Re: Topicality and audiences [was Re: tech support being flooded due to IE 0day]

[Laurence F. Sheldon, Jr.]

It doesn't matter who wrote:



If you don't find network operations to be relevant, then by all
means STOP POSTING TO THE GOD DAMNED NETWORK OPERATIONS MAILING LIST.
Some of those, particularly those who *gasp* run networks, still find
it relevent. If there is this much disagreement about your posts,
maybe you should find a different place to make them.


In spite of repeated rants like this one (I'm too tired and lazy to 
disguise the author of it further, the particular author here is not 
important), the problem is not "What kind of list is NANOG?"  It really 
isn't.  I don't think a strong case that many active posters here are 
confused about that it really hard to make.  There really ought to be a 
moratorium on the question of what kind of a list is NANOG.


The question has always been, in my my mind, "What the hell does 
"Operations" mean to the participants here.  (I have on several 
occasions said what I think it means to others, I'll spare me the agony 
of doing that again just now.)


I have for years incorrectly assumed (nay, insisted) that "Operations 
topics" include just about everything that has to do with operating a 
network or networks, or network of networks.


I don't think it includes the mindless, repetitive, numbing harassment 
of somebody that has an issue affecting his or her operation that either 
needs help, or wants to share a lesson learned.


Frankly, a scholarly analysis of the archives (edited or not) would 
show, I'll bet, that there are more items about what is on topic than 
there are about any other subject-group.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Have you really got clue?

[Laurence F. Sheldon, Jr.]

[EMAIL PROTECTED] wrote:



And if anyone else here thinks they know what is
on topic, please tell us.

I am getting bored by the flood of negative messages
that say only "You can't say that here". Please stop
telling us what you cannot say on NANOG. If you really
must register your discontent with a message, then 
at least take the time to list some of the topics that

belong on the list.

What is NANOG all about? What is relevant to network
operations? Is NANOG a narrowly focused technical list
for a small group of technical specialists? Or is it
some kind of broader industry-focused list that covers
many issues relevant to the industry?


It is pretty simple, really.  These are examples of the topics that are 
on-topic.


1.  "that posting is off-topic".
2.  "somebody with clue from ${SmallUnknownOperator} (e.g. AOL) please 
contact me off list about a connectivity issue.:

3.  "that posting is terribly off-topic".
4.  "anybody know where I can get a free 300-baud dialup in 
${Major_City_with_Wiffies_Everywhere}

5.  "Since when is NANOG about ${some-non-BGP-operational-issue}"
6.  "Somebody left their nerd-pack in the meeting room for 
${obscure_NANOG_topic"


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: fyi-- [dns-operations] early key rollover for dlv.isc.org

[Laurence F. Sheldon, Jr.]

Paul Vixie wrote:


fyi:




My mail reader can sanitize HTML mail for me, but it was stymied by this 
one.  What is it?



--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Removal of my brain

[Laurence F. Sheldon, Jr.]

[EMAIL PROTECTED] wrote:


More to the point, why punish the entire list by bickering about a 
minority 


Because this is NANOG, and NANOG is very careful to limit the traffic to 
stuff that is On Topic.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Public service Rebroadcast: Re: Removal of my name]

[Laurence F. Sheldon, Jr.]

I too despise HTML, but in a failing effort to find email useful, I use 
a reader that converts HTML to text for me (it is amazing what computers 
can do these days).


Here is the result of my reader's handiwork.


 Original Message 
Subject:Re: Removal of my name
Date:   Wed, 20 Sep 2006 14:02:52 -0400
From:   Don Welch, Merit Network <[EMAIL PROTECTED]>
Reply-To:   [EMAIL PROTECTED]
Organization:   Merit Network, Inc
To: [EMAIL PROTECTED], 'Betty Burke' <[EMAIL PROTECTED]>, 'Mary Eileen
McLaughlin' <[EMAIL PROTECTED]>



NANOG Community,
The issue of altering the NANOG Archive has come up and I wish to
present Merit's position on the matter.

The NANOG Acceptable Use Policy as it currently stands includes the
following:

1. Discussion will focus on Internet operational and technical issues as
described in the charter  of NANOG.
2. Postings of issues inconsistent with the charter are prohibited.
:
4. Postings that include foul language, character assassination, and
lack of respect for other participants are prohibited.
:

The part of the post in dispute is not operational or technical and
clearly shows a lack of respect for a participant.  The subject of the
post and not the poster requested that we remove his name from the post
in the Archive.  Merit has decided to replace the subject's name with
"NAME REMOVED".  Since this post was not allowed, we believe that we are
correcting our mistake in a way that we think has the least impact on
the integrity of the archive.  We are not removing the post itself.  The
poster's name and the rest of the text are intact.  The topic of the
post is still clear even though the individual targeted is not.
Operational or technical content was not modified.

We have considered a number of things in making this decision including:
the age of the post, the reason for the request and Merit's legal
exposure.  We let the Steering Committee know what we were doing.  If
you disagree, do not blame the Steering Committee although we consulted
with the Steering Committee, it was my decision.

This issue has been helpful in that it pointed out some shortcomings in
our policies and notification mechanism.  We are working with the
Steering Committee to address those now.

We are not removing a thoughtless post at the request of the poster and
do not anticipate doing so in the future.

This issue is unique and does not represent a blanket policy.  Any
request to modify the archive is a serious issue that requires
consultation with the Steering Committee and must be balanced against
the loss of archive integrity.

See you at NANOG 38!

Cheers,
Don
--
Donald J. Welch, Ph.D.
President & CEO
Merit Network, Inc.
www.merit.edu 
734-764-8450
1000 Oakbrook Drive
Ann Arbor, MI 48104


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Removal of my name

[Laurence F. Sheldon, Jr.]

Don Welch, Merit Network wrote:


This issue is unique and does not represent a blanket policy.  Any
request to modify the archive is a serious issue that requires
consultation with the Steering Committee and must be balanced against
the loss of archive integrity.


Right here is the heart of the matter.  This is a unique issue. 
Attempts to set policies to cover unique issues _will_ result in bad 
policies.


Policies should be set to cover the general cases.  Management 
prerogative (which should be bounded by policy) will best deal with the 
unique issues.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]

[Laurence F. Sheldon, Jr.]

Johnny Eriksson wrote:


"D'Arcy J.M. Cain"  wrote:



If we were still calling central and asking "Hi Mabel, can you put me
through to Doc," no one would give a rat's ass about phone number
portability.  Notice that no one is getting worked up about circuit
number portability.



... or street number portability.  Thanks $deity.


Where is the Anti Digit Dialing League when you really need them?

http://www.areacode-info.com/headline/1999/ca990503b.htm
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: comast email issues, who else has them?

[Laurence F. Sheldon, Jr.]

william(at)elan.net wrote:


You need to have protocol to map it from. HTTP is not a protocol but 

   ^

type of transport of initial email submission data to a submission
server.


Really?!
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Router / Protocol Problem

[Laurence F. Sheldon, Jr.]

Yeah.  Don't want any operational stuff here.  Need to get back to who's 
got a free 300-baud dialup in Antwerp.


Hank Nussbacher wrote:



At 07:27 AM 07-09-06 -0400, Mike Walter wrote:

Best moved to cisco-nsp.

-Hank Nussbacher
http://www.interall.co.il


Good morning everyone.  I just wanted to say thanks for all the help.  I
did discover the problem this morning and I should be hit with a
herring.  I upgraded the IOS on the router with the issue to match the
other router and the problem was still there.  So I tested and noticed
the following line in the logs, since I was on console it popped up
right in front of me.

Sep  7 06:50:20.697 EST: %SEC-6-IPACCESSLOGP: list 166 denied tcp
69.50.222.8(25) -> 69.4.74.14(2421), 4 packets

What is this I thought?  What is my ACL 166 doing this?  I thought I
tested removing all access-lists from interfaces with the original
problem came up.  Apparently not.  Here is my ACL 166, the first line is
what was being matched.  Apparently some how this connection is being
matched via NBAR for good old Code Red.

access-list 166 deny   ip any any dscp 1 log
access-list 166 deny   tcp any any eq sunrpc
access-list 166 deny   tcp any any eq 135
access-list 166 deny   tcp any any eq 137
access-list 166 deny   tcp any any eq 138
access-list 166 deny   tcp any any eq 139
access-list 166 deny   tcp any any eq 445
access-list 166 deny   tcp any any eq 5554
access-list 166 deny   tcp any any eq 9996
access-list 166 deny   tcp any any eq 1025
access-list 166 deny   udp any any eq 1434
access-list 166 deny   udp any any eq 135
access-list 166 deny   udp any any eq netbios-ns
access-list 166 deny   udp any any eq netbios-dgm
access-list 166 deny   udp any any eq netbios-ss
access-list 166 deny   udp any any eq 445
access-list 166 deny   icmp any any redirect
access-list 166 deny   ip 127.0.0.0 0.255.255.255 any
access-list 166 deny   ip 10.0.0.0 0.255.255.255 any
access-list 166 deny   ip 172.16.0.0 0.15.255.255 any
access-list 166 deny   ip 192.168.0.0 0.0.255.255 any
access-list 166 permit ip any any

class-map match-any http-hacks
match protocol http url "*default.ida*"
match protocol http url "*cmd.exe*"
match protocol http url "*root.exe*"

policy-map mark-inbound-http-hacks
class http-hacks
set ip dscp 1

I have always had this on my FE0/0 as an outbound ACL, well atleast
since Code Red came about: ip access-group 166 out.

Now I have two questions.  Is that not a good idea to have this on FE0/0
out?  Second, why the heck would a smtp connection be matched via my
http-hacks class-map?

Thanks again everyone,

Mike

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Rodney Dunn
Sent: Wednesday, September 06, 2006 8:45 PM
To: Christopher L. Morrow
Cc: Rodney Dunn; Mike Walter; Hank Nussbacher; Justin M. Streiner;
nanog@merit.edu
Subject: Re: Router / Protocol Problem


Then that proves it's not a local router problem then. :)

On Wed, Sep 06, 2006 at 07:49:26PM +, Christopher L. Morrow wrote:
> On Wed, 6 Sep 2006, Rodney Dunn wrote:
>
> >
> > Get a sniffer trace. Packets on the wire prove what's going on.
>
> provided the packets get back to him, it seems his problem is traffic
> getting back to him :( so probably no packets will be on the wire
> (none in question atleast)...

