On Tue, 2006-01-17 at 03:19 -0500, Richard A Steenbergen wrote:
The question at hand is, at what point does a registrar providing services
have an ethical or moral obligation to step in and do something when they
do encounter an excessive level of abuse by someone using their services?
I
On Tue, 2005-03-29 at 05:37, Simon Waters wrote:
The answers from a recursive servers won't be marked authoritative (AA bit
not
set), and so correct behaviour is to discard (BIND will log a lame server
message as well by default) these records.
If your recursive resolver doesn't
On Tue, 2005-03-29 at 08:49, Joe Maimon wrote:
TIC: Apparently DNS was designed to be TOO reliable and failure resistant.
Ya, sometimes security and functionality don't mix all that well. ;-)
As I understand from reading the referenced cert thread, there is the
workaround which is disabling
On Sat, 2004-09-11 at 22:26, Paul Vixie wrote:
i still can't understand why anyone would want a gmail account, free or not.
But..but..but..it's special. You have to be invited. ;-)
C
On Thu, 2004-09-09 at 01:48, Jeff Kell wrote:
I suspect but cannot prove
that the packets are being spoofed as we are dropping (not resetting)
the probes, yet they continue. There are repeated probes from the same
IP address for about 15-20 minutes or more, then it moves along, but the
On Tue, 2004-08-03 at 05:17, Dan Hollis wrote:
Does anyone know of a way to send SMS messages without an internet
connection?
Can you use chat?
http://www.ists.dartmouth.edu/IRIA/knowledge_base/swatch.htm
C
On Tue, 2004-07-27 at 18:21, John Palmer wrote:
Now the question is, can one easily block all of doubleclick.net by 127.0.0.1 in the
hosts file
on a wincrash box? They appear to have ad, ad2, ad3, m2, m3.doubleclick.net. Anyone
know
what hosts to list??? (ie: ad2, ad3 ... to adx???)
Been
On Tue, 2004-07-27 at 21:44, Paul Vixie wrote:
on the one hand, you'd need a wildcard A RR at *.doubleclick.net to
achieve this result. the above text does not mention this, and leads
one to believe that an apex A RR at doubleclick.net would have an effect.
Depends what you are trying to
On Thu, 2004-07-22 at 20:24, Robert L Mathews wrote:
At 7/22/04 10:08 AM, Paul Vixie wrote:
the primary beneficiaries of this
new functionality are spammers and other malfeasants
I think you're suggesting that such people will register domain names and
use them right away (which may be
On Tue, 2004-05-11 at 16:35, Guðbjörn S. Hreinsson wrote:
Possible someone on the list didn't understand the content, didn't
realize this was sent via a mailing lists and submitted this as a spam
message to SPAMCOP. Less likely someone didn't know how to
get off the mailing list and this
On Tue, 2004-05-11 at 18:15, Laurence F. Sheldon, Jr. wrote:
As an ex-admin, I have some serious issues about the way Spamcop
works, but this argument is similar to one that says a credit reporting
company has to prove that you are a deadbeat before reporting that
several companies you do
On Sun, 2004-04-18 at 23:16, Sean Donelan wrote:
When the Morris worm was release, there wasn't a patch available. Since
then essentially every compromised computer has been via a vulnerability
with a patch available or misconfiguration (or usually lack of
configuration).
Key word here is
On Mon, 2004-04-19 at 06:27, Brian Russo wrote:
There're a lot more 0-days than that.
Agreed. My ego has not grown so large as to think I've seen every 0-day.
;-) As I said however, the true number of 0-day is less than ground
noise compared to the number of systems that *could* have remained
OK, I've tried to stay out of this, but...
On Thu, 2004-03-18 at 01:17, Alexei Roudnev wrote:
No. let's imagine, that I have 4 hosts, without ANY security problems in
software,
Exactly how do you *prove* there are zero security problems with any of
this software? I hate to say it, but a lot
On Thu, 2004-03-18 at 15:26, Alexei Roudnev wrote:
A good firewall *should* be doing a whole lot more than that. It should
Do not overestimate. Firewall can make a little more than just restrict
access and inspect few (very limited) protocols.
If this concerns you, just use a proxy instead
On Tue, 2004-03-16 at 21:27, Mike Turner wrote:
I am currently looking for a statefull inspection firewall
that support asymmetric routing is there such a product?
Sounds like you are looking for an SI firewall that supports full load
balancing, not just high availability. FW-1
On Fri, 2004-02-06 at 09:43, McBurnett, Jim wrote:
If I was a real hacker, and I found the problem, might I also know the fix?
And if I was really nice, would I give that fix to the vendor?
Or could it be that a former Checkpoint employee is now an ISS employee?
Or .?
