I'm seeing everything from Hughes Network (my vsat) go to Portland,
Maine, from Northern Virginia, by way of Nashville, Las Vegas, Los
Angeles (Verizon), and then back to Boston (Alter), for 20 hops. The
usual is 10, straight up the eastern seaboard.
Lots of delay, and more bad dns than usua
itary Affairs (RMA) Wonder-Cruft, and a lot of
it was blatent fund-me stuff.
My two beads worth,
Eric
iers
and PII, if you send them to me, I'll summarize for the purpose of
offering a specific
update to our final work product, P3P 1.1 [1].
I'll extract the MAC-to-v4 comments for PII in a LAN environment,
which we ignored in the P3P Spec WG.
Eric
[1] http://www.w3.org/TR/P3P11/
be used to walk our database and produce a system owner.
I'm guessing that Google et. al. have a similar multi-factor token set (IP,
time,
cookie, etc) which allows them to map back to a "person".
Eric :)
erpoints, which
may also be flow endpoints.
Look for labels which cannot be projected to a binary values without
loss of information in RFCs
pertaining to the provisioning of PII to some well known data collectors
(and data publishers).
Which is a long-winded way of saying that security != privacy.
Eric
or correlated data,
the problem is not insoluable.
Eric
[1] Garret Birkhoff, et al. "Explosives With Lined Cavities". Journal of
Applied Physics. June 1948, p. 563-582.
information removed"
The theory for partialip was that a full address (v4 or v6) was PII, and
a partial (for v4 only, at 7bits)
was not PII.
Eric
P. S. How many bits in the mask are necessary to achieve the non-PII aim?
> Are any other L3 customers seeing the large number of /25 and smaller
> routes from L3? I'm seeing almost 2500 of these routes in
> 4/8, some but
> not as many in 8/8 and still more in L3's non-US allocations.
I am pretty sure that L3 allows anything up to a /28 (they used to,
anyway, from
Paul,,
I seem to remember Hotmail having issues with this type of mechanism..
You may want to do a search on "Hotmail Violating RFC"S" or something to
that effect to verify this.
Have fun
ErIc
From: [EMAIL PROTECTED] [mailto:[EMAI
Broken is a relative term. If Comcast's behavior causes their heavy P2P
users to find another ISP then those who remain will not have broken
service. For $40/mo you can't expect the service to be all things to
all people, and given the shared nature of the service I find little
moral disagreement with a utilitarian approach to network management.
-Eric
rdless of what it is. Again,
flat-rate pricing does little to discourage this type of behavior.
-Eric
#x27;m sure every
broadband provider would love to go to a system of usage-based billing,
but none of them wants to be the first.
-Eric
upstream channel. You get enough 384 - 768k connected
users all running P2P apps and you're going to start having problems in
a big hurry. It's to remove some of the strain on the upstream channels
that Comcast has started to deploy Sandvine to start closing *outbound*
connections from P2P apps.
-Eric
Sean Figgins wrote:
Eric Spaeth wrote:
> With rate-shaping they would need to have the P2P identification widget
> in-line with the data path to be able to classify and mark traffic so
> that it can be queued/throttled appropriately.
The Sandvine, in particular, is designed to be
-iptables.html
The resets are sent in both directions, so that would only work if
everybody who uses BT filters reset packets (not likely). That solution
does have the added benefit that it will likely break other applications
though.
-Eric
e impacted.
As a network engineer focused on availability, I have a very clear
preference in implementation.
-Eric
S AND ACTIVITIES" section,
paragraph xiv. http://www.comcast.net/terms/use.jsp
-Eric
topic comments, but I truly felt it is/was
necessary..
Eric
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Stephen Wilcox
Sent: Thursday, October 18, 2007 11:21 AM
To: <[EMAIL PROTECTED]>
Cc: nanog@merit.edu
Subject: Re: 240/4
On 18 Oct 200
It is my uinderstanding that we should use what really works for the
individual.. Just because certain individuals OVERUSE Visio for various
reasons, I feel that the usage of the best tool to fit the situation is
perfectly acceptable. In the end, the printout will still look the same
right?? If pe
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
William Herrin
Sent: Wednesday, October 10, 2007 5:11 PM
To: Stephen Fulton
Cc: nanog@merit.edu
Subject: Re: OT: Visio or Autocad
On 10/10/07, Stephen Fulton <[EMAIL PROTECTED]> wrote:
> Is anyone using A
http://www.e-gerbil.net/cogent-t1r looks like they're playing the
depeering games again.
