Gadi Evron wrote:
On Thu, 19 Apr 2007, Will Hargrave wrote:
Gadi Evron wrote:
A 21-year-old college student in London had his internet service
terminated and was threatened with legal action after publishing details
of a critical vulnerability that can compromise the security of the
On Fri, 20 Apr 2007, Simon Lyall wrote:
On Thu, 19 Apr 2007, Gadi Evron wrote:
Looking at the lack of security response and seriousness from this ISP, I
personally, in hindsight (although it was impossible to see back
then) would not waste time with reporting issues to them, now.
Hi Steve,
[EMAIL PROTECTED] (Stephen Wilcox) wrote:
I remember this because I had such a reload and it was during a period of
heavy cosmic activity.. as the hardware had always been reliable and was
reliable after this was beleived to be the cause
We have also started to use this as the
[EMAIL PROTECTED] wrote:
I'm not sure if Simon's comment was tongue-in-cheek.
I think if you are referring to public disclosure, yes, I think there's
little point of doing this, unless you are seeking attention. Of course,
reporting a problem to vendor privately always makes sense.
I'm not
BGP Update Report
Interval: 06-Apr-07 -to- 19-Apr-07 (14 days)
Observation Point: BGP Peering with AS4637
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS912132228 3.0% 28.1 -- TTNET TTnet Autonomous System
2 - AS477529436
I remember this because I had such a reload and it was during a period of
heavy cosmic activity.. as the hardware had always been reliable and was reliable
after this was beleived to be the cause
We have also started to use this as the standard excuse.
Up to now, people believe us...
On Fri, 20 Apr 2007, Gadi Evron wrote:
On Fri, 20 Apr 2007, Simon Lyall wrote:
On Thu, 19 Apr 2007, Gadi Evron wrote:
Looking at the lack of security response and seriousness from this
ISP, I personally, in hindsight (although it was impossible to see
back then) would not waste
On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
On Thu, 19 Apr 2007, Will Hargrave wrote:
Gadi Evron wrote:
A 21-year-old college student in London had his internet service
terminated and was threatened with legal action after publishing details
of a critical
It *is* a criminal offence under extensions to the original CMA1990 in the
Police and Justice Act 2006. The maximum penalty was also increased to two
years imprisonment.
I don't think this particular incident is enough to attract a custodial
sentence, but he will almost certainly end up with a
On Fri, 20 Apr 2007 15:51:20 BST, Stephen Wilcox said:
what other examples are there as you suggest a trend in hushing security
vulns?
Skylarov ended up in jail for a while for daring to point out that a certain
foolish vendor had used ROT-13 as their encryption scheme.
Raven Adler had her
On Fri, 20 Apr 2007 [EMAIL PROTECTED] wrote:
On Fri, 20 Apr 2007, Gadi Evron wrote:
Now, that is off-topic to NANOG.
Just because you disagree with someone's opinion, doesn't make it
offtopic.
snip
I'm not sure the debate on public disclosure vs private falls under NANOG
AUP.
Do you
On Fri, 20 Apr 2007, Stephen Wilcox wrote:
On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
I am generally worried about the trend that is emerging of reporting
security issues resulting in legal threats.
well in this case i dont know the nature of the threat but asking the
On Fri, 20 Apr 2007, J. Oquendo wrote:
[EMAIL PROTECTED] wrote:
I'm not sure if Simon's comment was tongue-in-cheek.
I think if you are referring to public disclosure, yes, I think
there's little point of doing this, unless you are seeking attention.
Of course, reporting a problem
On Fri, 20 Apr 2007 12:33:26 EDT, [EMAIL PROTECTED] said:
How would you feel if you used a product a company KNOWS lacks
fundamental security controls and does little to fix it. How would you
feel if AFTER the fact someone leveraged a method to affect you. How
would you feel AFTER the
In article [EMAIL PROTECTED], Peter Corlett
[EMAIL PROTECTED] writes
In his blog post [1] he did admit to accessing other routers of Be's
customers using the backdoor password; this is probably [2] a criminal
offence in the UK. I'm not sure I have as much sympathy for him as you do.
