Re: Poll
On Thu, 27 Apr 2006 18:05:44 EDT, "Jon R. Kibler" said:
This survey has some problems..
>1) What do you believe will be the next major security threat that we will
> face in the next 12 to 18 months?
You need to clarify if you mean problematic vectors (like "yet another ActiveX
bug"), or what's driving it ("hackers paid by organized
crime").
>2) What do you believe will be the top 5 (or 10, if your list is that
> long) emerging security threats we will face over then next 3 years to 5
> years?
If we think a specific threat will be #1 among *new* ones, but not be over 7 or
8
overall, how do we rank that?
But I'll give you a freebie for the guaranteed #1 - organizations that waste
their
security budget guarding against "movie plot" threats rather than real issues...
> (Emphasis on 'emerging' -- threats not on most people's radar today.)
Hate to tell you this, but *todays* threats aren't on most people's radar today.
Heck, some of them are still trying to wrap their brains around things that we
knew about in the late 60s (like "don't run everything as sysadmin").
And do you mean "most security professionals" or "most actual Joe Sixpacks" when
you ask about "most people"?
pgpMHBfmRfm5M.pgp
Description: PGP signature
Re: Local Loop Install.
At 05:19 PM 4/27/2006, Sean Donelan wrote: On Thu, 27 Apr 2006, Martin Hannigan wrote: [ clip off topic this posting ] Small CLECs are usually willing to negotiate more. Large IXCs and ILECs are usually willing to negotiate less. A large collocation operator like Equinix may be able to get concessions that someone with a 10 rack data center can not get from the IXCs, CLECs or ILECs. My experience is different, but my experience is large scale data and network buildout so I understand. The poster sounds like they are talking something a little smaller than I had in mind hence 'specifics', but not knowing anything, I wouldn't ask for anything less than $700 to start. I did notice he got something in a later post. Bravo. You should all try the same whenever and provider tries to install a rack in your space. You may be surprised. -M< -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
Re: BGP community guide for AS7911 (willtel, now L3)
For those of you who are interested. Additional community information has been posted on http://www.onesc.net/communities/as7911 . For those 7911 customers who do use, or want to use communities, this document outlines both 7911 and 3356 communities (to ease the transition to 3356 when the time comes). thanks, charles On 4/27/06, Matthew Sprague <[EMAIL PROTECTED]> wrote: > I have this from L3/WCG from Feb... it should still be accurate. > > >7911:90 -> Sets local preference for the prefix with this community to > >>90 7911:100 -> Sets local preference for the prefix with this community > >>to 100 7911:110 -> Sets local preference for the prefix with this > >>community to 110 > >> > >>We set a default local preference on all customer routes to 120. > >>We set a default local preference on all peer routes to 110. > >>We set a default local preference on all transit routes to 100. > >> > >>We accept the well known community "no-export" or 7911:888 which tells > >>us not to advertise the prefix with this community to any other AS. > >> > >>We accept the community 7911:999 which is a conditional advertisement > >>and tells us to advertise the prefixes with this community to our > >>customers only. > >> > >>Finally, we accept and honor all customer MEDs. > -- > Matthew Sprague [EMAIL PROTECTED] > ReadyTechs, L.L.C. www.readytechs.com > 973.455.0606, x204 > > === > Cut out spam by 98% or more with FilterPro! > http://www.readytechs.com/filterpro > === > > > Charles Gucker wrote: > > On 4/27/06, John van Oppen <[EMAIL PROTECTED]> wrote: > > > >>Does anybody have a list of communities that the old AS7911 accepts from > >>customers? I can't find their guide anywhere and nobody at level3 > >>seems to have it. > >> > >>I really need to keep traffic from a couple of ASes away from them if > >>possible and prepending to them results in almost no usage. In any > >>case, the list is not at http://www.onesc.net/communities/ with the > >>others. > > > > > > It should go without saying, if anybody knows of a guide, or a > > location to obtain the guide, please let me know and I will add it to > > the site, even if it's going to be a short lived guide (from this > > point on). > > > > thanks, > > charles >
Last-mile strategy for growing ISP
Hi all - Please forgive my naivity, I've been in the IT industry for several years but have made the transition to IT networks (ISPs) very recently. I attended a networking conference recently and one of the key note speakers (from a large ISP) mentioned in passing the difficulties in delivering IP services to their customers over their last mile infrastructure. As one of the network managers for a growing ISP (our customer being primarily government services) looking to provide more IP services and get more government agencies on to our network, what would be some of the challenges we might encounter in delivering such services to current and new government bodies over our last mile infrastructure ? What should be some of our considerations ? What are some viable / cost-effective strategies ? Where is the industry heading in terms of last-mile offerings ? Are wireless technologies (with some of the current security limitations) viable as a solution -- given the confidential nature of governement data -- in the near future ? Any recommendations or thoughts would be most welcome. Thank you for your time and patience. J. H.
