Re: Name Server Change-over completed
On Sun, 30 Jun 2002, Rizzo Frank wrote: > "John Palmer (NANOG Acct)" wrote: > > Sorry Paul, I guess you don't understand how those TLDTAG records > > work. > > Sorry John, I guess you don't understand how Internet naming works. > There is one true root file, and it's not yours. I guess the moon is in phase with some star somewhere, and now it's time to argue who's root is he "real" root... Barf. Enough already - we all have our own roots. one guy follows Vixies roots, while I typically roll my own. Many others do other things. The final point of this insanity is that there is NOT a single root. Hasn't been for a hell of a long time, and I suspect that there never will be again. > > Its no joke. > > The only joke here is your lack of knowledge concerning basic networking > concepts like DNS. The networking concepts ride on the social concepts (like PRI ridess on T1). all of these paradigms are equally valid, even if universally despised for it. I sayth to you, the parties in interest: Deal with it. It aint gonna change. -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
RE: How low can Worldcom stock go?
Prediction: Bankruptcy filing to lose the restated 5 quarters, followed by emergence and prosperity. After all, isn't the saving of fraudulent transactions made by suffering telecoms the whole "prupose" of today's bankruptcy courts? Operationally, I believe the biggest impact will be indirect: losing 17K+ bodies will not make WC an easy giant to work with :-( On Wed, 26 Jun 2002, Deepak Jain wrote: > The upside, and the operational piece is that judging by all the > insolvencies upto now have done little to effect existing services that are > in place. > > Deepak Jain > AiNET > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Eric Germann > Sent: Tuesday, June 25, 2002 10:28 PM > To: [EMAIL PROTECTED] > Subject: RE: How low can Worldcom stock go? > Sensitivity: Confidential > > > Accoriding to Reuters: > > -- WorldCom sees $2 billion a year in cash savings. > > -- WorldCom will lay off 17,000 workers starting Friday, which will save > about $900 million annually. > > -- WorldCom will sell off non-core businesses, including South American > assets, and its wireless resale business, which will save $700 million > annually; > > -- WorldCom will save about $375 million annually by paying some preferred > dividends in common stock, not cash, deferring some dividends, and > discontinuing the dividend on the its MCI tracking stock. > > -- WorldCom will also cut capital expenditures in 2002 and forecasts 2003 > capital investment at $2.1 billion. > > The usual stock sites have the releases. Ironically, Anderson stated > tonight their work complied with accounting standards. > > Wonder where the 17,000 souls are going to come from? > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Eric Germann > > Sent: Tuesday, June 25, 2002 7:03 PM > > To: [EMAIL PROTECTED] > > Subject: How low can Worldcom stock go? > > Sensitivity: Confidential > > > > > > Any bets where they will bottom out at? Lets see if they can > > beat Adelphia > > at $0.05 on 6/21/02 > > > > > > > > > > >From WSJ Tech alerts. > > > > WORLDCOM UNCOVERED what appears to be one of the largest > > corporate frauds in > > history with the discovery of more than $3 billion in expenses that were > > improperly booked as capital expenditures. > > > > For more information, see: > > > > http://online.wsj.com/article/0,,SB1025044139757626480,00.html > > > > > > > > > > == > > Eric GermannCCTec > > [EMAIL PROTECTED] Van Wert OH 45801 > > http://www.cctec.comPh: 419 968 2640 > > Fax: 603 825 5893 > > > > "The fact that there are actually ways of knowing and characterizing the > > extent of ones ignorance, while still remaining ignorant, may > > ultimately be > > more interesting and useful to people than Yarkovsky" > > > > -- Jon Giorgini of NASAs Jet Propulsion Laboratory > > > >
Re: Testing Bandwidth performance
On Tue, 25 Jun 2002, Alan Sato wrote: > What are some tools to test bandwidth perfomance? I've used iperf, but > are there other tools or ways to generate traffic for testing purposes to > see a links maximum capacity? Especially greater than a 100mb. Realistically, you will need commercial hardware/software to do this properly. Smartbits, Shomiti, are two examples (Shomiti is less than user friendly, but the thing can do almost anything) > Alan -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Supporting White Hats (Was SPEWS)
On Fri, 21 Jun 2002, JC Dill wrote: > On 06:45 PM 6/20/02, [EMAIL PROTECTED] wrote: > > > I work goddamn > >hard keeping my corner crispy white, but the crispy whites are invisible when > >it comes to sales time. > > Perhaps you should help the sales department position this important data > in their marketing literature and sales pitches. Tout the advantages of > doing business with a crispy white hat, how it improves the reliability of > one's Internet connection and services, etc. You can't blame the Internet > community for not knowing about your "secret efforts" to stay crispy white > if you keep those efforts secret! There is no secret here. Our stance is in all the literature, in the AUP/TOS/etc. However, as I have pointed out, when it comes time to buy, nobody I have seen says "hrm: they're white-hat, that decides it" whereas I *have* had prospects send me humongous emails telling how they will "never" buy any service from us because they received an email from one of my downstream customers (maybe 4 times removed...). The anti-spammers need to put up or shut up. -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: e-mail blacklists (was Re: SPEWS?)
