On Tue, May 07, 2002 at 01:13:34AM -0400, Mike Joseph wrote:
> The major problem I see with this is the need to verify that the
> spamvertised site actually requested or paid for the spam. After all,
> what's to prevent me from spamming in the name of xyz.com just so I can
> see them shutdown?
On Mon, 6 May 2002, Scott Francis wrote:
> On Sat, May 04, 2002 at 06:01:49PM -0600, [EMAIL PROTECTED] said:
> [snip]
> > Passing laws and putting on filters don't work. Depending on each mail
> > server admin to do the right thing doesn't work. We need to find
> > something else that will.
>
Once upon a time, Richard A Steenbergen <[EMAIL PROTECTED]> said:
> Don't confuse the rantings of a nutcase and his T1 with useful information
> about DoS. I have to admit I like the direction the made up acronyms are
> going though, can we have MS-DOS next? :)
You mean MicroSoft Denial Of Ser
Stephen Griffin wrote:
> where for RPF, or traditional traffic filter is
> access-list foo {permit|deny} ip source wildbits dest wildbits
Hrrmm, since uRPF checks only the source address, the "standard ACL"
seems most appropriate to me.
> I guess you could use a "standard acl" however I wouldn'
On Mon, May 06, 2002 at 05:15:25PM -0600, Pete Kruckenberg wrote:
>
> I finally found a paper on this type of attack.
> http://grc.com/files/drdos.pdf and
> http://grc.com/dos/grcdos.htm describe the attack and a few
> possible defenses, though they are about as ineffective as
> most other DDo
In the referenced message, Steven W. Raymond said:
>
> Stephen Griffin wrote:
> > > > Tell them they will need to register their routes in the IRR, even if they
> > > > don't necessarily advertise all or any of them. Build your exceptions
> > > > based upon the irr, as for all bgp-speaking custo
On Mon, 06 May 2002 19:31:47 EDT, Ralph Doncaster said:
> 99+% of SPAM. i.e. the first email from a particular remote server that
> is received, requires the sender to take some action (respond with a
And the mailing list you just subscribed to clicks on the URL *how*?
Across the hall we got a
On Mon, 6 May 2002, Ralph Doncaster wrote:
> Actually, my analysis of spam seems to indicate authentication of remote
> SMTP servers through a process similar to joining this list would remove
> 99+% of SPAM. i.e. the first email from a particular remote server that
> is received, requires the
On Mon, 6 May 2002, [EMAIL PROTECTED] wrote:
> On Mon, 06 May 2002 19:04:11 EDT, Ralph Doncaster said:
>
> > IP Tunneling - it often makes more sense to send packets out that have a
> > source address reachable only through the tunnel.
>
> But aren't those source addresses hidden *inside* the
An example of challenge/response email authentication.
http://www.myprivacy.ca/
-R
-Original Message-
From: Ralph Doncaster [mailto:[EMAIL PROTECTED]]
Sent: May 6, 2002 7:32 PM
To: Scott Francis
Cc: Forrest W. Christian; [EMAIL PROTECTED]; Eric A. Hall; [EMAIL PROTECTED]
Subject: Re: an
On Mon, May 06, 2002 at 07:31:47PM -0400, Ralph Doncaster wrote:
> Actually, my analysis of spam seems to indicate authentication of remote
> SMTP servers through a process similar to joining this list would remove
> 99+% of SPAM. i.e. the first email from a particular remote server that
> is re
On Mon, 06 May 2002 19:04:11 EDT, Ralph Doncaster said:
> IP Tunneling - it often makes more sense to send packets out that have a
> source address reachable only through the tunnel.
But aren't those source addresses hidden *inside* the encapsulation, and
what's visible to routers are the source
On Mon, 6 May 2002, Scott Francis wrote:
> On Sat, May 04, 2002 at 06:01:49PM -0600, [EMAIL PROTECTED] said:
> [snip]
> > Passing laws and putting on filters don't work. Depending on each mail
> > server admin to do the right thing doesn't work. We need to find
> > something else that will.
>
> On Wed, 1 May 2002, Pete Kruckenberg wrote:
>
> I finally found a paper on this type of attack.
> http://grc.com/files/drdos.pdf and
> http://grc.com/dos/grcdos.htm describe the attack and a few
> possible defenses, though they are about as ineffective as
> most other DDoS defenses.
Has NAN
On Sat, May 04, 2002 at 06:01:49PM -0600, [EMAIL PROTECTED] said:
[snip]
> Passing laws and putting on filters don't work. Depending on each mail
> server admin to do the right thing doesn't work. We need to find
> something else that will.
I'm beginning to think that fighting the spam itself i
On Wed, 1 May 2002, Pete Kruckenberg wrote:
> We experience a lot of types of attacks
> ("education/research network" = "easy hacker target").
> With DDoS incidents, it seems we are more often an
> unknowing/unwilling participant than the target, partly
> due to owning big chunks of IP address
As I already pointed out, I never passed a packet to Cogent. They were
ready to provide service before I was ready to start using it. I paid
setup, 1st month service, and then some.
