Re: MEDIA: ICANN rejects .xxx domain
What are they talking about? .XXX already exists: %dig ns xxx @g.public-root.com ; DiG 9.3.2 ns xxx @g.public-root.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 65 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;xxx. IN NS ;; AUTHORITY SECTION: xxx. 172800 IN NS eugene.kashpureff.org. xxx. 172800 IN NS ga.dnspros.net. ;; ADDITIONAL SECTION: ga.dnspros.net. 172800 IN A 64.27.14.2 ;; Query time: 2 msec ;; SERVER: 199.5.157.131#53(199.5.157.131) ;; WHEN: Fri May 12 18:12:48 2006 ;; MSG SIZE rcvd: 100 Oh, sorry - you mean in the restricted USG root where ICANN actually has to approve new TLDs rather than just doing the technical coordination (the ONLY thing they were tasked to do in the first place). Freedom/Free Market Score: Inclusive Namespace: INFINITY, ICANN: ZERO
Re: MEDIA: ICANN rejects .xxx domain
Splintering the namespace is a convenient excuse that ICANN uses to engage in restraint of trade and excessive regulation. ICANN was never given the right to regulate entry into the industry, only to be a technical coordinator. Calling people kooks is a good way to get sued, but it doesn't add anything useful to the debate. - Original Message - From: Warren Kumari [EMAIL PROTECTED] To: John Palmer (NANOG Acct) [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 12, 2006 5:38 PM Subject: Re: MEDIA: ICANN rejects .xxx domain On May 12, 2006, at 3:26 PM, John Palmer (NANOG Acct) wrote: What are they talking about? .XXX already exists: No it doesn't, see below: dig ns xxx @g.LookMaICanAlsoSplinterTheNameSpace.com ; DiG 9.2.1 ns xxx @10.24.0.7 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 3245 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;xxx. IN NS ;; AUTHORITY SECTION: . 86400 IN SOA Kook.LookMaICanAlsoSplinterTheNameSpace.com ;; Query time: 4 msec ;; SERVER: g.LookMaICanAlsoSplinterTheNameSpace.com#53(192.0.2.1) ;; WHEN: Fri May 12 15:34:17 2006 ;; MSG SIZE rcvd: 96 And this is exactly why there should be only 1 namespace. W %dig ns xxx @g.public-root.com ; DiG 9.3.2 ns xxx @g.public-root.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 65 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;xxx. IN NS ;; AUTHORITY SECTION: xxx. 172800 IN NS eugene.kashpureff.org. xxx. 172800 IN NS ga.dnspros.net. ;; ADDITIONAL SECTION: ga.dnspros.net. 172800 IN A 64.27.14.2 ;; Query time: 2 msec ;; SERVER: 199.5.157.131#53(199.5.157.131) ;; WHEN: Fri May 12 18:12:48 2006 ;; MSG SIZE rcvd: 100 Oh, sorry - you mean in the restricted USG root where ICANN actually has to approve new TLDs rather than just doing the technical coordination (the ONLY thing they were tasked to do in the first place). Freedom/Free Market Score: Inclusive Namespace: INFINITY, ICANN: ZERO Life is a concentration camp. You're stuck here and there's no way out and you can only rage impotently against your persecutors. -- Woody Allen
Google AdSense Crash
Google Adsense has been down for several hours now. This is the interface that partners use to manage their advertising settings.
Re: Google AdSense Crash
OK - more: Don't have an answer as to why, but the website comes up with: The Google AdSense website is temporarily unavailable. Please try back later. We apologize for any inconvenience. This is a big deal and it is operational in nature. - Original Message - From: Daniel Golding [EMAIL PROTECTED] To: 'william(at)elan.net' [EMAIL PROTECTED]; 'John Palmer (NANOG Acct)' [EMAIL PROTECTED] Cc: 'nanog' nanog@merit.edu Sent: Saturday, April 22, 2006 3:58 PM Subject: RE: Google AdSense Crash -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of william(at)elan.net On Sat, 22 Apr 2006, John Palmer (NANOG Acct) wrote: Google Adsense has been down for several hours now. This is the interface that partners use to manage their advertising settings. And this is reported on nanog because...? Because this is the Internet's most profitable advertising service and ISP's will get complaints if their customers (esp. business customers) can't reach it, even on the weekend. Outage reports are operational, unlike many threads. More, please. Daniel Golding
Network Access Solutions -- Anything left of them
Does anyone know if there is anything left of Network Access Solutions (NASC.OB)? I know DSL.NET bought their DSL customer base, but are they still around doing something else?
Re: h-root-servers.net
No, why don't you stop insulting people, Niels. You attack Peter because of his involvment in the Inclusive Namespace. FYI: Public root servers are online and available. Maybe the h-root ops should ask the P-R technical committee for assistance if they cannot keep their servers up. - Original Message - From: Niels Bakker [EMAIL PROTECTED] To: Peter Dambier [EMAIL PROTECTED] Cc: nanog@merit.edu Sent: Sunday, October 23, 2005 3:48 PM Subject: Re: h-root-servers.net * [EMAIL PROTECTED] (Peter Dambier) [Sun 23 Oct 2005, 22:34 CEST]: I know of one host here in germany who can see h.root-servers.net. That host is living in a KPN data centre directly connected to Amterdam IX. Peter, please stop posting nonsense. -- Niels.
Re: Verizon outage in Southern California?
- Original Message - From: Hannigan, Martin [EMAIL PROTECTED] To: Matthew Black [EMAIL PROTECTED]; NANOG [EMAIL PROTECTED] Sent: Tuesday, October 18, 2005 4:35 PM Subject: FW: Verizon outage in Southern California? 507 E LEW is holding the most switching gear is likely a tandem. Um, I think this is the tandem code, PNTCMIMN50T, and it's servicing about 20 areas. Uhh, think you might have the wrong CLLI code. PNTCMIMN50T is in Pontiac, Michigan and yes, it is a tandem.
Corruption and Monopoly is the real Issue (was Re: Turkey has switched Root-Servers)
Is your problem that it takes X months/years to get a new TLD put into the normal ICANN Root system? Or is it that you don't like their choice of .com and want .common (or some other .com replacement?). There is a process defined to handle adding new TLD's, I think it's even documented in an RFC? (I'm a little behind in my NRIC reading about this actually, sorry) Circumventing a process simply because it's not 'fast enough' isn't really an answer (in my opinion atleast) especially when it effectivly breaks the complete system. No, the process is locked up by monopolistic ICANN. There is one issue no one has mentioned lately. There are people who have spend hundreds of thousands of dollars developing their TLD properties and they are effectivly being shut out of the market by ICANN. We shouldn't need ICANN's permission to operate our TLDs and if ICANN wont support our TLDs, then we need an alternative way to operate our businesses. We have a right to operate our TLDs and the Inclusive Namespace is the way, since it does not force us to pay protection money or force us to impose the horrid UDRP on our customers. A free market system would allow all business models to exist. ICANN and its bureaucracy is not needed, just a contractor to maintain the root zone file. ICANN was supposed to be a bottom-up, democratic, consensus driven organization and board members (a significant portion of them) elected by the internet citizens of the world. Almost before the ink was dry on the MOU, ICANN, under Mr. Roberts began backing down on their responsibility to operate the organization in a democratic way. Now very few (if any) of the board members are directly elected by internet citizens. The result: ICANN is a corrupt monopoly that attempts to shut out competitors. If they want something, the steal it, just like they stole .BIZ from Leah Gallegos. THAT is the problem with ICANN, and you know damn well it is.
Re: UNITED.COM (United Airlines) has been down for days! Any info on this?
Nice try, but the location that I was trying from did not use alternative root servers. FYI: They are Inclusive Namespace Servers. - Original Message - From: John Levine [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, September 03, 2005 1:49 PM Subject: Re: UNITED.COM (United Airlines) has been down for days! Any info on this? The United Airlines website appears to be down and has been down for = days. Is this a network issue or are they out of business?? Darn those pesky alternate root servers. R's, John
UNITED.COM (United Airlines) has been down for days! Any info on this?
The United Airlines website appears to be down and has been down for days. Is this a network issue or are they out of business??
Tiscali switches to Public-Root?? What do you think?
From their press release at http://www.tiscali.com/press/releases/10552825f1a.html ... As a result of this agreement, Tiscali will offer to its subscribers across Europe the access to the entire World Wide Web, including the new alternative domain names. The agreement underscores Tiscali's commitment to embrace technological developments that simplify, improve and expand the opportunities offered by internet ... John
NANOG List Server on several BlockLists
FYI: The IP address of the mail server that sends out NANOG list messages (198.108.1.26) is once again on most of the major RBLs.