On Thu, 20 Jun 2002, J.D. Falk wrote: >But spamcop's in specific is still based on spamcop user > complaints, and most of the spamcop user complaints I've seen > have been grossly mistargetted. How? I find spamcop to be very reliable, and the basis of many actions. > -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Supporting White Hats (Was SPEWS)
As a person who actively works an abuse department... We need to remember that while lots of folks will scream like banshees at the reciept of a single email, very few (none that I know of personally) will help a place *stay* "white hat" by voting with their wallets to support the killing of spammers. It's a business folks - if you kill a customer who is paying his bills every month (and full DS3's are not cheap), you must make it up somewhere. When I kill a *small time* spammer (a T1 or a pair of T1s), I have to be able to make a business case that the guy is costing more than he is bringing in, and I need to do this for each and every kill. Where are the hordes who will support the ISP/NSP who makes these kills? It CANNOT be a one-way street (which it pretty much is today). I work goddamn hard keeping my corner crispy white, but the crispy whites are invisible when it comes to sales time. No sales means I can't justify what I do. And if I can't justify it, then SPEWS, or Selward, or God herself isn't going to make any difference screaming that a pink contract is the wrong thing to do... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: SPEWS?
On Thu, 20 Jun 2002, Dan Hollis wrote: > Well if you want to talk about western networks, qwest ranks second just > behind chinanet in terms of black hat and spam. s/qwest/verio/g As someone who has recently had the "pleasure" of dealing with some of their pink sheet clientele... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: NANOG25 - MRTG Stats for Hotel Network
On Sun, 9 Jun 2002, Randy Neals wrote: > For those interested in the amount of bandwidth used at NANOG25. > Utilization of the Hotel Router can be viewed at: > > http://nanogmrtg.grouptelecom.net/ > > ATM 2/0 is the OC-3c that connects the Hotel to the outside world. I see the beer rany dry about 0015? Bummer :-) -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Controlling Spam to the NOC
You hit it dead on: use all the tools at your disposal, but preemptively "whitelist" your customers. Unfortunately, the whitelisting isn't always as easy as it sounds. If they are within your IP space, you're good to go, but if they have the rare portable block, or they are multihomed, etc., you need to be more careful. In Short: Whitelist like crazy, and then blacklist like mad! On Thu, 23 May 2002, Jeff Workman wrote: > Hello, > > Has anybody on this list figured out an effective way to eliminiate, or at > least severely limit, the amount of spam that arrives in your NOC? I am > aware of solutions such as Spamassassin, Vipul's Razor, and the various RBL > lists, but has anybody used one of these solutions, or anything else, to > reduce the amount of spam going into noc@/trouble@/etc mailboxes without > severely restricting the rest of the internet's ability to reach the noc > via email for legitimate purposes? Particularly in a NOC where it's quite > possible that some of your customers are listed in the RBLs but still need > to reach you. > > -Jeff > > -- > Jeff Workman | [EMAIL PROTECTED] | http://www.pimpworks.org > -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: anybody else been spammed by "no-ip.com" yet?
