Re: ISP wants to stop outgoing web based spam
* Hank Nussbacher: Please show me which virus scanner scans html pages for the words like V I A G R A, or Free M O R T G A G E, as it is going outbound. I assumed your Internet cafe example was the concrete scenario you were trying to address. There are quite a few scaners which contain signatures for spam-sending software, but it might be necessary to roll your own stuff. In that scenario, it's simply more effective to look for the software (and accompanying anomalies) than for some web application traffic. The big boys know what to do. The smaller ones like walla.co.il, jumpy.it and mail.ru to name just 3 out of about 300 I have seen, do not have all those bells and whistles and therefore, in order to protect an ISPs IP address space from not getting burned by spammers, the ISP has to take proactive measures. I still don't understand why you think this has to be solved at the network level, specifically targeting web-based email services. There are hugely different two scenarios: 1. Spammers buy your Internet service and use it to send spam. 2. Regular customers catch some piece of malware and their computers send spam. In the first case, you get rid of the customers (possibly involving law enforcement because many of the advertised products and services are illegal). In the second case, you need a general anti-malware strategy, and webmailers are the least of your problems.
Re: ISP wants to stop outgoing web based spam
On Fri, 11 Aug 2006, Florian Weimer wrote: I assumed your Internet cafe example was the concrete scenario you were trying to address. There are quite a few scaners which contain Not only. Just used as an example so everyone can be on the same page. There are hugely different two scenarios: 1. Spammers buy your Internet service and use it to send spam. 2. Regular customers catch some piece of malware and their computers send spam. In the first case, you get rid of the customers (possibly involving law enforcement because many of the advertised products and services are illegal). In the second case, you need a general anti-malware strategy, and webmailers are the least of your problems. From an anti-spam standpoint, the two cases above are one and the same. I want to BLOCK outgoing spam. For case #2, the regular customer will have their http blocked until they clean their computer in regards to malware-spitting-spam. For case #1, the spammer will be blocked from sending spam and will go elsewhere. Law enforcement is not an option since in many third world countries where this takes place, spam is the least of LEO worries. -Hank Nussbacher http://www.interall.co.il
Re: ISP wants to stop outgoing web based spam
On Friday 11 Aug 2006 05:24, Hank Nussbacher wrote: On Thu, 10 Aug 2006, Florian Weimer wrote: You should look after the automated tools (probably using a virus scanner or something like this) and trigger a covert alert once they are detected. If the spam sent out is of the right kind, you can phone the police and have the guy arrested. Please show me which virus scanner scans html pages for the words like V I A G R A, or Free M O R T G A G E, as it is going outbound. HTTP::Proxy ? I don't know what the icap support in Squid 3 will offer. I'm with Florian, you are looking for a technical solution, when the problem is best solved on the ground. Did you consider that perhaps your customer really is the spammer, or is complicit in the abuse?
Re: ISP wants to stop outgoing web based spam
On 10 Aug 2006, at 22:07, Barry Shein wrote: [...] The vector for these has been almost purely Microsoft Windows. I wonder. From the point of view of a MX host (as opposed to a customer-facing smarthost), would TCP fingerprinting to identify the OS and apply a weighting to the spam score be a viable technique?
Re: ISP wants to stop outgoing web based spam
On 11 Aug 2006, at 05:24, Hank Nussbacher wrote: [...] Please show me which virus scanner scans html pages for the words like V I A G R A, or Free M O R T G A G E, as it is going outbound. It's the one you're going to have to write, or coerce somebody to write, if you want it that much. I have a sneaking suspicion that SpamAssassin's core could probably be pressed into action here, wrapped in a HTTP proxy. It wouldn't scale terribly well, but it might be enough to keep tabs on a few tens of hosts that you expect trouble to come from. HTTPS would be a bit more tricky and would require the co-operation of the cybercafe to install your CA cert on their browsers and crank down the security settings so you could do a MITM attack.
BGP Update Report
