(64.156.29.150 is one address here).
Oh my, operational content. Getting there fine from my Cox connection
at home:
saturn:~ brett$ traceroute 64.156.29.150
traceroute to 64.156.29.150 (64.156.29.150), 64 hops max, 40 byte
packets
1 192.168.1.1 (192.168.1.1) 1.613 ms 4.405 ms 1.064 ms
2
esign?
-brett
On Jun 4, 2007, at 9:51 PM, Donald Stahl wrote:
A SI firewall ruleset equivalent to PAT is a single rule on a
CheckPoint firewall (as an example):
Src: Internal - Dst: Any - Action: Allow
Done.
Done indeed! Botnet operators *love* this policy. This type of policy
is probably worse than
On Feb 11, 2007, at 10:58 AM, Chris L. Morrow wrote:
perhaps next time the news folks could
ask someone who runs a network what the problems are that face network
operators?
they did ask one, you must have missed this from the article:
"Verisign, the American firm which provides the backbo
My apologies to the list for my forward post from the DA list. I was wading
through nanog mail and simply not paying attention to subject tags when I
replied. Completely unintentional.
-b
--
sent from my blackberry (typing with thumbs)
On Sep 25, 2006, at 9:04 PM, Jeff Kell wrote:
Well, a prefix hijack either means a router has been pwned, as I
suggested,
or a router is (as Governor Tarkin put it) "far too trusting" of
its peers.
And anyhow, I was speaking of BGP flaps in the context of botnets
- has anybody
seen a
If anyone is interested in attending a 1-day pre-nanog (June 2)
workshop for dns-operations, details can be found at the URL below.
http://public.oarci.net/dns-operations/workshop-2006
-b
On Feb 24, 2006, at 11:47 AM, Randy Bush wrote:
this would be a fine thread to discuss on dns-operations, which a
bunch of you here have already joined.
http://lists.oarci.net/mailman/listinfo/
i joined but have never seen a message on that list. and this
discussion seems useful. maybe we
On Feb 24, 2006, at 11:30 AM, Ejay Hire wrote:
It may be coincidental, but TXT and ANY queries for this
zone were the ones used in the multi-gigabit reflected dns
DDOS against us earlier this month.
this would be a fine thread to discuss on dns-operations, which a
bunch of you here have al
ven't independantly verified
it), Verio is (at Panix's request) rejecting the route from ConEd, and
Panix's upstreams are accepting the /17s, so connectivity should be
OK from everywhere except possibly ConEd.
-- Brett
er to say,
although federal preemption is certainly a reasonable argument to make.
http://www.rcfp.org/taping/ seems to have good information.
-- Brett
;.
>
> Interesting. Is it limited to one-time use? Are the network login
> services (SSH, telnet, et al.) prevented from using this login and
> password?
No. No. (It's nothing special -- it doesn't do anything you couldn't
configure manually on a pre-SDM device if you wanted.)
-- Brett
On Nov 11, 2005, at 2:50 PM, [EMAIL PROTECTED] wrote:
we clustered the engineers into the IETF terminal
room
since we're reminiscing, we did this at dallas ietf in 1995, i think
it was (yes, http://merit.edu/mail.archives/nanog/2000-11/
msg00222.html). we had hit a timer bug in
seems to me this is the wrong question... a default security
"posture" (network or system, isp or enterprise or any type of
entity) should be: "if it's not explicitly allowed, it's denied."
apologies, i see the original poster was talking about a
*backbone*... my mind was on campus/edge/c
On Wednesday 14 September 2005 15:41, Luke Parrish wrote:
Not quite looking for tips to manage my network and ACL's or if
should or
should not be blocking, more looking for actual ports that other
ISP's are
blocking and why.
seems to me this is the wrong question... a default securit
On Sep 12, 2005, at 1:32 PM, Jared Mauch wrote: there's also a blurb on yahoo news of an outage http://news.yahoo.com/s/ap/20050912/ap_on_re_us/la_power_outage AM radio news is reporting a "wrong cable cut" by the department of water and power folks... they're saying "no ties to terrorism"...-b
give up and strive for world peace instead.
I don't think so :)
More likely they will (and already are) hiding behind very non terror
sounding names, not a lot we can do about that really.
Brett..
--
Brett Carr Ripe Network Coordination Centre
System Engineer --
y new
vulnerabilities, and Cisco is also correct in saying that the
vulnerability he used in his presentation to demonstrate his technique
has been patched. However, the same technique will be useful on the
next buffer overflow vulnerability to be discovered.
