Re: DreamHost Contact?

[Ross Hosman]

Mike,

I know Dreamhost recently moved their offices so I don't know if that
has anything to do with it. I'll give you some numbers/emails that
might work since there seems to be a problem reaching these guys:

+1.7147064182
+1.2139471032
+1.9096260377

[EMAIL PROTECTED]
[EMAIL PROTECTED] - One of the founders as well

Best of luck to you to getting help.

-Ross


On 12/30/07, Michael Greb [EMAIL PROTECTED] wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 I've attempted to contact DreamHost NOC or Abuse departments via the
 numbers in whois but just get voice mail and no call back.

 I've got a user sending a lot of UDP traffic to 208.113.189.13 port 22.
  This traffic is very likely undesirable and I'd be willing to pull the
 plug immediately if I can get confirmation from DreamHost.  Failing that
 I've opened an abuse ticket with the customer and given them 12 hours to
 respond.

 - --
 Michael Greb
 Linode.com, LLC
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.7 (Darwin)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

 iD8DBQFHeFcN0Qbp4bPZvesRAncgAJ98S3v+I/+wxal0lWZn/9GRHimqUgCg1tXW
 5CnD7nmJBMDy4Jht2vxkk2k=
 =wtUq
 -END PGP SIGNATURE-

Re: How many others are nullrouting BT?

[Ross Hosman]

Yeah, I know.  This is exactly why no ISPs have abuse help desks that
respond, and nobody can get even the most trivial problems solved.



Over generalization sucks and just proves to everyone else what an
irrational individual you are.


We do better.  We answer *EVERY* abuse complaint.  Which isn't much,
because we do the job correctly.  And we care about the
reliability/usability of the 'Net as a whole.



You do better because you are 1/1th the size of a company like BT
and you handle colo only.


So when the 'Net becomes partitioned by economics and politics, re-read
this letter and know that I told you so.  Know that being a smart-ass
wasn't worth the effort.  It's already going there, and everyone whines
but very few of us are doing the job in a manner appropriate to actually
solving problems.



*Yawn*  while you are at it please null route Charter, Comcast, Cox,
Verizon, Att, etc. so the list doesn't have to see you send in another
email with you spouting your superiority while making nonsense
generalizations.

Now if you are done acting like a child you should have seen that
Michael Dillon is a member of this list and could have been used as a
resource to handle this problem before you sent in this nonsense to
the list. I hope in the future you think before you send so you don't
come across as the child stamping his feet when he doesn't get the
attention he wants.

-Ross

Re: Broadband routers and botnets - being proactive

[Ross Hosman]

Gadi,

I appreciate your well thought out email but I sit here and wonder
what exactly you are trying to accomplish with it? Are you just trying
to shame the two ISPs listed publicly or are you trying to spark a
discussion about something that many people here can't fix?

Many businesses today are focused on driving revenue and fixing old
CPE equipment doesn't generate revenue, it only ties up money and
resources that can be used elsewhere to drive revenue. If I were you I
would try to spin this problem in a way where you can show large ISPs
by fixing CPE's it will free up network resources and staff which can
be used elsewhere.

The people that can fix these problems are usually unaware of them so
try to educate those people. Write CEOs/CTOs/CSOs educating them and
push the security teams for these companies to escalate these issues
to their upper management (on that note I would say this type of
discussion would be better suited for a security mailing list for the
reason I stated before, many people here can't fix these problems).

Simply stating that there is a problem and shunning ISPs with this
problem isn't a fix for the problem, it just makes them ignore you and
the problem.

-Ross

Re: what the heck do i do now?

[Ross Hosman]

Or just have everydns [or insert other free dns provider] handle your 
primary dns and let them handle the traffic, problem solved (for you 
atleast) :-)


Personally I have no sympathy to people who are using outdated dnsbl's 
(especially from 1999), I would consider the wildcard if you want to 
actually solve the problem instead of dealing with it yourself or having to 
hand it off to someone else.


You may also take that list of ips (with over 100 queries or so) and turn on 
the dnsbl with those ips added (they will only reject mail from each other 
but it might give some a clue).


- Original Message -
From: David Ulevitch [EMAIL PROTECTED]
To: Paul Vixie [EMAIL PROTECTED]
Cc: nanog@merit.edu
Sent: Wednesday, January 31, 2007 7:15 PM
Subject: Re: what the heck do i do now?



Paul Vixie wrote:
bear with me, this appears to be about DNS but it's actually about 
e-mail.


maps.vix.com has been gone since 1999 or so.  mail-abuse.org is the new 
thing.
i've tried just about everything to get traffic toward the old domain 
name to

stop... right now there's a DNAME but it made no real difference.

Paul,

Not offering a solution but a bit of an explanation perhaps...

From: http://cr.yp.to/ucspi-tcp/rblsmtpd.html
If you do not supply any -r options, rblsmtpd tries an RBL source of 
rbl.maps.vix.com. This will be changed in subsequent versions.


