Re: phone fun, was GeoIP database issues and the real world consequences
On 4/14/2016 16:01, John Levine wrote: OK, let us suppose I want to be a law biding, up right American and use only a cellphone for the "right" area. I drive a big truck OTR. I usually know what part of which state I am in, but I frequently do not know which part of what state I will be in in 24 hours. What should I do? As previous messages have explained, mobile 9-1-1 uses a variety of GPS and tower info to determine where you are. Telcos, stupid though they may be, have figured out that people with mobile phones are likely to be, you know, mobile. If you drive a big truck, you're likely to spend a lot of time on major highways, and many of those highways have signs that tell you what to dial to contact the appropriate police for that road, e.g. *MSP on the Mass Pike. I understand all that. I quoted somebody as saying that some percentage of people use a cellphone in the wrong area code. I want never be caught in the wrong area code in my nomadic life. I think my best shot is to convince people that telephone numbers are not addresses of people and like my SSAN is assigned by somebody, I don't care who.
IP => Location on the planet
No follow up required or expected. FYI geo-location fans. While sitting on a toilet in a hotel in Kansas City, Missouri, US of A, I chanced to log-on to Facebook from my Kindle, and the lap-top in the on the desk in another room, Facebook alerted that I had logged on from Caracas, Venezuela. I have not checked--we might be in the same time-zone.
Re: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0)
Jean-François Mezei wrote: I have a big problem with politicians making technical decisions that may look good at the politicial level but make no sense at the technical level. Works in the financial world, doesn't it. -- Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Hey ISC, thanks for providing free wifi to intercage!
Noel Butler wrote: [nothing worth having been forwarded several times] I'm sure I'll get a nastygram from the kabal for this, but just out of curiosity, why is talking about broken network protocols and other stuff off topic, but talking mindlessly and endlessly about mindless and pointless drivel (quoting the whole history of the thread with each entry , top posting to remove whatever residual content there might have been) is not?
Re: Hey ISC, thanks for providing free wifi to intercage!
Joe Abley wrote: How about moving the meta-nanog themes in this thread to nanog-futures, instead of adding to the noise on the main list? Because nobody reads it?
Re: 143.228.0.0/16 and house.gov
Ernie Rubi wrote: whaddayathink? I think the house is run by the same folks that can't run a party-line vote. I'm surprised they have electric power.
Re: Go daddy mail services admin
Blake Pfankuch wrote: Could I get a godaddy mail admin to contact me off list? Ive been working with a client who has a hosted website and mail services and lost the ability to communicate with their SMTP server about 6 weeks ago. Been through about 4 hours on the phone with Godaddy Support and Comcast. Just out of curiosity--which port is your client using?
Re: breadcrumbs and collusion
[EMAIL PROTECTED] wrote: However, it makes little sense to close your gate to keep the stray dogs out of your yard, if they can just come in via your neighbour's gate and climb over the fences. It makes a lot of sense. Having closed your gate, and discovered a stray dog in your back yard, you can call the animal control people and they stand a good chance of catching that stray dog. Like most NANAE ...eerrr...NANOG metaphors this one is broken. We are not talking about stray dogs, were are talking about bad behaviour. If I keep them from dealing that stuff in my parking lot I do several things, in approximate priority order: My clean customers don't have to suffer any effects of the bad guys being on my lot. The bad guys learn it is not a good place to try to deal. The Law knows one place they don't have to worry about.
Re: a vernier of civilization...
Marshall Eubanks wrote: Dear Randy; On Sep 25, 2008, at 10:59 AM, Randy Bush wrote: I am not sure if NANOG is set up to do an attitude adjustment on civilization... it keeps trying. thunderbleep scorned verneer, so i tried ier and it worked. Yes, I knew this was a typo, but I figured a little levity couldn't hurt this depressing thread. The thread is more about plating a turd.