BGP Update Report Interval: 29-Jul-06 -to- 10-Aug-06 (12 days) Observation Point: BGP Peering with AS4637 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS614721658 1.6% 79.9 -- Telefonica del Peru S.A.A. 2 - AS17974 19202 1.5% 47.1 -- TELKOMNET-AS2-AP PT TELEKOMUNIKASI INDONESIA 3 - AS39308 16871 1.3%1054.4 -- ASK-AS Andishe Sabz Khazar Autonomous System 4 - AS30890 13172 1.0% 62.4 -- EVOLVA Evolva Telecom 5 - AS33783 11359 0.9% 107.2 -- EEPAD 6 - AS701810056 0.8% 6.6 -- ATT-INTERNET4 - ATT WorldNet Services 7 - AS912110048 0.8% 60.2 -- TTNET TTnet Autonomous System 8 - AS163229902 0.8% 104.2 -- PARSONLINE PARSONLINE Autonomous System 9 - AS702 9389 0.7% 12.7 -- AS702 MCI EMEA - Commercial IP service provider in Europe 10 - AS8685 8461 0.6% 180.0 -- DORUKNET DorukNet Istanbul / Turkey 11 - AS701 8434 0.6% 8.7 -- ALTERNET-AS - UUNET Technologies, Inc. 12 - AS2018 7447 0.6% 55.2 -- TENET-1 13 - AS154647211 0.6% 300.5 -- IHLASNET IHLASNET Autonomous System 14 - AS4855 6921 0.5% 111.6 -- PI-ID-AS-AP Pacific Link Indonesia 15 - AS8386 6764 0.5% 211.4 -- KOCNET KOCNET-AS 16 - AS8708 6636 0.5% 30.4 -- RDSNET Romania Data Systems S.A. 17 - AS855 6461 0.5% 11.4 -- CANET-ASN-4 - Aliant Telecom 18 - AS174 6428 0.5% 2.9 -- COGENT Cogent/PSI 19 - AS239186302 0.5% 47.0 -- CBB-BGP-IBARAKI Connexion By Boeing Ibaraki AS 20 - AS156116266 0.5% 59.1 -- Iranian Research Organisation TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS210423099 0.2%1549.5 -- GULFSAT-AS Gulfsat Autonomous System 2 - AS274071484 0.1%1484.0 -- FRISCHS-INC - Frisch's Restaurants, Inc. 3 - AS7013 5694 0.4%1423.5 -- NETSELECT - Health Sciences Libraries Consortium 4 - AS39308 16871 1.3%1054.4 -- ASK-AS Andishe Sabz Khazar Autonomous System 5 - AS34378 799 0.1% 799.0 -- RUG-AS Razguliay-UKRROS Group 6 - AS141692772 0.2% 693.0 -- MEAD - MEAD CORPORATION 7 - AS15755 604 0.1% 604.0 -- ISPRO Autonomous System Izmir,TURKEY 8 - AS12408 548 0.0% 548.0 -- BIKENT-AS Bikent Ltd. Autonomous system 9 - AS35080 537 0.0% 537.0 -- OYAK-TELEKOM-AS Oyak Telekom Hizm. BGP AS 10 - AS34984 529 0.0% 529.0 -- BITEL-AS BILISIM TELEKOM 11 - AS144102609 0.2% 521.8 -- DALTON - MCM, Inc., DBA: [EMAIL PROTECTED] 12 - AS8389 510 0.0% 510.0 -- STVOICE Sabanci Telekom A.S. 13 - AS3043 2760 0.2% 460.0 -- AMPHIB-AS - Amphibian Media Corporation 14 - AS26897 450 0.0% 450.0 -- INVISION-TECH - INVISION TECHNOLOGIES, INC. 15 - AS29666 441 0.0% 441.0 -- TRHENKEL Turk Henkel Kimya Sanayi 16 - AS39410 430 0.0% 430.0 -- TEDAS-AS Turkiye Elektrik Dagitim A.S. 17 - AS39080 392 0.0% 392.0 -- SIMETRI-AS SIMETRI YAZILIM 18 - AS39348 774 0.1% 387.0 -- TYACHIV-AS Initiativa Ltd. 19 - AS35474 345 0.0% 345.0 -- MGI-TR-AS MGI METRO Group 20 - AS295491352 0.1% 338.0 -- ZIRAATBANK-AS T.C. Ziraat Bankasi A.S. TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 208.28.80.0/21 2956 0.2% AS7013 -- NETSELECT - Health Sciences Libraries Consortium 2 - 209.140.24.0/242755 0.2% AS3043 -- AMPHIB-AS - Amphibian Media Corporation 3 - 159.124.160.0/19 2704 0.2% AS14169 -- MEAD - MEAD CORPORATION 4 - 208.0.225.0/24 2670 0.2% AS11139 -- CWRIN CW BARBADOS 5 - 208.1.152.0/21 2590 0.2% AS7013 -- NETSELECT - Health Sciences Libraries Consortium 6 - 206.251.163.0/24 2427 0.2% AS4314 -- I-55-INTERNET-SERVICES-INC - I-55 INTERNET SERVICES 7 - 209.160.56.0/221705 0.1% AS14361 -- HOPONE-DCA - HopOne Internet Corporation 8 - 41.204.96.0/24 1562 0.1% AS21042 -- GULFSAT-AS Gulfsat Autonomous System 9 - 41.204.127.0/241537 0.1% AS21042 -- GULFSAT-AS Gulfsat Autonomous System 10 - 66.117.207.0/241484 0.1% AS27407 -- FRISCHS-INC - Frisch's Restaurants, Inc. 11 - 202.125.147.0/24 1456 0.1% AS17557 -- PKTELECOM-AS-AP Pakistan Telecom 12 - 89.144.128.0/211445 0.1% AS39308 -- ASK-AS Andishe Sabz Khazar Autonomous System 13 - 143.81.0.0/21 1305 0.1% AS6034 -- DDN-ASNBLK - DoD Network Information Center 14 - 198.92.192.0/211281 0.1% AS16559 -- REALCONNECT-01 - RealConnect, Inc 15 - 89.144.134.0/241271 0.1% AS39308 -- ASK-AS Andishe Sabz Khazar
The Cidr Report
This report has been generated at Fri Aug 11 21:47:29 2006 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
04-08-06191781 125425
05-08-06192161 125422
06-08-06191969 125424
07-08-06192032 125356
08-08-06192051 125384
09-08-06192156 125482
10-08-06192348 125554
11-08-06192373 125204
AS Summary
22758 Number of ASes in routing system
9515 Number of ASes announcing only one prefix
1469 Largest number of prefixes announced by an AS
AS7018 : ATT-INTERNET4 - ATT WorldNet Services
91537920 Largest address span announced by an AS (/32s)
AS721 : DISA-ASNBLK - DoD Network Information Center
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 11Aug06 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 192392 1255666682634.7% All ASes
AS4134 1261 264 99779.1% CHINANET-BACKBONE
No.31,Jin-rong Street
AS4755 960 72 88892.5% VSNL-AS Videsh Sanchar Nigam
Ltd. Autonomous System
AS18566 954 181 77381.0% COVAD - Covad Communications
Co.
AS721 1003 316 68768.5% DISA-ASNBLK - DoD Network
Information Center
AS4323 968 281 68771.0% TWTC - Time Warner Telecom,
Inc.