 +++
 This Mail Was Scanned By Mail-seCure System
 at the Tel-Aviv University CC.







--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Is it my imagination or are countless operations impacted today with mysql meltdowns

[Laurence F. Sheldon, Jr.]

Henry Linneweh wrote:


Every where I go that uses MySql is hozed and I can not access the pages
 
-Henry




Say!  _There_ is an On Topic, Operationsal posting!

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Wherefore art thou Qwest

[Laurence F. Sheldon, Jr.]

Joseph S D Yao wrote:


On Wed, Aug 23, 2006 at 11:51:34AM -0400, J. Oquendo wrote:

Can someone from Qwest shoot me an email. I have a PSTN carrier routing 
VoIP now and they're telling me your routing tables became corrupt or 
something. Calls have been "a" dropping.


=
Signature removed to conform to NANOG On-Topic Police




Why are you asking them, "Why are you Qwest"?

[Wherefore == why, != where]


"Why" is a reasonably good qwestion.
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Qwest engineer

[Laurence F. Sheldon, Jr.]

Can a Qwest engineer send me an offlist email pertaining to a DS3.


Oh goody a genuine on-topic one liner, with 13 lines of .sig.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Blogger post failed

[Laurence F. Sheldon, Jr.]

Derek J. Balling wrote:


On Aug 14, 2006, at 12:43 PM, Laurence F. Sheldon, Jr. wrote:

Who forwards NANOG posts to a blogger gateway? You, me, and a  claw- 
hammer need to have a chat.


Not me, but what is interesting is that I've not seen any evidence  of 
that when I post.


Are you using multipart/signed messages? That's probably the  
difference


Ah.  Yes.  No, I don't (or at  least I don't I do--'sposed to be plain 
text.)


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Fwd: Blogger post failed

[Laurence F. Sheldon, Jr.]

Derek J. Balling wrote:

Who forwards NANOG posts to a blogger gateway? You, me, and a claw- 
hammer need to have a chat.


Not me, but what is interesting is that I've not seen any evidence of 
that when I post.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: SORBS Contact

[Laurence F. Sheldon, Jr.]

Laurence F. Sheldon, Jr. wrote:



David Schwartz wrote:

Nonsense. You have tort obligations as well as contractual 
obligations.

Specifically, if you take custody of someone else's data, and you have no
contract with that person, you have a tort obligation not to destroy it.



The nonsense is here!  I am not a lawyer, but I am pretty sure that if 
you abandon property (stretching the definition of "property" to get you 
foolishness into view) that I did not ask for on my property, I am am 
pretty sure that not only can I abate the nuisance, I in doing so have a 
tort claim against you for the damage and the cost of abatement.





Too bad I'm no longer bright enough to read my own .sig!  Among other 
things, it says there from time to time:


"Ex turpi causa non oritur actio" which I believe to be Lawyer Latin for 
"No cause of action may be founded upon an immoral or illegal act".


(Thanks sixthformlaw.info for the quotation.)
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: SORBS Contact

[Laurence F. Sheldon, Jr.]

David Schwartz wrote:


Nonsense. You have tort obligations as well as contractual obligations.
Specifically, if you take custody of someone else's data, and you have no
contract with that person, you have a tort obligation not to destroy it.


The nonsense is here!  I am not a lawyer, but I am pretty sure that if 
you abandon property (stretching the definition of "property" to get you 
foolishness into view) that I did not ask for on my property, I am am 
pretty sure that not only can I abate the nuisance, I in doing so have a 
tort claim against you for the damage and the cost of abatement.



--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Scott Morris wrote:



"E-mail rest in peace?


That is what I tried to indicate.

An exchange somewhere (I can't now find it) went something like:

God is dead   - Nietzsche
Nietzsche is dead - God
Email is dead - Larry

To which I added that it will someday be

Larry is dead - Email
   but it will get lost in somebody's spam sump.



A cause does not create/allow action? "


Ex turpi causa non oritur actio -- Lawyer Latin for "No cause of action 
may be founded upon an immoral or illegal act."  which is my answer to 
the If-you-don't-deliver-my-spam-I'll-sue-you crowd.


I am not a lawyer.  And I have never been trained in Latin.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

joe mcguckin wrote:

Why not put critical or proprietary files on a flash key? I carry a  4G 
flash key on my keyring. Airport security has never given it a second
look. If the laptop ends up in the hands of a sticky-fingered baggage  
handler (or the TSA), there's nothing there for them to find.


Recent reports said you were allowed to carry passport, medicines 
required for the trip, and one or two other items that did not include 
any metallic objects as I recall.


And, to defeat the nosey customs folk who now want to login and  rummage 
around your files when you enter the US, create a dummy
account and give them that login when they insist on inspecting your  
laptop for "child porn". I've got nothing to hide, but I don't want some

ham handed idiot accidently deleting stuff either...


I wonder what they are trained to look for.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: mitigating botnet C&Cs has become useless

[Laurence F. Sheldon, Jr.]

Sean Donelan wrote:


On Sun, 13 Aug 2006, Laurence F. Sheldon, Jr. wrote:

This morning's Omaha Weird Harold has a front-page item about the City 
installing free wiffy hotspots around town.  It may be time for you to 
reconsider the options on the buggy-whip plant.


Any information about how the City plans to solve the problem of their
citizens using compromised PCs via their WiFi hotspots around town?


Not even any word on how they will pay for it, what with a number of 
expensive vote getters^W^Wcivic projects having spent the available 
money a couple of times.


But that is not really a new problem--the State of Iowa has (some time 
ago) equipped the highway rest areas and there are enough Starbucks 
around that you wonder why the City needs to do anything.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: mitigating botnet C&Cs has become useless

[Laurence F. Sheldon, Jr.]

Danny McPherson wrote:


On Aug 13, 2006, at 8:35 AM, Laurence F. Sheldon, Jr. wrote:


Danny McPherson wrote:


As importantly, broadband SPs are trying to move to triple (quad)
 play services, how tolerant do you think your average subscriber
is to losing cable television services because their kid
downloaded some malware?


At least one of us would applaud an effort to hold people
accountable for what they and their kids do.


Oops, I see how you could spin it that way...  Let me spin it back..

What if the malware your kid's PC (or better yet, your PC) was just 
infected with came through a virus received in email for which no fix

 was currently available and the resident AV solution was unaware?


Sorry you weren't able to get the spin you wanted, but I still think 
that if people want to use email readers that execute the messages 
instead of displaying them in plain text without seizure inducing 
jiggles, without root kits, without all the rest of the malware spectrum 
they ought to be held accountable for that action.


Their choice, let them pay for it.

Now you can't watch the game tonight, or your favorite show, or use 
skype to chat with your daughter in Europe, or check your email, [or 
call 911?] all because the malware triggered something on the network

 side that resulted in you being "walled gardened"?


If it is my house, it won't happen twice, I betcha.

And if you want to sell a service that allows misbehaviour without 
penalty to your misbehaving customers, more power to you.


But don't make _ME_ pay for it.


My position here is aligned with Sean's and Arjan's.  IF you were
able to offer any such "walled-garden" services it's not simply a
binary  thing, there's a large array of variables that need to be
accounted for technically - entirely independent of the economic ones
surrounding services that are hardly profitable already.

I believe there exists a significant opportunity here for such value-
adds for broadband and other services alike, but it's at least
initially going to be a rather complicated one.


This morning's Omaha Weird Harold has a front-page item about the City 
installing free wiffy hotspots around town.  It may be time for you to 
reconsider the options on the buggy-whip plant.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: mitigating botnet C&Cs has become useless

[Laurence F. Sheldon, Jr.]

Danny McPherson wrote:


As importantly, broadband SPs are trying to move to triple (quad)
play services, how tolerant do you think your average subscriber is
to losing cable television services because their kid downloaded some
malware?


At least one of us would applaud an effort to hold people accountable 
for what they and their kids do.


There _is_ precedent/  Any old 'phone folk around that can tell us about 
an "NPD for high toll"?


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Michael Nicks wrote:


Do we all really believe this laptop ban will last? I sure don't.


I think there are two issues in this thread -- this must refer to the 
air travel bans.  I don't know, but I'll bet it not only persists, it 
will get worse.


The other issue has to do with the trend to thoughtlessly carry valuable 
data (which in many cases belongs to somebody who didn't get a say-so in 
its care) in laptops which are not protected.


Somehow somebody is going to do something draconian to get that under 
control.


Some other form of executive dick-waving is going to have to be 
developed that does not put so much at risk.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Joseph S D Yao wrote:


On Sat, Aug 12, 2006 at 02:28:33AM +, Christopher L. Morrow wrote:


On Fri, 11 Aug 2006, Joseph S D Yao wrote:



Do modern laptops have disk drives that are that hard to remove?


one screw and 'pop' out comes all dell laptop harddrives... or boot from
cd, usb->copy all data, slide back into case and move on to next.

you have 2 hours between baggage arrival and load-plane time so you do the
math! :)


I had more in mind removing it from the laptop before someone else
could.


Which took me to the question:  "What would you then do with it?"

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Laurence F. Sheldon, Jr. (that is me) wrote:

Christopher L. Morrow wrote:


On Fri, 11 Aug 2006, Joseph S D Yao wrote:


Do modern laptops have disk drives that are that hard to remove?


one screw and 'pop' out comes all dell laptop harddrives... or boot from
cd, usb->copy all data, slide back into case and move on to next.

you have 2 hours between baggage arrival and load-plane time so you do 
the

math! :)


I guess I mis-understood his intent. [1]

In any case, it occurred to me that in today's throw-away commodity 
computer world, why don't we return to those thrilling days of 
yesteryear where we expected the destination to have all the stuff we 
needed, pretty much?  All the files on a central server (where, like the 
old central file room they will be safer) accessed from appliances 
installed everywhere like lights and telephones.  Maybe give them a 
catchy name like "minitel" or something.


Forgot the footnote.  Hate it when people do that!