Re: The whole alternate-root ${STATE}horse
- Original Message - From: Todd Vierling [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: nanog@merit.edu Sent: Saturday, July 09, 2005 10:46 AM Subject: Re: The whole alternate-root ${STATE}horse So what? DNS is one of the protocols where interoperability is not just desirable, it's MANDATORY. Businesses and individuals expect that when they publish an e-mail or Web site hostname, that it be theirs and only theirs no matter where on the Internet it is accessed. FQDNs are considered fixed points of entry, and alternate roots put that name resolution at risk. (But if you had actually read RFC2826, you would already understand this.) Please prove that Inclusive Namespace roots put name resolution at risk. Please show how the current NTIA root is more secure than other roots. Again, please refrain from emotional rhetoric driven by religion. What we need is sound technical arguments. Client side users, conversely, expect that published addresses by businesses or individuals go to the intended party. (But if you had actually read RFC2826, you would already understand this.) Introducing fragmented TLDs or the opportunity to supplant the common TLDs places the DNS infrastructure at risk. This is not just FUD -- DNS hijacking in alternate roots has already happened. (But if you had actually read RFC2826, you would already understand this.) Please post a link or give an example. If you mean .BIZ, I would agree, it was hijacked, but by ICANN, not by any Inclusive Roots. It belonged to AtlanticRoot and ICANN deliberatly created a collision. Collisions cause instability and the biggest one was caused by ICANN. 3. *Common sense.* [Erm, oh yeah, perhaps I shouldn't feed the troll. After all, this is the same guy who thinks that resurrecting the long dead concept of source routed e-mail is scalable.] Since when did the NANOG mailing list become your personal venue for flinging personal insults at other list members? Nope, not personal -- it's just good to make sure a troll is properly labeled as such. You know, like how cigarettes have bad-for-your-health warnings. For the record, I have never suggested that source-routing is a good idea for email nor have I ever suggested that source-routing is scalable. Okay, then, forced arbitration (which is interchangeably equivalent to source routing if the arbitrators handle the mail as it transits). Forced arbitration? - Not an Inclusive concept - but it is an ICANN concept (UDRP/WIPO). On the flip side, there was quite a bit of experience with alternate DNS roots at the time RFC2826 was created -- AlterNIC, which was run and advocated by people just as blinded by ignorance as you. Oh wait, your name wouldn't *actually* be Jim Fleming, would it? Todd, I can only ask, and you can ignore the request, but please try to refrain from posting religious/emotional arguments. Everything you have posted above is unsubstantiated and sounds like an emotional and religious position. It is not helpful to introduce emotion and religion into a technical debate about such an important topic. I ditto Karl's point about this sounding like the telco execs in the early 1970's. -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] John Palmer
Re: The whole alternate-root ${STATE}horse
- Original Message - From: Stephen J. Wilcox [EMAIL PROTECTED] To: John Palmer (NANOG Acct) [EMAIL PROTECTED] Cc: nanog@merit.edu Sent: Saturday, July 09, 2005 12:45 PM Subject: Re: The whole alternate-root ${STATE}horse I didnt realise it was that time of year again already, it feels like only a couple months since the last annual alternate root debate. Still its nice to see all the old kooks still alive and well and not yet locked up in mental homes. I'd better do my part to feed the trolls i guess... On Sat, 9 Jul 2005, John Palmer (NANOG Acct) wrote: Please prove that Inclusive Namespace roots put name resolution at risk. No proof is needed, this is not maths. If there are two roots then a query to each server has the potential to return a different reply. The chance of this happening increases over time plus if an alternate root were to become popular their power to challenge authority if a class were found grows. The potential, yes, but what Inclusive namespace roots do you know that create such collisions (other than ICANN with its cloning of .BIZ)? What kind of credibility do you think such a root would have if they answered with the wrong set of nameservers for, say .COM. What is technically possible and what actually ocurrs are two different things. I can use a sledgehammer to pound in tent stakes at a refugee camp for victims of the tsunami or I can smash up people's cars with them. Show me how any of the current Inclusive Roots have done these kinds of things. The only example is ICANN and .BIZ. Client side users, conversely, expect that published addresses by businesses or individuals go to the intended party. This is the key point, clients and domain owners need this consistency. Read this a few times and consider how you'd feel if $large_provider decided to point your domain name or their competitors domains to their website .. its the same problem. Introducing fragmented TLDs or the opportunity to supplant the common TLDs places the DNS infrastructure at risk. This is not just FUD -- DNS hijacking in alternate roots has already happened. (But if you had actually read RFC2826, you would already understand this.) Please post a link or give an example. If you mean .BIZ, I would agree, it was hijacked, but by ICANN, not by any Inclusive Roots. It belonged to AtlanticRoot and ICANN deliberatly created a collision. Collisions cause instability and the biggest one was caused by ICANN. Those who consider ICANN the authority would disagree, I believe those are the majority. Steve Still awaiting facts and examples to prove you point and all I get back is a religious argument. Sigh. John
Re: The whole alternate-root ${STATE}horse
- Original Message - From: Todd Vierling [EMAIL PROTECTED] To: Jay R. Ashworth [EMAIL PROTECTED] Cc: nanog@merit.edu Sent: Saturday, July 09, 2005 12:51 PM Subject: Re: The whole alternate-root ${STATE}horse On Sat, 9 Jul 2005, Jay R. Ashworth wrote: I'm going to dive in one more time here. It's not the *root* operators that are the problem -- it's the *TLD* zone operators. Oh, I can certainly agree with that; we've seen some gross abuses of TLDs documented in gory detail right here on the NANOG list. Of course, that too is orthogonal to who provides the delegations in . -- except that perhaps some misguided souls are, as is relatively common, confusing the two realms. Introducing fragmented TLDs or the opportunity to supplant the common TLDs places the DNS infrastructure at risk. This is not just FUD -- DNS hijacking in alternate roots has already happened. (But if you had actually read RFC2826, you would already understand this.) infrastructure at risk. Justify this *far-reaching* statement, please. Show your work. AlterNIC overriding .COM and .NET listings, one of the issues leading to its demise. (This was done in addition to the more memorable cache poisoning attacks against INTERNIC.NET.) Yes, and Eugene was punished for that. Notice that AlterNic really doesn't exist anymore. Repeat after me - COLLISIONS ARE BAD! We all agree with that. -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] John
Re: The whole alternate-root ${STATE}horse
No William, we are talking about multiple roots, NOT separate namespaces. There is one namespace. There cannot be collisions. Inclusive roots do not create collisions - only ICANN has done that so far. There are people who have a great disagreement about how ICANN is going about its business. There is a large piece of the world that doesn't want ICANN to be the authority. No public RSN that cares about its credibility will create collisions. - Original Message - From: william(at)elan.net [EMAIL PROTECTED] To: John Palmer (NANOG Acct) [EMAIL PROTECTED] Cc: nanog@merit.edu Sent: Saturday, July 09, 2005 2:05 PM Subject: Re: The whole alternate-root ${STATE}horse On Sat, 9 Jul 2005, John Palmer (NANOG Acct) wrote: Repeat after me - COLLISIONS ARE BAD! We all agree with that. But you can't avoid collisions with multiple namespaces. This is exactly why Internet needs IANA - to avoid collisions in TLD names, used ip addresses, protocol parameters, etc. What you're doing with separate namespace is as if you took some part of the currently unused IP space and setup your own BGP peering network for those using that space with your own registry, but also accepted routes from Intenet peers on the same router mixing it all up. -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: Enable BIND cache server to resolve chinese domain name?
ICANN has no right to claim that they are the authority for the namespace. They are NOT. Also note the word PUBLIC in PUBLIC-ROOT. - Original Message - From: Mark Andrews [EMAIL PROTECTED] To: Joe Shen [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; NANGO nanog@merit.edu Sent: Sunday, July 03, 2005 9:12 PM Subject: Re: Enable BIND cache server to resolve chinese domain name? Hi, Some of our customer complaint they could not visit back to their web site, which use chinese domain name. I google the net and found some one recommend to use public-root.com servers in hint file. I found domain name like xn--8pru44h.xn--55qx5d could not be resolved either. Our cache server runs BIND9.3.1 with root server list from rs.internic.net. Do I need to modify our cache server configuration to enable it? regards Joe Only if you wish to do all your other customers a disfavour by configuring your caching servers to support a private namespace then yes. I would have thought the Site Finder experience would have stopped people from thinking that they can arbitarially add names to to the public DNS. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
Re: NTIA will control the root name servers?
Already entire nations are dropping ICANN. China for one and now Turkey. Istanbul, June 23, 2005 A Top Level Domain (TLD) system has been launched in Turkey as the result of an alliance between the Turkish Informatics Association (TBD) and Unified Identity Technology (UNIDT), officials announced on Wednesday. Top Level Domain is the portion of a traditional domain name that comes after the dot. The generic Top Level Domains (gTLDs) are: .com, .net and .org, the other type of TLDs include the country code Top Level Domains (ccTLD), which are assigned to all countries and their dependencies such as .tr for Turkey. Top Level Domains (TLD) will be put up for sale by Turkish Internet service providers, Turkish Informatics Association Chairman Turhan Mentes said. Mentes said the deal with UNIDT might offer new possibilities for Turkish corporations, as they will be free to use their own names as domain names on the Internet. Access to TLDs is supported by a federation called Public-Root, which emerged due to shortcomings in the existing Internet infrastructure and monopolistic tendencies, Mentes said. TLDs also single out search results, instead of hundreds or thousands of results one gets when using the search engines on ordinary servers. Mentes said Public-Root supports the existing Internet domains and one of the 13 root servers worldwide is located in Ankara. Taken from http://www.turkishdailynews.com.tr/article.php?enewsid=16484 (Registration required to access full article) - Original Message - From: Suresh Ramasubramanian [EMAIL PROTECTED] To: John Levine [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, July 02, 2005 9:18 PM Subject: Re: NTIA will control the root name servers? On 2 Jul 2005 11:56:07 -, John Levine [EMAIL PROTECTED] wrote: ICANN's leadership has long claimed and probably believed that the DOC would eventually cut them free. Of course other governments have never been thrilled that the root belongs to the US Gov't, but treatment of country domains has in practice carefully avoided antagonizing governments, dating back to the Haiti redelegation in the Postel era. The DOC is merely saying don't hold your breath. Given ICANN's less than stellar record, nobody should be surprised. I at least kind of expected this.. and the language in that paper is heavily geared towards status quo. So far what we have is a lot of people who dont like icann, or perhaps have got disillusioned with it for various reasons, sounding off on the IP list and elsewhere .. and a lot of comment on various ops and public policy lists. What worries me is the tendency among several governments to send in submissions to the WSIS/WGIG process in support of greater government involvement and/or oversight in the process (which is not necessarily a bad thing) but quoting a lot of wrong reasons, and [conveniently?] forgetting the difference domain names and IP addresses on a fairly regular basis However governments are going to sooner or later get themselves a stake in this process - though hopefully not by the almost anarchical means being suggested so far. Will be very tough to fight that - especially as the language in the paper also leaves the door open for more government involvement, and recognizes the fact that for several governments, ccTLD is [or has become, once this brouhaha started] a sovereignity issue. Someone have any idea for a workable compromise that bridges the current ITU positions with the status quo? Answers that wont work and have been fairly freely bandied about - get rid of ICANN and damn the ITU, or various more polite and diplomatic variants of those .. -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: ICANN needs you!
How about supporting alternatives to ICANN, which are getting more and more widespread and accepted like www.public-root.com and www.inaic.com ? - Original Message - From: Eric Brunner-Williams in Portland Maine [EMAIL PROTECTED] To: Rodney Joffe [EMAIL PROTECTED] Cc: nanog@merit.edu; [EMAIL PROTECTED] Sent: Friday, April 29, 2005 8:12 AM Subject: Re: ICANN needs you! Rodney, Can you compare the past out-reach exercises and the present one? You know, process and outcomes. I'm thinking of the process and outcome of the MITF exercise of 2002/3. It is now seven years since the issue of appropriation of tribal names was brought to the attention of the ICANN BoD in an ICANN VI-B(3)(b)(7) Constituency Application. The situation remains unchanged. On a personal note, I still recall then-CEO Michael Roberts telling me to just take what the IPC offered (nothing), as the ICANN bus was leaving the station. It is now six years since the issue of code point allocation by the iso3166 maintenance agency and indigenous governments was brought to the attention of the ICANN BoD in WG-C (draft-icann-dnso-wgc-naa-01.txt). The situation remains unchanged. The model of an sTLD was adopted, but sex.pro was not what we'd in mind. Had Jon not died, we might have had a solution along the lines of x.121 (and now ASO RIRs) regional DSO registries, or a .ps-like work-around. We going on the third year of .iq being dark, with no trust operator, and no contact initiated by ICANN with the Sponsoring Organization, still in a US pokey for an exports infraction (they freighted a PC to Malta, which the forwarding agent then sent to Lybia, and may have freighted a PC to Syria, about an hour's drive from Beruit). From Louis to the BoD @ Rome to Vint and Paul over the winter holidays, ICANN has been aware and the situation remains unchanged. The .ORG evaluation was rediculous. The evaluator was not independent or posses subject matter expertise. The .NET evaluation was rediculous. The evaluator ... ditto. The control of the DSO et seq by the IPC (whois) is rediculous. The vanishing of the ISP Constituency (self-inflicted, but rational in the context, see the prior item) is rediculous. When I look at my years of non-accomplishment, and ICANN's years of little accomplishment, I don't see a lot a rational person could take a lot of pride in, or want to be associated with. Your milage may vary. You are correct that [t]he archives of NANOG are riddled with complaints and comments about the lack of competent representation and influence for the networking community within ... ICANN. An alternative to asking for a new crop of possibly decorative worker bee candidates to self- or other-identify for a possibly decorative nomination and selection process is to identify one of more of those existing complaints and comments and attempt to act upon it or them. Beauty pagents and member pageout events aren't the same as working a task to a scheduled completion. Cheers, Eric P.S. If discussion of the latest ICANN process event does not belong on NANOG, does its announcement?
