Re: Schneier: ISPs should bear security burden

On Thu, Apr 28, 2005 at 02:16:36AM -0400, Steven J. Sobol wrote: > Any IP that a provider allows servers on should have > distinctive, non-dynamic-looking DNS (and preferably be in a separate > netblock from the dynamically-assigned IPs). What the hell is a "non-dynamic-looking DNS"? Sure,

Re: Schneier: ISPs should bear security burden

Ah, but *you* wouldn't get blocked. You maintain your own rDNS and presumably have enough clue to not make the rDNS look like a pool of dynamic residential IPs that aren't terribly important. To wit: Um, that's not what I thought this discussion was about. I thought this discussion was about ISPs

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Owen DeLong wrote: > > > > What's rDNS for the ip address(es) assigned to you? > > > I don't know about him, but, on my ADSL connection, it is controlled > by my nameservers: > > ;; ANSWER SECTION: > 10.159.192.in-addr.arpa. 86400 IN NS ns.rop.edu. > 10.159.192.in

Re: Schneier: ISPs should bear security burden

What's rDNS for the ip address(es) assigned to you? I don't know about him, but, on my ADSL connection, it is controlled by my nameservers: ;; ANSWER SECTION: 10.159.192.in-addr.arpa. 86400 IN NS ns.rop.edu. 10.159.192.in-addr.arpa. 86400 IN NS ns.delong.sj.ca.us. I'm not hig

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

On 4/28/05, Scott Weeks <[EMAIL PROTECTED]> wrote: > Probably, I'll have to research through the ITU site to find out this > information, but surely these arguments have been presented to the ITU > while they're making their choice of how to proceed with IP address > allocation. Does anyone have

Re: Schneier: ISPs should bear security burden

Bill Stewart wrote: You could solve 90% of the problems that you perceive are being caused by unrestricted cable modem users by using blocklists to ignore traffic from them. Which would be great if cable/DSL providers offered some insight into which of their netblocks should be blocked and which s

Re: The "not long discussion" thread....

On Wed, 27 Apr 2005, Jerry Pasker wrote: > > Christopher L. Morrow allegedly wrote: > > >This, it seems, was an unfortunate side effect (as I pointed out earlier) > >of legacy software and legacy config... if I had to guess. > > You guess wrong. See the above. And don't pass judgement. (am I >

Re: Detecting VoIP traffic in ISP network

No, it's not for legislation. In fact, we're planning to collect information on how people use internet as Voice carrier and the Voice communication quality they got. By this way, it could be evaluated that what's the possible best way of resource provisioning & how NGN voice traffic should be c

Re: Schneier: ISPs should bear security burden

On 4/27/05, Owen DeLong <[EMAIL PROTECTED]> wrote: > I was referring to the article which contained the schneier quote, not > schneier. The article was written by someone at least pretending to be > a journalist, and, was put out as news, not editorial or advertising. > > As such, it should be h

Re: Schneier: ISPs should bear security burden

Steve Sobol wrote: > And I'd argue that Owen's attitude is appropriate for transit and > business-class connections[0] - but if you're talking about a consumer ISP, > that's different. If the Big Four[1] US cable companies followed AOL's lead, > we'd see a huge drop in malware incidents and zombie

Re: Schneier: ISPs should bear security burden

--On Wednesday, April 27, 2005 5:09 PM -0400 James Baldwin <[EMAIL PROTECTED]> wrote: > On 27 Apr 2005, at 06:07, Owen DeLong wrote: > >> ISPs transport packets. That's what they do. That's what most >> consumers >> pay them to do. I haven't actually seen a lot of consumers asking for >> pr

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

> I was just wondering why they'd chose to do it the "national > allocation" way when good arguments are presented that it'd only > disrupt things. because that is what they know from the telco numbering plan. and it lets them play the "this should be run by governments plan, the folk from whom

Re: Schneier: ISPs should bear security burden

On 27 Apr 2005, at 06:07, Owen DeLong wrote: ISPs transport packets. That's what they do. That's what most consumers pay them to do. I haven't actually seen a lot of consumers asking for protected internet. I've seen lots of marketing hype pushing it, but, very little actual consumer demand.