So checking the last released version:
/ucspi-tcp-0.88# grep -hn maps.vix.com rblsmtpd.c
193:  if (flagwantdefaultrbl) rbl(rbl.maps.vix.com);

Looks like that could be a cause of some of your pain...
Not everyone runs rblsmptd on their mailserver, but I know lots of large 
mail servers that run rblsmptd (qmail).


The fact that the option is the default without being explicit means that 
at least some folks don't even know maps.vix.com zones are no longer 
present and the current failure case is not impacting them.


-david ulevitch

Wifi Security

[Ross Hosman]

Title: Wifi Security






So my question is pretty simple. You have all these major companies such as google/earthlink/sprint/etc. building wifi networks. Lets say I want to collect peoples information so I setup an AP with the same ssid as googles ap so people connect to it and I log all of their traffic. Most people wont check beyond the ssid to look at the mac address but even that could be spoofed. Is there anyway to verify a certain ap beyond mac/ssid, will there be in the future? How do these companies plan to mitigate this threat or are they just going to hope consumers are smart enough to figure it out?

Ross Hosman

Network/Systems Administrator
E: [EMAIL PROTECTED]

P: 618-644-2111 x 238

C: 314-898-3381

Y!: rosshosman

Re: Wifi Security

[Ross Hosman]

--- Patrick W. Gilmore [EMAIL PROTECTED] wrote:

 
 On Nov 21, 2005, at 9:42 AM, Ross Hosman wrote:
 
  So my question is pretty simple. You have all
 these major companies  
  such
  as google/earthlink/sprint/etc. building wifi
 networks. Lets say I  
  want
  to collect peoples information so I setup an AP
 with the same ssid as
  google's ap so people connect to it and I log all
 of their traffic.  
  Most
  people won't check beyond the ssid to look at the
 mac address but even
  that could be spoofed. Is there anyway to verify a
 certain ap beyond
  mac/ssid, will there be in the future? How do
 these companies plan to
  mitigate this threat or are they just going to
 hope consumers are  
  smart
  enough to figure it out?
 
 Why would you even need to set up an AP?  Why not
 just sit and sniff  
 traffic?  Gets you the _exact_ same information.
 
 And why worry about Google, etc., when Starbucks and
 airports have  
 been doing this for _years_?
 
 Lastly, most consumers are smart enough to know to
 use encryption  
 (the little pad-lock in their browser).  Some
 aren't.  Changing the  
 WiFi architecture is not going to save those who
 aren't.
 

 -- 
 TTFN,
 patrick

I have to disagree that most consumers are smart
enough to use encryption. Most consumers are dumb as a
brick when it comes to the internet and especially
security. Take a look at the average AOL user and
you'll see what I'm saying.

Starbucks and t-mobile is a little bit different as
these networks aren't concentrated. As we companies
start covering entire cities I believe you could start
seeing this as becoming a regular problem.






__ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs

Re: Wifi Security

[Ross Hosman]

--- Christopher L. Morrow
[EMAIL PROTECTED] wrote:

 
 yes, there are stupid people everywhere... Perhaps
 asking the question in
 another way is in order:
 
 Given a large and widely available wireless network
 solution for
 'consumers', how would you propose to raise the
 'security' for users of
 that network?'
 
 Would you force WEP?
 Would you force WPA/WPA-2?
 Would you force ipsec?
 Would you skip transport level encryption in favor
 of application level
 security?
 Would you do widespread and widescale education
 efforts for the users?
 
 -chris
 

Google has come out with their secure access product
which helps but reminding someone's grandma to use
that product when she is using a wifi network is going
to be near impossible. For one she doesn't know what
wifi is, she just knows how to connect her computer to
the internet and click that email icon on her desktop.

Education will also be nearly impossible as many can
hardly grasp simple concepts.

With wireless encryption you could setup your fake
AP to use it between the user and the AP then just
sniff the traffic on the end.







__ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

Re: SNMP Accounting Software

[Ross Hosman]

http://www.nocwizard.com/

--- Drew Weaver [EMAIL PROTECTED] wrote:

 We need some fairly complex SNMP
 accounting software (data
 center) style stuff that can monitor cisco equipment
 for bandwidth
 utilization and generate reports based on 95th
 percentile and also
 perhaps even their actual bandwidth usage (how many
 gigs of transfer
 they use per month, day, week.. etc) Does anyone
 know of anything good
 that does anything like this? It needs to be
 reliable? Can be open
 source, we're using MRTG to track utilization but we
 need something that
 really handles accounting for us.
 
  
 
 Thanks,
 
 -Drew
 
 







__ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

Re: Renesys Routing Report of Level3/Cogent

[Ross Hosman]

I agree

--- Chris Malayter [EMAIL PROTECTED] wrote:

 
 Good Morning,
 
 I would suggest to the PC for the LA NANOG that they
 invite Todd from 
 Renesys to do a report on the affects of the Level3
 depeering of 
 Cogent.
 
 I think this would be very informative.
 
