Hi.
In the next day or so some of us will cooperate to bring to the
attention of all effected AS's information about infected users in their
net-space.
That would be affected.
This will be coordinated with several groups and organizations. Please
expect these emails, thanks.
In
On Mon, Jan 23, 2006 at 01:48:19PM -0800,
william(at)elan.net [EMAIL PROTECTED] wrote
a message of 18 lines which said:
Maybe I'm ignorant, but isn't there [cc]tld operations mail list
somewhere?
There is no worldwide TLD (or even ccTLD) operations list (I would be
on it). There are
Gadi Evron wrote:
Hi.
In the next day or so some of us will cooperate to bring to the
attention of all effected AS's information about infected users in their
net-space.
This will be coordinated with several groups and organizations. Please
expect these emails, thanks.
Small update:
It
Can be found:
http://www.bleedingsnort.com/cgi-bin/viewcvs.cgi/sigs/VIRUS/WORM_Nyxem?rev=1.5only_with_tag=HEADview=markup
Thanks,
Gadi.
Hi,
I got a CCM1650 Avocent terminal server, if i use windows to login to
their console, upon hitting enter, the password prompt is bypassed
because another enter is also hit, so i get a wrong password everytime.
But if i do the same from a linux machine, that doesnt happen and i get
to log in
On Wednesday 25 January 2006 08:05, Kim Onnel wrote:
Hi,
I got a CCM1650 Avocent terminal server, if i use windows to login to their
console, upon hitting enter, the password prompt is bypassed because
another enter is also hit, so i get a wrong password everytime.
But if i do the same
In message [EMAIL PROTECTED], Matt Buford writes:
Actually, TCP handles out of order packets rather well as long as the
reordering isn't too severe. You see a bunch of SACKs flying around, but as
long as it doesn't get too out of hand it doesn't affect throughput.
Actually, it isn't that
Robert E Seastrom writes:
Yes and no. CEF is {src, dst} hash IIRC, and per-flow usually
means {src, srcport, dst, dstport, [proto, tos]} hash in my
experience.
Correct.
The Catalyst 6500/7600 OSR with Sup2/Sup32/Sup720 can be configured to
hash based on L4 ports in addition to the IP
If you are planning to attend NANOG 36, hosted by Yahoo! in
Dallas, Feb. 12-15, please note the upcoming deadlines:
Friday, January 27: the discounted group room rate at the
Fairmont Hotel-Dallas expires.
Monday, January 30: the meeting registration fee will increase
$50.
For
Hi,
On Mi, 2006-01-25 at 03:20 -0500, Martin Hannigan wrote:
Hi.
In the next day or so some of us will cooperate to bring to the
attention of all effected AS's information about infected users in their
net-space.
That would be affected.
This will be
Serious answers: (much like your 'serious questions'):
If I don't see SANS running around with their capes off, I don't
http://isc.sans.org/blackworm
Further, our reports lead to a SANS ISC temporary URL's for each AS.
really pay too much attention. The last one wasn't a big hit like
they
It's now been 2.5 business days since Panix was taken out. Do we know
what the root cause was? It's hard to engineer a solution until we
know what the problem was.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
On Wed, 25 Jan 2006, Steven M. Bellovin wrote:
It's now been 2.5 business days since Panix was taken out. Do we know
what the root cause was? It's hard to engineer a solution until we
know what the problem was.
Is it really that hard to engineer this solution? We do have several of
them
Serious answers: (much like your 'serious questions'):
If I don't see SANS running around with their capes off, I don't
http://isc.sans.org/blackworm
Further, our reports lead to a SANS ISC temporary URL's for each AS.
The last time SANS felt something was so serious they needed all
Martin Hannigan wrote:
Admins: Clearly, a personal attack and I'd like the AUP enforced
please.
Clearly, exactly what you've been trying to get me to do for a long
time, to get me off NANOG, well... I finally decided to comply.
Admins: I will answer any call to leave.. Also, I'd like for
Folks,
Since my friend Gadi brought it up, I left VeriSign on January 3 after
3 years of solid employment. It was a good run. I was asked to move
to Dulles, VA and I declined for personal reasons. I live in Boston, MA.
and was a commuter to the DC area for the most part.
I've taken a position
On Wed, 25 Jan 2006, Gadi Evron wrote:
Martin Hannigan wrote:
Admins: Clearly, a personal attack and I'd like the AUP enforced
please.
Clearly, exactly what you've been trying to get me to do for a long time, to
get me off NANOG, well... I finally decided to comply.
Admins: I will
On 25-Jan-2006, at 16:12, william(at)elan.net wrote:
On Wed, 25 Jan 2006, Gadi Evron wrote:
Martin Hannigan wrote:
Admins: Clearly, a personal attack and I'd like the AUP enforced
please.
