Common Carrier Question
Folks, I'm working on a graduate policy paper regarding Internet filtering by blocking ASN's or IP prefixes. It is a variation of Net Neutrality, just by a different name. Is anyone in the IANAL field aware of any cases where : a. an ISP successfully defended a common carrier position b. an ISP unsuccessfully defended a common carrier position c. an ISP was treated as a common carrier, even if didn't want to be. d. an ISP was not treated as a common carrier, even if they wanted to. It seems to be way back in the 90's, Compuserve may have been involved in one variation of the above, but the cobwebs are too thick. Replies off list and I will summarize if there is interest. Eric
RE: Common Carrier Question
Except when an ISP blocks Vonage completely, then they aren't neutral and it is QoS (unless the QoS == 0 for VoIP) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Patrick W. Gilmore Sent: Thursday, April 13, 2006 6:07 PM To: NANOG list Cc: Patrick W. Gilmore Subject: Re: Common Carrier Question On Apr 13, 2006, at 5:57 PM, Eric Germann wrote: I'm working on a graduate policy paper regarding Internet filtering by blocking ASN's or IP prefixes. It is a variation of Net Neutrality, just by a different name. Except Network Neutrality is about QoS, not filtering. [snip]
Cisco locksmith [OT]
Dear Cisco, Since your postmaster account doesn't answer (probably for good reason) and no one has noticed internally, your locksmith thingy is broke. |/opt/httpd/root/data/mmbprod/post/locksmith (expanded from: [EMAIL PROTECTED]) - Transcript of session follows - Could not open file /opt/httpd/httpd-ent/logs/locksmith 554 5.3.0 unknown mailer error 13 If anyone from Cisco is listening
Re: Networking Pearl Harbor in the Making
Looks like vendor J is going to benefit from the issues laid out for Vendor C. http://www.networkworld.com/news/2005/110405-juniper-cisco-hacker.html At 08:52 AM 11/7/2005, you wrote: On Mon, Nov 07, 2005 at 06:43:35AM -0500, J. Oquendo wrote: the center of the information security vortex. Because IOS controls the routers that underpin most business networks as well as the Internet, I think in general this is an argument against converged networks, the added complexity and outages may not be worth the gains.. It is an argument for proper patching policy and procedures. There is no zero day exploit for this exploit and to my knowledge, there hasn't been one yet which came out at the same time as the advisory for ANY major vendor although the window is shrinking. All worms and other exploits which have achieved press coverage and caused major network disruption would have been avoided by proper patching. All of our network is now patched for the latest Cisco advisory. We were already running fixed code on a few routers when the advisory came out so we knew the code was stable and moved to it on all other boxes. I understand that not everyone can act as quickly as we do, but to delay patching indefinitely until the problem occurs - for stability reasons is not the solution either. Better code is part of the solution and teaching and enforcing proper programming techniques to create secure code in the first place are just part of the solution. Getting people to install (so far) secure code is another bigger problem which can be solved today. I think all the major vendors are aware of the extent of the problem and are making their systems more secure by auditing their existing code more thoroughly as well as teaching their programmers to code securely in the first place. -Robert Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com | 888-TELLURIAN | 973-300-9211 Well done is better than well said. - Benjamin Franklin
Sorry to butt in - Google operational
OPERATIONALCONTENTFOLLOWS Sorry for the apolitical commentary that is operational in nature, but If some of your customers complain they can't get to Google ... And you manually configured your bogon filters ... And you haven't updated them in a while Google is now serving up from some 72.x.x.x space, FYI. Adjust filters accordingly. We now return you to non-operational content /OPERATIONALCONTENTFOLLOWS Eric
Re: Opinions wanted re blog-style NANOG list content
For the present, not the future, we've been experimenting with doing this for a while and the large scale scalability issues in a blog with 86000+ posts in it. See http://blogs.semperen.com/nblog (RSS at http://blogs.semperen.com/nblog/feed) This is cached in a 10 minute interval so response time may appear to have a high variance. FWIW, there are considerable issues in tuning current blogging software for handling the number of posts in the historical NANOG forum, mostly because normal blogs allow one to get away with very sloppy SQL queries, joins, grouping, etc without. They perform well with several hundred posts. They don't with 86000+. We restructured a lot of the queries to improve performance and it is still a work in progress. With that said, use at your own risk and it may be unavailable from time to time as we continue to evolve it. I put this on the main list so those that want to read via RSS are at least aware there is an RSS version available. Part of my motivation for doing this is I was tired of everyone asking can you remove this post, I really didn't mean that, etc. At least now, they can find the post and comment on it. When performance is where I like it, I want to add more NOG lists and operationally relevant mailing lists. Take a look if you like, but be gentle. It's a work in progress. Eric [EMAIL PROTECTED] [bcc'd to [EMAIL PROTECTED] Call for Community Participation The NANOG Steering Committee is interested in hearing feedback from the community about the following topic. Private comments may be sent to [EMAIL PROTECTED] Public discussion is encouraged, and should take place on the nanog-futures mailing list. For information about subscription to the nanog-futures mailing list, see http://www.nanog.org/email.html. Commentary on Current Events on the NANOG List Many threads on NANOG begin with a bare reference to some article published elsewhere (e.g. a blog, or a news organisation web site). While some of these threads have undoubted relevance to network operations, others are certainly off-topic. Some participants of the NANOG list have expressed frustration at the perceived off-topic chatter on the list resulting from these threads. Other participants have commented that they welcome the content. There is no clear majority opinion known to the NANOG Steering Committee. A common medium for distribution of information such as those contained in these NANOG threads is the weblog. Blogs have established mechanisms for facilitating follow-up commentary from readers, and are also readily syndicated through RSS or e-mail. Two notable such blogs already exist: Fergie's Tech Blog http://fergdawg.blogspot.com/, an individual initiative of long-time NANOG contributor Paul Fergusson Merit's SlashNOG http://slashnog.merit.edu/, a proof-of-concept discussion forum styled after Slashdot The NANOG Steering Committee is interested in hearing the opinions of the community on this topic. For example: 1. Should current events/news bulletin-style threads be declared universally off-topic for the NANOG mailing list? 2. Should NANOG encourage, facilitate, or otherwise support a blog or similar forum for this content? Please follow-up to the nanog-futures mailing list http:// www.nanog.org/email.html or send private commentary to the NANOG Steering Committee at [EMAIL PROTECTED]. Joe Abley (for the NANOG SC)
Source for IDS data
One more request for the group. Looking for some contacts off list who would be willing to discuss supplying some IDS data. Ideal candidates for this research would have the following characteristics: 1. Have a fairly visible network that draws appreciable attempts. 2. Have an IDS collection point in front of the firewall so ATTEMPTED intrusions are also recorded. 3. Have a fairly extensive history of IDS attempts. This is for a graduate research project I am engaged in and I am willing to discuss with potential suppliers of data. Targets are not required, I want to characterize sources only. If you are interested in supplying data or would like to discuss it further, please contact me OFF-LIST by hitting reply and we can talk off line. Thanks Eric Germann
