Hi all,
Thanks for all your kindly reply. I'm currently evaluating HP Service
Desk, and CA
Unicenter service desk. Remedy seems have no Chinese contact. RT seems
too
non-commercial :-)
thanks!
Yu Ning
|-Original Message-
|From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
|Behalf
>
> > Date: Sun, 22 Sep 2002 23:16:20 -0400 (EDT)
> > From: jlewis
>
>
> > Speaking of special...having played around a little with the
> > BGP communities supported by C&W and Sprint, I'm wondering
> > which other big transit providers (it seems almost a waste to
> > say Tier 1 anymore) support
On Mon, Sep 23, 2002 at 05:28:15PM -0400, Joe Abley wrote:
>
> I think the problem is not that there are multiple definitions of
> how to calculate the 95th percentile of a sample population, but
> that different peoples' sample populations are constructed in
> different ways.
>
> I have seen b
This was a totally bogus reason from the very beginning. Given that real
backbones carry no prefixes longer than 24 bits the "long" lookup in
Last numbers I saw put 701 at over 100k prefixes in the /25-/32 range.
The more correct statement is backbones carry no external prefixes
longer then /24
On Sun, Sep 22, 2002 at 03:22:11PM -0700, [EMAIL PROTECTED] said:
>
> I have question for the security community on NANOG.
>
> What is your learned opinion of having host accounts
> (unix machines) with UID/GID of 0:0
>
> otherwords
>
>
> jmbrown_r:password:0:0:John M. Brown:/export/home/jmb
On Mon, Sep 23, 2002 at 04:07:47PM -0400, Richard A Steenbergen wrote:
> On Mon, Sep 23, 2002 at 12:50:17PM -0700, Lane Patterson wrote:
>
> > And there are at least 4 ways of computing 95th percentile, though I'm sure
> > there've already been threads on this.
>
> There is only one way, anyone
On Mon, 23 Sep 2002, Huopio Kauto wrote:
> How about just plainly blocking the most obvious holes, that is
> telnet and POP? If someone wants a direct telnet connection to a
> route server or something similar - open a hole with a web-based tool?
> Ok, then you say all unencrypted www traffic wi
How about just plainly blocking the most obvious holes, that is
telnet and POP? If someone wants a direct telnet connection to a
route server or something similar - open a hole with a web-based tool?
Ok, then you say all unencrypted www traffic with plain username/pw..
SSH'ing everything back to
On Sun, 22 Sep 2002 23:16:20 -0400 (EDT), [EMAIL PROTECTED] wrote:
>What are these 'special needs' people keep mentioning? What special needs
>might you have of your transit providers?
It's hard to generally categorize special needs because they're special. I
can give you an example
On Mon, 23 Sep 2002, Richard A Steenbergen wrote:
>
> On Mon, Sep 23, 2002 at 12:50:17PM -0700, Lane Patterson wrote:
>
> > Also, some large ISP's have a policy that you must buy the whole pipe
> > unmetered if your commit is >50% pipe speed.
>
> Never heard that one, but conversly most ISPs
On Mon, Sep 23, 2002 at 12:50:17PM -0700, Lane Patterson wrote:
> Also, some large ISP's have a policy that you must buy the whole pipe
> unmetered if your commit is >50% pipe speed.
Never heard that one, but conversly most ISPs have a minimum commit for
"big expensive ports". For example, 1 me
On Mon, Sep 23, 2002 at 11:26:22AM -0400, Alex Rubenstein <[EMAIL PROTECTED]> wrote:
>
>
>
> > - flat fee for a L Mbps link
>
> Also known as 'fractional' or 'tiered.' $x for y mb/s, and it is
> rate-limited.
>
>
> > - volume based, y $ per Mbps (95% quantile) for a L Mbps link
> > - burst
"That [WEB] will give people a false sense of security." IMHO those
'people' are a group that is a subset of folk that will do 'unwise'
things no matter what level of scurity is in place.
Move along, nothing to see here...
Internet != secure, period.
Best regards,
_
Ala
On Sunday, Sep 22, 2002, at 15:41 US/Pacific, William Allen Simpson
wrote:
> I will agree that the security in WEP is almost useless, and have
> personally campaigned to change it for years. But, it is still the
> only
> Access Control widely available. So, it should be used, in addition to
>
On Sun, 22 Sep 2002, Iljitsch van Beijnum wrote:
>
> On Sun, 22 Sep 2002, Richard A Steenbergen wrote:
>
> > On Sun, Sep 22, 2002 at 01:11:07PM +0200, Iljitsch van Beijnum wrote:
> > > > There are also people ssh'ing to personal and corporate machines from
> > > > the terminal room where the r
On 07:19 AM 9/23/02, Steven M. Bellovin wrote:
>>I can't say without a sniffer, but I'd bet that most NANOG participants are
>>doing the same: SSH or IPsec VPN's back to home (wherever that is).
>
>Experience doesn't support this, I fear. How many passwords were
>captured last time?
Passw
Hi John,
Haven't seen you in a while. I hope all is well. Maybe I'll make it to a
nanog or arin meeting again one of these days.
As these are unix security questions and I've been a principle reviewer of
the bible on unix sysadmin (by Ms. Nemeth et al)...