Re: Internet2

* Dan Hollis: > And there are so many IWF that applying enough cluebats to clear the path > for ECN is going to take enormous effort. ECN favors non-conformant endpoints. Therefore, it won't help you in the long run if the congestion is on a path which is shared by multiple customers. Popular

Re: Schneier: ISPs should bear security burden

That's a good question. - ferg -- Petri Helenius <[EMAIL PROTECTED]> wrote: >What I'm saying is that too many providers do nothing, >regardless of whether it is a managed (read: paid) service, >or not. > So why don't the market economy work and solve the problem? Because there is no "tax" on

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

On Wed, Apr 27, 2005 at 10:41:07AM -1000, Scott Weeks wrote: > > On Wed, 27 Apr 2005, Randy Bush wrote: > > : > Probably, I'll have to research through the ITU site to find out this > : > information, but surely these arguments have been presented to the ITU > : > while they're making their choi

Re: Schneier: ISPs should bear security burden

Fergie (Paul Ferguson) wrote: Of course there are. What I'm saying is that too many providers do nothing, regardless of whether it is a managed (read: paid) service, or not. So why don't the market economy work and solve the problem? Because there is no "tax" on pollution? Pete - ferg -- Petri

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

On Wed, 27 Apr 2005, Randy Bush wrote: : > Probably, I'll have to research through the ITU site to find out this : > information, but surely these arguments have been presented to the ITU : > while they're making their choice of how to proceed with IP address : > allocation. : : and arguments w

Re: Schneier: ISPs should bear security burden

Daniel Roesen wrote: I hope to find the time to do some capturing and analysis of this traffic. If anyone here has experience with that I'd be happy to hear from them... don't want to waste time doing something others already did... :-) Sure, what would you like to know? Pete

Re: Schneier: ISPs should bear security burden

> The only thing I've seen in the past 20 years which has made any positive > impact on overall internet reliability is BGP dampening. In all other > cases its gotten worse as networks are ground to dust by daily DDOS > attacks. You can read daily about sites xyz or networks xyz being > unreacha

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

In a message written on Wed, Apr 20, 2005 at 07:41:52AM +0530, Suresh Ramasubramanian wrote: > http://www.circleid.com/article/1045_0_1_0_C/ > > That's a must read article, I'd say. If you're interested in these issues I strongly encourage you to read and be involved in your local RIR and/or the

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Owen DeLong wrote: > From that perspective, in my experience, things are better today than they > ever have been. The only thing I've seen in the past 20 years which has made any positive impact on overall internet reliability is BGP dampening. In all other cases its gotten

Re: Internet2

On Wed, 27 Apr 2005, Randy Bush wrote: > to source is still the big gap. imiho, from the ops perspective, > only sally's ecn has made any useful approach. sadly, we may be > able to judge the actual demand for e2e qos by ecn's very slow > deployment. i think this is unfortunate, as ecn is prett

Re: Schneier: ISPs should bear security burden

Is VoIP? Of course not. But, it does brings the dicussion full circle - ferg -- "Steven M. Bellovin" <[EMAIL PROTECTED]> wrote: Is, for example, p2p "abuse"? After all, it uses up bandwidth. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED]

Re: Schneier: ISPs should bear security burden

At Wed Apr 27 15:04:46 2005, Steve Sobol wrote: [1] Soon to be Big Three, but currently Comcast, Time Warner, Charter, and Adelphia. --- Adelphia is #5, you forgot Cox (#3). -MH W. Mark Herrick, Jr. Director - Data and Network Security - Adelphia Communications 5619 DTC Parkway, Greenwood Village

Re: clarity

> > I think the problem isn't with dirty water arriving from the water > company, it's the fact that so many end users are allowing raw sewage to > be poured into /other people's water/, and some ISPs don't feel > compelled to do anything to save other ISPs from their users' > pollutants. > I agr

Re: Schneier: ISPs should bear security burden

--On Wednesday, April 27, 2005 11:08 AM -0700 Dan Hollis <[EMAIL PROTECTED]> wrote: > On Wed, 27 Apr 2005, Owen DeLong wrote: >> Strangely, for all the FUD in the above paragraph, I'm just not buying >> it. The internet, as near as I can tell, is functioning today at least >> as well as it ever