Poll
Greetings All, I would like to do a little survey among the security professionals on this list. Two Questions: 1) What do you believe will be the next major security threat that we will face in the next 12 to 18 months? 2) What do you believe will be the top 5 (or 10, if your list is that long) emerging security threats we will face over then next 3 years to 5 years? (Emphasis on 'emerging' -- threats not on most people's radar today.) Please reply off list to: SURVEY < A T > SURVEY.ASET.COM I will leave this address open through 6 May and will summarize and publish the results sometime in the following week. TIA for your opinions! Jon Kibler -- Jon R. Kibler Chief Technical Officer A.S.E.T., Inc. Charleston, SC USA (843) 849-8214 == Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Re: Local Loop Install.
On Thu, 27 Apr 2006, Martin Hannigan wrote: > It is not unrealistic to charge them a free for your space. The landlord will > charge them for conduit access to and throughout the building, they are going > to use your power, your facilities, etc. Carriers > don't put racks in collocation > for free. I'd have to know a lot more about your > building, their needs, etc., but > you should take it from here. Most definitely you should be paid. ILECs generally won't pay for space for the "mandatory" telecommunication connections in a building or to a tenent. That's stuff like connecting the base building POTS lines required for fire alarms, elevator phones, etc. Even collocation providers end up giving the ILEC some "free" plywood on the wall next to the MPOE and maybe a duplex electrical outlet. A large skyscaper may have more base building POTS lines, and the ILEC will require more space, but the amount of "free" space isn't that much. For anything above and beyond the mandatory base building POTS lines, its up to negotiations between you, the landlord, and the CLECs or ILEC. If the carrier is selling circuits to multiple tenents, not just you, you may have a stronger negotiating position. The landlord has even a stronger negotiating position. If you are a collocation operator with tenents buying multiple OC192 circuits, the LEC may even pay you a commission for the opportunity to sell to other tenents in the building. Small CLECs are usually willing to negotiate more. Large IXCs and ILECs are usually willing to negotiate less. A large collocation operator like Equinix may be able to get concessions that someone with a 10 rack data center can not get from the IXCs, CLECs or ILECs.
Re: BGP community guide for AS7911 (willtel, now L3)
On 4/27/06, John van Oppen <[EMAIL PROTECTED]> wrote: > > Does anybody have a list of communities that the old AS7911 accepts from > customers? I can't find their guide anywhere and nobody at level3 > seems to have it. > > I really need to keep traffic from a couple of ASes away from them if > possible and prepending to them results in almost no usage. In any > case, the list is not at http://www.onesc.net/communities/ with the > others. It should go without saying, if anybody knows of a guide, or a location to obtain the guide, please let me know and I will add it to the site, even if it's going to be a short lived guide (from this point on). thanks, charles
Re: Local Loop Install.
At 06:05 PM 4/26/2006, Robert Sherrard wrote: I've got an interesting question / situation... I've got a local loop provider that we're looking at using for some fiber connectivity. The long story is that theres no real great place for them to place their gear in the entire building, sort of paying rent to the landlord, placing gear in our suite, or placing gear in an uncontrolled room , i.e. no cooling, no controlled access. This local-loop provider is asking to place this gear into our space while this gear is to provide us with fiber connectivity back to a carrier hotel; theyre also looking to service other tenants in our building. It is unrealistic to ask this provider for some sort of a kickback, or monthly discount on service? Theyre hitting us up for an install fee, maybe they could waive that? Anyone have some thoughts on this? Am I being unrealistic in thinking that, if they are going to profit by having gear in our space, we should expect to see a small return or favor? The only other option for them is to spend money and lease a small room, or modify an existing smaller room in the building to fit their needs. It is not unrealistic to charge them a free for your space. The landlord will charge them for conduit access to and throughout the building, they are going to use your power, your facilities, etc. Carriers don't put racks in collocation for free. I'd have to know a lot more about your building, their needs, etc., but you should take it from here. Most definitely you should be paid. -M< -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
BGP community guide for AS7911 (willtel, now L3)
Does anybody have a list of communities that the old AS7911 accepts from customers? I can't find their guide anywhere and nobody at level3 seems to have it. I really need to keep traffic from a couple of ASes away from them if possible and prepending to them results in almost no usage. In any case, the list is not at http://www.onesc.net/communities/ with the others. Thanks, John
