Pete,
passionSince I do NOT believe in Security through Obscurity as
effective/passion, I name every address and publish both A and PTR views
of this relationship. This applies to all network-addressable entities.
CNAME records may be added to taste.
Naming should facilitate maintenance of
I like the idea of people being able to START on the authentication
datbase of ownership/announcement in a distributed fashion, but
perhaps there are other ways (perhaps DNS-based) of getting there
as well...
Yes there are other ways and I suggest that the optimal choice of protocol
for
On Mon, Mar 03, 2003 at 11:53:51AM +,
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote
a message of 55 lines which said:
Yes there are other ways and I suggest that the optimal choice of protocol
for publishing this information is LDAP, not DNS.
...
Next step is to get ISPs to replace their
From: Avi Freedman
Router CPUs average 50%, and S-BG adds 10% (paraphrase)
Average is somewhat less relevant than common peaks.
GSRs and 7500s and 7200s all get up there at 90+% on the real Internet.
I agree. I'm have a tricked 7200 managing 3 peers. Normal traffic
utilization rate is 30%
Good point, Sean. The problem is the business process and the risk to the
process, vs. the cost to fix it.
Jim
-Original Message-
From: Sean Donelan [mailto:[EMAIL PROTECTED]
Sent: Friday, February 28, 2003 7:25 PM
To: '[EMAIL PROTECTED]'
Subject: Re: BGP to doom us all
On Fri, 28
I believe that LDAP can be the core of this toolset.
--Michael Dillon
Why not put everything into a MySQL db? :)
LDAP is a fine tool but it was not designed to do some
of the things that other tools do. We are not yet at the
point where all we have the
Why not? Can you be more specific as to why you think that LDAP is not
suitable?
Thanks,
Christian
I believe that LDAP can be the core of this toolset.
--Michael Dillon
Why not put everything into a MySQL db? :)
LDAP is a fine tool but it was not designed to do some
Very subtle, David. As it happens, somebody asked only last week if
they could take up the project again. For those who think mapping
filters to route objects is nigh trivial, there is a significant
difference between network assignees and routes. Tracking assignments,
ASNs, customer routing
Too many features layered on a single tool. Haq the tool
and the dependencies will cripple your service offering.
Now I don't want to say that you can't do this on your own,
I am uncomfortable with such tactics being promoted as the
one true way
I'm thrilled to hear that that project is being picked
up again. The long-term benefits (IMO) are worth the
non-trivial amount of effort required to make a
functioning solution.
--- [EMAIL PROTECTED] wrote:
Very subtle, David. As it happens, somebody asked
only last week if
they could take
I believe that LDAP can be the core of this toolset.
Why not put everything into a MySQL db? :)
Arrgghhh!!! he yells running and screaming in horror...
Of all the example products you could have chosen to represent database
software, why on earth did you choose this abomination. Is it a
On Mon, 3 Mar 2003 [EMAIL PROTECTED] wrote:
Very subtle, David. As it happens, somebody asked only last week if
they could take up the project again. For those who think mapping
filters to route objects is nigh trivial, there is a significant
difference between network assignees and routes.
Too many features layered on a single tool. Haq the tool
and the dependencies will cripple your service offering.
LDAP is not a tool, it is a protocol that can be used by many tools to
communicate in the same way that many servers (BIND, NSD, DJBDNS, MS-DNS,
QuickDNS) can use the DNS
From: Avi Freedman
snip
: Why don't SWIP forms include Origin-AS?
Ahem. Origin-AS(s) - plural. Agreed - mildly. Of course, SWIP isn't
updated when delegation info changes, so origin AS(s) would get just as
stale as contact info.
If networks are filtering based on SWIP information, it
Too many features layered on a single tool. Haq the tool
and the dependencies will cripple your service offering.
LDAP is not a tool, it is a protocol that can be used by many tools to
communicate in the same way that many servers (BIND, NSD, DJBDNS, MS-DNS,
QuickDNS) can use the
On maandag, maa 3, 2003, at 16:44 Europe/Amsterdam,
[EMAIL PROTECTED] wrote:
tool in the generic sense. too many things that depend on
LDAP for proper functioning -will- make LDAP a tempting
target.
So not functioning properly is preferable to depending on a tempting
It has to be separate from SWIP though, as rwhois servers don't issue
SWIP.
This is basically where I started thinking about LDAP. If rwhois doesn't
do the job, then we could either fix/enhance rwhois or move to something
else. Anyone who has ever delved into the internals of rwhoisd knows
I'd like to stop this argument now by saying you are both right.
*) LDAP is a protocol, not an implementation. The back-end can be
anything... even monkeys with pencil and paper.