Re: New IANA IPv4 allocation to AfriNIC (41/8)
Thank you for that information. I can leave 41/8 in my router bogon list and hopefully eliminate the Nigerian 419 problem somewhat. - Original Message - From: Doug Barton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 12, 2005 21:42 Subject: New IANA IPv4 allocation to AfriNIC (41/8) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC For a full list of IANA IPv4 allocations please see: http://www.iana.org/assignments/ipv4-address-space This is the first allocation to AfriNIC after their recent recognition as a Regional Internet Registry. The ICANN staff would like to offer its congratulations to AfriNIC for this significant achievement. - -- Doug Barton General Manager, The Internet Assigned Numbers Authority -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCXIcvwtDPyTesBYwRAi3eAJ9/+Dr9XZcD4xEeEhGv8f51YjYaEACgib9Z HBliA/KP+Xsbe1Bp/poOJfM= =+Z/c -END PGP SIGNATURE-
Re: New IANA IPv4 allocation to AfriNIC (41/8)
You do know that I was joking, don't you?? Sorry, I didn't know that NANOG has a humor filter on it. - Original Message - From: Scott Weeks [EMAIL PROTECTED] To: nanog@merit.edu Sent: Wednesday, April 13, 2005 16:26 Subject: Re: New IANA IPv4 allocation to AfriNIC (41/8) This is to inform you that the IANA has allocated the following one (1) IPv4 /8 block to AfriNIC: 41/8 AfriNIC To those suggesting a block of 41/8 to stop the Nigerian 419 problem or any other percieved problem: C'mon Africa != Nigeria. It's an entire friggin' continent with 53 other countries besides Nigeria. How does that saying go? I encourage my competitors to do this. (Oh yeah, don't forget to block all Chinese IP addresses while you're at it. That's only one country... 8-) Do you REALLY think blocking 41/8 will stop those emails? AfriNIC just received final recognition as the 5th RIR by ICANN a few days ago after 8 years of hard work. Give 'em a break! See www.afrinic.net scott
Re: NYTimes: Purloined Domain Name Is an Unsolved Mystery
Please do not post links to sites that require registration. Some people dont want to let marketers have their information and its rude to send links that dont work anonymously. - Original Message - From: Hank Nussbacher [EMAIL PROTECTED] To: nanog@merit.edu Sent: Tuesday, January 18, 2005 9:33 Subject: NYTimes: Purloined Domain Name Is an Unsolved Mystery http://www.nytimes.com/2005/01/18/technology/18domain.html -Hank
Terminal Servers (was Re: netblazer Was: baiting)
Netblazers were fine except the Telebit lied about the SYN35 card being usable with a T-1. Bad terminal servers? How about overpriced ones like the USR Total Control Hubs. - Original Message - From: Robert E.Seastrom [EMAIL PROTECTED] To: Eric Brunner-Williams in Portland Maine [EMAIL PROTECTED] Cc: Hannigan, Martin [EMAIL PROTECTED]; [EMAIL PROTECTED]; nanog@merit.edu Sent: Tuesday, January 18, 2005 10:10 Subject: Re: netblazer Was: baiting Eric Brunner-Williams in Portland Maine [EMAIL PROTECTED] writes: In this period of time, the White Knights built the InterOp shownets and we had comparative access to quite a lot of vendor product, and know that the red buttons on Wellfleets were correctly positioned on the front, for easy access. We used NetBlazers for dial-up outbound (we were topologically quite diverse by '91, our last show in the San Jose facility) and I don't recall anything ... resembling the behavior that I could characterize as POS like function. My recollection of that show was T-1 to BARRnet, not bonded-Netblazer-dialout, but I didn't work the show until the following spring, so my recollection could be at fault. I wouldn't characterize Netblazers as being particularly cruddy compared to other options available at the time. Remember that this was the era of the Cisco ASM, the Encore/Xylogics Annex (Wellfleet hadn't changed their name to Bay yet, much less bought the Annex product line), some nasty 3com terminal server of which my memory has thankfully purged most details and the gone but not lamented Cisco TRouter. The Netblazers worked pretty darned well when plugged into Telebit modems. Third party modems, well, there were a lot of knobs you could twist, and not the best in the way of documentation on what to do with 'em. Based on my experience with them, I'm quite sure they were fabulous devices capable of being configured in the field to do just about anything, if you had the level of familiarity with their internals that someone who worked QA for them would have had. ---Rob
Re: Association of Trustworthy Roots?
See http://www.public-root.com for an alternative to the ICANN monopoly. Those folks are very concerned with security. - Original Message - From: [EMAIL PROTECTED] To: nanog@merit.edu Sent: Sunday, January 16, 2005 3:45 PM Subject: Re: Association of Trustworthy Roots? On 16 Jan 2005 at 21:31, Elmar K. Bins wrote: [EMAIL PROTECTED] (William Allen Simpson) wrote: While the Association of Trustworthy ISPs idea has some merit, we've not been too successful in self-organizing lately. ISP/C? I thought we already had built such a thing, currently covered by ICANN. let's think outside the box. there's no reason that nanog (or anyone willing to run a mailing list) couldn't create an ad hoc decentralized Trustworthy ISP/Root service. heck, such a thing may even encourage more active participation in nanog. having a shared group identity where the rubber meets the road is very powerful. it's the underlying motivator behind the nanog, xBSD, GPL, torrent, tor, (pick your non- hierarchical community driven project), etc. clans. there's also no reason that this has to replace ICANN. and it would likely have the exact result on existing entities that you mention below - improved trustworthiness. peace But well...life changes everything, and for some (or many) or us, this association doesn't seem so trustworthy anymore. Maybe it would be better to improve trustworthiness of the existing authorities. I believe there is still much room for participation, not to mention political issues you simply cannot counter on a technical level. At the moment, I'm concerned whether we have trustworthy TLD operators. One can never know what's going on behind the scenes. Maybe Verysign is on the issue, maybe not. I believe, there are at least three VS people on this list who could address this. I don't know whether they are allowed to. It's been about 24 hours, it is well-known that the domain has been hijacked, we've heard directly from the domain owner and operator, but the TLD servers are still pointing to the hijacker. By chance - how is the press coverage of this incident? Has anybody read anything in the (online) papers? Unfortunately I haven't been able to follow the newsboards intensely this week-end, but Germany seems very quiet about this. Yours, Elmar.
Re: Association of Trustworthy Roots?
They don't have a mailing list that is public yet. Might be a good suggestion. - Original Message - From: [EMAIL PROTECTED] To: nanog@merit.edu Sent: Sunday, January 16, 2005 5:35 PM Subject: Re: Association of Trustworthy Roots? On 16 Jan 2005 at 15:52, John Palmer (NANOG Acct) wrote: See http://www.public-root.com for an alternative to the ICANN monopoly. Those folks are very concerned with security. these folks don't seem very decentralized. do you know if they have a public mailing list? there doesn't seem to be much information on the website. - Original Message - From: [EMAIL PROTECTED] To: nanog@merit.edu Sent: Sunday, January 16, 2005 3:45 PM Subject: Re: Association of Trustworthy Roots? On 16 Jan 2005 at 21:31, Elmar K. Bins wrote: [EMAIL PROTECTED] (William Allen Simpson) wrote: While the Association of Trustworthy ISPs idea has some merit, we've not been too successful in self-organizing lately. ISP/C? I thought we already had built such a thing, currently covered by ICANN. let's think outside the box. there's no reason that nanog (or anyone willing to run a mailing list) couldn't create an ad hoc decentralized Trustworthy ISP/Root service. heck, such a thing may even encourage more active participation in nanog. having a shared group identity where the rubber meets the road is very powerful. it's the underlying motivator behind the nanog, xBSD, GPL, torrent, tor, (pick your non- hierarchical community driven project), etc. clans. there's also no reason that this has to replace ICANN. and it would likely have the exact result on existing entities that you mention below - improved trustworthiness. peace But well...life changes everything, and for some (or many) or us, this association doesn't seem so trustworthy anymore. Maybe it would be better to improve trustworthiness of the existing authorities. I believe there is still much room for participation, not to mention political issues you simply cannot counter on a technical level. At the moment, I'm concerned whether we have trustworthy TLD operators. One can never know what's going on behind the scenes. Maybe Verysign is on the issue, maybe not. I believe, there are at least three VS people on this list who could address this. I don't know whether they are allowed to. It's been about 24 hours, it is well-known that the domain has been hijacked, we've heard directly from the domain owner and operator, but the TLD servers are still pointing to the hijacker. By chance - how is the press coverage of this incident? Has anybody read anything in the (online) papers? Unfortunately I haven't been able to follow the newsboards intensely this week-end, but Germany seems very quiet about this. Yours, Elmar.
Re: ad.doubleclick.net missing from DNS?
Now the question is, can one easily block all of doubleclick.net by 127.0.0.1 in the hosts file on a wincrash box? They appear to have ad, ad2, ad3, m2, m3.doubleclick.net. Anyone know what hosts to list??? (ie: ad2, ad3 ... to adx???) - Original Message - From: Henry Linneweh [EMAIL PROTECTED] To: Sean Donelan [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, July 27, 2004 17:10 Subject: Re: ad.doubleclick.net missing from DNS? While I disagree with the method of the attacker, I can understand the reasoning behind an attack on a company that is considered a spyware company, doubleclick certainly has turned up more than once on my version of spybot as a site to block. -Henry --- Sean Donelan [EMAIL PROTECTED] wrote: http://www.washingtonpost.com/wp-dyn/articles/A18735-2004Jul27.html DoubleClick spokeswoman Jennifer Blum said the attack targeted the company's domain name servers (DNS) -- machines that help direct Internet traffic -- causing severe service disruptions for all 900 of its customers. Blum said the outage was caused by a distributed denial-of-service attack, in which hackers use the firepower of thousands of hijacked computers to flood a Web site with so many bogus Web page requests that it renders the site unavailable to legitimate users. [...] The FBI is not investigating the incident because DoubleClick has not filed a report, said bureau spokeswoman Megan Baroska.