[1] Only the (was first,now...) second mistake since dinner.
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Christopher L. Morrow wrote:


On Fri, 11 Aug 2006, Joseph S D Yao wrote:


Do modern laptops have disk drives that are that hard to remove?


one screw and 'pop' out comes all dell laptop harddrives... or boot from
cd, usb->copy all data, slide back into case and move on to next.

you have 2 hours between baggage arrival and load-plane time so you do the
math! :)


I guess I mis-understood his intent. [1]

In any case, it occurred to me that in today's throw-away commodity 
computer world, why don't we return to those thrilling days of 
yesteryear where we expected the destination to have all the stuff we 
needed, pretty much?  All the files on a central server (where, like the 
old central file room they will be safer) accessed from appliances 
installed everywhere like lights and telephones.  Maybe give them a 
catchy name like "minitel" or something.


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: New Laptop Polices

[Laurence F. Sheldon, Jr.]

Joseph S D Yao wrote:


Do modern laptops have disk drives that are that hard to remove?


Let us say "No, they are not that hard to remove."

Now what?  (Recall that this thread started with a situation where it 
was said that carry-on was limited to passport, medicine in small 
quantities, and precious little else.)


--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: SORBS Contact

[Laurence F. Sheldon, Jr.]

Steve Sobol wrote:


Allan Poindexter wrote:


 Matthew> so would you consider as it is my network, that I should
 Matthew> not be allowed to impose these 'draconian' methods and
 Matthew> perhaps I shouldn't be allowed to censor traffic to and
 Matthew> from my networks?

If you want to run a network off in the corner by yourself this is
fine.  If you have agreed to participate in the Internet you have an
obligation to deliver your traffic.


In many cases, that is a gross overgeneralization. Do you think anyone really
wanted the Slammer worm, or complained when ISP's blocked it?


I suspect he really means that.  The whole game here is maximum dollar 
for minimum service.


I was pretty much chased off of NANOG some years ago because of my 
undiplomatic insistence that the SP's had an obligation to block evil 
traffic (which in those would have been an easier matter than it is 
today).  And yes, I didn't handle the diversionary flame wars and ad 
hominem attacks very well.  Don't bother yourself, anybody, with looking 
them up.


I work for a company that is contractually obligated to NOT carry certain
traffic for our clients.



the users got it wrong some small percentage amount of the time.  I
was stunned at the arrogance and presumption in that comment.  You
can't tell from looking at the contents, source, or destination if
something is spam because none of these things can tell whether the
message was requested or is wanted by the recipient.  The recipient is
the only person who can determine these things.



You're right. But... So what?

Perhaps it's because you're seeing things from an academic point of view and
not from a business point of view, but your post mention nothing about
contracts. People generally use DNSBLs without any formal agreement as to
what they should expect. Without any formal agreement, you really can't talk
about "obligations to deliver traffic." In this case, your recourse is to not
use the DNSBL. If you're mailing someone who has a DNSBL, you (as the sender)
have *no* recourse other than to complain to the DNSBL user.

Plus, as I pointed out earlier, some people contract with service providers
to prevent certain traffic from getting to their networks (not just spam,
either).



There are simple solutions to this.  They do work in spite of the
moanings of the hand wringers.  In the meantime my patience with email
"lost" silently due to blacklists, etc. is growing thin.



You're certainly welcome to encourage others not to use blacklists. Just
understand that you have no right to complain when they decide to continue
using those blacklists.

Having said that, do understand that I don't think DNSBL's are a panacea, nor
are their operators perfect. But in many cases, they can be a useful tool in
the anti-spam arsenal.





--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: SORBS Contact

[Laurence F. Sheldon, Jr.]

Michael Nicks wrote:

Actually I think this thread progressed from someone getting dirty 
blocks, to complaining about liberal-listing-RBLs (yes SORBS is one), to 
RBLs defending themselves and their obviously broken practices. We 
should not have to jump through hoops to satisfy your requirements.


Fair enough.

End users ought not to have the functionality of email destroyed because 
originating SP's won't show due diligence in preventing abuse of the 
network.


If you don't like SORBS, don't use it.

Don't send email to anybody who does.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Detecting parked domains

[Laurence F. Sheldon, Jr.]

Patrick W. Gilmore wrote:


I doubt we're "famous".  How are you going to be able to tell they  
aren't parked?  Pull up the web page on a few domains to see what  they 
look like?  Check all 1000 manually?  Half?


Whose business is it.  Who cares?
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Detecting parked domains

[Laurence F. Sheldon, Jr.]

Randy Bush wrote:


i know this will come as a shock, but there ar eother uses for domain
names than web sites


Surely you jest!  Surely a domain with no listener on port 80 or 25 is 
not a legitimate domain.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: AOL Mail Problem

[Laurence F. Sheldon, Jr.]

Allen Parker wrote:

 I really

wish more people would stand up to aol and explain to them that their
spam filtering stuff is ineffective as well as annoying.


I for one really wish the service providers of the world had been 
willing to deal with the spam problem when it first arose.


That some are now beginning to as AOL is is heartening, but it is now 
too little, too late.


email as a useful tool is dead.  Get used to it.

For the future of email, look at the history of Citizens Band Radio.
And ponder the significance of Gresham's Law here.

--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Hot weather and power outages continue

[Laurence F. Sheldon, Jr.]

Brandon Galbraith wrote:


My assumption is that it means "it isn't going to keep things cold, but it
will keep the air flowing to prevent a 'server sauna'".




On 7/25/06, Sam Stickland <[EMAIL PROTECTED]> wrote:



> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Sean Donelan
> Sent: 24 July 2006 13:27
> To: nanog@merit.edu
> Subject: Re: Hot weather and power outages continue



> I've always been a fan of being able to force 100% economizer and
chiller
> loop bypass emergency operation; it won't keep you "cool" but will help
> keep your data center from turning into an Easy-Bake Oven(tm). But that
> failure operating mode is rarely part of the standard HVAC programming.

Sean,

Can you elaborate on what you mean by " force 100% economizer and chiller
loop bypass emergency operation"

Thanks,

Sam


When I was in charge of such things, there was a way to circulate 
evaporator tower water n the chilled water loop to remove some of the 
heat, if you had enough power to run the two pumps.



--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Quick question about secondary addresses

[Laurence F. Sheldon, Jr.]

Jon Lewis wrote:
On Sat, 31 Jul 2004, Jesper Skriver wrote:
On Fri, Jul 30, 2004 at 10:21:06AM -0700, Dan Lockwood wrote:
I'm in a debate with a guy over the use of 'ip address x.x.x.x s.s.s.s
secondary' on Cisco gear.  I seem to remember reading that the use of
secondary addresses is a bad idea, but I can't recall the details of
why.  Process switched?
No, traffic to hosts within a subnet configured as secondaries
will be CEF switched.
The only "bad" thing I can think of with secondaries, is that it's often
not what you want, why not split it on layer 2 as well, and get the
benefit of a smaller broadcast domain ?
A few other possible issues:
1) routing protocols (i.e. ospf) will not form adjacencies with devices in
the secondary address subnets...so if you're doing this to get more
address space on a particular ethernet without renumbering, if you need
OSPF on the ethernet, all the OSPF speakers have to be in the primary
subnet.
2) If you're doing this to separate customers, it doesn't really.  They're
all free to steal each others IPs.  Better solutions would be VLAN
trunking back to the router with a subint for each subnet or a L3 switch
effectively doing that all in one box.
I meant to add (but apparently didn't sent the reply where I thought I
did):
Depending on traffic flows, the "one-armed" routing (bouncing the
traffic from one IP net to the other off the router) can be a
significant issue for the router.
3) Human error.  More than once I've seen someone change an interface's
primary IP by "adding a secondary" and hitting return before typing
"secondary".  Maybe it would have been better/safer if the command were
"secondary ip addr ..." :)
That is an especial treat when you do it the interface you are talking
to the router on.
I always set a secondary on the most-likely-to-be-the-managment
interface and left it there and used it for managment sessions.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Convention networks and viruses

[Laurence F. Sheldon, Jr.]

Scott Weeks wrote:
On Thu, 29 Jul 2004, Sean Donelan wrote:
: As NANOG has experienced during the last several meetings, in any network
: used by a large number of people, there will be a certain percentage of
: people which bring infected computers into the network.
:
: http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted=3
: Wiring a Convention, Version 2004
: By SETH SCHIESEL
: Published: July 29, 2004
: [...]
:   But data services have not been as solid. Many news organizations
:   suffered intermittent breakdowns in Internet service, and on Tuesday
:   evening the main press pavilion was offline for about 90 minutes. A
:   spokesman for Verizon said the company deliberately caused the
:   interruption as part of an effort to root out a more deep-seated
:   network problem, which the company said appeared to have been caused by
:   a virus carried by network devices provided by news organizations. In
:   the interim, a handful of data lines provided by other companies,
:   including AT&T, served as a backup.

A buncha technically clueless newsgeeks brought infected micro$loth
computers into a convention?  Shocking!  What's this world coming to???
Sounds like Verizon hired low-end netgeeks if they had to bring the
network down to find these infected computers.
I must have dozed off.  What did Verizon have to do with the NANOG
meeting?
tisk-tisk-tisk Verizon.   MCSE != good netgeek   In fact, almost all the
time, the two are mutually exclusive, disjoint sets of people...
And sometimes "orthogonal" comes to mind.
And sometimes "congruent" does.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: ad.doubleclick.net missing from DNS?

[Laurence F. Sheldon, Jr.]

Paul Vixie wrote:

on the other hand, if you do this for a nameserver that your customers
depend on, then there is probably some liability for either trademark
infringement, tortious interference with prospective economic advantage,
and the gods alone know what else.  if you do this, keep it to a server
you run on 127.0.0.1 and ensure that you are its only user.
Where is it written that a server has to carry other people's non-
revenue advertizing or links to it?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: 2511 line break

[Laurence F. Sheldon, Jr.]

Good, honest to ${D**ty} Operational Content?
sadly not

Re: Google?

[Laurence F. Sheldon, Jr.]

Randy Bush wrote:
Sending a "break" to a 2511?  Now _there_ is an operational
issue!  (Wonder if he knows you have to plug a VT52 in to make it work?)

damned hard to do from big island when the machine is in the
seattle westin
What happened when you read the manual?

Re: Google?

[Laurence F. Sheldon, Jr.]