Re: Where to move the Intercage/Atrivo discussion
Justin Shore wrote: Since the usefulness of this thread to NANOG is becoming less and less as the thread wears on, where would the NANOG community suggest that it be moved to? Kind of a custom-fit for NANAE, isn't it?
Re: Silly PUCK/Outages question
Tuc, stuck on puck wrote: I hate to use NANOG for outages... But can anyone else get to puck.nether.net or the outages.org list? outages.org doesn't even resolve here (cox in Omaha).
Re: Atrivo/Intercage: NO Upstream depeer
Emil Kacperski wrote: It's true that David from PIE disconnected our link approx 9pm or so yesterday. Things were going perfect, no complaints for a few weeks now. The only thing I believe is that NTT gave lots of pressure to PIE. For some unknown reason when I tried to reach out to the security guy at NTT he basically said our contract is with PIE. Some days the dragon wins, some days the knight does.
Re: Atrivo/Intercage: Now Only 1 Upstream
Some people would really like email to be as reliable as possible, even if that means they have to wade through a lot of spam. By what twisted logic can a system where desired email is found when they have to wade through a lot of spam? Have you ever inadvertently deleted a desired item in the middle of a delete-yes-delete-yes-delete-yes-delete-yes-delete-yes-delete-yes sequence that went on for a lot of spam? How many times? Did you recover all of the desired items? How do you know that? To me a reliable system is one that delivers what I want and only what I want every time. And having to pick the pepper out of the flysh*t is not my idea of reliable.
Re: Mechanisms for a multi-homed host to pick the best router
Cayle Spandon wrote: I have a server which is multi-homed to N routers as shown below: +---+ R1---| | | | R2---| | ... | S | | | Rn---| | +---+ This server is a host; it is not a router in the sense that it will never forward any packets (but it might run routing protocols as discussed below). This is going to be the stupid question of the day, but unless you have a route policy (in which case, what was the question again?) why would you not sent the reply out the same spigot you go the request on?
Re: duplicate packet
Sebastian Abt wrote: * chloe K wrote: When I ping the ip, I get the duplicate 64 bytes from 192.168.0.95: icmp_seq=1 ttl=63 time=0.344 ms 64 bytes from 192.168.0.95: icmp_seq=1 ttl=63 time=0.401 ms (DUP!) What's your netmask? Is 192.168.0.95 your net's broadcast address? Ohhh! Nice catch!
Re: Teleglobe appears to be spam-source zombie network?
Randy Bush wrote: Jo Rhett wrote: We started getting a flood of autobot spam to our listed abuse mailbox about an hour ago out of Teleglobe. Trying to find someone to shut this down has found that 1. Teleglobe has no listed abuse contacts for any of their netblocks 2. The few of their records which have listed e-mail addresses all bounce 3. All listed phone numbers on any netblocks we can find are invalid Any chance that RIPE is more strigent than ARIN and would pull their netblocks until they fix this stuff? why don't we just have dick cheney bomb them? Obama seems to be tyhe one bombing now.
Re: GLBX De-Peers Intercage [Was: RE: Washington Post: Atrivo/Intercag e, w hy are we peering with the American RBN?]
[EMAIL PROTECTED] wrote: On Mon, 01 Sep 2008 08:48:12 -, Paul Ferguson said: Is this an issue that network operations folk don't really care about? If somebody's paying you $n/megabyte for transit/connectivity, what's your incentive to make them clean up their act and get rid of their P2P filesharing traffic, spam traffic, and so on? What is your price for cocaine?
Re: GLBX De-Peers Intercage [Was: RE: Washington Post: Atrivo/Intercag e, w hy are we peering with the American RBN?]
