Caidas netflow tools?
--
Neil J. McRae -- Alive and Kicking
[EMAIL PROTECTED]
-Original Message-
From: matthew zeier <[EMAIL PROTECTED]>
Date: Thu, 03 Aug 2006 23:04:49
To:[EMAIL PROTECTED]
Subject: text based netflow top ASN tool?
I recall using a text based netflow collector that w
I promised myself I'd never, ever post three comments on the same
topic here, but hey...
What I think would be a good thing would be focusing on ONE miscreant,
some low-hanging fruit for starters. Just one. And shut him/her/it
down, hound him off the face of the earth, get him arrested, whatever
I recall using a text based netflow collector that would show me top
destination ASNs. I recall it being really simple to get working too.
But it's been some time since I used it and can't recall what it's called.
Can someone give me a hint?
useless...
perhaps. i'm partly of the mind that botnets, p2p networks, manets,
and other self-organizing systems are the "wave" of the future (or even the
present) and the technologies, per se, are not inherently "evil" or even bad.
imho, it is short sighted to try and curtail,
Bora Akyol wrote:
> What I am saying is that throwing more technology (boxes, appliances
> etc) and more manpower at the problem within the NSP,ISP, and ASP boxes
> of the network block diagram is NOT going to solve the problem. I am not
> saying, stop what you are doing, all I am saying is that,
We are seeing the same issue - does anyone have a Cox NOC contact?
-a
David Hubbard wrote:
Anyone know of something going on with Cox currently?
We've had a number of customers report they can't get
to us (AS 33260) from Cox (AS 22773). We've tried
forcing traffic out different providers of o
On Aug 3, 2006, at 4:22 PM, Scott Weeks wrote:
But shutting them down, that's like the police arresting
all the informants. It doesn't stop the crime, it just
eradicates all your easy leads.
What're folk's thoughts on that?
I'm not sure I'd liken shutting C&C infrastructure down to
"ar
On Thu, 03 Aug 2006 12:22:31 -1000
"Scott Weeks" <[EMAIL PROTECTED]> wrote:
> > But shutting them down, that's like the police arresting
> > all the informants. It doesn't stop the crime, it just
> > eradicates all your easy leads.
>
> What're folk's thoughts on that?
Well that's one perspect
# Apologies for the duplicates #
Dear Colleagues
Report on "Analysis and Recommendations
on the Exhaustion of IPv4 Address Space"
JPNIC has published a report titled "Analysis and Recommendations on the
Exhaustion of IPv4 Address Space".
The original Japanese version
I am not being a discounting the efforts of many people that are on this
list and I personally know or worked with.
What I am saying is that throwing more technology (boxes, appliances
etc) and more manpower at the problem within the NSP,ISP, and ASP boxes
of the network block diagram is NOT goin
I really didn't intend for this discussion to run down a rat-hole
like this, but there it is.
If you're going to pass-the-buck on this to (OS flaws) or that
(stupid user tricks), then there are bigger problem than I thought.
Regardless of existing flaws, user idiosyncracies, etc., we still
have
I see you are an optimist.
As much as I like to build more technology, in this case neither more
technology, nor more manpower devoted to service providers and
networking is going to fix this problem.
There is a real good analogy to this going on in Santa Clara county (SF
Bay Area) where West Ni
I've got news for you.
To impact the miscreant's bottom-line, then it will take:
A) Technology, and;
B) Manpower
It will also take:
C) Better cooperative efforts.
- ferg
-- "Bora Akyol" <[EMAIL PROTECTED]> wrote:
IMHO,
This is not a problem we can solve by adding:
a) technology (other t
- Original Message Follows -
From: "Barry Greene (bgreene)" <[EMAIL PROTECTED]>
> > What? That's what I'm trying to find out, but I'm not
> > as smart as most, so I can only point out the things
> > that I believe definitely won't work and why I think
> > that. Hopefully by the applic
IMHO,
This is not a problem we can solve by adding:
a) technology (other than completely dumping the OS(s) that make this
possible)
b) manpower
I think it can be solved by reducing the margins in the miscreant
business line
or ideally having it have negative margins.