Source for IDS data
One more request for the group. Looking for some contacts off list who would be willing to discuss supplying some IDS data. Ideal candidates for this research would have the following characteristics: 1. Have a fairly visible network that draws appreciable attempts. 2. Have an IDS collection point in front of the firewall so ATTEMPTED intrusions are also recorded. 3. Have a fairly extensive history of IDS attempts. This is for a graduate research project I am engaged in and I am willing to discuss with potential suppliers of data. Targets are not required, I want to characterize sources only. If you are interested in supplying data or would like to discuss it further, please contact me OFF-LIST by hitting reply and we can talk off line. Thanks Eric Germann
Request for delegation info
Colleagues, I was wondering if anyone had the following allocation information for the following registries archived somewhere. I'm conducting a graduate project and am trying to complete a picture of IPv4, v6 and ASN allocations. The following dates were missing from various registry repositories. I'm just trying to verify they actually do not exist vs. deleted from that registry ftp server and its associated mirrors. All dates are for 2004. For RIPENCC: delegated-ripencc- Jan 17 Jan 18 Feb 7 Feb 8 Feb 9 Apr 30 May 1 May 2 Sep 11 Sep 12 Sep 23 Oct 9 Oct 10 For ARIN: delegated-arin- Mar 2 Apr 17 If anyone has these files and data available, please contact me off list. Thanks for the consideration. Eric Germann
RE: Blackhole Routes
We use a variation of this for several things. At the risk of getting in to political policy discussions ... We have a PERL script which looks for the wildcard .com record. If it finds it (the old Verisign SiteFinder), it injects a blackhole route to kill it. Also, we periodically pull in (every 4 hours), allocations from various registries like ARIN, APNIC, LACNIC, etc. and filter by country. It isn't elegant, but it does give us the ability to deny traffic to areas our policies dictate. Pretty effective for getting rid of spam and the offshore phishing sites. If you want to argue the political or policy side of doing this, I really don't have time, but our clients have been happy with it for two plus years. What I would to see (and have never researched in depth) is a way to apply the blackhole routes on a community to port basis (i.e. we set up a specific BGP community to filter mail, and that community goes to a route map that kills only port 25, another community applies to a map that kills port 80, etc). When I have spare time, I may see if there is any way to do that. Of course by then, IPv6 will be obsolete, so . Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abhishek Verma Sent: Thursday, September 30, 2004 2:52 AM To: [EMAIL PROTECTED] Subject: Blackhole Routes Hi, There are ways to add static routes that can be blackholed. I can understand the utility of such routes if those are installed in my forwarding table. What bewilders me is why would anyone want to advertise blackhole routes using say, BGP? Is it only to prevent some sort of DoS attacks or are there other uses also of advertising black hole routes? Thanks, Abhishek -- Class of 2004 Institute of Technology, BHU Varanasi, India
APNIC delegation change
Just a heads up for those who use http://ftp.apnic.net/stats/apnic/apnic-latest It moved. If you have scripts that slurp APNIC ASN or IPv4 allocations, they probably broke this morning. The new correct link is at http://ftp.apnic.net/stats/apnic/new/delegated-apnic-latest == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45891 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory
RE: Tomatoes for Verisign at NANOG 29
Wouldn't it be just as easy to pay GoDaddy $9 per year and do a redirect yourself instead of relying on a verisign that half the knowledgable network ops community has filtered/blackholed? Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kenny Sallee Sent: Friday, October 17, 2003 4:03 PM To: Matt Levine; Dan Riley Cc: NANOG Subject: Re: Tomatoes for Verisign at NANOG 29 Has anybody thought to explore the trademark implications of sitefinder? For example, verisign is returning A records (and subsequently earning revenue from that traffic) for say: COKE-SOFT-DRINK.COM TIDE-DETERGENT.COM etc.. From another perspective, it could be how Verisign plans on making money off this. If they can redirect to their own Site Finder site, I'm sure they can redirect to other large corporations, who would probably pay for that kind of service. Buy this service, user types www.coke-soft-drink.com, and gets redirected automatically to www.coke.com. Corporations now have a much broader reach then yesterday. They'd make a deal on the trademark thing, if there is one. Kenny __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
RE: ICMP Blocking Woes
winders does use udp instead of icmp in their tracert program, IIRC (or at least they used to). At the risk of getting my head blown off, could we say that was foresight :) Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Stephen J. Wilcox Sent: Monday, September 29, 2003 1:54 PM To: CA Windon Cc: [EMAIL PROTECTED] Subject: Re: ICMP Blocking Woes Hmm noticed what I was to say has already been said, but to reiterate, if your provider is blocking ICMP other than echo/echoreply .. in this case ICMP unreachables and presumably fragments and other fundementally required icmps they are seriously broken and I would insist they fix it or else you move away You didnt clarify that in your mail tho, is it the icmp unreachables that you arent getting or is your monitoring sending out icmp echos which are being filtering? if its the latter then you can easily workaround by modifying your monitoring systems to use udp/tcp based probes which are probably better these days than sending icmp across third party networks anyhow Steve On Mon, 29 Sep 2003, CA Windon wrote: Dear NANOG-ers, I work for an information security company that is dependant upon ICMP for network mapping purposes (read: traceroute). On or about August 18, we were told, our upstream provider began blocking ICMP packets at its border in the Chicago NAP in an effort to cut down on the propagation of 'MSBlast'. This has effected our ability to accurately map our customers networks. We've been in contact with an engineer in this provider's NOC who is either unable or unwilling to remove this ACL for our block of IPs. Currently, we've been given two options. (1) Deal with the effect of the ACL until 'MSBlast' traffic subsides, or (2) they are willing to reroute our traffic out of the Chicago NAP to a border router that, they claim, does not have the same ACL. The problem with option 2 is that they would force us to renumber. This is a problem for us, as it would impact our customers as well. What options can I take to my management that would cause the least impact to the services we provide while not causing undue work for our clients. Also, what other options could I suggest to my upstream provider? TIA, C. Windon __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
VeriSign tapped to secure Internet voting
Hope they don't just wildcard the virtual hanging chads... They could start with a vote on who likes global wildcards in .com and .net http://msnbc-cnet.com.com/2100-1029_3-5083772.html?part=msnbc-cnettag=alert form=feedsubj=cnetnews VeriSign announced Monday that it will provide key components of a system designed to let Americans abroad cast absentee votes over the Internet. == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45891 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory
OT: CPAN hacked or fubar'd?