-- Brett
On Jun 20, 2005, at 12:44 AM, Randy Bush wrote:
June 15th: Lorenzo gives us 24 hours notice that he is going to be
using
our (a very general our here, meaning all Internet operators)
network for
performing his experiments on. (oh, and points out that hes been
doing the
same with IPv6 s
On 3/15/05 3:11 AM, "Ziggy David Lubowa" <[EMAIL PROTECTED]> wrote:
>
>
> On Tue, 15 Mar 2005 17:51:32 +0800 (CST), Joe Shen wrote
>> Yes. Can I do this on a Linux box without having to
>> install Zebra BGP on it?
>
> Doesnt look like you have to, below is the link to the tarball
>
> http:/
The point behind the initiative is not to attack the email senders,
but the source of money. If the spam websites are never up, then the
recipients cannot buy products advertised. Without the sales, there
are not finances to support the spamming. If spammers can't make
money sending email, then
I think Lycos did not think this through enough. Their response is
HUGE. They've essentially launched a Denial of Service on themselves.
They would not have needed the larger backbone if they cut down on
the size of their response. They could have done anything with their
client, but they chos
Now, this is on topic. The email scanning that is done by Gmail is
the same that is done by spam filtering and virus scanning. Do you
actively discourage your clients to not use anti-virus or anti-spam
software?
All free email services profit from advertising, or they would not
exist. Other se
WOW! Overwhelming response. Haven't sent them all out yet, but all
accounted for.
Brett
On Wed, 18 Aug 2004 13:51:43 -0700, Brett <[EMAIL PROTECTED]> wrote:
> I've got a few to give out as well. Email me off-list and if I have
> any left, I'll send an invite.
>
I received a few messages as well, one with US Bank, which I don't
have an account with, and they both had images attached. The image
was displayed, without any external connection.
As far as fighting abuse with abuse, it's not *always* a bad idea. If
the databases are filled with bad entries,
I've got a few to give out as well. Email me off-list and if I have
any left, I'll send an invite.
Brett
On Wed, 18 Aug 2004 16:43:30 -0400, Joshua Brady <[EMAIL PROTECTED]> wrote:
>
> All gone
>
are totally interrupted, using a cell phone would almost guarantee that the
> page would be sent, rather than just queuing up in the mailqueue during the
> outage.
>
>
>
>
> - Original Message -
> From: "Brett" <[EMAIL PROTECTED]>
> To: "Da
Any reason the monitor can't be external, then send an SMS via email
directly to the cell phone provider, rather than an alias on the down
network?
If it's a private network, it could do a web request every minute to a
monitor. If it hasn't received a request in two minutes, send the
page direct
-
First of all, even if OS have not any caveats, it will not protect it from
spyware/adware. if I want to install my 'Cool-Search' into million of
computers, all I need to do is to write fancy game, and offer it 'free of
change' in exchange of 'Allow to show you ads once / day'.
That's all - y
Not directed at anyone specifically, but has anyone noticed that on
these lists, people tend to focus on whether or not people's analogies
are correct, rather than trying to answer the original question?
On Wed, 23 Jun 2004 15:57:25 -0700, David Schwartz <[EMAIL PROTECTED]> wrote:
>
>
>
> > I
EMAIL PROTECTED]> wrote:
>
>
> On Wed, 23 Jun 2004, Brett wrote:
>
> > At least they now realize they are one of the worst and are finally
> > becoming proactive:
> >
> > http://zdnet.com.com/2100-1104-5230615.html
> >
> > They are also starting t
At least they now realize they are one of the worst and are finally
becoming proactive:
http://zdnet.com.com/2100-1104-5230615.html
They are also starting to block port 25.
-b
On Wed, 23 Jun 2004 12:27:50 -0400, William Warren
<[EMAIL PROTECTED]> wrote:
>
>
> one of those members is comcast
>> 1) their backbones currently "work" - changing them
>> into something which may or may not "work better" is a
>> non-trivial operation, and risks the network.
i would disagree. their backbone tend to reach scaling problems, hence the
need for bleeding/leading edge technologies. that's been m
>
> Wasn't it established that they did infact not leak it but just routed it
> inside their own network?
Sorry, shouldn't have said "leaked".
> RFC1918 addresses are unpredictable on any network other than your own.
> You shouldn't make assumptions about them. Anyone may use them for any
> purpose on their network. If you send packets into their network using
> RFC1918 addresses, you get whatever you get. If you require certaintity
> i
>
> The router at route-server.ip.att.net shows about 25 10.0.0.0/8
> prefixes, most showing up over 4 weeks ago.
Odd. I didn't see this when looking at at&t's looking glass via web
browser. I was looking for some smaller prefixes though and didn't just
look for 10/8 :-/
-b
First, yes I know I should call AT&T but I want to know if anyone else sees
this problem:
I have a customer that is multi-homed to AT&T and WCOM. They accept
"default" via BGP from both providers and announce a handful of prefixes to
both providers.