Todd Mitchell - lists wrote:
On 26/07/2004 11:28 AM Marco Davids (SARA) wrote:
Google seems to fail on every search containing the word 'mail' ?

hhmmm...is this somehow related to network operational issues?  Have a 
problem with googleemail google not nanog.
Perish forbid!  Viruses?  spam?  DOS?  network operational issues?
Of course not.
Sending a "break" to a 2511?  Now _there_ is an operational
issue!  (Wonder if he knows you have to plug a VT52 in to make it work?)

Re: Looking for recommendations for Datacenter off CA Faultline

[Laurence F. Sheldon, Jr.]

Nicole wrote:
 A company I work with (who's servers are located in the San Jose, CA) is
looking to setup some backup servers at a datacenter whose connectivity and
location is off any faultline, or away from other malady, that might effect its
main servers datacenter or connectivity. Problem is, they also want them as
physically close as possible. 
We just had an earthquake here in Nebraska.  Maybe you want to look
around New Madrid, MO.
 Might anyone have any recommendations for datacenters and or ways I can best
determine this? 
Are tornadoes and lightening an issue?
 It does me no good to go to a datacenter whose connectivity also comes
from the same peeing points or fiber that would be effected or take down a
data center in South Bay. Despite being off faultline.
The CoE is pretty strict about what we dump in the river, so I
don't think there are any peeing points that would be useful for you.
 Hopefully I have worded this coherently.
Um..
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: concern over public peering points [WAS: Peering point speed publicly available?]

[Laurence F. Sheldon, Jr.]

Mikael Abrahamsson wrote:
On Sat, 3 Jul 2004, Randy Bush wrote:

no.  in the first case, you're just hiding the incremental costs.
eventually, some bean counter is gonna want to recover them, and
then folk get quite unhappy.

What costs are you referring to? You basically need a few hours time per 
month from engineers and billing department. This for an exchange that has 
20 ISPs connected to it. The amount of traffic isn't really a factor, but 
the one I know of and am part of running carries multi-gigabit.
Does the person that sweeps the floor do so for free?  And supply the
broom?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Can a Customer take their IP's with them? (Court says yes!)

[Laurence F. Sheldon, Jr.]

Johnny Eriksson wrote:
"Fergie (Paul Ferguson)" <[EMAIL PROTECTED]> wrote:

Regardless, this is not a telephony issue ("Can I take my cell
number with me?"), as the courts as seem disposed to diagnose
these days, but rather, a technical one insofar as the IP routing
table efficiency.

No, this is not about taking a phone number.  This is about a someone
moving to a new apartment in a different part of town, and asking the
court to force the owner of the old house to reassign the old street
address to him.
All the places I have ever been, the address was assigned by somebody
other than the building owner, ususally as a product of legislative
action.  A court order can not require the paramedics from New York to
respond to a call now from Juneau.

Re: real-time DDoS help?

[Laurence F. Sheldon, Jr.]

Charles Sprickman wrote:
"even though we null route the destination IP being attacked, this traffic
will be billed".

Re: Travelling the backway to Google

[Laurence F. Sheldon, Jr.]

Jared Mauch wrote:

I think the question is truly this:
some of the dns responses that i saw had low ttls, should
they use a longer ttl?
the problems i saw were related to the data expiring from the cache,
some of this is to workaround broken clients/resolvers that will "latch"
on to one IP (as part of a load balancing solution), but IMHO
those people don't deserve internet service until their systems properly
do RR...
One of us thinks the shor TTL is at the heart of the Akamai "system".
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Akamai DNS Issue?

[Laurence F. Sheldon, Jr.]

Mark Radabaugh wrote:
But you don't say how to avoid failures caused by massive confusion when
maintaining a excessively complicated system
I don't have much to offer for the "excessively complicated" case
(which I think the instant case is an example of), but there are
cases as complex and complicated with some justification in my history.
For those, the best solutions involved concepts like "canned, tested,
documented procedures", "quality control", "change management" (which
included "staging", "testing and verification", and so on.
We were not fond, in the "production" and "system test" environments, of 
people who made ad hoc changes of any kind.

Many years ago, I hand carried a patch through the approvals process,
group leader reviewed the purpose, urgency, test methods, test results,
and signed the sheet.  District manager looked it over and asked "what
are the chances that this patch could fail?"  I flippantly replied
"One in a million!".
He handed the documents back unsigned with the words "Seven times
in the Metro (Los Angeles, California) office tonight.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Points on your Internet driver's license (was RE: Even you can

[Laurence F. Sheldon, Jr.]

Owen DeLong wrote:
No... The negligent ISPs end up with all the abusing customers and have a
hard time getting transit themselves.  Eventually, you end up with two
internets... One run by and for the abusers and negligent, one for everyone
else.  I have no problem with that.
There should be a twelve-step program for people like me who can't
stay out of a discussion
I think we are already on our way to a multiple-Internet world, with
the CB-radio model of everybody shouting about all manner of stuff
ranging from very useful to utter sewage (uttered sewage?), and the vpn 
model (note lowercase attempt at a generalizing term) of encrypted
tunnels, firewall rules, DNSBLs, challenged response, SPF, et alia.

Implicit in the latter is a prior negotiation and rules-of-contact
setting, meaning no contact via the Internet by parties unknown.
I wonder if a 500 kc-like "calling" channel with very tight and
enforced rules will emerge somehow.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Randy Bush wrote:
I think unassigned ports should be dropped from
routing tables

your wish is the internet's comman.  ports are no longer
in routing tables.

Thank you
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Henry Linneweh wrote:
Here are a list of very active ports that attempt to
hack into peoples systesm from various parts of the
world China in particular. 

I think unassigned ports should be dropped from
routing
tables unless they are registered with the host and or
providers as to their legitimate use
smpnameres 901/tcp  SMPNAMERES
smpnameres 901/udp SMPNAMERES
blackjack  1025/tcpnetwork blackjack
blackjack  1025/udp   network blackjack
cap1026/tcp   Calender Access Protocol
cap1026/udp   Calender Access Protocol
exosee 1027/tcp   ExoSee
exosee 1027/udp   ExoSee
#  1124-1154  Unassigned
ssslic-mgr 1203/tcpLicense Validation
ssslic-mgr 1203/udp   License Validation
ms-sql-s   1433/tcp   Microsoft-SQL-Server 
ms-sql-s   1433/udp   Microsoft-SQL-Server 
ms-sql-m   1434/tcp   Microsoft-SQL-Monitor
ms-sql-m   1434/udp   Microsoft-SQL-Monitor
#  6851-6887  Unassigned
monkeycom  9898/tcp   MonkeyCom
monkeycom  9898/udp   MonkeyCom

And I need a list that shows who or what owns Dynamic
and/or Private Ports
-Henry
--- "Laurence F. Sheldon, Jr." <[EMAIL PROTECTED]>
wrote:
Andy Dills wrote:

On Thu, 10 Jun 2004, Laurence F. Sheldon, Jr.
wrote:

Jeff Shultz wrote:


But ultimately, _you_ are responsible for your
own systems.
Even if the water company is sending me 85%
TriChlorEthane?
Right.  Got it.  The victim is always responsible.
There you have it folks.

Change the word "victim" to "negligent party" and
you're correct.
Ignoring all of the analogies and metaphors, the
bottom line is that ISPs
are _not responsible_ for the negligence of their
customers, and that ISPs
are _not responsible_ for the _content_ of the
packets we deliver. In
fact, blocking the packets based on content would
run counter to our sole
responsibility: delivering the well-formed packets
(ip verify unicast
reverse-path) where they belong.
Remember, we're service providers, not content
providers. Unless your AUP
or customer contract spells out security services
provided (most actually
go the other way and limit the liability of the
service provider
specifically in this event), then your customers
have to pay you to secure
their network (unless you feel like doing it for
free), or they are
responsible, period.
As far as I'm concerned, that guy would have a
better shot at suing
Microsoft then challenging his bandwidth bill.
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---

How many more of these do I need, do you think?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/



Thanks
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Henry Linneweh wrote:
Here are a list of very active ports that attempt to
hack into peoples systesm from various parts of the
world China in particular. 

Thank you.

I think unassigned ports should be dropped from
routing
tables unless they are registered with the host and or
providers as to their legitimate use
smpnameres 901/tcp  SMPNAMERES
smpnameres 901/udp SMPNAMERES
blackjack  1025/tcpnetwork blackjack
blackjack  1025/udp   network blackjack
cap1026/tcp   Calender Access Protocol
cap1026/udp   Calender Access Protocol
exosee 1027/tcp   ExoSee
exosee 1027/udp   ExoSee
#  1124-1154  Unassigned
ssslic-mgr 1203/tcpLicense Validation
ssslic-mgr 1203/udp   License Validation
ms-sql-s   1433/tcp   Microsoft-SQL-Server 
ms-sql-s   1433/udp   Microsoft-SQL-Server 
ms-sql-m   1434/tcp   Microsoft-SQL-Monitor
ms-sql-m   1434/udp   Microsoft-SQL-Monitor
#  6851-6887  Unassigned
monkeycom  9898/tcp   MonkeyCom
monkeycom  9898/udp   MonkeyCom

And I need a list that shows who or what owns Dynamic
and/or Private Ports
-Henry
--- "Laurence F. Sheldon, Jr." <[EMAIL PROTECTED]>
wrote:
Andy Dills wrote:

On Thu, 10 Jun 2004, Laurence F. Sheldon, Jr.
wrote:

Jeff Shultz wrote:


But ultimately, _you_ are responsible for your
own systems.
Even if the water company is sending me 85%
TriChlorEthane?
Right.  Got it.  The victim is always responsible.
There you have it folks.

Change the word "victim" to "negligent party" and
you're correct.
Ignoring all of the analogies and metaphors, the
bottom line is that ISPs
are _not responsible_ for the negligence of their
customers, and that ISPs
are _not responsible_ for the _content_ of the
packets we deliver. In
fact, blocking the packets based on content would
run counter to our sole
responsibility: delivering the well-formed packets
(ip verify unicast
reverse-path) where they belong.
Remember, we're service providers, not content
providers. Unless your AUP
or customer contract spells out security services
provided (most actually
go the other way and limit the liability of the
service provider
specifically in this event), then your customers
have to pay you to secure
their network (unless you feel like doing it for
free), or they are
responsible, period.
As far as I'm concerned, that guy would have a
better shot at suing
Microsoft then challenging his bandwidth bill.
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---

How many more of these do I need, do you think?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/




--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: [OnTopic] common list sense and responsibility

[Laurence F. Sheldon, Jr.]