At 03:22 PM 9/22/02 -0700, John M.
> - flat fee for a L Mbps link
Also known as 'fractional' or 'tiered.' $x for y mb/s, and it is
rate-limited.
> - volume based, y $ per Mbps (95% quantile) for a L Mbps link
> - burstable, flat fee for x Mbps on a L Mbps and z $ per Mbps above x
These two are essentially the same. You do ha
> > > 10-15 minutes. None of the doors of that class is in your house. Why do you
> > > have a door on your house?
> >
> > It keeps honest people honest, and opportunists from taking advantage of
> > easy opportunity.
>
> Thank you. Why is it different from putting even rudimentary security i
On Mon, 23 Sep 2002 14:52:41 +0100 Simon Lockhart <[EMAIL PROTECTED]> wrote:
> Someone sat in the hotel lobby with a powerful laptop isn't going to
> cause
> anyone to look twice, at a NANOG conference.
ok, i think we need to talk about the actual threats at a nanog conference.
1) some otherwis
In message <006a01c2630a$19725020$[EMAIL PROTECTED]>, "Stephen Sprunk" wr
ites:
>
>I can't say without a sniffer, but I'd bet that most NANOG participants are
>doing the same: SSH or IPsec VPN's back to home (wherever that is).
Experience doesn't support this, I fear. How many passwords were
Actually, from a legal standpoint, you put locks on the door same
reason as u would on the wireless. Otherwise an invitation could be
implied. It's hard for someone to argue that they were invited if
they had to use breakin tools. Otherwise I dont think anyone would
have a case, public area
Thus spake "Sean Donelan" <[EMAIL PROTECTED]>
> The wireless networks at NANOG meetings never follow what the security
> professionals say are mandatory, essential security practices. The NANOG
> wireless network doesn't use any authentication, enables broadcast SSID,
> has a trivial to guess SSI
> Someone stood at your front door with lock picking tools for more than a
> couple of minutes is going to arouse suspicion, and hopefully cause someone
> to call the police.
>
> Someone sat in the hotel lobby with a powerful laptop isn't going to cause
> anyone to look twice, at a NANOG confere
> > 10-15 minutes. None of the doors of that class is in your house. Why do you
> > have a door on your house?
>
> It keeps honest people honest, and opportunists from taking advantage of
> easy opportunity.
Thank you. Why is it different from putting even rudimentary security in
place on the
> > Rubbish.
> >
> > There are only two or three types of locks that cannot be picked from the
> > outside by a lockpicker within 10-15 minutes. None of those locks is on your
> > outside door. Why do you bother to lock your house?
> >
> But in the case of public WLAN, who is the one that you´re
> 10-15 minutes. None of the doors of that class is in your house. Why do you
> have a door on your house?
It keeps honest people honest, and opportunists from taking advantage of
easy opportunity.
On Mon Sep 23, 2002 at 09:47:06AM -0400, [EMAIL PROTECTED] wrote:
> There are only two or three types of locks that cannot be picked from the
> outside by a lockpicker within 10-15 minutes. None of those locks is on your
> outside door. Why do you bother to lock your house?
Someone stood at your
>
> Rubbish.
>
> There are only two or three types of locks that cannot be picked from the
> outside by a lockpicker within 10-15 minutes. None of those locks is on your
> outside door. Why do you bother to lock your house?
>
But in the case of public WLAN, who is the one that you´re trying
to ke
>
> At 06:41 PM 9/22/2002 -0400, William Allen Simpson wrote:
> >... But, it is still the only
> >Access Control widely available. So, it should be used, in addition to
> >the better methods.
>
> Using a supposed security mechanism that is known to be essentially useless
> does nothing but l
Hello,
We are working on a research project on interdomain traffic engineering and
would like to quantitatively evaluate interdomain traffic engineering
solutions in a realistic way. We have a BGP simulator that allows us to
simulate networks with a few hundreds of AS and are adding several mech
In message <[EMAIL PROTECTED]>, Sean
Donelan writes:
>
>On Sun, 22 Sep 2002, Randy Bush wrote:
>> - the users need to be told how to operate more safely, use
>> end-to-end authentication and privacy, etc. it's a matter of
>> education. and the education will stand them in good
On September 22, 2002 07:41 pm, Ryan Fox wrote:
> On Sun, 2002-09-22 at 18:22, John M. Brown wrote:
> > What is your learned opinion of having host accounts
> > (unix machines) with UID/GID of 0:0
> >
> > jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh
>
> The biggest argument
In message <[EMAIL PROTECTED]>, Sean
Donelan writes:
>
>On Sat, 21 Sep 2002, Martin J. Levy wrote:
>> >I agre security is sadly lacking, but it is probably impossible to
>> >implement in a conference environment.
>>
>> Look this is a very simple issue. Sean's first post really pointed out
>> th
> On Sun, 22 Sep 2002, William Allen Simpson wrote:
>
> > Sorry, any security requires a *SECRET*.
The only thing security really requires is *trust*. Secret keys won't do
any good if the platform is compromised. Elaborate protections are
useless if people who are allowed access are untruthw
35 matches
Mail list logo
