Looking for information about LD regulation

[Dan Lockwood]

Apologies if this is too off topic.  We (a group of state govt
organizations) are working together in a VoIP rollout.  Our plan is to
use our collective buying power to purchase long distance calls at
wholesales rates.  One organization in our group is going to be the lead
agency and charge back the other participants.There is concern as to
the legality of this venture.  Can anyone suggest some legal resources
where I might educate myself on the issue of "who can 'sell' long
distance"?  What are the rules that might apply in our situation?

Thanks
Dan

Experiences with 911 calls and SIP

[Dan Lockwood]

Hi all,

I'm having a discussion with one of my vendors about the 911
capabilities of their SIP VoIP phone system.  The vendor says that if we
use an Enhanced 911 service that their phone system will transmit
location information to the PSAP at the time of the call in addition to
the ANI.  I was under the impression that this functionality was not
possible, hence all the problems that Vonage is having.  Can anyone help
clarify this for me?

Thanks,
Dan

Looking for fiber transport

[Dan Lockwood]

Are there any sales people lurking that might have fiber in the Palo
Cedro area of California.  Contact me off list please.

Dan

Anyone shopping gensets lately?

[Dan Lockwood]

I've been shopping for a 100kw genset and have received some widely
varrying prices.  If you have some experience in this area would you
mind giving me a ping off list?  I'm trying to decide if these dealers
are out of their mind or if I'm just out of touch.  The high end was
$18,350 which just seems too high.  The stats for what I am comparing
are below.

Thanks,
Dan

100kW Cat, Cummins or Onan with low hours
Sound attenuated enclosure
150 gallon or greater, dual wall, fuel tank. 
Block Heater 
Electronic governor 
PMG Excitation system 
Battery charger 

RE: Anyone familiar with the SBC product lingo?

[Dan Lockwood]

I also wanted to pass on the website for our contract.  It is was
negotiated with the state so that all public organizations can take
advantage.  I'm sure some of you are familiar with it:
https://ebiznet.sbc.com/calnetinfo/

Dill down through "Products, Services and Pricing" and then to "Rate
Tables (Rider C)"

Dan 

-Original Message-
From: Matthew Crocker [mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 14, 2005 2:55 PM
To: Dan Lockwood
Cc: nanog@merit.edu
Subject: Re: Anyone familiar with the SBC product lingo?

>
> SONET Circuit Service OC3-c (155Mbps) $2200 vs. Central Office Node 
> Circuit Service OC3/3c (155Mbps) $675

SONET is a method of transporting TDM channels over fiber.  SONET is
made up of building blocks calls a STS. A STS is equivalent  to a DS-3 
+ SONET Wrapper. An OC-3 equals 3 STSes.  OC-3s come in two types,
'channelized'  OC-3 which is 3 DS-3s in 3 STSes and Packet Over SONET
(POS), concatenated OC-3c which is 155mbps.  If you are planning on
using this circuit for TDM based voice (84 T1s in 3 DS-3 chunks) then
you will want an OC-3 not an OC-3c.  If you are planning on running
155mbps POS IP traffic you want an OC-3c.

OC-3 = 3 x STS-1 = 3 x DS-3 =   3 x 28 DS-1s, 84 DS-1s = 2016 DS0 voice 
channels.
OC-3c = 1 x STS-3 = 155mbps

You can use an Adtran OPTI-3 to break an OC-3 into 3 distinct DS-3
channels which can be plugged into M13 muxes (Carrier Access Widebank
28) which will break a DS-3 into 28 DS-1s.

If you want IP bandwidth you can use an OC-3 POS line card from your
router vendor of choice.

-Matt

RE: Anyone familiar with the SBC product lingo?

[Dan Lockwood]

Thanks all who replied.  Since we have an OC-3 currently I went down the
hall and pulled out the actual bill.  I was even more confused when I
looked at the bill.  The situation is as follows...

We have 4 DS3s and an OC3 which SBC provides to us via a Nortel mux that
they placed on our premise.  The OC3 we have now is hooked up to their
ATM network to connect up some other high speed sites.  On the actual
bill for that OC3 it shows a charge for $2200, no more, no less.  The
service described is "SONET Circuit Service OC3" which I find very
puzzling since we don't interface with SBC using SONET.  Someone
explained this weirdness as "you pay for the OC-3 that is provisioned
through their SONET infrastructure of which the premise mux is the last
stop".  OK fine.

So to continue with my current puzzlement, what types of USOCs should I
expect to be quoted when provisioning an OC3 for voice?  Basted on Matts
recommendation it would seem that I need a regular old OC3.
Additionally I would expect to see some misc tax and surcharge items;
probably some sort of E911 charge as well.  Anything else I am missing
or do I just tell them that I want the transport plugged into the PSTN
and give them the phone numbers that I want to ride on that circuit?

Thanks all,
Dan

-Original Message-
From: Matthew Crocker [mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 14, 2005 2:55 PM
To: Dan Lockwood
Cc: nanog@merit.edu
Subject: Re: Anyone familiar with the SBC product lingo?