My last on the topic--maybe even the list.
I take the responsibilty for a number of things, depending on
the topic of the discussion.
In the case of email conversations, particularly email
converations on mailing lists, I think there are
responsibilites on the author to:
Delete all the baggage that has accumulated that is not relevant
to the instant message, like the addresses in excess of the intended
recipent or recipient-list, like the material that is not the
object of the current comments, like the collection of cute .sig
things that were not separated by a proper separator or not dropped
by a proper mailer.  (And it happens that I am reduced to using
Netscape as a mailer, and to the best of my ability I have not
found a way to add not-required headers to the messages.)
But I'm big on "responsibility" and I understand that I am pretty
close to alone here on that.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: [OnTopic] common list sense (Re: Even you can be hacked)

[Laurence F. Sheldon, Jr.]

Paul Jakma wrote:
On Fri, 11 Jun 2004, Laurence F. Sheldon, Jr. wrote:
Really?  My responsibility to make sure you control your outbound 
mail.  Got it.

You really think everyone on this list should remember the preference of 
every other poster as to whether they do or do not want a direct copy? 
Maybe we could have a list on a web page and everyone could check the 
list before replying to a post. That'd be really useful. But wait, 
seeing as how we've got these new-fangled computer thingies that can 
take care of drudgery for us, how about we provide a way to allow the 
poster to specify what their preference is, and then other people's 
computers could automatically use that preference!

Oh wait:
http://www.freesoft.org/CIE/RFC/822/28.htm
Someone already thought of that! In *1982*. Gosh, how prescient!
Or the document a little out-dated and replaced.  But not your
responsibility huh?
(sorry if the sarcasm is a little thick, but I groan and shake my head 
every time someone posts to NANOG about how people should please stop 
including them in list replies. When I see someone who usually has a 
modicum of clue do same I just have to reply. :) )

Oh.  Any suggestions on how to do that using my mailer?

No idea, consult its documentation. I do ctrl+r in my MUA, in Netscape 
Communicator or Mozilla mail or Thunderbird you just add the address in 
a new field and click the drop down list and change the 'To' to 'Reply-To'

If your mailer can not do something as simple as allow you to specify 
the Reply-To, I suggest you upgrade to something that is at least 
half-decent.

And I'll delete the other copy you sent me for you.

That's another option I guess.
Where is RFC 2821 is this requirement, by the way?  RFC 2822
says it is optional but seems to be less than useful in the
context here.

Yes, of course Reply-To is optional. Absence of Reply-to indicates reply 
should go to sender.

regards,

--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Andy Dills wrote:
On Thu, 10 Jun 2004, Laurence F. Sheldon, Jr. wrote:

Jeff Shultz wrote:

But ultimately, _you_ are responsible for your own systems.
Even if the water company is sending me 85% TriChlorEthane?
Right.  Got it.  The victim is always responsible.
There you have it folks.

Change the word "victim" to "negligent party" and you're correct.
Ignoring all of the analogies and metaphors, the bottom line is that ISPs
are _not responsible_ for the negligence of their customers, and that ISPs
are _not responsible_ for the _content_ of the packets we deliver. In
fact, blocking the packets based on content would run counter to our sole
responsibility: delivering the well-formed packets (ip verify unicast
reverse-path) where they belong.
Remember, we're service providers, not content providers. Unless your AUP
or customer contract spells out security services provided (most actually
go the other way and limit the liability of the service provider
specifically in this event), then your customers have to pay you to secure
their network (unless you feel like doing it for free), or they are
responsible, period.
As far as I'm concerned, that guy would have a better shot at suing
Microsoft then challenging his bandwidth bill.
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---

How many more of these do I need, do you think?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: [OnTopic] common list sense (Re: Even you can be hacked)

[Laurence F. Sheldon, Jr.]

Paul Jakma wrote:
On Thu, 10 Jun 2004, Laurence F. Sheldon, Jr. wrote:
Why do I have to get two and three copies of each of these?

Because you havn't set a Reply-To header? Eg with the list as address?
I'm on the list folks, if you send it to the list I'll get it.  I 
don't need a copy to the list and Cc:'s until the end of time.

Then set a Reply-To. Pretty simple..
regards,
Really?  My responsibility to make sure you control your outbound
mail.  Got it.
Oh.  Any suggestions on how to do that using my mailer?
And I'll delete the other copy you sent me for you.
Where is RFC 2821 is this requirement, by the way?  RFC 2822
says it is optional but seems to be less than useful in the
context here.

--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

David Schwartz wrote:

On Jun 10, 2004, at 2:06 PM, Laurence F. Sheldon, Jr. wrote:

The "victim" in the case Sean posted knew he had a worm, got some of
his first bill forgiven, yet did nothing to correct it and acts
surprised when the same thing happens the next month.  YES, he is at
fault.  Anyone who thinks differently .. uh .. can I buy b/w from you?
:)  Oh, and since you feel responsible, I'm only going to pay for the
amount of traffic I think I should have gotten on my web page, even if
I get /.'ed or something.  Does $25/Mbps sound good?  I plan to use
about 1 Mbps, but I will need an un-rate-limited GigE connection.
I do not believe there is credible evidence that I wrote any of that.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Andy Dills wrote:
Keep in mind, this guy's ISP, like many (most?) ISPs would do, gave the
guy a serious break on the first jaw-dropping bill.
Why do I have to get two and three copies of each of these?  I'm on
the list folks, if you send it to the list I'll get it.  I don't need
a copy to the list and Cc:'s until the end of time.
But since I am here, let me also ask that we kee in mind, that if this
guy is anyting like folks close to home here, his ISP requires him
to run a current version of IE, OE and NT of some kind.
He hooked that up, his ISP delivered a a successful attack on the
combination.
Now, let's stop the movie and identify the negligent parties and
the responsible parties.  No huge bill yet, no infected anybody
else yet.
But if you're the phone company, and a customer mysteriously has somebody
break into their house month after month to call Hong Kong for a few
hours, do you really think they're going to keep voiding those charges?
Clearly the customer is negligent, even if another party is directly
responsible.
Speaking for Xecunet, we offer both capped and metered billing packages,
and we always make a point of offering customers a capped solution when
something like this happens. If they decline, we make sure they understand
that in the future they will be liable for 100% of the packets coming from
their port, regardless of the circumstances. Maybe we should start putting
this in writing, but it hasn't really been a problem.
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---

--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Jeff Shultz wrote:

But ultimately, _you_ are responsible for your own systems.
Even if the water company is sending me 85% TriChlorEthane?
Right.  Got it.  The victim is always responsible.
There you have it folks.

Re: Even you can be hacked

[Laurence F. Sheldon, Jr.]

Sean Donelan wrote:
Does the water company fix your toilet if it leaks water?  Or do you call
a plumber?
On the other hand, if the water company was sending pollutants in the
water you bought, there was a perceived responsibility upon the water
company.
Now, which broken metaphor (leaky toilet, pollutant contaminated
stream) best fits the problem at hand?
Take all the time you need, we will wait.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Worst case worm damage estimates: Research

[Laurence F. Sheldon, Jr.]

Michel Py wrote:
SD> That's less than $400 per defective motherboard.
SD> Your paper estimates it would cost more than double
SD> to replace a scrambled BIOS.

Edward B. Dreger
Definitely sounds high, especially considering the
cheap end with socketed a DIPP BIOS: Boot from
"loaner" BIOS chip. Remove loaner BIOS. Insert chip
containing scrambled BIOS. Flash.

Indeed. I found out that in most cases the loaner BIOS does not even
have to come from the same brand PC and in many cases it will allow to
boot DOS to flash the original BIOS back even if it was for another
chipset.
As far as re-installing Windows, it just takes a few minutes when you
have something like Symantec Ghost or Altiris client.
Just one question--who is paying to get the production work done while
all this is going on?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

nanog@merit.edu

[Laurence F. Sheldon, Jr.]

Jon R. Kibler wrote:
Why no filtering by ISPs? "Because it takes resources and only benefits
the other guy" -- unless your network is the one under attack.
There you have the "operational" issue in a nutshell.
No dime, no do.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: What HTTP exploit?

[Laurence F. Sheldon, Jr.]

Vinny Abello wrote:
At 11:07 AM 5/31/2004, Mike Nice wrote:
>It seems to be another stupid Microsoft Exploit that just
>causes annoyance for Unix Boxes.
>The only side effect is they fill my dmesg logs with
>signal 11's from apache crashing.
   Am I the only one that sees the irony that Apache seg faults from an
attack aimed at Msoft?!
I mentioned that too to the original poster, but they didn't seem that 
concerned since Apache respawns itself. I thought if it can be crashed 
by cramming too much info into a buffer before it's truncated, that's 
considered a buffer overflow. I'm no programmer and may be off base here 
but it just struck me as odd also. You're not alone Mike. :)
I'm not sure what the background message is here--and I certainly don't
know the issues involved in handling the attack gracefully are, but it
does seem clear to me that crash-and-respawn is a better idea than
multiply-the-attacker-and-the-damage-diameter is.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: best effort has economic problems

[Laurence F. Sheldon, Jr.]

Neil J. McRae wrote:
I've seen compelling evidence over the past two years that clearly shows
some carriers who have sold well below cost who then also went into chapter
11.
Fascinating discovery, that.  What on earth will happen to us if _that_
word leaks out?!??!
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: [Fwd: [IP] New flaw takes Wi-Fi off the air]

[Laurence F. Sheldon, Jr.]

Suresh Ramasubramanian wrote:


And someone would then start another thread about BCP 38 on nanog ... 
funny how several threads turn into a thread about spoofed source 
address filtering in no time at all :)
Let the record reflect the fact that it was not I who did that this
time.  I forgot where the grease spot (from the oft-beaten horse) was.
--
Requiescas in pace o email
Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Spamcop

[Laurence F. Sheldon, Jr.]

