Re: is this true or... ?
If it is, it reveals how utterly clueless our legislators really are At 15:09 3/28/03 +0100, you wrote: http://www.theinquirer.net/?article=8595 -- Tomas Daniska systems engineer Tronet Computer Networks Plynarenska 5, 829 75 Bratislava, Slovakia tel: +421 2 58224111, fax: +421 2 58224199 A transistor protected by a fast-acting fuse will protect the fuse by blowing first.
Re: spamcop.net?
The only disadvantage I see, is a single point of failure, and a point for concentration of attacks. Marc At 13:14 3/4/03 -0600, you wrote: Thus spake "Martin Hannigan" <[EMAIL PROTECTED]> > Not for nothing, but there's so much time wasted with all these > diversified spam systems. Many of these systems have been shown to falsely flag non-spamming sites, and the more reliable ones unfortunately don't catch a majority of spammers. This leads to a system where administrators (or users) can locally tune preferences for the level of paranoia they wish to suffer from. This would not be possible if there were only one model or provider. > I've been reading about Barry Shein's proposals and I have to say I > am on board with a centralized -single- system based on his young, > but intelligent, model. If there were any single, centralized organization I trusted to do my thinking for me, I'd agree. This is also the same problem that PKI faces. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSSdice at every possible opportunity." --Stephen Hawking
RE: spamcop.net?
As of this writing, theyre back up, albeit slowlythanks everyone who looked into this. Marc macronet.net At 19:54 3/3/03 -0700, you wrote: I cant get to them either and others cant as well. Multiple Image Corporation - www.multipleimage.com Hosting plans starting at only $4.95 per month -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of blitz Sent: Monday, March 03, 2003 7:41 PM To: [EMAIL PROTECTED] Subject: spamcop.net? Anyone having trouble getting to/ know of any issues with spamcop.net today? They seemed to have dropped off the radar from me... No pings No traceroute but they still show registered at 216.127.43.89 Tnx Marc macronet.net
spamcop.net?
Anyone having trouble getting to/ know of any issues with spamcop.net today? They seemed to have dropped off the radar from me... No pings No traceroute but they still show registered at 216.127.43.89 Tnx Marc macronet.net
RED ALERT! heads up Quick security alert
SRI if this is OT, BUT, its a security related subject. Since most of us deal with UPS this info may be helpful. --- FYI ... Quick security alert: $32,000 worth of UPS uniforms have been purchased over the last 30 days by person(s) unknown on eBay. Law enforcement is working the case however no suspect(s) have been identified. Subjects may try to gain facility access by wearing these uniforms. If anyone has suspicions about a UPS delivery (i.e., no truck but driver, no UPS identification, etc.), contact UPS to verify employment. URGENT N.J. OFFICE OF COUNTER-TERRORISM ADVISORY Re: POSSIBLE IMPERSONATION OF UPS PERSONNEL SEEKING ACCESS TO BUILDINGS The New Jersey Office of Counter-Terrorism has received a report of an attempt by an unknown individual to enter a government facility by falsely posing as an employee of the United Parcel Service. Based on this incident, security personnel should exercise heightened vigilance when screening all delivery personnel at the entrances to all buildings and when accepting deliveries. Such measures should include careful inspection of credentials and identification of all delivery personnel to ensure that they are who they purport to be.
Re: manhole covers
At a University I "consult" for, this is a common problem, their 34.5kv lines, which incidentally travel the same hole as their fiber optics, blow open about once a month, due to failing old power lines. Get used to it, and make money off of it, is all I can say At 20:59 2/21/03 -0500, you wrote: On Fri, 21 Feb 2003, Marshall Eubanks wrote: > > The interesting thing is that this happens every few weeks (at least - > sometimes multiple times per week), and generally they don't know why. > > Not in Adams Morgan. Not in Foggy Bottom. Not even > in Georgetown Heights. Only in Georgetown, Its become a local joke. > Well of course we know why, its the St. Elmo's Fire ;). allan -- Allan Liska [EMAIL PROTECTED] http://www.allan.org
Feds pull suspicious .gov site
Forwarded from: William Knowles <[EMAIL PROTECTED]> http://news.com.com/2100-1023-983384.html By Declan McCullagh Staff Writer, CNET News.com February 5, 2003 WASHINGTON--In a move that raises questions about the security of governmental domains, the Bush administration has pulled the plug on a .gov Web site pending an investigation into the authenticity of the organization that controlled it. Until recently, visitors to the AONN.gov Web site were treated to a smorgasbord of information about an agency calling itself the Access One Network Northwest (AONN), a self-described cyberwarfare unit claiming to employ more than 2,000 people and had the support of the U.S. Department of Defense. No federal agency called AONN appears to exist, and no agency with that name is on the official list of organizations maintained by the U.S. National Institute of Standards and Technology. The General Services Administration (GSA), which runs the .gov registry, pulled the domain on Jan. 24, after a query from CNET News.com. "There are questions about the authenticity of the Web site that includes the AONN name," the agency said in an e-mail reply. "Until the situation is resolved, we have eliminated the URL from the .gov directory name server." The action could point to the first case of a .gov domain name hijacking. The GSA investigation raises questions about the integrity of federal Web sites at a time when the Bush administration is touting electronic government initiatives. President Bush signed the E-Government Act of 2002 in December, and the IRS in January began a program to encourage Americans to file their taxes electronically. Cybersquatting, or registering a domain to which you may not be entitled, is hardly uncommon among the multitude of .com and .net domains. In 1999, President Bill Clinton signed an anticybersquatting law, and an alternate process through which domain names can be challenged has resulted in more than 11,000 domain names being transferred away from the parties who had registered them. But there are no known cybersquatting incidents involving a governmental domain, according to the GSA. "I'm not aware of any incident" in the past when an unapproved individual has gained control of a .gov domain name, an agency representative said. Chris Casey, who in 1995 helped to create Congress' first Web sites and now runs a Web design company called Casey.com, says he was surprised to hear that AONN had apparently secured a .gov name, and said a misappropriated .gov domain could create confusion among Web users. "I'm not aware of it ever happening before," Casey said. ".gov, .edu and .mil carry a feeling of trustworthiness...People have learned to place more faith in them." AONN's background Claiming credit for the deleted .gov site is a man who calls himself Robert L. Taylor III, whose name and contact information appeared in documents on the AONN.gov site. Taylor, who appears to reside near Everett, Wash., declined to explain how, exactly, he secured a .gov domain for the group, calling AONN's operations "classified." "We have exploited a security hole in the bureaucracy," Taylor said in a telephone interview. "There are loopholes, there are security holes, there are holes in the system." On its now-deleted site, AONN contended its "U.S. Defense Security Intelligence Network" (DSIN) was launched at Harvard University's John F. Kennedy School of Government last year, but Doug Gavel, the Kennedy School's communications director, says he's not aware of any such program. Similarly, AONN said its champion in Congress is Rep. Jay Inslee, D-Wash., whose office categorically denies it. A Senate Budget Committee representative said he had never heard of AONN. A Pentagon representative also said that AONN has no affiliation with the U.S. military and he had no knowledge of the organization. It's unclear when the site was first registered or how Taylor may have taken control of a .gov domain. According to the official .gov registration rules, only organizations that appear in an official list of government agencies qualify for a .gov domain--and AONN is not on it. If AONN were a legitimate Defense Department agency, it would have to register a .mil--rather than a .gov--domain name. One loophole exists for city and state governments, which were allowed to register .gov domains before the current rules took effect in May 1997. Such registrations are no longer permitted. But local and state governments with existing sites, such as the state of California's ca.gov, were allowed to keep them. Registering a .gov domain name involves writing an authorization letter--two samples are provided on the GSA Web site--printing it out, and then sending it to the ".GOV Domain Manager" in Reston, Va. The GSA would not comment on what security measures were in place, and what changes, if any, have been made. The GSA's safeguards don't provide foolproof security, says Adrian Lamo, a hacker and social engi
Re: uunet
I'll copy this email, and keep it for reference when someone asks about buying service from UUnet...thanks... At 17:17 1/18/03 -0800, you wrote: What's interesting is that I just tried to call the noc and was told "We have to have you e-mail the group" my response, I can't I have no route working to uunet "Well you have to" my response, ok I'll use someone elses mail box where do I mail? "We can't tell you your not a customer" My response its a routing issue do you have somewhere I can e-mail you. "Your not my customer I really don't care" *click* Nice. professional too. Anyone have a number to the noc that someone with clue might answer? - Original Message - From: "David Diaz" <[EMAIL PROTECTED]> To: "Scott Granados" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, January 18, 2003 4:35 PM Subject: Re: uunet > Im not seeing anything coming from qwest. > > > > At 16:55 -0800 1/18/03, Scott Granados wrote: > >Is something up on uunet tonight? > > > >It looks to me that dns is broken forward and reverse but more likely it > >looks like a bad bogan fiilter popped up suddenly. I have issue as soon as > >I leave mfn's network and hit uunet. > > -- > > David Diaz > [EMAIL PROTECTED] [Email] > [EMAIL PROTECTED] [Pager] > www.smoton.net [Peering Site under development] > Smotons (Smart Photons) trump dumb photons > > >
Safety alert
Check your UPS's January 14, 2003, 7:48 PM EST WASHINGTON -- A Rhode Island company is recalling about 900,000 backup power supply devices that can overheat and cause a potential fire hazard. American Power Conversion Corp., of West Kingston, R.I., has received six reports of overheated units melting their outer casings and three reports of minor property damage, the Consumer Product Safety Commission said Tuesday. The recalled Back-UPS CS Uninterruptible Power Supply devices, commonly used to protect computers in case of power failures, include the Back-UPS CS350 and the Back-UPS CS 500 models. Retailers, computer and electrical distributors and catalogs nationwide sold the power supply devices from November 2000 through December 2002. Consumers should immediately stop using the devices by turning off power to all connected equipment, turning the Back-UPS CS off and unplugging it from the electrical outlet, the company said. Consumers can receive a free replacement unit by contacting the company at 1-866-272-7359. * __
RE: Anyone seen this?
Thanks Arjen, Glad to see that...the most disturbing part here, is the creation of a DDos network. When I read that, I could clearly see conflict with computer intrusion statutes. At 14:36 1/15/03 +1300, you wrote: Hoax. See www.e-secure-it.us Global security News A hoax message posted to two security mailing lists Monday suggests that the Recording Industry Association of America has hired a group of hackers who have developed a worm capable of infecting and shutting down peer-to-peer file-sharing software. The hackers claim to have released the worm, on the RIAA's orders, and that it now controls almost 95 percent of "all P2P participating hosts." The RIAA said the message was a total fabrication. "It's a complete hoax," said an RIAA spokesman in Washington. "Someone forwarded the message to us and that was the first we heard or read about it." The outlandish claims are part of a "security advisory" supposedly written by a group called Gobbles Security. However, the message bears little resemblance to the group's other advisories and also seems to make fun of Gobbles' habit of posting vulnerability information and exploits without notifying affected vendors in advance. Cheers, Arjen New Zealand -Original Message- From: blitz [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 15 January 2003 2:17 p.m. To: [EMAIL PROTECTED] Subject: FYI: Anyone seen this? From ISN: >http://www.theregister.co.uk/content/6/28842.html > >By Andrew Orlowski in San Francisco >Posted: 14/01/2003 > >The RIAA is preparing to infect MP3 files in order to audit and >eventually disable file swapping, according to a startling claim by >hacker group Gobbles. In a posting to the Bugtraq mailing list, >Gobbles himself claims to have offered his code to the RIAA, creating >a monitoring "hydra". > >"Several months ago, GOBBLES Security was recruited by the RIAA >(riaa.org) to invent, create, and finally deploy the future of >antipiracy tools. We focused on creating virii/worm hybrids to infect >and spread over p2p nets," writes Gobbles. > >"Until we became RIAA contracters [sic], the best they could do was to >passively monitor traffic. Our contributions to the RIAA have given >them the power to actively control the majority of hosts using these >networks." > >Gobbles claims that when a peer to peer host is infected, it catalogs >media and sends the information "back to the RIAA headquarters >(through specifically crafter requests over the p2p networks) where it >is added to their records", and also propagates the exploit to other >nodes. > >"Our software worked better than even we hoped, and current reports >indicate that nearly 95% of all p2p-participating hosts are now >infected with the software that we developed for the RIAA." > >The "hydra" is uncorroborated. > >Gobbles attached two pieces of code, one of which jinglebellz.c >details a frame header exploit for the Linux player mpg123. The code >chastises OpenBSD lead Theo de Raadt for failing to checksum the >public MP3s (written to celebrate each OpenBSD release). The group has >singled out OpenBSD in its previous exploits > >In their presentation to last year's DefCon, the group described >itself as "the largest active nonprofit security group in existence >(that favors full disclosure)," consisting of 17+ members. > >"They're real, and they're damn good. They have made what appeared to >be extremely exaggerated claims in the past, and when mocked, they >have demonstrated that they are serious," one security expert familiar >with their work, who declined to be named, told The Register. > >"He's a funny guy," De Raadt told us. "This is a buffer overflow >exploit," he confirmed. De Raadt said he was more concerned by social >engineering than by external exploits. "We had Fluffy Bunny, now we >have Gobbles. They come in waves. " > >An exploit of this nature is of dubious legality, right now, but >language in Howard Berman's "P2P Piracy Prevention" bill last year >legitimizing such exploits was backed by RIAA chief Hilary Rosen:- > >The Berman bill, ensured a copyright owner would not be liable for >"disabling, interfering with, blocking, diverting, or otherwise >impairing the unauthorized distribution, display, performance, or >reproduction of his or her copyrighted work on a publicly accessible >peer-to-peer file trading network, if such impairment does not, >without authorization, alter, delete, or otherwise impair the >integrity of any computer file or data residing on the computer of a >file trader." Berman is expected to re-introduce the bill in this >Congressional session.
FYI: Anyone seen this?
From ISN: http://www.theregister.co.uk/content/6/28842.html By Andrew Orlowski in San Francisco Posted: 14/01/2003 The RIAA is preparing to infect MP3 files in order to audit and eventually disable file swapping, according to a startling claim by hacker group Gobbles. In a posting to the Bugtraq mailing list, Gobbles himself claims to have offered his code to the RIAA, creating a monitoring "hydra". "Several months ago, GOBBLES Security was recruited by the RIAA (riaa.org) to invent, create, and finally deploy the future of antipiracy tools. We focused on creating virii/worm hybrids to infect and spread over p2p nets," writes Gobbles. "Until we became RIAA contracters [sic], the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks." Gobbles claims that when a peer to peer host is infected, it catalogs media and sends the information "back to the RIAA headquarters (through specifically crafter requests over the p2p networks) where it is added to their records", and also propagates the exploit to other nodes. "Our software worked better than even we hoped, and current reports indicate that nearly 95% of all p2p-participating hosts are now infected with the software that we developed for the RIAA." The "hydra" is uncorroborated. Gobbles attached two pieces of code, one of which jinglebellz.c details a frame header exploit for the Linux player mpg123. The code chastises OpenBSD lead Theo de Raadt for failing to checksum the public MP3s (written to celebrate each OpenBSD release). The group has singled out OpenBSD in its previous exploits In their presentation to last year's DefCon, the group described itself as "the largest active nonprofit security group in existence (that favors full disclosure)," consisting of 17+ members. "They're real, and they're damn good. They have made what appeared to be extremely exaggerated claims in the past, and when mocked, they have demonstrated that they are serious," one security expert familiar with their work, who declined to be named, told The Register. "He's a funny guy," De Raadt told us. "This is a buffer overflow exploit," he confirmed. De Raadt said he was more concerned by social engineering than by external exploits. "We had Fluffy Bunny, now we have Gobbles. They come in waves. " An exploit of this nature is of dubious legality, right now, but language in Howard Berman's "P2P Piracy Prevention" bill last year legitimizing such exploits was backed by RIAA chief Hilary Rosen:- The Berman bill, ensured a copyright owner would not be liable for "disabling, interfering with, blocking, diverting, or otherwise impairing the unauthorized distribution, display, performance, or reproduction of his or her copyrighted work on a publicly accessible peer-to-peer file trading network, if such impairment does not, without authorization, alter, delete, or otherwise impair the integrity of any computer file or data residing on the computer of a file trader." Berman is expected to re-introduce the bill in this Congressional session.