[2]
Hi,
I am Shai from Rogers Cable Inc. ISP in Canada. We have IP block
99.x.x.x assigned to our customers. Which happened to be bogons block in
the past and was given to ARIN in Oct 2006. As we have recently started
using this block, we are getting complains from our customers who are
unable to
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith [EMAIL
Please provide a pingable IP address on each block so that we can check.
Thanks,
Frank
-Original Message-
Sent: Friday, April 20, 2007 1:09 PM
To: 'nanog@merit.edu'
Subject: IP Block 99/8
Hi,
I am Shai from Rogers Cable Inc. ISP in Canada. We have IP block
99.x.x.x assigned to our
well-deserved criminal record for his stupidity. Where is the
criminal record for the idiot who allowed remote access with a
single username and password to every single cable modem? That's
pretty damned stupid.
Honetly- when did we all become such vindictive assholes? Had the
guy
We recently started to assign these blocks. So all the ranges are not
assigned yet. Following are some...
99.245.135.129
99.246.224.1
99.244.192.1
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Frank Bulk
Sent: Friday, April 20, 2007 2:14 PM
To:
On Fri, Apr 20, 2007 at 01:54:37PM -0400, Shai Balasingham wrote:
Hi,
I am Shai from Rogers Cable Inc. ISP in Canada.
We own the following blocks:
99.224.0.0/12
99.240.0.0/13
99.248.0.0/14
99.252.0.0/16
99.253.128.0/19
Shai.
Own? ARIN gave you title?
--bill
Gentlemen and Ladies,
I think we should shut down this line of argument.
Enjoy the beautiful weather here and Europe and have a good weekend.
Regards,
Roderick S. Beck
Hibernia Atlantic
30 Dongan Place, NY, NY 10040
http://www.hiberniaatlantic.com
Landline: 1-212-942-3345
Wireless:
On Friday 20 April 2007 10:51, Stephen Wilcox wrote:
On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
On Thu, 19 Apr 2007, Will Hargrave wrote:
Gadi Evron wrote:
A 21-year-old college student in London had his internet service
terminated and was threatened with legal
If we had clean registries and signed/verifiable advertisements this would
not be an issue. Most of you know that DHS was pushing the Secure Protocols
for the Routing Infrastructure initiative
(http://www.cyber.st.dhs.gov/spri.html). Due to budget cuts this program is
on the shelf for now.
In my personal opinion, ISPs, vendors, and such should legally be held
responsible for their product's security and unconditionally be made to
repair any security holes. -- if a vendor or ISP maintains good security
practices, there will be nothing for them to fear from this.
What's really
The discussion started out regarding an IP-over-cable ISP. Please
point me at places where there is significant *real* competition (i.e.
addresses that have more than one copper cable-TV line running into the
consumer residence).
There are a number of cable overbuilders out there.
On Fri, 20 Apr 2007 14:56:06 EDT, Kradorex Xeron said:
In my personal opinion, ISPs, vendors, and such should legally be held
responsible for their product's security and unconditionally be made to
repair any security holes. -- if a vendor or ISP maintains good security
practices, there
On Friday 20 April 2007 16:16, [EMAIL PROTECTED] wrote:
On Fri, 20 Apr 2007 14:56:06 EDT, Kradorex Xeron said:
In my personal opinion, ISPs, vendors, and such should legally be held
responsible for their product's security and unconditionally be made to
repair any security holes. -- if a
On 20-apr-2007, at 21:32, Marcus H. Sachs wrote:
If we had clean registries and signed/verifiable advertisements
this would
not be an issue.
I wouldn't count on that. If such a mechanism would become available
(which isn't completely unthinkable, see http://www.bgpexpert.com/
29 matches
Mail list logo
