Re: Hey, SiteFinder is back, again...
On Mon, 5 Nov 2007 17:16:11 +0100 Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote: > > On Mon, Nov 05, 2007 at 10:54:05AM -0500, > Andrew Sullivan <[EMAIL PROTECTED]> wrote > a message of 29 lines which said: > > > One could argue that it is less evil to do this at recursive > > servers, because people could choose not to use that service by > > installing their own full resolvers or whatever. > > It depends. > > There are three possible ways for an access provider to do it, in > order of ascending nastiness: Perhaps it is time for resolver libraries to have the ability to equate certain IP addresses with NXDOMAIN. At least that way we can recognize that it is happening and fix our own servers on am individual basis. Sort of a DNS blacklist. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: FBI tells the public to call their ISP for help
On Fri, 15 Jun 2007 13:17:07 -0700 "Scott Weeks" <[EMAIL PROTECTED]> wrote: > : Most ISPs recommend using Microsoft software or > : provide software for the Microsoft platform, and > : require to turn on JavaScript > > I've never heard of an ISP requiring this. They might provide it for you if > you want to use their branded Micro$loth-oriented software, but it's not a > requirement. Any ISP requiring folks to use a particular OS is doomed to > fail. You're kidding, right? Have you ever called an ISP to report a technical problem that has nothing to do with your computer or even your connection to them, say a reverse DNS issue? If you tell them that you run Unix they just ask you to run IE anyway. If you don't run Windows they won't help you. That's a pretty clear message. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: FBI tells the public to call their ISP for help
On Fri, 15 Jun 2007 14:17:50 -0700 "Scott Weeks" <[EMAIL PROTECTED]> wrote: > If Joe Sixpack has a Mac, calls his ISP for help, is told the ISP only > supports Micro$loth, asks for escalation and can't get that (or even doesn't > ask for escalation) I would think Joe would move to another ISP. Thus my > earlier statement that the ISP which does this we-support-Micro$loth-only > crazyness is doomed to failure. Perhaps I have just been unlucky when dealing with the big guys. Not that I mind since I run a small ISP and I am happy to skim the one-tenth of one percent of their users that won't put up with that shit. However, it isn't going to make any dent in their business. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: FBI tells the public to call their ISP for help
On Fri, 15 Jun 2007 13:42:04 -0700 "Scott Weeks" <[EMAIL PROTECTED]> wrote: > You're kidding, right? Have you ever called an ISP to report a > technical problem that has nothing to do with your computer or even > your connection to them, say a reverse DNS issue? If you tell them > that you run Unix they just ask you to run IE anyway. If you don't run > Windows they won't help you. That's a pretty clear message. > --- > > No I've never heard of that except, possibly, from non-clued phone monkeys. > It's easy to get past them to more clued folks, though... For anyone on this list I'm sure but the fact is that the great unwashed are told that only Windows is supported. In fact it's probably a factor in why we often tell friends to just use WinBlows so that someone else can support them. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007 09:51:38 -0600 Dave Pooser <[EMAIL PROTECTED]> wrote: > Marshall beat me to it. I have a T-shirt that says "Mac: So simple my > parents can use it." It's funny because it's true. Why do I keep hearing "My parents are stupid" in these sorts of comments? Just wait. They get smarter as you get older. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007 03:23:26 -0600 (CST) Gadi Evron <[EMAIL PROTECTED]> wrote: > As a very smart person said a couple of weeks ago when this same argument > was made: are you willing to do tech-support for my mother is she uses > linux? Yes. Well, not your mother (unless she paid me) but I used to support my father and I ran Unix on his system. It was great. If he had a problem I could generally get into his system and work on it as if I was right there except he couldn't watch over my shoulder and interrupt me every 30 seconds with questions. Now he uses WindBlows and it is easier for me only beause I can send him to my siblings for support. If I am willing to support someone who doesn't understand the technology I would rather put them on Unix rather than MSW. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: http://cisco.com 403 Forbidden
On Wed, 3 Jan 2007 16:39:40 + Simon Waters <[EMAIL PROTECTED]> wrote: > > On Wednesday 03 January 2007 16:29, you wrote: > > On Wed, 3 Jan 2007, James Baldwin wrote: > > > Anyone else getting a 403 Forbidden when trying to access > > > http://cisco.com? [...] > Working fine here. Resolves to 198.133.219.25 What does DNS resolution have to do with 403 web errors? -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: would you run this little script, please