What HTTP exploit?
Can anyone identify this http exploit? Seen in the apache logs: foo.bar.com - - [30/May/2004:02:45:28 -0400] SEARCH /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\ x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb 1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\ xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1 etc - and it goes on for about 1200 bytes. Been getting an annoying number of these in my httpd logs today - it botches up my log analyser program.
Stop Being Lazy when Quoting EMails (was Re: [IP] VeriSign prepares to relaunch Site Finder -- calls)
Excuse me, but WATCH what you do when you are quoting people. I did not post the remarks that you attribute to me in the message below, in fact I cannot even find them in any message to which I replied. - Original Message - From: Laurence F. Sheldon, Jr. [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 09, 2004 13:16 Subject: Re: [IP] VeriSign prepares to relaunch Site Finder -- calls Måns Nilsson KTHNOC wrote: --On Monday, February 23, 2004 12:43:40 -0600 John Palmer [EMAIL PROTECTED] wrote: funny thing, all those wackos are always posting using From: addresses in TLDs approved by the system they detest. wonder why they aren't using their own wonderful, free domains. Because they are busy pedaling their calendars to keep them up to date? -- Requiescas in pace o email
Contact from (what used to be) CAIS (AS 3491).
Could someone from whoever owns CAIS Internet (AS3491) please contact me offlist? One of your customers has a machine that is making a lame attempt at a DDOS attack. Although ineffectual, it is causing a slight uptick in bandwidth usage and we need to get this stopped before I take it to your upstream. Thanks John P. American Webmasters, Inc.
Re: Possibly yet another MS mail worm
In this case, it is the IDIOIT users. You tell them time and time again DONT CLICK ON ATTACHMENTS UNLESS SOMEONE YOU KNOW IS SENDING IT AND TELLS YOU IN ADVANCE THEY ARE SENDING IT. The problem is dumb users who DONT LISTEN. This is mostly the office crowd. The real imbeciles are people operating a broadband connection without a license. Letting a computer illeterate, typical beer guzzling, porno hunting hick have a computer with a DSL/cable connection should be a capital offense. Those are where most of the zombies are located. When you use words like attachment and '.exe' with them, their eyes just sort of glaze over. Hey, all I do is point and click and it just works. We need to cleanse the gene pool of these kinds, or at least take away their dsl connections. - Original Message - From: Sam Stickland [EMAIL PROTECTED] To: Curtis Maurand [EMAIL PROTECTED]; Todd Vierling [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, March 01, 2004 10:06 Subject: Re: Possibly yet another MS mail worm Curtis Maurand wrote: On Mon, 1 Mar 2004, Todd Vierling wrote: On Mon, 1 Mar 2004, Curtis Maurand wrote: Sure they doits called COM/DCOM/OLE/ActiveX or whatever they want to call it this week. Its on every windows system. No, my point was that the majority of newer trojan mail viruses don't depend on ActiveX exploits -- they simply wait, dormant, for a n00b to click on this mysterious-looking Zip Folder, and the mysterious-looking EXE inside. It's as if the modern e-mail viruses are closer to human infections. Only the clueful are immune. 8-) The latter is very true. My point is that the COM/DCOM/OLE/ActiveX is what allows for a script in an email message that gets executed to have access to the rest of the system, rather than executing within a protected sandbox. Of course scripts within email messages shouldn't execute at all. Once they do execute, they have access to the OLE objects on the machine. Its a security hole big enough to drive a tank through. I don't think that defines the problem very well. The current Bagle.C virus does the following: W32/Bagle-C opens up a backdoor on port 2745 and listens for connections. If it receives the appropriate command it attempts to download and execute a file. W32/Bagle-C also makes a web connection to a remote URL, thus reporting the location and open port of infected computers. Adds the value: gouday.exe = SYSTEM\readme.exe to the registry key: HKCU\Software\Microsoft\Windows\CurrentVersion\Run This means that W32/Bagle-C runs every time you logon to your computer It also uses it's own SMTP engine to replicate itself. So effectively it's opening a connection to port 80 (from an unprivileged port), listening on port 2745 (an unprivileged port), and opening connections to port 25 (from an unprivileged port). Maybe I'm missing something here, but where does access to OLE objects come into play? Also this virus would appear to function just as well even if a non-adminstrator user opened it. Sam
Re: Possibly yet another MS mail worm
- Original Message - From: [EMAIL PROTECTED] To: Henry Linneweh [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, March 01, 2004 12:59 Subject: Re: Possibly yet another MS mail worm On Mon, 01 Mar 2004 10:35:05 PST, Henry Linneweh [EMAIL PROTECTED] said: Everyday there is a new, news article on this and every day everyone panics and eeryday some one says tell the government to make a law, it is time to realize that no law is going to do anything for anyone soon. In the past we just took care of the problem and we can do the same now by sharing the solutions we shared then for FREE. The basic problem is that for the average ISP, requiring the users to have a clue and to use secure software is financial suicide. insert obligatory Randy Bush reference here. Until something happens to change the cost/benefit ratios, we're stuck with it. Remember that vendor lock-in is an issue - why should the user spend all the time/money of obtaining new software and learning how to use it if they're currently not experiencing high amounts of cost/pain? Many users will write off I'm only losing 2 or 3 days of work a year due to virus/worms and balance that against Moving to anything else would screw things up for 2 weeks while I relearn and reconfigure, and decide it's not worth changing... I am kind of torn between new legislation to force users to clean up their machines when infected vs letting things go becuase I don't like government intervention, in general. I guess if society deems it a big enough problem, they'll push for legislation. Right now, folks don't seem to mind absorbing the cost of these worms. Till this changes, I don't think anything will get done, either on the technical or legal side.
Re: [IP] VeriSign prepares to relaunch Site Finder -- calls
Paul, you have no problem support the corrupt ICANN monopoly. The colonists and minutemen were called their day's name for whackos as well. You have the right to speak without being shot for your opinion because those whackos fought and died to make it so. Just remember that the next time you fling that word around. ICANN is a threat to freedom on the internet. There is no technical reason why there cannot be 1,000's of TLDs out there, except that it foils someone's monopoly stranglehold on one of the few chokepoints of the internet. The biggest threat is from WIPO which is trying to control the namespace and use it as a fulcrum to enforce their narrow intellectual property interests. WIPO has no place in the namespace and its UDRP is just a method for rich and powerful interests to steal domains from poor people, especially those in less-than-well-to-do countries. I will never stop fighting against that kind of thing, nor will others in this struggle. There are many people who have been working against this unacceptable state of affairs for many years, myself included and I will not let you mis-characterize our struggle. John Palmer - Original Message - From: Paul Vixie [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, February 23, 2004 12:22 Subject: Re: [IP] VeriSign prepares to relaunch Site Finder -- calls [EMAIL PROTECTED] (Randall Pigott) writes: I am curious what the operational impact would be to network operators if, instead of Verisign using SiteFinder over all com and net, Verisign or their technology partner for SiteFinder began coercing a large number of independent ISPs and network operators to install their form of DNS redirection at the ISP-level, until all or most of the end-users out there were getting redirected. It would be no worse than NEW.NET or any other form of DNS pollution/piracy (like the alternate root whackos), as long as it was clearly labelled. As an occasional operator of infrastructure, I wouldn't like the complaint load I'd see if the customers of such ISP's thought that *I* was inserting the garbage they were seeing. So I guess my hope is, it'll be opt-in with an explicitly held permission for every affected IP address (perhaps using some kind of service discount or enhancement as the carrot.) -- Paul Vixie
Re: Open, anonymous services and dealing with abuse
I hate to see government get involved in anything, but perhaps some law holding PC owners responsible for SPAM that comes from their unpatched machines AS LONG AS there is ample notification to that user that their machine is compromised. Also, ISP's should be held responsible for allowing unpatched machines to be connected to them and for e-mail to be propagated from their. Sounds like an unfunded mandate, and it probably is, but there is the concept of attractive nusaince in the law now. Again, any law would need to be designed to allow for AMPLE notification to the owner of the offending machine/ISP to allow time for them to fix it. Only then would there be a requirement that their ISP disconnect them or face fines. - Original Message - From: william(at)elan.net [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 17, 2004 15:27 Subject: Re: Open, anonymous services and dealing with abuse On Tue, 17 Feb 2004 [EMAIL PROTECTED] wrote: Trojaned PCs and zombie proxies relaying spam are like cold sores; they don't kill anyone, they just make things mildly uncomfortable, so we numb them over, and go about our business like normal, even if that includes allowing the infection to spread even further. If proxies *did* kill, then yes, we'd take them seriously; but anything short of that, and real life tells us we won't take them seriously enough to try to do real research into ultimately stamping them out. But proxies do kill - the trojaned owned PCs are and have been for years used to create distributed DoS attacks which can easily kill a site or even smaller network. There is enourmous potential harm to from them and that is in addition to normal everyday less articulated harm because of spam and more that mail servers and other infrastracture is being used for it. ISPs end up paying for all this. Everybody thinks if its not us, we don't have problem so we dont want to spend anything to fix it - bu its not true, you already are paying for it due to increased cost of operation. The cost of fixing your own network even 50% of other ISPs did it, would in the end be smaller. -- William Leibzon Elan Networks [EMAIL PROTECTED]
1/8 and 2/8 (was Re: New IPv4 Allocation to ARIN)
What about 1/8 and 2/8? Are those being reserved for something special - Original Message - From: [EMAIL PROTECTED] To: Owen DeLong [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, January 19, 2004 16:55 Subject: Re: New IPv4 Allocation to ARIN I don't know for certain and I'm guessing based on existing pattern (although for 70/8 ARIN did mention at one point it will be allocated to them I think). The pattern is that IANA tries to allocate blocks consequently to RIRs (don't know why, its not like like RIRs would be announcing blocks as /7 :) and right now this looks as as follows: ARIN: 64/8 - ... - 79/8 (so next one is 71/8, then 72/8, etc) RIPE: 80/8 - (so next one 85/8) APNIC: 218/8 - 223/8 (note: 223/8 had reserved /24 and APNIC turned down this allocation, so it remains in reserve) 61/8 - 58/8 (so next one I'll guess to be 59/8, then 58/8) Also I'm going to make a prediction that after 58/8, the next block maybe 126/8 counting backwards again towards RIPE blocks LACNIC: 200/8 - 201/8 (I'm not certain which will be next, if I have to guess, it might be 49/8 and 50/8) AFRINIC: 196/8 - 197/8 (too far away to guess any other ones) We'll see how correct these predictions are, lets come back to this in say year 2010 and then you can get me for being so very wrong :) On Mon, 19 Jan 2004, Owen DeLong wrote: Not to rain on your parade, but, how do you know 71 will go to ARIN and not to RIPE, APNIC, or LACNIC or AfriNIC? Owen --On Monday, January 19, 2004 9:27 -0800 [EMAIL PROTECTED] wrote: It has been known for quite some time that next block to be allocated to ARIN is 70/8 (and next one will be 71/8). It might have been nice if ARIN were to run projections and inform community that by its projections it will be requesting new /8 ip block in say 2 month time. On Mon, 19 Jan 2004, Daniel Karrenberg wrote: On 16.01 13:13, [EMAIL PROTECTED] wrote: ... Alternatively, the RIRs might consider doing this sort of thing before allocating IPs from new blocks. I know it's not their job to make sure IPs are routable (especially not on every remote network), but as holders of all the IPs, they are in the best position to setup such test sites that would expose problems before they're dumped on members. Personally I agree with you and I will argue accordingly in the relevant places. Cooperation with the bogon project seems logical too. Daniel
Re: /24s run amuck
And then there are the upstreams that filter legacy /24's Seen that too... - Original Message - From: Patrick W.Gilmore [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: Patrick Gilmore [EMAIL PROTECTED] Sent: Tuesday, January 13, 2004 15:13 Subject: Re: /24s run amuck On Jan 13, 2004, at 4:04 PM, Vadim Antonov wrote: On Tue, 13 Jan 2004, Michael Hallgren wrote: On Jan 13, 2004, at 6:33 AM, Michael Hallgren wrote: Unfortunately, I've seen Peering Policies which require things like Must announce a minimum of 5,000 prefixes. :( Wonderful... mh Easy to fix by changing to covering N million IP addresses - but, then, that becomes an address space conservation issue. Yeah, that makes sense 'cause the utility of my network is directly related to the number of IPs in it. Er, um, uh Maybe not. -- TTFN, patrick
