I'll copy this email, and keep it for reference when someone asks about
buying service from UUnet...thanks...
At 17:17 1/18/03 -0800, you wrote:
What's interesting is that I just tried to call the noc and was told
"We have to have you e-mail the group"
my response, I can't I have no route work
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --On Tuesday, January 14, 2003 13:00:38 +0100 Mikael Abrahamsson
<[EMAIL PROTECTED]> wrote:
> I had great respect for Axelsson before this incident, after seeing his
> behaviour more up close I nowadays loathe him for his methods.
>
> Let's put
On Sat, Jan 18, 2003 at 10:45:11PM -0600, Chris Adams wrote:
> How is this different than "ip verify unicast reverse-path" (modulo CEF
> problems and bugs, which of course NEVER happen :-) )?
It would be useful for all sorts of things besides verifying a source
address. So in addition to complic
On Sun, 19 Jan 2003, Christopher L. Morrow wrote:
> > you could partly get around this by blocking all 'SYN' packets going to
> > your customers :-)
>
> and we are hoping none are hosting webservers or mail servers or
> right? Oh wait! I'll just make them use my datacenters, right?? or were
>
> *shrug* just seems like it would make more sense to block all incoming
> 'syn' packets.
> Wouldn't that be faster than inspecting the destination port against two
> seperate rules?
blocking all SYN's will break too much other stuff (Instant Messangers,
games ...). I think we would be much bette
Christopher, IP filtering is something that needs to be legally mandated and
put in place at both ends. Any tier-2/3 provider should be held accountable
for any fraud's that they enable their customers to commit, since there is
no other technical point of responsibility possible. As to spoofed IP'
http://news.com.com/2100-1023-981281.html?tag=fd_top
"CANNES, France--A top music industry representative said Saturday that
telecommunications companies and Internet service providers will be asked
to pay up for giving their customers access to free song-swapping sites."
It gets better. Read t
This type of situation has been extensively discussed and debated here.
If you are not UUNet's direct customer (or many other providers for that
manner), they likely cannot and will not open a ticket. If MFN is your
upstream, open up a ticket with them.
-Original Message-
From: [EMAIL PRO
This whole 'Internet Thing' is a one of the wonders of the modern world.
A public transport system that has handled growth easily and
efficiently for many years. Some people get leisure from it, some make
money from it, some do research on it, some communicate on it, It
is one of the most p
Hi, NANOGers.
] The rest could be handled with a simple IDS (doesn't even need
] to match patterns... just count packets going to 27374 and the like)
There is no "simple IDS" for OC48+ links. :) Counters are possible,
though adding that many ACLs can be more than burdensome on certain
code and
> "Your not my customer I really don't care" *click*
> Nice. professional too.
I had a similar experience with them - even though we *are* a UUNet
customer, we weren't the customer with the problem (in this case, a email
address which was a subdomain of the company's main address was being
reject
Its just unfortunate that some companies not mentioning names feel this is
good practice. Others don't feel this way which is a good thing. Just a
note, uunet wouldn't take my call when a ddos attach originated on their
network either. Same response with the exception of "Well we don't have
sec
Well just to make this more on topic and operationsl:).
It seems to me that for best operation of all networks some means should
exist for carriers to talk to each other. Perhaps nanog is it not sure
but if mfn has an issue with wireworks than mfn should have a place to
call.
Like wise if I hav
On Sun, 19 Jan 2003, Scott Granados wrote:
> It seems to me that for best operation of all networks some means should
> exist for carriers to talk to each other.
http://www.pch.net/inoc-dba/
Every time I've dialed 701, someone more clueful and well-intentioned than
myself has answe
Without getting too much into the likelihood of any legal body actually
understanding anyone's role in an attack besides the attacker and the
victim, in this land where tobacco companies are sued by smokers who
get lung cancer and fast food restaurants are sued by fat people there
must be room fo
"Dave Howe" <[EMAIL PROTECTED]> wrote:
>there then followed a short conversation that amounted to that - given that
>$mydomain was working fine, they would *not* look at the problem for
>$contractorsdomain unless $contractor contacted them about it. I found
>postmaster@contractorsdomain worked f
On Sun, Jan 19, 2003 at 10:26:16PM +, Tim Thorne wrote:
>
> "Dave Howe" <[EMAIL PROTECTED]> wrote:
>
> >there then followed a short conversation that amounted to that - given that
> >$mydomain was working fine, they would *not* look at the problem for
> >$contractorsdomain unless $contractor
On Sat, 18 Jan 2003, Steven M. Bellovin wrote:
> > 3) Find and convict the true attacker
>
> Hash-based trace might help on that, *if* there was recording of the
> packets to the zombies. But doing that ubiquitously might -- would? --
> turn the Internet into a surveillance state.
Yep, the har
One of our clients sustained a severe SMTP DDOS attack on New Years'
Day. The DDOS was caused by a bulk mailing which had forged their
domain name in the return address. The attack was staged over
several days from dial-up lines at fast.net (Bethlehem, PA). We
contacted fast.net shortly after t
--On Sunday, January 19, 2003 05:35:13 PM -0800 Roger Marquis
<[EMAIL PROTECTED]> wrote:
Since fast.net/iuinc.com has not replied to our email or phone calls
we're looking for anyone with information on this company, its
owners or operators, and any history of network or SMTP abuse. All
help wi
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue
which later aquired part in Navisite and later had Navisite aquire
most of Clearblue (sounds weird, I know). Now appliedtheory.com goes to
navisite, so I assumed appliedtheory was aquired as part of clearblue,
(if it wasn't
--On Sunday, January 19, 2003 05:35:07 PM -0800 "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue
which later aquired part in Navisite and later had Navisite aquire
most of Clearblue (sounds weird, I know). Now appliedtheory.co
At 10:00 PM 1/19/2003, John Payne wrote:
--On Sunday, January 19, 2003 05:35:07 PM -0800 "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue
which later aquired part in Navisite and later had Navisite aquire
most of Clearblue (
At 02:26 PM 19-01-03 -0800, Scott Granados wrote:
I don't believe Chris sleeps, ever.
-Hank
Its just unfortunate that some companies not mentioning names feel this is
good practice. Others don't feel this way which is a good thing. Just a
note, uunet wouldn't take my call when a ddos attach
Last week we experienced a significant (for us anyway) DDOS against one
of our customers and UUNET was one of the quickest to respond. No, we
are not a UUNET customer but Chris (with UUNET) responded very quickly
(within 30min I believe) to a post we made to a mail list and began
blackholing traff
>
> What incentive does the end-user have to use secure systems? Should
> Microsoft, Sun, Sendmail Inc or ISC be required to send a technician out
> to fix every defective system they released? Why should the ISP be held
> accountable for the defects created by others? Car makers have to fix
>
On Mon, Jan 20, 2003 at 12:25:27AM -0500, Deepak Jain mooed:
>
> As long as the car _moves_ under its own power across the highway, its
> essentially not the car manufacturers' (or the consumers') immediate
> concern.
That's really not true. Before car companies sell cars, they
pass (lots of)
> > As long as the car _moves_ under its own power across the highway, its
> > essentially not the car manufacturers' (or the consumers') immediate
> > concern.
>
> That's really not true. Before car companies sell cars, they
> pass (lots of) safety certification tests. Before owners drive
> c
28 matches
Mail list logo