Re: fast ethernet limits
I find the same Kevin..I've done a lot of work in broadcast stations as well, and ground loops are a constant problem. Hum is introduced into audio lines, even in balanced pairs, and Cat5 is not much different. In a high rise, I can see a neutral failing somewhere on a high floor, and that piece of #10 going incandescent, setting fire to anything combustible between the floor its terminated on and earth ground. (The resistance of an old steel framed building is NOT always lower than that piece of copper, especially old riveted buildings). Maybe they do it differently in the EU, but fire safety is also a concern to me. Thank you, but I'll ground nearest to the earth, common bonded point. Its served me well over the years. > > Some hours reading the back issues of the journal found at > http://www.compliance-club.com will hopefully inform you why star grounding > is a thing of the past. Ground both ends. If you are afraid of ground > loops, place a heavy (as in 10-16mm2 or AWG way below 10) ground conductor > alongside the signal cable, and ground it firmly in both ends. That will > take the current away from the shields. > > Ungrounded shileds are inefficient for EMI and RF shielding, while at times > efficient AC hum blockers. > > And, IANAEE, but I've played with big sound systems that exhibit all these > problems. I find this simply frightening! Have you any idea how much potential of ground can vary in a large building? It's easy to have AMPS of current flowing through the shield of a cable and enough voltage offset to be dangerous to people. (802.3 allows enough breakdown potential that the equipment is unlikely to have a problem, though.) Grounded at one end is better than floating for shielding, so this almost reasonable (as long as the wiring is all installed to spec) but grounding at both ends in the wrong environment can lead to serious problems. Since the 802.3 sections on 10Base-T does not deal with shielded wire at all, there is nothing there on the subject. But other sections on 10Base5 and 10Base2 are explicit that 10Base5 MUST be grounded at exactly one point and 10Base2 recommends that one point be grounded when the cable extends out of a room. More than one ground is explicitly prohibited. The archives of comp.dcom.lans.ethernet are full of people who have high error rates because of multiple grounds. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634
Crap grounds...
Yes, seen that and worse.. How about the di-electric fittings on either a water heater, or a water meter? Of course, "no one" would use a HOT water line as a ground, but it does happen, and I believe the NEC requires both be bypassed now with a conductor the same size as power neutral. I routinely jump unbridged meters and water heaters (cold pipe to hot) with a #6 when in doubt. Just to be sure. I've got lots of #6 in the scrap box, and plenty clamps... Cheap insurance..
Re: fast ethernet limits
AGREED, one end and one end only, or youre asking for a ground loopground the end with the best, shortest path to earth ground.in his case, that would prob be the telco room end, "usually" theres a decent ground there somewhere. Mileage may differ... At 16:30 1/10/03 -0600, you wrote: Joel Jaeggli wrote: [...] > moreover they're signifcantly harder to install since they need to be > properly grounded and shielded at both ends. I've actually seen some very impressive ground loops. I'd ground one end. (Actually I'd use fiber, but hey.) Peter E. Fry
Re: fast ethernet limits
I believe your pushing the limits as to ethernet over Cat5. I can suggest you use the very best cable (shielded of course) you can get, and be meticulous in your connector installations and you might get away with it. Avoid other wiring if possible (fat chance huh?) and anything electrical interference producing, like fluoro ballasts, transformers etc. etc. Ground the end closest to earth ground to a good common point ground in the building, (not a power box) and leave the other end free floating and not touching anything electrically. 100 meters is supposedly the limit for ethernet, and "assuming" a 12' floor, your'e around 24 feet over spec. You might try to find some cat 6 cable if you can, its supposedly super premium cat 5, with better freq response and jittter control. http://www.controlcable.com/products/category_6_cable.html One last advice, use REAL good patch cables as well...they may help squeeze the last bit of performance out.. At 12:01 1/10/03 -0800, you wrote: Hi NANOG, Could someone please help me with a fast ethernet problem I am having. We have a POP in a 27 floor building, and have a rj45 run from the the bottom of the building (in the telco room) to the top of the building. We have cisco switches on either end and we are seeing about 5-20% packet loss on the trunk. Are we running into a distance limitation of fast ethernet, or are we suffering from another problem? I read that 328 feet is the limitation of fast ethernet. Is there anything short of getting a repeater for the cable run that I can do to boost the signal? TIA for your help. Ciao. Steve Rude
FYI
This was in my mailbox, might be old news to you, but a FYI Coastal area silenced by cable break 01/04/03 Portland Oregonian JEFFREY KOSSEFF A fiber-optic line break cut off the southern Oregon coast from the rest of the world for much of Friday. After a state cleanup crew accidentally tore a CenturyTel fiber-optic cable at 9:30 a.m., residents and businesses from Reedsport to Brookings couldn't make or receive phone calls outside of the area or connect to the Internet. CenturyTel crews fixed the cable just before 5 p.m., spokeswoman Carol Allen said. "I've been dying for my e-mail all day," Joseph Whitsett, mayor-elect of Bandon, said after phone service was restored. Most urban areas have more than one fiber line connecting local phone systems to long-distance networks, but less-populated regions typically depend on one fiber route. The outage demonstrates the need for companies to build multiple lines, creating backup networks, telecommunications experts said. An Oregon Department of Transportation crew clearing debris from a mudslide near Camas Valley on Friday morning cut a cable that connects the south coast to a network hub in Roseburg. Ted Paselk, an ODOT district manager, said before his workers dug along Oregon 42, they gave appropriate notice to a statewide utility hot line that locates underground utilities. They weren't told of the CenturyTel cable, he said. Neither Allen nor Paselk knew who would pay for the repair. "Usually, when a locate is called and they clear us in an area, then we're not paying the bill," Paselk said. Residents along the 135-mile stretch of the coast could call one another, but they could not call outside the area, said Melissa Barran, a spokeswoman for Verizon, the local phone company for most of the south coast region. Verizon connects its 50,000 area phone lines to the long-distance network over CenturyTel's cable. Calls to spots such as North Bend were met with a recorded message: "Due to local telephone company trouble in the area you are calling, your call cannot be completed at this time. Please try your call later." Besides blocking long-distance and Internet access for residents in the region, the outage kept other callers and Internet users from reaching phones or Web sites in the area. Although cell phones don't require wires, long-distance cell-phone use was out because cell towers connect to the long-distance phone network over the CenturyTel cable. Unless residents had costly phone or Internet connections via satellite, they were unable to communicate with the rest of the state, nation and world. "We're just sitting at the mercy of the repair crews," said Joseph Gayer, director of strategic relations at Bend-based Edge Wireless, a rural cell-phone carrier whose 9,000 customers in Coos and Curry counties lost long-distance service as a result of the fiber cut. Such outages have become more common since fiber-optic cable became the main method of transporting long-distance calls over the past decade, Gayer said. Without more than one fiber line in the same area, they will continue, he said. But laying fiber costs money, and many telecom carriers are reeling from fiber-overbuilding in urban areas. The largest investments in redundant loops came from the state's largest local phone company, Qwest Communications International. It spent $70 million on network upgrades, including five redundant fiber-optic loops throughout the state. In exchange for that improvement and investments in school technology, the state deregulated Qwest's profits. "Absent that kind of win-win situation for the company and the state, it makes it very difficult to have a business case (that will) pencil out that says, 'This is a good use of capital dollars," said Judy Peppler, Qwest's president for Oregon. "You're going to have some idle capacity at all times. But on the other hand, you don't have these outages." Qwest has completed construction of three of the fiber rings, and it will finish the other two by October. The backup networks have averted at least two outages in rural areas. "It is obviously very valuable, especially when you have businesses that rely on your network," Peppler said. Irv Emmons, senior telecommunications engineer for the Oregon Public Utility Commission, said before Qwest built a backup network in Eastern Oregon, a farmer in Madras cut the area's main fiber cable a few times a year. "That used to isolate all of Eastern Oregon," Emmons said. Allen of CenturyTel said redundancy is "always of a high priority," but she did not know whether backup networks were in the works for the south coast area.
RE: DC power versus AC power
Just some musings... Been watching this discussion for a couple loops now. I have to say you're both right on certain things, and that each individual design has to be done on the merits of the need for 100% uptime vs what's tolerable. AC is always easier to run, as the conductors are smaller because the voltage is higher and I/R losses are smaller. It does not however, lend itself to staying alive in that time when the AC mains fail and the generator starts and gets itself online. For that one needs a battery. From my days at one of the three letter telcos, we had huge battery banks, monstrous individual cells, that had ampacities that you can arc weld with with ease and never notice the drain. However, the conductors running around the sites were often the size of your wrist and the I/R drop in even these conductors was noticeable, especially when you had two ESS switches plus the transport gear on battery alone. We backed up the battery plant(s) with a 1 megawatt Cat diesel. Both AC supply and DC have their places, both have limitations. Obviously if its got to always be there-no-excuses-no-margin-for error, the costly battery solution is the only way. Batteries, copper, chargers, fuse panels, big wires. $$ Add maintenance.. yes, water boy...someone's going to have to check tightness of all those connections, as even a little looseness will turn a buss bar into molten metal at the amperages we are talking about here. Someone will need to test the capacity of the system from time to time under load conditions as well, to find cells going bad, and hot spots in the conductors. Liquid cells have specific gravity charts that need watched and water added as it evaporates. This makes them a maintenance job at regular intervals. "If you don't do this now, under good times and daylight conditions, you WILL be doomed to do it under power failure, and no light conditions". -Sparky One last thought on DC safety...there is a LOT of current in even one of these cells. I've seen a finger amputated when a wedding ring bridged a pair of conductors and a metal watch band vaporize when laid across a buss bar, resulting in 3rd degree burns. Typical voltages are 48v which is just low enough to give a sweaty arm a tingle to let you know the trons are there. Bridge them with a conductor and expect fireworks. Anyone working around batteries needs to have their head screwed on right. They are not typically dangerous, but you do have to make sure you observe the rules. You have high current, dangerous acid, and hydrogen gas present. You should treat it as you would any potentially dangerous industrial process, with respect. Scale all this to the size of the battery plant you're contemplating using to protect your gear. If I were designing a site, and had unlimited $, a battery plant would back it up. We stored 48 hours of electricity, enough time to repair or replace the generator. If you can rely on your power feed in being there within a few seconds of a commercial mains failure, (your site has an adequate generator, which is maintained and tested regularly) you can usually get by with that lowball UPS system, one that youre going to lock away in a room or the bottom of a rack and forget about until the feces hits the air mover. You will, don't argue, I know you will. When the power's on, you don't pay attention to backup systems, please see "sparky" quote above. I've even had idiots say "we cant test the UPS because, What happens if it fails? we go down"cant do that in the middle of a business day... yet they would never allocate some "night" time to test. Ok, see you next outage. My idea of a UPS is take the maximum amount of power you need for your equipment now, and add 50% then double it. The 50% is normal equipment additions, the double is for that weak battery two or three years down the road. Ive run an ISP for three days during an Ice storm, using 4 tractor trailer batteries, and a great, big, over-rated UPS. Two batteries were online at one time, in parallel, two were being charged from a 150 amp alternator on my truck to replace them in 4 hours. The secret here was plenty of battery, plenty of UPS. Never let the battery go dead, and be able to change out the parallel battery without loosing all power. A simple matter of planning. That little gel-cell inside your UPS is a 12 volt battery in all aspects. A tractor trailer battery is as well. You can always use a larger battery as room permits. If the UPS can handle the load, all you need to feed it is 12v, car battery, truck battery, etc. all work. Just observe polarity, as you'll only get one chance if you do it wrong. A word or two about Gell-Cells: Gell cells are nice, and don't slop like liquid cells. There is a price you pay. Gelatin electrolytes have what's called an electron-mobility problem caused by the "Gelatin" in the electrolyte. Less current can be consumed at once, and inversely
one final question...
Does anyone here have a contact at Hotmail net? Let me know direct, thanks.
Softhome/Yahoogroups-Resolved
The problem has been resolved. THANK YOU ALL! Seems there was a congestion prob that was leading softhome to blackhole anything outbound to yahoogroups. This was the cause of the mail looking like it was directed to RFC1918 space. After some discussion with people on both ends, a workout was achieved. Doug, Brian, hats off...thanks. I know you're reading this somewhere. I personally want to thank the people, too numerous to cite individually who got both softhome and yahoo net people into the loop. I know there were more than a few nanogers involved, things just don't go this smooth otherwise. You people are like firefighters, unappreciated until we need you. The reports I got from you all were informative and helped us bring this to a successful and rapid conclusion. A lot of people who have no idea how the net functions are sending mail again, without knowing there was even a problem. I'm usually cited here as more a PITA than a contributor here, but I do give credit where due, thanks to you all, from the traceroutes, and digs, and the prodding and private emails (All appreciated). I'm not much for patting the backs, but you people here are the best. My problem was insignificant compared to the daily grief you folks deal with and the bandwidths you manage. I'm proud to associate with you, and extend my thanks. Now you all go have a good, un-interrupted holiday.may the pagers and C-phones be silent, and the emails be few. Marc Blitz Macronet.net
Yahoogroups
Mail to yahoogroups for two days is giving some strange responses. Mail is attempting to go to 172.16.3.10 when sent to a yahoogroup. This looks real strangethat block is reserved I believe? Wondering why theyre resolving to that address? Router mismanagement? Poisoning? I dont know...but its causing some grief here... Yahoo is real lax in giving some human contact addy, perhaps the esteemed group here can shed some light... Thanks..
