On Thu, Aug 28, 2003 at 12:04:09PM -0400, Matthew Crocker wrote:
> Technically no, There is no reason for a customer to have direct
> access to the net so long as the ISP can provide appropriate proxies
> for the services required.
> It gets complex, it gets hard to manage but it can be done.
On Sat, Jan 25, 2003 at 06:58:46AM -0500, Phil Rosenthal wrote:
> It might be interesting if some people were to post when they received
> their first attack packet, and where it came from, if they happened to
> be logging.
>
> Here is the first packet we logged:
> Jan 25 00:29:37 EST 216.66.11.
On Fri, Jan 17, 2003 at 06:38:08PM +, Christopher L. Morrow wrote:
>
> On Fri, 17 Jan 2003, John Kristoff wrote:
>
> > impractical). If the sources can be tracked, perhaps they can be
> > stopped (but large number of sources make this a scaling issue and
> > sometimes not all responsible p
On Thu, Nov 14, 2002 at 02:53:59PM -0800, Crist J. Clark wrote:
>
> I've been looking for some technical descriptions on how DirecPC works
> from a TCP/IP point of view. Does anyone out there have some
> references? I have not been able to find anything too detailed, and
> from what I have been t
On Sun, Oct 06, 2002 at 04:25:00PM -0400, Ralph Doncaster wrote:
>
> A and B are connected via the same multi-access media. It is technically
> possible for B to tell A "you can reach 172.16.16.0/24 on the same media
> that you receive this update on". However what people seem to be saying
> i
On Mon, Sep 02, 2002 at 11:16:51PM -0400, [EMAIL PROTECTED] wrote:
> >
> > To carry the bgp next-hops around the network? You could add in statics
> > for every next-hop on every router, but this kind of configuration is
> > complex and prone to errors such as loops in relatively minor cases.
>
On Sun, Jul 07, 2002 at 04:16:12PM -0400, [EMAIL PROTECTED] wrote:
> On Sun, 07 Jul 2002 12:45:13 PDT, Clayton Fiske <[EMAIL PROTECTED]> said:
>
> > Don't forget 3) the machine compromised isn't capable of spoofing.
> > In Win95/98/ME/NT, there is no raw sock
On Sun, Jul 07, 2002 at 03:08:14PM -0400, Richard A Steenbergen wrote:
> On Sat, Jul 06, 2002 at 06:24:40PM -0500, Rob Thomas wrote:
> > Hmm, not according to the data I collect. I track numerous botnets and
> > DoSnets, and a bit over 80% of them use the real IPs as the source of
> > the floods
On Mon, Jul 01, 2002 at 03:20:32PM -0400, Phil Rosenthal wrote:
>
> I don't think "peering could not overcome corrupt financial officers and
> $3B in debt" equates to "peering has no relation to financial
> difficulties" exactly.
>
> Here's a fun exercise: Drop your 5 busiest peers, and see if
On Mon, Jul 01, 2002 at 01:36:00PM -0400, [EMAIL PROTECTED] wrote:
>
> > Here's a fun exercise: Drop your 5 busiest peers, and see if your
> > operating costs a) increase, b) decrease, or c) remain the same.
>
> If your full cost of peering with UUNET (including things such as
> depreciation)
On Mon, Jul 01, 2002 at 01:38:57PM -0400, Phil Rosenthal wrote:
>
> I would venture to say that to WorldCom, all traffic is destined to a
> peer, or a customer, and they NEVER pay for traffic. Peering with them
> is entirely a courtesy from them to you, as they can always see you
> through their
On Wed, Jun 26, 2002 at 01:52:08PM -0400, Ralph Doncaster wrote:
>
> If I peer with network X in cities A and B, and receive the same route in
> both cities with an AS-path of X, how do I know which city to use for an
> exit? I can understand how if X uses communities to tag the geographic
> or
On Thu, Jun 20, 2002 at 01:12:20PM -0400, Steven J. Sobol wrote:
> If the offending ISP does not respond, and you have exhausted all avenues
> available to you to get the ISP to get its customer to stop spamming -
> whether by TOS'ing the customer, education or whatever - then escalation
> may
On Tue, Jun 04, 2002 at 04:17:04PM -0400, Joe Abley wrote:
> On Tuesday, June 4, 2002, at 03:47 , Richard A Steenbergen wrote:
>
> > Exchange point blocks SHOULDN'T be transited by anyone, therefore you
> > should not hear them from your peers.
>
[snip]
> Messy traceroutes make the helpdesk pho
On Thu, May 23, 2002 at 10:05:08AM -0700, Mark Kent wrote:
> This isn't more than a nuisance for me, but I run a small net.
> Should I conclude that an ISP with a population 10 times bigger
> would have their border routers getting pinged at 10 times the
> rate I see? If so, should we care, or
On Wed, May 15, 2002 at 06:25:15PM -0700, PJ wrote:
> Granted. However, the suggestion to place said host/network into some
> sort of BGP black hole, has it's problems. The community has a whole
Keep in mind that this would be a subscription service. It's not as
though the route would be annou
On Wed, May 15, 2002 at 06:04:40PM -0700, PJ wrote:
> Sorry for not including nanog in the reply. What about MAPS? They
> routinely scan netblocks without consent. Does this tool
> differenciate between local and non-local scanning? Scanning is
The tool in question may not even exist yet. Th
On Wed, May 15, 2002 at 05:22:39PM -0700, PJ wrote:
> Are you now operating under the premise that scans != anything but the
> prelude to an attack? Sorry if I missed it earlier in the thread, but
> I would hate to think any legitimate scanning of a network or host
> would result in a false posi
On Thu, Apr 25, 2002 at 12:44:59PM +0100, Avleen Vig wrote:
> Your conf file shows that it is set up as:
> Define a view
> Now allocate zonefiles to it
>
> What if you host multiple domains, and the view you want to give them
> overlap? Is it not possible to do:
> Make a zone file
> Put
On Tue, Apr 23, 2002 at 12:20:24AM -0400, Sean Donelan wrote:
> A few network providers seem to be having trouble with MAE-West
> in San Jose (I believe MAE-West ATM). The providers I can see, don't
> have problems reach MAE-West. I'm not in San Jose, but CalTrans
> indicates there is a large fi
On Tue, Mar 05, 2002 at 09:38:42AM -0500, Richard A Steenbergen wrote:
>
> You should also beware of turning up TCP window settings to whatever big
> number you feel like. I can only vouch for unix systems here, but the way
> the socket interface and kernel tcp works requires a buffer which is b
On Wed, Feb 27, 2002 at 11:01:04PM -0500, Mark Allman wrote:
> > The receiver is the one that informs the sender how large of a
> > window it can accept, so it can be practical for a subscriber
> > installation. It wouldn't be a good idea to park a bunch of
> > servers behind one of these links,
22 matches
Mail list logo