Anyone know whats up with CPAN? http://www.cpan.org points to http://www.netcetera.dk Pointers would be appreciated and also if we can trust the CPAN module to install modules. == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45891 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory
RE: OT: CPAN hacked or fubar'd?
Hmmm... bash-2.05$ dig www.cpan.org ; DiG 8.3 www.cpan.org ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3 ;; QUERY SECTION: ;; www.cpan.org, type = A, class = IN ;; ANSWER SECTION: www.cpan.org. 23h38m8s IN CNAME x2.develooper.com. x2.develooper.com. 1h38m8s IN A213.150.60.27 ;; AUTHORITY SECTION: develooper.com. 2d23h38m8s IN NS ns2.develooper.com. develooper.com. 2d23h38m8s IN NS ns3.develooper.com. develooper.com. 2d23h38m8s IN NS ns.develooper.com. ;; ADDITIONAL SECTION: ns.develooper.com. 1d23h34m37s IN A 63.251.223.170 ns2.develooper.com. 1h38m8s IN A213.150.60.27 ns3.develooper.com. 1h38m8s IN A213.150.60.27 ;; Total query time: 37 msec ;; FROM: petros.cctec.net to SERVER: default -- 172.28.0.20 ;; WHEN: Sun Sep 28 17:26:56 2003 ;; MSG SIZE sent: 30 rcvd: 178 bash-2.05$ telnet www.cpan.org 80 Trying 213.150.60.27... Connected to x2.develooper.com. Escape character is '^]'. GET / HTTP/1.0 HTTP/1.1 302 Found Date: Sun, 28 Sep 2003 21:28:12 GMT Server: Apache/1.3.29-dev (Unix) PHP/4.3.3 mod_perl/1.28_01-dev Location: http://www.netcetera.dk Content-Type: text/html; charset=iso-8859-1 Connection: close !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN HTMLHEAD TITLE302 Found/TITLE /HEADBODY H1Found/H1 The document has moved A HREF=http://www.netcetera.dk;here/A.P HR ADDRESSApache/1.3.29-dev Server at virtualhost.netc.dk Port 80/ADDRESS /BODY/HTML Connection closed by foreign host. Same with a host header using HTTP/1.1 ... -Original Message- From: Rachael Treu [mailto:[EMAIL PROTECTED] Sent: Sunday, September 28, 2003 5:33 PM To: Eric Germann Cc: [EMAIL PROTECTED] Subject: Re: OT: CPAN hacked or fubar'd? I'm not able to duplicate what you report. All indications from the vectors I've tried are that CPAN is alive and well. Got more info? --ra On Sun, Sep 28, 2003 at 05:10:58PM -0400, Eric Germann said something to the effect of: Anyone know whats up with CPAN? http://www.cpan.org points to http://www.netcetera.dk Pointers would be appreciated and also if we can trust the CPAN module to install modules. == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45891 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory -- K. Rachael Treu, CISSP [EMAIL PROTECTED] .Fata viam invenient..