Re: Fw: Re: White House to Propose System for Wide Monitoring of Internet (fwd)
BRAVO FRED You encapsulated this well...now its up to us. The bureaucracy is bound to forge ahead in establishing the police-state, we do NOT have to help them... At 14:30 12/20/02 -0800, you wrote: I have restrained from saying this so far but... "I told you so." When I attended the Oakland NANOG in October 2001, I had just returned from Washington DC. The trip originally was for my brother's wedding but I extended it for some personal lobbying on the so-called USA PATRIOT bill as it rushed through the process, having not one single public hearing in either the House or Senate. During that time I was continually in contact with the very knowledgeable staff at CDT, EFF and an attorney who is a recognized expert on Fourth Amendment search and seizure law and the 1996 AEDPA anti-terrorism law that laid the groundwork for "Patriot". As a USENIX member and NANOG participant, I had more insight into the practical effect of the sweeping proposals in "Patriot" on actual net operations than the attorneys did. I realized that the "Patriot" law, when passed, would sooner or later entangle network operators in crucial decisions affecting the ability of ordinary users to traverse the net freely as we have always done. I did my best to alert my Oregon congressional delegation to these issues, in personal meetings with their staff on Capitol Hill the first week of October. I've got a lot of background in lobbying but found this very hard to do. Bridging the gap between communications and security policy and operational reality is a difficult matter at best. But still, we have to try. At the Oakland NANOG, following meeting procedure, I sent an email query requesting some discussion of the implications of the "Patriot" bill, which ended up passing late in the month, and received a polite but firm reply from Susan Harris: this was beyond the scope of NANOG. I begged to differ then, and now I suggest that we all give serious thought to the implications that increasing and direct government intervention in the operation of the Net is starting to have. We all want security, but security without liberty runs contrary to the founding principles of the United States. And as Bruce Schneier has emphatically pointed out, security is a process not a product, whether it's a firewall or Total Information Awareness. Avi Rubin observes the issue is not that the potential already exists to do great damage with the Internet. With the advent of ever more potent attacks, from ordinary worms and viruses to Code Red and Nimda to root server DDOS and beyond, that is not disputed. The question is why this capability is not used more often. The restraint from using technology for its maximum destructive potential is the social bonds that we have as human beings. The great benefit of the Internet is that it helps strengthen those bonds, improve our planetary communications, and at its best help us collectively address the issues our societies face. If we do not have the maximum freedom to use the net for those purposes, free of government interference and arbitrary control wherever possible, but consistent with *reasoned and reasonable* security measures, our security will instead be undermined in the long run. That is why the approach and attitude of network operators makes a difference. It mattered at the time of the Oakland NANOG, and it matters now. Perhaps NANOG is not the organizational locale to work these issues out, although I could see it being so. But a coherent response to increasing intrusion of governmental policy on network operations needs to happen, one way or another. You might say, "it's not my job to make policy." And that may be true. It's not a branch librarian or circulation manager's job to make policy either, but they all belong to the American Library Association, which has emerged as an effective champion of real security and real freedom on the Internet, because they are committed to the principle that their primary obligation is to the users of library services. I believe network operators should, and do, take very seriously their primary obligation to the users of Internet services. So I ask my friends in this organization NANOG whose purpose and work I, a mere net user, greatly admire, to consider this question with the greatest thoroughness. When the government (whichever one, not just the US) comes knocking and asking you to do something that restricts the freedom of net users, what will you do? When those in your organization who set policy come asking what it will cost and what it will mean to users to do what the government wants, what will you say? I don't mean to place the entire burden on the shoulders of NANOG and its members. But I do think it's important to consider the obligations that all of us, who have some in-depth knowledge of how the Internet *really* works, have to the users of the Internet, which will ultimately be every last one of us on the planet. tha
Re: White House to Propose System for Wide Monitoring of Internet (fwd)
Methinks they'll try the Russian SORM model. Since this country is hell bent on establishing a police-state, this seems logical. Why not use the one thats been developed? http://www.libertarium.ru/eng/sorm/ > > :[This just jumped into the operational arena. Are you prepared > :with the router port for John Poindexter's vacuum? What changes > :will you need to make? What will they cost? Who will pay?]
RE: Networking in Africa...
As is the Secret Servicethey have an address for reporting as well: [EMAIL PROTECTED] At 14:11 12/2/02 -0800, you wrote: The FBI unit working these cases will be happy to confirm most do originate in Africa even if the money ultimately ends up elsewhere. http://www.fbi.gov/majcases/fraud/fraudschemes.htm#nigerian Best regards, __ Al Rowland
test
no reply needed
Re: Spanning tree melt down ?
Smells like it to me...sounds like they said, "HALP" to Cisco, and Cisco said, "Clean out the warehouse, we've got a live one!" At 16:08 11/28/02 -0600, you wrote: I'm still failing to see why this required a $3M forklift of new equipment to correct the problem. Was this just Cisco sales pouncing on someone's misfortune as a way to push new stuff? On Thu, 28 Nov 2002, Stephen J. Wilcox wrote: > > Heh, so they kept bolting stuff on and a failure somewhere caused a spanning > tree change which because of over complexity and out of date config was unable > to converge. > > Ah yes, occam also applies to switch topology :) > > Steve > > On Fri, 29 Nov 2002, Simon Lyall wrote: > > > > > On Thu, 28 Nov 2002, Garrett Allen wrote: > > > speculating on cause and effect, my first bet would that someone turned off > > > spanning tree on a trunk or trunks immediately prior to the flood. my next > > > bet would be a babbling device - i've seen an unauthorized hub on a flat > > > layer 2 net basically shut the network down. it was after a power hit. > > > when we found the buggar and power cycled it, all was well. i don't think > > > that the researcher was the culprit. more likely the victim. > > > > This article had some more information: > > > > http://www.nwfusion.com/news/2002/1125bethisrael.html > > > > This slashdot article also seems to have some details: > > > > http://slashdot.org/comments.pl?sid=46238&cid=4770093 > > > > Text as follows: > > > > I contacted Dr. John D. Halamka to see if he could provide more detail on > > the network outage. Dr. Halamka is the chief information officer for > > CareGroup Health System, the parent company of the Beth Israel Deaconess > > medical center. His reply is as follows: "Here's the technical explanation > > for you. When TAC was first able to access and assess the network, we > > found the Layer 2 structure of the network to be unstable and out of > > specification with 802.1d standards. The management vlan (vlan 1) had in > > some locations 10 Layer2 hops from root. The conservative default values > > for the Spanning Tree Protocol (STP) impose a maximum network diameter of > > seven. This means that two distinct bridges in the network should not be > > more than seven hops away from one to the other. Part of this restriction > > is coming from the age field Bridge Protocol Data Unit (BPDU) carry: when > > a BPDU is propagated from the root bridge towards the leaves of the tree, > > the age field is incremented each time it goes though a bridge. > > Eventually, when the age field of a BPDU goes beyond max age, it is > > discarded. Typically, this will occur if the root is too far away from > > some bridges of the network. This issue will impact convergence of the > > spanning tree. A major contributor to this STP issue was the PACS network > > and its connection to the CareGroup network. To eliminate its influence on > > the Care Group network we isolated it with a Layer 3 boundary. All > > redundancy in the network was removed to ensure no STP loops were > > possible. Full connectivity was restored to remote devices and networks > > that were disconnected in troubleshooting efforts prior to TACs > > involvement. Redundancy was returned between the core campus devices. > > Spanning Tree was stabilized and localized issues were pursued. Thanks for > > your support. CIO Magazine will devote the February issue to this event > > and Harvard Business School is doing a case study." > > > > > > -- > > Simon Lyall.| Newsmaster | Work: [EMAIL PROTECTED] > > Senior Network/System Admin | Postmaster | Home: [EMAIL PROTECTED] > > ihug, Auckland, NZ | Asst Doorman | Web: http://www.darkmere.gen.nz > > > > > > >
Re: Even the New York Times withholds the address
This is a good example of an area where governments can intervene and do some good. Ugh..I contend they never improve a situation, only make it worse. 1. Local governments can prohibit fuel storage and generators at telecom sites. Telecom/Datacom sites would leave. period. You would be at a distinct disadvantage to the providers who DID have backup power. You would leave just after your customers did. 2. Local governments can make it easy for telecom site operators to set up local generators and store fuel at sites that are near the telecom sites but not too near. You have to run either fuel lines or power cables, take your choice. Imagine the local's reaction to a "Im going to build a big noisy diesel generator plant, right,...here..." I'd imagine in dense build situations like NYC its really hard to do anything more than is being done. This of course cries for decentralization and moving out and running rings. Right now, people put the generators and the fuel in the same building because it is virtually impossible to install your own neighborhood power cabling. But there are few disaster scenarios in which a PoP would be undamaged at the same time as the nearby powerstation is out of action or disconnected. Transformer failure, underground cable failure, water main failure, street collapse, all come to mind. Most failures are of the more pedestrian types. If the entire town goes dark, most customers are dark as well. If the local power cable takes a different route from the power utility's cable then backhoe disease is avoided. If the local powerstation blows up, we are happy because the PoP is still running on utility power unlike the current situation. In fact, a single municipality could plan this as an integral part of their telecom infrastructure so that there are multiple telecom hotels spread far enough apart to avoid fate sharing and each one of them could be served by two local power stations, each of which serves several telecom hotels. These would also be spread apart to avoid fate sharing with utility power substations and cabling. Problem is there isn't a whole lot of new planned building going on, most "hotels' are retrofits of older structures, their location such because of their proximity to the customer base/infrastructure. Youre stuck with what's available, and then limited by the particular building's design etc. In an ideal world there would be redundant power, water, sewer, fuel, served at two or more entrance points at each building, everyone would connect to each other via multiple access points on opposite sides of their buildings..everything else is a mitigation of the lack of a perfect solution. If you were offered a colo facility that supplied AC power from one utility and two local generator substation sources, would you rate this better or worse than a colo facility that contained its own in-house generators and fuel storage tanks? Unless the costs/difficulty of providing multiple connections to different substations goes dramatically down for some reason, you're going to be stuck with the incumbent power provider and a genny. Local control over your means of backup power generation, for maintenance and reliability is always preferential. If it doesn't work, and its my fault, its one thing, if it doesn't work when I need it and its someone else's job to provide it, all that happens is shysters get rich. P.S. What if the colo facility offered built-in water chillers for cooling with all the water piped downhill, down the block to a cooling tower? Would this be better or safer than existing systems? Could it possibly be built this way without municipal government involvement? Doubt it. Any time major construction of that type comes into play, municipalities want their piece. Marc
Re: Even the New York Times withholds the address
One last addition to this idiotic water idea.. since the water doesn't get up there to the reservoir on the roof by itself, add your costs of huge pumps, plus the cost of pumping it up there, and a less than 100% efficiency in converting falling water to electricity. Also, add heating it in the winter to keep it liquid instead of solid, decontamination chemicals (cant have any Leigonella bacillus growing in there in the summer) Its all moot, as the weight factor makes this a non-starter. Next: You cant store large amounts of propane inside an occupied building, I cant imagine any FD allowing it. We had an example in a nearby city some years ago, a 500 gallon propane tank leaked and exploded inside a brick building, leveled a city block and killed 12 firefighters. Nahh... Fuel cells, run on natural gas are the best idea I've heard to date, and the safest if you're confined to upper floors, but youre talking BIG $$$ here...whats wrong with batteries, a natural gas genny and a converter system, telco style? If this is all about diesel storage, why not put the tanks/gennys in the basement or lower more secure floors? (Im assuming burial is out of the question in NYC) That way a small day tank would suffice at the upper floors. Marc Now, figure out how many kw you need to run a telecom hotel, and you'll know just how large your tank needs to be (and how much weight the building structure is going to have to support). Even if you assume 100% efficiency, the tank is still going to me, um, rather largish. -- Brett
Port 137 scans
Seeing a ton of them mostly from South America rite now.
Specific Portscans
Is there any consensus of what's scanning all the 1020-1040 ports? (as in what program etc.) Lately, I've seen the scan jump from the 1000 range to 2000, meaning 2035 etc. Is this something that?s been documented? It's annoying at best. Thanks Marc Blitz macronet.net
Yahoogroups probs?
Anyone hearing of yahoogroups probs these past few days? I sent an email to a group im subscribed to there and it bounced, saying the bounce was from: Reporting-MTA: dns; mail.gallyas.cl Figure the esteemed group here might know if theres been a domain hijacking or other problem. Thanks Marc macronet.net
WorldCom Suffers Widespread Internet Outage
http://story.news.yahoo.com/news?tmpl=story2&cid=575&u=/nm/20021003/wr_nm/tech_worldcom_outage_dc_5&printer=1 Made the news...
Re: Drive-by spam hits wireless LANs
Getting your entire corporate LAN dumped into the RBL mess could be devastating, how much productivity lost? How much time wasted getting OFF the RBL? How many contacts missed, correspondences missed? You could be getting into a very rough ride for some days to some weeks, as the block information propagates down the food chain, then as the un-block does likewise. Its just better to take the defensive and encrypt in the first place. Agreed, for cyber-squatter places like coffee shops and airports, this could be a pain. At 08:01 9/11/02 -0400, you wrote: >On Wed, Sep 11, 2002 at 12:45:23PM +0200, John Angelmo wrote: > > Just cause there are unprotected WLANs dosn't imply that spammers use > > them (perhaps its to hard for the spammers ;)). > > Corporations should protect ther WLANs but saying that spamming is a > > great threat is to overdo it. > > To some extent. > > Imagine a few of the following scenarios: > > 1) You wok for an ISP and have access through them. One large >enough that they apply their AUP to their own people. You have ISDN/DSL >or some other connection w/ reverse-dns for your personal domain @ home. >Someone drives by your place, finds your unprotected lan, sends spam, hacks, >etc.. complaints come in, you lose job because you were a spammer and >your employer needs to stop, etc. > 2) You are a small company, someone does this, and you get >blacklisted as a spamhaus. you are unable to get internet access. > 3) you have a cable modem as your only high-speed connectivity. >you have one of the linksys/whatever nat+802.11a/b boxen. you >get used, you get blacklisted and can not get high-speed pr0n again.
Re: How do you stop outgoing spam?
Fortunately, our founding fathers also gave us not only the right, but the duty and the tools to take the treasonous out and dispose of them when they became a threat to the republic. That time is once again here. At 21:53 9/10/02 -0400, you wrote: >Ya know Vadim, with all due respect, some people choose to live on >their knees, one govt after another. > >You do know what happened to HUAC et al don't you? They got their >butts thrown out of congress. Sen Joe McCarthy died a lonely, bitter, >drunk. > >Meanwhile, civilization demands of us to use a govt or govt-like >entity to run a legal system, not vigilantism. > >
Drive-by spam hits wireless LANs
> > >And you think the terresterial sources are hard to shut down >Drive-by spam hits wireless LANs > >By Graeme Wearden >Special to CNET News.com >September 6, 2002, 10:14 AM PT >http://news.com.com/2100-1033-956911.html > >LONDON--The proliferation of insecure corporate wireless networks is >fueling the growth of drive-by spamming, a security expert warned on >Thursday.
Re: Contact for dmisinetworks.com /
After literally YEARS of complaining, I think theres so one alive at bell south abuse...they're typical bell-spawn...fat, lazy, and un-responsive. At 07:13 8/29/02 +0100, you wrote: >Currently seeking an abuse contact for the above domain, or the party >responsible for netblock that 66.21.84.209 is a part of: >Netname: BELLSNET-BLK8 >Netblock: 66.20.0.0 - 66.21.255.255 >Maintainer: BELL > >Seeing repeated abuse from a single user against multiple hosts, and >emails to abuse@bellsouth have gone unanswered. > >-- >Avleen Vig: >Work Time: Unix Systems Admin Email: [EMAIL PROTECTED] >Play Time: Network Security Admin Pager: av-pager, at silverwraith.com >Smurf Amplifier Finding Executive:http://www.ircnetops.org/smurf
Bush's Cyber-Security Plan Targets E-Mail
>Here's Big brother...now we're all going to be spies on our fellow citizens. > >http://www.eweek.com/article2/0,3959,481112,00.asp > >August 23, 2002 >By Caron Carlson and Dennis Fisher > >In an effort to bolster the nation's cyber-security, the Bush >administration has plans to create a centralized facility for >collecting and examining security-related e-mail and data and will >push private network operators to expand their own data gathering, >according to an unreleased draft of the plan. > >The proposed cyber-security Network Operations Center is included in a >draft of The National Strategy to Secure Cyberspace, which was >developed by the president's Critical Infrastructure Protection Board >with input from the private sector and is due to be released Sept. 18. > >The call for expanded data collection and analysis results from >administration concerns that efforts to secure cyber-space are >hampered by the lack of a single point of data collection to detect >cyber-security incidents and issue rapid warnings, according to the >draft strategy, obtained by eWEEK. Critics, however, worry that such a >system would be expensive and difficult to manage, and would allow >government agencies to expand their surveillance powers. > >Other recommendations include restricting the use of wireless >technologies by government agencies; requiring corporations to >disclose their IT security practices; establishing a "test bed" for >multivendor patches; creating a certification program for security >personnel; and mandating certifications for all federal IT purchases. > >Howard Schmidt, vice chairman of the PCIPB, said that the center would >consolidate threat data from the country's collection end points, such >as the FBI's National Infrastructure Protection Center, the Critical >Infrastructure Assurance Office, the Department of Energy and >commercial networks. Private companies would be encouraged to increase >the amount of data collected and share it with the government. > >"Major companies generally report this information internally," >Schmidt told eWEEK. "We're looking for that to come back to a central >location." > >According to the draft strategy, the public/private initiative would >involve the major ISPs, hardware and software vendors, IT security >companies, and Computer Emergency Response Teams, in addition to law >enforcement and other agencies. > >Some feel that the government's internecine rivalries and >information-sharing rules will hamstring any attempt at centralized >collection and analysis. > >"There are such high barriers in government to being able to >disseminate information and adjusting the environment to react to >threats, I don't think it will have much impact," said William Harrod, >director of investigative response at TruSecure Corp. in Herndon, Va., >and a former FBI computer forensic specialist. "They'll have different >information coming in from different analysts, and they'll have to >weed through it." > >The proposed strategy recommends that the center be partially >federally funded, but it would inevitably impose new costs on the >private sector without commensurate benefits, critics charged. > >"Government doesn't have a good track record when it comes to >collecting and disseminating massive volumes of data," said Kevin >Baradet, network systems director at Cornell University's Johnson >Graduate School of Management in Ithaca, N.Y. "We could be drowning in >data, most of it noise." > >Then there are the privacy concerns. > >"Whatever the federal government wants to do with its own data is OK >with me as long as it doesn't waste my personal and corporate tax >dollars," said Karl Keller, president of custom software developer IS >Power Inc., in Thousand Oaks, Calif. "The privacy aspects, however, >concern me greatly. This sounds like a dramatic and evil expansion of >Echelon and Carnivore." > >The strategy also calls on the FBI, Secret Service and Federal Trade >Commission to establish a single system for corporations to report >Internet fraud and extortion, illegal hacking, and unauthorized >network intrusions. It recommends that the federal government >systematically collect data on cybercrime victims and cyber-intrusions >from businesses. The administration hopes to assuage industry fears by >recommending legislative changes--including exemptions from Freedom of >Information Act requirements and exemption from antitrust laws--that >would reduce liability for companies turning over communications to >law enforcement.