Chris Brenton wrote:

On Tue, 2004-05-11 at 18:15, Laurence F. Sheldon, Jr. wrote:

As an ex-admin, I have some "serious issues" about the way Spamcop
works, but this argument is similar to one that says a credit reporting
company has to prove that you are a deadbeat before reporting that
several companies you do business with report that you are late with
payments a lot.
I would agree with your analogy if Spamcop limited automatic reporting
to subset of the community. The problem is they do not. I can't call up
a credit agency and get them to automatically red mark your credit
report. I obviously can send pretty much anything to Spamcop, claim you
are a spammer and get them to act on that.
Actually, apparently you can--we have to (actually, my dear wife has to)
take the reporting houses to task every now and again because they
report, on occasion, that we are somehow connected to people who
have financial difficulty.  Sometimes it is people we know, but have
no responsibility for, sometimes it is people whose account numbers
are related numerically to ours, sometimes we never find out how they
got on our report.
And the "act on that" means "report that you reported it--with your
privacy protected" doesn't it?
--
Requiescas in pace o email
Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Spamcop

[Laurence F. Sheldon, Jr.]

Chris Brenton wrote:


Further, Spamcop should implement some form of check to verify that the
e-mail is in fact spam before they go pointing the finger and/or
blocking mail servers. The problem of end users leveraging Spamcop to
get them off of mailing lists or a simple way of DoSsing a discussion
forum would become mute if some form of sanity checking was in place.
As an ex-admin, I have some "serious issues" about the way Spamcop
works, but this argument is similar to one that says a credit reporting
company has to prove that you are a deadbeat before reporting that
several companies you do business with report that you are late with
payments a lot.
And as an ex-admin that had some contact with mailing lists and their
operation and managment I will say that the notion that people "forgot"
that they subscribed to a list does not happen nearly as often as it
is used to wriggle out from under a spam complaint.
--
Requiescas in pace o email
Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: Spamcop

[Laurence F. Sheldon, Jr.]

JC Dill wrote:

It could also simply be a mistake.  The inet-access list was once 
reported as a spam source by a happy subscriber who was busy reporting 
hundreds (or thousands?) of spams and clicked /included a list post by 
accident.

--

p.s.  Please do not cc me on replies to the list.  Please reply to the 
list only, or to me only (as you prefer) but not to both.
I'm going to join the guessing game and guess that some scoring system
scored on uncommon words (hierarchical), trigger words (credit), and the
number of Cc: entries (I did not count the ones in the original, the
complaint had a bitch-list 4 or five long, some of the responses to it
have 8 or 10 Cc:'s I think--I did not count them either), the origin
(Road Runner) and so on and reached the conclusion of 'spam'.
Welcome to the world where email has been taken away from us.

--
Requiescas in pace o email
Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: ISP for Bangalore, India

[Laurence F. Sheldon, Jr.]

Eric Gauthier wrote:

Heya,
I'm spec'ing out a project that involves some large-scale video conferencing
and collaboration amoung several locations.  The ones in the US are looking 
to use AccessGrid software, which we're anticipating will be about an 11Mbps 
peak load.  Anyone know if its possible to get a "reasonably" priced 11Mbps 
circuit in Bangalore, India that would also have under 500ms latency (i.e. 
not on a multi-second satellite hop) to the east coast of the US?
Looking to talk to old friends?  They didn't go there when their
jobs did.
--
Requiescas in pace o email
Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Re: What percentage of the Internet Traffic is junk?

[Laurence F. Sheldon, Jr.]

Jeff Shultz wrote:
So instead of trying to determine what percentage of internet traffic
is junk, why don't we set up categories (I saw someone make a start at
it a couple of messages back) and figure out what percentage of traffic
fits under each category. We can come up with our own opinions as to
which of those categories is junk. 

So I guess we would start with stuff that stands as a major category:
e-mail, nntp, ftp, telnet, ssh, web... and then you start doing a lot
of subcategorizations. I imagine it would start looking like a
hierarchical org chart. 
I imagine there are places that already produce statistics by protocol,
and I am reluctant to endorse a program that says one protocol is junk
and another is not.
I would prefer (but have no clue as to how to do) a catagorization
that has handles like "business transactions", "student research",
"warehouse transfers", "recreational", and so on until what ever
is left is counted as "junk" or some ephemistically similar term.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: What percentage of the Internet Traffic is junk?

[Laurence F. Sheldon, Jr.]

William B. Norton wrote:
With all the spam, infected e-mails, DOS attacks, ultimately blackholed 
traffic, etc. I wonder if there has been a study that quantifies

What percentage of the Internet traffic is junk?
I don't know the answer in any case, but I would need a definition
for "Internet traffic" before I could even start.
Do we include the image and tabular date to and from the EROS
Data Center?  How about the radiographic images and resulting
"readings" (or what ever the correct term is) to and from the
hospital in Atkinson?  Credit card transactions at FDR?
I have a morbid fascination with weather so I am forever looking
at maps, satellite images, and all sorts of stuff that some people
tell me is a waste of my time, so I presume that is "junk"
What are we talking about?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Worms versus Bots

[Laurence F. Sheldon, Jr.]

Steven M. Bellovin wrote:

However, up to 90% of the users *are* stupid:

Or is it possible there are other explanations?
Don Norman has argued quite eloquently that it's a technology and human 
factors failure -- see, for example,
http://www.interesting-people.org/archives/interesting-people/200312/msg00105.html
(reprinted from RISKS Digest).

Now, I'm not saying that it's easy to get things like this right, and 
I've argued loudly against the notion that auto-patching is a sane 
approach.  But if we deny that there's a problem except for "stupid 
people", we're not likely to find a solution.
That last sentence is the point I was trying to get to.
After all, nearly half the people here are below the average for
intelligence.
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: Worms versus Bots

[Laurence F. Sheldon, Jr.]

chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:

Seriosuly though, the Internet might be a better place for it. After 
all, 90% of those "stupid" people just want email and HTTP.
Do we have a pointer to a rigorous study that indicates either
assertion?
Or is it possible there are other explanations?
What will be do when they figure out that paying us to let them hurt
themselves is a sub-optimal use of their money?
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/

Re: TTY phone fraud and abuse

[Laurence F. Sheldon, Jr.]

Sean Donelan wrote:

On Sat, 10 Apr 2004, Scott Call wrote:

My point was that my $20 GE telephone cannot be made into a liability for
my telephone provider without my explicit participation, whereas a $20 a
month dialup (or $50 a month DSL, etc) customer can be a liability for me
just by being turned on.
Although Bell Labs avoided publishing papers about weakness in the
telephone system, it doesn't mean they don't exist.  The Communications
Fraud Control Assocation has a decent publication on communications
fraud.
Seems like John Draper had the corner on that market for a very long
time--1960's wasn't it when we had modify all the SF's?
--
Requiescas in pace o email

Re: Lazy network operators

[Laurence F. Sheldon, Jr.]

Robert Blayzor wrote:

Chris Boyd wrote:

NTL World no longer accepts abuse@ email.  You have to go to a web 
form that requires javascript be enabled and enter all of the 
information for them.  I guess that they got tired of processing the 
the abuse@ mail load and just bit bucketed it.
I'm late on this thread and I don't want to open a can of worms here, 
but...

I can understand the reasoning behind what they are doing, but perhaps 
they are taking things in the wrong direction.  Our abuse@ email address 
is just that, abused.  Our abuse@ mailbox gets probably 500+ spams a day 
with maybe 2-3 legit emails that we need to look at.  Sure we could run 
anti-spam measures on the abuse@ address but that probably isn't the way 
to go since most complaints to abuse@ are forward spam messages which 
could be marked and then missed.

I think making a reporting page that requires jscript and such is a 
little over the top, but I don't think a simple HTML standard web form 
is out of the question.  We've not gone this route yet, but we may head 
that way since I think the actual legit concerns of our abuse@ address 
are getting lost in the fray.  Having our techs/engineers go through the 
abuse@ box every day to play hide and seek is a bit of an agonizing task 
that nobody really wants, especially at the volume it is today.  If 
there was a standard that worked for this, we would certainly follow it. 
 As it is today, we have got to find something simple that works for the 
legit issues and something that doesn't burn up so many engineer/tech 
cycles.
I have a couple of thoughts that I'll try to keep brief enough not
to be banned for mentioning them...
Not everybody can use an HTML browser to compose messages.

As soon as it seems like a good idea to those I am not allowed to
mention here, they will hammer on the forms just like they do the
abuse@ addresses.
OK, three

How about all of the Service Providers decide to find a way to treat
the problem (instead of the symptoms that annoy them) and stop
the hammering on ALL accounts, including abuse@ accounts?
--
Requiescas in pace o email

Re: curious

[Laurence F. Sheldon, Jr.]

Scott Stursa wrote:

Two (possibly related?) phenomena:

1. Nothing from NANOG since yesterday.

2. .org TLD names not resolving

Maybe a local (to here) problem, but I thought I'd inquire before I start
looking into it.
Interesting.  Cox Central mail was dead from about 1300 Central
yesterday until about a half-hour.
This is the first item to come through (aside from a self-test)
since yesterday.
Obviously this one got through so something has changed.


I wonder if we had a major meltdown that they are not telling us
about...


Scott L. Stursa 850/644-2591
Network Security Officer [EMAIL PROTECTED]
Academic Computing and Network Services Florida State University
Modern cyberspace is a deadly, festering swamp, teeming with
dangerous programs such as "viruses," "worms," "Trojan horses"
and "licensed Microsoft software" that can take over your computer
and render it useless.
 - Dave Barry


--
Requiescas in pace o email

Re: Worm Triggers Attacks on File-Trading Services

[Laurence F. Sheldon, Jr.]

Sean Donelan wrote:

Why do people have the irresitable urge to click on things?
Then he wrote:

Click here to find out:
What is wrong with this picture?

http://www.washingtonpost.com/wp-dyn/articles/A349-2004Apr9.html

   The experts advised people not to click on strange attachments in
   e-mail, which can activate the worm, and to update their antivirus
   software frequently to ward off new threats.
--
Requiescas in pace o email

Re: Spam with no purpose?

[Laurence F. Sheldon, Jr.]

[EMAIL PROTECTED] wrote:


	for those who tire of the increasing complexity of email(*)
	may I recommend  /usr/ucb/mail - a (relatively) small, lightweight
	MUA.  
	
(*) plus attachments, video/audio clips, goofy fonts, textured/scented "stationary", 
et.al.
and/or  POP/IMAP, procmail, spamassasin, black/white/grey-lists, DNS hacks, et.al.
I'm thinking "Big Chief" tablet and black crayon.