RE: VeriSign SMTP reject server updated
Just wait until they start accepting the mail, logging it, and then returning it to sender. Make one hell of an interesting way to monitor whats going on out there Nahh, wouldn't happen, would it Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matthew S. Hallacy Sent: Sunday, September 21, 2003 2:02 PM To: [EMAIL PROTECTED] Subject: Re: VeriSign SMTP reject server updated On Sat, Sep 20, 2003 at 08:31:27PM -0400, Joe Provo wrote: Wrong protocol. There should be *NO* SMTP transactions for non-extistant domains. After being bit by this over the weekend I would have to agree, due to a screwup at netSOL a companies domain I manage was resolving to their sitefinder service, and all mail just went *poof*. -- Matthew S. HallacyFUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
ICANN asks VeriSign to pull redirect service
http://msnbc-cnet.com.com/2100-1024_3-5079768.html?part=msnbc-cnettag=alert form=feedsubj=cnetnews The agency that oversees Internet domain names has asked VeriSign to voluntarily suspend a new service that redirects Web surfers to its own site when they seek to access unassigned Web addresses, rather than return an error message. == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45891 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory
RE: Kill Verisign Routes :: A Dynamic BGP solution
I guess we don't really need to discuss the political ramifications, because I don't really care about VS. Our internal policy is to kill the route to the host. I'm offering up a tool to implement a technical solution to killing the route. Nothing more, nothing less. It only affects our internal network, so we don't really have a global impact, unlike some folks in Virgina. If people want it, its here. If not, they're free to delete this. Key is, they have choice. Eric -Original Message- From: David Schwartz [mailto:[EMAIL PROTECTED] Sent: Friday, September 19, 2003 4:04 AM To: J.A. Terranson Cc: [EMAIL PROTECTED] Subject: RE: Kill Verisign Routes :: A Dynamic BGP solution On Thu, 18 Sep 2003, David Schwartz wrote: I think the whole idea of getting into an escalating technical war with Verisign is extremely bad. Your suggestion only makes sense if you expect Verisign to make changes to evade technical solutions. Each such change by Verisign will cause more breakage. Verisign will either provide a way to definitively, quickly, and easily tell that a domain is not registered or Verisign will badly break COM and NET. DS With all due respect, this line of logic is the same one used in the US to prevent people from defending themselves from other types of crime, and it's totally bogus. Really? I've never seen anyone attempt such an argument, but it would be rather amusing to see. Which part would you use? Would you argue that criminals aren't likely to take steps that obviously are attempts to reduce the effectiveness of guns? And if they do, they will have to deal with the likely PR and government pressure that would result. The whole point here is that it's not clear to everyone that Verisign is analogous to the criminal. The point is to make it clear that they are and that won't happen if you look very much like them. We have been, in a literal sense, attacked by Verislime, any and all defenses are appropriate. No. The defenses have to be reasonable and have to avoid collateral damage to innocent parties. If not, Verisign will have a reasonable argument that we are the bad guys. They caused some breakage? So what, so did we. They distorted the true data that should have been in the zone? So what, so did we. You are welcome to see this as an attack, but the response should not be out of proportion. If a measured response leads to an escalation, then you can consider any and all defenses. DS
RE: apathy (was Re: .ORG problems this evening)
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Todd Vierling Sent: Friday, September 19, 2003 11:37 AM To: [EMAIL PROTECTED] Subject: apathy (was Re: .ORG problems this evening) I've repeatedly described how I do understand the methodology here. What's being expressed on this list is blind faith and trust in an anycast-only gTLD DNS scheme that has the possibility of routing to a single point of failure. Anyone know if 64.94.110.11 is done via anycast? This scheme has already failed once. (When will it fail again?) In that case, hopefully soon ...
RE: Kill Verisign Routes :: A Dynamic BGP solution
-Original Message- From: David Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:38 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Kill Verisign Routes :: A Dynamic BGP solution Sensitivity: Confidential snip I think the whole idea of getting into an escalating technical war with Verisign is extremely bad. Your suggestion only makes sense if you expect Verisign to make changes to evade technical solutions. Each such change by Verisign will cause more breakage. Verisign will either provide a way to definitively, quickly, and easily tell that a domain is not registered or Verisign will badly break COM and NET. DS Who said they're logical in their decision making process. While they experiment with .com/.net, countermeasures are called for. And they have badly broken .com/.net. This is just an evolution of the blackhole solution, doing it dynamically. Keeps us from having to find out they changed it/moved it/etc. And, if *.com goes away, so does the route :).
RE: Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
Title: Re: Verisign brain damage and DNSSec.Was:Re: What *are* they smoking? And whats to say they don't get around our methods of blacklisting it by changing the IP around every zone update? -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of [EMAIL PROTECTED]Sent: Tuesday, September 16, 2003 2:18 PMTo: [EMAIL PROTECTED]Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]Subject: Re: Verisign brain damage and DNSSec.Was:Re: What *are* they smoking? On Tue, 16 Sep 2003 11:08:11 PDT, [EMAIL PROTECTED] said: On Tue, 16 Sep 2003 09:59:40 PDT, [EMAIL PROTECTED] said: thats one aspect yes. the valdiation chain should tell you who signed the delegations. It won't lie. you will know that V'sign put that data there. How frikking many hacks will we need to BIND9 to work around this braindamage? One to stuff back in the NXDomain if the A record points there, another to do something with make-believe DNSsec from them. What's next?
RE: Not the best solution, but it takes VeriSign out of the loop
And I faxed my stuff a month ago and they haven't replied yea or nea ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mike Damm Sent: Tuesday, September 16, 2003 3:52 PM To: 'bert hubert'; Mike Damm Cc: [EMAIL PROTECTED] Subject: RE: Not the best solution, but it takes VeriSign out of the loop I have received a few replies off list suggesting the same. I already have access to the zones (well, not currently, moved to a new IP block and need to update my source address with them), and if I remember correctly, the agreement I had to sign restricts you from redistributing the data in any way shape and/or form. -Mike --- Michael Damm, MIS Department, Irwin Research Development V: 509.457.5080 x298 F: 509.577.0301 E: [EMAIL PROTECTED] -Original Message- From: bert hubert [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 11:31 AM To: Mike Damm Cc: [EMAIL PROTECTED] Subject: Re: Not the best solution, but it takes VeriSign out of the loop You can download the real zones if you want easily enough. Some years ago all this took was sending a few faxes.
RE: dry pair
Getting it to work at all can be a challenge. Alarm circuits are not groomed to remove stray drops that got cut at the house, not at the pole, etc. We looked at rolling out DSL 2 years ago using our own DSL equipment cause sprint didn't have dslams installed. They had conveniently pulled their tariff for alarm circuits. Dry pairs were $70/mo each and the install was $100+. When I asked them the process, they said the x-conn'd the customer prem pair to our pair and hoped it worked. If it didn't, THEN they would go clean it up. IF you can still get an alarm circuit, good luck getting it cleaned up if bridge taps are wreaking havoc, and they will with some DSL gear. We were told the alarm circuits were rated for up to 1200bps. Then again, I have another client who orders them from Sprint all the time for OPX voice use. As a friend of mine once observed, its who you know and who you _. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Wayne Sent: Friday, August 29, 2003 9:52 PM To: Austad, Jay Cc: [EMAIL PROTECTED] Subject: Re: dry pair Austad, Jay wrote: Does anyone know to go about getting Qwest or a CLEC to patch through a dry pair between two buildings connected to the same CO? When I called to order one, no one knew what I was talking about. -jay Most of the other responses have covered the various terms to try when ordering this type of ckt. All I can say is good luck. I did this back in 1994 with some HDSL modems from Pairgain and it worked like a charm. (btw, I got the 2 ckts I needed for the connection by ordering 2 alarm ckts and then rewiring the separate jacks into a single jack for the modem) However, this was before the days of mass DSL deployment and CLECs. The local loop is managed a little tighter these days and ILECs are a lot less willing to sell this type of service. As someone else said, even if you can get a sales rep to sell it to you, getting it repaired when it fails will be quite a challenge. Seems like business DSL would be less headache in the long run. -- Wayne Gustavus --
RE: East Coast outage?