AS22773 682 51 63192.5% CCINET-2 - Suddenlink
Communications
AS9498 780 183 59776.5% BBIL-AP BHARTI BT INTERNET
LTD.
AS6197 1016 490 52651.8% BATI-ATL - BellSouth Network
Solutions, Inc
AS7018 1469 954 51535.1% ATT-INTERNET4 - ATT WorldNet
Services
AS19916 563 65 49888.5% ASTRUM-0001 - OLM LLC
AS19262 681 184 49773.0% VZGNI-TRANSIT - Verizon
Internet Services Inc.
AS855568 88 48084.5% CANET-ASN-4 - Aliant Telecom
AS17488 520 41 47992.1% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS11492 723 283 44060.9% CABLEONE - CABLE ONE
AS3602 526 106 42079.8% AS3602-RTI - Rogers Telecom
Inc.
AS18101 436 27 40993.8% RIL-IDC Reliance Infocom Ltd
Internet Data Centre,
AS15270 450 57 39387.3% AS-PAETEC-NET - PaeTec.net -a
division of
PaeTecCommunications, Inc.
AS17676 491 111 38077.4% JPNIC-JP-ASN-BLOCK Japan
Network Information Center
AS812416 42 37489.9% ROGERS-CABLE - Rogers Cable
Inc.
AS22047 458 85 37381.4% VTR BANDA ANCHA S.A.
AS4766 669 306 36354.3% KIXS-AS-KR Korea Telecom
AS4812 412 59 35385.7% CHINANET-SH-AP China Telecom
(Group)
AS6198 596 243 35359.2% BATI-MIA - BellSouth Network
Solutions, Inc
AS6467 392 47 34588.0% ESPIRECOMM - Xspedius
Communications Co.
AS9583 934 602 33235.5% SIFY-AS-IN Sify Limited
AS16852 362 52 31085.6% FOCAL-CHICAGO - Focal Data
Communications of Illinois
AS8151 784 494 29037.0% Uninet S.A. de C.V.
AS16814 329 46 28386.0% NSS S.A.
AS6517 415 138 27766.7% YIPESCOM - Yipes
Communications, Inc.
AS19115 362 93 26974.3% CHARTER-LEBANON - Charter
Communications
Total
Re: ISP wants to stop outgoing web based spam
On Fri, 11 Aug 2006 09:38:46 BST, Peter Corlett said: On 10 Aug 2006, at 22:07, Barry Shein wrote: [...] The vector for these has been almost purely Microsoft Windows. I wonder. From the point of view of a MX host (as opposed to a customer-facing smarthost), would TCP fingerprinting to identify the OS and apply a weighting to the spam score be a viable technique? That would depend entirely on how much business you do with companies that are afflicted with Exchange servers for their mail service. If you're also dinging the host for non-adherence to RFCs, there's probably Exchange boxes you'll never hear from again. Whether this is good or bad depends on your own personal religious convictions. ;) Now, if it fingerprints as a Redmond product, and doesn't have the tell-tale headers of having been through an Exchange server, that's gotta be worth *several* points of weighing pgpCHYrvwHaHp.pgp Description: PGP signature
Re: SORBS Contact
Steve Sobol wrote: Allan Poindexter wrote: Matthew so would you consider as it is my network, that I should Matthew not be allowed to impose these 'draconian' methods and Matthew perhaps I shouldn't be allowed to censor traffic to and Matthew from my networks? If you want to run a network off in the corner by yourself this is fine. If you have agreed to participate in the Internet you have an obligation to deliver your traffic. In many cases, that is a gross overgeneralization. Do you think anyone really wanted the Slammer worm, or complained when ISP's blocked it? I suspect he really means that. The whole game here is maximum dollar for minimum service. I was pretty much chased off of NANOG some years ago because of my undiplomatic insistence that the SP's had an obligation to block evil traffic (which in those would have been an easier matter than it is today). And yes, I didn't handle the diversionary flame wars and ad hominem attacks very well. Don't bother yourself, anybody, with looking them up. I work for a company that is contractually obligated to NOT carry certain traffic for our clients. the users got it wrong some small percentage amount of the time. I was stunned at the arrogance and presumption in that comment. You can't tell from looking at the contents, source, or destination if something is spam because none of these things can tell whether the message was requested or is wanted by the recipient. The recipient is the only person who can determine these things. You're right. But... So what? Perhaps it's because you're seeing things from an academic point of view and not from a business point of view, but your post mention nothing about contracts. People generally use DNSBLs without any formal agreement as to what they should expect. Without any formal agreement, you really can't talk about obligations to deliver traffic. In this case, your recourse is to not use the DNSBL. If you're mailing someone who has a DNSBL, you (as the sender) have *no* recourse other than to complain to the DNSBL user. Plus, as I pointed out earlier, some people contract with service providers to prevent certain traffic from getting to their networks (not just spam, either). There are simple solutions to this. They do work in spite of the moanings of the hand wringers. In the meantime my patience with email lost silently due to blacklists, etc. is growing thin. You're certainly welcome to encourage others not to use blacklists. Just understand that you have no right to complain when they decide to continue using those blacklists. Having said that, do understand that I don't think DNSBL's are a panacea, nor are their operators perfect. But in many cases, they can be a useful tool in the anti-spam arsenal. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
fingerprinting and spam ID (was: Re: ISP wants to stop outgoing web based spam)
on Fri, Aug 11, 2006 at 09:38:46AM +0100, Peter Corlett wrote: On 10 Aug 2006, at 22:07, Barry Shein wrote: [...] The vector for these has been almost purely Microsoft Windows. I wonder. From the point of view of a MX host (as opposed to a customer-facing smarthost), would TCP fingerprinting to identify the OS and apply a weighting to the spam score be a viable technique? Yes - I had a quickie p0f/sendmail fingerprinting check working here for a while; it was primarily amusing to watch the various versions of Windows scroll by as I watched the zombies attack, but given that the occasional legit mail server runs Exchange, and given that I already knew which hosts were zombies (generic rDNS, sending to traps, using laughably broken heuristics to try to defeat my filters, etc.) it turned out to be somewhat less than useful. Just amusing. Now that my filters have a scoring mechanism, maybe I'll go back and turn it back on and see how it works. The problem is that I already see enough legit mail hit the quarantine due to being HTML/multipart, suspected of being sent direct-to-MX due to Exchange's bizarre habit of not providing an audit trail via Received headers, etc. Knowing that it's a Windows box doing the sending is likely to be more of a reason to treat it more lightly, on the assumption that it's laughably broken but probably mail some employee wants/needs, than the alternative. IOW, if you're already ugly and smell funny, it doesn't help to know that it's also because your mother wears combat boots. The biggest problem with email isn't that it doesn't work; the biggest problem with email is that there are so many vendors who simply refuse to implement SMTP properly. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/ antispam news, solutions for sendmail, exim, postfix: http://enemieslist.com/ rambling, amusements, edifications and suchlike: http://interrupt-driven.com/
