Frank Bulk wrote:
> Foundry OEMs from Meru, which also uses a single-channel approach. It does
> not have an L1 requirement.
Meru APs tunnel back to the controller, so any old L3 will do. We took an AP
home (just for grins) and it still worked back to our controller through
residential broadb
Darden, Patrick S. wrote:
>
> From my experience, a fast P4 linux box with 2 good NICs can NAT
> 45Mbps easily. I am NAT/PATing >4,000 desktops with extensive access
> control lists and no speed issues. This isn't over a 45Mb T3--this
> is over 100 Mb Ethernet.
NAT processing requirement thres
Patrick W. Gilmore wrote:
Verizon != VeriSign, despite what people think.
A single provider doing this is not equivalent to the root servers
doing it. You can change providers, you can't change "." in DNS.
Charter has been doing this for quite some time. If you have
security/network/diag
Donald Stahl wrote:
> As for the deaggregation- anyone deaggregating a /40 into 256 routes
> should have there AS permanently blackholed :)
I think you omitted an "S" there, Donald :-)
Jeff
Jay Hennigan wrote:
This is as best I recall a direct quote. "We don't care. You can
call yourself Supreme Imperial Grand Poo-Bah if you want as long as
our network stays up."
Nah, the proper term is "Network Czar" until you get into network
security, then you become the "Network Nazi" o
Alexander Harrowell wrote:
>
> It was clear from the highly reliable index I call the "Nanogdex" that
> nothing was seriously amiss.
Yes, but it got so much bloody press that ambitious copycats can't be
too far behind.
Jeff
joej wrote:
> I have a client that is running a web server (Sun One) that cannot
> be accessed by various folks. This just started happening about 2 months
> ago. What I have found is that the users being affected are behind a
> Cisco Pix that was recently upgraded to 7.0.1 Apparently, according t
chuck goolsbee wrote:
>
> I haven't heard a peep from any human being at Yahoo. Has anyone else
> that filled in the placeb^X^X^X^X form heard back from them? Beuller?
I filled it out with the same results.
Jeff
Cisco's response thus far:
http://www.cisco.com/en/US/about/security/intelligence/MySDN_CiscoIOS.html
Jeff
Robert E.Seastrom wrote:
>
> Roy <[EMAIL PROTECTED]> writes:
>>But is it applicable to VOIP carriers?
>
> Call-Before-You-Dig is not applicable to users of dig(1). Not being
> facilities-based, I don't believe VoIP carriers will be required to be
> participating utilities in One Call.
Nahhh,
[EMAIL PROTECTED] wrote:
> On Thu, 12 May 2005 12:23:19 CDT, John Kristoff said:
>>I think there always has been some justification. Here is a very
>>small sample of real traffic that I can assure is not Slammer traffic,
>>but it is being filtered nonetheless (IP addresses removed):
>>
>> May 1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chip Mefford wrote:
> on my "at work" small network, slammer (or slammer like) traffic is
> still around 2% of inbound blocked traffic. (just a dead end off
> of asn 6467)
Almost every time I update our border ingress ACL (which removes the ACL
for
While not "big" by any sense of the word, we NAT [almost] all of our
internal network. It wasn't initially a matter of choice, but rather of
necessity. We had a sprinklings of small netblocks in the old legacy C
swamp, mostly in the old SURAnet/BBN allocation, and after the Genuity
takeover they
Sean Donelan wrote:
> Here is a link about how Cox Cable uses DNS to block phishing and certain
> malicious sites.
>
> http://www.broadbandreports.com/forum/remark,12922412
If that manipulation is done on their internal servers, its their
business; that isn't uncommon anymore, and in fact, is on
Suresh Ramasubramanian wrote:
Just asking .. any idea how many cable / dsl operators around the
world - not just in the USA - provide hardware firewalls along with
their CPE equipment - or perhaps provide CPE equipment that's capable
of firewalling?
Both regional cable providers in our area provide
Tony Li wrote:
If there was a way that these costs were reallocated to the site that
decided to be multihomed, then the economics of the situation would
balance. Imagine paying US $10K/yr to advertise a single prefix and
you would get to a point where people would make some more rational
decis
Nicole wrote:
Lovely, Just lovely. Just heard On CNN, Lou Dobbs. (but can't find it on
their site)
During a Beijing news conference John Chambers (Cisco CEO) Says "We believe in
giving something back and truly becoming a Chineese company." "China will
become the IT center or the world" "China will
Scott McGrath wrote:
In my experience the breakeven point for a Frame Relay DS3 is 6 DS1
circuits. DS3's tend to be more reliable than DS1's as the ILEC usually
installs a MUX at your site instead of running to the nearest channel bank
and running the T1's over copper with a few repeaters thrown
Joe Johnson wrote:
Now, we do try to monitor some things like that. We have several crons
running checking the number of entries in the arp tables of our CPE
devices at customer locations, as well as several crons dedicated to
specific tell-tale signs of various worms and virii.
Our list of cro
If you're sniffing one gigabit port from a switch with much higher
bandwidth, you're going to lose something. Our primary sensor sits on
an aggregation switch just prior to hitting the net, and we have a 2Gb
fast etherchannel span port defined and lose relatively little in terms
of packet loss
We're getting this more often than the SSHD scans.
Jeff Kell
Systems/Network Security
Tulip Rasputin wrote:
So can you give me an example of why and when would an ISP *not* want
its traffic to flow via some other AS(es). Is it a normal policy to
have, and do most of the ISPs have such policies in place?