Re: Schneier: ISPs should bear security burden

On Wed, 2005-04-27 at 13:39 -0400, Steven M. Bellovin wrote: > At a recent forum at Fordham Law School, Susan Crawford -- an attorney, > not a network operator -- expressed it very well: "if we make ISPs into > police, we're all in the ghetto". > > Bruce is a smart guy, and a good friend of min

Re: Schneier: ISPs should bear security burden

In message <[EMAIL PROTECTED]>, "Steve Sobol" writes: > > >And I'd argue that Owen's attitude is appropriate for transit and >business-class connections[0] - but if you're talking about a consumer ISP, >that's different. If the Big Four[1] US cable companies followed AOL's lead, >we'd see a huge

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

> Probably, I'll have to research through the ITU site to find out this > information, but surely these arguments have been presented to the ITU > while they're making their choice of how to proceed with IP address > allocation. and arguments were presented to bolton that his cuban/syrian/... age

Re: Schneier: ISPs should bear security burden

> We know that almost all users are too stupid to know what they really > need or how to get it, and that they need to be protected from their own > stupidity -- as well as protecting the rest of the world from their > stupidity. Not only do I not know this, I find it to be patently false.

Re: Schneier: ISPs should bear security burden

I have no problem with disconnecting known abusers. However, there's lots of other actions implied in the "ISP responsibility" described that are things like filtering port 25, blocking NetBIOS, etc. Some ISPs do this. I'm all for having an AUP and/or TOS that allows you to disconnect abusers. W

Re: Paul Wilson and Geoff Huston of APNIC on IP address allocation ITU v/s ICANN etc

On Tue, 26 Apr 2005, Suresh Ramasubramanian wrote: : : On 4/20/05, Suresh Ramasubramanian <[EMAIL PROTECTED]> wrote: : > http://www.circleid.com/article/1045_0_1_0_C/ : > : > That's a must read article, I'd say. : : Followup article by Paul Wilson - : http://www.circleid.com/article.php?id=1049

Re: Schneier: ISPs should bear security burden

Thank you, Steve, for a very articulate & rational post. :-) - ferg -- "Steve Sobol" <[EMAIL PROTECTED]> wrote: [snip] Anyone who thinks AOL is doing this out of the goodness of their hearts, please speak up now... [FX: sound of crickets chirping] Yup. That's what I thought. Not having to

Re: Schneier: ISPs should bear security burden

Of course there are. What I'm saying is that too many providers do nothing, regardless of whether it is a managed (read: paid) service, or not. - ferg -- Petri Helenius <[EMAIL PROTECTED]> wrote: >We owe to our customers, and we owe it to ourselves, so let's >just stop finding excise to side

Re: Schneier: ISPs should bear security burden

At 01:39 PM 4/27/2005, you wrote: In message <[EMAIL PROTECTED]>, "Fergie (Paul Ferguson)" writes: > > >I've been there -- I know how I feel about it -- but I'd love >to know how ISP operations folk feel about this. > >Links here: >http://www.vnunet.com/news/1162720 > At a recent forum at Fordha

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Petri Helenius wrote: We owe to our customers, and we owe it to ourselves, so let's just stop finding excise to side-step the issue. So are you saying that managed security services are not avaialble for paying consumers in USA? I think the debate is if default should be mana

Re: Schneier: ISPs should bear security burden

Owen DeLong <[EMAIL PROTECTED]> wrote: > Why do ISPs owe this to their customers. They don't. (I would argue that they owe it to the rest of the Internet, but that argument is tangential to this discussion.) However, I'd like to add an additional data point: Those of us in .us have undoubtedl

Re: Schneier: ISPs should bear security burden

Fergie (Paul Ferguson) wrote: We owe to our customers, and we owe it to ourselves, so let's just stop finding excise to side-step the issue. So are you saying that managed security services are not avaialble for paying consumers in USA? Pete

Re: PAIX Outages

> I have heard rumors that S&D has been having persistent switch > problems with their switches at PAIX (Palo Alto), and I was kind of > wondering if anyone actually cared? well, they've sure been having fun up at the six in seattle randy

