I guess this can be helpful to find not just firewalls but any
IPv6-compliant product/service.
http://www.ipv6-to-standard.org
Regards,
Jordi
De: Joseph S D Yao [EMAIL PROTECTED]
Responder a: [EMAIL PROTECTED]
Fecha: Tue, 30 Jan 2007 17:36:58 -0500
Para: J. Oquendo [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: SIP Packet Reloads IOS Devices Not
Configured for SIP
Advisory ID: cisco-sa-20070131-sip
http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml
Revision 1.0
For Public Release 2007 Jan 31 0900 UTC (GMT
Steve Gibbard wrote:
If you actually want to do this, you've got four choices:
- Policy route, as mentioned below.
- Get the customer their own connection to Cogent.
- Have a border router that only talks to Cogent and doesn't receive full
routes from your core, and connect the customer
NANOG 39 Meeting Attendees,
Please note if you are staying in the Sheraton Centre Toronto and have
a room reservation in the NANOG room block at the NANOG rate, you are
entitled to receive complimentary in-room Internet access,
complimentary access to the fitness center, and discounted valet
On Tue, Jan 30, 2007 at 08:19:12AM -, [EMAIL PROTECTED] wrote:
IPv6 makes NAT obsolete because IPv6 firewalls can provide all
the useful features of IPv4 NAT without any of the downsides.
IPv6 firewalls? Where? Good ones?
Why good ones. NAT is a basic IPv4 firewall. All
On Tue, Jan 30, 2007 at 08:04:25PM -, Mark D. Kaye wrote:
Hi,
PIX/ASA Supports IPv6 Apparently, see below.
Don't know anyone who has tested it yet though ;-)
http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_
chapter09186a0080636f44.html
Note Failover does
bear with me, this appears to be about DNS but it's actually about e-mail.
maps.vix.com has been gone since 1999 or so. mail-abuse.org is the new thing.
i've tried just about everything to get traffic toward the old domain name to
stop... right now there's a DNAME but it made no real
once upon a time, someone more insane than myself wanted to close an
RBL and did so by replacing it with a wildcard entry. we all hated
that since it caused a lot of mail to bounce. (all mail that would
otherwise have been received by that RBL's subscribers, in fact.) it
did however have
Randy Bush wrote:
once upon a time, someone more insane than myself wanted to close an
RBL and did so by replacing it with a wildcard entry. we all hated
that since it caused a lot of mail to bounce. (all mail that would
otherwise have been received by that RBL's subscribers, in fact.) it
... the effect of causing the subscribers to reconfigure their mailers to
stop querying the now-dead RBL in question. what's the current thinking
on this?
one problem with this is that the pain is not felt by the misconfigured
folk, but by distant innocents.
i am one of those who
One thing you might consider is putting together a script to harvest email
addresses from whois records that correspond to the PTR for the querying
IPs. Add to that list abuse, postmaster, webmaster, hostmaster, etc @ the
poorly run domain. Then fire off a message explaining the situation
On Wed, 31 Jan 2007, Derek J. Balling wrote:
I think that at some poing, Paul has a right to attempt to reclaim the
sane use of his domain name, and considering how long the DNSBL in
question has been out of commission, and people who use it should know
that by now, the carrot needs to be
it caused a lot of mail to bounce. (all mail that would otherwise
have been received by that RBL's subscribers, in fact.) it did
however have the effect of causing the subscribers to reconfigure
their mailers to stop querying the now-dead RBL in question. what's
the current thinking on this?
one problem with this is that the pain is not felt by the misconfigured
folk, but by distant innocents.
etc.
One problem we have is that we tend to see the internet as a perfect
simulation of a fair and just system, at least as a first goal.
I don't know if that's possible or not.
Paul Vixie wrote:
bear with me, this appears to be about DNS but it's actually about e-mail.
maps.vix.com has been gone since 1999 or so. mail-abuse.org is the new thing.
i've tried just about everything to get traffic toward the old domain name to
stop... right now there's a DNAME but it
Thinking this out, out loud. Well, in black and white, anyway.