Re: SORBS Contact
You're certainly welcome to encourage others not to use blacklists. Just understand that you have no right to complain when they decide to continue using those blacklists. Having said that, do understand that I don't think DNSBL's are a panacea, nor are their operators perfect. But in many cases, they can be a useful tool in the anti-spam arsenal. Weighing in with an opinion, as bad as blacklists *may be*, at least they let the sender know something's up. Not in an artful way, to be sure, but they give some notice. The sender can do _something_, including dropping his association with the recipient b/c it's not worth his time and trouble. Blackholing email because you think it's spam, OTOH, is pure evil. -- _ Nachman Yaakov Ziskind, FSPA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: ISP wants to stop outgoing web based spam
On 10 Aug 2006, at 22:07, Barry Shein wrote: [...] The vector for these has been almost purely Microsoft Windows. I wonder. From the point of view of a MX host (as opposed to a customer-facing smarthost), would TCP fingerprinting to identify the OS and apply a weighting to the spam score be a viable technique? We have been doing that in our traffic shaping SMTP transport for a while now. We have found a 95% correlation between spam sources and Windows hosts. If you drill down to specific versions of Windows, the correlation is even higher. For _blocking_ connections (as opposed to, say, just slowing them down), you must combine host type with reputation information. Regards, Ken -- MailChannels: Reliable Email Delivery (TM) | http://mailchannels.com -- Suite 203, 910 Richards St. Vancouver, BC, V6B 3C1, Canada Direct: +1-604-729-1741
New Laptop Polices
Greetings all, Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops. Thank You, Michael Cullen Global Security, Universal Music Group 818286-5473 (w) | 818 919-6974 (c) UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | [EMAIL PROTECTED] (msn) The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that it is strictly prohibited (a) to disseminate, distribute or copy this communication or any of the information contained in it, or (b) to take any action based on the information in it. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: SORBS Contact
Weighing in with an opinion, as bad as blacklists *may be*, at least they let the sender know something's up. Not in an artful way, to be sure, but they give some notice. The sender can do _something_, including dropping his association with the recipient b/c it's not worth his time and trouble. Blackholing email because you think it's spam, OTOH, is pure evil. Host type can only be used as a relatively small weighting factor toward blocking connections. However in the absence of any other reputation data on a particular IP, it's a safe way to trigger throttling or rate limiting. IMHO receivers have a right to filter traffic in any way that reduces abuse while serving the needs of their end users. There is a lot of pressure from end users and legitimate email senders to ensure that whatever blocking strategy is in use ensures that the good stuff is not blocked. Regards, Ken -- MailChannels: Reliable Email Delivery (TM) | http://mailchannels.com -- Suite 203, 910 Richards St. Vancouver, BC, V6B 3C1, Canada Direct: +1-604-729-1741
Re: SORBS Contact
Ken Simpson wrote (on Fri, Aug 11, 2006 at 09:09:33AM -0700): Weighing in with an opinion, as bad as blacklists *may be*, at least they let the sender know something's up. Not in an artful way, to be sure, but they give some notice. The sender can do _something_, including dropping his association with the recipient b/c it's not worth his time and trouble. Blackholing email because you think it's spam, OTOH, is pure evil. Host type can only be used as a relatively small weighting factor toward blocking connections. However in the absence of any other reputation data on a particular IP, it's a safe way to trigger throttling or rate limiting. IMHO receivers have a right to filter traffic in any way that reduces abuse while serving the needs of their end users. There is a lot of pressure from end users and legitimate email senders to ensure that whatever blocking strategy is in use ensures that the good stuff is not blocked. I agree that IP by itself is of limited usefullness. My main point was that, however you came to your decision (today I'm not accepting SMTP from hosts with the number nine in their IP), you should reject mail you don't want, not accept it and toss it. -- _ Nachman Yaakov Ziskind, FSPA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: New Laptop Polices
Are laptops being questioned now in the UK when going through security? I would assume that they are probably wiping every laptop and doing the explosive check that they do... -Mike On 8/11/06, Cullen, Michael [EMAIL PROTECTED] wrote: Greetings all, Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops. Thank You, Michael Cullen Global Security, Universal Music Group 818 286-5473 (w) | 818 919-6974 (c) UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | [EMAIL PROTECTED] (msn) The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that it is strictly prohibited (a) to disseminate, distribute or copy this communication or any of the information contained in it, or (b) to take any action based on the information in it. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: New Laptop Polices
Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops. Michael Cullen Global Security, Universal Music Group 818 286-5473 (w) | 818 919-6974 (c) UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | [EMAIL PROTECTED] (msn) For me, i think there are two items that jump out: 1. durability of the case of a laptop being checked baggage vs. carryon if indeed we now have to check bags on certain/all flights... 2. with regard to safety of laptops, if you mean that exec's are targets of robberies, than this further lends value i suspect of keeping everything on the network and having passwords to reach the network from the laptop, etc Nothing on the laptop but pics of the kids and mp3's. all downloaded legally of course...secure computing/safeword/etc.. to reach your remote files would seem like a good idea... peter
Re: New Laptop Polices
you have sent a message to me which seems to contain a legal warning on who can read it, or how it may be distributed, or whether it may be archived, etc. i do not accept such email. my mail user agent detected a legal notice when i was opening your mail, and automatically deleted it. so do not expect further response. yes, i know your mail environment automatically added the legal notice. well, my mail environment automatically detected it, deleted it, and sent this message to you. so don't expect a lot of sympathy. and if you choose to work for some enterprise clueless enough to think that they can force this silliness on the world, use gmail, hotmail, ... randy
Re: New Laptop Polices
randy, why not invite the new/etc... guy who probably never posted
before to come to a nanog instead of being so mean to the poor guy?