Clearly, exactly what you've been trying to get me to do for a
long time, to get me off NANOG,
On Wed, 25 Jan 2006, Joe Abley wrote:
The NANOG list administrators can be reached at [EMAIL PROTECTED] That
is almost certainly a better place to send comments related to the AUP than
the this list.
(I would have kept this comment to private mail except that it seems possible
that a
On Jan 16, 2006, at 8:48 AM, Gustavo Rodrigues Ramos wrote:
The problem takes place five or six AS far from me... Where I
can't do
much. I still can't reach some prefixes announced by large
ISPs.
On Jan 16, 2006, at 7:29 AM, Gustavo Rodrigues Ramos wrote:
Last week we received a DoS attack
Well, let's hope we can watch the Super Bowl in peace -- I'm
turning my pager cell phone off anyways. :-)
In any event, as Alex Eckelberry writes over on the Sunbelt
Software blog, ...were now seeing infestations for the
Blackworm worm (aka KamaSutra) getting close to 2 million.
Yesterday it
Can we all please take a look at RCN.COM/.NET to see if they are being
DDoS'd as retribution for the massive SP and LEO operations going to
mitigate this risk of fast becoming millions of infected machines about
to be destroyed?
We'd appreciate any help given, thanks.
Gadi.
Well, let's hope we can watch the Super Bowl in peace -- I'm
turning my pager cell phone off anyways. :-)
I'm going for Steelers. You? I've got a couple of fresh
Maine Lobsters and Union Oyster House chowdah to put up
if you're interested in a wager.
[ Removed my name from the subject. I
I'm working on finding a Wifi SIP phone that supports WPA/PSK that we can
recommended to VOIP clients. As everybody knows, currently most Wifi SIP
phones support WEP which is demonstrably insecure. For banking and
financial customers, or companies that are given passwords or credit cards
over
On 1/26/06, Mike Leber [EMAIL PROTECTED] wrote:
I'm working on finding a Wifi SIP phone that supports WPA/PSK that we can
recommended to VOIP clients. As everybody knows, currently most Wifi SIP
phones support WEP which is demonstrably insecure. For banking and
financial customers, or
On Wed, 25 Jan 2006, Martin Hannigan wrote:
us all the information, please don't bother. The snort SIDS were
nice, but as far as I am concerned, IL-CERT is not a trusted
source.
Just so people don't get confused: IL-CERT has nothing to do with what
Gadi posted and I don't seem to remember
On Wed, 25 Jan 2006, william(at)elan.net wrote:
On Wed, 25 Jan 2006, Steven M. Bellovin wrote:
It's now been 2.5 business days since Panix was taken out. Do we know
what the root cause was? It's hard to engineer a solution until we
know what the problem was.
Is it really that hard to
Thank you! We'll order one immediately and report back.
Mike.
On Thu, 26 Jan 2006, Suresh Ramasubramanian wrote:
On 1/26/06, Mike Leber [EMAIL PROTECTED] wrote:
I'm working on finding a Wifi SIP phone that supports WPA/PSK that we can
recommended to VOIP clients. As everybody knows,
On Thu, 26 Jan 2006 07:54:30 +0200, Pekka Savola said:
It'd be darn difficult to engineer a solution that would end up being
deployed in any reasonable time if we don't know the requirements
first.
Fortunately, when we know the requirements and engineer a solution, deployment
is
On Thu, 26 Jan 2006, [EMAIL PROTECTED] wrote:
In other words - what is the business case for deploying this proposed
solution? I may be able to get things deployed at $WORK by arguing that
it's The Right Thing To Do, but at most shops an ROI calculation needs
to be attached to get movement
In message [EMAIL PROTECTED], Pekka Savola writes:
On Thu, 26 Jan 2006, [EMAIL PROTECTED] wrote:
In other words - what is the business case for deploying this proposed
solution? I may be able to get things deployed at $WORK by arguing that
it's The Right Thing To Do, but at most shops an ROI
On Wed, 25 Jan 2006, Martin Hannigan wrote:
us all the information, please don't bother. The snort SIDS were
nice, but as far as I am concerned, IL-CERT is not a trusted
source.
Just so people don't get confused: IL-CERT has nothing to do with what
Gadi posted and I don't seem to
In addition, if anyone has any problems with the
trustworthiness of
whoever
then they should raise that issue with the FIRST secretariat and on the
FIRST mailing lists where we can counter any claims to the otherwise.
Trust is earned, it cannot be gained by shouting
brandon
At 01:46 AM 26-01-06 -0500, Martin Hannigan wrote:
On Wed, 25 Jan 2006, Martin Hannigan wrote:
us all the information, please don't bother. The snort SIDS were
nice, but as far as I am concerned, IL-CERT is not a trusted
source.
Just so people don't get confused: IL-CERT has nothing
34 matches
Mail list logo