Your vix.com name servers are authoritative for the zone.
If a name server wants to do a lookup on maps.vix.com, it will get it
from cache, or send a query to the listed IP address for one of the name
servers.
You said you had
On Wed, 31 Jan 2007, Barry Shein wrote:
:One problem we have is that we tend to see the internet as a perfect
:simulation of a fair and just system, at least as a first goal.
:
:I don't know if that's possible or not. I don't know if anyone has
:actually explored the issue deeply. One problem is
Or just have everydns [or insert other free dns provider] handle your
primary dns and let them handle the traffic, problem solved (for you
atleast) :-)
Personally I have no sympathy to people who are using outdated dnsbl's
(especially from 1999), I would consider the wildcard if you want to
snip
The only way for it not to arrive at the name server is for something in
the way to block it. Perhaps a transparent filter, or perhaps the IP
addresses of the name servers are your firewalls, which will block and
pass the rest on to the real name servers behind them.
The problem here
On Thu, 1 Feb 2007, Trent Lloyd wrote:
snip
The only way for it not to arrive at the name server is for something in
the way to block it. Perhaps a transparent filter, or perhaps the IP
addresses of the name servers are your firewalls, which will block and
pass the rest on to the
On Wed, 31 Jan 2007, Brian Wallingford wrote:
it's not a priority). Considering the time passed since maps went
defunct, Paul is entirely justified in doing whatever is necessary to
cluebat the offending networks, imho.
here's the funny thing... what if the cluebat doesn't actualy change
DNS forward all queries and replies to myspace, Im sure they'll enjoy that!
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul
Vixie
Sent: Wednesday, January 31, 2007 3:48 PM
To: nanog@merit.edu
Subject: Re: what the heck do i do now?
... the
Brian Wallingford wrote:
... Considering the time passed since maps went
defunct, Paul is entirely justified in doing whatever is necessary to
cluebat the offending networks, imho.
That's my opinion too. But I do have some domain name server addresses
that get a lot of traffic due to
Is there a gmail admin around?
Could you give me a shout offlist?
-mark
--
Mark Jeftovic [EMAIL PROTECTED]
Founder President, easyDNS Technologies Inc.
ph. +1-(416)-535-8672 ext 225
fx. +1-(866) 273-2892
list... I talked to my lawyer. And while I am not a lawyer, I can tell you
that my lawyer pointed out several interesting legal theories under which I
could have some serious liability, and so I don't do that any more. (As an
example, consider what happens *to you* if a hospital stops getting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jan 31, 2007, at 9:16 PM, Mark Foster wrote:
list... I talked to my lawyer. And while I am not a lawyer, I can
tell you that my lawyer pointed out several interesting legal
theories under which I could have some serious liability, and so I
On Thu, 1 Feb 2007, Paul Vixie wrote:
One thing you might consider is putting together a script to harvest email
addresses from whois records that correspond to the PTR for the querying
IPs. Add to that list abuse, postmaster, webmaster, hostmaster, etc @ the
poorly run domain. Then fire off
Why do I even bother?
-- Forwarded message --
Date: Wed, 31 Jan 2007 23:08:22 -0500
From: Mail Delivery Subsystem [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Returned mail: see transcript for details
The original message was received at Wed, 31 Jan 2007 23:08:18 -0500
from
As an, ahem, lawyer, I think what you do and how you do it matter a lot
here. And it would be prudent to talk to someone who understood your
facts and situation before doing some of the things discussed in this
thread. (I won't be more specific for fear of sounding like I'm giving
legal
It is impossible to know with any confidence without knowing more details,
but from the face of it, it is far from obvious to me that Mark Foster's
lawyer got this wrong.
(Meanwhile, this will make a great exam question some day.)
I agree, except it wasn't my Laywer.
You mean Matthew
another way is tunnel them to a border router that
interfaces with Cogent and deal with it at the border
router. QinQ tunnel, GRE, IPSec, or whatever tunnel
type you can support and will service the type of
traffic your customer needs (L2 or L3). If you have
multiple Cogent connections you
31 matches
Mail list logo