Re: Utility Mapping to be featured at the 2003 DPC in Tampa
Anyone with half the brains can figure out how to cause trouble just by driving down the street. You don't need any maps. Also public information tells alot about things. The Michigan PUC just finished their study of the August 14th blackout and has issued their report. In it it has a section that outlines the restoration procedures the DTE and ITC (the transco) took to restore service. In this sections, there were phrases like then they energized the 345 KV ring bus at substation XXX and restored service to 70% of Macomb county. So, if someone read this and wanted to cause trouble they would say Hey, all I need to do it take out substation XXX and 70% of Macomb county will be out. If you want to find major substations, just find one and then use MapQuests satellite photo feature to follow the parade of transmission towers to all of the other major ones. I got bored one day and did this for about 2 hours, just for the hell of it. Found the Thetford and Hampton subs just by map-hopping on Mapquest. My point: Any map will not give substantially more information than is already available to the public. One of the scarier sides of us being such an open society. - Original Message - From: Sean Donelan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 07:18 Subject: Utility Mapping to be featured at the 2003 DPC in Tampa Remember how the government got upset a graduate student generated maps of underground utilities, and there were suggestions that his project be classified. Or was the real problem was he had figure out how to do it cheaply, and wasn't planning to sell the information for large sums of money? Utility Mapping to be featured at the 2003 DPC Burnsville, MN (November 5, 2003) - Underground utility mapping will be one of the features of the program for the 2003 Damage Prevention Conference and Exposition (DPC) to be held December 3-5 at the Tampa Convention Center in Tampa, FL. Accurate maps of underground facility locations are still difficult to obtain in many parts of the nation, but you can find solutions at the 2003 DPC! Historically, manual record keeping of locations of underground energy, water and communications systems has been inadequate, and consequences continue to surface as facility owners work to maintain and protect their systems. New technologies and systems are coming on-line to upgrade the map records of these vital underground delivery systems. These include computerized mapping systems, geospatial information databases, and use of global positioning satellites (GPS) to accumulate field data on existing utilities. [...] The exhibit hall will feature a mapping and technology pavilion with vendors showcasing a wide array of products from GIS, GPS, AM, FM, One Call Ticket Management Systems and much, much more! A sampling of the 2003 Mapping Technology Pavilion exhibitors include: [...]
Re: Utility Mapping to be featured at the 2003 DPC in Tampa
Its at http://www.michigan.gov/documents/mpsc_blackout_77423_7.pdf - Original Message - From: daniel lance herrick [EMAIL PROTECTED] To: John Palmer [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 10:25 Subject: Re: Utility Mapping to be featured at the 2003 DPC in Tampa On Thu, 6 Nov 2003, John Palmer wrote: Also public information tells alot about things. The Michigan PUC just finished their study of the August 14th blackout and has issued their report. In it it has a section that outlines the restoration procedures the DTE and ITC (the transco) took to restore service. Is that report on the web? (I didn't find it in the first seven pages of my Google search, but it could be not yet indexed.) Would you share the URL? dan
Any RBLs still alive that list DSL/Dialup/Cable Modem dynamic addr ranges?
Are there any RBLs still out there that list cable modem, dialup and dsl IPs? (anything dynamically assigned or home users)? DIALUPS.MAIL-ABUSE.ORG does not seem to be functioning.
Re: Any RBLs still alive that list DSL/Dialup/Cable Modem dynamic addr ranges?
Thanks for everyone's suggestions - I've found two apparently very good ones thanks to others on the list. John - Original Message - From: Margie Arbon [EMAIL PROTECTED] To: John Palmer [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, October 15, 2003 12:58 Subject: Re: Any RBLs still alive that list DSL/Dialup/Cable Modem dynamic addr ranges? --On Wednesday, October 15, 2003 11:51 AM -0500 John Palmer [EMAIL PROTECTED] wrote: Are there any RBLs still out there that list cable modem, dialup and dsl IPs? (anything dynamically assigned or home users)?
Re: Pitfalls of annoucing /24s
Good question. You know there are thousands of legacy /24's out there that were allocated by IANA as /24's How can you aggregate them up if all you have is the /24? To those who filter out /24's - how is this done - just by the netmask size? - Original Message - From: Jean-Christophe Smith [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, October 15, 2003 15:34 Subject: Pitfalls of annoucing /24s In current practice would there be serious jeopardy of portions of the internet not being able to reach this address space due to bgp filters or other restrictions? What is the smallest acceptable block of IPs that can be announced without adverse or unpredictable results? Verio would most likely be picking up these routes from us. I don't want to cause a religious debate, but I am interested in what the industry consensus is. I'm just doing some research, any comments would be appreciated. Thanks, Jean-Christophe Smith
Rack space in Chicago.
Looking for rack space in Chicago to house 2 - 2U servers, a cisco 3620, a hub and flat panel/keyboard tray. Will need net access and 8 ip addresses. Low bandwidth usage. Contact me at user info at domain adns.net.
Re: Worst design decisions?
Thats to prevent it from being disconnected accidentally (or for any other reason :-) When I get my hands on one of those, I clip off the hood with a pair of manicure scissors. - Original Message - From: Gerald [EMAIL PROTECTED] To: Daryl G. Jurbala [EMAIL PROTECTED] Cc: nanog list [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:16 Subject: RE: Worst design decisions? On Thu, 18 Sep 2003, Daryl G. Jurbala wrote: * PCs with built in Ethernet that is so close to a lip on the case, with the release pointed down, that you need to use a screwdriver/knife/whatever to release the cable. ...and combine that with the RJ45 connecters that have a rubber hood over the release. Gr! G
Re: Change to .com/.net behavior
Don't know, but I cannot get to the VSGN wildcard site. DNS is still returning the IP, but port 80 is not responding or is very slow. Bet they didn't allocate enough servers to this (hehehehe) or its being DOS'ed. - Original Message - From: Sam Hayes Merritt, III [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 13:53 Subject: RE: Change to .com/.net behavior On Wed, 17 Sep 2003, David Schwartz wrote: Microsoft, for example, specifically designed IE to behave in a particular way when an unregistered domain was entered. Verisigns wildcard record is explicitly intended to break this detection. Has Microsoft responded to this yet? Seems like Verisign's scam is running over Microsoft's scam. sam
Re: Change to .com/.net behavior
It may be unclear who they are supposed to represent, but they do the bidding of their funders. I'm going to go out on a limb here and postulate that their decisions, therefore, are not always in the best interests of the Internet Community. - Original Message - From: David Schwartz [EMAIL PROTECTED] To: Paul Vixie [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 14:30 Subject: RE: Change to .com/.net behavior ... shouldn't they get to decide this for themselves? Returning NXDOMAIN when a domain does not exist is a basic requirement. Failure to do so creates security problems. It is reasonable to require your customers to fix known breakage that creates security problems. that sounds pretty thin. i think you stretched your reasoning too far. Feel free to point out the step that's stretching too far. There definitely do exist security validation schemes that rely upon domain existence that are fooled by Verisign's bogus reply. VeriSign has a public trust to provide accurate domain information for the COM and NET zones. They have decided to put their financial interest in obscuring this information ahead of their public trust. i'm not sure how many people inside verisign, us-DoC, and icann agree that COM and NET are a public trust, or that verisign is just a caretaker. but, given that this is in some dispute, it again seems that your customers should decide for themselves which side of the dispute they weigh in on. Then who does ICANN represent? Doesn't ICANN operate under the authority of the DOC? Doesn't Verisign operate pursuant to a contract with ICANN? Aren't we all intended third party beneficiaries of those contracts? Is this really in dispute? Microsoft, for example, specifically designed IE to behave in a particular way when an unregistered domain was entered. Verisigns wildcard record is explicitly intended to break this detection. The wildcard only works if software does not treat it as if the domain wasn't registered even though it is not. then microsoft should act. and if it matters to you then you should act. I would hope that Microsoft would respond with a lawsuit rather than a patch. Otherwise, Verisign will respond with a 'technical solution' and we'll be in a war with the people we have to trust. but this is not sufficient justification to warrant a demand by you of your customers that they install a patch (what if they don't run bind?) or that they configure delegation-only for particular tld's (which ones and why not others?) It really depends upon the specifics of the contractual situation. What if one of your customer's customers lets through some spam because Verisign broke their validation check? And what if that person is sued? Now, where does that leave you, aware of the problem and having not taken actions to correct it that you could have taken? Verisign has created a business out of fooling software through failure to return a 'no such domain' indication when there is no such domain, in breach of their public trust. As much as Verisign was obligated not to do this, others are obligated not to propogate the breakage. ISPs operate DNS servers for their customers just as Verisign operates the COM and NET domains for the public. the obligations you're speaking of are much less clear than you're saying. Yes, oviously they are much less clear to Verisign. I want to hear from IANA how they feel about a.net being pointed to Verisign. Simply put, Verisign is telling me that 'a.net' has address '64.90.110.11' and it does not. DS
Re: Verisign insanity - Distributed non-attack
This is just another example of a virtual monopoly doing whatever them damn well please because THEY CAN. Sorry to sound like a broken record, but we in the Inclusive Namespace have been saying this all along. How about a world with 1000's of TLDs all operated by different people with NO restrictions imposed by a monopoly-supporting politburo (ICANN). How about a root network operated under rules designed ONLY to support the technical stability of the network and not under rules that masquerade as such but are really designed to prop up a monopoly of four organizations so that they can corner the market and shut out all others. Imagine such a world. Some people are doing just that. Some people with a LOT of money to spend on such a project. Stay tuned. In a free market namespace (which the ICANN/USG IS *NOT*), with no un-neccessary barriers to entry, competition would weed out the players that did anti-social, predatory things like VRSGN is doing. Either a business changes its practices to be in tune with its customer base or it vanishes. FYI: ADNS had wildcard records in the DNS for the .USA, .EARTH, .Z, .LION and .AMERICA TLDs. They simply pointed to a page that said This domain has not been registered yet. Those records were removed today because of the controversy surrounding wildcard records at the TLD level. I see a valid use for such records but there is also potential for abuse and perception is sometimes as important as reality. In the Inclusive Namespace, competition is a reality because there are no artificial barriers to entry in the marketplace and players had better listen to the consumer's opinions or else they will not survive. Thats as it should be. So, why isn't the #1 (in terms of traffic) root server network operated that way? - Original Message - From: Richard Cox [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:18 Subject: Re: Verisign insanity - Distributed non-attack On Tue, 16 Sep 2003 17:02:59 +0200 RoDent [EMAIL PROTECTED] wrote: | Effectively this would amount to denial of service attack, but since | there is nothing illegal about making an http request to an invalid | hostname, Verisign will be bringing the denial of service attack upon | themselves, and unfortunately dragging ISP's with them. Why ISP's | haven't publically taken a stance against this yet is fascinating. While I completely share your concern about Verisign's behaviour, I have a higher level concern about anything seeking to disrupt services on the 'net. For some weeks now, several of the abuse-prevention organisations have been subjected to Distributed Denial-of-Service attacks; the attack on SORBS is still continuing, and very few of the networks carrying this DDoS traffic have lifted a finger to either limit or trace the attacking traffic. Which, I have to say, is *most* disappointing. -- Richard Cox
Re: What *are* they smoking?