Re: Schneier: ISPs should bear security burden

On Wed, Apr 27, 2005 at 11:08:42AM -0700, Dan Hollis wrote: > Malicious packets now account for a significant percentage of all ip > traffic. As a data point: An unused, never before used or even just announced /21 currently draws an average of 112pps und 70kbit/s, translating to about 1GB (1 Gi

Re: Detecting VoIP traffic in ISP network

You sure about that? ;-) http://fergdawg.blogspot.com/2005/04/57-evil-43-good.html - ferg -- Petri Helenius <[EMAIL PROTECTED]> wrote: Suresh Ramasubramanian wrote: >Local telco concerned about voip eating into their revenues, and wants >to push through legislation or something? :) > Or so

Re: Internet2

> Steve Casner's paper, which you cited, and Sue Moon's paper at > http://an.kaist.ac.kr/~sbmoon/paper/infocom2004.pdf, both report very > limited variation in delay within the ISP network. Sue's paper goes on > to describe points of variation on the order of ten and 100 ms in some > detail as

Re: Detecting VoIP traffic in ISP network

Suresh Ramasubramanian wrote: >Local telco concerned about voip eating into their revenues, and wants >to push through legislation or something? :) > > > Or somebody who would like to provision adequate bandwidth to accommodate for services on the rise? Not everybody is installed with the evil

Re: clarity

on Wed, Apr 27, 2005 at 03:19:04AM -0700, Owen DeLong wrote: > Yes, most water transit companies are also the water supply company, but, > in my analogy, and, in some areas, as a matter of fact, they are not the > same. The chemical tampering of which you speak is done by the water > supply compa

cox communications contact please?

Hello, Anyone from Cox Communications reading this list? If so, please contact me off-list regarding a routing issue on your network. Thank you!

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Owen DeLong wrote: > Strangely, for all the FUD in the above paragraph, I'm just not buying it. > The internet, as near as I can tell, is functioning today at least as well > as it ever has in my 20+ years of experience working with it. You must not have used it much in those

Re: Port 25 - Blacklash

On 4/27/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > Of course, the same ISPs that will use the ID in the email headers are, > by and large, the same ones that already know how to match the IP in the > headers to their radius/tacacs/etc logs > With a great deal less effort. When you

Re: Schneier: ISPs should bear security burden

In message <[EMAIL PROTECTED]>, "Fergie (Paul Ferguson)" writes: > > >I've been there -- I know how I feel about it -- but I'd love >to know how ISP operations folk feel about this. > >Links here: >http://www.vnunet.com/news/1162720 > At a recent forum at Fordham Law School, Susan Crawford -- an

Re: Port 25 - Blacklash

On Wed, 27 Apr 2005 14:31:42 +0530, Suresh Ramasubramanian said: > But with smtp auth, the infected user is stamped in the email headers, > and all over my MTA logs, when a bot that hijacks his PC starts > spamming. Of course, the same ISPs that will use the ID in the email headers are, by and la

Re: Schneier: ISPs should bear security burden

And Big Pond is my hero. :-) http://www.zdnet.com.au/news/communications/0,261791,39188135,00.htm I'm not sure I'd break my arm trying to pat them on the back yet. They have a ways to go in SMTP filtering their users so that when they are infected with trojans, they aren't abused to send spa

Re: Port 25 - Blacklash

On Tue, Apr 26, 2005 at 05:50:11PM -0400, Daniel Golding wrote: > > > Do all of Comcast's markets block port 25? Not yet.

Re: Another panix.com scenario? Hushmail this time

Not quite the same thing, it looks as though they just changed the DNS records and didn't change the actual ownership of the domain. It also seems to have been resolved quite quickly. I wonder how much of this is due to increased awareness following the panix.com issue, and how much is due to t

Another panix.com scenario? Hushmail this time

"Surfers trying to visit the web site of popular secure email service Hushmail were redirected to a false site early Sunday following a hacking attack. Hush Communications said hackers changed Hushmail's DNS records after "compromi

Re: Port 25 - Blacklash

Suresh Ramasubramanian wrote: On 4/27/05, Joel Jaeggli <[EMAIL PROTECTED]> wrote: In any event the malware is already ahead of port 25 blocking and is leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/ Really smtp-auth will solve it? or do most windows mua's cache your password?