Safety Alert: Fwd: Company Recalls DVM's
SRI FOR THE OT, but this is a Safety Alert! PASS IT ON... >Company Recalls Electrical Meters >Mon Aug 19, 2:37 PM ET > >WASHINGTON (AP) - About 40,000 digital multimeters are being recalled >because they can put users at risk of shock, >thermal burns and even electrocution. > >The meters, which measure voltage, resistance and current, can take >longer than normal up to 18 seconds to display >readings of voltages over 500 volts. The delay could be misinterpreted >to mean there is not a high voltage. > >Fluke Corp., of Everett, Wash., has received a total of four reports >from Canada and Australia in which meters gave a >delayed response, although no injuries have been reported, the Consumer >Product Safety Commission said Monday. > >More than 17,000 of the meters were sold in the United States. Those >included in the recall are yellow and black, have the >numbers 175, 177 or 179 written on the front and have a serial number of >79,000,000 or below. > >Meters should be returned for a free repair. The company can be reached >at 1-800-260-4819.
RE: ASN registry?
I thought Australia was aunic.net At 13:56 8/19/02 -0600, you wrote: >maybe you're forgetting Australia... think APNIC...
Re: Major Labels v. Backbones
Might just be better to stand aside, and let them be Ddos'ed off the air...for thats whats coming to them... >Might I suggest filtering the websites of the offending "major labels" as >an appropriate retort?
Re: Maybe just slightly operational Palladium information
Bruce Schneier seems to confirm the worst expected about Pd. At 11:13 8/16/02 -0700, you wrote: >OK. This is a bit beyond the charter, but there was a long and >annoying thread on Microsoft Palladium last week and I just read an >interesting article that seems to minimize the FUD I have been seeing. > >http://www.counterpane.com/crypto-gram-0208.html > >The author is Bruce Schneier, one of the best known crypto and >security experts out there. He is also not a Microsoft fan (or hater) >and that makes him one of the best sources for information on computer >security issues. > >Over all, I found the article excellent. It might at least make some >of the silly messages on the subject seem even sillier and point out >the real concerns and possible benefits of Pd. > >R. Kevin Oberman, Network Engineer >Energy Sciences Network (ESnet) >Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) >E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634
Re: kudo's to netops security people
Its GOOD to hear one of these once in a whilea hearty "attaboy" to all who did their jobs properly... At 07:28 8/15/02 -0700, you wrote: >since this list bashes on people/orgs for NOT dealing with >security matters, I thought I'd be contrary.. > >Qwest.net, FNSI.net, online-mac > >all sent swarms of bad packets towards a client lastnite. > >all where 100 percent responsive in solving / fixing >the problem puppies quickly, no hassle, no fuss. > >Magic words were " I have a security issue with one of your >users, may I please talk to your network security people". > >click click click, Hello, Security person... > > >I now return you to your normal NANOG SN > >john brown
Re: FBI.GOV forgot to pay their DNS bill?
This is hilarious.reminds me of a similar prob they had at FCC. At 18:26 8/12/02 -0400, you wrote: >I guess the FBI/NIPC can't put out an alert about this one. > >Notice the absence of any domain servers > > > whois -h whois.nic.gov fbi.gov >% DOTGOV WHOIS Server ready >Federal Bureau of Investigation (FBI-DOM) >Information Resources Division Washington, DC 20535 >Domain Name: FBI.GOV >Status: Active >Domain servers in listed order: >Technical POC, Administrative POC: >Sanders, Shereada L. (SLS1) >(202) 324-9430 (FAX)(202) 324-6720 >[EMAIL PROTECTED] > > > > dig @a.root-servers.net fbi.gov any > >; <<>> DiG 8.3 <<>> @a.root-servers.net fbi.gov any >; (1 server found) >;; res options: init recurs defnam dnsrch >;; got answer: >;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4 >;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 >;; QUERY SECTION: >;; fbi.gov, type = ANY, class = IN > >;; AUTHORITY SECTION: >gov.1D IN SOA A.ROOT-SERVERS.NET. >REGISTRAR.NIC.gov. ( > 2002081201 ; serial > 1H ; refresh > 15M ; retry > 1W ; expiry > 1D ); minimum > > >;; Total query time: 15 msec >;; FROM: clifden to SERVER: a.root-servers.net 198.41.0.4 >;; WHEN: Mon Aug 12 18:24:40 2002 >;; MSG SIZE sent: 25 rcvd: 93
Re: Microslosh vision of the future
Well, I contend open source is much better positioned to make these changes, and in less time than M$ to the offending file formatI've seen changes made available in hours as opposed to weeks in the M$ case. If M$ decides to do this, they risk pi$$ing off a whole cadre of corporate customers who are slow to upgrade anyway. At 22:47 8/12/02 +0200, you wrote: >At 9:41 AM -0400 2002/08/12, William Warren wrote: > >> StarOffice to the rescue. > > Only until they change the file format again. Microsoft can > afford to change the file format on an even daily basis, and come out > with patches for the previous patches, and call them all "security > patches" so that everyone is either forced to apply them or dump > Microsoft altogether. > > Open source projects can't possibly afford to keep up, if > Microsoft decides to go down this road.
Cisco VPN Client Multiple Vulnerabilities
http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml.
Re: Microslosh vision of the future
I just hope the anti-trust people are looking into thisi can't see a bigger case for them to spring into action... At 18:43 8/11/02 -0700, you wrote: >Microsoft already duped the software consumers into buying into fully >proprietary software. Given the prevalent time horizon of average IT >manager's thinking I fully expect Microsoft to get that stuff deployed >before the poor saps start realizing they're being ripped. After that >Microsoft will leverage their market power to exclude any competition. >Exactly like they did it before on numerous occasions. > >Their PR budget is bigger than GDP of some nations. They're ruthless and >show remarkable lack of respect to the notions of fairness or common good. >Be afraid. > >--vadim
Re: Microslosh vision of the future
I agree wholeheartedly, "let 'em starve" At 18:17 8/11/02 -0700, you wrote: > Microsoft can have whatever vision of the future they want and > can use any >resources at their disposal to bring their vision to light. Everybody has >that right. If I don't like it, I won't buy it. If they convince customers >that they gain more than they lose, only a gun will make them buy it. I don't >see Bill Gates packing heat any time soon. > > *yawn* > >-- >David Schwartz ><[EMAIL PROTECTED]>
Re: Microslosh vision of the future
Well, I may be a wet blanket to the chip houses, but how much speed DO you actually need? Any REAL reason to abandon the present working architecture? I don't personally think so, a 2 gig box is plenty fast for anything we have now, so why don't we just vote with our feet? DON'T buy this crap, the CPU or the OS...and let them stew in their own misfortune. We made Intel back down on the PSN issue with exactly those tactics... I'll go back to my old SGI Indy if necessary...heh.. At 18:51 8/11/02 -0500, you wrote: Guess my home P.C. will no longer be an intel platform..hello mighty SPARC Gerardo Gregory
Re: Microslosh vision of the future
We have given up on M$ when they started invading our hard drives with XP...no reason to think their plans are anything less than nefarious, judging from their past behavior. At 16:10 8/11/02 -0700, you wrote: >While I find much to worry about in Palladium, the vast majority of >the information in this post is simply not correct. Even Microsoft is >not delusional enough to think that they could get away with such a >coup. (Not that they would not want to.)
Microslosh vision of the future
So read about Palladianism, and tell me the different between Palladium and Server 2000 Windows Palladium, the end of privacy as we know it. This taken from various sources encluding UHA and deviantart, the register and slashdot., Disturbing news.. Earlier this week, Microsoft outlined their plans for their next generation of operating systems, codenamed Longhorn/Palladium. Among the features touted was the "secure networking" functions that OS would offer. Firstly: Microsoft plans to implement Palladium DRM (digital rights management) in a hardware chip, initially implanted on the mobo, but later on embedded in the CPU, and employing hardwired encryption throughout. The purpose of this is to flag every file on the computer with a digital signature telling a remote server what it is. If it's an unauthorized file, the remote server will tell your computer not to let you execute it. This is basically an attempt to stop the trading of mp3's and/or warez. Secondly: Before an application can run, it too must have a digital signature remotely verified by another server. If the program binary doesn't match with any of the authenticated binaries, your computer won't run it. This, again, is meant to stop your computer running "unauthorized" software - which might be warez, or it might just be a nifty freeware program that the authors can't afford to have certified. Microsoft will be able to control exactly what your computer can and can't run. Thirdly: As most of you know, Microsoft employ a strategy of making their software deliberately obsolete - they make it forward compatible, but not backward compatible. With the laws of the DMCA, it will soon be illegal to try to make a software product that is compatible with another programs file types (for example, take the many office applications there are for Linux which have had some success in translating their arcane file formats). This has the effect of killing any competition in the water - since you're not allowed to make your new product compatible with any of the others, no-one will use it. And eventually people will give up using any of the others instead, since no-one else can read their documents. So the entire world will be left with one choice only for software - Microsoft. Fourthly (I don't know if that's a word, but it should be): Palladium will effectively ban free software, not just free stuff for Windows platforms, but free stuff for Linux, Mac, in fact every OS that runs on a Palladium enabled motherboard/processor. Why? In order to get the program to run on a palladium platform, you will need to pay to have your binary certified as "safe" by Microsoft's software authentification branch. And who in their right mind is going to pay for a piece of software they spent hours working on? It just wouldn't be worth it. It gets worse when it comes to open source projects, such as Linux and BSD. Those of you who know about these things will know that open source projects are created by freelance coders all over the world who create programs in their spare time and then give them to the rest of the world for free. Many of them also release the source code for free too, so that if you wish you can alter the program (such as to fix bugs, add features etc). Now, it would be bad enough if the owner has to pay a certification fee. But EVERY CHANGE that is made to the source code will require a new, separate certificate to be created. Those of you who use Linux will know that so many things get updated so quickly, that this just isn't practical, and would cost the open source development people millions of dollars. This is money they just don't have, and Microsoft knows it. Fifthly: The "secure network". This is the real clincher for Palladium. At first, they're going to make it so that it is possible to turn Palladium off at the hardware level. But it is created in such a way so that, if you try to connect to a Palladium web server, you won't be allowed to. Palladium machines will only be able to talk to other Palladium machines, and non-Palladium machines won't be able to talk to any Palladium machines. Hence, if Palladium reaches critical mass, there will be thousands of people the world over who won't be able to access the internet or even work on a network with Palladium machines, so by extension they will be forced to "upgrade" to Palladium machines. Sixthly: At first I thought: what the hell, this is only going to apply to x86 architecture (namely Athlon and Pentium chips, since it's only AMD and Intel who are involved at the moment). So, I could try another hardware architecture: such as the Mac/PPC, or the Sun Sparc, or an ARM, or any other kind of processor. But then I realside that even if I did, I wouldn't be able to access the "Palladium network" which could encompass the entire internet if this concept goes far enough. So all you Mac users would be effectively locked out; you too would have adopt a Palladium machine if
Re: your mail
Absolutely..the corporate culture are whores, and not to be trusted...protect yourselves, use a throw-away email addy.. At 17:16 8/9/02 -0400, you wrote: >Don't forget general kookery where you make a customer mad, a >usenet poster, or some other irrational personality and they >contact your employer to detail everything they know about >you like posting to rec.cannabis, soc.motss, etc. It's >interferring in a business relationship, but most of 'em >don't care. > >I'm all for anonymity -- even here.
Fwd: WorldCom Fraud News: Man these thieves just don't quit..
OOps..our looting figures have been revised upwards... >WorldCom Investor News: WorldCom Announces Additional Changes To Reported >Income For Prior Periods. CLINTON, Miss., August 8, 2002 - WorldCom, Inc. >today announced that its ongoing internal review of its financial >statements has discovered an additional $3.3 billion in improperly >reported earnings before interest, taxes, depreciation and amortization >(EBITDA) for 1999, 2000, 2001 and first quarter 2002. > >View full press release at >http://www1.worldcom.com/global/about/news/news.xml?newsid=4111&mode=long&lang=en.
ATT Fire in Philly?
A guy on another list asked me about this, anyone else hear of it? It was supposedly a "switching station"..not much more info...some 1-800 service affected... Sounds like it might of been the POTS network, any outages noted here?
Re: OC-768 availability?
I believe many are working on it, but I haven't seen/heard of much progress since I learned of this, some 4 years ago now.. Add to that the bandwidth glut with all the DWDM and I guess they've got breathing room... At 09:34 7/30/02 -0700, you wrote: >I believe Junpier does have a OC-768 interface under testing if I'm not >mistaken... > > >Signal received 0. Kurt Erik Lindqvist <[EMAIL PROTECTED]> said: > > > > > > > > --On Monday, July 29, 2002 21:32:02 -0400 blitz <[EMAIL PROTECTED]> wrote: > > > > > Seriously, I don't see OC768 coming online en masse until they get the > > > kinks worked out of optical switching. The transit times are so short > > > thru the innards, in the order of picoseconds, that electronics is way > > > too slow to perform such mundane tasks like determining where a packet is > > > supposed to go. Thus, all this will require optical computing to be > > > available cheaply and a lot more widespread than it is now. > > > > ...and : > > > > a) Someone got the money to buy the gear > > > > b) We have used the current capacity (see a). > > > > - kurtis - > >-- >-- >http://www.zeromemory.com - metal for your ears.
Re: OC-768 availability?