Given that they receive default, it's just th
>> i wish you were right. i wish you were even close to right. but we've
> been
>> attacked many times over the years by some extremely smart adolescent
>> psychopaths -- where adolescence is a state of mind in this case, rather
>> than of years -- and i wish very much that they would either sto
On Wednesday, Mar 19, 2003, at 12:28 America/Phoenix, Sean Donelan
wrote:
On Wed, 19 Mar 2003, German Martinez wrote:
Anybody here seeing problems with AS7018 ?
...
...
If you report it to AT&T, they seem to get it fixed; but then
the problems re-appear a few days later. I'm guessing that packe
in my wallet is representative,
then mostly, the PINs aren't on the card anymore (I still have one card
that has the PIN on the card).)
-- Brett
5535] is a one-character regular expression matching
1,2,3,4,5 or 6. (It's way more complex than it needs to be, of course.
You've got 6 listed in there twice; five is listed 4 times and also
included in the 2-6 range, and so on.)
So your expression above is going to match paths ending with AS 1, 2,
3, 4, 5, or 6.
-- Brett
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of David Diaz
> Sent: Monday, January 06, 2003 5:24 PM
> To: [EMAIL PROTECTED]
> Subject: Re: DWDM interconnects
>
> Actually I forgot to mention. Since we have different frequencies
> for the lasers,
ow, figure out how many kw you need to run a telecom hotel, and you'll
know just how large your tank needs to be (and how much weight the
building structure is going to have to support). Even if you assume
100% efficiency, the tank is still going to me, um, rather largish.
-- Brett
re problematic. ICMP rate limiting isn't anywhere near a big
enough win, from my perspective, to justify adding complexity to the
network, and having to remember, when troubleshooting strange problems,
that ICMP is no longer forwarded just like any other packet.
-- Brett
hate to break up the peering thread but i'm wondering if anyone has
experience/knowledge of Empirix tools? i worked with them back when they
were known as midnight networks but they focused on protocol conformance
testing at the time (mid-90s). they're "corporate history" has no mention
of
point of clarification:
i mentioned luminous and "RPT". their marketing folks call it that, it is
in fact RPR (resilient packet ring).
-b
--On Saturday, June 22, 2002 5:02 PM -0400 Ralph Doncaster
<[EMAIL PROTECTED]> wrote:
>
> What's the cheapest way to get Gig-E over OC48?
> A couple used Cerent(Cisco) boxes would work, but the $15-$20K price tag
> is too high.
last i talked to Luminous (about 7-8 months ago) they were making p
--On Tuesday, June 18, 2002 3:17 PM -0700 Vadim Antonov
<[EMAIL PROTECTED]> wrote:
>
> Demonstrably (proof by existence), those switches can be made reasonably
> reliable. So can be routers. It's the fabled computer tech culture of "be
> crappy, ship fast, pile features sky high, test after you
--On Tuesday, June 18, 2002 11:52 AM -0700 Vadim Antonov
<[EMAIL PROTECTED]> wrote:
>
> Er... back then it took 2 months to learn everything a backbone engineer
> had to know. Nowadays it's an alphabet soup of stupid techniques to
> achieve the same result - i.e. to deliver a packet from place
--On Tuesday, June 18, 2002 6:39 PM + "E.B. Dreger"
<[EMAIL PROTECTED]> wrote:
> That's what happened here. Rather than transitting the traffic
> via a "last resort" across town/state, the higher local-pref of a
> "local" peer won.
>
> Geography requirements for peers aren't inherently bad
--On Tuesday, June 18, 2002 11:30 AM -0700 Lou Katz <[EMAIL PROTECTED]> wrote:
>
> A client of mine just discovered that he could no longer do ftp
> transfers to my machine. His IP address had changed to one in
> 12.240.20 and there is no reverse DNS for that block. His
> previous assignment was
--On Tuesday, June 18, 2002 1:33 PM -0400 Pawlukiewicz Jane
<[EMAIL PROTECTED]> wrote:
> Hi Brett,
>
> Are you asking _why_ there are so many hops between yourself and the guy
> across town?
no, just lamenting the passing of an era. an era where we engineers
cooperated, an
> - Original Message -
> From: "Pawlukiewicz Jane" <[EMAIL PROTECTED]>
> To: "Marc Pierrat" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Thursday, June 06, 2002 10:02 AM
> Subject: Re: Diagnostic Tools
>
>
>> No. But I was thinking of something more robust. And I think it depends
>> o
SH (the current portable CVS version doesn't
have the changes quite yet) allow you to specify a minimum key lentgh as a
#define at compile time. see ssh.h:
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
- brett
in case anyone has experienced this and wants to complain...
-- Forwarded Message --
Date: Monday, March 25, 2002 12:57 AM -0500
From: Declan McCullagh <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: FC: Verisign reportedly sending deceptive domain registration bills
>
> ---
55 matches
Mail list logo