Steven M. Bellovin wrote: On Mon, 01 Sep 2008 11:08:20 -0400 [EMAIL PROTECTED] wrote: a) There exist providers that are willing to take money from scum. b) We won't get rid of the scum until we admit (a) is true. I mostly agree with you -- but I get very worried about who defines scum. Who defines scum when you get the email announcing a solution to your most urgent sexual problems? Who defines scum when the guy shows up at your office with a lot of the world's finest wrist watches for sale at unbelievably low prices? Who defines scum when you get the pallet of toner nobody remembers ordering? Who defines scum when the seedy character you never met before shows up to take your daughter out?
Re: Is it time to abandon bogon prefix filters?
Randy Bush wrote: in the field != untouched/unloved i contend that all one's routers should be rigorously configured as programmatically as possible. It seems to me that those are the routers where the filtering of both packets and routes is easiest and most effective. If every such router (which almost be definition knows what source addresses and routes are legitimate) filtered out all the crap, there would not be much crap getting to the DFZ. Too hard. I don't think so. When I administered a /16 with only a hundred or so such routers, a simple skeleton config-file-base allowed quick construction of a config file at installation--which was then rarely touched ever again. (We did log at a central location and used SNMP monitors for supervison.) -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Is it time to abandon bogon prefix filters?
Robert E. Seastrom wrote: Steven M. Bellovin [EMAIL PROTECTED] writes: Security? Remember that availability is a security issue, too. It never ceases to amaze me how many security people walk around oblivious to this basic notion. But of course! The most secure object is one nobody knows about and can't get to anyway. That is the whole point!
Re: impossible circuit
George Carey wrote: Since your fix was layer 2 you might be onto something. And you have the time it happened, and as we all know - somebody changed somethin' even if they won't fess up. I have not pencil-and-papered this to see if there is anything to it, but I was wondering what would happened if you put a layer-two bridge into a back-bone fabric and turned off learning so every packet is flooded to every port. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Is it time to abandon bogon prefix filters?
Leo Bicknell wrote: Have bogon filters outlived their use? Is it time to recommend people go to a simpler bogon filter (e.g. no 1918, Class D, Class E) that doesn't need to be updated as frequently? Seems like filtering against those could be done on the backplane, so to speak. One of the things that has always puzzled me is this: In the default-free zone, why is necessary to filter _against_ anybody? Seems like traffic for which there is no route would at most be dumped to an error-log someplace. For folks with a default route, I have long advocated (with no success what ever) filtering against stuff like the above, your own networks as sourced somewhere else, such. I also think a central blacklist a la spamhaus for networks makes sense. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Great Suggestion for the DNS problem...?
Colin Alston wrote: Why does it use UDP? :P Faster? Smaller? Less code to break? No perceived need for state? -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: So why don't US citizens get this?
Oh, but that's different. They were important. What is the key criterion here for identifying odious off topic correspondents and the public naming thereof?
Re: So why don't US citizens get this?
D'Arcy J.M. Cain wrote: On Sun, 27 Jul 2008 09:29:38 -0500 (CDT) Joe Greco [EMAIL PROTECTED] wrote: The key thing in that definition is the lack of government intervention in its various forms. That's D'Arcy's point. Where there is government subsidy, regulation, or other intervention, it cannot be described as a free market. Actually, it could... but you have to understand the situation better. Ah. I didn't realize that I just didn't understand the situation as well as you. Thanks for setting me straight. If you call a tail a leg, how many legs does a dog have? Four. Calling a tail a leg doesn't make it one. Abraham Lincoln You don';t watch television much do you. Especially the news. We are well past 1984. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: So why don't US citizens get this?
[EMAIL PROTECTED] wrote: bGuy_Shields at Stream.Com lt;/ba href=mailto:nanog%40nanog.org?Subject=So%20why%20don%27t%20US%20citizens%20get%20this%3Famp;In-Reply-To=; title=So why don't US citizens get this?[EMAIL PROTECTED]/abgt; said at /biSat Jul 26 23:00:47 UTC 2008brgt; /iWe do its called FIOS.brbrAFAIK they don't offer affordable 100mbps symmetric connections though via their fiber to house service... ;)br -- No, this email's not real, it's http://deadfake.com What in the world does that say? -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
Jorge Amodio wrote: /etc/hosts rulez !!! :-) Wonder if SRI wstill has the files. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: DNS and potential energy
Tony Finch wrote: So you say the solution for bad regulation is more regulation. Been the liberal-socialist mantra for eons. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: can all current nanog threads move to nanog-ot@ plz?