Load management is actually fairly common here in Ohio in the cooperative electric utilities. Residential users get rebates on heat pumps and water heaters in exchange for allowing the utility to install RF controlled interrupting switches on them. Summer ironically isn't the problem for them, its winter when they want to do peak demand management so as not to ratchet into a higher wholesale demand rate class. My guess is when it shakes out, the failure will be traced to a rather large unit or interconnect tripping offline. Since the load is relatively constant if you look at the time in a short enough period, and you lose a couple hundred MVA of feed onto the grid, the other generation on the grid is going to attempt to absorb it. It works just like a drill, in reverse. If you put a sanding wheel onto a drill and press it into wood, it will drag the drill down. Opposite for generation. Steam is driving the turbine, which is producing power. Throw more load on instantaneously, the rotor will slow down. Now the units can absorb slight variations in load, but 500MVA falling off quickly cannot be instantaneously absorbed. So, the rotor slows down. As it slows down, the frequency drops. When the frequency gets low enough (and we're talking fractions of a Hz), protective relaying kicks in and opens the breaker between the unit and the grid. This compounds the effect, because the 500MVA loss may cause another 100MVA in units to trip off relatively close. Now the grid has 600MVA to absorb and that loads more units down, which drift farther down and they trip, which adds another X MVA to the load and it justs keeps going. Same thing can happen in reverse to when the load is suddenly removed and the unit overruns the frequency. This effect was observed a couple of times for a muni electric I used to work with. They had a tie line to a IOU and when it opened in the summer becuase of lightning, overload, etc, it would trip all their units off line because the tie was carrying inbound on the order of 40% of their load. Interestingly, it had effects on the IOU also, since the muni was consuming watts, but supplying VAR's, trying to help maintain power factor on the IOU system. Units can only produce so many MVA's. MVA = sqrt(MW ** 2 + MVAR ** 2). As reactive loads go up (like AC units in the summer), MVAR's go up. According to the formula, MW production goes down since the unit can only produce so many MVA's (its a nice right triangle, MVA is the hypotenuse, MW is the horizontal and MVAR is the vertical and power factor is the cosine of the angle. With a purely resistive load like a light bulb, PF = 1 since there are no VAR flows there [cos 0 = 1]). They do cheat sometimes and use capacitors or synchronous condensors/reactors (an overexcited motor which looks like a variable capacitor, kind of cool) to try and equal out the power factor. The bite is, Joe Consumer doesn't pay for VAR's, he pays for Watts. But the transmission and distribution system has to account for and carry the VAR flows also. And if you size the lines and forget the VAR flows, in the summer, things can go boom. Everyone whines because of the antiquated system. The system worked like it should. It may suck to be without power for 48 hours, but try 18 months if the unit came apart. You don't go to Ace Hardware and buy a new 50MVA steam driven unit. And the nukes tripping off was probably more an artifact of frequency instability on the grid than a problem with the nukes themselves. Coal, gas or nuke, you still have to maintain frequency. As an old EE prof of mine said, the system will seek stability. Seeking may be nice like flow re-distribution, or it may be ugly like the rotor and frame separating. Either way, it ends up stable (albeit maybe in the field next to the plant) ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Iljitsch van Beijnum Sent: Friday, August 15, 2003 6:25 PM To: [EMAIL PROTECTED] Cc: nanog list Subject: Re: East Coast outage? On vrijdag, aug 15, 2003, at 23:58 Europe/Amsterdam, [EMAIL PROTECTED] wrote: Amount of energy generated must be balanced with the amount of energy used at any time. Otherwise Bad Things (tm) will happen. The shutown of the grid is a very good thing compared to what it would have been had it not shutdown. It seems to me that the power guys are still living somewhere in the last century. Is it really impossible to absorb power spikes? We can go from utility to battery or the other way around in milliseconds, so it should be possible to activate something that can absorb a short spike much the same way. Balancing intermediate-term generation/usage mismatches should be possible by simply communicating with users. There is lots of stuff out there that switches on and off periodically (all kinds of cooling systems, battery charging, lights), so let it switch on or off for a few minutes when the
RE: Looking for advice on datacenter electrical/generator
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Timo Janhunen Sent: Friday, April 04, 2003 9:01 PM To: Bill Woodcock Cc: Matthew Kaufman; 'David Lesher'; 'nanog list' Subject: RE: Looking for advice on datacenter electrical/generator - The gas gets cut off immediately in any fire situation, usually affecting a few city blocks at a time When was the last time you saw a fire that affected a few city blocks? I'm sure gas would be cut off in the event of a fire of that magnitude, but are you arguing that diesel delivery would continue? Trucks rolling through the maelstrom? I'm not sure what your point is here. Gas being turned off usually affects a few city blocks. As a volunteer FF ... Actually, if a fire affects a few city blocks, there will be quite a few diesel trucks rolling if its a block of any magnitude. Cummins turbo diesels pumping 2000GPM out a ladder pipe drink a lot of diesel. Its not uncommon at all to refuel them on the fly with courtesy of your friendly BP delivery driver and its also fairly common to park an 1-1/2 fog stream underneath the truck fogging the exhaust lest we burn a hole through the pavement ... You'd have better odds of finding a diesel truck than the gas line being on with a large fire.