Here is one solution - replace all of your root.cache files with: (root) nameserver = C.ROOT-SERVERS.ORSC (root) nameserver = D.ROOT-SERVERS.ORSC (root) nameserver = E.ROOT-SERVERS.ORSC (root) nameserver = F.ROOT-SERVERS.ORSC (root) nameserver = H.ROOT-SERVERS.ORSC (root) nameserver = I.ROOT-SERVERS.ORSC (root) nameserver = K.ROOT-SERVERS.ORSC (root) nameserver = L.ROOT-SERVERS.ORSC (root) nameserver = M.ROOT-SERVERS.ORSC (root) nameserver = A.ROOT-SERVERS.ORSC C.ROOT-SERVERS.ORSC internet address = 199.166.28.10 D.ROOT-SERVERS.ORSC internet address = 204.80.125.130 E.ROOT-SERVERS.ORSC internet address = 195.117.6.25 F.ROOT-SERVERS.ORSC internet address = 199.166.31.3 H.ROOT-SERVERS.ORSC internet address = 199.5.157.128 I.ROOT-SERVERS.ORSC internet address = 204.57.55.100 K.ROOT-SERVERS.ORSC internet address = 199.166.27.4 L.ROOT-SERVERS.ORSC internet address = 199.166.29.2 M.ROOT-SERVERS.ORSC internet address = 195.206.104.13 A.ROOT-SERVERS.ORSC internet address = 199.166.24.12 - Original Message - From: Greg Maxwell [EMAIL PROTECTED] To: Haesu [EMAIL PROTECTED] Cc: Marius Strom [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 11:23 Subject: Re: What *are* they smoking? On Tue, 16 Sep 2003, Haesu wrote: I must ask the subject again. What in the name of censored *are* they smoking? Who exclusively gave them the right to own the 'net and decide which domain points to where? Completely unacceptable. It's very amusing to see people on *this* list asking *who* gave control to them. Who else configures your customers DNS settings?
Re: Fun new policy at AOL
SMTP DNS should be run through the servers provided by the ISP for the exact purpose. There is no valid reason for a dialup customer to ^ OH YES THERE IS (at least to a different resolver other than yours) go direct to root-servers.net and there is no reason why a dialup user should be sending mail directly to AOL, or any mail server for that matter (besides their host ISP) -Matt Except for the fact the your DNS server may be using a root cache file that points to the restrictive USG root network that is currently controlled by a a corrupt monopoly. What about customers who want to use ORSC or Pacificroot? There are about 11,000 TLDs out there and you want to limit your customers to have to suffer under the current totalitarian dictatorship? I wouldn't ever be a customer of your's.
Re: Fun new policy at AOL
- Original Message - From: David Lesher [EMAIL PROTECTED] To: nanog list [EMAIL PROTECTED] Sent: Thursday, August 28, 2003 10:22 Subject: Re: Fun new policy at AOL Speaking on Deep Background, the Press Secretary whispered: Shouldn't customers that purchase IP services from an ISP use the ISPs mail server as a smart host for outbound mail? applying that standard just how large do you have to get before you graduate to running your own smtp server. I'm sorry we won't accept mail from you because you're not an lir? Yea! I think the registry should run the mail server. That way, there's just 3 or 4 nationwide. Makes it easier for Ashcroft and RIAA, to boot. And we all know how well NSI does on complex things... This brings up a more general point about the dangers of blocking everything under the sun. When you limit yourself to just a few chokepoints, its easier for those who would stifle communications to shut things down. This is a very dangerous path to take. Not that we shouldn't consider some sort of port restrictions to stop spam, but there are undesirable long term effects that need to be considered. Those on the dark side will be considering them, you may be sure, while licking their chops.
Re: Fun new policy at AOL
I have RCN cable internet in Chicago and they recently implemented blocking port 25 access outbound. They say that we should just use their mail servers instead. I connect with my laptop from 3 or 4 locations to drop off mail to my servers. I cannot use their mail servers from other locations other than when I am connected to them. I have about 2 dozen e-mail accounts defined in outlook express and would have to change the outbound mail server setting for EACH one ever time I move off the RCN connection to one of the other locations from which I work and then back again when I get back to RCN. More than a few people have this problem. I'm lucky because I run the mail server myself and can configure it to listen on an alternative port as well as 25 (authentication is required to relay, though). Again, any provider that wants to start blocking ports should do so only very carefully and should make exceptions for users who need them AT NO ADDITIONAL COST TO THE USER because there will be competitors that will treat the customer better. - Original Message - From: Michel Py [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 28, 2003 12:11 Subject: RE: Fun new policy at AOL Matthew Crocker wrote: Shouldn't customers that purchase IP services from an ISP use the ISPs mail server as a smart host for outbound mail? Trouble is with some ISPs you get more rejections when using their mail servers than when havong your own, not to mention theirs eating some email from no reason, having limits in attachment size, you can't have a mailing list that way, etc. Michel.
Re: Tier-1 without their own backbone?
I hear that Level 3 is good but do they handle small stuff like T-1? We may be looking to dual-home soon and will be looking around. - Original Message - From: Sean Crandall [EMAIL PROTECTED] To: 'Rick Ernst' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, August 27, 2003 15:48 Subject: RE: Tier-1 without their own backbone? One of the providers we are looking at is Level-3. Any comments good/bad on reliability and clue? We already have UU, Sprint, and ATT. I also realize that the they suck less list changes continuously... :) I have about 5 GB of IP transit connections from Level3 across 8 markets (plus using their facilities for our backbone). Level3 has been very solid on the IP transit side. MFN/AboveNet has also been very good to us. -Sean Sean P. Crandall VP Engineering Operations MegaPath Networks Inc. 6691 Owens Drive Pleasanton, CA 94588 (925) 201-2530 (office) (925) 201-2550 (fax)
Re: Email virus protection
Hey - they aren't supposed to be using their work e-mail for stuff other than work - especially in a banking environment. I would be unhappy if my bank did not exclude executables from outside e-mail. Again, ITS YOUR EMPLOYERS NETWORK, NOT YOURS. - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: Jack Bates [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 14:29 Subject: Re: Email virus protection Yo Jack! On Wed, 20 Aug 2003, Jack Bates wrote: The best method for protection of your network (by limiting exposure of your users to viruses) is to strip executable files. We replace the files with a small text file mentioning the filename and a brief description of why we stripped it and who to contact if they need the file. I love guys like you. All my customers once had (still have) admins that filtered and cleaned their email for them. Also added firewalls for their protection. Now they are my customers because they do not want your protections. What you are doing is certainly proper in some cases. I would hope BofA learned that lesson after the last worm attack that killed their ATM network. That also means a lot of bank employees need to also have an ISP account from me to do things they can not do with their email on the job. RGDS GARY --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676
Re: RPC errors
45 seconds: deny tcp any any eq 135 (5445 matches) deny tcp any any eq 137 deny tcp any any eq 138 deny tcp any any eq 139 deny tcp any any eq 445 (207 matches) - Original Message - From: Randy Bush [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 11, 2003 18:52 Subject: Re: RPC errors must be fun out there on the net today. one minute of counter accumulation deny tcp any any eq 135 (5721 matches) deny tcp any any eq 137 deny tcp any any eq 138 deny tcp any any eq 139 (17 matches) deny tcp any any eq 445 (1137 matches) randy
Re: Port blocking last resort in fight against virus
- Original Message - From: Dave Israel [EMAIL PROTECTED] To: McBurnett, Jim [EMAIL PROTECTED] Cc: Jack Bates [EMAIL PROTECTED]; Mans Nilsson [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, August 12, 2003 12:00 Subject: RE: Port blocking last resort in fight against virus On 8/12/2003 at 12:40:19 -0400, McBurnett, Jim said: who in there right mind would pass NB traffic in the wild? That's the problem; not all customers are in their right mind. All they know is that it was working yesterday, and not today, because you blocked a port. The question of port blocking for most sizable ISPs comes down to principle vs principle. One the one hand, you have the principle of network invisibility. You agreed to pass customer traffic, not pass judgement on it. If it's a valid IP packet, you'll deliver it. And you don't slow down or stop traffic because you're spending cycles examining packets.* That's what customers expect. On the other hand, you have the principle of being a good network citizen. You try to keep your tables clean and your peers from flapping. You accept valid routes and inform your peers when you get invalid ones, so they have a chance to fix them. You are properly embarrassed when you find a spammer on your network or your name on the CIDR report. And you don't spew other people's networks with worm traffic. That is what other providers expect. Port blocking is therefore a quandry: do you stick with your customer principle, or your provider principle? I think most of us weigh the damage of the attack vs the damage of losing the port, and make individual judgement calls. It would be nice if there were some central consensus on when to block ports; then individual providers wouldn't need to take abuse from customers or other networks when their judgement wasn't exactly the same as somebody else's. Yes, some providers however react improperly to certain situations and do not listen to their paying customers. RCN in Chicago is one example. One day, they just started blocking outbound port 25 on their network. Now, I use other SMTP servers other than the RCN one. In my case, they're my servers and all I have to do is set up my SMTP to listen on an additional port. For others, they aren't so lucky and may have a legitimate gripe with them for censoring traffic. In the case of 135-139, no one who uses these ports legitimatly should have a need to use them in the wild unless in a tunnel. If a user came to me complaining about them being blocked, I would ask the user why they were using them incorrectly and would suggest safer ways to do the same task. So, being a good ISP is trying to accomodate the needs of as many customers as you can, while being a good net neighbor. This is not always easy.