Paul Vixie wrote: here's how it looks just before i hit the catch up button. Damn! All that operational stuff on NANOG. Whodathunkit?!
Re: what problem are we solving? (was Re: ICANN opens up Pandora'sBox of
Paul Wall wrote: [bagged and tagged] P,K,B.
Re: Mail Server best practices - was: Pandora's Box of new TLDs
Stephane Bortzmeyer wrote: It is because, if someone reports (by telephone, IRC or IRL) that he sent an email and I did not receive it, I regard as VERY IMPORTANT to be able to check the spam folder (with a search tool, not by hand) and go back to him saying No, we really did not receive it. In a professional environment, I would not accept the idea of email disappearing without being able to recover it. In my view of a professional environment (what ever that turns out to mean) a log file would enable that, without any of the problems holding mail text might engender. Did you get the email from...to...? Yes Please tell the court what it said. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: NANOG Digest, Vol 5, Issue 92
mack wrote: In 25 years a name will map to .com or be irrelevant with the current proposal. I would be happy to be proven wrong but time will tell. And of course by then all but BGP (between routers) and HTTP will have been blocked as security risks. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: Expired SSL cert for mms.nexteldata.net
Jay R. Ashworth wrote: According to my Blackberry, it expired last night at midnight UTC. Is this the end of the world, then? -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: OS, Hardware, Network - Logging, Monitoring, and Alerting
Rev. Jeffrey Paul wrote: Hi. I've a (theoretically) simple problem and I'm wondering how others solve it. Taken one at a time, mos of them are simple. Most of life is like that. 1) Is SNMP the best way to do this? Obviously some of the data (service checks) will need to be collected other ways. I've actually been out of the admin biz for some time but back in the day I was very found of SNMP tools for all sorts of reporting. For output I liked MRTG for most things, WhatsUpGold had some nice features if you would rather pay money. For alarms, I used some unix hack or another (home-made). I also used home-made hacks to gather data about things that did not have a suitable SNMP interface. 2) Is there any good solution that does both logging/trending of this data and also notification/monitoring/alerting? I've used both Nagios and Cacti in the past, and, due to the number of individual things being monitored (3-5 items per OS instance, 5-10 items per physical server, 10-50 things per network device), setting them both up independently seems like a huge pain. Also, I've never really liked Nagios that much. See MRTG, RRD, et al. I recently entertained the idea of writing a CGI that output all of this information in a standard format (csv?), distributing and installing it, then collecting it periodically at a central location and doing all the rrd/notification myself, but then realized that this problem must've been solved a million times already. There's got to be a better way. What do you guys use? I had the luxury of management that thought managing was a good idea, so I had a machine pretty much dedicated to systems management and all the machines (including routers, bridges, hubs, and such) reported to it. We had a web interface to the MRTG and MRTG-like presentations. (I'm not opposed to non-free solutions, provided they work better.) Just before the fired me for being too old, they bought all the HP and cisco stuff in the world. I do not recommend any of it. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs
Re: [Outages] Outages have an Outage? (fwd)
Gadi Evron wrote: Lightning storm, subsequent commercial power failure. UPS not up due to restructing. How does it go...For the want of a nail... Nope ... The cobblers son Maybe that is the one. We are working on getting backup servers alive, as to DNS we used to secondary at vixie's, but due to IP changes and movements removed that for now. A comedy of mistakes. Funny unless you are explaining it to the boss. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actioInfallibility, and the ability to learn from their mistakes. Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs