Blocking port 25 outbound for dynamic users until they specifically request
it be unblocked seems to me to meet the no undue burden test; so would
port 22 and 23. Beyond that, I'd probably be hesitant until I either started
getting a significant number of abuse reports about a certain flavor of
On Sat, 8 Mar 2008, Dave Pooser wrote:
Port 22 outbound? And 23? Telnet and SSH _outbound_ cause that much of a
concern? I can only assume it's to stop clients exploited boxen being used
to anonymise further telnet/ssh attempts - but have to admit this
discussion is the first i've heard
On Sun, 20 Jan 2008, Buhrmaster, Gary wrote:
My guess is the market will work this out. As soon as it's implemented,
you'll see ATT commercials in that town slamming cable and saying how DSL
is really unlimited.
If I were the DSL companies, I would consider advertising
with a commercial
The big advanatge of these plans is that the cost is fixed
even if I've used up all my alotted transfer.
This is the success of systems that implement rate limiting (not
additional charging) once a specified ceiling has been reached.
It provides some fiscal security that
On Fri, 12 Oct 2007, Tim Franklin wrote:
On Fri, October 12, 2007 2:49 pm, Justin M. Streiner wrote:
HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY
SERIOUSLY!! I'M CALLING THE FBI!!!
That I can *sort* of understand - it's the flaming zealotry of ALL ICMP
IS EEEVIL!
On Sun, 4 Feb 2007, Peter J. Cherny wrote:
At 04:58 PM 4/2/07, Trent Lloyd [EMAIL PROTECTED] wrote:
* Set up the profile, to your house/work/etc, of your favorite SSH
client to forward port 53 local to port 53 on your remote machine.
The flaw here is that DNS operates over 53(UDP), last
list... I talked to my lawyer. And while I am not a lawyer, I can tell you
that my lawyer pointed out several interesting legal theories under which I
could have some serious liability, and so I don't do that any more. (As an
example, consider what happens *to you* if a hospital stops getting
Kaufman.
Note the number of quotede layers. I made the mistake of removing the
quote-intro-line when I posted, apologies.
On Wed, 31 Jan 2007, Chris Owen wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jan 31, 2007, at 9:16 PM, Mark Foster wrote:
list... I talked to my lawyer
age of 35). Also you could ask your friendly local full license, old school
radio ham etc etc... It's a dying skill, not because it isn't good, but
because it takes training/practice and time. Tiewraps (Zip ties) are cheap,
quick and require little (if any) training.
When I sat my ham
On Wed, 3 Jan 2007, Rich Kulawiec wrote:
On Wed, Jan 03, 2007 at 05:44:28PM +1300, Mark Foster wrote:
So why the big deal?
Because it's very rude -- like top-posting, or full-quoting, or sending
email marked up with HTML. Because it's an unprovoked threat. Because
it's an attempt
On Wed, 3 Jan 2007, Joseph S D Yao wrote:
On Thu, Jan 04, 2007 at 09:26:00AM +1300, Mark Foster wrote:
...
But there are worse offenses. HTML emails - every author has a choice
there, so that ones unforgivable IMHO. Top-Posting and Legalese Addendums
to messages are both things
I have to ask.
The 'stock' disclaimer message says 'may'.
It also says 'If you are not the intended recipient...'
Key words - 'if' and 'may'.
Since the post is being made to NANOG, we can assume the NANOG Audience
(defined as anyone whos on the list _or_ who can read the web archive;
ala;
On Fri, 29 Dec 2006, Peter Corlett wrote:
Why is it that every company out there allows connections through their
firewalls to their web and mail infrastructure from countries that they
don't even do business in. Shouldn't it be our default to only allow US
based IP addresses and then
I take it you were after info other than that found at urls similar to
this one?
http://www.dbicorporation.com/internat/intpower.htm
I would've thought that datacentre internal cabling for mains would be a
different can of worms anyway, in my experience most primary power
distribution is
On Tue, 17 Oct 2006, Jack Bates wrote:
Mike Walter wrote:
We have a customer that has ATT and they reassigned the IP space to our
name servers to allow us to do reverse DNS for them.