And your computer analogy is totally ridiculous. The only "service" I
ever actually used was a /22 of IP space.
> What's NANOG's opinion: assuming that uRPF is implemented on all
> customer interfaces, are there any legitimate purposes for a customer to
> forward packets with source IP addresses not currently routed by the
> transit provider towards the customer (either static or BGP)?
IP Tunneling - it o
Well don't forget its a two way street. If a customer isn't paying
their bill then its the provider getting screwed. There is no insentive
or in fact good reason to be helpful to this person. I won't be helpful
to someone who decides to switch services and not pay me, ever! On the
other h
Stephen Griffin wrote:
> > > Tell them they will need to register their routes in the IRR, even if they
> > > don't necessarily advertise all or any of them. Build your exceptions
> > > based upon the irr, as for all bgp-speaking customers.
> >
>
> not route-filtering. You use the irr-data to po
But it would seem that given the attitude many have expressed here of "if
they're not your customer any more, screw 'em.", then relying on the honor
system is unwise.
Ralph Doncaster
principal, IStop.com
div. of Doncaster Consulting Inc.
On Mon, 6 May 2002, Daniel Golding wrote:
>
> Inde
Grant,
On 5/6/02 11:03 AM, "Grant A. Kirkwood" <[EMAIL PROTECTED]> wrote:
>> Just how big should the DFZ be?
> What are we trying to solve here?
Solve? I wasn't under the impression that anyone was trying to solve
anything. Venting of unhappiness, perhaps? But perhaps I'm too cynical...
> A
On Mon, May 06, 2002 at 11:45:38AM -0600, Christopher E. Brown wrote:
>
> Hoping some of you can send me suggestions on Datacenter/CoLo
> facilities in the Virginia/DC/Maryland area that can support
>
> 20 Racks
>
> Multiple providers capable of a minimum of DS3 level service (OC3s
> available
Indeed, you have hit upon one of the significant weaknesses of the ARIN IP
registry system - that it relies largely upon the integrity of it's members,
in order to properly issue and conserve address space. ARIN is largely based
upon the honor system, with one "check" on the potentially dishones
Pressure from Cogent? I'm not sure Cogent had to apply any pressure to
Peer1. Cogent could simply have null routed small aggregates of the block,
rendering it useless. i.e. /24s of the /22 all static routed to one of their
loopback addresses, then redistributed into BGP and sent on to their peers
On Mon, May 06, 2002 at 10:41:09AM -0700, David Conrad wrote:
> On 5/6/02 10:20 AM, "Grant A. Kirkwood" <[EMAIL PROTECTED]> wrote:
> > I'm sorry, but ARIN's policy practically _encourages_ the "efficient
> > wasting" of space to qualify for PI space. This is one of the most
> > frustrating things
On Monday 06 May 2002 10:41 am, David Conrad wrote:
> On 5/6/02 10:20 AM, "Grant A. Kirkwood" <[EMAIL PROTECTED]> wrote:
> > I'm sorry, but ARIN's policy practically _encourages_ the "efficient
> > wasting" of space to qualify for PI space. This is one of the most
> > frustrating things to deal w
Hoping some of you can send me suggestions on Datacenter/CoLo
facilities in the Virginia/DC/Maryland area that can support
20 Racks
Multiple providers capable of a minimum of DS3 level service (OC3s
available from multiple providers preferred)
Stable/Secure/Sane to use facility
Usable site
On 5/6/02 10:20 AM, "Grant A. Kirkwood" <[EMAIL PROTECTED]> wrote:
> I'm sorry, but ARIN's policy practically _encourages_ the "efficient
> wasting" of space to qualify for PI space. This is one of the most
> frustrating things to deal with.
As someone who used to run a registry, one of the mos
Hmmm, maybe my experience with Arin is differnet but it wasn't all that
difficult for me. I received a /19 initial allocation and never had to
use upstream space at all!!! It took a little more paperwork and
perhaps my case was unique but it was quite painless.
Scott
On Mon, 6 May 2002,
Gr
Randy is right. We don't know both sides. That having been said...
Ralph Doncaster wrote:
> What it tells me is I should have wasted enough space to consume 8 /24s
> long ago, so I could get a /20 directly from ARIN.
Right. What ISPs need to realize is that whatever benefit that is gained
f
> What it tells me is I should have wasted enough space to consume 8 /24s
> long ago, so I could get a /20 directly from ARIN.
You are correct! Please drive through.
/david
On Monday 06 May 2002 10:00 am, Ralph Doncaster wrote:
> > What others have told you here is correct: when you terminated your
> > contract with Cogent [any contract language nonwithstanding] you gave
> > up your "right" to use any portion of their address space.
> >
> > As one person on here alr
> What others have told you here is correct: when you terminated your
> contract with Cogent [any contract language nonwithstanding] you gave up
> your "right" to use any portion of their address space.
>
> As one person on here already pointed out, this is a good thing. Think
> about it.