On Tue, 2 Jan 2007 07:04:58 -1000 Randy Bush <[EMAIL PROTECTED]> wrote: > if you have a bsd, linux , or probably cygwin machine, would you > please run the attached script once as a favor to a research > project? I am on a NetBSD machine. What did you want from ifconfig? I am guessing "ifconfig -a". -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006 10:11:20 +0100 [EMAIL PROTECTED] wrote: > Or perhaps BGP engineering hasn't changed in so many years > that it is now more than adequately covered by books, > certificate courses, and internal sharing of expertise. > Lists are good for things that are new or confusing or > difficult. BGP no longer fits into those categories. In other words, this should be a focussed, low volume list. > > and (d) some of > > the folks lurking here actually tell me that they benefit from gadi's > stuff. > > And, no doubt, they tell Gadi too which is why he > continues to post on this list and does not seem to > be wounded by the flaming arrows sent his way. In other words, the some people think that the goal of a mailing list should be to keep a minimum volume of email going through it rather than keeping it focussed and useful. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]
On Wed, 13 Sep 2006 10:38:49 -0700 Clay Fiske <[EMAIL PROTECTED]> wrote: > On Wed, Sep 13, 2006 at 12:17:59PM -0400, D'Arcy J.M. Cain wrote: > > > > I reiterate, no one knows me by my IP address. The software (DNS) they > > use may and some people may need to make a change but the world in > > general does not need to know that. That's the whole point of DNS. > > Let me adjust that for you: No thanks. > > I reiterate, no one knows me by my phone number. The phone book they > use may and some people may need to make a change but the world in > general does not need to know that. That's the whole point of the > phone book. > I know many of my friends phone numbers by heart. I also know many businesses by their phone number. There is a popular pizza chain here that uses their phone number in their jingle. Just last night I noticed a vet across the street from a bar I was in who's phone number was 481-PETS. I would have no need to look that up in any book. There are many cases when we have to look up numbers but numbers is what we need in the end to phone someone. This is a weakness, one that the architects of the Internet fixed by introducing domains. Domains are what we have to remember, store in our rolodexes and look up in Internet "phone books." > > My point is that my friends and aquaintences may remember my number or > > have it in their Rolodex but no one has to remember my IP address and > > very few ever have to even deal with it at all and those that do, > > only for a moment. > > Some people may know your phone number off the top of their heads, but > most will have to look it up. The main difference I see is that there > is a dynamic system for looking up IP addresses, so changes are easier If we know the domain which is the thing that users are required to remember. I deal with a music store called Long & McQuade here in Toronto. The first few times I wanted to check out their web site I looked them up in the phone book (a.k.a. "Google") but eventually I learned to remember Long-McQuade.com. I still can't remember their phone number. I generally go to the web site to get it. > to propagate. The Rolodex is the equivalent of a hosts file. The phone > book roughly equates to mailing out a zone file periodically. Calling > 411 is probably about as close to DNS as the phone system gets. No, calling 411 is closer to hitting Google. I don't call 411 to get the BTN or circuit number. > We have phone numbers so the network knows where to send the call, not > because they are convenient for people to remember. The phone number system doesn't scale well. Too late to fix it now. > > OK, my real point is that phone numbers are not like IP addresses. You > > may find a dark corner that exhibits some similarity but the basic > > analogy is flawed. > > They may not be identical, but I think the analogy works well. In both > cases the numeric address is used to route to a destination device. In > both cases, we have a reference system to resolve a name to said address. I'm beginning to think I am feeding the troll here. I am sure that 99.9% of the people on this list understand that phone numbers are more analogous to domains than to IP addresses. Yes, it's a flawed analogy but less flawed than the other. I think I am done with this particular "my analogy is bigger than your analogy" war. Oops. Did I just make another analogy? :-) -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]
On Wed, 13 Sep 2006 17:53:04 +0200 Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote: > On Wed, Sep 13, 2006 at 11:43:36AM -0400, > D'Arcy J.M. Cain wrote > a message of 20 lines which said: > > > No one knows me by my IP address. They know me by my email > > address(es). Huh? Are you trying to imply something? If your email software automatically adds that statement then please fix it. It's insulting when you trim the message to a shorter statement that you are responding to. The other 18 lines may not have been important to this particular response but they were not content free. > It does not seem true. IP addresses are visible outside in: > > * DNS servers when you get a zone delegation (the most important > reason why changing IP addresses is a pain), I reiterate, no one knows me by my IP address. The software (DNS) they use may and some people may need to make a change but the world in general does not need to know that. That's the whole point of DNS. My point is that my friends and aquaintences may remember