On Sat, 4 May 2002, Forrest W. Christian wrote: > On Sat, 4 May 2002 [EMAIL PROTECTED] wrote: > > > How about something along the lines of dial accounts having their outgoing > > SMTP connections rate limited to, oh, let's say 100 per day, and limiting the > > maximum number of recipients on any given email to some low number, say 5? > > > > A customer reaches the limit, the account auto-rejects all email for 24 > > hours. > > > > Someone bitches? Let them buy full rate dedicated services, with the first > > month, last month, and a security deposit up front before service is > > established. > > The problem with this is how do you enforce this across thousands of mail > servers, controlled by many many different organizations? Obviously, it is a self-enforcement issue, aimed at the ISPs who do sial services. I firmly believe that if we could control the dial accounts in this respect, we'd wipe out a very large portion of the problem children The incentive to the ISP is obvious: $19.95 throw away accounts (which are likely not paid anyway) disappear, their SpamCop nightmares disappear, and the legitimate mass mail customer pays for commercial services. > I'm not saying the pay-per-message option is perfect. I am a fan of micropayments in theory, but I do not believe that they can ever be applied to email, attractive though it may be. Since I don't believe it's really possible, I choose not to burn cycles on it. > The bottom line is that in my opinion people need to give up *something* > for the privlege of sending mail. Agreed: to send it for free, they lose the right to do it in significant volume. > I suggested a couple of cents per > message. Others reject this as "it will destroy the net". Camram > requires people to give up CPU cycles. This might be an easier thing to > swallow. Possibly, but I doubt that you can explain this to Joe and Jane Sixpack. > Passing laws and putting on filters don't work. Amen. > Depending on each mail > server admin to do the right thing doesn't work. The problem here is defining "the right thing", no? > We need to find > something else that will. Agreed. > - Forrest W. Christian ([EMAIL PROTECTED]) AC7DE -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: anybody else been spammed by "no-ip.com" yet?
On Sat, 4 May 2002, Forrest W. Christian wrote: > We're trying to discourage bulk emailers, not individuals. Then the way to do this is to make the cost of sending mass mail more expensive than sending only a few here and there. In short, we need a way to prevent the use of the $19.95 throw-away account that is used to send the vast majority of spam. Let's face it, only the biggest of the hardcore spammers are willing to pay out for dedicated lines. How about something along the lines of dial accounts having their outgoing SMTP connections rate limited to, oh, let's say 100 per day, and limiting the maximum number of recipients on any given email to some low number, say 5? A customer reaches the limit, the account auto-rejects all email for 24 hours. Someone bitches? Let them buy full rate dedicated services, with the first month, last month, and a security deposit up front before service is established. -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: anybody else been spammed by "no-ip.com" yet?
On Sat, 4 May 2002, Eric A. Hall wrote: > Uh, thanks. The government has all kinds of property protection laws. My > mail spool is my property. Do the math. Your car is your private property as well, but if you park it in a public place, with the engine running, and offer every passerby the opportunity to use it at no cost or obligation, "the government" is not going to help you get the car back when someone takes you up on your offer. > Laws are a necessary first step and will have the most positive effect. > Micropayments won't be needed if the right laws are passed. Given the > history, the biggest problem with the legal approach is that congress will > pass a bad law instead of the one they need to, which is to extend the > TCPA to include spam. Yeah, another unenforceable law that nobody will give a shit about, except when it's time to pay for the [non-enforcing] "enforcement agents" (tax time). -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: anybody else been spammed by "no-ip.com" yet?
On Sat, 4 May 2002, Mr. James W. Laferriere wrote: > Theft/Taxes nearly the same . ;-) JimL Really? What's the difference? > >+--+ >| James W. Laferriere | SystemTechniques | Give me VMS | >| NetworkEngineer | P.O. Box 854 | Give me Linux | >| [EMAIL PROTECTED] | Coudersport PA 16915 | only on AXP | >+--+ > > -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: anybody else been spammed by "no-ip.com" yet?
On 4 May 2002, Robert E. Seastrom wrote: > It does not cost "very little" to recieve spam. It costs the end-user very little to recieve spam. > At my real job (ie, > not seastrom.com), we're running a very nice (but expensive) > commercial product to filter this stuff, and in a given time quantum > during which we processed 1.9 million messages, spam and virii > accounted for about 600k (32% was the last number I saw from our stats > script). It's reasonable to assume, since some unwanted messages slip > through, that we're over a third of all email being UCE. > > So we have a choice: pay for the (very nice but expensive) commercial > product, or add forty percent to our mail spool disk farm and extra > cpus and ram in the mail server farm to deal with the additional > influx. In the numbers we're talking about, bandwidth costs become > measurable too. Whether we like it or not however, this is a cost of doing business now, and is a normal part of determining your cost of goods sold (at least it *should* be). > Spam is theft, plain and simple. Spam is a reality that none of us, either alone or in concert, will ever be able to eradicate. That makes the general gnashing of teeth == tilting at windmills. Our time is probably the most expensive part of an ISPs "spam cleanups" budget - automating a filter system (for those who specifically ask for it, of course) via the purchase of services from Vixie or your favorite equivalent is likely to be a reasonably inexpensive alternative to having us spinning our wheels. > ---Rob -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Effective ways to deal with DDoS attacks?