We had a similar situation. ATT states that they will only handle rDNS using
domains that they control.
On a website I host with nearly 9000 unique visits month-to-date (thats
visits, not hits) a full 20% of the recorded 'hits' (Hitcount is ~40,000)
are being generated by 'msnbot'. We see this as a large amount of http
traffic from IP addresses owned by Microsoft.
I've actually seen this
On Fri, 22 Sep 2006, Simon Waters wrote:
On Friday 22 Sep 2006 11:39, you wrote:
Is this unusual, or what? Are search engines supposed to be amongst the
biggest user agents recorded on a typical website? How much trolling and
indexing is considered 'too much' ?
Whenever it becomes a
My thoughts go like this: We put a patch panel in each rack. Each of
these patch panels is permanently (more or less) wired to a patch panel in
our main patch cabinet. So, essentially what you've got is a main patch
cabinet with a patch panel that corresponds to a patch panel in each other
Anyone from the above providers watching?
I'm trying to draw attention to a phishing scam originating from
205.234.128.0/17 - 'Micfo.com LLC'.
Their host / upstream appear to be servercentral.net and theres a
reference to an Equinix datacentre in Chicago.
The +1-866 number listed doesn't
For the record folks I did get a response from the appropriate parties,
and wasy very pleased given the time of day in your part of the world.
Cheers all.
Mark.
Mark Foster wrote:
Anyone from the above providers watching?
I'm trying to draw attention to a phishing scam originating from
I assume the ongoing problems that forum administrators have with people
randomly signing up to forums - even closed ones requiring admin approval
for all accounts - for the purpose of spamming their web urls around the
place is an old one.
I run such a forum and have started implementing /16
On Tue, 21 Mar 2006, Mark Rogaski wrote:
An entity claiming to be John Kinsella ([EMAIL PROTECTED]) wrote:
:
: Not trying to start a Visio religious war, just saying there's a reason
: enterprises use it.
:
And it's not just that they think that having thousands of open stencil
windows is
From the Sysadmin of the box:
Resolved, in theory - we were being hit by a bug in SpamAssassin 3.1.0.
I am not sure what exactly about Gmail made SpamAssassin go nuts... but it
is resolved for now.
Thanks to everyone who assisted, including Google, who were pretty quick
to at least
Anyone else seeing 403's when trying to pull anything other than the
index page from www.nanog.org?
On Fri, 10 Feb 2006, Gary Wardell wrote:
Hi,
I've seen one or two blogs that suggest gmail has a potential as a source for
anonymous SPAM and other abuses.
One said he blocks all gmail.
I'd be interested as to what others think.
Well after I posted to NANOG about gmail I found myself
Thanks to all who emailed both on and offlist.
I've been advised that there were definately multiple people from NANOG
affected (aka 'subscribed')by the google groups thing and that Google
were promptly been heads-upped by some kind soul on NANOG who have since
zapped the group concerned into
Most ARIN ISP's also take it somewhat seriously (legal issues and
such)... Except for those big ones, big lawyers thrump reality/truth
anytime.
Asiapac ISPs have a rather worse problem but well - theyre not the only ones.
--
Yes. Especially when people outside of the Asia-Pac region
On Tue, 13 Dec 2005, Chris Stone wrote:
On Tuesday 13 December 2005 02:46 pm, you wrote:
[EMAIL PROTECTED] ping google.com
PING google.com (72.14.207.99): 56 data bytes
64 bytes from 72.14.207.99: icmp_seq=1 ttl=243 time=447.727 ms
64 bytes from 72.14.207.99: icmp_seq=2 ttl=244
I have a bunch of cat5 buried about 1 ft below the surface connecting
multiple
buildings on a campus (short runs) and lightning strikes nearby have
caused
surges along one or more of the cables and burnt out switch ports. I would
like to protect the switch ports -- there seem to be lots of
Telecom New Zealand announced the other day their intention to do
precisely this.