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Brad Knowles wrote: > At 8:13 AM -0400 2005-04-27, Greg Boehnlein wrote: > > > As for security, intelligent ISPs will be monitoring their network and > > will have sensors in place to alert them to abnormal traffic (NetFlow, > > Snort, SNMP Traps, Log watchers) patterns a

PAIX Outages

I have heard rumors that S&D has been having persistent switch problems with their switches at PAIX (Palo Alto), and I was kind of wondering if anyone actually cared?

Re: Schneier: ISPs should bear security burden

Finally -- an analogy I can relate to. ;-) As an aside, perhaps if we worked on making the Internet "safer", as opposed to strictly "safe", we might make some progress. You know -- baby steps. And Big Pond is my hero. :-) http://www.zdnet.com.au/news/communications/0,261791,39188135,00.htm

Re: Schneier: ISPs should bear security burden

clean it up from pollutants [spam, ddos], add antibacterial [antivirus] agents, ;) My hotel confirmation for NANOG 34 was marked as spam. Thankfully, the ISP let it through anyway. It would be nice if the ISPs protected me from bad stuff on the Internet - but why are they to be held to a high

Re: Schneier: ISPs should bear security burden

None -- when you disconnect [correct, block, whatever] abusive end-systems in your administrative domain. Act locally, think globally. In fact, an ISP in AUS just did this last week... - ferg Owen DeLong <[EMAIL PROTECTED]> wrote: How much functionality are we going to destroy before we real

Re: Schneier: ISPs should bear security burden

Speaking on Deep Background, the Press Secretary whispered: > > > Schneier has a profound interest in the ISPs being forced to buy his > (or his competitors) security gear to fulfill the customers' dreams > of a "clean Internet connection". Pretty biased, if you don't mind. Err... What gear?

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Fergie (Paul Ferguson) wrote: > Oh, please. > > If you think that the Internet should remain an "every man > for himself", wild wild west, Ok Corral, situation (not my > words, mind you), then you better get with the powers that > will steam-roll all of us if we let it -- m

Re: Schneier: ISPs should bear security burden

I understand that, but opinions being what they are, everyone is certainly entitled to have one of their own. Placing value on those opinions is an exercise left to the reader. And not everyone's opinions are constructed to to simply allow financial benefit -- somethimes it is just a simple obs

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Fergie (Paul Ferguson) wrote: > I've been there -- I know how I feel about it -- but I'd love > to know how ISP operations folk feel about this. Of course Bruce Schneider is going to allocate ISP's handling security so he can sell them more of his crappy Counterpane produc

Re: clarity

--On Wednesday, April 27, 2005 3:50 -0700 "william(at)elan.net" <[EMAIL PROTECTED]> wrote: On Wed, 27 Apr 2005, Owen DeLong wrote: Yes, most water transit companies are also the water supply company, Water supply comes from rivers, lakes, etc. While water company take water from those sources, t

Re: clarity

On Wed, 27 Apr 2005, Owen DeLong wrote: Yes, most water transit companies are also the water supply company, Water supply comes from rivers, lakes, etc. While water company take water from those sources, they do not produce it and just take what they can get, clean it up and then deliver around

Re: Schneier: ISPs should bear security burden

Thing is, protecting them from themselves and their own stupidity is also the thing that most everyone else needs, too. Do you really want an internet where everything has to run over ports 80 and 443 because those are all that's left that ISPs don't filter? They should be filtered, t

bearing burdens

faster than ADSL and removes the telco for last-mile considerations. http://www.notes.co.il/benbasat/10991.asp --bill

Re: Schneier: ISPs should bear security burden

> I'm not advocating a wild west every man for himself, but, I think that > solving end-node oriented problems at the transport layer is equally > absurd. That's not what was being suggested. The article suggested that ISPs, the providers of the transport layer service, should consider branching