> I would suggest more sp
-- Danny McPherson <[EMAIL PROTECTED]> wrote:
[good stuff elided]
>I agree that the root of the problem is the miscreants perpetrating
>these crimes, and they need to be prosecuted, but the responsibility
>falls far wider than the SPs.
>
>I also accept the references provided by Paul and others,
On Jul 30, 2006, at 10:37 AM, Gadi Evron wrote:
The few hundred *new* IRC-based C&Cs a month (and change), have been
around and static (somewhat) for a while now. At a steady rate of
change which
maintains the status quo, plus a bit of new blood.
In this post I ask the community about wha
No, it does not look good :)
; <<>> DiG 9.1.3 <<>> -t any eoileon.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47446
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;eoileon.com. I
Anyone know of something going on with Cox currently?
We've had a number of customers report they can't get
to us (AS 33260) from Cox (AS 22773). We've tried
forcing traffic out different providers of ours and it
usually seems to die with Level 3 in DFW, Time Warner
Telecom in DFW, Cogent in Atla
I need a Spam Pig...
-Mike
On 8/2/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
pipecleaners?
http://www.ppsa-online.com/about-pigs.php#UTILITY%20PIGS
do they make one for Internet Pipes?
--bill
On Wed, Aug 02, 2006 at 05:59:29PM -0700, joe mcguckin wrote:
> Can't you guys take this
On Thu, 3 Aug 2006, Joe Abley said:
Do you have an example of a parked domain with no SOA record?
eoileon.com
tri-cityhearald.com
Surely for that to work for most of the domains we're talking about, the
parking companies would need to be able to insert arbitrary records into
zones such as
The isp-voip list is pretty quiet, and probably not the caliber you're
looking for.
Frank
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Netfortius
Sent: Thursday, August 03, 2006 8:41 AM
To: nanog@merit.edu
Subject: Re: OT: Good list for VoIP
I've h
On Aug 2, 2006, at 2:03 PM, Sean Donelan wrote:
There seems to be DNSBL's for every other thing, I was expecting to
find
one for parked domain names or the server IP addresses used.
That's not hard. It's the value of providing it I question. It only
encourages them to start putting syn
The increase in dispatch errors reported by BIND recently is explained by the
other ISC here;
http://isc.sans.org/diary.php?storyid=1538
So it looks like the error message was right, although some older versions of
BIND didn't do a good job of reporting the IP addresses involved.
My own exper
On 3-Aug-2006, at 04:05, Duane Wessels wrote:
I am looking for a way that you, or anyone else, could indicate a
domain
should not be considered "in service" although the name is
registered and
has an A record pointing to an active server so when I check that
name
it doesn't require a hum
Duane Wessels wrote:
I am looking for a way that you, or anyone else, could indicate a domain
should not be considered "in service" although the name is registered and
has an A record pointing to an active server so when I check that name
it doesn't require a human to interpret the results.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Mike,
You can try voipsec@voipsa.org:
To subscribe or unsubscribe via the World Wide Web, visit
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org or, via email,
send a message with subject or body 'help' to
[EMAIL PROTECTED]
You ca
I've had some decent success with other lists from this site:
http://isp-lists.isp-planet.com/about/
so you may want to try their VoIP one. I cannot personally endorse that
specific one, though, as I am not a subscriber.
Stefan
On Thursday 03 August 2006 07:20, Mike Callahan wrote:
> Sorry fo
Sorry for the OT post but I'm wondering if anyone can recommend a good list for
ISP level VoIP discussion. On that's focus is on technical issues would be
preferred.
Thanks,
M. Callahan
I am looking for a way that you, or anyone else, could indicate a domain
should not be considered "in service" although the name is registered and
has an A record pointing to an active server so when I check that name
it doesn't require a human to interpret the results.
You might be able to us
30 matches
Mail list logo
