] www.cyrixsys.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stephen J. Wilcox Sent: Wednesday, May 11, 2005 4:12 PM To: Matt Bazan Cc: [EMAIL PROTECTED] Subject: Re: what will all you who work for private isp's be doing in a few years? On Wed, 11 May 2005, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long. Matt, first whats your affiliation and experience in this arena? That these markets exist and more profitably so than the large carriers suggest the problems you are raising dont exist. What is your theory based on, you only cite your personal preference to buy from Comcast which cannot be said to be indicative of the market. Grocery stores are not comparable, this is a different industry and different market. Also bandwidth is not a pure commodity, and DSL is not pure bandwidth. I think your argument is at best uninformed, at worst non-existent.. you need to provide some references, examples, figures, whatever.. else this is little more than trolling. Steve
Re: what will all you who work for private isp's be doing in a few years?
On May 11, 2005, at 6:02 PM, Matt Bazan wrote: bottom line is that in a few years everything will be virtualized and cosolodation will rule the land. there will be single turnkey solutions for the end user / corporate environment that will be infinitely configurable to meet the latest trends and needs. there will be no use for the small time 'innovator' or 'player' except in a purely academic environment. If I had a nickel for every time someone told me everything would be: * Consolidated * Virtualized * Automated * Etc., etc. I would have enough to buy an ISP. :-) Add to that every time someone told me the small guys would get pushed out, or that bells will own everything, or that insert favorite analyst catch-phrase and it gets really old really fast. The market / industry / whatever will do things you will not expect. Learn to deal with it. -- TTFN, patrick
Re: Blocking port udp/tcp 1433/1434
On Wed, 11 May 2005, Christopher L. Morrow wrote: Is there still justification for denying transit for ms-sql slammer ports? probably not, but that's really a local-to-your-asn decision. I dunno about that. I know it was more than a year ago, but at NANOG Miami, someone brought either SQL slammer or a vulnerable laptop and killed the network for a while. Running tcpdump on my notebook, I noticed fairly constant slammer probes while there. We still block it here, and the last time we accidentally removed that filter, a colo customer was promptly infected. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: what will all you who work for private isp's be doing in a few years?
On 5/11/05, Matt Bazan [EMAIL PROTECTED] wrote: bottom line is that in a few years everything will be virtualized and cosolodation will rule the land. there will be single turnkey solutions for the end user / corporate environment that will be infinitely configurable to meet the latest trends and needs. there will be no use for the small time 'innovator' or 'player' except in a purely academic environment. history has taught us otherwise. aaron.glenn
Re: Blocking port udp/tcp 1433/1434
On Wed, 11 May 2005, MARLON BORBA wrote: evil grin if you are sure there are no more infected machines out there... /evil grin There will always be infected machines out there. The question is, are there infectable machines on your network, and will your network contain them or melt down if you allow them to get infected? sql slammer must have been a huge money maker for cisco and other switch vendors (any that support per-port rate-limiting or policing) as networks scrambled to upgrade infrastructure to contain the next similar outbreak rather than melt under the load. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: Blocking port udp/tcp 1433/1434
On Wed, 11 May 2005, Jon Lewis wrote: On Wed, 11 May 2005, Christopher L. Morrow wrote: Is there still justification for denying transit for ms-sql slammer ports? probably not, but that's really a local-to-your-asn decision. I dunno about that. I know it was more than a year ago, but at NANOG Miami, someone brought either SQL slammer or a vulnerable laptop and killed the network for a while. Running tcpdump on my notebook, I noticed fairly constant slammer probes while there. We still block it here, and the last time we accidentally removed that filter, a colo customer was promptly infected. excellent, you made the choice for your asn... Joe should evaluate his network's risk/behaviour/profile and see if it's still relevant for him... much like he evaluates his requirements to recieve email from folks via the use of the SPEWS list, which blocks my mail servers :)
re: what will all you who work for private isp's be doing in a few years?
(1) There will be a market for independent ISPs as long CLECs continue to let their customers enjoy poor service and unnecessary restrictions. Bandwidth is a commodity and scales appropriately; service is service and does not scale without a great deal of management commitment, resources, money, attention and abandonment of the cut-costs/low-bid mentality. (2) This discussion is more appropriate to the ISP-CLEC list. Wish I could be with you all in Seattle next week but work is piling up so . . . back to work/lurk mode . . . phred -- mail forwarded, original message follows -- To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] Matt Bazan Subject: FW: what will all you who work for private isp's be doing in a few years? Date: Wed, 11 May 2005 12:13:23 -0700 yep, bryan brings up a good point too. looks like the private dsl reseller ship will soon be taking on more water and floundering yet further. -Original Message- From: Brian Battle [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 11:32 AM To: Matt Bazan Subject: RE: what will all you who work for private isp's be doing in a few years? You forgot to mention Verizon's Fios (fiber to the house) which will definitely put smaller dsl resellers out of business, unless Verizon gives them access to resell that as well. 15Mbs/2Mbs for $49.95 is going to make even the cable operators scramble to increase bandwidth to maintain customers. -Original Message- From: Matt Bazan [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 2:09 PM To: [EMAIL PROTECTED] Subject: what will all you who work for private isp's be doing in a few years? why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? think you dsl resellers out there are doomed. in fact, just a matter of time before most of you isps are down the toilet. im reminded of the mom and pop grocery store phenomenon that has now been replaced by the kohls, ap, whole foods etc. of course there will always be niche markets but this is less applicable for a pure commodity like bandwidth. yeah, i suppose you'll say something about value added services and such and you may have a point but i doubt that will keep the ship afloat for long.
what will all you who work for private isp's be doing in a few years?
On Wed, 2005-05-11 at 11:08 -0700, Matt Bazan wrote: why in the world would anyone want to purchase dsl from a private reseller when i can get 4mb down 384 up from comcast for $25? Broadband access may become limited to the cable provider and the phone company, once access to the CO becomes impractical, while cable remains closed. High rates by wireless is for a reason. Networking positions will remain with private ISPs. Don't expect prices to remain competitive after a shake-out either. Things are seldom better with fewer choices, either for labor or the consumer. So what will you be doing? -Doug
Re: what will all you who work for private isp's be doing in a few years?
On Wed, 11 May 2005, David Lesher wrote: And the best part; they cut down the copper drop when they install the glass. No more copper EVER, and no resale, no UNE, no COVAD, etc -- you and future owners are stuck with Ma, period. For *now*, ISPs that use VZ DSLAMs can buy wholesale (tariffed, not cost-based) access to them, usually at the price that is 1$ below their retail price. This is mandated by Computer II/III rulings, comparably efficient interconnection. However, bells are trying to get forbearance from even having to do that. SBC's petition for forbearance was denied, however, Verizon's one is still pending. Enjoy ability to buy loops while you still can - we have the best FCC money can buy. -- Alex Pilosov| DSL, Colocation, Hosting Services President | [EMAIL PROTECTED]877-PILOSOFT x601 Pilosoft, Inc. | http://www.pilosoft.com