>
> SONET Circuit Service OC3-c (155Mbps) $2200 vs. Central Office Node 
> Circuit Service OC3/3c (155Mbps) $675

SONET is a method of transporting TDM channels over fiber.  SONET is
made up of building blocks calls a STS. A STS is equivalent  to a DS-3 
+ SONET Wrapper. An OC-3 equals 3 STSes.  OC-3s come in two types,
'channelized'  OC-3 which is 3 DS-3s in 3 STSes and Packet Over SONET
(POS), concatenated OC-3c which is 155mbps.  If you are planning on
using this circuit for TDM based voice (84 T1s in 3 DS-3 chunks) then
you will want an OC-3 not an OC-3c.  If you are planning on running
155mbps POS IP traffic you want an OC-3c.

OC-3 = 3 x STS-1 = 3 x DS-3 =   3 x 28 DS-1s, 84 DS-1s = 2016 DS0 voice 
channels.
OC-3c = 1 x STS-3 = 155mbps

You can use an Adtran OPTI-3 to break an OC-3 into 3 distinct DS-3
channels which can be plugged into M13 muxes (Carrier Access Widebank
28) which will break a DS-3 into 28 DS-1s.

If you want IP bandwidth you can use an OC-3 POS line card from your
router vendor of choice.

-Matt

Anyone familiar with the SBC product lingo?

[Dan Lockwood]

Hi All,

I'm trying to get some pricing on an OC-3 that we will be using for
voice.  We already have a master agreement with SBC for our services.  I
have the feeling that we are being "oversold" services and/or sold
services that are not required for what we need to accomplish.  Not
doing this everyday, I'm confused about the "Feature Name" of things
like:

SONET Circuit Service OC3-c (155Mbps) $2200 vs. Central Office Node
Circuit Service OC3/3c (155Mbps) $675

Anyone that is knowledgeable about SBC lingo, please feel free to ping
me.  If you have experience with OC3s even better! ;)

Thanks!
Dan

High volume WHOIS queries

[Dan Lockwood]

I'm in a disagreement with ARIN about my application for bulk whois
data.  I've got a software program that needs resolve AS numbers to the
Company Name of the owner.  The software app has need to do this on a
very high volume.  E.g.  I run a report that returns the top 100 AS
destinations for my network and I want to resolve the numbers to the
names as part of the report generation.  Since ARIN throttles the number
of queries that you can execute against their servers I seems to "just
make sense" that you would do the processing using local data.

That is all fine and good, but the problem comes when I distribute the
software to users.  ARIN's AUP for bulk whois states:

"Redistributing bulk ARIN WHOIS data is explicitly forbidden. It is
permissible to publish the data on an individual query or
small number of queries at a time basis, as long as reasonable
precautions are taken to prevent automated querying by
database harvesters."

My original AUP application stated that I would transfer the data to the
users using an XML file on a regular basis.  Clearly in violation of the
first point.  Fine.  But now after a phone conversation they are telling
me that I can not operate a server to distribute the data on a "per
query" basis too.  Providing a server that answers whois queries just
like ARIN seems to be clearly permissible based on the remaining AUP
verbage.  At this point the only thing I can get out of the guy/gal on
the phone is "NO!".

Does anyone have any experience doing something like this?  How about a
sanity check?  Am I completely wrong in how I'm interpreting the AUP?

Thanks,
Dan

RE: Looking for some program that will do this...

[Dan Lockwood]

No i'm not trying to DOS 
anyone.  I want to stress test a netflow app that I wrote and need 
something that can generate the many flow cache entries that would be present 
with real traffic while i'm running it in my lab.
 
Thanks all!


From: [EMAIL PROTECTED] on behalf of Dan 
LockwoodSent: Tue 11/30/2004 8:45 PMTo: 
[EMAIL PROTECTED]Subject: Looking for some program that will do 
this...

Hi all,
 
I'm looking for a program that can generate "real" 
looking traffic.  It should be able to send TCP/UDP traffic to a large set 
of hosts (thousands), send traffic to random or semi-random ports and send 
packets/datagrams that are of random/semi-random size.  Ideally it should 
run on windows or some sort of Perl script would be fine.  Anyone have any 
ideas or should I dust off my programming books?
 
Thanks,
Dan

Looking for some program that will do this...

[Dan Lockwood]

Hi all,
 
I'm looking for a program that can generate "real" 
looking traffic.  It should be able to send TCP/UDP traffic to a large set 
of hosts (thousands), send traffic to random or semi-random ports and send 
packets/datagrams that are of random/semi-random size.  Ideally it should 
run on windows or some sort of Perl script would be fine.  Anyone have any 
ideas or should I dust off my programming books?
 
Thanks,
Dan

Summary of 3Com switches

[Dan Lockwood]

These responses 
capture the essence of the messages that I received on the topic.  Thanks 
for all your input.
 
 
"If your looking for big dumb 
cheap devices to just move data around a big 
switched network, 3com is your vendor. If you plan on doing anything fancier than SNMP, best look 
elsewhere. "
 
 
"I worked with 7700 and 7700Rs, along with the 
new 3xxx series, and all I can say summarizes to simple: don't do 
it. There is Cisco, Enterasys, Allied Telesyn, but 3COM is just 
tumbling down. 
Line cards for 7700 are seriously limited in functionality, 
current Supervisor can't do wire (8Gbit/s 
FD) duplex on all cards simultaneusly, and the 7700R marketed "few 
seconds failover" goes up to 5-6 minutes which is actually longer 
than booting the switch from cold dead state. 
The BGP sucks, and OSPF sucks even more (it can kill whole switch 
in certain situations I can't speak of at 
the moment). 
Same thing is with the routers - 3000 and 5000 suck, the 6000 
suck even more (1 ATM OC3 interface with 
30Mbit/s worth of traffic generates 85% of CPU load on 6080 and 
router begins to drop traffic..."
^ This guy went and bought C gear.
 