Re: clarity

Missing here is a critical part of the analogy - if it's to apply to the internet, we have to assume that the contaminants we are speaking of are put back INTO the system from the end user, just just delivered in one direction. Rare, I would assume, is the ability of a water end user to put b

Re: clarity

--On Wednesday, April 27, 2005 7:39 + [EMAIL PROTECTED] wrote: On Wed, Apr 27, 2005 at 12:13:16AM -0700, Dragos Ruiu wrote: On April 26, 2005 11:36 pm, [EMAIL PROTECTED] wrote: > On Tue, Apr 26, 2005 at 10:38:00PM -0700, Owen DeLong wrote: > > I think it's absurd. I expect my water delivery

Re: Schneier: ISPs should bear security burden

On 4/27/05, Stephen J. Wilcox <[EMAIL PROTECTED]> wrote: > > i do think we have an obligation to try to keep the net clean to a certain > degree, think anti-ddos wg's etc but providing full security for all users is > unrealistic. there seems to be some moves to offering partial security and > t

Re: Schneier: ISPs should bear security burden

--On Wednesday, April 27, 2005 6:36 + [EMAIL PROTECTED] wrote: On Tue, Apr 26, 2005 at 10:38:00PM -0700, Owen DeLong wrote: I think it's absurd. I expect my water delivery company not to add polutants in transit. I expect my water production company to provide clean water. er.. bad ana

Re: Schneier: ISPs should bear security burden

I was referring to the article which contained the schneier quote, not schneier. The article was written by someone at least pretending to be a journalist, and, was put out as news, not editorial or advertising. As such, it should be held to the standard that should apply to news. Instead, it was

Re: Schneier: ISPs should bear security burden

Sound about right? No, not at all. I'm not advocating a wild west every man for himself, but, I think that solving end-node oriented problems at the transport layer is equally absurd. It's like expecting to be able to throw crude oil into a tanker at one end and demanding that the trucker deliver g

Re: Schneier: ISPs should bear security burden

On Tue, 26 Apr 2005, Jerry Pasker wrote: > >I've been there -- I know how I feel about it -- but I'd love to know how ISP > >operations folk feel about this. > > It means 10 different things to 10 different people. The article was yep, and the danger is you agree with the article and some pol

Re: Detecting VoIP traffic in ISP network

Local telco concerned about voip eating into their revenues, and wants to push through legislation or something? :) On 4/27/05, Joe Shen <[EMAIL PROTECTED]> wrote: > > we want to collect statistics in our backbone > networks. > > Is there any good method to this? is there any product > for this

Re: Port 25 - Blacklash

On 4/27/05, Joel Jaeggli <[EMAIL PROTECTED]> wrote: > > In any event the malware is already ahead of port 25 blocking and is > > leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/ > > Really smtp-auth will solve it? or do most windows mua's cache your > password? They sure do

Re: The "not long discussion" thread....

Steve Sobol allegedly replied to my reply with: What were the router ACLs doing that the DNS server ACLs weren't/couldn't? The ACLs were doing it for the entire server network. Since I prefer my job as a router-rat over everything else I do, I find it easiest to use the biggest hammer available

Re: Port 25 - Blacklash

On Tue, 26 Apr 2005, Daniel Golding wrote: Do all of Comcast's markets block port 25? Is there a correlation between spam volume and the ones that do (or don't)? In any event the malware is already ahead of port 25 blocking and is leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pai

Re: Port 25 - Blacklash

Hmm, the onses who block everything and cut wires off send 0 spam. So what? - Original Message - From: "Daniel Golding" <[EMAIL PROTECTED]> To: "Hank Nussbacher" <[EMAIL PROTECTED]>; "Adam Jacob Muller" <[EMAIL PROTECTED]> Cc: "Nanog Mailing list" Sent: Tuesday, April 26, 2005 2:50 PM S

Re: FCC Chief Wants 911 Service for Internet Phones

> > > Prepare for the inevitable. > > - ferg > The inevitable: Cellular Phone emergency call handling in Germany Well its 110 not 911, but tabernak its just the same nonsense. Aerea "Deathvalley" between Heppenheim (Hessen) and Laudenbach (Baden-Wuertemberg). The two towns are some 5 KM, l