you have sent a message to me which seems to contain a legal
warning on who can read it, or how it may be distributed, or
...
apologies to all. i hacked my .vm and .procmailrc [0] last night,
and mashed elsewhere meaning my message went to list as opposed to
just the sender of the silliness.
randy
[0] - to repent, here is an interesting .procmailrc hack to reduce
backscatter. credit goes to rob austein for the equivalent
maildrop hack from which i stole
:
* ^(From:.*(postmaster|mailer[\- ]daemon)|Return-Path:.*)
{
:B
* !^Message-ID:[EMAIL PROTECTED](psg|iij|bogus)\.com
$TRASH
}
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. Daily listings are sent to [EMAIL PROTECTED] For historical data, please see http://thyme.apnic.net. If you have any comments please contact Philip Smith [EMAIL PROTECTED]. Routing Table Report 04:00 +10GMT Sat 12 Aug, 2006 Analysis Summary BGP routing table entries examined: 194755 Prefixes after maximum aggregation: 107004 Unique aggregates announced to Internet: 95222 Total ASes present in the Internet Routing Table: 22854 Origin-only ASes present in the Internet Routing Table: 19885 Origin ASes announcing only one prefix:9517 Transit ASes present in the Internet Routing Table:2969 Transit-only ASes present in the Internet Routing Table: 68 Average AS path length visible in the Internet Routing Table: 3.5 Max AS path length visible: 24 Max AS path prepend of ASN (24076) 20 Prefixes from unregistered ASNs in the Routing Table:22 Unregistered ASNs in the Routing Table: 2 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space: 9 Number of addresses announced to Internet: 1562847660 Equivalent to 93 /8s, 39 /16s and 41 /24s Percentage of available address space announced: 42.2 Percentage of allocated address space announced: 61.0 Percentage of available address space allocated: 69.1 Total number of prefixes smaller than registry allocations: 96812 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:42607 Total APNIC prefixes after maximum aggregation: 17466 Prefixes being announced from the APNIC address blocks: 40293 Unique aggregates announced from the APNIC address blocks:18723 APNIC Region origin ASes present in the Internet Routing Table:2669 APNIC Region origin ASes announcing only one prefix:755 APNIC Region transit ASes present in the Internet Routing Table:400 Average APNIC Region AS path length visible:3.5 Max APNIC Region AS path length visible: 24 Number of APNIC addresses announced to Internet: 244848480 Equivalent to 14 /8s, 152 /16s and 23 /24s Percentage of available APNIC address space announced: 76.6 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911 APNIC Address Blocks 58/7, 60/7, 121/8, 122/7, 124/7, 126/8, 202/7 210/7, 218/7, 220/7 and 222/8 ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes: 98560 Total ARIN prefixes after maximum aggregation:58685 Prefixes being announced from the ARIN address blocks:72285 Unique aggregates announced from the ARIN address blocks: 27310 ARIN Region origin ASes present in the Internet Routing Table:10883 ARIN Region origin ASes announcing only one prefix:4096 ARIN Region transit ASes present in the Internet Routing Table:1012 Average ARIN Region AS path length visible: 3.3 Max ARIN Region AS path length visible: 18 Number of ARIN addresses announced to Internet: 299087360 Equivalent to 17 /8s, 211 /16s and 182 /24s Percentage of available ARIN address space announced: 77.5 ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106 (pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153 3354-4607, 4865-5119, 5632-6655, 6912-7466 7723-8191, 10240-12287, 13312-15359, 16384-17407 18432-20479, 21504-23551, 25600-26591, 26624-27647, 29696-30719, 31744-33791 35840-36863, 39936-40959 ARIN Address Blocks24/8, 63/8, 64/5, 72/6, 76/8, 199/8, 204/6, 208/7 and 216/8 RIPE Region Analysis Summary Prefixes being announced by RIPE Region ASes: 39164 Total RIPE prefixes after maximum aggregation:26205 Prefixes being announced from the RIPE address blocks:36138 Unique aggregates announced from the RIPE address blocks: 24344 RIPE Region origin ASes present in the Internet Routing Table: 8363 RIPE Region origin ASes announcing only one prefix:4386 RIPE Region transit ASes present in the
Re: New Laptop Polices