I heard that as well, as well as holographic processing...can't remember who however, but Lucent (or whoever they are this week) or Nortel (presently circling the drain) come to mind.. At 19:53 7/29/02 -0700, you wrote: >Wasn't one of the major switch companies working on a system of bubbles. >I'm not sure if it was foundry or Juniper or who but >someone was trying to route packets or rather switch packets in a device >at high speed by using bubbles to reflect and switch the light instead >of converting to electrons. > >On Mon, 29 Jul 2002, blitz wrote: > > > > > Seriously, I don't see OC768 coming online en masse until they get the > > kinks worked out of optical switching. The transit times are so short thru > > the innards, in the order of picoseconds, that electronics is way too slow > > to perform such mundane tasks like determining where a packet is supposed > > to go. > > Thus, all this will require optical computing to be available cheaply > and a > > lot more widespread than it is now. Cross your fingers and hope for a > > quantum breakthrough... > > OC192 is already pushing the limits of present technology. > > And add to that, the sorry state of the major players in telecom, and I > > don't think you'll see them willing to pony up an investment in something > > like that until it's well established. > > A typical egg/chicken situation.. > > > > > > > > At 16:10 7/29/02 -0700, you wrote: > > > > > > >Hello, > > > > > >I am currently running a network of cisco 2621s with the OC-192 NM for my > > >upstream connections. The internal network links are a mixture of K56Flex > > >modems and GRE tunnels. > > > > > >I am looking to upgrade to OC-768 real soon now and am wondering what the > > >prospects are for OC-768 availability on the 2621 platform. I've found > the > > >2621 to be rock-solid, except when I ping it, so I'd like to keep my > > >network on that platform if possible. > > > > > >In addition, if anyone knows the availability of OC-768 circuits between > > >the following cities I'd appreciate any fiber maps and an approximate > > >price range: > > >Ottawa, ON, CA > > >Midland, ON, CA > > >Goderich, ON, CA > > >Toronto, ON, CA > > >Compton, CA, US > > >Sealand > > > > > >At each site I plan to announce a /24 from a /20 I was allocated so if > > >everyone could please update their prefix filters now that would be great. > > > > > >Thank you. > > > > > >-- Dalph Roncaster > > > > > >Communicate in total privacy. > > >Get your free encrypted email at https://www.hushmail.com/?l=2 > > > > > >Looking for a good deal on a domain name? > > >http://www.hush.com/partners/offers.cgi?id=domainpeople > >
Re: OC-768 availability?
Seriously, I don't see OC768 coming online en masse until they get the kinks worked out of optical switching. The transit times are so short thru the innards, in the order of picoseconds, that electronics is way too slow to perform such mundane tasks like determining where a packet is supposed to go. Thus, all this will require optical computing to be available cheaply and a lot more widespread than it is now. Cross your fingers and hope for a quantum breakthrough... OC192 is already pushing the limits of present technology. And add to that, the sorry state of the major players in telecom, and I don't think you'll see them willing to pony up an investment in something like that until it's well established. A typical egg/chicken situation.. At 16:10 7/29/02 -0700, you wrote: >Hello, > >I am currently running a network of cisco 2621s with the OC-192 NM for my >upstream connections. The internal network links are a mixture of K56Flex >modems and GRE tunnels. > >I am looking to upgrade to OC-768 real soon now and am wondering what the >prospects are for OC-768 availability on the 2621 platform. I've found the >2621 to be rock-solid, except when I ping it, so I'd like to keep my >network on that platform if possible. > >In addition, if anyone knows the availability of OC-768 circuits between >the following cities I'd appreciate any fiber maps and an approximate >price range: >Ottawa, ON, CA >Midland, ON, CA >Goderich, ON, CA >Toronto, ON, CA >Compton, CA, US >Sealand > >At each site I plan to announce a /24 from a /20 I was allocated so if >everyone could please update their prefix filters now that would be great. > >Thank you. > >-- Dalph Roncaster > >Communicate in total privacy. >Get your free encrypted email at https://www.hushmail.com/?l=2 > >Looking for a good deal on a domain name? >http://www.hush.com/partners/offers.cgi?id=domainpeople
Re: Sunspot Activity & Radio Blackouts
Also check http://www.maj.com/sun/ for current solar info...nice site.. >>There are many places to get more information about sunspots. Being an >>amateur radio operator who likes HF communications, I have a bit of an >>interest in the topic. >> >>The most succinct monitoring and information site I have found is run by a >>group of short wave listeners in the Netherlands: >>http://www.dxlc.com/solar/ >> >>Many of the measurements used are taken in Boulder (Boulder K index). Nasa >>usually has some great photos of the big CMEs/Flares > >
RE: Draft of Rep. Berman's bill authorizes anti-P2P hacking
If it starts happening, just unplug whoever's doing it and treat them like a DDOSer...poof, you just lost your Internet connectivity. Something Sony or MCA would love to have happen...huh? Sorry, your'e causing malicious problems on the Internet, operational procedure requires us to disable your address block..click... What these slugs in Kongress don't realize, this will trigger a war, and one they can not win... Who are they going to give waivers to, to damage personal property next, the ACLU, the ADL, the eco-terrorists? the politically korrect? This is a war they can not hope to win, and all it will do is create chaos on the Internet, chaos that WE will bear the brunt of...like there isn't enough problems now? All this because the media leeches won't recognize they have been trumped by technology...pitu! At 14:15 7/24/02 -0400, you wrote: >I second that. If I see any of my clients having any sort of malicious >activity directed at them, then there is no chance of me allowing their >traffic through. I would be more than happy to send all their traffic to >packet hell. Large corporations do not get any special consideration if >it comes down to the stability of my network vs. receiving their >traffic. > >Derek >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of >James Thomason >Sent: Wednesday, July 24, 2002 2:10 PM >To: Marshall Eubanks >Cc: [EMAIL PROTECTED] >Subject: Re: Draft of Rep. Berman's bill authorizes anti-P2P hacking > > > >Would malicious actions on the part of copyright holders violate the >AUP of most networks? Or are service providers more willing to tolerate >denial of service attacks by large corporations than say, spam? > >If this legislation is passed, they certainly will earn Null0 on mine. > >Regards, >James Thomason > > >On Wed, 24 Jul 2002, Marshall Eubanks wrote: > > > > > Thought this would be considered on-topic as guess who would have > > to clean up the resulting messes... > > > > Regards > > Marshall Eubanks > > > > - Forwarded message from Declan McCullagh <[EMAIL PROTECTED]> - > > > > From: Declan McCullagh <[EMAIL PROTECTED]> > > Subject: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking > > To: [EMAIL PROTECTED] > > Date: Tue, 23 Jul 2002 20:29:35 -0400 > > X-URL: http://www.mccullagh.org/ > > X-URL: Politech is at http://www.politechbot.com/ > > > > > > > > http://news.com.com/2100-1023-945923.html?tag=politech > > > > Could Hollywood hack your PC? > > By Declan McCullagh > > July 23, 2002, 4:45 PM PT > > > > WASHINGTON--Congress is about to consider an entertainment > > industry proposal that would authorize copyright holders to >disable > > PCs used for illicit file trading. > > > > A draft bill seen by CNET News.com marks the boldest political >effort > > to date by record labels and movie studios to disrupt peer-to-peer > > networks that they view as an increasingly dire threat to their >bottom > > line. > > > > Sponsored by Reps. Howard Berman, D-Calif., and Howard Coble, >R-N.C., > > the measure would permit copyright holders to perform nearly >unchecked > > electronic hacking if they have a "reasonable basis" to believe >that > > piracy is taking place. Berman and Coble plan to introduce the >10-page > > bill this week. > > > > The legislation would immunize groups such as the Motion Picture > > Association of America and the Recording Industry Association of > > America from all state and federal laws if they disable, block or > > otherwise impair a "publicly accessible peer-to-peer network." > > > > Anyone whose computer was damaged in the process must receive the > > permission of the U.S. attorney general before filing a lawsuit, >and a > > suit could be filed only if the actual monetary loss was more than > > $250. > > > > According to the draft, the attorney general must be given >complete > > details about the "specific technologies the copyright holder >intends > > to use to impair" the normal operation of the peer-to-peer >network. > > Those details would remain secret and would not be divulged to the > > public. > > > > The draft bill doesn't specify what techniques, such as viruses, > > worms, denial-of-service attacks, or domain name hijacking, would >be > > permissible. It does say that a copyright-hacker should not delete > > files, but it limits the right of anyone subject to an intrusion >to > > sue if files are accidentally erased. > > > > [...] > > > > > > > > > >- > > POLITECH -- Declan McCullagh's politics and technology mailing list > > You may redistribute this message freely if you include this notice. > > To subscribe to Politech: >http://www.politechbot.com/info/subscribe.html > > This message is archived at http://www.politechbot.com/ > > Declan McCullagh's p
Be glad you're not in the U.K.
And coming soon to the US! >BBC News Online: Sci/Tech >Wednesday, 17 July, 2002, 09:15 GMT 10:15 UK >Switch on for state snooping > >Police forces want to plug in to lots of networks > > >From August net service providers in the UK will be obliged to carry out >surveillance of some customers' web habits on behalf of the police. >Controversial laws passed in 2000 oblige large communications companies >to install technology that allows one in 10,000 of their customers to be >watched. > >The information gathered about what people look at on the web, the >content of e-mail messages and their phone conversations will be passed >to the police or a government monitoring station. > >The demands have been criticised by experts who say the law conflicts >with basic guarantees of privacy and that the government is not doing >enough to help pay for the installation of the surveillance systems. > >Data hoover > >The controversial Regulation of Investigatory Powers Act was passed in >October 2000 and gave law enforcement agencies sweeping powers to snoop >on the electronic lives of citizens. > >" It's the internet equivalent of a telephone tap " >Roland Perry, Linx > >The Act demands that organisations it dubs Communication Service >Providers (CSP) - broadly anyone that helps people keep in touch via the >web, fax machine or phone - install technology that can automatically >monitor what many of their customers are doing. > >It also demands that service providers start monitoring a customer >within 24 hours of being told that the police or other investigation >agencies want to snoop on them. > >The information collected must also be passed on electronically to the >agency which asked for the snooping to start. > >A spokesman for the Home Office said 1 August was the day on which the >new surveillance regime would start, even though the technology to do >the watching are yet to be installed. > >He said only law enforcement agencies would have the power to ask for >the surveillance to start. > >Police would have to get a warrant from the Home Office before they >could ask for surveillance to start, he said, and it would only be used >to gather evidence about serious crimes. > >Data delivery > >Roland Perry, public policy director for the London Internet Exchange >which interconnects the networks of net service companies, said the >government was still working out how best to put the surveillance >systems in place. > >"It's a very long-term project," he said. "The whole thing will be done >on a one-to-one basis with the individual companies concerned." > >" Agencies have to make a judgement whether it's worth making a request >if it costs a few hundred pounds to do it " > >Ian Brown, Foundation for Information Policy Research > >The government is also currently working out what types of information >it wants from CSPs and how it will be delivered. > >"In theory, an interception capability would deliver all the data," said >Mr Perry. "It's the internet equivalent of a telephone tap." > >The government is hoping that its work on automatic surveillance will >become a European standard and be widely adopted. > >Costly communication > >Service providers have asked for help to buy the equipment needed to set >up the permanent interception capability. > >"The Home Office has said it would contribute £20m to this but the net >industry has said it will cost a lot more than that," said Ian Brown, >director of the Foundation for Information Policy Research. > >The Internet Service Providers Association has warned about the >potentially huge costs of installing surveillance equipment to meet the >demands of the RIP Act and the recently passed Anti-Terrorism, Crime and >Security Act. > >A spokesman for the organisation said it was still seeking clarification >over the types of data its members were supposed to be catching, how >long it had to be stored for and who would pay for the storage. > >Mr Brown said one of the few safeguards on the snooping system was the >fact that the agencies asking for the surveillance to be carried out >will be charged to use it. > >"This means agencies have to make a >judgement whether it's worth making a request if it costs a few hundred >pounds to do it," said Mr Brown. > > > Yahoo! Groups Sponsor -~--> >Will You Find True Love? >Will You Meet the One? >Free Love Reading by phone! >http://us.click.yahoo.com/O3jeVD/R_ZEAA/Ey.GAA/qkHolB/TM >-~-> > > > > > >Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
The Adelphia update
US prosecutors set to indict Adelphia family-paper Last Updated: July 15, 2002 12:23 AM ET WASHINGTON, July 14 (Reuters) - Federal prosecutors looking into questionable corporate dealings at bankrupt Adelphia Communications Corp. ADELQ.PK are set to bring charges against the Rigas family, USA Today reported on Monday. Prosecutors have prepared an indictment against Adelphia founder John Rigas and his three sons and are planning to file it as early as this week, the newspaper reported, citing sources close to the investigation. The criminal charges were expected to be filed in tandem with a civil lawsuit by the U.S. Securities and Exchange Commission, the newspaper said, adding that both the Justice Department and the SEC declined comment. Adelphia is the target of a Securities and Exchange Commission accounting probe and two federal grand jury investigations into multibillion-dollar off-balance sheet loans to the Rigas family, which founded the No. 6 U.S. cable television operator. Coudersport, Pennsylvania-based Adelphia filed for Chapter 11 bankruptcy protection in June, following months of disclosures of off-balance-sheet, company-backed loans to the family, as well as missed interest payments, overstated earnings and criminal and regulatory probes into its accounting practices.
Re: CA Power
At 18:47 7/11/02 -0700, you wrote: >Its all the same! > >Just remember. > >Be sure to pillage before you burn! "Leif Stupidison"...world's dumbest Viking, he died penniless...he never understood you loot THEN you burn...
RE: CA Power
At 21:41 7/11/02 -0400, you wrote: >When it's high-tech /rioting/ it's then called sabotage right? No "hacking">>>(grin)
Re: Notes on the Internet for Bell Heads
>Add into the mix the government is desprately seeking ways to >make the Internet "secure." No, "control the internet"...security only applies to THEMand their "big brother' intents... >So many vendors are trying their darndest to >find a problem so they can sell a solution, even if that means creating >the problem in the first place. Hegelian principal in its essence
Re: CA Power
More likely, theyre trying to CYA! >Could it be that CA is experiencing a normal surge in power utilization and >the warning is part of a normal cycle?
Re: Kudos to Qwest
Well, theres a matter of "customer acceptance" too then, "Let the billing begin!!" At 16:27 7/9/02 -0400, you wrote: >Maybe some of the telco's are finally learning that the quicker you can >install, the sooner you can bill. :) > >K > > > > > > "Vincent > J. > > Bono"To: <[EMAIL PROTECTED]> > > > org> Subject: Kudos to > Qwest > Sent > by: > > owner-nanog@m > > erit.edu > > > > > > 07/09/2002 > > 04:00 > PM > > > > > > > > > > >We always hear the worst but I just thought I would plug Qwest in that they >just installed an OC-12 point to point cross country for me in 27 hours >from >time of order. This included cross connects at Level3.
