RE: BGP list of phishing sites?

2004-06-28 Thread Smith, Donald
essage- > From: Stephen J. Wilcox [mailto:[EMAIL PROTECTED] > Sent: Monday, June 28, 2004 2:58 PM > To: Smith, Donald > Cc: Scott Call; [EMAIL PROTECTED] > Subject: RE: BGP list of phishing sites? > > > Hi Donald, > the bogon feed is not supposed to be causing a

RE: BGP list of phishing sites?

2004-06-28 Thread Smith, Donald
Some are making this too hard. Of the lists I know of they only blackhole KNOWN active attacking or victim sites (bot controllers, know malware download locations etc) not porn/kiddie porn/pr/choose-who-you-hate-sites ... clients (infected pc's) are usually not included but could make it on the li

RE: Attn MCI/UUNet - Massive abuse from your network

2004-06-25 Thread Smith, Donald
rom: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Michael Painter > Sent: Friday, June 25, 2004 4:11 AM > To: [EMAIL PROTECTED] > Subject: Re: Attn MCI/UUNet - Massive abuse from your network > > > > - Original Message - > From: "Dr. Jeffrey Ra

RE: Attn MCI/UUNet - Massive abuse from your network

2004-06-24 Thread Smith, Donald
#x27;s for stopping bad traffic. AFAIK he can not authorize legal action against spammers. [EMAIL PROTECTED] my opinions are mine and do not reflect qwest policy. -Original Message- From: Dr. Jeffrey Race To: Smith, Donald Cc: [EMAIL PROTECTED] Sent: 6/24/2004 9:40 PM Subject: RE: Attn

RE: Attn MCI/UUNet - Massive abuse from your network

2004-06-24 Thread Smith, Donald
Are you offering to finance ISP's legal battles against spammers? -Original Message- From: [EMAIL PROTECTED] To: Ben Browning Cc: [EMAIL PROTECTED] Sent: 6/24/2004 9:16 PM Subject: Re: Attn MCI/UUNet - Massive abuse from your network On Thu, 24 Jun 2004 11:50:44 -0700, Ben Browning w

RE: "Default" Internet Service

2004-06-14 Thread Smith, Donald
t; Behalf Of Matthew Sullivan > Sent: Monday, June 14, 2004 3:26 PM > Cc: nanog > Subject: Re: "Default" Internet Service > > > > Smith, Donald wrote: > > >First are the consumers willing to pay for a "safer" internet > >DSL/dial/isdn? >

RE: "Default" Internet Service

2004-06-14 Thread Smith, Donald
First are the consumers willing to pay for a "safer" internet DSL/dial/isdn? I believe if they were there would be a safer service available. I have seen several "secure" isp's fail in the last few years. If you have any data that shows that there is a market for a more secure dialup/DSL/isdn... p

RE: BGP Exploit

2004-05-06 Thread Smith, Donald
[EMAIL PROTECTED] > Subject: Re: BGP Exploit > > > > On Wed, 5 May 2004, Patrick W.Gilmore wrote: > > > > > On May 5, 2004, at 2:39 PM, Smith, Donald wrote: > > > > > No. The router stays up. The tool I use is very fast. It > floods the &

RE: BGP Exploit

2004-05-05 Thread Smith, Donald
2004 10:16 AM > To: Smith, Donald > Cc: Steven M. Bellovin; Kurt Erik Lindqvist; > [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: BGP Exploit > > > Of more interest.. does the router die (cpu load) before you > brute force the > sessions down > > Stev

RE: BGP Exploit

2004-05-05 Thread Smith, Donald
> From: james [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 04, 2004 4:41 PM > To: Smith, Donald > Cc: [EMAIL PROTECTED] > Subject: Re: BGP Exploit > > > What would a Cisco log if the IP's for the BGP sessions were > attacked & MD5 was in place ? "No

RE: FW: Worms versus Bots now religion host security vs firewall/nat/acl

2004-05-04 Thread Smith, Donald
&search=0xAF00EDCC pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC kill -13 111.2 > -Original Message- > From: Rob Nelson [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 04, 2004 4:26 PM > To: Smith, Donald; Daniel Senie; Sean Donelan > Cc: [EMAIL PROTE

RE: BGP Exploit

2004-05-04 Thread Smith, Donald
I have seen 3 pubic ally available tools that ALL work. I have seen 2 privately tools that work. A traffic generator can be configured to successfully tear down bgp sessions. Given src/dst ip and ports : I tested with a cross platform EBGP peering with md5 using several of the tools I could not t

RE: FW: Worms versus Bots

2004-05-04 Thread Smith, Donald
; Behalf Of Daniel Senie > Sent: Tuesday, May 04, 2004 9:39 AM > To: Sean Donelan > Cc: [EMAIL PROTECTED] > Subject: RE: FW: Worms versus Bots > > > > At 10:54 AM 5/4/2004, Sean Donelan wrote: > > >On Tue, 4 May 2004, Smith, Donald wrote: > > > If y

RE: FW: Worms versus Bots

2004-05-04 Thread Smith, Donald
Message- > From: Sean Donelan [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 04, 2004 8:55 AM > To: Smith, Donald > Cc: [EMAIL PROTECTED] > Subject: RE: FW: Worms versus Bots > > > On Tue, 4 May 2004, Smith, Donald wrote: > > If you follow these steps outlined by SANS yo

RE: FW: Worms versus Bots

2004-05-04 Thread Smith, Donald
If you follow these steps outlined by SANS you should be able to successfully update and NOT get infected. This is short, easy, fully documented (with pictures :) http://www.sans.org/rr/papers/index.php?id=1298 [EMAIL PROTECTED] GCIA http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC pg

RE: tcp bgp vulnerability looking glass and route server issues.

2004-04-21 Thread Smith, Donald
PROTECTED] GCIA http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC I reserve the right to be wrong and exercise as required. -Original Message- From: Lane Patterson [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 21, 2004 5:22 PM To: Smith, Donald; [EMAIL PROTECTED] Subjec

tcp bgp vulnerability looking glass and route server issues.

2004-04-20 Thread Smith, Donald
John Fraizer author of MRLG one of the looking glass implementations has updated his code to fix a flaw that provided too much information. MRLG-4.3.0 is available at: Available here: ftp://ftp.enterzone.net/looking-glass/CURRENT/ Some route servers also provide too much info. This audit was pe