"Well, they aren’t service 
provider switches – they are enterprise focused, and have a very iffy SP feature 
set. They are also Huwei boxes, rebadged. This means they may (or may not) 
possess stolen intellectual property. "
 

Big 3com switches

[Dan Lockwood]

Anyone out there have experience with the larger variety 
3com switches (7700)?  What is the general opinion on 3com in the SP 
space?  what are the good things that they do and inevitably the 
bad?  I'm working with a company to evaluate some of their products 
and wanted to get the community to weigh in as well.  Off list is fine 
and I can summarize if there is interest.  Thanks!
 
Dan

Question for WHOIS query

[Dan Lockwood]

Where can a person go to get a "one stop" WHOIS query for AS and prefix
information instead of trying ARIN, then RIPE, etc?

Thanks,
Dan

Quick question about secondary addresses

[Dan Lockwood]

I'm in a debate with a guy over the use of 'ip address x.x.x.x s.s.s.s
secondary' on Cisco gear.  I seem to remember reading that the use of
secondary addresses is a bad idea, but I can't recall the details of
why.  Process switched?  Can anyone offer a resource or more specific
information?

Thanks,
Dan

Donation of cisco netflow export from production router?

[Dan Lockwood]

Hello everyone,

I'm working on a project to characterize and summarize traffic info
using netflow.  I have completed a prototype and have been testing it on
our network but would like to see how it performs with some 'real'
traffic.  Is there someone out there that wouldn't mind exporting some
flow information to me from one of their production routers that has
some load on it?  Maybe ~100Mb ish?

If you can assist, please contact me off list.

Thanks!
Dan

RE: [Activity logging & archiving tool]

[Dan Lockwood]

If you are in a Cisco shop you might consider Secure ACS.  We use ACS to
log all of our changes and have very good success with it.
Unfortunately it is not free.

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
joshua sahala
Sent: Tuesday, November 25, 2003 11:45 AM
To: Priyantha; [EMAIL PROTECTED]
Subject: Re: [Activity logging & archiving tool]


"Priyantha" <[EMAIL PROTECTED]> wrote:
> 
> In my company, there are several technical guys make changes to the 
> existing network and  it's very difficult to keep track of what we did
> when, etc.

i feel your pain - except when it was happening, they weren't as 
technical as they thought they were...
 
> I'm looking for a simple tool, in which each and every one has to 
> manually record whatever (s)he has done or any incident (s)he observed
> so that the tool archives that data someway. Later, in case if someone
> needs, (s)he should be able to search for that archive by date, by 
> person, by a random phrase, etc.

rancid (http://www.shrubbery.net/rancid) and
cvs-web (http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi/)

rancid does nice proactive checking of device configs, and cvs-web is
a pretty front end to look through change history

for tracking:
request tracker (http://www.bestpractical.com/rt/) - it is a ticketing
system, but you could probably customize it to fit your needs

netoffice (http://sourceforge.net/projects/netoffice/) - haven't used
it personally, but it looks like it might work too

track+ (http://sourceforge.net/projects/trackplus/) - same as netoffice

of course, nothing will work unless everyone uses it, so you have to
have clear, concise policies for change management, and then enforce 
them.

hth

/joshua

> Any help in this regard is appreciated,
> 
> Priyantha Pushpa Kumara
> ---
> Manager - Data Services
> Wightman Internet Ltd.
> Clifford, ON
> N0G 1M0 
> Fax: 519-327-8010
> 
> 
> 



"Walk with me through the Universe,
 And along the way see how all of us are Connected.
 Feast the eyes of your Soul,
 On the Love that abounds.
 In all places at once, seemingly endless,
 Like your own existence."
 - Stephen Hawking -

RE: [RE: MPLS billing model]

[Dan Lockwood]

That is a good point, but I was thinking specifically in terms of
traffic on the tunnel.

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Alex Rubenstein
Sent: Tuesday, November 25, 2003 12:00 PM
To: joshua sahala
Cc: St. Clair, James; 'Nanog List (E-mail) '
Subject: Re: [RE: MPLS billing model]




> we are still in the testing phases, but i believe that we are planning
to
> use a port+traffic billing scheme, if/when we go live and start trying
to
> sell it

do you mean:

$port + $traffic_through_port

or:

$port + $traffic_over_vpn_tunnel


I ask this, because, it's very possible that the customer facing port
could be a VLAN trunk, and that there would be a hub-and-spoke config to
multiple leaf ports; other variations exist, as well.




-- Alex Rubenstein, AR97, K2AHR, [EMAIL PROTECTED], latency, Al Reuben --
--Net Access Corporation, 800-NET-ME-36, http://www.nac.net   --

MPLS billing model

[Dan Lockwood]

For those of you who sell MPLS VPNs, what components of the service do
you charge for and how do you do the billing?  E.g. per port + traffic,
per site + traffic, etc.  I am not interested in buying MPLS services
just how the billing happens.  Thanks!