Re: Kudos to Qwest
That sounds like the path needed little more than cross-connects, and the 24 hr loopback test. It also sounded like both companies worked well together to expedite construction. I can remember circuits I turned up that waited months for some vendor on the end to do their work. The old "Bell Scamlantic"...or "Versleaon" should be a warning whenever seen on a order... At 16:25 7/9/02 -0400, you wrote: > then you are obviously missing the kudos @ level3 :) > > i've seen them be quite prompt in turning ckts up also. > > - jared > >On Tue, Jul 09, 2002 at 04:00:58PM -0400, Vincent J. Bono wrote: > > We always hear the worst but I just thought I would plug Qwest in that they > > just installed an OC-12 point to point cross country for me in 27 hours > from > > time of order. This included cross connects at Level3. > >-- >Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] >clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: wcom overbilling
At 11:37 7/6/02 -0400, you wrote: >Jeff Mcadams wrote: > >>Also sprach Dan Hollis >> >>>On Fri, 5 Jul 2002, Chris Beggy wrote: >>> Wcom's overbilling will be investigated: Sure will be, the SEC is including that in its investigation. See: http://www.thestreet.com/_yahoo/tech/scottmoritz/10030377.html
Speaking of taking down the internet
Just a FYI folksfrom one of the hacker lists I'm on... >Speaking of taking down the internet > > > Extra points for only needing to affect one device and having that device > > successfully spread the payload to every other device as a part of it's > > routine network communications. Think you can't cross boundaries between > > different chipsets as implemented by different vendors (i.e. Cisco exploit > > code which wouldn't presumably work on Foundry gear)? Think again. Think > > polymorphic multi-architecture assembly. Think stuff that we were doing for > > fun in a hotel room at Defcon two years ago. > >Heh. That's fucking evil, Dan. That's completely fucking evil. I like it. >The only problem I can see with it is that it'd take a lot of space. >Routers are tight on how much you can fit into 'em, and I think you'd >stand a good chance at setting off an alarm somewhere by adding that much >code. But maybe not... you could even store the code remotely... have your >evil router 'upgrade' it's neighbors. But then you might get caught by an >IDS system. Probability is low on that happening, though. Needle in a >haystack. > >How about using the same plan, except instead of just making the routing >infrastructure go dead, how about spicing it up a little and have it go >after the root DNS servers? Thousands of devices on the backbone stuffing >a DoS down an OC192 circuit at 9.6 Gigs per second would certainly have >folks confused, I'd imagine. Especially if you spoofed the source >addresses. > >Every time they trace the attack back to the other side of yet another >router, it looks like the problem is further away. People would be >completely mystified. Traffic coming from the routers would just look like >traffic coming from something on the other side of the routers. And it >would be... each router would be generating (and routing) a huge attack. >And as pretty much all communication would be down, even if a couple folks >figured it out, they'd have no easy way to spread the word of what was >happening. Although I'm sure it would certainly hit the news. > > > Having said all of that, it's a cool (in the sense of being skillful) > > attack against the Global Data Network, but hardly the easiest. It would > > probably cost lots less overall to just crash something big or something > > that goes boom over at Verisign and/or some places in the EU. I'm sure they > > have plumbing. Computers still don't like water. > >And fiber still doesn't like tractors ;-) Hmmm...? You make the decision if this is relevant...you didn't hear it from me...
Re: Worldcomm network question
For that and other reasons, Wcom will be bailed out, at taxpayer expense if necessary, for national security reasons. At 18:19 6/26/02 -0400, you wrote: >Anyone have any ideas, speculation, or info on how adverse future of WCOM >would play out for ISPs and such? Among other things, WCOM is the preferred >provider of long-haul pipes for DoD.that can't be good!! > >just curious > >rick
RE: How low can Worldcom stock go?
This is at least the second purge of that many bodies, maybe third...they just let 20k go a month or so ago.. These business practices will continue, as long as the benefits of doing things this way outweigh the punishment for doing them. Ask Bill Gates...for example. I'd venture a guess: In all these disclosures we've seen lately, Wcom, Global Crossing, Adelphia, Enron, ad nausium...NO ONE will go to jail...the taxpayer/stockholders will ultimately swallow it all. Haven't we gone down this road before? Remember Junk bonds and Milikin (sp)? Savings and loan scandal? Greed is good..right... who paid the bills for those debacles? You and I. IF you got a job, be thankful.. this isn't over yet. The only stocks I'd buy right now, are in shredder manufacturers >Prediction: > > Bankruptcy filing to lose the restated 5 quarters, followed by >emergence and prosperity. After all, isn't the saving of >fraudulent transactions made by suffering telecoms the whole "prupose" of >today's bankruptcy courts? > > Operationally, I believe the biggest impact will be indirect: losing >17K+ bodies will not make WC an easy giant to work with :-(
Re: packet inspection and privacy
At 09:31 6/24/02 -0700, you wrote: >I recently claimed that, in the USA, there is a law that prohibits an >ISP from inspecting packets in a telecommunications network for >anything other than traffic statistics or debugging. > >Was I correct? I would imagine privacy laws prohibit disclosure of this type of information in some places like Europe, but privacy protection is nil in the US. How else could all this spy-ware be legal to jam down people's throats? >I'ld also like to get opinions on privacy policies for network >operators. We operate much like the FCC rules on radio eavesdropping. If we hear/see something, we do not tell anyone else about it, nor ever use it for financial gain. (One of my major gripes about spyware) >It has been suggested that we should adopt a policy that >says that we'll notify customers if: >1) we inspect traffic, If youre a good network operator, you will always have occasions to do this for performance and security issues that only you can determine the validity of. No need to scare the customer. The customer deserves their privacy to the extent you can facilitate it. By taking their money, they should expect their email and web viewing habits will remain private. You might include a line in your TOS that you might inspect traffic for operational purposes, but anything seen will remain confidential and never used for financial gain. (I'm not a lawyer, so I highly suggest you consult one on this aspect). >2) we're aware that an upstream is inspecting traffic Thats a touchy subject, while we expect our feeds will always be doing similar maintenance/security testing, blowing them in and causing customer angst might get you sued or disconnected. >3) we're required to inspect traffic (by anyone). Since the police-state/anti-privacy measures rammed down our throats post 9.11 they might haul you off to the gulag for doing this. Or worse, declare you an "enemy of the state", strip your citizenship and lock you away forever. >Point 3) is just about the same as 1), but it does imply >a slightly different motivation behind the inspection. I know informing a suspect of a phone tap, in the telecom business will get you hard time. SO again, check with your law people...a lot's changed since 9.11 and the police state is doing things that havent been ruled legal or illegal by the USSC. So beware and get competent legal council before implementing anything. These are offered only as opinions...
Jamming authorized:
Wouldn't count on that cell phone in Canada. >Jamming of radio signals authorized > >Special permission for RCMP, military >restricted to G8 summit, Pope's visit > >By PAUL WALDIE > >Friday, June 21, 2002 Print Edition, Page A1 > >TORONTO -- The Canadian military and the RCMP have been given special >authorization to jam radio and cellphone signals during the G8 Summit >next week and the Pope's visit to Canada in July. > >It's the first time police or the military have ever been allowed to >block signals, an official said. > >The authorization allows the Department of National Defence and the RCMP >to use jamming devices around Calgary and Kananaskis, Alta., from June >17 to June 29 for the summit of leaders from Group of Eight nations. >They will have the same power to jam signals in Toronto from July 16 to >July 31 -- the Pope is scheduled to arrive in Canada July 23 and depart >July 29, with three Toronto appearances in between. > >RCMP spokesman Corporal Benoît Desjardins said jamming is an important >part of the security measures for both events. > >"The RCMP must ensure the safety and security of those attending," he >said yesterday. > >"It could be used, for example, if there was threat of a detonation of >some type of a remote-controlled device. We could jam the frequencies to >make sure nobody could send a signal to that bomb." > >He did not know, however, how the jamming would affect cell phones or >commercial radio transmissions. > >The order, signed by the Minister of Industry on June 6, exempts the >army and police from provisions of the Radiocommunication Act, which >prohibits "the interference with or obstruction of radiocommunication >without lawful excuse." > >The exemption "will provide a way to address the problematic application >of the prohibitions," the order says. > >It specifies that "every reasonable effort shall be made to confine or >restrict to the extent possible interference with or obstruction of a >radiocommunication . . . to the smallest physical area, the fewest >number of frequencies and the minimum duration required to accomplish >the objectives of the interference or obstruction." > >David Warnes, a senior adviser in Industry Canada's telecommunications >branch, said yesterday that it is the first time this kind of order has >been granted. > >He added that cellphone jammers are illegal in Canada, but the >department will soon release a policy on the devices. > >The department held public consultations on cellphone jammers last year >and it is considering permitting them in theatres, hospitals and other >public places. Jamming devices are also illegal in the United States, >but there is a growing underground market for the devices, which can be >bought for about $2,200. >A survey of 2,000 people last year by Decima Research found about 50 per >cent support for jammers in public places. > >Copyright © 2002 Bell Globemedia Interactive Inc. All Rights Reserved.
Re: Bet on with my boss
We have this wonderful invention called two-way radio. (grin) Our repeater has an autopatch, so you can hold a conversation from any landline to the mobile unit in the field or vice versa. Its been real helpful, like when aligning microwave dishes. At 18:04 6/21/02 -0400, you wrote: >We recently had a piece of equipment fail outside of Bronson, FL. This was >in a regeneration hut, 50 miles from almost anywhere useful. There is no >cellular service and no POTs in the HUT. The closest employee was a woman >who although bright was not very familiar with the equipment installed. >Because the management channel (IP) was still working to the site, an >engineer here in Quincy, MA was able to step her through fixing the problem >using nothing but IRC and two-way pager. It took her 35 minutes to correct >the issue. > >Harder than with a phone? Yes. Impossible? No. Without that IP channel >running? It would have taken closer to an hour and a half by my guess but >still doable. Smoke signals or semaphore? I won't hazard a guess. > >-vb Some sort of orderwire channel might be helpful in this situation as well, as long as the fiber is up, youll have a voice grade line to the NOC.
chinanet cleanup?
The guy "cleaning up" Chinanet should be given a medal, ..no better yet, we should ask everyone in the US who's ever been spammed from them to send in a US dollar to be forwarded to this guysomething tells me he's overworked and his job doesn't pay muchhe needs to be supported in his endless endeavor..perhaps they'd hire some more to help him? When he's done there, he's got a job waiting for him forever it would appear... Shutting off sections of the Internet seems to be counterproductive to me...if this continues unabated, we will see connectivity diminish over time, and the Internet de-construct itself. At 20:38 6/20/02 -0400, you wrote: >On Thu, 20 Jun 2002, Dan Hollis wrote: > > > > > On Thu, 20 Jun 2002, Chrisy Luke wrote: > > > David Lesher wrote (on Jun 20): > > > > > The service providers are not the enemies. If you treat them like > enemies > > > > > then enemies they will become. > > > > That's right; no service provider will ever harbor spammers just > > > > to make a quick buck. It's never happened, and never will. > > > Name the ones that do. All of them. Name the ones that will. > > > > chinanet > >There is actually a guy trying to clean up Chinanet now. @Home was my >favorite example before they went titsup.com. Just about any of the Korean >providers would be a good current example.
Adeklphia update
Adelphia announced price increases today 90 cents a month for cable TV, bringing the package to about $39. a month in Buffalo, and $41. outside. Also they increased the "powerlink" cablemodem $2.00 a month. (this is the second increase this year)
Re: XO
At 12:46 6/18/02 -0400, you wrote: >On Mon, 17 Jun 2002, Martin Hannigan wrote: > > > The difference is XO will be fine, Adelphia will be bought by , or > > potentially liquidated. > >They're talking about selling out to Charter. The deal with Charter fell through a week ago.Adelphia's so dirty, no one wants to touch them...guess we'll wait for the fire sale.
Re: spare fibers
Hi Daniel and all, Yes, multiple fiber in multiple conduits, traveling multiple paths is the best way to insure something's going to have connectivity. Ring topology is what I've seen mostly for best protection, if something goes down, restoration takes milliseconds and is automatic. Worst case, is some contractor digs up the place where your fiber enters your building and severs everythingnot much you can do about that kind of outage. At 20:41 6/16/02 +0200, you wrote: >Hi blitz, > >I think that you talk about multiple outage in the Telefonica >Network in Spain cause by sabotage. (48 fibers in 4 points at the same >time) > >I see ok the interest of the ministry, is necessary to assure that outages >don't affect to the national infraestruture. > >In our case we build our network over diverse companys with diverse path >in their fiber network. I see ok, that all companys that operate basic >services do it and they will have backup and emergency plans. > >Regards, >Daniel >Intelideas > > >On Sun, 16 Jun 2002, blitz wrote: > > > > > The Spanish ministry of science and technology has asked > > telecommunications companies to activate a backup plan in the > > case of such emergencies in future. > > > > Spare fibers in the same duct ;-? > > > > Doesn't sound like it would be much protection from "backhoe fade"...heh > >
spare fibers
The Spanish ministry of science and technology has asked telecommunications companies to activate a backup plan in the case of such emergencies in future. Spare fibers in the same duct ;-? Doesn't sound like it would be much protection from "backhoe fade"...heh
Adelphia update: WSJ SAYS DELISTING MEANS CREDITORS CAN ASK FOR 1.4 BILLION CASH, NOW.
Don't hold your breath for Adelphia, theyr'e toast... Adelphia update: Bankrupcy looms. Insider report follows: THIS IS ONE OF THOSE DAYS WHERE THE LATEST NEWS IS A LITTLE OLDER. BY NOW I'M PRETTY SURE ALL OF YOU SAW THAT THEIR STOCK CAN'T BE TRADED ANYMORETHE WALL STREET JOURNAL SAYS - AND THIS IS A FAIRLY NEW ANGLE-- THAT NOW BECAUSE OF NASDAQ HALT ON TRADING, BONDHOLDERS CAN CALL IN 1.4 BILLION IN DEBT. LIKE THAT SCENE IN "IT'S A WONDERFUL LIFE," WHERE THEY WALK IN AND SCREAM GIVE ME MY MONEY NOW!! TWO DAYFILE ITEMS: 1.) BOARD MEETING SATURDAY, EXPECT FIREWORKS BETWEEN ERKIE AND LEONARD TOW, THE NEW GUY. stories below confirm he's not happy. again, that's old news, though. although it now looks like tow wants to be chairman of the company. and he tried to get backing from board member Gelber. stage is set for a battle. NY Times did this overnight. 2.) A STORY BELOW SAYS THAT THEY HAVE TO FILE SOME SORT OF NEW FINANCIAL PLAN BY JUNE 15. ( if they don't file bankruptcy first) AND ONE OTHER QUICK NOTE: MY PREDICTION ABOUT A THURSDAY BANKRUPTCY IS KAPUT BUT WITH THE WSJ SAYING DEBT CAN BE CALLED IN, AND WITH SALE TALKS TO CHARTER BREAKING DOWN, IT'S PROBABLY SOON. Addendum: they BROKE down according to local news reports(Buffalo, NY, home of the Rigas family) May 30, 2002 18:46 ET Nasdaq to Delist Adelphia Communications Corp. NEW YORK, May 30 /PRNewswire/ -- The Nasdaq Stock Market, Inc. (Nasdaq)(R) today announced that it will delist the securities of Adelphia Communications Corporation (NASDAQ: ADLAE) based upon its failure to timely file its periodic reports with the Securities and Exchange Commission as required by Nasdaq rules and based upon public interest concerns. The delisting will be effective upon the open of business on Monday, June 3, 2002, in order to provide for an orderly transition of index components in the Nasdaq 100 Index. Source: The Nasdaq Stock Market, Inc. CONTACT: Scott Peterson of The Nasdaq Stock Market, Inc., +1-301-978-4873 Web site: http://www.nasdaqnews.com/ http://www.nasdaq.com/ May 30, 2002 05:39 PM Dow Jones Business News via Dow Jones WASHINGTON -(Dow Jones)- Brand-new Adelphia Communications Corp. (ADLAE) board member Leonard Tow on Thursday asked that the company refrain from selling its cable assets and repeated his request that the company add Rudy Graf to the board. Tow, the company's largest shareholder outside of the family of former Chief Executive John J. Rigas, said he opposes the company's plan to quickly sell the company's most valuable cable properties. Tow, whose affiliates beneficially own 12.76% of the company's Class A shares, said the company intends to complete the sale by Friday evening. Adelphia has been reported to be seeking a sale of cable properties to Charter Communications Inc. (CHTR).Adelphia spokesman Gary Holmes said the company had not yet seen the letter, which was filed with the Securities and Exchange Commission on Thursday. My guess is that we're not going to be able to comment on the filing, Holmes said. Tow, whose appointment to the company's board was announced Tuesday, made his requests in a letter dated Thursday to newly appointed Chairman and interim Chief Executive Erland E. Kailborne. (This story was originally published by Dow Jones Newswires) Copyright © 2002 Dow Jones & Company, Inc. May 30, 2002 19:58 ET Adelphia Responds to Leonard Tow's SEC Filing COUDERSPORT, Pa., May 30 /PRNewswire-FirstCall/ -- Adelphia Communications Corporation (NASDAQ: ADLAE) today issued the following letter to Dr. Leonard Tow: May 30, 2002 Leonard Tow 160 Lantern Ridge Road New Canaan, CT 06840 Dear Dr. Tow: I was, as I am sure you realize, surprised to receive your letter of earlier today. We have told you that we would brief you on the asset sale proposals in detail at the Board meeting Saturday. We have also explained the general goals and progress to you orally. Your letter is the first suggestion that you felt you needed more detail before Saturday. Your letter is also the first indication that you object to the company's need to address its liquidity issues through asset sales -- proposed asset sales that I thought you fully agreed were essential to the company's survival. We have asked you for any concrete proposal you have as to how to restructure the company's debt. While I did not intend to press you for any specific plan you might have until Saturday, in light of your objection to the planned asset sales I would ask you to provide me in as much detail as you are now able, what specific, concrete alternative or alternatives you propose. You will, I know, understand that general ideas without concrete details as to how they will be implemented are of little use at this time. Les Gelber has shared with me your proposal that you be elected Chairman of the company. I certainly hope that your letter is, and your participation as a member of the Board, will be directed toward
'SQLsnake' Worm Blamed For Spike In Port 1433 Scans
> 'SQLsnake' Worm Blamed For Spike In Port 1433 Scans >http://www.newsbytes.com/news/02/176701.html > >By Brian McWilliams, Newsbytes >SAN MATEO, CALIFORNIA, U.S.A., >21 May 2002, 11:04 AM CST > >A mounting trail of evidence has security experts warning that a new >Internet worm targeting Microsoft SQL servers could be on the loose. > >Since Monday, a sharp spike in remote probes of TCP port 1433, which >commonly is used by Microsoft's SQL database, has been reported by >many server administrators, according to SecurityFocus, which operates >an incident-reporting system called ARIS. --snipped for brevity, full article at url above.
