ss it's a backup.
Thanks for the input from all that replied. I learned a few new
technologies and some more stuff to read up on.
Gerald
be overkill for just 3
Mb.
Thanks for suggestions and tips.
Gerald
tapp both doing this a
while back though. I can't find it now and I don't know if Netapp still
does it.
Gerald (Not a lawyer, and not going to court on your behalf.)
way by publishing their SPF records. I can understand
not implementing the blocks or delays yet, but publish the records ASAP.
I think this will be the next best thing in E-mail. I'd love for that date
to be August 1 though.
FYI SpamAssassin 3.0 has / will have SPF checks built in.
Gerald
e they had much
choice from the TRO. I'd recommend you focus your efforts on explaining to
a judge the issues that were brought up in the suit and forget about
involving NANOG in your court disputes.
Gerald
A former customer of NAC who can sympathize with UCIs position.
so I can handle the replies for
anyone who wants to respond off the list.
Gerald Coon
Network Administrator
(Who also wears a sales hat at times for the same company)
Internet Channel
On Wed, 28 Jan 2004, Brian Wallingford wrote:
> There's no question that there's a certain amount of social engineering
> involved in contacting (or being allowed to contact) competent folk. It's
> advisable to be sure that any staff who will be contacting them are fully versed in
> any services
e been a long time since the
subject of detecting packet sniffers was brought up. (not just on NANOG)
I know there are ways to get around being detected, but I'm just trying to
make sure I'm doing my best to catch the less than professional sniffers
on my networks.
Gerald
to me off list:
http://sniffdet.sourceforge.net/
I haven't looked in to it yet, but figured I would keep all of the
suggestions in public view.
Gerald
On Fri, 16 Jan 2004, Gerald wrote:
> Subject says it all. Someone asked the other day here for sniffers. Any
> progress or suggestions for programs that detect cards in promisc mode or
> sniffing traffic?
I should probably mention that I've already started looking at antisniff.
I
Subject says it all. Someone asked the other day here for sniffers. Any
progress or suggestions for programs that detect cards in promisc mode or
sniffing traffic?
Gerald
On Tue, 13 Jan 2004, Grant A. Kirkwood wrote:
> Confirmed. One Wilshire, 818 W. 7th, 600 W. 7th, 600 Wilshire, etc.. are
> all on generator at this time. We can see smoke from generators in many
> directions, not sure how widespread it is yet.
Hmph, I was trying to figure out where this was ;-)
speak and won't tell you when you are
about to do something stupid. Anyone who uses that term is effectively
getting on to you for using your own brain instead of following the
crowd. The opposite of "zealot" is "lemming".
Gerald
On Mon, 22 Dec 2003, Scott Granados wrote:
> Apparently there was just a 6.4 quake in central california.
Terrorists!
Gerald
On Fri, 19 Dec 2003, Gerald wrote:
> With a little more research, I think I can better clarify that I'm looking
> for just about any router (<$50-100) that has a HSSI port and an RJ45
You ever hit send and then wish you could chase after that E-mail with a
s/HSSI/v.35/ ?
I was
tle more research, I think I can better clarify that I'm looking
for just about any router (<$50-100) that has a HSSI port and an RJ45
port. For what I'm looking for at the moment (experimenting)
used/refurbished doesn't matter so long as it works.
Gerald
routers like:
http://www.mcvax.org/~koen/uClinux-cisco2500/images/
...only with a heartbeat. (That's not going to stop me from downloading it
and trying it though.)
Thanks for any suggestions on or off list.
Gerald
l
5)
Gerald
of that
if they deliver value."
Who is speaking out of both sides of the mouth?
Gerald
ir use. (If you were playing a
prank on my fraternity, that's what I'd do.)
I don't think this idea, while amusing, will accomplish the goal. The bind
patch and other methods of nullifying their corporate group think crap that
makes them think this is a good idea is more our style. (Play smarter, not
harder.)
Gerald
resses to be unblocked, and things were fine within the day.
> Was simple, if somewhat annoying.
Actually we just got blocked this morning by RR. Is something going on
there today?
Gerald
om/pics/funny/Verisign.html
Gerald
ul, bind won't break when this
goes back to normal will it?)
I just wanted to point out if anyone did something other than just
patching bind and moving on, consider the repercussions of Verisign
reverting or you might have your weekend plans averted to undo your
changes.
Gerald Coon
benefit of other NANOG readers,
make sure reverting back won't cause more headaches on your network.
Gerald Coon
- How are ya? Never been better, ... Just once I'd like to be better.
roups usage statistics. Any
recommendations for someone I can outsource NNTP services to off list
would be appreciated. It's one option I am looking at for my current
company.