E
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mike Lyon
Sent: Friday, September 28, 2007 3:45 PM
To: [EMAIL PROTECTED]
Cc: NANOG
Subject: Re: Cogent is
Agreed.
That does seem strange..
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Randy Bush
Sent: Monday, September 17, 2007 2:11 PM
To: Xin Liu
Cc: nanog@merit.edu
Subject: Re: Question on Loosely Synchronized Router Clocks
Xin Liu wrote:
> If a rout
the ceilign
the routes appeared in both the routing and CEF tables but were not
populated into the FIB.
Translation: the route was ignored
Eric :)
this so that you can get up to 224k IPv4 routes, but I've recently seen our
Internet table bumping against this. My understanding is that this is a
hardware limit, so upgrading is your only option.
Eric :)
aused a peering issue and sever or 100% packet loss for most
hosts on the Savvis network."
Source:
http://ltstatus.com/index.php/2007/08/25/savvis-idc-networking-issues-backbone-routers-failure/
-Eric
lude his written updates from Telia
instead of paraphrasing my conversations with our account team.
-Eric
feet.
Fibre has been ordered and ETA is 1900 UTC. Once the fibre arrives they
need to blow it into the 3600 feet long duct before the splicing can start."
-Eric
rner Telecom) - ?
6461 (Abovenet) - ?
7132 (SBC) - ?
Is there anyone out that would supply an ISP with a tunnel to v6 routes?
Eric Krichbaum, PhD
Director, Retail Network Engineering
Citynet
113 Platinum Drive, Suite B
Bridgeport WV 26330
Support: 800-881-2638
Fax: 304-848-5410
www.citynet.net
g our traffic across
their backbone, so I'd expect normal traffic to take a bit longer. When
we originally investigated this, we were expecting to see around 300ms to
350ms.
Eric :)
Hi,
Thank you to everyone who responded. I always avoid asking for help
on NANOG because it leads to a flood!
However, that is a great thing when you really need something fast :)
Eric
On 1-May-07, at 9:49 AM, Eric Frazier wrote:
Hi,
Is there someone who can contact me off list, who
Hi,
Is there someone who can contact me off list, who might be looking
for some billable consulting hours?
Thanks,
Eric
e
down. According to Cogent, they are aware of the event and tracking it
under master ticket #571-555.
Eric :)
gle segment that still requires 300
usec... not always with happy results.
--
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
I think Sean raises a good point. I guess the larger picture is what are we
trying to protect and what are trying to protect that from.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sean
Donelan
Sent: Friday, March 02, 2007 3:19 PM
To: Roland Dobbins
C
Can someone from msn.com contact me offlist?
Thanks!
Eric Ortega
Midcontinent Communications
Network Engineer
605.357.5720
[EMAIL PROTECTED]
I'd like to thank the group for the responses and help with this issue. I
find it ironic that Randy's study actually uses 96 space.
Thanks again!
Eric
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric
Ortega
Sent: Monday, February 26, 200
.
Thanks
Eric
Eric Kagan
After I sent that mail I realized that I didn't give enough information.
96.2.0.1 is pingable from the net.
Thank you all for your quick response!
-Original Message-
From: James Blessing [mailto:[EMAIL PROTECTED]
Sent: Monday, February 26, 2007 11:28 AM
To: Eric Ortega
Cc:
post to the group, but
> I'm looking to hit as many direct network engineers/operators as possible.
> Would it be possible to have people do a quick check on their inbound
> filters?
>
>
> Thanks!
>
>
>
> Eric Ortega
> Midcontinent Communications
> Network Engineer
> 605.357.5720
> [EMAIL PROTECTED]
>
g together. The hard savings for us came from fewer calls to the
help desk and fewer incidents for our security team to handle (i.e. less staff
or slower growth in staff). We also gained the soft benifit from students
believing that the network actually works and works well.
Eric :)
Here are
Can someone from Datapipe.net contact me off list?
Thanks,
Eric Ortega
Midcontinent Communications
Network Engineer
605.357.5720
[EMAIL PROTECTED]
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.2/692 - Release
your implications.
Do we still have "compromised" systems? Yes.