Dan

RE: Datacenter Spec's

[Dan Lockwood]

Try here too:

http://www.averillpark.net/datacenter/

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Ron Malenfant (rmalenfa)
Sent: Saturday, November 08, 2003 3:06 PM
To: 'Fisher, Shawn'; 'Nanog List (E-mail)'
Subject: RE: Datacenter Spec's



Hi Shawn, take a look at a few docs here - 

http://www.cisco.com/warp/public/cc/so/neso/wnso/power/gdmdd_wp.pdf 
http://whitepapers.comdex.com/data/rlist?o=979246117_954
http://www.apcc.com/go/promo/expo/form4.cfm?tsk=m684y&thepromo=powering_
whitepaper
ron

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Fisher, Shawn
Sent: Saturday, November 08, 2003 5:24 PM
To: Nanog List (E-mail)
Subject: Datacenter Spec's



Can anyone point me to a good resource for datacenter spec's or best
practices?

Looking for specs related to:

Powering

Racking

Cablemanagement

Grounding

Raised Floors

etc.

TIA

Green peering stickers

[Dan Lockwood]

Although I fail to have one of the stickers, if there is anyone at the
meeting that is operating in the northern California area and would like
to discuss peering please send me a message off-list.  I'm interested to
learn what other operations are in the area.

Thanks!

Dan Lockwood

RE: Tomatoes for Verisign at NANOG 29

[Dan Lockwood]

I will do my best to get the tomatos.  How many do you think we will
need?

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
JC Dill
Sent: Thursday, October 16, 2003 12:12
To: NANOG
Subject: Re: Tomatoes for Verisign at NANOG 29



At 12:00 PM 10/16/2003, Owen DeLong wrote:
>Agreed.  I plan to wear a red shirt and bring a tomatoe.  The tomato 
>will sit quietly on the table near me.  It will not be used as a 
>projectile no matter how much Verisign tries to convince me it should.

>Really. I will not throw the tomato at Verisign no matter how much they

>deserve it.
>
>Wayne is right.  For this to have the desired effect, we need to make 
>it a peaceful and symbolic protest, not a brawl.

EXACTLY.

>I would also suggest that we try to make contact with a second-harvest 
>or other organization that may be able to use the tomatoes afterwards.

Great idea!  Can we count on Dan for tomato acquisition and for Owen for

post-protest dispersal to a foodbank?

jc

(I so wish I could be there!)



--

JC Dill
370 Altair #353
Sunnyvale, CA 94086
650-669-1664
[EMAIL PROTECTED]
AIM:   UltraJCDill
Y!IM:  jcdill  

RE: [Fwd: [IP] VeriSign to revive redirect service]

[Dan Lockwood]

OK, so who is responsible for bringing the fruit?  Does our registration
fee cover that? :D

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
JC Dill
Sent: Thursday, October 16, 2003 9:05
To: NANOG
Subject: Re: [Fwd: [IP] VeriSign to revive redirect service]



At 02:56 AM 10/16/2003, Suresh Ramasubramanian wrote:

>Ouch.

>http://news.com.com/2100-1038_3-5092133.html
>
>VeriSign to revive redirect service
>by Declan McCullagh
>
>VeriSign will give a 30- to 60-day notice before resuming a 
>controversial and temporarily suspended feature that redirected many 
>.com and .net domains, company representatives said Wednesday.

I'm not going to be at NANOG in Chicago next Monday (October 20th), but
if 
I were, I'd be in the foyer Monday morning with a few crates of
tomatoes, 
selling individual tomatoes.

If everyone who attends NANOG goes to the 9:15 session on Monday morning



and takes a single large tomato into the session with them, that this
will 
make a VISIBLE sign to Verisign.  It will make for a great photo 
opportunity, and turn this issue into something that the ordinary press
can 
more easily explain to the non-technical Internet using masses.  I also 
suggest that people wear red shirts on Monday.  Enable the press to
write 
about how Network Operators obviously and visibly *demonstrated* their 
unhappiness with Verisign.  Try "Network Operators are seeing Red over 
Sitefinder" or "Verisign gets pelted with tomatoes over Sitefinder" as a

headline.  Note:  I'm not actually suggesting that people pelt Verisign 
representatives with the tomatoes, you could just individually walk up
to 
the front of the room and put your tomatoes in a pile where they can be 
seen.  A pile of 500 tomatoes that are brought there individually, each 
tomato representing the opinion of a NANOG participant, *will* make an
impact.

jc

RE: Site Finder

[Dan Lockwood]

Recognizing that I am not an 'expert', I have got to ask just one
question.  Can these people at Verisign really think that they know
better than all of the real experts that have worked with/on the DNS
over the years.  It seems rather silly to assume that a few people have
more knowledge than the collective community.  Furthermore, I feel that
Ray makes an excellent point in that the concensus seems to be that we,
as the Internet community, do _NOT_ want this type of tinkering with
something that works very well; especially since the purpose is to
increase advertising revenue.  Verisign is clearly acting against the
concensus.  What effective action can we take as a collective group to
get the point across that we will not tollerate this type of behavior?

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Ray Bellis
Sent: Thursday, October 16, 2003 8:08
To: nanog list
Subject: Site Finder



Quoting Rusty Lewis from
http://verisign.com/corporate/news/2003/pr_20031007b.html?sl=070804

"We will continue to take feedback from both Internet users and the
technical community on how we can ensure that the service is available
for the many Internet users who clearly like it."

Well that's very simple Rusty - stop screwing around with *our* DNS and
write a plugin for IE to catch NXDOMAIN, just like the Google toolbar
does.

That'll allow 90% of the browsing population a *choice*, something the
wildcard clearly does not.