Spammers could face fines
We can hope cant we? Forward from another list: >Spammers could face fines > >Reuters >May 17, 2002, 12:20 PM PT > >A bill aimed at limiting unwanted junk e-mail was approved and sent >to the floor by the Senate Commerce Committee on Friday with >unanimous support from Democrats and Republicans. It would strengthen >the Federal Trade Commission's enforcement authority by allowing it >to impose fines of up to $10 each on e-mails that violate existing >laws against spam, with a cap of $500,000. > >Sen. Conrad Burns, a Montana Republican and co-sponsor of the >legislation, said the bill would help both e-commerce and consumers >burdened by unsolicited junk or pornographic e-mails. "Rampant >pornography and fraudulent credit deals were never the destiny of the >Internet, but they have become commonplace fixtures in in-boxes >everywhere," he said. > >No similar measure is pending in the U.S. House of Representatives. > >New Mexico Republican Rep. Heather Wilson's bill requiring spammers >to use a legitimate return address--so unwanted e-mail can more >easily be blocked--has not yet been scheduled for a vote. > >Twenty-two states have passed anti-spam legislation. Spam has >especially been a problem for rural consumers, many of whom pay >long-distance charges for Internet connections and waste time and >money erasing their unwanted e-mails, Burns said. > >The Senate Commerce Committee on Friday approved an amendment by Sen. >Barbara Boxer, a California Democrat, that would prohibit >transmitting unwanted e-mails to addresses that were illegally >obtained from Web sites. > >Co-sponsor Sen. Ron Wyden, an Oregon Democrat, said moving the bill >would help the FTC deal with thousands of complaints it has received >about spam. > >"The problem is, the technology is on the side of the spammer," Wyden >said. > >The proposal would also require e-marketers to include a working >return address to allow recipients the option of refusing further >e-mails, and give Internet service providers the ability to bring >suit to keep unlawful spam off their networks. > >It would also subject spammers who intentionally disguise their >identities to misdemeanor criminal penalties.
Fwd: RE: Network Reliability Engineering
>AHH, MTBF date from vendorswell, there goes the idea of THAT project. >You'll find that data, IF you can find it, will be calculated by sales >cretins, not engineers. >Check out this book: > > "High-Availability Network Fundamentals" > Cisco Press > ISBN 1-58713-017-3 > >Despite its Cisco Press origin, the book is 99% vendor-neutral and applies >to any equipment. It helps you calculate MTBF-based availability of entire >network paths, factoring in various types of redundancy. You're on your own >collecting actual MTBF data from vendors, but this book may help you put it >together into something sensible.
and from the Supreme's..
FYI: - - - - - - - - Verizon Communications, Inc. v. Fed. Communications Comm'n Decided: 05/13/02 No. 00-511 Full text: http://laws.findlaw.com/us/000/00-511.html TELECOMMUNICATIONS (Federal Communications Commission's (FCC) Rules Under Telecommunications Act of 1996 Valid) The United States Supreme Court held 8-0 (opinion by Souter; concurrence by Breyer; dissent in part by Breyer; O'Connor took no part in decision) that the FCC can require state commissions to set the rates charged by incumbents for leased elements on a forward-looking basis untied to the incumbents' investment and can also require the combination of elements. The Telecommunications Act of 1996 (Act) was intended to eliminate the monopolies enjoyed by the inheritors of AT&T's local franchises. The Act entitles the new entrants to lease elements of the incumbent carriers' local-exchange networks, and directs the FCC to prescribe methods for state utility commissions to use in setting rates for the sharing of those elements. The FCC promulgated rules that created pricing provisions, based on a forward-looking pricing methodology, and required incumbent local telephone companies to combine certain previously uncombined network-elements when a new entrant requests the combination. Incumbent carriers and state commissions challenged the FCC's rules. The Court of Appeals for the Eighth Circuit invalidated both of these rules, holding that the Act required that rates be based on the actual, not hypothetical, cost of providing the network element and that there was no authority for the FCC to require the combination of elements. The United States Supreme Court reversed, stating that the FCC's rules were reasonable interpretations of the Act and the incumbents did not meet their burden of showing unreasonableness to defeat the deference due the FCC. [Summarized by K'elly Rees] - - - - - - - -
portscan?
I know theres knowledgable opinion on this list on this topic. Besides Gibson's (www.grc.com) port scan and www.DSLreports.com port scanning tools, is there any others you folks have found that are reliable and don't breed spam? TIA Marc
World-wide distributed DoS and "warez" bot networks (fwd)
From a forward to me on the DDos stuff...this might shed some light on the DDos problem, if not sorry for the bandwidth. begin forward >[Note: I just noticed last night, after giving a talk on this incident, that >several threads on the SANS Unisog list going back as far as February 18, >2002 have discussed this same botnet in generality and in some detail, so I >can't claim to be the first to analyze this botnet. That credit goes to >Christopher E. Cramer of Duke University. (That's what I get for letting >myself get so far behind on email, and for not studying all sources of >information I had available to me when we first started seeing problems. >Hopefully someone on the unisog list will cross-post to >[EMAIL PROTECTED] when a widespread incident like this pops up >next time. ;) > >The Unisog threads can be found here: > > http://staff.washington.edu/dittrich/misc/ddos/unisog-xdcc.txt > >Since all this work was already done, I'll still post what I have assembled >with the assistance of Mike Hornung and Alexander Howard at the UW, in hopes >I'm adding something new in the way of tools and techniques (see my >CanSecWest talk slides referenced at bottom) that will help speed up >response the next time one of these massive botnets is assembled using >compromised computers.] > > >Summary >=== > >Over the months of March through late April of 2002, the University of >Washington has seen multiple incidents of distributed "warez" (pirated >software) and denial of service (DDoS) attacks, coming from Windows 2000 and >NT systems. These systems all have several things in >common: > > o They appeared to be found with no password on the > Administrator account, and control taken over. > > o They had various IRC bots installed on them, including > knight.exe, GTbot, and X-DCC (a distributed "warez" > serving bot.) > > o They had the ServUFTP daemon running on them for incoming > file transfer (to load the "warez".) > > o They had Firedaemon (a program that registers programs for > execution to serve incoming connections, similar to the Unix > "inetd" daemon.) > >Details >=== > >Forensic analysis of hard drive contents and IRC traffic has revealed the >methods and signatures of the malware installed on the compromised systems. >To date we are not 100% sure of exactly how the initial backdoor >installation occurs, but it appears to involve remote shell access (via >telnetd). Whatever it is, the next step is to transfer a script onto the >system and run it to bootstrap the rest of the installation of backdoors, >bots, FTP server, and other support programs, the modification of >directory/file permissions and attributes to hide files, and changes to >registry settings to make programs run at each boot. On some system, FTP is >also used to later transfer files onto the compromised system. > >The script does the following: > >o Creates a directory under the C:\RECYCLER directory, and marks > it hidden and system directory. > >o Kills any previously running instances of itself. > >o Installs Firedeamon, and changes it (and other support programs) > to be system/hidden. > >o Uses tftp to download IRC bot configuration files from a temporary > cache (on another compromised system) > >o Does a "net user administrator changem" and deletes the > ipc$ file share. > >o Starts the Firedaemon and registers services named "Ms32dll", > "SVHOST" and "MSVC5" > >o Creates a file to set the following Registry settings, then > runs "regedit" on this file: > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\] > restrictanonymous"="1" > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TelnetServer\1.0\] > "NTLM"="2" > >o Cleans up some files, and stops and deletes the following > services: "tlntsvr" and "PSEXESVC" > >o (Re)Starts the following services: "lmhosts" and "NtLmSsp" > > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >user_nick [XDCC]-649 >slotsmax 20 >loginname X >filedir C:\RECYCLER\S-1-5-21-2686636377-1107193052-384560437-1000 >uploaddir C:\RECYCLER\S-1-5-21-2686636377-1107193052-384560437-1000 >xdccfile c:\winnt\system32\vmn32\asp\mybot.xdcc >pidfile c:\winnt\system32\vmn32\asp\mybot.pid >server irc.XX.net 6667 >server irc.XX.net 7000 >server .X.net 6667 >server .X.net 7000 >server XXX.XXX.XX.XXX 6667 >logrotate weekly >messagefile c:\winnt\system32\vmn32\asp\mybot.msg >ignorefile c:\winnt\system32\vmn32\asp\mybot.ignl >channel #XDCC -plist 15 >user_realname XDCC >user_modes +i >virthost no >vhost_ip virtip.domain.com >firewall no >dccrangestart 4000 >queuesize 20 >slotsmaxpack 0 >slotsmaxslots 5 >slotsmaxqueue 10 >maxtransfersperperson 1 >maxqueueditemsperperson 1 >restrictlist yes >restrictsend yes >overallminspeed 5.0 >transfermaxspeed 0 >overallmaxspeed 2000 >overallmaxspeedd
Re: anybody else been spammed by "no-ip.com" yet?
When I re-read my post, I'd like to clarify the "clean" part a bit. I mean technically clean, as in all of the parts working properly as best as the fine people represented on this list can make it happen that is...so lets say "properly operating"...to be a little more specific. The Internet certainly isn't "clean" by moral standards, and as I see it, those are individual choices individuals make, and I certainly don't want anyone, especially the "gooberment" mandating those choices for me. Gooberment does have a place in this, though I'd rather those bastards stay the hell away from anything thats working well. I wouldn't mind if a few more states made spam illegal, like Calif and Oregon have made it. I don't give a rat's rectum about advertisers, in fact I place them in the same category as shysters, the world could live life just fine (and cheaper) without their ilk around. At 18:44 5/3/02 -0700, you wrote: >uWell I tend to always error on the side of free expression verses >making something illegal and I definitely disagree with the statement >that its a clean internet otherwise but just like non electronic space >there are many differing standards and shades of things something I >actually think brings a lot to the quality and adventure of the thing.
Re: anybody else been spammed by "no-ip.com" yet?
Picture it as a fellow stopping by every night and filling your home mailbox with horse manure...I'm sure you'll get a feeling for how most of us regard it. A) it wastes bandwidth B) It wastes our time C) It's the "litter" of an otherwise clean Internet. D) It's a method of placing the costs for the actual emailing on someone else without their explicit permission...the ISP, the user, and the ISP's other paying customers all pay for the act, either directly or indirectly. We need to make it illegal as soon as possible everywhere. At 15:27 5/3/02 -0700, you wrote: >I realize this statement I'm about to make is going to open a huge... >can o worms but ... and hoefully everyone knows I mean this in the most >friendly responsible way ever but I'm not sure entirely what the big >deal with spam is. Honestly sure I get it like everyone else, in some >of my accounts more than others but I also get a real truckload in my >snailmail box. Just as with all the pottery barn catalogs to pottery barn I guess>:) I have a delete key just like my trash can. >I know at one time the argument was made, and quite correctly that >people were paying to receive this service and these messages cost them >money. Today with flat rate access and many people not paying on a per >packet basis it seems to me that the responsibility lies with the end >user to filter properly and or dress that delete key. I always shut >down customers who spam and disrupt service simply because I don't want >the backlash or want specific ips blocked but in a way I don't feel its >right that the carriers do the filtering it seems tome up to the end >user. > >On Fri, 3 May 2002, Mitch Halmu wrote: > > > > > > > On Fri, 3 May 2002, Paul Vixie wrote: > > > > > > I hate to sound like the big idiot here, but what exactly in the email > > > > you received indicates no-ip.com spammed? It looks to me like you just > > > > have some secret "admirer" who thought you wanted a no-ip.com account, > > > > and no-ip.com emailed you to confirm that you do want the account. > > > > > > spam is like pollution in that (a) whenever you're not sure if you're > > > doing it, you probably are, and (b) if everybody did whatever it is, > > > life would be universally worse for, well, everybody. > > > > > > > Random disclaimer: Yes, we're a competitor of no-ip.com's... And > yes, we > > > > used to send similar emails to people signing up for an account, > > > > although nowadays instead of sending them an initial password we send a > > > > confirm URL instead. > > > > > > that's the right approach. no-ip's problem was they presumed my > permission. > > > > > > > You don't even have to be in the "big idiot" league to figure out that in > > both the "wrong" and the "right" approach as sanctioned above by a higher > > authority, an email message (aka spam) is sent to the presumed subscriber. > > > > One sends a password, one asks for permission to issue a password on their > > site. What's the difference in the annoy factor, if indeed one were to be > > subscribed by a secret "admirer"? > > > > Mr. Halmu chose to think, rather than bindly obey... > > > > --Mitch > > NetSide > >
Forget Bernie...
http://biz.yahoo.com/rc/020502/telecoms_worldcom_1.html Bernie was dragged kicking and screaming out of Wcom today according to news I readperhaps they chained him to his multi-milliondollar sailboat and pushed it twords the Bermuda triangle. John Sidgmore is now CEO. Yawn... Of course, they make little mention of his $630 mil "loan" that seems to be "dissapeared". >Then become a UUNET customer cause we already do this... Perhaps other >providers with 24/7 security teams will pipe up to give potential >customers a heads-up on options other than UUNET? If you go with UUNET >please tell the sales driod I sent you cause then I get 50 bucks :) (my >only raise thanks to bernie)
EarthLink Financier Pleads Guilty to Fraud Charges
http://story.news.yahoo.com/news?tmpl=story&u=/nm/20020430/wr_nm/crime_slatkin_dc_1&printer=1 LOS ANGELES (Reuters) - Reed Slatkin, the investment advisor who provided start-up funds for Internet service provider EarthLink Inc. , pleaded guilty on Monday to 15 charges of fraud and conspiracy for bilking almost 800 clients out of nearly $600 million. Slatkin, 53, entered his plea before U.S. District Judge Margaret Morrow under the terms of a plea deal announced by the U.S. Attorney's Office on Mar. 27. A former bishop in the Church of Scientology who was excommunicated from the church earlier this year, Slatkin faces a maximum of 105 years in prison stemming from five counts of mail fraud, three counts of wire fraud, six counts of money laundering and one count of conspiracy. "Your Honor, it is an acceptable representation of my conduct," Slatkin told Judge Morrow after prosecutors described to the court how he had used investments from new clients to pay returns to old clients, in what is commonly known as a Ponzi scheme. The plea agreement took nine months to hammer out, but it is not clear whether Slatkin can pay the $254.6 million in restitution he agreed to pay since he has filed for bankruptcy protection from creditors. Slatkin, who surrendered to authorities on April 25, was led by U.S. marshals into the courtroom wearing the standard-issue green jacket, blue pants and manacles around his waist and wrists. "This is part of the process that we've committed to where he is accepting responsibility for his conduct and helping creditors regain their assets," Slatkin's attorney, Brian Sun, told Reuters. Slatkin began talking to the U.S. Attorney's Office last June about a plea deal, two months after resigning from EarthLink's board and one month after filing for Chapter 11 bankruptcy protection and having his assets frozen. Slatkin admitted in the written plea agreement that he had portrayed himself as a successful financial adviser and provided investors with faked account statements which purported to show that they were achieving above-market returns. In 1993, when it could take hours to log on to the Internet, 23-year-old Sky Dayton decided to found an Internet service provider focused on customer service. He persuaded Slatkin and Kevin O'Donnell to invest $100,000 and EarthLink, now one of the nation's largest ISPs, was launched in Glendale, California, in 1994.