Gerald
On Thu, 25 Sep 2003, David Lesher wrote:
> The way to solve the Verislime problem is straightforward,
> but not simple.
>
> Make it unprofitable for them.
...can't resist hitting reply. First there is little to no way to make
this unprofitable for them since they already have people paying
e the second person to point that out...
2 suggestions:
- 1. Cut the head off and re-crimp it if it has to go that far.
- 2. Use regular power tape, scotch tape, or duct tape to hold the tab
down until it has reached its destination. (You do keep duct tape around
right?) ;-)
Gerald
- How are ya
Both have done
a good job and are less painful (& less expensive) to deal with than
VeriSign. I've never had to interact with either beyond purchasing single
web certs at a time though.
Gerald
- How are ya? Never been better, ... Just once I'd like to be better.
On Thu, 18 Sep 2003, Daryl G. Jurbala wrote:
> * PCs with built in Ethernet that is so close to a lip on the case, with
> the release pointed down, that you need to use a
> screwdriver/knife/whatever to release the cable.
...and combine that with the RJ45 connecters that have a rubber hood over
hut it down altogether. There is no reason for you to accept
any connection of any kind on port 25!
...shutting up now,
Gerald
- How are ya? Never been better, ... Just once I'd like to be better.
On Wed, 6 Aug 2003, Allan Liska wrote:
> Two things to keep in mind: VRRP is not a load balancing solution, it is a
> failover solution
You are very correct sir. :-) The load balancing part from the same
project is:
http://www.bsdshell.net/hut_loadd.html
> and (AFAIK) VRRP only operates within
On Wed, 13 Aug 2003, Stephen Williams wrote:
> in attempting to patch systems here (at U of Texas) I have noticed that
> over the last two days the windowsupdate url for Microsoft has at times
> not responded, or been very slow to respond. Between port scans from
> the worm and the demand of peo
On Wed, 6 Aug 2003, Austad, Jay wrote:
> If they did that, how would they sell the CSS hardware? :)
That was our concern. Cisco already had hardware to do as good or better
than what ArrowPoint was doing. They would suck in the intellectual
property, discontinue the CSS line, and roll out a sof
On Wed, 6 Aug 2003, Austad, Jay wrote:
> I would recommend the CSS, but it seems to have quite a few bugs in the
> code that still need to be worked out, but the support for SSL
> acceleration is nice.
I was totally green to Cisco IOS when I was working on the
Arrowpoint at the time. I liken the
On Thu, 14 Aug 2003, Christopher L. Morrow wrote:
> > On the configuration angle, the Microsoft ICF (Internet Connection
> > Firewall) blocks everything by default.
> >
>
> as does OSX.
Just to clarify, the OSX firewall has a little bit of sense. If you check
that you want to enable one of the s
On Wed, 13 Aug 2003, John Obi wrote:
> I can't open www.microsoft.com ,
> windowsupdate.microsoft.com and www.msn.com very slow.
Check your processlist. My money is on msblast.exe already running on your
machine.
Gerald
On Wed, 6 Aug 2003, Jason Greenberg wrote:
>
> Can I have some suggestions on how to load balance servers that are on
> seperate IP blocks? Is there any way to perform translation at this
> level? Exclude DNS based balancing please...
vrrp on FreeBSD is supposed to be a free solution to allow
On Sun, 3 Aug 2003, David G. Andersen wrote:
>
> To add to the eternally annoying list of companies that ignore
> abuse@ mail... ebay now requires that you fill in their lovely
> little web form to send them a note. Even if, say, you're
> trying to let them know about another scam going around t
*raising hand* guilty of not reading past "Distribution" after version
1.0.
Someone else pointed that out off list.
Thanks,
Gerald
On Fri, 18 Jul 2003, Barry Raveendran Greene wrote:
>
> The changes are all detailed at the bottom of the advisory.
>
> > -Origi
Wouldn't it be nice if they would CVS-web this thing so I can just see the
lines that they have changed on each revision. :-)
...off to read 1.5
G
On Fri, 18 Jul 2003, NANOG wrote:
>
> It appears Cisco has seen the posting too. The Cisco PSIRT updated
> their announcement to 1.4 at 5am this m
This isn't the first time I've seen this, but I've got to question the
reasoning in putting a quota on your abuse e-mail address. Wonder if
postmaster went over his limit too. If you've e-mailed Verizon abuse
lately, I'm sure you've already seen this.
G
*** Begin Bounce ***
This Message was und
Would anyone with experience on MRV Fiber to Ethernet media converters
please contact me off list.
Thanks,
Gerald
enough to
fit all of IPV4 addressing inside of the private addressing alone. (Anyone
have a total number of unique hosts on that one?)