Ray

-- 
Ray Bellis, MA(Oxon) - Technical Director
community internet plc - ts.com Ltd

Windsor House, 12 High Street, Kidlington, Oxford, OX5 2PJ
tel:  +44 1865 856000   email: [EMAIL PROTECTED]
fax:  +44 1865 856001 web: http://www.community.net.uk/

Question about experiences with fiber installs in a MAN application

[Dan Lockwood]

Everyone,

I was wondering if anyone has some general information relating to fiber
installs in an urban environment.  Issues that we have brainstormed
include permitting, contracting, etc.  We are tired of the increasing
Telco charges and are looking to put fiber in between multiple locations
along a 1.7 mile path.  Your comments are appreciated, if there is
interest I will summarize the results.

Thanks!

Dan Lockwood

RE: Virus emails from nanog mail list

[Dan Lockwood]

I have not seen the NANOG email problem, but have received several tens
of thousans of SPAM messages that claim to be from
'[EMAIL PROTECTED]'.  The originating address in the messages is
66.218.66.70.  As David pointed out, this may or may not be correct.

Dan

-Original Message-
From: David Diaz [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 19, 2003 9:43
To: [EMAIL PROTECTED]
Subject: Virus emails from nanog mail list



Spam may be off topic but in this case relevant.  Has anyone else 
noticed bounced emails that appear to have origionated from their 
nanog email boxes and contain viruses?

Obviously some bot has gone threw the nanog list and is now forging 
headers such that they appear to come from those addresses, and they 
are attaching viruses.

The IP address (which may or may not be accurate) appears to be 
[195.157.87.253].

Has anyone else noticed this recently?

Dave

-- 

David Diaz
[EMAIL PROTECTED] [Email]
[EMAIL PROTECTED] [Pager]
www.smoton.net
Smotons (Smart Photons) trump dumb photons

Electrical Engineering Firm Recommendation

[Dan Lockwood]

Title: Message



Can someone 
recommend an electrical engineering firm in the middle to north part of 
California that has experience with NOC design?  TIA
 
Dan 
Lockwood

RE: How much longer..

[Dan Lockwood]

I have to agree with Ejay.  Microsoft is not the only software vendor.
It seems silly to argue that one OS is better than the other.  Linux
needs to be patched to, as do all the various flavors or Unix, solaris,
etc from time to time and with varying degrees of urgency.  This is a
fact of life.

Dan

-Original Message-
From: Ejay Hire [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, August 13, 2003 10:53
To: Len Rose; *Hobbit*
Cc: [EMAIL PROTECTED]
Subject: RE: How much longer..



>From my perspective, I don't care what defective operating system a worm
uses.

If a malevolent worm is spreading via a vulnerability in IIS and I can
keep from answering support calls by blocking it at the edge I will.  If
one of the 31337 crowd ever catches a clue and launches a worm that
spreads via the OpenSSH vulnerability, I'll block that too.  My
objective in blocking is not to bail Microsoft out, my objective is to
make sure the people I work with can accomplish useful work and don't
have to spend days repeatedly explaining how to download a patch and
remove msblast.exe.

For the record, I have two folders that catch Microsoft security
bulletins and Red hat package update notifications.  Right now the score
is close at MS 12 vs RH 9.

-e

-Original Message-
From: Len Rose [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, August 13, 2003 12:26 PM
To: *Hobbit*
Cc: [EMAIL PROTECTED]
Subject: Re: How much longer..


Hi.. just think if the billions of dollars being spent on M$ products
could have been funneled into open source projects.

To reinforce the point in the most blunt manner possible:

No one had ever better dare postulate that the inherent reason 
for all of the vulnerabilities in Micro$oft products are due 
to any special features of note. 

There is no particular network-enabled feature that Windows has 
that UNIX didn't implement years before and has done so securely 
following established internet design standards adopted by the 
ruling standards body (IETF) after intense study and open participation
from all parties who were interested. 

Now knee-jerk reactions by various network operators is to filter,
filter, filter and soon, by the grace of a piece of crap operating
system you'll have a much more limited internet to work with because for
Micro$oft's sake they've filtered everything.

What makes it all ironic is that you can directly thank Micro$oft if the
governments decide to pass more draconian laws, even further
criminalizing activities which were considered marginally criminal to
begin with.

Instead of subsidizing the monopoly, keeping sub-standard operating
systems alive, they should fine them billions of dollars for the cost of
repairing damages, managing overloaded network and system
infrastructures (due to the effects of the latest vulnerability).

The governments should cease using all Micro$oft products and go back to
UNIX which can easily be transformed into a "friendly" operating system
for business users (it already has been of course) For the millions of
dollars that are spent buying this fake operating system with it's fake
applications the government could subsidize development of open software
whose quality and security would far exceed that of the closed source
garbage that has become "standard" in today's offices.

Their operating systems were a joke 10 years ago, and they're still a
joke today. The people administering these systems need to start
learning UNIX and colleges need to go back to teaching computer science
based around a real operating system. It's embarassing for a recent
graduate to only know how to point and click while UNIX hackers are
unemployed thanks to the disease that is called Micro$oft.