Re: If you were in a government Cyber-warning center
You can also add to that:
If the original derailment didn't cut the cable, the subsequent
construction surely would.
The cable buried is an afterthought, rail repair crews will undoubtedly
bulldoze things flat and straight, bring in fill and push the debris to one
side, and get the ballast and rails back in, tamped, and service restored
as quickly as possible. Over a period of time, after, they will remove and
scrap, all with big machinery, shipping the repairable to a
rebuilder...your glass cable doesn't mean an iota to the rail company when
they need to restore service and get the right-of-way open. An outage of
this nature on a main track may take days to a month or so to be ready for
a crew to re-install the glass, splice and restore that path.
Needless to say, this is what redundancy is all about...
At 20:54 4/26/02 -0600, you wrote:
>On Fri, Apr 26, 2002 at 08:42:21PM -0400, David Lesher wrote:
> >
> > C) How deep do you want it? ATT put their #5 TCC cable down 4';
> > no easy task. {But then, we paid for it...}. Will that help
> > when a locomotive lands on it? If it doesn't... it's much harder
> > to fix.
>
>The average locomotive is something above 100 tons. On anything but your
>usual passenger service, it's common to see at least 2, and up to 4, units
>on the front (often not all of them are in service or at full capacity).
>
>It's also relatively boxy, nearly flat. Flip it over, cause the front bit
>to go do into the dirt, and it will make a *lovely* plow. Anyone doubting
>this should look at aerial footage from news crews after such an accident;
>things often look like a road-scraper went by.
>
>4' might be deep enough - and it might not, though I'd suspect that it will
>be protected from most derailments. But, as noted above... 4' costs a lot
>to accomplish.
>
>If the cost of a derailment-induced outage is low (latency, rerouting, a
>few minutes of problems while the system reacts), it probably costs a hell
>of a lot less than burying that many miles of cable 4' deep. Even when you
>run the averages. And 1' deep probably just isn't going to cut it, as it
>were.
>--
>***
Fwd: [ISN] Hackers exploit Korea to attack global systems
Hmm speaking of the Asian rim: >http://www.koreaherald.co.kr/SITE/data/html_dir/2002/04/26/200204260031.asp > >By Yang Sung-jin Staff reporter >2002.04.26 > >Hackers are increasingly using South Korea as an entry point to attack >computer systems in other countries, a serious situation that could >undermine the country's image ahead of the World Cup finals, experts >and industry sources said yesterday. > >Major international studies show that a large percentage of computer >attacks can be traced to Korea, suggesting that the country's cyber >security system needs an urgent upgrade or overhaul. > >According to New York-based Predictive Systems Inc., Pacific Rim >countries were involved in 91 percent of attacks that weren't traced >to the U.S., which continued to be the leading source of attacks and >target for them. Korea accounted for 34 percent, followed by 29 >percent for China, 10 percent for Japan and 7 percent for Taiwan. > >The National Policy Agency's Cyber Center said the number of hacking >incidents is rising steadily with the World Cup just around the >corner. > >Some foreign servers block access attempts whose origins are traced to >Korea, implying that the country's leadership in the broadband >Internet business may be marred by its negligence in upgrading lame >security protection systems, the center said. > >The center, in charge of cracking down on cyber crime and hacker >attacks, estimated that 22 international hackers broke into 11,222 >server systems around the world between August last year and March >this year. Of 6,287 sites with identifiable origins, 39 percent were >traced to Korea, the center said. > >It said about 4,376 systems in Korea have been the targets of hacking >attempts during the period and the actual damage might have affected >more than 40,000 systems nationwide. > >The police cyber center said Korea was most vulnerable to hacker >attacks, followed by the United States, China, Taiwan, Romania and >India. > >The victims ranged from a major Internet portals to state-run research >agencies to security solutions providers. > >Even a government organization armed with the latest security >solutions was a victim of an attack by sophisticated foreign hackers, >police said. > >According to the center, the average number of hacking incidents in >the year to March was 614, up 20.2 percent from the year-earlier >period. More importantly, a large number of victims did not know their >systems had been attacked. > >Police said its cyber team is chasing 22 suspects whose origins are >outside of Korea in connection with the latest hacking incidents. >Police are tracking hackers' IP (Internet Protocol) addresses and >working with investigators in other countries. > >Police said 18 of the 22 suspects are Romanian and others come from >Australia, Brazil, Germany and Russia. > >"Schools have turned out to be most vulnerable to hackers' attacks >since they care little about their network security and international >hackers are exploiting such school systems," the Cyber Center said. > >Hackers use a variety of techniques to hop from one computer to >another to disguise their location, making it hard for investigators >to trace the criminal activities. > >The reason for the frequent attacks on Korean systems is the country's >fast-growing broadband network. More than half of the nation's >households are now wired to the high-speed Internet network and tens >of thousands of local PC salons are crowded with multi-user network >game users and online stock traders. > >Although the broadband network has advanced by leaps and bounds, Korea >is required to strengthen its security level by adopting advanced >software and solutions to block hacking attempts.
RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
Has anyone noticed how the stories about insiders trading and selling airline and insurance company stocks short just before 9.11 disappeared real quick. Someone had plenty notice it seems. >If true, these are not script kiddie type threats. I hate to say it, but 911 >is an example that the unthinkable isn't. I'm waiting for the first worm that erases kernal32.dll and krnl32.exe and installs some other operating system...with my luck, it'll be cobol or fortran. heh..
RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
You know, "we" all my be the first to see and understand that such a attack is in progress...attacks against critical targets can come from anywhere with distributed computing. Even IF we detected it happening, the question is, who would you tell, and more importantly, "do you trust YOUR government" with that information? With whats gone on to neutralize the Constitution since 9.11, its hard to say just who IS the enemy. I know the whole process of turning the US into a police-state is un-nerving to say the least. But I digress That whole article thats in the LA times is a rehash of the article that was on C4I.org back when the US spy plane was held in China. Interesting to see some reporter dug it up and made it frontpage again. Why? At 18:25 4/25/02 -0700, you wrote: >How many PC's and components are 'Made in China'? > >In the dark ages, I worked for Williams Electronics. We made Arcade Games >*blush*. Once we found our custom chip was reverse engineered in Taiwan, and >they were shipping knockoffs six weeks after we started shipping the real >product. > >If true, these are not script kiddie type threats. I hate to say it, but 911 >is an example that the unthinkable isn't. > >Bruce Williams >"A healthy paranoia is the beginning of sound operations policy" > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > blitz > > Sent: Thursday, April 25, 2002 3:33 PM > > To: [EMAIL PROTECTED] > > Subject: RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S. > > > > > > > > I put nothing past them, of course theyre not alone, as we > > all must assume > > by now. > > Theyve threatened to nuke LA if we interfere with their plans to take > > Tiawan by force, and smile and say, kill 300 million of us, > > do us a favor. > > Kinda hard to deal with an enemy like that. > > > > At 18:01 4/25/02 -0400, you wrote: > > > > > > >Is it really hard to believe that the Chinese government > > would actively fund > > >cyberterrorism? > > > > > >Deepak Jain > > >AiNET > > > >
RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
I put nothing past them, of course theyre not alone, as we all must assume by now. Theyve threatened to nuke LA if we interfere with their plans to take Tiawan by force, and smile and say, kill 300 million of us, do us a favor. Kinda hard to deal with an enemy like that. At 18:01 4/25/02 -0400, you wrote: >Is it really hard to believe that the Chinese government would actively fund >cyberterrorism? > >Deepak Jain >AiNET
Re: UUNET instability?
At 16:59 4/25/02 -0400, you wrote: >On Fri, 26 Apr 2002, Lionel wrote: > > > >> > > >>"A butterfly in outter mongolia flapped its wings" will probably be cited > > >>before long... > > > > > >telnet bofh.engr.wisc.edu 666 The Archive of BOFH is here: http://bofh.ntk.net/Bastard.html
Cisco blunders with insecure web page
Cute..like they didn't know any better, sheesh! >http://www.silicon.com/public/door?6004REQEVENT=&REQINT1=52897&REQSTR1=silicon.com > >Wednesday 24th April 2002 > >Cisco has been forced to close an online registration form after >neglecting to secure the web page. > >The page was part of a marketing programme which offered Cisco's >second-tier resellers in Europe the chance to increase marketing funds >if they upped sales of certain Cisco products. > >But applicants registering for the programme online discovered their >banking and company details were going onto an open web page. When one >irate silicon.com reader called the Cisco helpdesk, he was informed >that the company was aware of the problem because several other users >had complained. > >Helpdesk staff recommended that users enter fake details on the web >and forward the real information in the post, a course of action our >reader regarded as an extreme waste of time. > >In a statement, Cisco said it had pulled the registration URL for 48 >hours to install SSL (secure sockets layer) - a common way of securing >web pages. > >A spokesman for the company said: "I can only put it down to an >unfortunate oversight in corporate procedure¬ a great deal of >people have been affected but that's no excuse." > >The registration site had been running for 10 days before it was taken >down on Monday. Cisco said just 100 people had registered in that >time.
RE: The Myth of Five 9's Reliability (fwd)
But THAT was when phones had cranks on the side. ;) 5 nines is a myth, conjured up by sales cretins to have something to sell...If I remember, 5 nines translates to 6 minutes outage a YEAR..? (Correct me if I'm wrong here) It's a marketing ploy for liar sales people and CEO's, it has absolutely NOTHING to do with real-world conditions. >BTW - One of my best friends growing up ( and we took EE together ) >grandfather was the V.P. in charge of AT&T's LongLines division while a lot >of the "wire was pulled". From what he said of his grandfather's remarks, >they didn't think about five 9's. The question was how much spare/redundant >capacity did you have, both for dependability and to support the countries >growth. Not exactly "this quarter's profit" thinking -sigh-.
Re: Qwest Transit
I'd appreciate a copy as well... At 01:45 4/4/02 -0500, you wrote: > >>Bear in mind that the financial situation at Qwest is bad. > > >Isn't that partially due to deals with Enron on which they > >misrepresented sales numbers? > >Partially, but not primarily. The lead front page article in the >Wednesday WSJ is about how badly mismanaged Qwest is. The gist of it >is that US West was a sleepy RBOC with mediocre management, then Qwest >which was what one might call a dot.fiber bubble company bought US >West with fluffy puffy stock, then its incredibly arrogant and not >very skillful management ran the company into the ground. > >If you don't get the Journal, the online edition allows me to mail >copies of articles to individuals, so write me if you want a copy. > >-- >John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 >[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, >http://iecc.com/johnl, >Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
Re: How to get better security people
>Problem is, some feces for brains boss is always going to come along and >tell you to do what you know is not in the best interest of security. And >when the problem rears its ugly head, YOU take the heat, not the idiot who >insisted you go against proper procedure. All I can advise, is document, document, document, then when it does come down, and they point the fickle finger of fate at you, you can always produce the documentation that 'da bozz' made ya do it... >Hmm. Incredibly biased opinion follows... > >A basic security mindset is a combination of paranoia, a talent for >contingency planning, and an understanding of business need. > >However, the paranoia must not be so extensive as to be crippling, >the contingency planning must not be so obsessive as to be paralysing, >and the understanding of business need should not interfere with the >periodic difficult and unpopular decisions that must be made to >protect the greater good.
EarthLink founder guilty of operating a Ponzi scheme
LOS ANGELES The co-founder of EarthLink, one of the nation's largest Internet providers, agreed yesterday to plead guilty to operating a Ponzi scheme that involved $593 million and 800 investors, including celebrities. Reed Slatkin acknowledged in court documents that he was responsible for $254 million in losses and agreed to plead guilty to mail fraud, wire fraud, money laundering and obstruction of justice charges. Full story here: http://www.uniontrib.com/news/business/20020327-_1n27ponzi.html Like we didn't know?
Re: Network Outage
Well, I used to be a contractor for MCI/WCOM, so I know all the numbers to call and the names of people to ask for. They as a rule are very mysterious about anything outage related. The first rule to get better service, is always say OK to intrusive testing. I've had jacks go bad, and the bridge point isn't a wholesome indicator and the fault can be 2 inches away. Besides, I was hard down, all zeros, so it didn't matter. After some arm twisting at Bell Canada, they confirmed it wasn't on their side of the ditch, so I started calling people I know here. The usual characters at the WCOM NOC were calling and leaving useless messages on my answering machine, but I called Sardinia, and got them to check outbound, towards Canada, and they said the T3 looked wholesome, but he couldn't access it at T1 level. I did however, find my Ticket appended to some others, so I knew it had to be at a bigger pipe than my T1. I know where they can check at T1 level, at 3DE, (the old MFS site, where I used to work) so I called, and a girl I worked with told me they had a DS3 cross-connect cable failure earlier, and it was repaired. I called over to the transport desk, and they confirmed the circuit was outbound twords Canada. I put two and two together and when I called the NOC back (they hadn't called my pager as instructed when the cut was cleared) they said the problem had been cleared and the circuit restored. Turns out, the NYC stuff was independent of the Canada problem, (which was my top priority) and the NYC stuff cleared on its own about 15 mins after I talked to Sardinia. Never got a positive cause on that one, but its gone, so its ok by me. Theyre stretched so thin on manpower now, and rumors are flying theres to be another round of layoffs next week, groan. Anyway, all the circuits are back and wholesome, so Im happy...back up at 4:10pm At 19:59 3/21/02 -0500, you wrote: >What did you end up getting from them. I lost some ccts out of 60 Hudson >and they would not cough up to a problem, only hour later during a co-op >test did the problem "clear on its own". Any details you can provide would >be great. > > >- Original Message - >From: "blitz" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Thursday, March 21, 2002 3:00 PM >Subject: Network Outage > > > > > > Good day, > > There has been a MCI/Worldcom outage near the Sardinia, NY switching >site. > > I have been in contact with them since around 12:00 EST and they are > > presently trying to localize the problem. > > I've lost a couple international circuits to Canada, and some to NYC. I > > don't know if anyone else is experiencing similar problems. > > > > This is just a heads up for the list (and my first post..hello all) > > > > Marc Blitz > >