RE: Initial network impacts post-US attack 3/19/03
They seem to be somewhat slashdotted from the perspective of a cogent customer (nee FNSI), or . Guessing they won't get to many more updates from the old Iraqi Information Ministry ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sean Donelan Sent: Thursday, March 20, 2003 1:39 PM To: [EMAIL PROTECTED] Subject: Re: Initial network impacts post-US attack 3/19/03 However, tonight I am not able to reach the few Iraq servers I know about. The servers were reachable on Monday, but I wasn't keeping constant track of those servers. So I don't know when I could no longer reach them. This may just be normal network flakiness, the Iraqi networks aren't very reliable on a normal day. The Iraqi News Agency (http://www.uruklink.net/iraqnews/eindex.htm) web site, and other servers I've been checking, appear to be reachable again. It may have just been normal network flakiness. CNN.COM is still running in breaking news mode, but other major news sites have switched back to their big pages. Advertisements and pop-ups seem to coming back on news sites. Matrix systems shows a slight latency increase overnight, but has returned normal levels.
RE: Code red- Returning?
Title: Code red- Returning? We're still in the propogation mode, until the 20th. http://www.cert.org/advisories/CA-2001-23.html Unless their clocks are off by 3 days, they're in the wrong mode ... However, since 1100EST 3-17-03, we've seen a steady uptick also. Also, some other tools must be attempting to use the same exploits, but they are more ferocious, creating thousands of attempts within a few minutes, exploiting the same vulnerabilities. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of McBurnett, JimSent: Tuesday, March 18, 2003 12:50 PMTo: [EMAIL PROTECTED]Subject: Code red- Returning? Has anyone out there noticed an increase in a Code-Red patterned virus? I know about the Microsoft bug that came out yesterday/last night. But I am seeing the same symptoms as Code Red, 800+ hits in the last 12 hours, from the same Class A network I am on. The amount is increasing per hour.. It started with 50 the first hour and now it just about 150 an hour... Thoughts? thanks, Jim
923 Mbps across the Ocean ...
http://www.cnn.com/2003/TECH/internet/03/07/speed.record/index.html Comments folks? == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
Streaming dead again.
Dying at merit.demarc.cogentco.com with 3561ms figures in traceroute. How many would pay some $$$ for this to be moved in the future to a premium service provided by someone like RealMedia. Methinks the merit servers are getting crushed. I'd pony up some $$$ to virtually attend it if it were reliable. Seems a lot less reliable this time around. FWIW, if the only video shot is a long shot of a talking head wireless discussion, save the bandwidth and only stream the audio, or cut to the slides if there are some. Burning 80k to see a pixelated animation doesn't do anyone any good. Eric == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
Streaming dead
rtsp://198.108.1.36/broadcast/NANOG/encoder/nanog27.rm file not found. 22:39GMT QoS has been real spotty, from many differing networks today. multi 10's of seconds gaps in audio or video. == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: What could have been done differently?
Not to sound to pro-MS, but if they are going to sue, they should be able to sue ALL software makers. And what does that do to open source? Apache, MySQL, OpenSSH, etc have all had their problems. Should we sue the nail gun vendor because some moron shoots himself in the head with it? No. It was never designed for flicking flies off his forehead. And they said, don't use for anything other than nailing stuff together. Likewise, MS told people six months ago to fix the hole. Lack of planning on your part does not constitute an emergency on my part was once told to me by a wise man. At some point, people have to take SOME responsibility for their organizations deployment of IT assets and systems. Microsoft is the convenient target right now because they HAVE assets to take. Who's going to pony up when Apache gets sued and loses. Hwo do you sue Apache, or how do you sue Perl, because, afterall, it has bugs. Just because you give it away shouldn't isolate you from liability. Eric * Companies need to hold each other responsible for bad software. Ford is being sued right now because Crown Vic gas tanks blow up. Why isn't Microsoft being sued over buffer overflows? We've known about the buffer overflow problem now for what, 5 years? The fact that new, recent software is coming out with buffer overflows is bad enough, the fact that people are still buying it, and also making the companies own up to their mistakes is amazing. I have to think there's billions of dollars out there for class action lawyers. Right now software companies, and in particular Microsoft, can make dangerously unsafe products and people buy them like crazy, and then don't even complain that much when they break. -- Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - [EMAIL PROTECTED], www.tmbg.org
RE: What could have been done differently?