my number or have it in their Rolodex but no one has to remember my IP address and very few ever have to even deal with it at all and those that do, only for a moment. OK, my real point is that phone numbers are not like IP addresses. You may find a dark corner that exhibits some similarity but the basic analogy is flawed. > * some peer-to-peer networks like Freenet, which do not use the DNS. I don't know enough about Freenet but I am willing to bet that users don't need to remember IP addresses to get the benefits of it. > (There are also a lof of internal uses of IP addresses for instance in > firewalls and SSH caches.) I never said that IP addresses were never used anywhere. That would be ridiculous. They are entered into firewalls, routers, DNS servers and such. What I said was that users (remember them) don't have to memorize or track them. > So, you actually have: > > 1) Phone numbers (very visible outside) > 2) IP addresses (visible outside) > 3) MAC addresses (completely invisible outside except for a few >minutes in the ARP caches) Even number 3 does not leak out of the local area. However, I fail to see what conclusion you wish me to draw from this. I don't know anyone with any modicum of understanding of IP protocols that would dispute these statements other than my nit about number 3. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]
On Wed, 13 Sep 2006 05:37:05 -0700 David Conrad <[EMAIL PROTECTED]> wrote: > I'm sure the same argument was used for telephone numbers when > technical folk were arguing against number portability. Oh come on. You know perfectly well that phone numbers are not the same as IP. No one knows me by my IP address. They know me by my email address(es). Heck, even I don't know my own IP address without running ifconfig and I installed it and maintain the system. If we were still calling central and asking "Hi Mabel, can you put me through to Doc," no one would give a rat's ass about phone number portability. Notice that no one is getting worked up about circuit number portability. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: SORBS Contact
On Sun, 13 Aug 2006 21:11:58 -0700 "David Schwartz" <[EMAIL PROTECTED]> wrote: > > > > Obligation to _whom_? My only obligations are to those who _pay_ me for > > access to my systems/resources. If the people who *do* pay me for use of > > my systems/resources "don't want" that cr*p, then I do 'have an > > obligation' > > to _not_ deliver that traffic. > > Nonsense. You have tort obligations as well as contractual obligations. > Specifically, if you take custody of someone else's data, and you have no > contract with that person, you have a tort obligation not to destroy it. You do realize that when we talk about "sending" data we are using language in a very loose way, right? Data isn't actually sent. When I "send" a packet of data, I still retain that data. If you lose it you have only lost your copy of it, not mine. Are you one of those people that makes an extra photcopy when you have to fax one to someone? > Your argument is similar to a mall that claims they can shoot people who It is illegal to shoot people whether they enter your mall or not. > The same would be the case if I used FedEx to return something of yours > to > you. If they destroyed your property, you would have a claim against them > even though you didn't pay them for anything. IANAL but I am pretty sure that my claim would be against you, not FedEx. You would have to counter claim against FedEx because you made the contract with them. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Time for a real Internet highway (?)
On Fri, 14 Oct 2005 13:07:32 -1000 "Michael Painter" <[EMAIL PROTECTED]> wrote: > > I'd be very interested in what folks here think of this: > > http://news.com.com/Time+for+a+real+Internet+highway/2010-1028_3-5894664.html?tag=carsl All I can see are two actual arguments for government intervention in the Internet. First is that they already grabbed all sorts of other important utilities so why not grab this one. Patently absurd even if they had demonstrated any sort of special competence in the areas they already meddle with. Prove your case based on the requirements of this industry, not a sheep follows sheep rule. Second seems to be that the area that he grew up in that survived hundreds of years without electricity got electicity a few years before the market could bring it in. Big deal. What does that prove? Perhaps he still doesn't have Internet access when he goes home to visit the folks and thinks that it should be a right for everyone. Utter hogwash! I won't even go into the issue of which government should take it over. I assume that he thinks that the US government is the only entity that should run the Internet. Sorry, content free article. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Another one bites the dust
On Thu, 14 Oct 2004 13:26:55 -0400 "Scott Morris" <[EMAIL PROTECTED]> wrote: > Bear in mind, I apparantly haven't paid attention or noticed any of > his past behavior that may have warranted this. But it seems equally > counter-productive to the operation of the list for what he did as > what you did in order to let him know that. Better have a professional remove that fishhook from your cheek. :-) -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Pushing GTLD zones [WAS: Akamai DNS Issue?]
