Re: [Nanog-futures] Media at NANOG conferences
Steve Meuse said the following on 18/7/08 06:47: Philip Smith expunged ([EMAIL PROTECTED]): We'd like to hear the community's opinion on this. We've drafted a Media Policy based on what other events like ours do; see the attachment below... Any opinions? Constructive suggestions? I'm not very comfortable having the media at the meeting. There is a certain amount of free trade of information and ideas that flows and having the media may stifle that. Fair point. However, we have nothing prohibiting the media from attending at the moment; we just expect them to pay full fare like everyone else. At San Jose, at one of the after parties, I was in a conversation with another engineer when someone joined our conversation and didn't identify herself immediately. After about 15-20 minutes she handed me a card, she was a reporter for one of the local San Jose papers. I started to freak out a little...what have I said out loud over the past 15 minutes!. I know the feeling...! :-( philip -- ___ Nanog-futures mailing list Nanog-futures@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-futures
Re: Independent Testing for Network Hardware
Isocore is good, but there are many others to choose from: Network Test, ExtremeLabs, Miercom, Core Competence, Opus One, in no particular order. I can personally recommend all of those (I have no experience with Tolly so I can't recommend them). If you are really interested in application performance, a lab is probably a better choice than a hardware purchase since they can help you interpret the results, especially if you'll be like most test equipment users (having test equipment used more than 10% of the time is rare). The results you'll get from Ixia's and Spirent's load testing tools are pretty cut and dried...very straightforward to interpret but depending on your application maybe relatively meaningless. For application performance, there are many tools you could consider, many of which are very specialized and thus don't have broad applicability. I'd recommend talking to any of the labs above and see what kind of testing they would use in a given situation before you run out and buy some test equipment. Good luck! On Mon, Jul 21, 2008 at 10:09 AM, Tomas L. Byrnes [EMAIL PROTECTED] wrote: For independent testing, Kevin Tolly's been at it a long time, and has shown himself to be fair. http://www.tolly.com/ -Original Message- From: Sean Hafeez [mailto:[EMAIL PROTECTED] Sent: Friday, July 18, 2008 2:07 PM To: Frank P. Troy Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Independent Testing for Network Hardware IXIA makes a nice product depending on what you want to do. I have one here with some 10G line cards. -Sean On Jul 10, 2008, at 3:02 PM, Frank P. Troy wrote: I can recommend Isocore http://www.isocore.com/ (the same folks that run the MPLS conference). Talk to Rajiv Papneja [EMAIL PROTECTED] Regards, Frank Frank P. Troy 703-396-8700 [EMAIL PROTECTED] - -Original Message- From: Brian Knoll (TT) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2008 11:16 AM To: [EMAIL PROTECTED] Subject: Independent Testing for Network Hardware Can anyone recommend a reliable independent testing company that tests network hardware performance? We are considering buying testing hardware (right now we are looking at Spirent TestCenter) and I wanted to see if there were other options... Brian Knoll
Re: SANS: DNS Bug Now Public?
matasano blogged about it cache of the original post here.. http://beezari.livejournal.com/ matasano apologizes here http://www.matasano.com/log/1105/regarding-the-post-on-chargen-earlier-today/ dan posts (13 - 0) 13 days left to blackhat opposed to the 0 days since the details were discussed http://www.doxpara.com/?p=1176 halvar flake speculation http://addxorrol.blogspot.com/2008/07/on-dans-request-for-no-speculation.html post on daily dave http://seclists.org/dailydave/2008/q3/0070.html On Tue, Jul 22, 2008 at 8:40 AM, Jon Kibler [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SANS is reporting that Kaminsky's DNS bug may be now being exploited in the wild. See: http://isc.sans.org/diary.html?nstoryid=4765 Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkiF1T8ACgkQUVxQRc85QlMN1ACfTR8oJRy2V27+c5PjERcUjgIU evAAn1sDR9xMc1bEmTeygXl7QkF9er2T =eqbc -END PGP SIGNATURE- == Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Re: SANS: DNS Bug Now Public?
It has been public for a while now. Even on the print media, there are some articles about it on the latest Computerworld mag without giving too much detail about how to exploit it. ie PATCH NOW !!! Cheers Jorge
OIX Routeviews
Excuse the OT post, I can't seem to send mail to routeviews.org and this is a last resort. A while ago, David Meyer asked if anyone was still using the sho ip bgp format rib on routeviews.org. For a few months the rib dump process has been broken. Are the sho ip bgp ribs gone for good? jas
Re: OIX Routeviews
Jason, Excuse the OT post, I can't seem to send mail to routeviews.org and this is a last resort. Did you try [EMAIL PROTECTED] In any event... A while ago, David Meyer asked if anyone was still using the sho ip bgp format rib on routeviews.org. For a few months the rib dump process has been broken. Are the sho ip bgp ribs gone for good? No, the 'show ip bgp' RIBs aren't gone. We're just not screen scraping them from route-views.routeview.org any longer, Rather, John Heasly wrote some code that generates 'sh ip bgp' format from the MRT RIB dumps. These can be found on archive.routeviews.org. Let us know if you can't find what you need. Thanks, Dave signature.asc Description: Digital signature
Pretty Good BGP on Quagga
All, We just wanted to let you know that Pretty Good BGP (PGBGP) is now available for Quagga. The Internet Alert Registry (IAR) has been running it stably for a few months now and we wanted to open it up to early adopters. Overview: PGBGP is a distributed security mechanism for BGP that attempts to avoid prefix hijacks, sub-prefix hijacks, and spoofed paths. Each router individually computes its own idea of the origin ASes for each prefix based on the past few days of routing announcements. Routes for prefixes with new origin ASes are labeled as anomalous and are depreferenced for 24 hours, using the more trusted (stable) routes where possible. New links are also considered anomalous, as well as new sub-prefixes. New sub-prefixes are dealt with by choosing paths to the trusted less specific when possible for 24 hours. Opt-in emails are sent to operators to inform them of anomalies, to help them identify and fix the problem (if any) within the 24 hours. Hardware overhead: Running PGBGP requires roughly ~20MB of extra RAM. Adding additional BGP sessions does not significantly affect PGBGP memory usage. CPU requirements are minimal. Routing performance: Sometimes, PGBGP will select an inferior path in order to avoid an anomalous route. Our studies have shown that typically, anomalous routes are short lived (e.g. due to convergence churn). On the IAR, of the available 1,546,996 routes in the RIB, 5,111 of them are anomalous at the time of writing this email. There are corner cases in which PGBGP could cause loss of reachability, and they are discussed in the papers. Documentation, papers, links to NANOG presentations, and the patch itself are available at the project's webpage: http://cs.unm.edu/~karlinjf/pgbgp/ If you're interested in PGBGP or would like to help further BGP security research, please give it a try and let us know that you're running it. We'd be happy to entertain suggestions, discuss the protocol, and provide support. Thanks for your time, Josh