If you don't have a transit agreement and aren't sitting in the top tier
pee
[EMAIL PROTECTED] wrote:
On Thu, Aug 12, 2004 at 09:00:30PM -0700, Network Guru wrote:
Hello,
I have the responsibility of buidling a great network team for international /domestic projects and I am looking for quality networking guys to work for me. If you are based out of India or in the US,
Suresh Ramasubramanian wrote:
> And elephants have been known to crash into breweries, get
drunk and go around uprooting telephone poles in some parts of the
country (like the thickly forested north east).
Sounds like our local Ma Bell spinoff linesmen.
Jeff :-)
james edwards wrote:
Sean Donelan wrote:
If you leave your lights on, the electric company will send you a bill.
If the neighbor taps into your power lines after the meter...?
Not a reasonable argument. It is expected that unpatched hosts will
get infected and it has been well reported on how users
Jeremy Kister wrote:
[... giant snip ...]
We are a former user of SORBS. Our issue was not that of dynamic IPs,
but rather their spamtrap listings. A few weeks ago, at least two of
Comcast's legitimate mail servers was blacklisted. As Comcast has a
majority of the cable service in our area, w
Will Hargrave wrote:
The 'recommended max' number of SVIs for the 3550 is something low like 8.
There is no limited stated in the datasheet for the 3750 - is anyone
running more than 8 SVIs on a 3750?
We're running 30 SVIs on a 3550-12 (only 10 active at the moment, we're
in a transition). It i
Alexei Roudnev wrote:
1) Use Cisco 2924 or 3524
2) Redesign your network to fit into 1024 VLANs
3) Do not spend time with junk (non Cisco, for the switches).
U1 switch have only 24 - 48 ports, so you never need to handle 2000 VLAN's
on it. And I suspect, that the whole design is wrong.
Do not buil
Richard A Steenbergen wrote:
Never under any condition let anyone tell you that Juniper is perfect...
But, as everyone that uses both will tell you, it is "better" (at most
things).
They tend to be (in our experience) a "set it and forget it" thing,
while you can spend considerable time tweaking
Rob Healey wrote:
I was wondering what the best sources for up to date info on current
packet size distribution on the Internet might be?
Here's a view from our edge:
IP packet size distribution (6491M total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384
't do that (well, maybe an IDS appliance with a custom signature).
You can gain "some" additional protection by rate-limiting ICMP (in the
Nachi ping case) and/or UDP (SQL Slammer, etc), and TCP intercept for
synflooding. Not perfect, but every little bit helps.
Jeff Kell
University of Tennessee at Chattanooga
Eric Kuhnke wrote:
It looks like 24*1Gb + 2*10Gb switches will be showing up soon:
Certainly not as cheap as a 2950 with two Gb ports, but this is the
start of an entirely new generation of edge switches. Does anyone want
to hazard a guess as how long it will be before 24+10Gb switches are
se
Laurence F. Sheldon, Jr. wrote:
Margie Arbon wrote:
With all due respect, we have a *problem*. End user machines on
broadband connections are being misconfigured and/or compromised in
frightening numbers. These machines are being used for everything
from IRC flooder to spam engines, to DNS serve
Dan Hollis wrote:
On Wed, 13 Aug 2003, Jason Frisvold wrote:
If the blaster cannot get a proper DNS response, it continues to
replicate via port 135... It then goes into a retry cycle and continues
to try to get a good DNS lookup.
has anyone tried tarpitting eg labrea to slow the worm?
Oh yeah, La
the office it wasn't noticed and shutdown until
Tuesday, after a little over a half million proxied spams.
Are these people just totally off-the-wall? Google searches seem to concur.
I am awaiting confirmation that ALL the proxies originated from Edge 1
(takes a while to churn through those gigs
Todd Mitchell - lists wrote:
| and when I should
| complain to the datacenter operators? (References I can point to would
| be nice.)
When your equipment starts to rust ;)
I don't have any technical references, but I think that anything over
65% is probably too much. Most facilities I have equip
Richard A Steenbergen wrote:
On Mon, Jul 21, 2003 at 02:37:34PM -0400, Deepak Jain wrote:
Has anyone had to deal with this in their BGP filter tables?
5 washdc5lce1-oc48.wcg.net (64.200.95.118) 4 ms 11 ms 4 ms
6 GigabitEthernet5-0.GW4.IAD8.ALTER.NET (157.130.30.245) 4 ms 4 ms 4 ms
7 0.so
The workaround for transit suggests permitting only tcp, udp, icmp, gre,
esp, and ah protocols. Is this sufficient to protect the router
itself, or do you have to get hard-nosed with specific ACLs (restricting
access to all your possible interface addresses)?
Jeff
The description by LURHQ is misleading. Messenger is an RPC service.
Typical pop-up spammers queried 135 (Windows RPC portmapper) to find the
port number of the messenger service, then send the message to that
port. It turns out that messenger can "typically" be found on 1026.
And as was note
McBurnett, Jim wrote:
I tell ya, what really gets me in a bad mood is when my PIX logs
show the same IP address hitting port 80 on 25 different IP's
and the time line is 2 seconds start to finish.
Yesterday, I got word from a network operator that 50 entries was not sufficient.
So I parsed 4 days
Kris Foster wrote:
Is anyone else getting this junk regarding the list? And can
we put a stop
to it?
Got the same message. I think Miyoko's fight should be with the vendors,
not the poor people who are subjected to the whims of an IS department.
In the beginning, there was The Word.
And The Wor
james wrote:
Sorry I was not clear. I ment someone was null routing this host
way before I got close to the destination.
Now that's interesting... the Cyber Defense Initiative at work?
Jeff
From: Gunnar Hellekson <[EMAIL PROTECTED]>
Basically, RoadRunner tried to spam themselves using my server. I mailed
[EMAIL PROTECTED] about this, and received a canned response, enclosed.
Under their logic, I feel entitled to poke and prod their customers, just
to make sure they don't spam me
43 matches
Mail list logo