Re: Schneier: ISPs should bear security burden

[EMAIL PROTECTED] (william(at)elan.net) wrote: > >According to my sister (who works in that area as a regional water > >expert), tap-water is held to higher standards than bottled water. > >In Canada at least... ymmv. > > Yeah, gotta to clean it up from pollutants [spam, ddos], add antibacterial

Re: Schneier: ISPs should bear security burden

Ferg, you asked for it. > I've been there -- I know how I feel about it -- but I'd love > to know how ISP operations folk feel about this. > > Links here: > http://www.vnunet.com/news/1162720 Schneier has a profound interest in the ISPs being forced to buy his (or his competitors) security gea

Re: Internet2

On 4/26/05, Adam McKenna <[EMAIL PROTECTED]> wrote: > > On Tue, Apr 26, 2005 at 11:18:08PM +0200, Mikael Abrahamsson wrote: > > > > On Tue, 26 Apr 2005, Vicky Rode wrote: > > > > >Basically I meant to say not congested as the current Internet is. > > > > If your ISP has congested links you should

Re: Sheet could shelter Wi-Fi from eavesdroppers

Assuming your walls, roofs and floors have the same level of protection, and you need windows then this product is a good fit. Certain British institutions I have been involved with in the past don't bother with windows and the walls are faraday cages (internal ones as well!). -- Martin Hepwor

Re: Schneier: ISPs should bear security burden

On Wed, 27 Apr 2005, Dragos Ruiu wrote: an independent lab for analysis... and find out just what the water company is putting into your water. Actually that _is_ a bad analogy. According to my sister (who works in that area as a regional water expert), tap-water is held to higher

clarity

On Wed, Apr 27, 2005 at 12:13:16AM -0700, Dragos Ruiu wrote: > On April 26, 2005 11:36 pm, [EMAIL PROTECTED] wrote: > > On Tue, Apr 26, 2005 at 10:38:00PM -0700, Owen DeLong wrote: > > > I think it's absurd. I expect my water delivery company not to add > > > polutants in transit. I expect my wa

Re: using TCP53 for DNS

On Tue, Apr 26, 2005 at 03:04:25PM -0400, Patrick W. Gilmore <[EMAIL PROTECTED]> wrote a message of 46 lines which said: > I am interested in how many name servers - caching or authoritative > - are filtering incoming and/or outgoing TCP port 53. For authoritative name servers of TLD, you can

Re: using TCP53 for DNS

On Tue, Apr 26, 2005 at 07:01:47PM +, Christopher L. Morrow <[EMAIL PROTECTED]> wrote a message of 29 lines which said: > Even after I imagine that folks left the filters in place either > 'because' or 'I don't run router acls' or 'laziness' [Warning, operational content.] Remember t

Re: using TCP53 for DNS

On Tue, Apr 26, 2005 at 12:39:09PM -0400, Patrick W. Gilmore <[EMAIL PROTECTED]> wrote a message of 22 lines which said: > From the thread (certainly not a scientific sampling), many people > seem to be filtering port 53 TCP to their name servers. Again, a non-scientific sampling but AFNIC ("

Re: Schneier: ISPs should bear security burden

On April 26, 2005 11:36 pm, [EMAIL PROTECTED] wrote: > On Tue, Apr 26, 2005 at 10:38:00PM -0700, Owen DeLong wrote: > > I think it's absurd. I expect my water delivery company not to add > > polutants in transit. I expect my water production company to provide > > clean water. > > er.. b

Detecting VoIP traffic in ISP network

Hi, we want to collect statistics in our backbone networks. Is there any good method to this? is there any product for this ? Joe _ Do You Yahoo!? 嫌邮箱太小？雅虎电邮自助扩容！ http://cn.rd.yahoo.com/mail_cn/tag/10m/*http://cn.mail.yahoo.com/event/10

Re: Internet2

> Maybe you should checkout some performance measurement numbers/papers > from ACM (www.acm.org) which should help answer some of your questions. having been an acm member since '67, i am aware of the volume published. give me a specific cite, please. > http://www.slac.stanford.edu/comp/net/wan-