Re: rfc1918 ignorant
When the RFC's are broken, then what do you do? RFC's are to be followed if one can operate one's network under those constraints. Often times, RFC's don't take into account real world considerations. For instance: The rule that there should be only one root server network does not provide a solution to the problem of a corrupt monopoly gaining control over that one root server network (as is the case now). - Original Message - From: Petri Helenius [EMAIL PROTECTED] To: Dave Temkin [EMAIL PROTECTED]; Kevin Oberman [EMAIL PROTECTED] Cc: Lyndon Nerenberg [EMAIL PROTECTED]; David Schwartz [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 13:19 Subject: Re: rfc1918 ignorant Unless of course I block ICMP for the purposes of denying traceroute but still allow DF/etc. Then it's not broken as you say. Sure, but people blocking all ICMP haven´t usually heard that there are different types and codes in ICMP. It´s surprising how many large www sites do not work if your MTU is less than 1500. Even if you do PMTU. (because the packets vanish somewhere before or at the server). Pete -- David Temkin On Wed, 23 Jul 2003, Kevin Oberman wrote: Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT) From: Dave Temkin [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Needs is a tough call. Plenty of networks block ICMP at the border and could very well be using 1918 addressing in between and you'd have no idea. And the network is broken. People persist in blocking ICMP and then complain when things don't work right. Even if you explain why blocking ICMP is breaking something, they say ICMP is evil and we have to block it. OK. they are broken and when things don't work, they need to tell their customers that they are choosing to run a network that does not work correctly. (Not that I expect anyone to do this.) I don't see anything tough about this call.
ATT Canada Problems ???
Cannot get to sites on ATT Canada - Any news regarding the problem cause?
Warning Someone is using your company name to defraud users: Fw: Transaction #: 34-355-268-52430
Got this in my mailbox this afternoon - The URL goes to swiftSpay.com, not swiftpay.com. You're probably aware of this scam - if not, now you know. John P. - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 20, 2003 2:49 PM Subject: Transaction #: 34-355-268-52430 Thisis confirmation messagefor transfer of$1974.50 USDby E-mail from: * SwiftPay User ID: [EMAIL PROTECTED] Transaction #: 34-355-268-52430 Ref.#: 04100927 * To claim your money and confirm the transaction please, follow the link below: http://www.swiftpay.com/transID?=34-355-268-52430±04100927f=US The money will appearin your SwiftPay account balance once you confirm the transaction and then you can withraw the balance to your bank account which you added during the registration process. If you are not an existing member of SwiftPay.com you can signup right now. The registration process is very simple and it takes less than 5 minutes. Swiftpay`s intuitive interface makes sending and receiving money over the web as easy as one two three. Simply logon at Swiftpay.com and select which Swiftpay service you wish to avail of, whether its to fund your account, send money to friends family or businesses, request money or check your account details. With everything you need available at the click of a mouse, paying with Swiftpay couldn't be easier. Dont forget, we value our commitment to Customer Service at Swiftpay should you have any queries, please dont hesitate to contact us and we'll do our best to answer your query as soon as possible. Kind Regards, Swiftpay Billing Dept. SwiftPay -The E-Cash solution that brings online shopping closer to home * SWIFTPAY.COM SECURITY REMINDERS Protect Your Username and Password and NEVER Reveal it to Third Parties! * WARNING! If you are not the intended recipient, please inform the sender immediately by E-mail and deletethis messageand all copies from your system.
Re: IPv6
MAI will be offering IPV6 for their web services hosting. - Original Message - From: Richard A Steenbergen [EMAIL PROTECTED] To: Jared Mauch [EMAIL PROTECTED] Cc: Irwin Lazar [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, June 12, 2003 14:16 Subject: Re: IPv6 On Thu, Jun 12, 2003 at 12:49:26PM -0400, Jared Mauch wrote: On Tue, Jun 10, 2003 at 08:39:48AM -0600, Irwin Lazar wrote: Excuse the off-topic question, but does anyone know if there is some sort of list anywhere of service providers who are running IPv6 in a production capacity, either to tunnel IPv4 or to offer native IPv6 services? I'm not looking for test or research networks but rather a list of IPv6 networks that are actually carrying customer traffic. NTT/Verio has been offering commercial IPv6 services since April 2002 I seem to recall. http://www.v6.ntt.net/globe/index_e.html http://www.soi.wide.ad.jp/ipv6_summit/2001/slides/03/2.html I've gotten postcards from Hurrican Electric about their Free IPv6 service as well. I'm sure many other people have gotten them.. I seem to recall that CW provided native IPv6 for the Atlanta IETF. I believe GX sells commercial IPv6 at select locations as well. Hurricane Electric is probably the leader in the market though, as everyone else seems to still be implementing v6 with dedicated low-end devices and tunnels. -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re 7/8 - was Re: 69/8 revisited
Speaking of that, has 7/8 been allocated? Doesn't show it on IANA's list but I saw several routes come in (7.1/16 comes to mind) a few days ago. - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 28, 2003 12:36 Subject: 69/8 revisited I've setup a little web site with the results of my ping sweep to attempt to locate as many networks as possible with outdated bogon filters. http://69box.atlantic.net/ If you can't reach that, fix your network...or use the alternative non-69/8 hostname http://not69box.atlantic.net/ Number of IP's currently known to have 69/8 filter issues: 683 Number of /24 networks's currently known to have 69/8 filter issues: 511 Check out the site and see if you recognize any of the IPs. You can test/remove IPs if they've become reachable, or test/add IPs if they have 69/8 filter issues. -- Jon Lewis [EMAIL PROTECTED]| I route System Administrator| therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: aljazeera.net domain owned.
Hmm - don't think so - although nothing is up there - www.aljazeera.net resolves to 127.0.0.1. This is from the MYDOMAIN.COM nameservers listed as the auth for this domain: ; DiG 8.2 ns aljazeera.net @b.gtld-servers.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4 ;; QUERY SECTION: ;; aljazeera.net, type = NS, class = IN ;; ANSWER SECTION: aljazeera.net. 2D IN NSNS4.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS1.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS2.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS3.MYDOMAIN.COM. ;; ADDITIONAL SECTION: NS4.MYDOMAIN.COM. 2D IN A 63.251.83.74 NS1.MYDOMAIN.COM. 2D IN A 64.94.117.195 NS2.MYDOMAIN.COM. 2D IN A 216.52.121.228 NS3.MYDOMAIN.COM. 2D IN A 66.150.161.130 ;; Total query time: 80 msec ;; FROM: LAIR.LION to SERVER: b.gtld-servers.net 192.33.14.30 ;; WHEN: Thu Mar 27 16:38:14 2003 ;; MSG SIZE sent: 31 rcvd: 179 LAIR$ dig www.aljazeera.net @ns1.mydomain.com ; DiG 8.2 www.aljazeera.net @ns1.mydomain.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUERY SECTION: ;; www.aljazeera.net, type = A, class = IN ;; ANSWER SECTION: www.aljazeera.net. 2M IN A 127.0.0.1 ;; AUTHORITY SECTION: aljazeera.net. 2M IN NSns1.mydomain.com. aljazeera.net. 2M IN NSns2.mydomain.com. aljazeera.net. 2M IN NSns3.mydomain.com. aljazeera.net. 2M IN NSns4.mydomain.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 30M IN A64.94.117.195 ns2.mydomain.com. 30M IN A216.52.121.228 ns3.mydomain.com. 30M IN A66.150.161.130 ns4.mydomain.com. 30M IN A63.251.83.74 ;; Total query time: 117 msec ;; FROM: LAIR.LION to SERVER: ns1.mydomain.com 64.94.117.195 ;; WHEN: Thu Mar 27 16:38:28 2003 ;; MSG SIZE sent: 35 rcvd: 199 - Original Message - From: Eric Brunner-Williams in Portland Maine [EMAIL PROTECTED] To: Sean Donelan [EMAIL PROTECTED] Cc: Abdullah Ibn Hamad Al-Marri [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, March 27, 2003 15:30 Subject: Re: aljazeera.net domain owned. Earlier today I logged a disparity between the NSI web whois interface and the whois commandline interface outputs (http://nic-iq.nic-naa.net, bottom of page). I sent mail to two contacts inside Verisign, and at 4:30pm EST, the hijack appears to be over, at least as far as NS records are concerned.
re: Internet connection secure from surveilance?
Here is my reply to Joe Your solution is good. In general, anyone worried about this kind of invasion of privacy should arrange to run their own root servers. The more the merrier. This is not neccessarily about having multiple roots with colliding TLDs, but about security from surveillance. One discouraging fact is that even if everyone moves to localized root servers, the USG still controls the servers for .COM/.NET and .ORG as well as, most definitly .GOV and .MIL. The same trick that they can play at the root server level can also be played at the gtld-server level. They can just rig [A-M].GTLD-SERVERS.NET instead of the roots. They may not be able to capture all of the traffic that a user generates, but most of it, since most websites/domains are in the big three and those are controlled by USG. John - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 09, 2002 11:28 Subject: [ga] is your Internet connection secure from surveilance? I have attached a draft PDF file addressed to Canada's privacy and information commissioners which outlines my concerns respecting privacy issues in root operations. I would welcome any comments. Please email them directly to me. kindest regards joe baptista
Re: IPv6 Interview Questions and critic
- Original Message - From: Joe Baptista [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 27, 2002 09:41 Subject: IPv6 Interview Questions and critic Hi: I'm doing an article on IPv6 and am looking for comments - here is a portion on IPv6 which relates to the privacy issue ... any comments, crtics or interviews welcomed. -- snip As you know IPv6 is a suite of protocols for the network layer of the Internet which uses IPv4 gateways. It's purpose is to expand address space. At this time IPv6 comes prepackaged with all popular operating systems. This includes all flavours of unix , windows and Mac OS. Windows? I don't think so, not yet anyways IPv6 is designed to solve many of the problems of the current version of IPv4 with regard to address depletion. The goal is to use IPv6 to expand the capabilities of the Internet to enable a variety of valuable peer-to-peer and mobile applications. According to many industry pundits it is the future of networking. However IPv6 has many privacy issues. IPv6 address space uses an ID (indentifier) derived from your hardware or phone. Hmm - if you mean that there will now be enough addresses to assign each device its own IP6 Address - then yah. Other than that, how is it derived from the hardware. Ipv6 empowers the business community by providing a means of identifying and tracking users. Under Ipv6 users can be tracked and income demographics determined through hardware identification. Many members of the networking community have addressed concerns that the technology could result in potential abuse and censored warns users to think twice before they buy themselves a used Lap-Top computer and inherit all the prior surfing history of the previous user? Hmm - again, I would be upset if I wasn't able to CHANGE the IP6 addy because this would be true.