On Thu, 2 May 2002, Christopher L. Morrow wrote: > On Wed, 1 May 2002 [EMAIL PROTECTED] wrote: > > > > True DDoS attacks, fortunately, are rarer than most people believe. If they > > were not, the Internet as we know it would look a lot more like a telephone > > system in USSR-at-it's-worst-days. For example, of the two recent DDoS's I > > have been on the receiving end of, the first was generating a little over > > 300mbit/sec (steady for a prolonged time), and the second went over that by a > > fair bit. In both cases, we had core equipment (M20's and BSN5000's) fall > > over and die trying to "work" the events. Additionally, our upstream peers > > Your M20 tipped over?? What were you doing? We regularly stop large > (+100Mb->800Mb) attacks with less horsepower than this. Truthfully, a > cisco is even capable of filtering (done right) at +200kpps... I'm sorry, I was not clear here... The M20 does great at simply pushing this load to discard, but the overhead of what we were trying to do (extensive filter lists to try and begin backtracing the actual skr1pt k1dd13 origin) was too much. There is simply no good way to get back to the ultimate source of truly distributed DoS attacks, which is, IMHO, the reason these attacks are so prevalent - no fear of prosecution, no matter how much collateral damage is inflicted. > > also had core equipment fall over, and we all came the [now obvious] > > conclusion that the only way to stop these attacks was to completely null > > route ourselves at our upstreams (they tried filter-fishing for specific data > > which may have helped our investigation, but when their routers started > > wheezing, we gave them the OK to just send us straight into the bit bucket > > till it was over... > > > > Hmm, this highlights the need to learn how to use the equipment, learn its > boundaries and learn defenses inside these boundaries... In the larger picture, my concern is with finding the source, so I can prevent recurrence - a paradoxical problem considering that the short term goal is to just stop the attack... > > -Chris > > -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Effective ways to deal with DDoS attacks?
On Wed, 1 May 2002, Pete Kruckenberg wrote: > There's been plenty of discussion about DDoS attacks, and then again, there has been much discussion on simple DoS attacks, where the term DDoS is erroneously used... I am very much not trying to imply that this is the case here, but it's important that the two be thoroughly distinguished from each other - they are totally different things to deal with. > and my > IDS system is darn good at identifying them. Chances are your IDS is detecting simple DoS, or maybe tiny scale DDoS. Full DDoS attacks do not require and IDS to detect ;-) In fact, if your IDS doesn't tip over under the load of a full blown DDoS, I'd sure like to know what it's using for an engine... > But what are > effective methods for large service-provider networks (ie > ones where a firewall at the front would not be possible) to > deal with DDoS attacks? True DDoS attacks, fortunately, are rarer than most people believe. If they were not, the Internet as we know it would look a lot more like a telephone system in USSR-at-it's-worst-days. For example, of the two recent DDoS's I have been on the receiving end of, the first was generating a little over 300mbit/sec (steady for a prolonged time), and the second went over that by a fair bit. In both cases, we had core equipment (M20's and BSN5000's) fall over and die trying to "work" the events. Additionally, our upstream peers also had core equipment fall over, and we all came the [now obvious] conclusion that the only way to stop these attacks was to completely null route ourselves at our upstreams (they tried filter-fishing for specific data which may have helped our investigation, but when their routers started wheezing, we gave them the OK to just send us straight into the bit bucket till it was over... > Current method of updating ACLs with the source and/or > destination are slow and error-prone and hard to maintain > (especially when the target of the attack is a site that > users would like to access). We captured several seconds of the last DDoS and came up with over 700 participating hosts... > > A rather extensive survey of DDoS papers has not resulted in > much on this topic. > > What processes and/or tools are large networks using to > identify and limit the impact of DDoS attacks? A great deal of thought is being expended on this question, I am certain, however, how many of these thought campaings have born significant fruit yet, I do not know. > Thanks. > Pete. -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
RE: CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