On 17 Jun 2004 18:00:02 + Paul Vixie <[EMAIL PROTECTED]> wrote: > (note that verisign has amended their complaint against icann (since > the court dismissed the first one) and i'm now named as a > co-conspirator. if you reply to this message, there's a good chance > of your e-mail appearing in court filings at some point.) Cool. :-) -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: remote reboot power strips
On Mon, 19 Apr 2004 22:09:56 +0200 Cemil Degirmenci <[EMAIL PROTECTED]> wrote: > apc's are working well. You can control then even with snmp. We use them too and they seem to be fine. The only problem we have found is that they do something a little different with EOL when logged into them. Normally this is not a problem but we use an ssh client with the Blackberry and we can't use the menu over those. It would have been nice if it worked. However, we don't run MS so emergency reboots haven't really been an issue. The devices are an expense that we are happy to have wasted our money on. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]|vex}.net> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: To send or not to send 'virus in email' notifications?
On Wednesday 20 August 2003 10:25, Joe Maimon wrote: > Considering the amount of email traffic generated by responding to > forged virus laden email from culprits like sobig should email virus > scanning systems be configured to send notifications back to sender or not? Absolutely not. My spam filters are handling the original spam fine but I am getting tons of responses to email I didn't send in the first place. It's legitimate email from legitimate sources so the filters don't catch it but it is garbage nonetheless. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]|vex}.net> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Working vulnerability? (Cisco exploit)
On Saturday 19 July 2003 10:48, Paul Vixie wrote: > > >> What do they think they're attacking? > > > Civilization. > > You call this civilisation? > > Since I'm just now rereading e. e. "doc" smith's "Lensman" series, I took > the answer in that context, and I completely agree. Not so much that it's > what "we" are, that it's what "they" are fighting against. Yes, that was exactly my point. > But I moralize. You say that like it's a bad thing. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]|vex}.net> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Working vulnerability? (Cisco exploit)
On Friday 18 July 2003 09:57, [EMAIL PROTECTED] wrote: > just passed through it), but people are attacking seemingly random IPs, > including ones in a new ARIN block that have not yet been assigned/used > for anything. What do they think they're attacking? Civilization. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]|vex}.net> | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: IP Management tool for service providers
On Thursday 20 February 2003 16:26, Daniel Abbey wrote: > I am looking for an IP management which has flexible management > capabilities. I need it for managing my customers IP assignments, and > keeping stock of my IP pool. > Do you have any suggestions? We have a package that is very flexible based on Python and PostgreSQL. I will copy [EMAIL PROTECTED] so they can send you some information. -- D'Arcy J.M. Cain| Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: i think terroists are going to love ipv6
On September 25, 2002 12:41 pm, Andy Dills wrote: > I think the only thing confusing people is why you continue to post > self-serving lunacy to the list. Because people keep responding to him. Trust me, ignoring him is the only thing that works. -- D'Arcy J.M. Cain| Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Security Practices question
On September 22, 2002 07:41 pm, Ryan Fox wrote: > On Sun, 2002-09-22 at 18:22, John M. Brown wrote: > > What is your learned opinion of having host accounts > > (unix machines) with UID/GID of 0:0 > > > > jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh > > The biggest argument I have against creating accounts with uid 0, is > that even as an admin, I appriciate not always having admin privs. I suspect that the "_r" in the login means that there is a regular jmbrown in the system as well. I must admit that I do this too. I only do it for people I trust completely and only when there are two or, rarely, three people with root. That way if you see a change and you didn't do it you generally know who did. Also you get slightly better logging on some commands that log the user name rather than the UID. Of course, sudo is still better for all of this overall. -- D'Arcy J.M. Cain| Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Overcoming IPv6 Security Threat
On September 12, 2002 07:31 pm, Tony Hain wrote: > The sad part is that absolutely clueless articles like this one get > wider distribution than they deserve, and it takes even more travel and > face time to refute the nonsense. In most cases it is hard to tell if > the author is really as clueless as the resulting article would lead you > to believe, or if they intentionally put in garbage to create an > artificial sense of controversy which might lead to even greater > distribution. Allow me to remove any doubt. http://www.kkc.net/baptista/ I strongly suggest you just quietly ignore Mr. Baptista. I can assure you that this is my last post on the subject no matter how he tries to bait me. It's the only technique that works with him. -- D'Arcy J.M. Cain| Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.