--
Requiescas in pace o email

Re: the value of reverse address lookups?

[Laurence F. Sheldon, Jr.]

Douglas F. Calvert wrote:

On Wed, 2004-03-31 at 19:59, Stephen J. Wilcox wrote:

On Wed, 31 Mar 2004, Douglas F. Calvert wrote:

I am interested in finding out what the motivation is for requiring
valid reverse address lookups before connecting to a daemon. I have
heard a number of different explanations, the majority of the responses
point to history/tradition and tcpwrappers. Is there a commonly accepted
justification for this practice?  In my opinion it does not appear to
increase the validity of the connection. But I may be missing something
obvious.
Thanks in advance...
Well, my understanding is that whilst its easy to get a domain name and some dns
its usually quite difficult to put in a ptr record, these are usually controlled
by the ISP. If they dont exist or dont match then the address is a dialup or
hijacked or something not legitimate.. I think this is mainly an smtp antispam 
thing tho altho I see your point is for any connection is general, I guess the 
same appliers to hackers as to spammers.. ?
I am interested in both cases smtp and other services. Syr.edu only
accepts ssh connection to the public unix boxen if you come from an ip
with a valid reverse address. The majority of smtp servers on the net
require the same. What more is known about the mail sender or ssh client
just because the reverse address lookup goes through?
Anyone care to give their thoughts on the legacy aspect? 
Speaking for myself only, and for the groups that I used to manage
at the time I managed them...
There is a concept of a Complete Job in doing something.  In the
case of exposing a machine to a larger community, that Complete
Job includes (but is not limited to) such things as insuring
that machine is physically up to its assigned task, that its
Operating system is appropriate and at the appropriate patch
level, that the software is appropriate for the assignment, and
properly configured, that the installation is physically and
operationally secure, and that all of the paperwork (including
virtual paperwork like domain registrations and DNS minutia)
is in order.
If you are an outsider looking in at one of my installations, that
last one is the only one you can readily look at to see if you
think I am worthy of your trust.
--
Requiescas in pace o email

Re: UPS and generator interaction?

[Laurence F. Sheldon, Jr.]

David Lesher wrote:


Side thought, but not a NANOG topic. What in your data center
really cares if your generator puts out 57 or 63 Hz, not 60.0?
Why?
Some clocks get a little nutso.  Because they are powered by
AC synchronous motors with gearing that assumes 60 Hz.  (or
50 Hz, as the case might be.)
Some fans and other devices also use synchronour or induction
motors with similar engineering assumptions.
--
Requiescas in pace o email

Re: UPS and generator interaction?

[Laurence F. Sheldon, Jr.]

Doug Dever wrote:

Previously, Daniel Senie ([EMAIL PROTECTED]) wrote:

An additional note: some of the small to mid-sized propane/natural gas 
units come as packaged systems with a generator and transfer switch. These 
can be a good value and work well too. Do some shopping.



The obvious caveat being that natural gas is one of those fuel sources
often cut by public safety officials depending on circumstances.
Some folk by propane or LPG in bottles that are not immediately
dependent on PS folk.
--
Requiescas in pace o email

Re: UPS and generator interaction?

[Laurence F. Sheldon, Jr.]

Patrick Muldoon wrote:

On Monday 29 March 2004 01:26 pm, Brian (nanog-list) wrote:

Does anyone know of a way to get a UPS to trigger a generator to start, and
to switch over to the generator power automatically or does this type of
thing just not exist?
I think you are looking at it wrong,  you need an Automatic Transfer Switch.  
It connects to both commercial power and your generator, and provides a feed 
into your panels.Your UPS's sit in front of the ATS, and provide clean 
power.  If/When you loose commercial power, the ATS will detect this and 
power on the generator, after a configurable amount of time it will switch to 
generator power, until commercial power comes back and is stable for X amount 
of time. 
We are talking about some significant energy levels here, and this
is NOT a DIY project.  If the switch is hooked up wrong, you can
(attempt) to power up your part of the grid during a failure, and
kill people in the attempt.
--
Requiescas in pace o email

Re: UPS and generator interaction?

[Laurence F. Sheldon, Jr.]

Brian (nanog-list) wrote:

Does anyone know of a way to get a UPS to trigger a generator to start, and
to switch over to the generator power automatically or does this type of
thing just not exist?  
Find somebody with Internet Access and a "browser--go to Google.com,
enter "generator backup ups" in the box.
Find things like:
"http://www.standbygeneratorsystems.com/standbyportable_ad/";
I don;t know anything about that company--personally I'd look to
see if Teledyne Inet was still in business.
Telephone companies and such have been doing that for several
years now.
--
Requiescas in pace o email

Re: CCO goes down the tubes

[Laurence F. Sheldon, Jr.]

Howard C. Berkowitz wrote:

At 6:58 AM -0800 3/29/04, Michel Py wrote:

 > Maybe I'm the only one left who sees a need to be

 able to check on things from a vt100 at a remote site.


You are not. A telnet version without all the fluffy bullshit would be
more than welcome.


I suppose it's trivial in the grand scheme of things, but on a fairly 
small screen, I can'tget full access to the search without scrolling to 
the right. We wouldn't want to reduce the priority of advertising 
information display to the user who probably has already bought 
equipment and has a question about it, would we?

Perhaps a nastier effect is that the more eye candy, the harder it is to 
use disability access features. One of the incredibly positive social 
effects of the Internet is that it is inclusionary, not exclusionary.

The regrettable tendency of many enterprises to equate the Internet with 
the latest and greatest in Web technology leads to both economic and 
sensory exclusion.  Personally, I resent having to buy new hardware to 
run the new operating system that runs the new browser that runs the 
latest plugin, in order to see straightforward reference material [1]. 
In addition, the more visually intensive an interface metaphor, the more 
difficult it is to adapt it to magnified images, text-to-speech, or 
other things needed for people with visual disabilities. The more 
mouse/trackball/pointing device intensive, the more difficult it is to 
adapt to people with motor disabilities -- including the all-too-common 
repetitive stress injuries to hands.
This, along with the recognition that years of experience are of no
value without the latest crop of "certifications" has caused me to
decide over the weekend to make an application for a job that for the
first time in 50 years has nothing directly to do with computers except
as tools used in conjunction with  hauling others around behind me in
a huge orange box.
--
Requiescas in pace o email

Re: Publish or (gulp) Perish

[Laurence F. Sheldon, Jr.]

Steven M. Bellovin wrote:
In message <[EMAIL PROTECTED]>, Daniel Golding writes:

Slightly off-topic...

Most technical fields have standard journals that they use to publish
interesting findings and new ways of doing things. Everything from Nature to
the JAMA. Here's the question for the group: Do these sorts of publications
exist in the networking/carrier/internetworking space, and if not, should
they?


I've approached a few likely parties; reaction thus far is favorable.  
I'll post a note here when I get explicit go-aheads.  It's not free for 
the publishing venue -- they have to have access to enough competent 
reviewers.

The converse, of course, is that the operational community will have to
generate enough papers...
What ever happened to the blue, paper-back-book-sizes periodical,
"Proceedings of the Bell Laboratories" or summatlikethat?
(H...I wonder which library _those_ are buried in.)

--
Requiescas in pace o email

Re: Spamhaus Exposed

[Laurence F. Sheldon, Jr.]

Paul Jakma wrote:


America is undoubtedly the preeminent driving force today
economically for technological/scientific progress, as once was the
British Empire, as once was the Arab world, as once was the Roman 
Empire, as once was... etc.. etc.. etc..
Yes it is off topic (what ever that turns out to mean). and yes we have
been asked to behave, but I just can't resistA Scot (name of
George Simpson) once ruled an area 10 times that of the Roman Empire.
And some of those other folks named were Scots too, I think.


Anyway, enough of the history lessons, let's just be glad we're here.


That's what _I'm_ talking about.

[yes'm. to my room.  'till dinner time.  yes'm]

--
Requiescas in pace o email

Re: Juniper "pepsi"

[Laurence F. Sheldon, Jr.]

W.D.McKinney wrote:

On Wed, 2004-03-03 at 14:52, Eric Kuhnke wrote:

I have heard rumors of a new low-end 1U Juniper router, aimed directly 
at replacing the 2600/3600 series.  Supposedly its code name is 
"Pepsi"...   Does anyone have more info on this?  :-)

No, but hope so.

Dee
I mention this only because of the strangeness that has been going on
in case there is something useful...
The Received headers that I can see are all dated nearly two weeks
ago, but some are missing so if it is not a forgery of some kind, my
local provider has a problem.
--
Requiescas in pace o email

Re: Spamhaus Exposed

[Laurence F. Sheldon, Jr.]

Peter Galbavy wrote:

Laurence F. Sheldon, Jr. wrote:

Peter Galbavy wrote:


OK, it isn't secret - since I know about it for a start - but the
terms are secret and also it is very under-advertised to the locals.
Wonder what other countries have sold their souls to Satan ?
How many dead soldiers from your country are buried here?


A very sad, now old, and misused argument to justify (a lack of regard for)
current global opinion about your home country.
I'm glad there is still a Wales for you to post your opinions from.

--
Requiescas in pace o email

Re: Spamhaus Exposed

[Laurence F. Sheldon, Jr.]

Peter Galbavy wrote:

OK, it isn't secret - since I know about it for a start - but the terms are
secret and also it is very under-advertised to the locals. Wonder what other
countries have sold their souls to Satan ?
How many dead soldiers from your country are buried here?

--
Requiescas in pace o email

Re: Spamhaus Exposed

[Laurence F. Sheldon, Jr.]

Peter Galbavy wrote:

Alexei Roudnev wrote:

Of course, not - he is not from USA (more likely), the end.
Why people believe, that this acts means ANYTHING? In Internet, they
(acts) means NOTHING.


Unless they live in a country that has a "secret" treaty with the US, like
the UK has had for some years, where any US court can issue and arrest
warrant for someone in the UK and have it honoured. Why do you think that
FBI is even allowed to get involved in arresting 14 year old hackers in
Cardiff ?
OK, it isn't secret - since I know about it for a start - but the terms are
secret and also it is very under-advertised to the locals. Wonder what other
countries have sold their souls to Satan ?
Peter




--
Requiescas in pace o email

Re: who offers cheap (personal) 1U colo?