In relatively short order we will replace the entire PSTN and be
delivering all our services for customers over the IP network. That has
the potential to reduce costs for customers and put a lot more control
on increasingly complex systems, with x number of additional
dependencies that can take the service down.
Of course, events like Katrina are fairly extreme, but in general, people
should have some sort of fallback position. Its not a bad general rule.
Mark.
On Wed, 31 Aug 2005, Mark Foster wrote
On Mon, 15 Aug 2005 [EMAIL PROTECTED] wrote:
Roy Badami [EMAIL PROTECTED] wrote:
[...]
Interesting, thanks. TBH, I really don't understand why Cisco have
kept the classful support for this long...
When a friend was doing a CCNA back in 2003-ish, Cisco were still
teaching classful
Thanks to everyone for their advice and stories. It seems the popular
choice
is Cisco with a close second of foundry. Even a nice mention of Dell
switches.
Most people had nothing good to say about HP. (phew.. glad I asked you
all) I
completely forgot abt Foundry so they are my next
- Original Message -
From: Jay R. Ashworth [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 13, 2005 9:17 AM
Subject: Re: London incidents
On Tue, Jul 12, 2005 at 12:34:32PM +0200, Brad Knowles wrote:
The problem with mobile phones in the car has less to do with
I went to http://www.iana.org/assignments/ipv4-address-space and grep-ed
for APNIC (Asia-Pacific Network Information Center) to get the following
list. For the church email site that I support I block wholesale /8 IP
address ranges. I assume that for our church we will never get email
I went to http://www.iana.org/assignments/ipv4-address-space and grep-ed
for APNIC (Asia-Pacific Network Information Center) to get the following
list. For the church email site that I support I block wholesale /8 IP
address ranges. I assume that for our church we will never get email
Hi folks.
Don't post a lot here but i'm figuring you folks will know more about this
than my local NOG...
When investigating a host that spammed me today, I noted that when I
whois'd the domain that the mailserver involved has forward/reverse dns
pair for, the domain whois information comes up
On Wed, 26 Jan 2005 [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005 16:26:00 +1300, Mark Foster said:
I'm unsure how appropriate it is to post anything more specific in the
open forum, but i've never seen this before. Whats the deal with hiding a
domain name owners true identity
I find it interesting that you'd like pop3 access to a bunch of listed
*webmail* providers. Who provide access via the web - NOT pop3.
I also agree with the below statement - your mail queues themselves will
provide far more accurate information.
The issue of 'successful mail delivery' would be
On Fri, 11 Jun 2004, David Schwartz wrote:
This will be my last post on this issue.
In this case:
1) Almost certainly the traffic was due to a worm.
2) Almost certainly the ISP knew (or strongly suspected) the traffic was
due to a worm.
3) Quite
If anyone on here is from the powers-that-be behind the verisignmail.com
RBL - or infact anyone from Verisign Security - could they please contact
me offlist regarding an ongoing (2 month!) issue regarding mail delivery.
Thanks, and sorry for the noise (again!).
Mark.
the possibilities of using certificate verification and PKI.
--
Some days it's just not worth chewing through the restraints...
Mark Foster [EMAIL PROTECTED] http://mark.foster.cc/
pgp0.pgp
Description: PGP signature
Sorry again for the noise folks.
Have not been able to get hold of anyone @ juno.com through normal
channels.
If anyone here is from juno.com Security or Abuse could you please contact
me offlist please, with regard to an email delivery issue.
Cheers
Mark.
Apologies for the inconvenice to others on NANOG for this post.
I've tried repeatedly over the last 6 weeks or more to get in touch with
someone within att.net's Abuse/Security/Mail administration.
I'd appreciate it if someone in such a position could please contact me
off list with urgency.
does not popup a warning. It is the browser or client application
that does this.
--
= Mark Foster [EMAIL PROTECTED] http://mark.foster.cc/
service. They are wrong about ICANN.
--
Mark Foster [EMAIL PROTECTED]
46 matches
Mail list logo