I think the issue is more to do with theft by dodgy baggage handlers (or randy if he sees a disclaimer notice on the laptop case in which case he'd throw it in the trash and ask the airport concierge to make an announceent about it over the airport PA system ;)). If you have data that is so sensitive then in theory you should already have a security platform (encryption etc) on the laptop as you are just as likely to get mugged in the street as you are to get your luggage stolen. One thing that I know for some smaller companies is that their disaster recovery plans may need reviewing in light of this policy. Regards, Neil -- Neil J. McRae -- Alive and Kicking [EMAIL PROTECTED] -Original Message- From: Mike Lyon [EMAIL PROTECTED] Date: Fri, 11 Aug 2006 09:37:23 To:Cullen, Michael [EMAIL PROTECTED] Cc:nanog@merit.edu Subject: Re: New Laptop Polices Are laptops being questioned now in the UK when going through security? I would assume that they are probably wiping every laptop and doing the explosive check that they do... -Mike On 8/11/06, Cullen, Michael [EMAIL PROTECTED] wrote: Greetings all, Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops. Thank You, Michael Cullen Global Security, Universal Music Group 818 286-5473 (w) | 818 919-6974 (c) UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | [EMAIL PROTECTED] (msn) The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that it is strictly prohibited (a) to disseminate, distribute or copy this communication or any of the information contained in it, or (b) to take any action based on the information in it. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: fingerprinting and spam ID (was: Re: ISP wants to stop outgoing web based spam)
The problem is that I already see enough legit mail hit the quarantine due to being HTML/multipart, suspected of being sent direct-to-MX due to Exchange's bizarre habit of not providing an audit trail via Received headers, etc. Of course by the time you can inspect the body of a message, it's already sucked down a large chunk of your resources. Host type is useful in pre-filtering even before you go so far as to send the banner -- to get rid of or at least slow down the crap that you almost certainly know is on its way. The biggest problem with email isn't that it doesn't work; the biggest problem with email is that there are so many vendors who simply refuse to implement SMTP properly. I heartily agree! We have seen some laughable renditions of SMTP over the years. Regards, Ken -- MailChannels: Reliable Email Delivery (TM) | http://mailchannels.com -- Suite 203, 910 Richards St. Vancouver, BC, V6B 3C1, Canada Direct: +1-604-729-1741
Re: ISP wants to stop outgoing web based spam
Alexander Harrowell [11/08/06 17:09 +0100]: Holding the geek snobbery for a moment, I don't think I've ever worked anywhere where the e-mail wasn't MSExchange...so that would kill 100% of e-mail containing actual financially meaningful information. Yes it would if host type was the only factor you used to decide whether to block a connection. It would be silly and unwise to block based on host type alone. However in the absence of any other information about an IP, it's at least a good and safe way to trigger rate limiting or throttling of a connection. Once the sender gets a few good mails through and proves its worthiness, its good reputation will vastly outweight the host type. Legitimate senders don't move around a lot, so their positive reputation has time to build. Spammers on the other hand use very short-lived IPs which do not have a chance to build reputation. The next iteration for spammers will be to move in a big way toward sending via legitimate outbound mail servers. A previous thread was already discussing a variant of this technique, where webmail accounts are automatically plundered from cafes in Nigeria to exploit the good reputation of ISPs. Regards, Ken On 8/11/06, Ken Simpson [EMAIL PROTECTED] wrote: On 10 Aug 2006, at 22:07, Barry Shein wrote: [...] The vector for these has been almost purely Microsoft Windows. I wonder. From the point of view of a MX host (as opposed to a customer-facing smarthost), would TCP fingerprinting to identify the OS and apply a weighting to the spam score be a viable technique? We have been doing that in our traffic shaping SMTP transport for a while now. We have found a 95% correlation between spam sources and Windows hosts. If you drill down to specific versions of Windows, the correlation is even higher. For _blocking_ connections (as opposed to, say, just slowing them down), you must combine host type with reputation information. Regards, Ken -- MailChannels: Reliable Email Delivery (TM) | http://mailchannels.com -- Suite 203, 910 Richards St. Vancouver, BC, V6B 3C1, Canada Direct: +1-604-729-1741 -- MailChannels: Reliable Email Delivery (TM) | http://mailchannels.com -- Suite 203, 910 Richards St. Vancouver, BC, V6B 3C1, Canada Direct: +1-604-729-1741
Fedex Contact?
Does anyone have a Fedex.com contact that can help troubleshoot an email issues?
