I am using bind 9.2.2-p2 on our resolver name servers so far.. And I have no
problems to report at this time, it's been running smooth so far; mail queues
started clearing out nice and clean.
-hc
--
Haesu C.
TowardEX Technologies, Inc.
Consulting, colocation, web hosting, network design and imp
> Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog
> linux powercomputing machine tonight. It worked. And the mail queues
> began clearing out. Just for an oddball success report.
oh hell. thanks for the kind words, but we just released rc4.
> Are others having similar
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog
linux powercomputing machine tonight. It worked. And the mail queues
began clearing out. Just for an oddball success report.
Are others having similar luck? What needs to be done to make this a
standard feature set? Is
> ISC has made root-delegation-only the default behaviour in the new bind,
actually, though, we havn't, and wouldn't (ever). the feature is present
but must be explicitly enabled by a knowledgeable operator to have effect.
> how about drafting up an RFC making it an absolute default requiremen
Anyone from AT&T on the list? I just bought a Cisco 7507 with a full
AT&T config on it from March 2003. Maybe someone should be changing
passwords and snmp com strong, etc?
It has an AT&T asset number on it, if that helps you identify how that
got overlooked. Contact me if necessary.
--
Jay
howdy folk,
can someone who is doing dedicated hosting / colocation can contact me
offlist please?
Mehmet Akcin
Key fingerprint = FE 46 F8 8C 0C 2F C3 4A CF 1F BC 36 75 F4 9B C3
On Mon, 22 Sep 2003, Dave Stewart wrote:
> Courts are likely to support the position that Verisign has control of .net
> and .com and can do pretty much anything they want with it.
ISC has made root-delegation-only the default behaviour in the new bind,
how about drafting up an RFC making it an
[ok last operationally irrelevant URL from me this month]
those with researchy dispositions might like the
(still young) annotated catalog of Internet research publications:
http://www.caida.org/outreach/bib/networking/
far from complete and
as always we welcome contributions
From time to time this thread pops up. I found something which looked
interesting and the price was right. I bought one and WOW! It is VERY
impressive stuff for any price especially considering how cheap it was. I
purchased 10 individual temperature sensors and two temp/humidity sensors,
and
[also won't affect your router;
also involves a risk of learning something:]
in response to router vendors' request for analysis
AS breakdown into of transit vs stub, multi vs single homing,
using massive traceroute data as well as routeviews bgp data:
http://www.caida.org/analysis/
[disclaimer: this email will not affect any router config or
worm containment or verisign behavior, and please don't waste
your time reading unless you want to learn something about
v4/v6 address distribution by country]
bradley extended his IPv4 address resource geopolitical analysis
to IPv6
] As to your call for us to suspend the service, I would respectfully
] suggest that it would be premature to decide on any course of action
] until we first have had an opportunity to collect and review the
] available data.
One would think it would be equally premature to roll out the service
w
All indications are that users, important members of the internet community
we all serve, are benefiting from the improved web navigation offered by
Site Finder
"The Americans are comitting suicide!"
:: american bomb falls in the background ::
-hc
--
Haesu C.
TowardEX Technologies, Inc.
Co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Recommendations Regarding VeriSign's Introduction of Wild Card Response
to Uninstantiated Domains within COM and NET
http://www.icann.org/correspondence/secsac-to-board-22sep03.htm
Several members of this community responded to my request for input
>At anytime, Verisign could remove your .COM domain from their DNS for
>a short period of time which would result in all of your inbound
>email going to the Verisign collector servers. If this was only done
>for a brief interval, say 10 minutes, you might never notice that it
>had happened. But
Even better,
All indications are that users, important members of the internet community
we all serve, are benefiting from the improved web navigation offered by
Site Finder
This reminds me of the Iraqi Information minister and his lunatic
counterfactual arguments All indications indeed!
>Looks like the lawsuits are going to be the ones to settle this
>dispute...anyone think there's a chance of ICANN pulling .COM and .NET
>from Verisign due to breach of contract? I think it's highly unlikely.
...about as likely as Mary Carey winning the Califunny recall.
VeriSlime has big lobby
http://www.icann.org/correspondence/lewis-to-twomey-21sep03.htm
I quote:
] As to your call for us to suspend the service, I would respectfully
] suggest that it would be premature to decide on any course of action
] until we first have had an opportunity to collect and review the
] available dat
John,
I have forwarded your comments to the appropriate list so that they can
be archived. Please look at the ARIN announcement for details
concerning these documents.
Thanks,
Ray
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of John Brown
> Se
YAO (yet another organization)
Seems the world is full of orgs and people wanting to create
yet a new thing to solve the problem. Make it a new thing and
we can fix the issues at hand.
I've seen enough of the BS between ICANN and ARIN (and other RIR's)
to know that if both sides would really si
Go Daddy is at it again. They filed suit against Verisign accusing
Verisign of misuse of their registry position with their Site Finder
service. Let's hope they win this lawsuit too!
https://www.godaddy.com/gdshop/pressreleases/NR-GoDaddysuesVerisign9-22.pdf?isc=&se=%2B&from%5Fapp=
On Mon, 22 Sep 2003, David G. Andersen wrote:
With load balancing, traffic can get routed down a non-functional
path while routing takes place over the other one - BBN did that
to us once, was very entertaining).