Gerald
o agree wholeheartedly that using address space not assigned to
you is unprofessional, and will cause someone headaches later even if it
is not you.
Gerald
e nice to use standard computer AC recepticles that allow you to use
longer cables to power this device or replace bad power cables without
replacing entire device...etc. I know that's just me being picky though.
Gerald
On Thu, 29 May 2003, Steven M. Bellovin wrote:
> There was a recent recall of some of their home/SOHO UPSs -- battery
> overheating, with risk of fire.
Got the notice when it came out. Checked all our UPS's and none were
listed.
Gerald
n of APC.
They sent us a replacement APC but I still prefer the rack mount Tripp
Lites we used at the last company I worked for.
Gerald
s people don't read the bounce back. I know this isn't the
case with all of the abuse@ addresses, but we talked about creating a web
form for submission so we could smack the submitter on the head when they
left out relevant information.
Another aspect of the social spam problem trying to be resolved through
technical means.
Gerald
n time and steps to prevent it in the
future. Combination of working services and happy customers are the best
you can do.
Gerald
Along the same lines of circumventing NYT required login:
http://www.majcher.com/nytview.html
G
On Thu, 23 Jan 2003, Marshall Eubanks wrote:
>
> Hello;
>
> I don't know if anyone has noticed this, but News.Google appends a
> &partner=Google variable into New York Times URL's so that news.goog
have been able to talk to claim
ignorance/inability to permanently resolve the problem.
Any help or suggestions is appreciated. I'd prefer not to go into this
particular network issue on the list in the interest of our customer.
Gerald
> I don't really think that a free peering session...
"free" was omitted from the first post. I apologize for the confusion and
reaction.
Gerald
s
headache to deal with.
Gerald
On Wed, 18 Dec 2002, Ringdahl, Dwight (WebUseNet) wrote:
>
> If anyone has a usenet server and would like a feed let me know. (FYI
> current full feed is 72mb/s) We also can peer bandwidth at any of our sites
> which you can see at http://www.webusenet.
Apologies...missed it earlier.
G
On Tue, 12 Nov 2002, Gerald wrote:
>
> Haven't seen mention of this yet today and DNS affects most everyone in
> some way. The advisory was released a day early according to FreeBSD
> security officer.
>
> http://bvlive01.iss.ne
Haven't seen mention of this yet today and DNS affects most everyone in
some way. The advisory was released a day early according to FreeBSD
security officer.
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
&
http://marc.theaimsgroup.com/?l=freebsd-security&m=10371231240
Man it is hard to find where routes die when you are dead on the net.
2 hops out from our network was not broadcasting our routes. We should be
alive on the internet again to everyone. Thanks for the input as it helped
us find where our BGP broadcast died.
Gerald
We are seeing bad routing problems from outside our network. Can anyone
corroborate this or help?
We are on AS4276 and all traffic from us to our upstream seems good. Great
way to spend holiday weekend. /me wonders if anyone is even awake on the
NANOG list. :-)
2 addresses in our network I've t
I checked out the current list mainly for personal amusement, and to check
if the nameservers I know admins for were listed.
1. It would be nicer to have a search feature than just having to pull
down the whole list to check for a name/pattern.
2. I noticed a few merit.edu listings. I thought t
These places do not have cameras and evidence that point to malicious
intent to destroy your network?
I'm sorry but that would make me just about irate, and definitely insist
on moving the equipment ASAP. I don't plan on paying for colo facilities
that I have any doubt in the integrity of the pe
I got a chance to go to last years LISA for the first time. I had been
trying to go for 3 yrs. I have changed companies since then and am now
working for a lot smaller company that can't afford to pay for these kinds
of things which brings me to my question(s) for the list:
How can an individual
> what's your own NOC's SOP for when the G-men knock on the door at
> midnight waving paper & steel?
Yes sir, the servers are over there and here's the root password.
Oh wait, unless somethings broke or I'm breaking it I'm not at work at
midnight.
At my last place of employment, we would grant
temporarily changed their policy on
web server addressing.
If anyone wants more granular detail and this still doesn't make sense:
- after reading the documentation from your web server
- AND checking google groups for this discussion
- e-mail me off list, but I can
ked off of that idea.
I've set it up on IIS and Apache before. Pretty simple on both.
Gerald
On Thu, 11 Jul 2002, Martin Hannigan wrote:
>
>
>
> Folks, could use some pointers.
>
> I seem to remember from experience some years ago that if you were
> hosting multiple
in the version fool you. It's not just beta quality.
Gerald
P.S. Long time listener first time poster.
On Thu, 6 Jun 2002, Pawlukiewicz Jane wrote:
> Hi,
>
> I'm new here but I already have a quick question.
>
> What are the best diagnostic tools available to network
64 matches
Mail list logo