Not to mention watching weeks of Micro$oft admins wondering publicly on
Full Disclosure (soon to be renamed Microsoft Whining and Crying) what
to do about their systems that they can't protect because those 
systems are rotten to the core with garbage code written by fake
programmers who were trained by Universities who use Micro$oft operating

systems to teach their curriculum and who are managed by ex-vms 
programmers (Uncle Bill hired them to write Windows Code)


On Wed, Aug 13, 2003 at 11:42:59AM +, *Hobbit* wrote:
> I often ask the larger question, "how long will it take for millions 
> of people to realize that having to deal with winbloze has completely
> *derailed* their careers for the last ten years, when they could have 
> been doing so much more productive things on their jobs?"
> 
> But evidently most of them can't think that deep, and get all
defensive
> about it.
> 
> If all those people had been contributing to free and better
replacements
> in the linux/bsd/open-source arena, we'd be *so* much farther ahead, 
> and would have saved countless dollars that are now in Bill's pocket.
> 
> _H*

RE: Electrical Engineering Firm Recommendation

[Dan Lockwood]

Title: Message



To 
clarify, i'm looking for electrical and control system engineering.  
Thanks!

  
  -Original Message-From: Dan Lockwood 
  Sent: Tuesday, August 05, 2003 8:44To: 
  NANOGSubject: Electrical Engineering Firm 
  Recommendation
  Can someone 
  recommend an electrical engineering firm in the middle to north part of 
  California that has experience with NOC design?  TIA
   
  Dan 
Lockwood

RE: New or existing virus/vulnerability in Windows software?

[Dan Lockwood]

Title: Message




Rob 
was kind enough to look into my problem and found it to be a bot which is spread 
via TCP 139.  No big alarm.  Thanks to all!
 
Dan

  
  -Original Message-From: Dan Lockwood 
  Sent: Saturday, August 02, 2003 12:59To: 
  NANOGSubject: New or existing virus/vulnerability in Windows 
  software?
  Everyone,
   
  We are having 
  fits with a new? virus or vulnerability.  The simptoms are as follows: an 
  executable saatg.exe "appears" in the startup folder of the All Users group 
  and after a reboot launches itself.  It adds a registry entry under 
  HKEY_LOCAL_MACHINE/Software/Microsoft/CurrentVersion/Run.  The executable 
  shows under processes and seems to also launch additional processes, e.g. 
  ~1.exe, ~2.exe, ~3.exe, etc.  I can not link any malicious activity to 
  this behavior, but it seems to be spreading like wildfire on our network, 
  apparantely with absolutely no user activity.  In testing I have do thus 
  far it finds its was on to a _virgin_ system that has been installed 
  disconnected from the network with CD media including all relevent security 
  patches.  Panda anti-virus does not seem to detect it either.  It 
  shows up on systems where there is no interactive login, e.g. servers, regular 
  users, and users with elevated privelages.  Additionally once the 
  executable is active is systematically searches for other systems to share the 
  good news with on port TCP 135.  I am aware of the recent vulnerabilities 
  from Microsoft regarding RPC and netbios, but again, the recommended security 
  fixes do not seem to provide any relief.  Does anyone have any insight 
  into what this thing is?  TIA
   
  Dan 
Lockwood

RE: New or existing virus/vulnerability in Windows software?

[Dan Lockwood]

Title: Message



 

  
  -Original Message-From: Dan Lockwood 
  Sent: Saturday, August 02, 2003 12:59To: 
  NANOGSubject: New or existing virus/vulnerability in Windows 
  software?
  Everyone,
   
  We are having 
  fits with a new? virus or vulnerability.  The simptoms are as follows: an 
  executable saatg.exe "appears" in the startup folder of the All Users group 
  and after a reboot launches itself.  It adds a registry entry under 
  HKEY_LOCAL_MACHINE/Software/Microsoft/CurrentVersion/Run.  The executable 
  shows under processes and seems to also launch additional processes, e.g. 
  ~1.exe, ~2.exe, ~3.exe, etc.  I can not link any malicious activity to 
  this behavior, but it seems to be spreading like wildfire on our network, 
  apparantely with absolutely no user activity.  In testing I have do thus 
  far it finds its was on to a _virgin_ system that has been installed 
  disconnected from the network with CD media including all relevent security 
  patches.  Panda anti-virus does not seem to detect it either.  It 
  shows up on systems where there is no interactive login, e.g. servers, regular 
  users, and users with elevated privelages.  Additionally once the 
  executable is active is systematically searches for other systems to share the 
  good news with on port TCP 135.  I am aware of the recent vulnerabilities 
  from Microsoft regarding RPC and netbios, but again, the recommended security 
  fixes do not seem to provide any relief.  Does anyone have any insight 
  into what this thing is?  TIA
   
  Dan 
Lockwood

New or existing virus/vulnerability in Windows software?

[Dan Lockwood]

Title: Message



Everyone,
 
We are having fits 
with a new? virus or vulnerability.  The simptoms are as follows: an 
executable saatg.exe "appears" in the startup folder of the All Users group and 
after a reboot launches itself.  It adds a registry entry under 
HKEY_LOCAL_MACHINE/Software/Microsoft/CurrentVersion/Run.  The executable 
shows under processes and seems to also launch additional processes, e.g. 
~1.exe, ~2.exe, ~3.exe, etc.  I can not link any malicious activity to this 
behavior, but it seems to be spreading like wildfire on our network, apparantely 
with absolutely no user activity.  In testing I have do thus far it finds 
its was on to a _virgin_ system that has been installed disconnected from the 
network with CD media including all relevent security patches.  Panda 
anti-virus does not seem to detect it either.  It shows up on systems where 
there is no interactive login, e.g. servers, regular users, and users with 
elevated privelages.  Additionally once the executable is active is 
systematically searches for other systems to share the good news with on port 
TCP 135.  I am aware of the recent vulnerabilities from Microsoft regarding 
RPC and netbios, but again, the recommended security fixes do not seem to 
provide any relief.  Does anyone have any insight into what this thing 
is?  TIA
 
Dan 
Lockwood

RE: Patching for Cisco vulnerability

[Dan Lockwood]

What kind of testing protocol do providers have in place to test IOS
images prior to deployment.  I have never been exposed to those
processes and am curious to understand what takes place as a BCP.