On Thu, 25 Apr 2002, Deepak Jain wrote: > Is it really hard to believe that the Chinese government would actively fund > cyberterrorism? > > Deepak Jain > AiNET No harder than it is to believe that the US Govt would actively fund [cyber]terrorism... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: The Myth of Five 9's Reliability (fwd)
On Wed, 24 Apr 2002, Art Houle wrote: > Date: Wed, 24 Apr 2002 16:51:53 -0400 (EDT) > From: Art Houle <[EMAIL PROTECTED]> > To: Pete Kruckenberg <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: Re: The Myth of Five 9's Reliability (fwd) > > > > How to calculate uptime and get 5 9s > > -do not include any outage less than 20 minutes. > -only include down lines that are actually reported by customers. > -when possible fix the line and report 'no trouble found'. > -remember that your company is penalized by the FCC for bad ratings, so > don't report any problems that you do not have to. - Every ticket goes to "Open-Fixed" before hanging up... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: NANOG on Trial
On Mon, 8 Apr 2002, Conrad A. Rockenhaus wrote: > > > > naa.. my job in the new company is to make ideas and provide a > > public face to the company.. a 14 year old selling enterprise hosting > > looks good on Leno > > Come on now, he's one of those 14 year old wonder kids that will change > the way we think of the Internet, go Generation "Y" > > Gotta admit it's an unusual choice for a "public face" though. -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: NANOG on Trial
> I think we can make money offering gig-e at the cost of a T1 I'll take two :-) -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Best provider to use ?
On Sat, 6 Apr 2002, [EMAIL PROTECTED] wrote: > Out of the Tier 1s who is the best to use ? > > Thanks. Please don't feed the trolls... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Anyone ever used calpop.com?
On Sat, 6 Apr 2002, Mark Kent wrote: > >> Has anyone ever had any experiences with calpop.com for > >> colocation services? > > Are they Savvis, or just pretending to be Savvis: They are a stand-alone Savvis customer. I am not certain if they are multihomed at this time. > a) the contact for calpop.com is someone at hotmail.com > b) both calpop.com nameservers are on the same /24, likely >plugged into the same switch and same power supply > c) both calpop.com nameservers report only one NS record, >which is a third machine sharing the same characteristics >as in b) > d) The TTL is one hour... I guess that's so they can pick up and >move to, say, an XO data center real fast. I understand they have a distinct reason for (d). > I think calpop.com is a cabinet inside a Savvis co-lo, > not that there's anything wrong with that. If you believe they are colo'd at a Savvis data center, then where did you get (b) from? > -mark I have had indirect dealings with Calpop over the last 8 months or so. They are without question a very small shop, however, that may be a plus or a minus, depending on your goals. If you are looking for a no red tape cheap colo, I personally would consider Calpop, as they have always been amazingly responsive when I've dealt with them. If OTOH, you are looking for a penetration proof, fingerprint entry, 24 hour a day guarded facility, you should not be looking at the small guys... -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: solutions to the spam problem
On Wed, 3 Apr 2002 [EMAIL PROTECTED] wrote: > Someone has done an Apnic registration for rfc1918 private IP space. > What this has to do with solving spam problems is still a mystery to > me...unless someone is suggesting spammers (or perhaps all of Korea) > should be assigned non-routable IP space. Well, it *would* solve a *lot* of problems! :-) -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Help with bad announcement from UUnet
On Fri, 29 Mar 2002, Anne Marcel Roorda wrote: > Having a support model in which anyone can call any NOC about a > problem they're having does not scale very well. How about a model where any large (multiple OC12s) CUSTOMER can call a NOC about a problem they're having??? -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: Need Verio Contact
On Wed, 13 Mar 2002, Majdi S. Abbas wrote: > On Wed, Mar 13, 2002 at 10:37:37AM -0600, [EMAIL PROTECTED] wrote: > > Does anyone have current contact info for VERIO NOC or Engineering? > > "puck" data is completely out of date, as is my internal lists. > > [EMAIL PROTECTED] is out of date? To all of you who responded as above, I was [obviously] unclear: I needed telephone contact - the entry has been updated on puck. Thanks! > --msa > -- Yours, J.A. Terranson [EMAIL PROTECTED]
Need Verio Contact
Does anyone have current contact info for VERIO NOC or Engineering? "puck" data is completely out of date, as is my internal lists. Thanks! -- Yours, J.A. Terranson [EMAIL PROTECTED]