XP has autoupdate notifications that nag you. They could make it automatic, but then everyone would sue them if it mucked up their system. And, MS has their HFCHECK program which checks which hotfixes should be installed. Again, not automatic because they would like the USER to sign off on installing it. On the Open Source side, you sort of have that when you build from source. Maybe apache should build a util to routinely go out and scan their source and all the myriad add on modules and build a new version when one of them has a fix to it, but we leave that to the sysadmin. Why, because the permutations are too many. Which is why we have Windows. To paraphrase a phone company line I heard in a sales meeting when reaming them, we may suck, but we suck less It ain't the best, but for the most part, it does what the user wants and is relatively consistent across a number of machines. User learns at home and can operate at work. No retraining. Sort of like the person who sued McD's when they dumped their own coffee in their lap because it was too hot. Somewhere in the equation, the sysadmin/enduser, whether Unix or Windows, has to take some responsibility. To turn the argument around, people don't pay for IIS either, but everyone would love to sue MS for its vulnerabilities (i.e. CR/Nimda, etc). As has been said, no one writes perfect software. And again, sometime, the user has to share some responsibility. Maybe if the users get burned enough, the problem will get solved. Either they will get fired, the software will change to another platform, or they'll install the patches. People only change behaviors through pain, either mental or physical. Eric -Original Message- From: Jack Bates [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 10:36 AM To: [EMAIL PROTECTED]; Leo Bicknell; [EMAIL PROTECTED] Cc: Eric Germann Subject: Re: What could have been done differently? From: Eric Germann Not to sound to pro-MS, but if they are going to sue, they should be able to sue ALL software makers. And what does that do to open source? Apache, MySQL, OpenSSH, etc have all had their problems. Should we sue the nail gun vendor because some moron shoots himself in the head with it? With all the resources at their disposal, is MS doing enough to inform the customers of new fixes? Are the fixes and lates security patches in an easy to find location that any idiot admin can spot? Have they done due diligence in ensuring that proper notification is done? I ask because it appears they didn't tell part of their own company that a patch needed to be applied. If I want the latest info on Apache, I hit the main website and the first thing I see is a list of security issues and resolutions. Navigating MS's website isn't quite so simplistic. Liability isn't necessarily in the bug but in the education and notification. Jack Bates BrightNet Oklahoma
FYI: CVS vulnerability
http://news.com.com/2100-1001-981830.html == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: Even the New York Times withholds the address
To close this out, look for information on the Tennessee Valley Authority's Racoon Mountain Pumped Storage Facility. Take top off mountain, make reservoir on top, drill shaft down to base of mountain, put generators with discharge to a lower reservoir. Its called a peaking plant. Drain the top reservoir during peak times and produce electricity. Cool thing is, the generators can be reversed and become pumps to pump the water back up the mountain during off peak hours. Without going into how fossil fuel fired generation desires to run at a relatively constant level and has minimum loading requirements below which it cannot stabley operate at, and hey you can't store the power, so they use it off peak. Unlike your house or our bandwidth, within the industry, power costs fluctuate over the course of the day. So they take advantage of it. Closest thing to storing electricity thats possible. Even though pumping consumes more power than the falling water produces, the drastic cost differential over the course of the day makes it economically viable. On the flip side, their reservoirs are not hundreds of gallons, but hundreds of acres. One of the interesting design problems they had to overcome was how to keep the top reservoir from swirling like a bathtub when all the generators were online. And when they open the rather large valves (measured in tens of feet) for the tunnels, the mountain tends to shake. a little, at least when you're in the mountain. Fascinating place to tour. It was about 15 years ago. Don't know if they still do tours, but the geek factor was pretty high if you're into that kind of thing. IIRC, they're somewhere in the vicinity Oak Ridge. We took a bus ride from ORNL to there for a day tour. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vadim Antonov Sent: Tuesday, November 19, 2002 5:15 PM To: blitz Cc: [EMAIL PROTECTED] Subject: Re: Even the New York Times withholds the address Just to keep it off-topic :) The kinetic water-based accumulating stations actually do exist, though they use elevated reservoirs to store the water. The water is pumped up during off-peak hours, and then electricity is generated during peaks. This is not common, though, because most energy sources can be throttled to save fuel, or to accumulate in-flowing water naturally. However, I think we will see more of those accumulating stations augmenting green energy sources (wind, solar, geothermal, tidal) which have erratic performance on shorter time scales, unless things like very large supercapacitors or hydrolizers/fuel cells become a lot cheaper. In some cases accumulating stations are useful in places remote from any regular power sources because they can minimize energy loss in long transmission lines (it is proportional to current squared, while delivered power is linear to the current). --vadim On Tue, 19 Nov 2002, blitz wrote: One last addition to this idiotic water idea.. since the water doesn't get up there to the reservoir on the roof by itself, add your costs of huge pumps, plus the cost of pumping it up there, and a less than 100% efficiency in converting falling water to electricity. Also, add heating it in the winter to keep it liquid instead of solid, decontamination chemicals (cant have any Leigonella bacillus growing in there in the summer) Its all moot, as the weight factor makes this a non-starter.
RE: some of these are worse than others
If you don't mind partitioning yourself, 80.49% (the top 3) of these come from a subset of APNIC space ... Understand Paul, I'm not advocating you partitioning yourself, given what you do. Its just an interesting data point. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paul Vixie Sent: Monday, November 18, 2002 4:31 PM To: [EMAIL PROTECTED] Subject: some of these are worse than others in the last few months since i most recently cleared out the database, my test network (a defunct /16) has received 3.8M http transactions containing 460K distinct worm bodies sent from 137K source addresses. the top 8, by quantity, are: srcaddr | count |first|last -++-+- 61.137.107.137 | 300772 | 2002-11-05 13:29:26 | 2002-11-14 03:19:42 210.82.7.205| 72755 | 2002-11-13 14:12:00 | 2002-11-14 11:23:07 210.12.30.12| 32450 | 2002-11-01 08:34:09 | 2002-11-01 09:04:10 24.193.82.174 | 31996 | 2002-10-30 11:56:58 | 2002-10-30 13:07:11 131.204.108.181 | 22524 | 2002-11-18 17:33:04 | 2002-11-18 18:05:13 24.76.78.204| 22305 | 2002-10-30 12:13:39 | 2002-10-30 13:26:52 80.11.57.19 | 11379 | 2002-11-01 09:34:01 | 2002-11-01 10:49:20 63.142.226.235 | 10178 | 2002-11-08 12:51:44 | 2002-11-08 13:42:06 if you see one of your own up there, please put your hands on some lineman's shears and Do The Right Thing.
Blackholing APNIC Routes (or a subset of)
Anyone want to admit privately (I'll summarize to the list) if they actively filter certain partitions of APNIC space? We did a little experiment the past couple of days and saw at 85% of our port 13[5-9] scans, Code Red/Nimda/formmail attempts, etc. go out the door by blackholing those networks in .cn and .kr. Thoughts? Is it a valid thesis? I've seen the discussions for spam mitigation, etc via DNS, but this is actually null routing all their traffic. Eric == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: Forget Bernie...