In my experience,
On Sat, 2004-01-17 at 21:08, Sean Donelan wrote:
Assuming lawful purposes, what is the best way to tap a network
undetectable
The best way to go undetectable is easy, run the sniffer without an IP
address. The best way to tap a network varies with your setup. If your
repeated, just plug in
On Fri, 2004-01-16 at 18:00, Gerald wrote:
I should probably mention that I've already started looking at antisniff.
I was hoping to find something that was currently maintained and still
free while I investigate antisniff's capabilities.
Antisniff is still the best software based tool for
On Thu, 2004-01-15 at 17:11, Eric Kuhnke wrote:
And if he fails, what with the fact that sending all Internet traffic in
the whole country through a single chokepoint obviously creates a single
point of failure, all Net traffic in Saudi Arabia stops.
Not sure if its still the same setup,
On Mon, 2003-12-29 at 06:47, [EMAIL PROTECTED] wrote:
Recently (this year...) I've noticed increasing number of ip range scans
of various types that envolve one or more ports being probed for our
entire ip blocks sequentially.
You're lucky. I've been watching this slowly ramp up for the
Greetings all,
I'm working with a few folks on firewall and IDS rules that will flag
suspicious fragmented traffic. I know the legal minimum of a
non-terminal fragment is 28 bytes, but given non-terminals should
reflect the MTU of the topologies along the link, this number is far
lower than what
On Mon, 2003-12-22 at 08:27, bill wrote:
Is is safe to assume
that 99.9% of the Internet is running on 1500 MTU or higher these days?
define safe.
GRIN
I agree, this is a bit of a loaded question. I guess by safe I mean Is
anyone aware of a specific link or set of conditions that
Greets again all,
I noticed something kind of interesting when I made my last post to
NANOG. I can understand people wanting to do spam checking, but IMHO
this is a bit excessive and inconsiderate.
I'm guessing njabl.org is doing this to everyone who posts to the list,
so I thought others
On Mon, 2003-12-22 at 09:36, Robert E. Seastrom wrote:
You mean like everyone who's still running TCP/IP over AX.25 in the
ham radio community?
I actually thought of this, but only as an end-point which would not
generate fragmented packets. I didn't consider that people could be
using Linux
On Mon, 2003-12-22 at 11:04, Etaoin Shrdlu wrote:
Um, welcome to the world of spam nazis.
I've seen returning MX queries and even source address validation, but
never anything this excessive up till now. IMHO its hard to tell if they
are looking for spam relays to reduce spam, or because they
On Mon, 2003-12-22 at 13:46, Andy Dills wrote:
Agreed. My spam is _my_ problem and fixing it should not include making
it everyone else's problem. Forget whether its legal, its pretty
inconsiderate as many environments flag this stuff as malicious so it
triggers alerts.
On Mon, 2003-12-22 at 16:55, Andy Dills wrote:
This is going to sound really snippy, but who died and made then
god/goddess of the Internet? Where is the document trail empowering them
to be spam cops of the Internet with absolute authority to probe who
ever they see fit?
This is a
On Mon, 2003-12-22 at 19:10, Stephen J. Wilcox wrote:
Whats IP over DNS, 512 bytes.. wouldnt want to kill my hotel access now huh?
LOL!
And least we forget RFC 1149. I think this limits carrier pigeon MTU to
256 milligrams. ;-)
C
On Wed, 2003-12-03 at 22:09, Jamie Reid wrote:
This was a problem when filtering Nachi while it pinged networks
to their knees.
I think the problem was exasperated by the fact that some ISP's
responded by blocking _all_ ICMP. Its bad enough that this killed their
own ability to see if their
On Thu, 2003-11-27 at 23:57, Stephen Miller wrote:
check out the following link for info on rsync:
http://samba.anu.edu.au/rsync/
Bill Stearns has some *excellent* information on combining rsync with
SSH public/private keys if you need to backup the data in a secure
fashion.
On Tue, 2003-11-25 at 12:38, [EMAIL PROTECTED] wrote:
Is anyone on the NANOG list aware of a disk-less Linux solution? One might
imagine a Knoppix-like bootable CD image (perhaps CD-RW, so config files
could be updated) that would turn an inexpensive Linux box into an
effective traffic
On Fri, 2003-10-24 at 00:22, Jared Mauch wrote:
On Fri, Oct 24, 2003 at 12:13:59AM -0400, Sean Donelan wrote:
http://www.securityfocus.com/news/7278
How many other ISPs intend to follow AOL's practice and use their
connection support software to fix the defaults on their customer's
On Tue, 2003-10-14 at 21:12, Fred Heutte wrote:
IPSec prevents packet modification to thwart man-in-the-middle
attacks. However, this strong security feature also generates
operational problems. NAT frequently breaks IPSec because it
modifies packets by substituting public IP
34 matches
Mail list logo