Dan

-Original Message-
From: Jared Mauch [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 18, 2003 12:05
To: Irwin Lazar
Cc: [EMAIL PROTECTED]
Subject: Re: Patching for Cisco vulnerability



On Fri, Jul 18, 2003 at 12:29:30PM -0600, Irwin Lazar wrote:
> 
> Just out of curiosity, are folks just applying the Cisco patch or do 
> you go through some sort of testing/validation process to ensure that 
> the patch doesn't cause any other problems?  Given typical change 
> management procedures how long is taking you to get clearance to apply

> the patch?
> 
> I'm trying here to gauge the length of time before this vulnerability 
> is closed out.


most providers can easily go from (for example)
12.0(21)S3 to 12.0(21)S7 with less testing than from 12.0(21)S to
12.0(25)S

The hurdles are still there to maintain the necessary
customer notifications, etc.. but aside from that, I think the press is
doing their job (good or bad) in that most customers are aware that
there's something bad going on and people are moving to protect the
internet infrastructure.

- jared

-- 
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only
mine.

RE: Re[2]: Looking for advice on datacenter electrical/generator

[Dan Lockwood]

Assuming the genset was running under load, how often would the oil
filter need to be changed?  Are there any other issues that would need
to be addressed in a sustained power outage?  As far as genset
maintenance that is.

Dan

-Original Message-
From: Richard Welty [mailto:[EMAIL PROTECTED] 
Sent: Saturday, April 05, 2003 10:09
To: nanog list
Subject: Re[2]: Looking for advice on datacenter electrical/generator



On Sat, 5 Apr 2003 17:47:33 + (GMT) "E.B. Dreger"
<[EMAIL PROTECTED]> wrote:
> DL> Date: Fri, 4 Apr 2003 21:26:25 -0500 (EST)
> DL> From: David Lesher

> DL> D) Diesel engines, err Diesel-fueled piston engines, be they 2 or 
> DL> 4-cycle, need frequent oil changes.

> I thought it was the exact opposite.  Diesel fuel has much better 
> lubricity than LPG/CNG/gasoline.

diesels need frequent oil filter changes because they load the oil up
with soot. the oil itself can last a long time.

richard
--
Richard Welty
[EMAIL PROTECTED]
Averill Park Networking
518-573-7592
  Unix, Linux, IP Network Engineering, Security

Datacenter electrical/genset

[Dan Lockwood]

Title: Message



To throw some 
water on the flames that I have been receiving, I will be posting a summary of 
everyone's good information this weekend when I get time.  It is my 
intention to make that information available to the community.  Calling me 
names is childish and unnecessary.  Again, thanks to those that took the 
time to participate.
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

Datacenter electric/genset THANKS!

[Dan Lockwood]

Title: Message



I wanted to throw 
out a big THANK YOU to everyone that has responded.  You have surfaced some 
issues which we would never have considered and will undoubtedly help us to 
avoid some big mistakes.  Thanks again!
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

RE: Looking for advice on datacenter electrical/generator

[Dan Lockwood]

That issue is something that we talked about.  Having never worked with
a generator for a long period of time, I don't have any feel for the
reliability.  My question back to you would be, how much battery do you
use?

Thanks for the input!

Dan

-Original Message-
From: Richard Welty [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, April 02, 2003 15:43
To: [EMAIL PROTECTED]
Subject: Re: Looking for advice on datacenter electrical/generator



On Wed, 2 Apr 2003 15:37:28 -0800 Dan Lockwood
<[EMAIL PROTECTED]> wrote:
> Our current plan is to purchase the UPS with a minimal amount of 
> battery, approximately 15min worth; just enough to get the generator 
> running.  Is this the better way to go?  Or should we consider more 
> battery?

just how certain are you that your generator is always going to start
within 15 minutes?

richard
--
Richard Welty
[EMAIL PROTECTED]
Averill Park Networking
518-573-7592
  Unix, Linux, IP Network Engineering, Security

Looking for advice on datacenter electrical/generator

[Dan Lockwood]

Title: Message



Everyone,
 
My organization is 
in a growth phase right now and within the next year will find ourselves having 
outgrown our current 16KVa Symmetra.  We have comissioned an electrical 
engineer to make a recommendation as to what is required to install a new 130Kva 
Liebert nPower UPS along with a generator.
 
Our current plan 
is to purchase the UPS with a minimal amount of battery, approximately 15min 
worth; just enough to get the generator running.  Is this the better way to 
go?  Or should we consider more battery?  What is everyone's 
experience with the Liebert line of products?  Any kudos or gripes?  
Our electrical engineer also recommended that we purchase a Generac generator 
and transfer switch.  Any experiences with that 
company?
 
He also is 
strongly opposed to us purchasing a natural gas generator which seemed like a 
shoe-in for us.  We have natual gas facilities and didn't want to hassel 
with the diesel maintenance problems.  Is a natual gas generator something 
that we should consider?
 