Re: New Laptop Polices
Of course take precautions with leaving files on the network, and using secure remote access to those files, but I don't necessarily trust most users to not keep some sort of sensitive data on local disk, so we started rolling out PGP whole disk encryption... Chris On 8/11/06, Neil J. McRae [EMAIL PROTECTED] wrote: I think the issue is more to do with theft by dodgy baggage handlers (or randy if he sees a disclaimer notice on the laptop case in which case he'd throw it in the trash and ask the airport concierge to make an announceent about it over the airport PA system ;)). If you have data that is so sensitive then in theory you should already have a security platform (encryption etc) on the laptop as you are just as likely to get mugged in the street as you are to get your luggage stolen. One thing that I know for some smaller companies is that their disaster recovery plans may need reviewing in light of this policy. Regards, Neil -- Neil J. McRae -- Alive and Kicking [EMAIL PROTECTED] -Original Message- From: Mike Lyon [EMAIL PROTECTED] Date: Fri, 11 Aug 2006 09:37:23 To:Cullen, Michael [EMAIL PROTECTED] Cc:nanog@merit.edu Subject: Re: New Laptop Polices Are laptops being questioned now in the UK when going through security? I would assume that they are probably wiping every laptop and doing the explosive check that they do... -Mike On 8/11/06, Cullen, Michael [EMAIL PROTECTED] wrote: Greetings all, Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops. Thank You, Michael Cullen Global Security, Universal Music Group 818 286-5473 (w) | 818 919-6974 (c) UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | [EMAIL PROTECTED] (msn) The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that it is strictly prohibited (a) to disseminate, distribute or copy this communication or any of the information contained in it, or (b) to take any action based on the information in it. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: New Laptop Polices
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter Cohen wrote: 2. with regard to safety of laptops, if you mean that exec's are targets of robberies, than this further lends value i suspect of keeping everything on the network and having passwords to reach the network from the laptop, etc Nothing on the laptop but pics of the kids and mp3's. all downloaded legally of course...secure computing/safeword/etc.. to reach your remote files would seem like a good idea... That sounds like good advise, however being the sibling of a former executive from the same company as the OP, I don't think that advice would, er... fly (bad pun). The problem isn't securing the data, it's educating the user... and that can't be done in the time between today and the next executives flight. Laptop security really sucks these days... this is certainly an area for a lot more focused thought. One could easily spend less than $1000 paying off baggage handlers to side-track laptops, boot them one time from a CD containing a rootkit installer, and put them on the original or next flight. Which exec would ever know what happened? - -Jim P. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFE3OtnMyG7U7lo69MRAu3uAJ0Q4O2SYUiBmg9CCKcImXxDAWTijwCeLcBC SxBtOx81VtZ24nzAWfIQyMA= =upUt -END PGP SIGNATURE-
Re: SORBS Contact
Michael Nicks wrote: Actually I think this thread progressed from someone getting dirty blocks, to complaining about liberal-listing-RBLs (yes SORBS is one), to RBLs defending themselves and their obviously broken practices. We should not have to jump through hoops to satisfy your requirements. Best Regards, -Michael Again please parse you and your as being generic and not targeted at Michael, this is merely a reply. (except in the first series of interrogatories, nor do I have any evidence that Michel is currently or has ever hosted anyone who has caused a listing in the AHBL) So, we shouldn't enforce _our_ policies on _our_ sites, that _our_ users agree with and assume that we follow because it's inconvenient for _you_? Assuming that I follow the rules that I have established, and published for review for the running of my list, how are my practices broken? Can I not conceivably list anyone who falls afoul of my listing policies at any time? Why should I, someone with years of experience running, maintaining and defending a DNSBL listen to you who lacks such experience (to my knowledge) as to how to run my list? Why should I, with the above mentioned points of experience listen to you as to how to run my list when your advice is in conflict with the policies that my list abides by, and that my uses expect and trust that I follow? Should I also listen to your thoughts on routing protocols so as to ensure you are not required to jump through hoops? Perhaps I should consult with you in designing my web site for similar reasons? Maybe I should have you review my security so that my network is not overly burdensome to you? Or, maybe I should show up at your facilities and start ripping out patch cables and torching servers and equipment used to provide service to people who fall afoul of my listing policies. I really don't think that you'd appreciate that. Therefore your statement that you should not have to jump through hoops is unsupportable. And believe me when I say this, there's a long list of people on the Internet that I consider to be idiots, and a large local deny file on my mailservers for entities I don't like, or don't want mail from that never make it into the AHBL. I, and Matthew (to my knowledge) does not bend the rules simply because it's convenient, or because the idiot deserved it. On the front page of the AHBL's website is a link in size 4 bold font. If you were told to come here to get removed from our list, please see this page. If you are for some reason incapable of figuring out how to follow the link, navigating your way to the lookup page in the subsequent instructions, and then determining and entering your IP address; then why are you running a mail server in the first place? Also on our site is our policies which every volunteer with access to the AHBL has read and agreed to follow. We also monitor raw incoming submissions to ensure the volunteers DO follow them. So feel free to read our policies, and if you like them, feel free to use our list if it suits your needs. If it does not, please feel free to direct your opinions to the bitbucket unless you want to come to me with both a problem and a rational solution, instead of bitching about how I do volunteer work. Andrew
Re: New Laptop Polices
I think baggage time is a hell of an opportunity to plant that
keysnatcher you always wanted on the target's machine.
Note you could be the Feebee's or the Beltway bandit bidding
against the target, or dissident BoD member or
It's also a great time to plant some file that POOF the authorities
will decrypt show it's kiddie porn. {Or just hide same in your
browser cache.} Do YOU know what every frigging file on your
machine is?
--
A host is a host from coast to [EMAIL PROTECTED]
no one will talk to a host that's close[v].(301) 56-LINUX
Unless the host (that isn't close).pob 1433
is busy, hung or dead20915-1433
Re: New Laptop Polices
On Fri, 11 Aug 2006, David Lesher wrote:
It's also a great time to plant some file that POOF the authorities
will decrypt show it's kiddie porn. {Or just hide same in your
browser cache.} Do YOU know what every frigging file on your
machine is?
and here I was thinking: Quick! buy stock in whole disk encryption
software makers!
do you want to leave (banging around in baggage-monkey-land aside) your
laptop where it's going to be out of your hands for several hours like
that?