 Thanks,
 
 -Chris
 
 






__ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs

Re: Regulatory intervention

[Ross Hosman]

Google Goes to Washington

One of the issues Google will tackle has become news
this week: Level 3 and Cogent Communications are
involved in a spat that has made Web sites on each
network inaccessible or very slow to users on the
opposite network. Google said the government has a
responsibility to monitor the Internet so events like
this do not occur.

http://www.betanews.com/article/Google_Goes_to_Washington/1128691070

Ross Hosman

Re: Regulatory intervention

[Ross Hosman]

Also:

US Representative Edward J. Markey, a Massachusetts
Democrat and ranking member of the House
Telecommunications Subcommittee, hinted that the
Federal Communications Commission might interfere in
the matter. ''Obviously, I hope the parties will reach
a timely commercial arrangement to resolve this
dispute, said Markey, ''but the FCC must be prepared
to take steps to assure continuity of service to
consumers in the event that the parties fail to reach
an agreement.

http://www.boston.com/business/globe/articles/2005/10/07/dispute_threatens_to_snarl_internet/?page=2



--- Ross Hosman [EMAIL PROTECTED] wrote:

 
 Google Goes to Washington
 
 One of the issues Google will tackle has become news
 this week: Level 3 and Cogent Communications are
 involved in a spat that has made Web sites on each
 network inaccessible or very slow to users on the
 opposite network. Google said the government has a
 responsibility to monitor the Internet so events
 like
 this do not occur.
 

http://www.betanews.com/article/Google_Goes_to_Washington/1128691070
 
 Ross Hosman
 
 
 

Re: what will all you who work for private isp's be doing in a few years?

[Ross Hosman]

Not pointing any fingers but many of you think these
small ISP's are just going to die off instead of
adapt. Wireless is becoming a better and more reliable
technology that in the future will be able to provide
faster service then FTTH. I know of atleast one small
ISP in Michigan that went from dial-up to deploying
wireless. With WiMAX coming out I think you will see a
number of smaller ISPs switching to it as a service.
It is also much cheaper to deploy a wireless network.

Me personally, I think wireless is the future for
residential internet/tv/phone. 

Ross Hosman
Charter Communcations

--- Steve Sobol [EMAIL PROTECTED] wrote:
 
 Fred Heutte wrote:
  (1) There will be a market for independent ISPs as
 long CLECs
 
 I think a more appropriate term would be ALEC
 
 (anti-competitive local exchange carrier)
 
 ...That having been said, the problem with the small
 guys providing access is 
 they can't generally achieve the economies of scale
 that allow them to compete 
 with the big guys.
 
 I'm on a Charter cablemodem, 3mbps down x 256kbps
 up, $39.95/month. Verizon is 
 building out FTTH in this area and they're going to
 be offering 5x2 for $39.95 
 or 10x5 for $49.95, IIRC. Those are all residential
 prices, but Charter's 
 actually pretty competitive on business rates too.
 
 And yes, there are people who value service over
 price, but the price 
 differential is only going to get worse.
 
 
 -- 
 JustThe.net - Apple Valley, CA - http://JustThe.net/
 - 888.480.4NET (4638)
 Steven J. Sobol, Geek In Charge /
 [EMAIL PROTECTED] / PGP: 0xE3AE35ED
 
 The wisdom of a fool won't set you free
  --New Order, Bizarre Love Triangle
 

Re: what will all you who work for private isp's be doing in a few years?

[Ross Hosman]

Not pointing any fingers but many of you think these
small ISP's are just going to die off instead of
adapt. Wireless is becoming a better and more reliable
technology that in the future will be able to provide
faster service then FTTH. I know of atleast one small
ISP in Michigan that went from dial-up to deploying
wireless. With WiMAX coming out I think you will see a
number of smaller ISPs switching to it as a service.
It is also much cheaper to deploy a wireless network.
 
Me personally, I think wireless is the future for
residential internet/tv/phone. 
 
Ross Hosman
Charter Communcations

 --- Steve Sobol [EMAIL PROTECTED] wrote:
  
  Fred Heutte wrote:
   (1) There will be a market for independent ISPs
 as
  long CLECs
  
  I think a more appropriate term would be ALEC
  
  (anti-competitive local exchange carrier)
  
  ...That having been said, the problem with the
 small
  guys providing access is 
  they can't generally achieve the economies of
 scale
  that allow them to compete 
  with the big guys.
  
  I'm on a Charter cablemodem, 3mbps down x 256kbps
  up, $39.95/month. Verizon is 
  building out FTTH in this area and they're going
 to
  be offering 5x2 for $39.95 
  or 10x5 for $49.95, IIRC. Those are all
 residential
  prices, but Charter's 
  actually pretty competitive on business rates too.
  
  And yes, there are people who value service over
  price, but the price 
  differential is only going to get worse.
  
  
  -- 
  JustThe.net - Apple Valley, CA -
 http://JustThe.net/
  - 888.480.4NET (4638)
  Steven J. Sobol, Geek In Charge /
  [EMAIL PROTECTED] / PGP: 0xE3AE35ED
  
  The wisdom of a fool won't set you free
   --New Order, Bizarre Love Triangle
  
 

Ross Hosman
[EMAIL PROTECTED]

Comcast Contact

[Ross Hosman]

Could someone from Comcast please email me off list.

Ross Hosman
[EMAIL PROTECTED]