On Mon, 4 Jun 2007, Krichbaum, Eric wrote:
I saw this question a while ago but no (maybe one) answers. Who does
have IPv6 in production today. Of the fixedorbit.com top ten for
example?
701 (MCI) - ?
7018 (AT&T) - ?
1239 (Sprint) - ?
174 (Cogent) - No.
3356 (Level3) - ?
209 (Qwest) - No.
35
or is the problem simply that there isn't a port or pkg or rpm of
proxynet,
and in spite of being 12 years old, nobody but me runs anything
like it? (so,
this boils down to, are folks only using proxies on outbound,
still, in 2007?)
((and did you think squid was your only inbound proxyi
> I posit that a screen door does not provide any security.
"Any" is too strong a word. For people living in an area with
malaria-carrying mosquitoes, that screen door may be more important for
security than a solid steel door with a deadbolt. It all depends on what
the risks are, what you are p
Donald Stahl wrote:
> Keep it simple. NAT is a terrible terrible hack- and it's sad that it's
> become so accepted in the maintsream.
Probably mostly because it WORKS for people, it doesn't require you
to be a network specialist. Someone just purchases a NAT gateway to
connect to their ADSL/cable
On Tue, Jun 05, 2007, Mattias Ahnberg wrote:
>
> Donald Stahl wrote:
> > Keep it simple. NAT is a terrible terrible hack- and it's sad that it's
> > become so accepted in the maintsream.
>
> Probably mostly because it WORKS for people, it doesn't require you
> to be a network specialist.
You kn
Maybe one should consider the customer viewpoint and not just
semantic twiddle. When I install one of those little and inexpensive
boxes it is for several reasons, not just security. However, the "I
hear you knocking, but you can't come in." is invaluable to keep out
probes of popular Microsoft
The only ways into these machines would be if the NAT/PAT device were
misconfigured, another machine on the secure network were compromised, or
another gateway into the secure network was set up. Guess what? All of these
things would defeat a stateful inspection firewall as well.
I disagree.
We are all familiar with whois.ripe.net and whois.arin.net and the other
whois services of the other RIRs. It allows us to know who has been
assigned the IP address in question and if needed, it gives us an initial
pointer in how to contact the "IP leaser" in case some network problem has
ar
> Again, whether the lock/deadbolt come as a package deal with the screen
> door or not, it is the lock/deadbolt that provide the security, not
> the screen
> door.
Wow, I don't know what to say. I've never heard of a screen door that came
with, and could not work without, a lock and deadbolt. I
On Mon, 04 Jun 2007 22:06:25 -0400
Daniel Senie <[EMAIL PROTECTED]> wrote:
>
> At 09:07 PM 6/4/2007, Jason Lewis wrote:
>
>
> >I figured SMB would chime in...but his research says it's not so
> >anonymous.
> >
> >http://illuminati.coralcdn.org/docs/bellovin.fnat.pdf
The traffic load on this l
Hank,
On Jun 5, 2007, at 9:56 AM, Hank Nussbacher wrote:
I have contacted the RIRs and they admit there is a problem here
that they can't solve.
I'm not sure I understand the problem. Given the US military is in
the ARIN region, why wouldn't the right answer here be "look it up in
ARIN'
* Hank Nussbacher:
> Based on http://www.iana.org/assignments/ipv4-address-space I would
> assume IANA might be interested in mandating that any organization
> having IP space from them must operate an accessible whois server.
For new address space, I agree. I'm not sure if it's worth the
troub
On 3/30/07, Zach White <[EMAIL PROTECTED]> wrote:
On Thu, Mar 29, 2007 at 10:17:50AM -0400, Kradorex Xeron wrote:
> Another problem is that the Yahoo/Inktomi search robots do not stop if no site
> is present at that address, Thus, someone could register a DNS name and have
> a site set on it tem
Donald Stahl wrote:
Ever try to set up a VPN between two offices using the same
address space?
Sure, very easily, by using NAT between the subnets.
NAT is still evil though, the problems it causes operationally
are just plain not worth it.
Can you clarify this claim? What about managing N
On 5/30/07, Michal Krsek <[EMAIL PROTECTED]> wrote:
Few weeks ago I had interesting discussion with *unnamed* Google VIP. His
answer has been:
"Google engineers doesn't see need to spend money on building IPv6
infrastructure.
You, as user, can motivate them by sending request supporting this id
Sure, very easily, by using NAT between the subnets.
Have at it. Nothing like trying to reach 10.10.10.10 nad having to put in
a dns entry pointing to 172.29.10.10, NAT'ing the address on your side to
their side and from their side back to your side, and adding the rules.
That's definitely si
I, for one, give up. No matter what you say I will never implement NAT, and
you may or may not implement it if people make boxes that support it. Clearly
...
This was supposed to be a private reply and was not meant to go to the
list. My apologies.
I will also refrain from further response
Sure, very easily, by using NAT between the subnets.
Have at it. Nothing like trying to reach 10.10.10.10 nad having
to put in a dns entry pointing to 172.29.10.10
End-users prefer hostnames to IPs. DNS hostnames are valid on both
sides due to either local zone files or a DNS protocol-NAT.
On Tue, 05 Jun 2007 17:44:40 PDT, Roger Marquis said:
>
> >> Sure, very easily, by using NAT between the subnets.
> >
> > Have at it. Nothing like trying to reach 10.10.10.10 nad having
> > to put in a dns entry pointing to 172.29.10.10
>
> End-users prefer hostnames to IPs. DNS hostnames are va
So now the cruft extends and embraces, and you have to play DNS
view games based on whether it's on company A's legacy net,
company B's legacy net, or the DMZ in between them, and start
poking around in the middle of DNS packets to tweak the replies
(which sort of guarantees you can't deploy DNS
20 matches
Mail list logo