Re: New Laptop Polices
Do modern laptops have disk drives that are that hard to remove? -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: New Laptop Polices
On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :)
Re: New Laptop Polices
Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? Let us say No, they are not that hard to remove. Now what? (Recall that this thread started with a situation where it was said that carry-on was limited to passport, medicine in small quantities, and precious little else.) -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Re: New Laptop Polices
No, it is easy enough to remove laptop hard drives. -Rusty On 8/11/06, Joseph S D Yao [EMAIL PROTECTED] wrote: Do modern laptops have disk drives that are that hard to remove? -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: New Laptop Polices
Christopher L. Morrow wrote: On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :) I guess I mis-understood his intent. [1] In any case, it occurred to me that in today's throw-away commodity computer world, why don't we return to those thrilling days of yesteryear where we expected the destination to have all the stuff we needed, pretty much? All the files on a central server (where, like the old central file room they will be safer) accessed from appliances installed everywhere like lights and telephones. Maybe give them a catchy name like minitel or something. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Re: New Laptop Polices
Laurence F. Sheldon, Jr. (that is me) wrote: Christopher L. Morrow wrote: On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :) I guess I mis-understood his intent. [1] In any case, it occurred to me that in today's throw-away commodity computer world, why don't we return to those thrilling days of yesteryear where we expected the destination to have all the stuff we needed, pretty much? All the files on a central server (where, like the old central file room they will be safer) accessed from appliances installed everywhere like lights and telephones. Maybe give them a catchy name like minitel or something. Forgot the footnote. Hate it when people do that! [1] Only the (was first,now...) second mistake since dinner. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Re: New Laptop Polices
On Fri, 11 Aug 2006, Laurence F. Sheldon, Jr. wrote: Christopher L. Morrow wrote: On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :) I guess I mis-understood his intent. [1] not sure of his intent, but I know mine :) boot off cd, copy your HD, walk away... I just know there is some juicy goo on Joe's laptop, he works for OSIS! (I kid, of course) In any case, it occurred to me that in today's throw-away commodity computer world, why don't we return to those thrilling days of yesteryear where we expected the destination to have all the stuff we needed, pretty much? All the files on a central server (where, like the you haven't had that discussion with an exec have you? I'd love to, my laptops are, for all intents and purposes a ssh terminal... apparently people need 'VPN access' and 'powerpoint' (is that what it's called??) and what-not. I don't get it, but then again, I'm just a chemical engineer. old central file room they will be safer) accessed from appliances installed everywhere like lights and telephones. Maybe give them a catchy name like minitel or something. are you in marketting? :)
Re: New Laptop Polices
On Sat, Aug 12, 2006 at 02:28:33AM +, Christopher L. Morrow wrote: On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :) I had more in mind removing it from the laptop before someone else could. -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: New Laptop Polices
Joseph S D Yao wrote: On Sat, Aug 12, 2006 at 02:28:33AM +, Christopher L. Morrow wrote: On Fri, 11 Aug 2006, Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb-copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and load-plane time so you do the math! :) I had more in mind removing it from the laptop before someone else could. Which took me to the question: What would you then do with it? -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Re: New Laptop Polices
On Fri, Aug 11, 2006 at 09:31:52PM -0500, Laurence F. Sheldon, Jr. wrote: Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? Let us say No, they are not that hard to remove. Now what? (Recall that this thread started with a situation where it was said that carry-on was limited to passport, medicine in small quantities, and precious little else.) No, you were right about my intent. If you're flying from the States you can carry this. Flying in the reverse direction is the problem - this week. (The rules already changed, today; are we sure that disk drives are still on the Index Proscriptus? What about RAM drives?) You could also rush-express it ahead of you, but that's a bit of a gamble. Less so if you encrypt it and keep a copy at home. Sort of like faxing your disk drive ahead. And, going along with what I think you later said, if you just leave the laptop itself at home and stick the disk drive into an identical laptop provided for that purpose at the destination, you could never tell the difference. -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: New Laptop Polices
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Here's a thought most airlines offer expedited freight service (i.e. Delta Dash). One could seal their lappy up in a box, mark it accordingly, and ship to for hold at destination airport. Chances are it will arrive before they do. - -Jim P. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFE3VRNMyG7U7lo69MRAkFwAKCAgTJhjsAv+Ur7dj9pDhRy+K8JyACdHGlh XD6b2MXZElTky4R73mc+7/8= =n3mK -END PGP SIGNATURE-
Re: New Laptop Polices
Joseph S D Yao wrote: On Fri, Aug 11, 2006 at 09:31:52PM -0500, Laurence F. Sheldon, Jr. wrote: Joseph S D Yao wrote: Do modern laptops have disk drives that are that hard to remove? Let us say No, they are not that hard to remove. Now what? (Recall that this thread started with a situation where it was said that carry-on was limited to passport, medicine in small quantities, and precious little else.) No, you were right about my intent. If you're flying from the States you can carry this. Flying in the reverse direction is the problem - this week. (The rules already changed, today; are we sure that disk drives are still on the Index Proscriptus? What about RAM drives?) You could also rush-express it ahead of you, but that's a bit of a gamble. Less so if you encrypt it and keep a copy at home. Sort of like faxing your disk drive ahead. And, going along with what I think you later said, if you just leave the laptop itself at home and stick the disk drive into an identical laptop provided for that purpose at the destination, you could never tell the difference. The fact of the matter is laptops get lost. Any business that depends on information being carried around on laptops by employees of the corporation needs to be prepared for that inevitability, and take steps to insure that data is not compromised. I have had three laptops stolen in the last five years, I feel this threat acutely, but it doesn't change the fact that I have to carry a laptop in order to fulfill my duties. Fundamentally I don't see how changes in airline policy would have a significant effect in the steps required to secure a laptop against theft or tampering. joelja -- Joel Jaeggli Unix Consulting [EMAIL PROTECTED] GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
mpls gear for outside plant?
Anyone know of vendors who make low density MPLS edge (IPVPN, VPLS, VPWS) gear, which can survive in outside plant? There doesn't seem to be much out there that can, most stuff that is data center type tops out at 40C. I'm looking for 45C or higher operating temp. Please respond directly to me unless you think it's of interest to the rest of the list. ;-) Thanks in advance. Best regards, Christian