[Laurence F. Sheldon, Jr.]

Curtis Maurand wrote:

Then anyone can walk up to the machine and get onto the network simply by 
turning on the machine.   

The system you're looking for involve biometrics or smartcards.  Firewalls 
between student and administration areas would be a good idea as well.
It must be dreadful to work in a place where everybody is The Enemy.

In case I every get another job at a University, how do you separate
"student areas" from "administration areas"?
In my limited experience, we had students in labs, classrooms, and
offices in the Administration Building, administrators (RA'a, residents,
offices) in the Residence Halls, all kinds of creepy people in the
libraries, classrooms, offices, dining rooms, and recreational and
exercise facilities.  Do you use armed guards to keep everybody in
their proper areas?
--
Requiescas in pace o email

Curiosity

[Laurence F. Sheldon, Jr.]

People keep asking me "why don't you take that off list?"

I have a suggestion:  say instead "STFU"--it is easier to type.

And that is the net effect, because every attempt to take an item
off-list results in something like the following.
I can not really figure out what the problem is.

 Original Message 
Subject: Mail System Error - Returned Mail
Date: Mon, 15 Mar 2004 15:26:16 -0500
From: Mail Administrator <[EMAIL PROTECTED]>
Reply-To: Mail Administrator <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
This Message was undeliverable due to the following reason:

Your message was not delivered because the return address was refused.

The return address was '<[EMAIL PROTECTED]>'

Please reply to [EMAIL PROTECTED]
if you feel this message to be in error.


--
Requiescas in pace o email
Reporting-MTA: dns; lakemtao05.cox.net
Arrival-Date: Mon, 15 Mar 2004 15:26:10 -0500
Received-From-MTA: dns; cox.net (68.110.29.174)

Final-Recipient: RFC822; <[EMAIL PROTECTED]>
Action: failed
Status: 5.1.1
Remote-MTA: dns; mail.rocknyou.com (24.61.68.177)
Diagnostic-Code: smtp; 550 5.1.1 Domain or IP address blocked for spamming

Re: Cisco website www.cisco.com 403 forbidden?

[Laurence F. Sheldon, Jr.]

Jay Hennigan wrote:

Is it just me that they don't like?
I've seen one or two other reports.

Seems like a good opportunity for a round of Wild Speculation.
--
Requiescas in pace o email

Re: Packet Kiddies Invade NANOG

[Laurence F. Sheldon, Jr.]

ren wrote:

Stop it children.  The thousands of people on this mailing list do not 
need to watch this road kill. -ren


Some where it was ineffectively written that if you stop responding to
them, and particularly, if you stop endorsing the crap by quoting it
all verbatim over your signature, they will eventually stop reacting.






Kind of like this cold--I was asked why I didn't I "a", "b", "c", and
"d"--guaranteed to get rid of it in 14 days.
I responded that I am unemployed and can not afford all that and
am therefore doomed to wait out the whole 2 weeks.
--
Requiescas in pace o email

Re: Platinum accounts for the Internet (was Re: who offers cheap (personal) 1U colo?)

[Laurence F. Sheldon, Jr.]

Pete Templin wrote:

Laurence F. Sheldon, Jr. wrote:

Pete Templin wrote:

There's a reason I've gotten out of small ISP consulting - I don't do 
Windows, and I'm getting overrun by Linux corrosion slowly.  I route, 
I switch, I help with securing networks.  And I do wear a lot of hats 
at my day job, but I remind them that they hired a specialist, and 
promised lots of server support all along the way.  Granted, the 
Windows guy is overloaded and the UNIX/Linux guy would snore in front 
of his PHB...


If you are in Nebraska I can help you with the Unemploy^WWorkforce
Development paperwork.


I didn't suggest saying "I'm not gonna do it".  I just suggested "You 
hired me to deploy dynamic routing on your statically-routed network. 
What prompted you to think that I could configure site-wide anti-virus 
services such that no one ever reports a virus leak from our enterprise, 
without training, time to test and develop such a critical solution, or 
both?"
It turns out that they can hire people with all kinds of certifications
that say thye can do all of that for a lot less than what they are
paying a "specialist".
--
Requiescas in pace o email

Re: who offers cheap (personal) 1U colo?

[Laurence F. Sheldon, Jr.]

Suresh Ramasubramanian wrote:

Laurence F. Sheldon, Jr.  [3/15/2004 7:39 PM] :

If you were willing to live in a place where an electrical overload
caused a fire (as opposed to tripping a circuit-breaker or blowing a
fuse), you have not correctly identified your worst problem, or the
the University's.
That's always there, but at least one dorm that I know of has this rule 
against running appliances in a dorm room.
A rule against running a "hotplate" or other heat-generating appliance
(or all "appliances" to avoind the arguments) makes sense.  A rule
against running power-consumers that were not in the cost-of-overhead
calculation makes sense.
Restricting (or trying to restrict) computers in today's University
environment is delusional.
--
Requiescas in pace o email

Re: Platinum accounts for the Internet (was Re: who offers cheap (personal) 1U colo?)

[Laurence F. Sheldon, Jr.]

Pete Templin wrote:

 > Employee to PHB: "You hired me to provide core network engineering and
lead the level 2 network ops staff.  Tell me again why you want me to 
provide any server engineering, if you knew my strengths when you hired 
me?"

There's a reason I've gotten out of small ISP consulting - I don't do 
Windows, and I'm getting overrun by Linux corrosion slowly.  I route, I 
switch, I help with securing networks.  And I do wear a lot of hats at 
my day job, but I remind them that they hired a specialist, and promised 
lots of server support all along the way.  Granted, the Windows guy is 
overloaded and the UNIX/Linux guy would snore in front of his PHB...
If you are in Nebraska I can help you with the Unemploy^WWorkforce
Development paperwork.
--
Requiescas in pace o email

Re: who offers cheap (personal) 1U colo?

[Laurence F. Sheldon, Jr.]

Ken Diliberto wrote:

Something else I just remembered:

Connecting so much equipment in our dorms creates a fire hazard.  The 
are only two or three outlets (what I've been told) in a room shared by 
two or three students.  Add to the computer equipment a TV, stereo, DVD 
player, alarm clocks, cordless phones, etc., etc., etc. and you have the 
makings for newspaper headlines.  Hasn't happened yet to my knowledge, 
but it could and students don't consider these things.
If you were willing to live in a place where an electrical overload
caused a fire (as opposed to tripping a circuit-breaker or blowing a
fuse), you have not correctly identified your worst problem, or the
the University's.
--
Requiescas in pace o email

Re: who offers cheap (personal) 1U colo?

[Laurence F. Sheldon, Jr.]

Suresh Ramasubramanian wrote:

And what is wrong with setting up a hub or something in a dormroom?  I 
find it quite convenient to leave both my PC and a laptop running on my 
desk, for various reasons (too many open terminals and windows is one of 
them ...)
I've been trying to figure out what is wrong with that too.

At my ex-employers, on of the things they did right is encourage
study groups, and with multi-occupant suites, several stations
(including one or more printers, plotters, and such) was normal.
Most of the residence halls had hubs or small switches available for
check-out.
Is it the contention that each student should only use one pencil?

--
Requiescas in pace o email

Re: who offers cheap (personal) 1U colo?

[Laurence F. Sheldon, Jr.]

Stephen Sprunk wrote:

Thus spake "Vivien M." <[EMAIL PROTECTED]>

Actually, you're forgetting what I think is the biggest reason for doing
this: before the user registers via the web-based DHCP thing, they
are shown the AUP and have to say they agree to it. If you just leave
straight IP connections available in rooms, and people violate the AUP,
they can QUITE credibly argue "But I never read this AUP". The
web-based DHCP registration system prevents that.


Students have an existing legal relationship with the school; they can be
required to accept the AUP in writing at some point during the enrollment
process.
It all comes down to how you view the people on your network--students,
faculty, administrators, subscribers, whatever.  If they are
"customers" you take one set of views and one way of solving problems.
If you see them as "lusers", to take another.

--
Requiescas in pace o email

Re: Enterprise Multihoming

[Laurence F. Sheldon, Jr.]

Stephen J. Wilcox wrote:


IMHO avoid multihoming. You will know when you are big enough and you *need* to 
do it, if you're not sure or you only want to do it cause you heard everyone 
else is and its real cool then I suggest you dont.
There _is_ another element that I tried to point to yesterday.

If you are on record for making arguments about how there are better
ways to spend the money, and your boss's boss gets replaced by a
kid with all the tap-dance skills needed to sell smoke, flash and
sizzle, what you become is "unemployed".
And somebody half your age or less at less than your salary puts in
the new OCn's (n = 3-12) and all the rest.
Being right is important, but ...

--
Requiescas in pace o email

Re: Counter DoS

[Laurence F. Sheldon, Jr.]

william(at)elan.net wrote:

On Thu, 11 Mar 2004, Laurence F. Sheldon, Jr. wrote:

Petri Helenius wrote:


Maybe there is a lesson to be learned from many RBL operators. To make 
sure, just send packets to the whole /24 or /16 you got an "attack" 
packet from.
Which RBL operators flood /24's or /16's?  What do they flood them
with?


I think he meant that RBLs sometimes include entire /24 in RBL list when 
only one or two ips are at fault and some would go even highier to include 
entire ISP allocation. This is probably talking about SPEWs and alike RBLs
I thought "RBL" was a tademark of Abovenet or MAPS or somebody.

--
Requiescas in pace o email

Re: Counter DoS

[Laurence F. Sheldon, Jr.]

Petri Helenius wrote:

Maybe there is a lesson to be learned from many RBL operators. To make 
sure, just send packets to the whole /24 or /16 you got an "attack" 
packet from.
Which RBL operators flood /24's or /16's?  What do they flood them
with?
--
Requiescas in pace o email

Re: Counter DoS

[Laurence F. Sheldon, Jr.]

Eric Gauthier wrote:


Most Universities have a large clueless.. um, I mean, student population
sitting on 10 or 100 meg switched ports and several hundred meg's to the 
Internet
You mis-spelled "faculty, researcher, and staff populations".
Today's students (as well as non-trivial portions of the the
other populations) tend to be purpose and objective focused,
with what the folks on the 19th tee being somewhat less important.
--
Requiescas in pace o email