Re: Bogon list or Dshield.org type list
Yes - DSHEILD has our ORSC root server listed as well. I thought that was hilarious. - Original Message - From: Charles Sprickman [EMAIL PROTECTED] To: Johannes Ullrich [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, July 28, 2002 2:36 AM Subject: Re: Bogon list or Dshield.org type list I looked up a nameserver that I once worked with and found that it is attacking from port 53. Needless to say, it's not hacked, it's answering queries. Charles -- Charles Sprickman [EMAIL PROTECTED] On Sat, 27 Jul 2002, Johannes Ullrich wrote: I do not recommend adding every IP listed at DShield to your filter. We do publish a 'block list', of the worst networks (based on reports for the last 5 days). Quick note on our methods: We basically aggregate firewall logs and offer summarized reports. The reports should allow everyone to apply their own judgment. For the block list: http://www.dshield.org/block_list_info.html On Sat, 27 Jul 2002 20:19:47 -0400 Phil Rosenthal [EMAIL PROTECTED] wrote: I can comment on the dshield list. I have seen this before. I am checking one particular IP on my network that has a very popular freehost on it. Checking the load balancer IP (connections cannot be originated from this IP) -- it shows that there were 13 attacks initiated from the IP, and 7 targets. Whatever their algorithm is, it doesn't seem reliable enough for me to trust it if an IP that can not originate connections is listed as an attacker (albeit small on their list) --Phil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of alsato Sent: Saturday, July 27, 2002 8:08 PM To: [EMAIL PROTECTED] Subject: Bogon list or Dshield.org type list Im wondering how many of you use Bogon Lists and http://www.dshield.org/top10.html type lists on your routers? Im curious to know if you are an ISP with customers or backbone provider or someone else? I have a feeling not many people use these on routers? Im wondering why or why not? Ive never used them on my routers although I work for a new isp/cable provider. Im thinking it would make my users happy to use them though. alsato -- --- [EMAIL PROTECTED] Collaborative Intrusion Detection join http://www.dshield.org
Re: Act Surprised.....
Oh goodie - now maybe my BUY order for 50,000 shares at $0.01 will execute. :- - Original Message - From: Jeff Workman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 21, 2002 8:23 PM Subject: Act Surprised. http://biz.yahoo.com/rb/020721/worldcom_bankruptcy_16.html -- Jeff Workman | [EMAIL PROTECTED] | http://www.pimpworks.org
Re: Just an FYI - Apache Worm on the loose
Is this the same vulnerability that was corrected with the 1.3.26 apache release?
Stop it with putting your e-mail body in ATT attachments. Its annoying and no one can see your message
I know this is off the current subject., but some of you are sending these e-mail's to the list that appear as attachments and not text. This is even more annoying than HTML Mail. The message appears with an empty body and attachments that have names that start with ATT This is annoying. Many people wont read your messages because opening attachments is a security risk. If you want your postings read, please use plain text e-mail and not these stupid ATT attachments. (flame off) - Original Message - From: Joseph T. Klein [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, July 09, 2002 5:21 PM Subject: Billing Notice
Re: Stop it with putting your e-mail body in ATT attachments. Its annoying and no one can see your message
There is nothing wrong with MS Outlook express. You need to stem your hostility towards Microsoft and recognize that they are the dominant desktop (something like 90%) and you need to get used to it and stop fighting. - Original Message - From: Nipper, Arnold [EMAIL PROTECTED] To: John Palmer [EMAIL PROTECTED] Sent: Tuesday, July 09, 2002 5:36 PM Subject: Re: Stop it with putting your e-mail body in ATT attachments. Its annoying and no one can see your message John, use a real MUA and you will have no problem. Something like mutt, you know ... Arnold - also mostly using Outlook Express - - Original Message - From: John Palmer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 10, 2002 12:29 AM Subject: Stop it with putting your e-mail body in ATT attachments. Its annoying and no one can see your message I know this is off the current subject., but some of you are sending these e-mail's to the list that appear as attachments and not text. This is even more annoying than HTML Mail. The message appears with an empty body and attachments that have names that start with ATT This is annoying. Many people wont read your messages because opening attachments is a security risk. If you want your postings read, please use plain text e-mail and not these stupid ATT attachments. (flame off) - Original Message - From: Joseph T. Klein [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, July 09, 2002 5:21 PM Subject: Billing Notice
Re: DDos attack in progress?
Not sure, but FoxNews.COM is on that space and it has been un-reachable pretty much all day. - Original Message - From: Scott Granados [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, June 14, 2002 2:05 PM Subject: DDos attack in progress? Does anyone know anything about a DDos attack underway pointed at machines in 66.54.0.0/19 or AS 15217? I'd heard something about this from internal channels but was wondering if anyone else knew about one under way? Thanks Scott
Re: statistics.
I find it interesting that the collider versions of BIZ and INFO (ie the ICANN sanctioned ones) dont even show up on the Number of Hosts by TLD section under this report. Poetic justice perhaps? - Original Message - From: jeffrey arnold [EMAIL PROTECTED] To: Micah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, June 11, 2002 4:33 PM Subject: Re: statistics. On Tue, 11 Jun 2002, Micah wrote: :: I am looking for a ballpark count concerning amount of current internet :: nodes. ( obviously not exact ) With data relevant to this year. Feel free :: to contact off-list. :: hey micah, http://www.netsizer.com/ -jba __ [[EMAIL PROTECTED]] :: analogue.networks.nyc :: http://analogue.net
Is this list working?
Posted a message several times and it never made it out Is the list broken?
CAIS/Ardent and now Network Access Solutions
CAIS sold our account to NAS. They did this about 5 months back. They are just now getting around to cutting us over. This involves Covad making some changes in their switch somewhere. Back last May, it was PSINet that was selling our account to CAIS. They sent us an e-mail to announce that they were taking over the account and sent us a list of the account details that they had for us. The information was wrong. I sent them corrections. Also made sure they knew that we had our own IP addresses and to be sure to coordinate the BGP stuff with PSI when cutting over. They didn't. PSI kept announcing the routes. Ardent didnt announce them. It took me FIVE DAYS to get them to fix it. Waited on hold for 45 minutes more than 7 times and finally talked to brain dead drones on the other end each time. No luck. Finally wheedled the PSI NOCs direct number out of someone on the phone at PSI and called them. They dropped the route announcements for us. Then it took three more days to get in touch with someone at Ardent. I was able to do that by posting a message here. One of their engineers called me and we had it fixed in ten minutes. Fast forward to Dec/Jan 2001/2002: Now, CAIS (called Ardent now) sold us to Network Access Solutions (NAS). We have been paying them ever since Dec or so. Two months ago, they sent the same kind of e-mail: We'll be cutting over your connection soon, please fill out this questionnaire, etc. I did so, and wrote a long tome at the end warning them not to mess up the BGP stuff. It couldn't be that bad twice, could it? I though to myself. I crossed my fingers. In their e-mail, they told me that they would soon get back to me with a cutover date. This afternoon, at 4:40PM, I got the message Your cutover date/time is 5PM-8PM Eastern May 29, 2002 (today) and The date cannot be changed. Also they said If you have your own IP addresses, it may take till midnight till the routes propagate (Now I know I'm in trouble - 5pm till midnight?). No sooner did I read the message than the connection went dead. Not the circuit, just the BGP announcements. Its now 7AM Eastern time. We've been offline 13 hours now. Phone drone at NAS says Hmm, your not listed on our cutover sheet today. I put two and two together: They told Ardent drop the routes today at 5 and then lost the paperwork internally so the cutover did not happen, but Ardent dropped the routes. Just got off the phone with them again after sitting on hold for 45 minutes. They dont seem to get the message that its a BGP problem and not the circuit. Last time, when we had problems, some kind engineer from CAIS sent me e-mail and offered to help and, like I said, he got us back online in, like 10 minutes. If you're out there, please let me know. I need your help again Please reply to [EMAIL PROTECTED] as the e-mail on this message is not accessible at this time. Sorry to bug all of you with this. Let see: 13 hours and running. Last time it was five days. Wanna take bets on how long this time? Funny thing, when I called CAIS afterwards to ask them how they were going to make it up to me for knocking me offline for five days, I was sent to the voicemail of some customer service manager who never returned my calls. Lets see how well NAS does. John
RE: Trying to find a connectivity provider that wont go under (was RE: CAIS/Ardent and now Network Access Solutions)
Its just that they aren't local and there is no need to pay for a circuit all the way to Chicago. It seems that so many providers have moved out of Macomb county. Anyone have any experience with BigNet? We are talking to them now -Original Message- From: Bill Woodcock [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 4:42 PM To: John Palmer Cc: [EMAIL PROTECTED] Subject: Re: Trying to find a connectivity provider that wont go under (was RE: CAIS/Ardent and now Network Access Solutions) Who can one rely on for connectivity? In general and in the Detroit area? I put out a request for bids on T-1's and all the national providers were way too high... Haven't you just answered your own question? I guess if you think reliable service is too expensive, you're not in the market for reliable service, no? -Bill
Discussion of Results
Proposal #1 (which passed by over 2/3rds - 67.9%) expresses the sense of the GA that DOC should re-bid the ICANN contract and forget ICANN completely Proposal #2 (which passed by 75%) expresses to ICANN the desire that they reform in a meaningful way, and if they don't, that the DOC should replace ICANN. Interesting AGN Domain Name Services, Inc http://www.adns.net Since 1995. The Registry for .AMERICA, .EARTH, .LION, .USA and .Z Define yourself or Be Defined. Censorship-free GA list at : http://dns-o.org/mailman/listinfo/ga
CAIS/Ardent Routing Problems?
Anyone see anything strange with AS 3491 today? They have been dropping our routes on and off all day long?
DNS-O.NET?
Is anyone aware of the significance of the domain dns-o.net in China. I just registered this domain for another purpose and pointed it to an empty website for now and the log file is full of what appear to be requests for random URLs (mostly for banners .gifs, etc). I'm just curious if anyone knows the history of that domain. AGN Domain Name Services, Inc http://www.adns.net Since 1995. The Registry for .AMERICA, .EARTH, .LION, .USA and .Z Define yourself or Be Defined. Censorship-free GA list at : http://dns-o.org/mailman/listinfo/ga