What
(Appologies if considered off-topic)
Registration is now open for the first Nordic Operator Forum meeting in
Stockholm, 13-14th of May 2002 at the Roayal Institute of Technology. The
event will be free of charge. Please visit http://www.nordnog.org for
information on registering and the agen
> What processes and/or tools are large networks using to
> identify and limit the impact of DDoS attacks?
What we are using is matching of a specific community on all of our edge
routers. A route matching this specific community will be blackholed on the
edge. All that is then needed is by
My oppinion and its just my oppinionAA is that they aren't all that
good.:) They tend to route things oddly ie handing a customer a gig E
but the next op from the end router is an oc12 when there is an
uncongested oc48 available as well. They also seem to have a lot of
packet loss and
For all intense and purposes its up to the end user. In the case of an
isp getting space from Arin it is allocated to them which in their
terminology is different than assigned. Isps by having space allocated
can then assign or remove the assignment of space they hold pretty much
as they se
Its interesting that such a vicious dispute has taken place. It has
been my experience with Cogent infact that when issues exist that they
are quite willing to at least listen and arrive at some reasonable
solution. I know when I have had issues all be it more technical than
billing they a
> Does anyone have any current opinions on Williams IP service and any
> expected changes with the Chapter 11?
>
> Shane
Williams Communications Group Inc. (The "Holding Company") has filed, but this,
*ostensibly*, should not affect the ongoing operations of their operating
subsidiary, Wil
On Mon, May 06, 2002 at 09:58:27AM -0400, Owens, Shane (EPIK.ORL) wrote:
> Does anyone have any current opinions on Williams IP service and any
> expected changes with the Chapter 11?
>
> Shane
Can't speak to their service, as I've never bought anything from them.
After multiple spams in the l
In the referenced message, Ralph Doncaster said:
>
> On Mon, 6 May 2002, Forrest W. Christian wrote:
>
> > On Mon, 6 May 2002, Ralph Doncaster wrote:
> >
> > > What is the generally accpted timeframe for renumbering? My reading of
> > > ARIN policy would seem to imply at least 30 days.
> [...
Hello Ralph,
> Is that true? I thought the space belongs to ARIN, and they loan it to
> certain parties. Those parties can use the IPs in accordance with ARIN
> rules.
The way you've written the above statements makes them true. However, such
a relationship does not extend to the issue you're
Title: Williams Opinions?
Does anyone have any current opinions on Williams IP service and any expected changes with theĀ Chapter 11?
Shane
On Mon, 6 May 2002, Stephen J. Wilcox wrote:
> I think they're on dangerous ground, whether or not their contract says
> the IPs should be returned if they not only stop routing them but then
> start contacting third parties that they have no relationship with and ask
> them to stop routing them
On Mon, 6 May 2002, Forrest W. Christian wrote:
> On Mon, 6 May 2002, Ralph Doncaster wrote:
>
> > What is the generally accpted timeframe for renumbering? My reading of
> > ARIN policy would seem to imply at least 30 days.
[...]
> The bottom line is the space is theirs and they can do whateve
On Mon, 06 May 2002, blitz wrote:
>
> I know theres knowledgable opinion on this list on this topic.
>
> Besides Gibson's (www.grc.com) port scan and www.DSLreports.com port
> scanning tools, is there any others you folks have found that are reliable
> and don't breed spam?
>
> TIA
>
> Mar
On Mon May 06, 2002 at 01:35:34PM +0200, JAKO Andras wrote:
> > Yes, works fine (on an all Cisco network).
>
> Maybe not interesting for an ISP, but I'm using it on a vlan interface on
> a 6500/7600. It works fine with IOS 12.1.8-EX5, but 12.1.11-E1 refused the
> configuration because it's not a
> > Has anyone used /31 mask addresses on their network?
>
> Yes, works fine (on an all Cisco network).
Maybe not interesting for an ISP, but I'm using it on a vlan interface on
a 6500/7600. It works fine with IOS 12.1.8-EX5, but 12.1.11-E1 refused the
configuration because it's not a p2p interf
I know theres knowledgable opinion on this list on this topic.
Besides Gibson's (www.grc.com) port scan and www.DSLreports.com port
scanning tools, is there any others you folks have found that are reliable
and don't breed spam?
TIA
Marc
> > > Well how am I supposed to arrange a payment on a Sunday afternoon?
> > >
> > > As well I'd say I've already paid them more than enough to use
> > > their IPs - I never brought up a BGP session with them and never
> > > passed a single packet to them. I'm surprised to hear that such
> > >
I have to say I think you're doing something wrong somewhere.. excluding
official role addresses I receive a handful (15ish?) spam mails per day
and I've been using some of my email addresses for years. A couple are
used on websites so they are published.
Perhaps to an extent I'm lucky, but I wa
> > Well how am I supposed to arrange a payment on a Sunday afternoon?
> >
> > As well I'd say I've already paid them more than enough to use
> > their IPs - I never brought up a BGP session with them and never
> > passed a single packet to them. I'm surprised to hear that such
> > extortion te
53 matches
Mail list logo