Ah yes, I'll always have a special place in my heart for those
Localdirectors
DGA> Date: Mon, 22 Sep 2003 18:32:19 -0400
DGA> From: David G. Andersen
DGA> The whole problem with only listing two anycast servers is that
DGA> you leave yourself vulnerable to other kinds of faults. Your
DGA> upstream ISP fat-fingers "ip route 64.94.110.11 null0" and
DGA> accidentally blitze
On Mon, 22 Sep 2003, David G. Andersen wrote:
> > Yes, I hope that UltraDNS implements something like this, if they have not
> > already. It's still not a guarantee that things will get withdrawn -- or be
> > reachable, even if working but not withdrawn -- in case of a problem. That
> > still l
On Thu, Sep 18, 2003 at 02:38:18PM -0400, Todd Vierling quacked:
>
> On Thu, 18 Sep 2003, E.B. Dreger wrote:
>
> : EBD> That's why one uses a daemon with main loop including
> : EBD> something like:
> : EBD>
> : EBD>success = 1 ;
> : EBD>for ( i = checklist ; i->callback != NULL
this from the ARIN-PPL mailing list... it deserves broad consideration,
even from NANOG :)
---
[EMAIL PROTECTED] writes:
Since ARIN has been sending new proposals today, they seem to have
forgotten the most important one of all, th
Worth noting is the follow-up report:
http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html
and the response from Russell Lewis:
http://www.icann.org/correspondence/lewis-to-twomey-21sep03.htm
Mr. Lewis' response is interesting only if you believe VeriSign has the
community's interest
If someone on this list is from ATTBI/Comcast, could you please contact me
offline regarding a chronic issue present since about March/April?
I've had multiple tickets open and spoke with 2 "supervisors", and no one
will address/take responsibility of the problem.
Thanks,
Tony
On Mon, 22 Sep 2003, Stephane Bortzmeyer wrote:
>
> On Mon, Sep 22, 2003 at 12:23:35AM -0500,
> Justin Shore <[EMAIL PROTECTED]> wrote
> a message of 20 lines which said:
>
> > > What software is available/recommended for NOC contact
> > > management?
> >
> > I've used Nagios (formerly NetS
Matt Larson wrote:
In response to this feedback, we have deployed an alternate SMTP
implementation using Postfix that should address many of the concerns
we've heard. Like snubby, this server rejects any mail sent to it (by
returning 550 in response to any number of RCPT TO commands).
Matt,
The
--On Monday, September 22, 2003 12:41 PM +0100 Richard Cox
<[EMAIL PROTECTED]> wrote:
On 22 Sep 2003 10:45 "Stephen J. Wilcox" <[EMAIL PROTECTED]> wrote:
| What if MS included something in the Windows Update that gave the user
| the option of calling a toll-free number operated by MS for the pu
Realise that this would require MS to take responsibility for putting out
bad code. That's quite unlikely, IMO.
Hmm no, they dont have to take that approach, they currently provide
updates as part of their license agreement to users, this would just be
an enhancement of their existing facility o
Ok then different idea, assuming that we're all agreed its MS's
responsibility to ensure users are patched promptly and without extra
cost to the end user.
The problem is that while we agree, Micr0$0ft does not. They feel they
should
have no "responsibility" whatsoever to the end user beyond ch
The webpage was very 'thrown together' so we could get to work on actually
getting the servers built.
Our policy is to provide clean versions of the COM and NET zones. Minus all
of VeriSign's hackery. If you register a .com domain, it will appear in our
zone, if you don't renew one, it disappear
Andy Walden wrote:
I'm not necessarily making a statement one way or the other on port 25
filtering, but SMTP Auth, when properly configured and protected against
brute force attacks is certainly a useful thing. YMMV of course.
Keyloggers are popular in the same viruses that install open proxies.
On Mon, 22 Sep 2003 10:45:13 -, "Stephen J. Wilcox" said:
> Ok then different idea, assuming that we're all agreed its MS's responsibility
> to ensure users are patched promptly and without extra cost to the end user.
You agree. I agree. Microsoft doesn't agree, and based on the fact that t
Thus spake Stephane Bortzmeyer ([EMAIL PROTECTED]) [22/09/03 08:26]:
> > > What software is available/recommended for NOC contact
> > > management?
> >
> > I've used Nagios (formerly NetSaint) in the past and have been very
> > impressed with it.
>
> I used Nagios and I fail to see what's the c
Thank you to all who replied. I still need some more help, if you know
anyone please have them email me directly.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Douglas S. Peeples
Sent: Monday, September 15, 2003 11:55 AM
To: [EMAIL PROTECTED]
Subject:
Microsoft already does this, it is their TechNet program. They include all service packs and updates. Unfortunately, they charge a whopping pile for the service, beyond the reach of most home/dial users.