*) Michael's point about doing things differently and hopefully in a
better way does not hinge on technology... it
On Monday, March 3, 2003, at 06:52 AM, Kuhtz, Christian wrote:
Why not?
Well, it depends on what you want to use LDAP for.
For example, take a naive approach: your router crashes. It comes back
up. It receives 130,000 prefixes that it needs to validate. For each
prefix, your router must do
I'm looking for a contact @Nordnet France, concerning a DNS problem. I have
tried all ways to contact you... but unfortunatly I cant escalade over the
1st level support which doesnt understand my problem.
Please contact me off-list.
Thanks,
P.
On maandag, maa 3, 2003, at 17:30 Europe/Amsterdam,
[EMAIL PROTECTED] wrote:
So not functioning properly is preferable to depending on a tempting
target for proper functioning?
what is not functioning properly?
Determining who is authorized to announce a certain block of IP address
space.
As I remember and I could be wrong, its been a few years now, when I worked
for iMCI we did and we moved over to CW we still did.
-Jim
-Original Message-
From: Danny McPherson [mailto:[EMAIL PROTECTED]
Sent: Saturday, March 01, 2003 10:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Who uses
Yes, at iMCI (we) had our own registry, MCI-RR, but we only used it
(in addition to data from the other IRRs) to generate customer prefix
filters, not peers.
Cable Wireless still uses the RR, now know as CW-RR.
-danny
As I remember and I could be wrong, its been a few years now, when I
For example, take a naive approach: your router crashes. It comes back
up. It receives 130,000 prefixes that it needs to validate. For each
prefix, your router must do an LDAP query.
Then take a smarter approach: your router crashes. It comes back up and
your network management system
I need to order some Qwest circuits. Is there an ISP account group? Can
someone recommend a good account manager to work with?
Thanks,
Joe
Honestly people, to summarize all this...
Legislation is not the correct knee jerk response to
technical challenges... Lawyers and Politicians
just -think- it is
Perhaps related to perceiving themselves as important
to the problem, eh ? And, that also happens to create
a situation where
On maandag, maa 3, 2003, at 17:30 Europe/Amsterdam,
[EMAIL PROTECTED] wrote:
So not functioning properly is preferable to depending on a tempting
target for proper functioning?
what is not functioning properly?
Determining who is authorized to announce a certain block of IP
On maandag, maa 3, 2003, at 18:41 Europe/Amsterdam,
[EMAIL PROTECTED] wrote:
what is not functioning properly?
Determining who is authorized to announce a certain block of IP
address
space.
no protocol is going to help with this problem. its a
social engineering issue, not a
Not that this is concerned with any network equipment or network
operations per say, but I'm sure that alot of you do run sendmail.
-BEGIN PGP SIGNED MESSAGE-
Internet Security Systems Security Brief
March 3, 2002
Remote Sendmail Header Processing Vulnerability
Synopsis:
ISS X-Force
I know when we separated Concert from iMCI we where using the filters on
them, and they IMO would have been a peer, but then again Concert sould have
been a special case either way.
-Jim
-Original Message-
From: Danny McPherson [mailto:[EMAIL PROTECTED]
Sent: Monday, March 03, 2003
JB Date: Mon, 3 Mar 2003 09:45:37 -0600
JB From: Jack Bates
JB Personally, I think ARIN handling routing information is an
JB excellent idea. It has to be separate from SWIP though, as
U it's nice to be able to change routing information in a
timely fashion without needing intensive
Anyone having trouble getting to/ know of any issues with spamcop.net today?
They seemed to have dropped off the radar from me...
No pings
No traceroute
but they still show registered at 216.127.43.89
Tnx
Marc
macronet.net
On Mon, Mar 03, 2003 at 09:41:21PM -0500, blitz wrote:
Anyone having trouble getting to/ know of any issues with spamcop.net today?
They seemed to have dropped off the radar from me...
No pings
No traceroute
but they still show registered at 216.127.43.89
One of my customers wrote
On Mon, 3 Mar 2003, blitz wrote:
Anyone having trouble getting to/ know of any issues with spamcop.net today?
They seemed to have dropped off the radar from me...
No pings
No traceroute
but they still show registered at 216.127.43.89
laptop ~]$ t 216.127.43.89 80
Trying
Not for nothing, but there's so much time wasted with all these diversified
spam systems.
I've been reading about Barry Shein's proposals and I have to say I am on board
with a centralized -single- system based on his young, but intelligent, model.
On Mon, 3 Mar 2003, Martin Hannigan wrote:
Not for nothing, but there's so much time wasted with all these diversified
spam systems.
I've been reading about Barry Shein's proposals and I have to say I am on board
with a centralized -single- system based on his young, but intelligent,
36 matches
Mail list logo