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of blitz Sent: Thursday, May 02, 2002 4:05 AM To: Christopher L. Morrow Cc: [EMAIL PROTECTED] Subject: Forget Bernie... http://biz.yahoo.com/rc/020502/telecoms_worldcom_1.html Bernie was dragged kicking and screaming out of Wcom today according to news I readperhaps they chained him to his multi-milliondollar sailboat and pushed it twords the Bermuda triangle. John Sidgmore is now CEO. Yawn... Of course, they make little mention of his $630 mil loan that seems to be dissapeared. Its been widely reported for a long time it was $366M and the terms of his severence will be disclosed in their next proxy statement. BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
Only half tongue in cheek, does anyone know of a consise resource pointing out the netblocks allocated to .kr, etc so I can answer my own How do I configure my router for question that Randy will inevitably bring up? == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Deepak Jain Sent: Friday, April 26, 2002 2:43 PM To: todd glassey; Joel Jaeggli Cc: blitz; [EMAIL PROTECTED] Subject: RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S. I'm happy to take the blame for the real problem. Exactly what am I taking the blame for? Deepak Jain AiNET -Original Message- From: todd glassey [mailto:[EMAIL PROTECTED]] Sent: Friday, April 26, 2002 9:43 AM To: Joel Jaeggli; Deepak Jain Cc: blitz; [EMAIL PROTECTED] Subject: Re: CIA Warns of Chinese Plans for Cyber-Attacks on U.S. SNIP- We're off-topic, but I'd say that cyberterrorismis far less expensive to create than invasion or nuclear weapons. And they are much easier to stop. Just turn off the routers such that China is its own sealed-in infrastructure. But if its China's money you are after then you will have to build something akin to a demarcation gateway between China and the rest of the world and then who cares what is done inside China. Or you will ultimately be held liable for your custiomer's attacks against the rest of the world... You operators still dont seem to get that YOU are the real problem here. Todd Glassey Deepak Jain AiNET -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of blitz Sent: Thursday, April 25, 2002 6:33 PM To: [EMAIL PROTECTED] Subject: RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S. I put nothing past them, of course theyre not alone, as we all must assume by now. Theyve threatened to nuke LA if we interfere with their plans to take Tiawan by force, and smile and say, kill 300 million of us, do us a favor. Kinda hard to deal with an enemy like that. At 18:01 4/25/02 -0400, you wrote: Is it really hard to believe that the Chinese government would actively fund cyberterrorism? Deepak Jain AiNET -- -- Joel Jaeggli Academic User Services [EMAIL PROTECTED] --PGP Key Fingerprint: 1DE9 8FCA 51FB 4195 B42A 9C32 A30D 121E -- In Dr. Johnson's famous dictionary patriotism is defined as the last resort of the scoundrel. With all due respect to an enlightened but inferior lexicographer I beg to submit that it is the first. -- Ambrose Bierce, The Devil's Dictionary BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: is your host or dhcp server sending dns dynamic updates for rfc1918?
If people set up their Win2K networks right, it wouldn't be a problem. Simply install the MS DNS server, point their clients at that, then all the updates go there. And if that DNS server has connectivity to the 'Net at large, it will resolve all their other requests too by chasing the chain from the root down. Best of both worlds, or at least the best you can do in the situation ... == Eric GermannCCTec [EMAIL PROTECTED] Van Wert OH 45801 http://www.cctec.comPh: 419 968 2640 Fax: 603 825 5893 The fact that there are actually ways of knowing and characterizing the extent of ones ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky -- Jon Giorgini of NASAs Jet Propulsion Laboratory -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Adrian Chadd Sent: Friday, April 19, 2002 2:35 AM To: [EMAIL PROTECTED] Subject: Re: is your host or dhcp server sending dns dynamic updates for rfc1918? On Thu, Apr 18, 2002, Martin J. Levy wrote: Paul, now as to who's responsible, ... I hate to say it, but Microsoft. This is the default for w2k and the like. The interesting thing is that it's got a very short timer for retries and hence why your logs are so big. I found this... http://www.isc.org/ml-archives/bind-users/2001/02/msg01806.html http://www.domainregistry.ie/tech/dynamic-dns.html . time for a BCP, perhaps? I also thought that w2k and the like should not do a dynamic dns update if it's on private IP space, but that's not a valid test either, as the enterprise may well only exist in private IP space. (Yes... they should run their own zone for the reverse dns). What _should_ happen IMHO is that this becomes an option thats off by default, rather than on by default. The amount of time saved by admins having this turned on is probably negated by the load placed on bind servers all over the planet - perhaps someone should send M$ an invoice.. :P Adrian -- Adrian Chadd For a sucessful technology, reality must [EMAIL PROTECTED]take precedence over public relations, for nature cannot be fooled - Feynmann BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD
RE: is your host or dhcp server sending dns dynamic updates for rfc1918?
The point wasn't to get everyone to convert to MS DNS. The point was if you ALREADY HAVE Win2K server running on your network, set it up right and you can short circuit the problem. Its not a great conspiracy Also, you can follow these directions from the client end ... http://support.microsoft.com/default.aspx?scid=kb;en-us;Q259922 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ukyo Kuonji Sent: Friday, April 19, 2002 10:35 AM To: [EMAIL PROTECTED] Subject: RE: is your host or dhcp server sending dns dynamic updates for rfc1918? From: Eric Germann [EMAIL PROTECTED] If people set up their Win2K networks right, it wouldn't be a problem. Simply install the MS DNS server, point their clients at that, then all the updates go there. And if that DNS server has connectivity to the 'Net at large, it will resolve all their other requests too by chasing the chain from the root down. Great, just what Microsoft would like to see happen. In order to do this, EVERY DNS server that answers queries from end users (or servers) would have to be a MS DNS server. Might as well just replace the Internet with MSN, no offence to those that drive the deathstar. What I AM trying to figure out is why some win2K systems do this, and some don't. Did MS fix/break something with SP2? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. BEGIN:VCARD VERSION:2.1 N:Germann;Eric FN:Eric Germann ORG:CCTec TEL;WORK;VOICE:(419) 968-2640 TEL;WORK;FAX:(603) 825-5893 ADR;WORK:;;17780 Middle Point Road;Van Wert;OH;45891;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:17780 Middle Point Road=0D=0AVan Wert, OH 45891=0D=0AUnited States of Americ= a URL: URL:http://www.cctec.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010529T013421Z END:VCARD