Jerry
---Original Message---
From: Stephen J. Wilcox
Date: Monday, Septe
On Mon, 22 Sep 2003, Niels Bakker wrote:
> Root server operators aren't the droids you're looking for. The net and
> com TLDs are just that - TLDs, not the root zone; they're in the root
> zone because they're TLDs but authority has been delegated away from the
> root server operators.
Yes, I th
On Mon, Sep 22, 2003 at 12:23:35AM -0500,
Justin Shore <[EMAIL PROTECTED]> wrote
a message of 20 lines which said:
> > What software is available/recommended for NOC contact
> > management?
>
> I've used Nagios (formerly NetSaint) in the past and have been very
> impressed with it.
I used N
Messages I send from an email address which is not subscribed to
nanog-post are apparently silently dropped. I do not receive a bounce
(like it is typically the case when a list is closed) but, according
to the archives, they are not distributed either (which may be good
for the S/N ratio but I di
I have been using Lancope for alomost two years. They
have developed a very effective complementary approach
to the signature based systems I have been evaluating
(SNORT, ISS, SOURCEFIRE, CISCO) using.
The latest software release has also provided a number
of key enhancements that allow the tool
On 22 Sep 2003 10:45 "Stephen J. Wilcox" <[EMAIL PROTECTED]> wrote:
| What if MS included something in the Windows Update that gave the user
| the option of calling a toll-free number operated by MS for the purpose
| of downloading.. ?
Toll free - in many cases international - with 56k lines max
On Mon, 22 Sep 2003, Roy Bentley wrote:
> Stephen J. Wilcox said:
> > On Sun, 21 Sep 2003 [EMAIL PROTECTED] wrote:
> >> On Sun, 21 Sep 2003 18:25:50 EDT, Sean Donelan <[EMAIL PROTECTED]> said:
> >>
> >> > "I recently put this suggestion to Microsoft and their response basically
> >> > avoided the
* [EMAIL PROTECTED] (Curt Akin) [Mon 22 Sep 2003, 01:04 CEST]:
> FWIW:
>
> To: The Department of Homeland Security
> Sent (via dhs.gov site form)
> Dated: 21 Sep 2003 14:24:37 -
[..]
>
> DHS would be well advised to consider the potential threat that
> Internet unpredictability has on this c
Stephen J. Wilcox said:
>
> On Sun, 21 Sep 2003 [EMAIL PROTECTED] wrote:
>
>> On Sun, 21 Sep 2003 18:25:50 EDT, Sean Donelan <[EMAIL PROTECTED]> said:
>>
>> > "I recently put this suggestion to Microsoft and their response
>> basically
>> > avoided the whole issue. Why wouldn't the company want t
On Monday 22 September 2003 11:13, John Obi wrote:
> Nanogers,
>
> Did you ever tested Riverhead or Lancope? I know
> rackspace uses one or both of them.
>
> Are they good products and worth the try?
We use Riverhead at IIUCC/ILAN (AS378) to protect the .il root name servers,
it is active for a
I agree
In addition I'm not convinced that operated of each GTLD cannot be carried out
by more than one organisation. The only requirement is to ensure the uniqueness
of the data, there are multiple ways of achieving this without havnig to elect
some one as the master..
Steve
On Sun, 21 Se
On Sun, 21 Sep 2003 [EMAIL PROTECTED] wrote:
> On Sun, 21 Sep 2003 18:25:50 EDT, Sean Donelan <[EMAIL PROTECTED]> said:
>
> > "I recently put this suggestion to Microsoft and their response basically
> > avoided the whole issue. Why wouldn't the company want to offer such a CD,
> > assuming tha
On Sun, 21 Sep 2003, Sean Donelan wrote:
> "It occurred to me that one way to make things easier for dial-up users,
> and even broadband users in many cases, would be to issue periodic update
> CDs. Imagine a disc with all of the updates on it and a program, it could
> even be written in Windows
On Mon, 22 Sep 2003 10:42:51 +0100 [EMAIL PROTECTED] wrote:
| Meanwhile, I would have diverted a copy of the mailserver
| communications at the Ethernet switch to a secret server that
| does the actual logging of addresses and messages.
|
| Son of Carnivore?
Son? or Brother?
See: http://lists.
>> Wrong protocol. There should be *NO* SMTP transactions for
>> non-extistant domains.
>After being bit by this over the weekend I would have to agree, due to
>a screwup at netSOL a companies domain I manage was resolving to their
>sitefinder service, and all mail just went *poof*.
At anytim
>before we deployed root-delegation-only here, i was also annoyed that my
>e-mail tool could not tell me about misspelled domain names at "send"
time
>and i had to wait for the wildcard mail servers to bounce the traffic.
In other words, Verisign is actually increasing the amount of misspelled
Nanogers,
Did you ever tested Riverhead or Lancope? I know
rackspace uses one or both of them.
Are they good products and worth the try?
Can they really decrease the the DDoS damage?
Are they better than CISCO products?
Are there any tips?
Thanks,
-J
__
Do y
> DNS piracy is DNS piracy
if Verisign gets away with it others will have a go too
brandon
56 matches
Mail list logo