of marginal oper. interest [bgp reflecting actual traffic flow (or not)]

sent to e2e hoping thread pursued on only one mailing list but wasn't sure which one would hate it more. fwiw. critical feedback/corrections/thoughts welcome k - Forwarded message from k claffy <[EMAIL PROTECTED]> - Date: Mon, 17 Mar 2003 21:26:30 -0800 From: k claffy <[EMAIL PRO

Re: OpenSSL

On Mon, Mar 17, 2003 at 12:55:24PM -0500, [EMAIL PROTECTED] said: > In message <[EMAIL PROTECTED]>, Scott Francis writes: > > > > > > >Fun is about all it comes to. See what Schneier had to say in the most > >recent crypto-gram regarding this hole. > >

RE: Nortel SHASTA

I use this product. I think they still sell this product especially in dsl enviroments. Good for the pptp and ppoe stuff. Alan You can contact me directly at [EMAIL PROTECTED] -Original Message- From: Petri Helenius [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2003 11:01 AM To: [

New MS and CERT Warning

CERT and MS have posted advisories and patches on a new vulnerability in IIS and Win2K. Particualrly interesting is that it took everyone by surprise (black hats had it first) and they selectively targeted .mil machines. More info on the below URL's. Everyone ready for the latest round of attack

Re: OpenSSL

Steve Bellovin wrote: > The only caveat is that their attack currently works on LANs, not WANs, > because they need more precise timing than is generally feasible over the Internet. On the other hand, many of the SSL servers on the web are located in hosting centers, which are LAN-connected to p

Re: Nortel SHASTA

> > Is there anyone out there in the NANOG community who uses the Nortel SHASTA > box for aggregation that would like to technically chat offline? > Didn´t nortel more or less kill or suffocate the product quite quickly after the aquiring the company? (as they did Promatory) Pete

Nortel SHASTA

Greetings. Is there anyone out there in the NANOG community who uses the Nortel SHASTA box for aggregation that would like to technically chat offline? Regards, Gerard White Aliant

RE: APNIC returning 223/8 to IANA

> -Original Message- > On Mon, 17 Mar 2003, [EMAIL PROTECTED] wrote: > > > I'd like to strongly encourage IANA to reexamine all current IANA-Reserved > blocks, decide which ones will remain Reserved for the forseeable future, > and which are likely candidates for assignment to RIRs at any

Re: OpenSSL

In message <[EMAIL PROTECTED]>, Scott Francis writes: > > >Fun is about all it comes to. See what Schneier had to say in the most >recent crypto-gram regarding this hole. > This is a new attack, not the one Schneier was talking about. It's very

Re: OpenSSL

On Mon, Mar 17, 2003 at 04:39:31AM -0500, [EMAIL PROTECTED] said: > > > More OpenSSL (and SSH) fun. > > http://lists.netsys.com/pipermail/full-disclosure/2003-March/004524.html > AND > http://lists.netsys.com/pipermail/full-disclosure/2003-March/004529.html Fun is about all it comes to. See wha

RE: Controlling outbound traffic in a multihomed BGP environment

Routing based on source address is called "Policy Routing". IF you are on a cisco box, create an extended access-list specifying the source Ip's, and then match that access list in a route map to set the next hop. Apply the route map on ports facing that customer, building a chain from edge (

FW: Controlling outbound traffic in a multihomed BGP environment

How can you control outbound traffic from a single subnet - meaning forcing all its outbound traffic out a single bgp edge router in a multihomed environment. Here is the scenario: 1. Inbound traffic is engineered using prepends - meaning to force inbound traffic through a particular router, we

Re: APNIC returning 223/8 to IANA

In a message written on Mon, Mar 17, 2003 at 07:01:32AM -0800, [EMAIL PROTECTED] wrote: > Simply having someonechange a DB entry or create an RFC will > not affect the installed silicon base. Won't work. > APNIC is on the moral highground here. They received damaged >

Re: APNIC returning 223/8 to IANA

> On Mon, 17 Mar 2003, Leo Bicknell wrote: > > > Just like the people who get 69/8 blocks should expect them to be > > fully usable as well, right? > > I think all that really needs to happen here is an RFC update that > unreserves 223.255.255.0/24. RFC3330 already mentioned that the basis fo

Re: APNIC returning 223/8 to IANA

On Mon, 17 Mar 2003, Leo Bicknell wrote: > Just like the people who get 69/8 blocks should expect them to be > fully usable as well, right? Surely if one reserved /24 means you > can return space and get new space assigned then the inability to > reach some percentage of the internet is an even

Re: APNIC returning 223/8 to IANA

In a message written on Mon, Mar 17, 2003 at 01:31:08AM -0500, Jared Mauch wrote: > When you get a /8, you expect it to be fully usable. The > APNIC posture here seems to make sense to me that its an issue > that needs to be resolved. using one of the other currently > reserved /8's while t

OpenSSL

More OpenSSL (and SSH) fun. http://lists.netsys.com/pipermail/full-disclosure/2003-March/004524.html AND http://lists.netsys.com/pipermail/full-disclosure/2003-March/004529.html

Re: Issue with 208.192.0.0/8 - 208.196.93.0/24?

On Tue, Mar 11, 2003 at 01:50:01PM +, [EMAIL PROTECTED] said: > > > Remember: The majority of the posters here probably have roughly > > as much (but not as much) of an ego as you, yet a _lot_ more > > experience and skills to back it up. I think the results are > > Altho sometime I have to