RE: Cogent network wide latency
I just got an update from cogent, I was advised that they have 80, eighty sites down. They are still working to restore services to those sites. ---Frontline Communicationsv. 888-FRONTLINE (888.376.6854) f. 1.845.947.7399http://www.frontline.net/ http://www.frontlinelite.net/ http://www.frontlinebackup.net/--- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]Sent: Thursday, April 27, 2006 10:20To: nanog@merit.eduSubject: Cogent network wide latency This was taken off of their status page, my peer to them in NYC just bounced. Cogent Network Status/DNS Server Status Description: Welcome to Cogent Communications’ Network Status Message. Today is Thursday April 27th 2006 10am EST. At this time, Cogent is experiencing latency and routing issues on the Cogent backbone. The NOC is currently investigating. The Estimated Time to Repair is unknown at this time. Please reference HD412738. http://status.cogentco.com/ Regards,--- Damian LennonFrontline Communications v. 888.FRONTLINE (888.376.6854/402) f. 1.845.947.7399 [EMAIL PROTECTED]http://www.frontline.net/ http://www.frontlinelite.com/ http://www.frontlinebackup.net/---
RE: Cogent network wide latency
Still down in CA.. 6:30AM - 9:30AM so far.. Peter Kranz Founder/CEO - Unwired Ltd www.UnwiredLtd.com Desk: 510-868-1614 x100 Mobile: 510-207- Fax: 510-217-6031 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete Templin Sent: Thursday, April 27, 2006 9:03 AM To: [EMAIL PROTECTED] Subject: Re: Cogent network wide latency [EMAIL PROTECTED] wrote: > *Cogent Network Status/DNS Server Status Description: > *Welcome to Cogent Communications' Network Status Message. Today is > Thursday April 27th 2006 10am EST. > At this time, Cogent is experiencing latency and routing issues on the > Cogent backbone. The NOC is currently investigating. The Estimated Time > to Repair is unknown at this time. Please reference HD412738. Our B peer went down and our A peer became unreachable via our other connections around 0933 EDT, and restored around 1140 EDT. Their scheduled non-service-affecting maintenance from 0001 to 0700 CDT Sunday in Houston had gone awry, dropping our link for ~11 hours, so I initially assumed it was a related (Houston-specific) issue. Apparently not... Did they de-peer themselves? pt
Re: Cogent network wide latency
[EMAIL PROTECTED] wrote: *Cogent Network Status/DNS Server Status Description: *Welcome to Cogent Communications’ Network Status Message. Today is Thursday April 27th 2006 10am EST. At this time, Cogent is experiencing latency and routing issues on the Cogent backbone. The NOC is currently investigating. The Estimated Time to Repair is unknown at this time. Please reference HD412738. Our B peer went down and our A peer became unreachable via our other connections around 0933 EDT, and restored around 1140 EDT. Their scheduled non-service-affecting maintenance from 0001 to 0700 CDT Sunday in Houston had gone awry, dropping our link for ~11 hours, so I initially assumed it was a related (Houston-specific) issue. Apparently not... Did they de-peer themselves? pt
Cogent network wide latency
This was taken off of their status page, my peer to them in NYC just bounced. Cogent Network Status/DNS Server Status Description: Welcome to Cogent Communications’ Network Status Message. Today is Thursday April 27th 2006 10am EST. At this time, Cogent is experiencing latency and routing issues on the Cogent backbone. The NOC is currently investigating. The Estimated Time to Repair is unknown at this time. Please reference HD412738. http://status.cogentco.com/ Regards,--- Damian LennonFrontline Communications v. 888.FRONTLINE (888.376.6854/402) f. 1.845.947.7399 [EMAIL PROTECTED]http://www.frontline.net/ http://www.frontlinelite.com/ http://www.frontlinebackup.net/---
Re: Larry the lobster
On Apr 27, 2006, at 5:32 AM, Aaron Glenn wrote: On 4/26/06, Sean Donelan <[EMAIL PROTECTED]> wrote: I wonder if Ruth reads NANOG? I knew that AT&T did this, but I never knew the name of the person with the job before. But who really knew Madonna tickets going on sale made up an appreciable amount of voice traffic across the nation? I know I didn't. I don't think that was a given here. It's an appreciable amount of voice traffic on AT&T. I'm guessing there is a lot of traffic that stays local to the LEC, wireless carrier, whatever, plus the traffic that goes inter-company but doesn't touch AT&T. I'm further guessing that the total traffic that doesn't touch AT&T is much larger than the traffic which does touch AT&T today. But those are just guesses. Anyone know where you can find data on such things? -- TTFN, patrick
Re: Larry the lobster
On 4/26/06, Sean Donelan <[EMAIL PROTECTED]> wrote: > > > I wonder if Ruth reads NANOG? > > I knew that AT&T did this, but I never knew the name of the person > with the job before. > But who really knew Madonna tickets going on sale made up an appreciable amount of voice traffic across the nation? I know I didn't.