Additionally he 
recommneded that we place the HVAC and lighting upstream from the UPS and use 
some sort of junction box to supply both the UPS load and the HVAC.  How do 
you "big guys" do it?  Here is a link to the diagram that he gave us 
today.  Your thoughts are appreciated!
 
http://www.shastalink.k12.ca.us/nanog/nanog.jpg
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

NOC equipment checklist

[Dan Lockwood]

Title: Message



Group,
 
I'm looking to get 
input on a moring checklist for NOC equipment.  What I would like to put 
together is a list that I can give to my techs and have them check things like 
power supply alarms, hard disk alarms, etc.  I guess somewhat like a 
colocation taking care of customer equipment.  Does anyone have input or 
possibly an example of what is being done throughout the 
industry?
 
TIA
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

ATM service classes

[Dan Lockwood]

Title: Message



I'm in 
a knock down drag-out with my RBOC about some ATM DS3s and an 
OC3.  Proceeding on the advice of a Cisco engineer I requested that the 
circuits be provisioned with UBR+.  After the Bell failed to have the 
circuits provisioned correctly, they installed UBR, and discovering that they 
could not support UBR+ I have requested that the circuits be reprovisioned with 
VBR-NRT.  These circuits are primarily used for non time sensitive data, 
but may be used for VOIP in the future.  What suggestions does the group 
have regarding selecting ATM service classes with the Bell and Cisco 
IOS/hardware.
 
As always, the 
expertise of the group is unsurpassed and GREATLY 
appreciated.
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

RE: ICANN Targets DDoS Attacks

[Dan Lockwood]

Would anyone be willing to post an operational example of CAR for ICMP.
I would like to see what others are doing to combat the problem.

Dan

-Original Message-
From: Jared Mauch [mailto:jared@;puck.Nether.net] 
Sent: Tuesday, October 29, 2002 13:12
To: Jeff Shultz
Cc: [EMAIL PROTECTED]
Subject: Re: ICANN Targets DDoS Attacks



On Tue, Oct 29, 2002 at 01:03:52PM -0800, Jeff Shultz wrote:
> >> On 10/29/2002 at 3:40 PM [EMAIL PROTECTED] wrote:
> >> >On Tue, 29 Oct 2002 22:25:44 +0200, Petri Helenius 
> >> ><[EMAIL PROTECTED]>
> >> said:
> >> >
> >> >> Why would you like to regulate my ability to transmit and 
> >> >> receive
> >> data
> >> >> using ECHO and ECHO_REPLY packets? Why they are considered 
> >> >> harmful?
> >> >
> >> >Smurf.
> >> >
> >> 
> >> Okay. What will this do to my user's ping and traceroute times, if 
> >> anything? I've got users who tend to panic if their latency hits
> 250ms
> >> between here and the moon (slight exaggeration, but only slight).
> >> 
> >> I just love it when I've got people blaming me because the 20th hop
> on
> >> a traceroute starts returning  * * * instead of times.
> >
> > that's icmp ttl expired messages.
> 
> I know that, and I try to explain it to my customers... but it doesn't

> answer the first part of the question - what will throttling ICMP do 
> to ping and traceroute times? My gut reaction is that it will a. slow 
> them

ICMP?

Or only icmp echo and icmp echo-reply messages?

In a well behaved router, nothing.  Obviously if you have
a 7500 or older GSR linecards that are incapable of doing this due to
design problems from day one in pps rates and feature path, there may be
a hit.

I'm not saying rate-limit anything other than echo+reply.

> down and/or b. discard a lot of them making the circuit look 
> unreliable to ping. But I don't know enough about the underlying 
> technology to be sure of that.

Once again, i'd like to see (other than a performance
checking customer) generate more than 2Mb/s of icmp.echo and
icmp.echo-reply packets that are legit and not part of a DoS.  This is
quite rare.

Do your own stats and test your hardware.

- jared

-- 
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only
mine.

Sugestions for a colocation equipment check-list

[Dan Lockwood]

Title: Message



Does anyone have a 
list of criteria that is collected when a customer brings equipment into a 
colocation facility?  Things may include make and model, number of power 
supplies, serial number, etc.  Any comments on this type of operation are 
greatly appreciated.
 
TIA
 
Dan Lockwood
Microsoft Certified 
Professional
CompTIA Network+ 
Certified
Cisco Certified Network 
Associate
 

DNS/Routing advice

[Dan Lockwood]

Title: Message



Everyone,
 
I have a customer 
that is multihomed, to a public ISP and to another large network that uses 
10.0.0.0 address space.  The private address space also has services 
available via public address space and consequently is running a split DNS 
service, public and private.  Because of firewalls and the placement of DNS 
servers this customer has a nasty routing situation and in order to make DNS 
work for the private numbers, has spoofed the domain of the private 
network.  My question is this: are there any documents or RFCs that outline 
what is an acceptable practice for running DNS and what is not?  Their 
kluge of a network causes continuous problems for both the upstream ISP and the 
private network to which they are connecting and we may find ourselves in a 
situation where we have to say that 'xyz' is an acceptable way of operating and 
'abc' is not.  Any advice is appreciated.  Thanks!
 
Dan 
Lockwood

DNS entries for infrastructure equipment

[Dan Lockwood]

Title: Message



Does anyone have a 
resource that has recommendations about how to name interfaces in a DNS name 
space?  Is there a standard that is used?  TIA
 
Dan 
Lockwood