>>> The same document that fully ignores that port number
>>> randomness will severely limit the risk of susceptibility
>>> to such an attack?
>>
>> How many zombies would it take to search the port number
>> space exhaustively?
>
> Irrelevant.
>
> The limiting factor here is how many packets c
> There is nothing wrong with a user who thinks they should
> not have to know how to protect their computer from virus
> infections. If we (the community who provides them service
> and software) can't make it safe-by-default, then the
> problem rests with us, not with the end users.
This i
Leo Bicknell wrote:
> Since most POS is 4470, adding a jumbo frame GigE edge makes
> this application work much more efficiently, even if it doesn't
> enable jumbo (9k) frames end to end. The interesting thing
> here is it means there absolutely is a PMTU issue, a 9K edge
> with a 4470 core.
> A more important question is what will happen as we move out
> of the 1500 byte Ethernet world into the jumbo gigE world. It's
> only a matter of time before end users will be running gigE
> networks and want to use jumbo MTUs on their Internet links.
The performance gain achieved by using jumb
> I'm fairly certain that the tacacs standard implementations
> available on the cisco routers log out changes to the config
> made by users... That and a little log parsing magic and you
> have this data also.
While we're being Cisco-centric, 12.3(4)T has a new feature by which the
router can
[EMAIL PROTECTED] wrote:
>
> As I see it, we're experiencing an ever-increasing flood of
> garbage network traffic. While not all of it is easy or
> appropriate to target, it seems to me there's some "low
> hanging fruit" that could generate serious gains with
> relatively little investment.
I
> > How many other ISPs intend to follow AOL's practice and use their
> > connection support software to fix the defaults on their customer's
> > Windows computers?
>
> Sounds good to me. The potential for these users
> to be less-than-educated enough about the existance of
> this "feature
Christian Kuhtz wrote:
>
> So, since there won't be a flag day, ...
Maybe that's the point. The notion of Internet flag days has largely
disappeared as the Internet's ubiquity and criticality have increased.
There won't be flag days for IPv6, S(o)BGP, BGP-5, etc.
So what's a company like Veri
jlewis wrote:
> On the topic of announcing PA /24's, what procedures do
> you take to make sure that a new customer who want's to
> announce a few PA (P being one or more P's other than
> yourself) IP space is legit and should be announcing
> that IP space?
I'm also interested in hearing cur
ry
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Terry Baranski
> Sent: Sunday, October 05, 2003 3:01 PM
> To: 'James Cowie'; [EMAIL PROTECTED]
> Subject: RE: as6198 aggregation event
>
>
>
> James Cowie wrote:
>> This internet draft is available at:
>> http://quimby.gnus.org/internet-drafts/draft-aboba-nat-ipsec-04.txt
>>
> Ken Emery wrote:
>
> I can't figure out if anything happened with
> this draft (I'm guessing nothing went on). The
> draft expired on December 1, 2001.
IPSec NAT Traversal is sti
>> We've been handling a multi-vector DDoS - 40-byte spoofed
>> SYN-flooding towards www.cisco.com
>
> Now that they've come for cisco, maybe law enforcement,
> network operators, and router vendors will all get their
> $h!t together and do something to put a stop to these DDoS
> attacks that
James Cowie wrote:
> On Friday, we noted with some interest the appearance of more
> than six hundred deaggregated /24s into the global routing
> tables. More unusually, they're still in there this morning.
>
> AS6198 (BellSouth Miami) seems to have been patiently injecting
> them over the
Daniel Karrenberg wrote:
> There is that too; but I have frequently observed people not doing it
> even when provided detailed step-by-step instructions. On the
> other hand
> they would proceed relatively quickly once "it stopped working",
> e.g. the Internet plug was pulled. Some of them wou
> > Sean Donelan wrote:
> >
> > It gets even worse. Cisco has hard-coded the list of
> > Bogons into some of its latest low-end IOS versions as
> > part of its "auto-secure" feature. Yes, Cisco includes
> > warnings in the manual the user should check the official
> > list at IANA; but I also
> the rest of the paper is also germane to this thread. just
> fya, we keep rehashing the UNimportant part of this argument,
> and never progressing. (from this, i deduce that we must be humans.)
Ok, so we seem to have a general agreement that anti-spoof & BGP prefix
filtering on all standard
On Sunday, August 31, 2003 8:26 AM Stephen J. Wilcox wrote:
>
> > On Sat, 30 Aug 2003, Terry Baranski wrote:
> >
> > In what instances is blocking spoofed traffic at the edge not
> > feasible? ("Spoofed" as in not sourced from one of the customer's
Owen DeLong wrote:
> The ISPs aren't who should be sued. The people running
> vulnerable systems generating the DDOS traffic and the
> company providing the Exploding Pinto should be sued. An
> ISPs job is to forward IP traffic on a best effort basis to
> the destination address contained i
> "The problem isn't Microsoft's products or the knowledge
> of the consumer. The problem lies in the ISPs' unwillingness
> to make this issue disappear or at least reduce it
> dramatically," said Cooper.
This is a disturbing viewpoint. Next thing you know we'll be blaming
ISP's for file shari
> If folks want to filter, please, please, PLEASE, employ IRR
> infrastructure and filter customers *AND* peers explicitly.
> If your vendors have issues with this, push them to fix it.
> Then you don't have to worry about bogons, max-prefixes,
> route hijacking, de-aggregation, or...
>
> The
BGP plots from http://bgp.lcs.mit.edu/ -
MIT:
http://bgp1.notlong.com
GLBX London:
http://bgp2.notlong.com
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Shawn Morris
> Sent: Thursday, August 14, 2003 4:56 PM
> To: Aaron D. Britt
> Cc: [EMAIL P
CNN has mentioned several times the theory that the Blaster worm
potentially had something to do with this.
No joke.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Adam Debus
> Sent: Thursday, August 14, 2003 4:52 PM
> To: Damian Gerow; [EMAIL PR
> At the moment there is no clear procedure for any ISP to
> follow to even
> get a best guess as to whether an advertisement should be accepted or
> not.
What about requiring that a route appear in an RIR database period?
Maybe that would be a good start. It's easy enough to do but virtually
Apologies if this is old news. It's from Thursday, but I didn't see it
until today.
Symantec comes clean Somewhat:
http://www.theregister.co.uk/content/56/29406.html
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Sean Donelan
Sent: Thursday, Febru
24 matches
Mail list logo