Is the number of "compromosed" systems at any time large? No.
Is the situation out of control? No.
Email me off-list if you want more details. IMHO, Its too bad broadband
providers have not yet picked up on what the Universities have done.
Eric :)
agent that makes some/most Windows
data available through SNMP, which is handy. nsclient also provides access
to some perfmon and static data through a custom agent/proxy protocol too.
http://forums.cacti.net/viewtopic.php?t=11752
http://www.openpegasus.org/
http://www.snmp-informant.com/
http://n
r event
event cleared, chain to other event
reporting
browser meters (eg, watch this mib with realtime tachometer)
long-term graphing
trend analysis/reporting
etc.
Really it comes down to having a framework in place that can be extended
by e
nt in Boston and saw our BGP tables from them drop by about
20k routes on Tuesday and 60k routes on Wednesday at those times. We haven't
asked Sprint about it, but something definitely happened on their as we didn't
see equivalent drops from our other providers.
Eric :)
than transit relationships. With that said, some of
the NoX members are cosortiums themselves and have both Abilene and commodity
connections for their member institutions.
I hope this helps. If not or if you have some more questions, drop me a note.
Eric :)
nfiguration to limit impact.
-Eric
while tracking down the
problem, and their servers were all timing out on queries) but it seems to
be working fine now.
--
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
imes' which seem to be quite predictable at 60
> minutes at a minimum every time I have ever called them.
>
> David
>
Our NOC guys were told there is a fiber outage in Tampa. We have a few
circuits down in Miami.
There is also a Verizon Fiber cut in SE Mass (Taunton?) - some repair
estimates are 36-48 hours.
Eric
at the
LEA interface is undefined, and also seems to assume some kind of circuit-
or local delivery, all of which is quite curious--this is what the IETF
guys call out as hand-waving).
> Cisco is packet cable compliant today.
For the DOCSIS equipment you mean? That's a whole 'not
ased interface would be cheaper and better than
that, but given the reasons above it seems unlikely in the short term.
--
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
ndors stepping up to the plate? Did you even
know about this?
Off-list is fine, and I'll summarize if there's interest.
Thanks
[1] http://pacer.cadc.uscourts.gov/docs/common/opinions/200606/05-1404a.pdf
--
Eric A. Hallhttp://www.ehsco.com/
Internet
On Mon, 2006-06-05 at 15:54:30 -0500, Dennis Dayman wrote...
> "It seems that the internet is having issues at a Layer3 Communications
> router, this normally would not be a problem but L3 runs some routing for
> the internet backbone. The techs at L3 are working on the problem and we do
> not ha
but I feel as though this
needs to be said. I am not trying to do a character assassination, just
voice my opinion on the latest network issue. If you have issue with it,
please send me an email off list, and we can discuss.
Thanks,
-Eric
hey ferg,
its not that interesting an analysis. struan doesn't really close on any
policy issue, and concludes with the usual:
I think ICANN was right to reject the current proposal.
Because it does little more than add yet another domain
to the internet that nobody needs
...
> use. Hunt down "BU joins the internet", a typo in our initial update
> tickled a bug in the bsd hosttable program which brought down about
> 2/3 of the internet (yes, down.) I can't say I'm proud of that, but
> it's kind of hard to forget.
i overflowed the core routers, summer '88. That was
previously.
see the w3c's p3p standard, and the data collection (aka "privacy) policy
regimes we (i'm wearing that co-author hat now) provided mechanism for.
again, ymmv.
eric
the how-to-label problem has been around since the w3c's pics effort.
the jurisdictional issue is aterritorial, as the cctlds cover that,
and the authority, nominally, is a 501(c)(3) in marina del rey, and,
purely contractual, as is the registry restricted to cooperative entities
and the registry
4.232.250.20 255.255.255.252 160.81.76.57
Shouldn't the route point to 75.57 and not 76.57 ?
Eric
ick W. Gilmore
Subject: Re: Common Carrier Question
On Apr 13, 2006, at 5:57 PM, Eric Germann wrote:
> I'm working on a graduate policy paper regarding Internet filtering by
> blocking ASN's or IP prefixes. It is a variation of Net Neutrality,
> just by a different name.
Exce
riation of the above, but the cobwebs are too thick.
Replies off list and I will summarize if there is interest.
Eric
ple to self-defence).
Usually I take my time from more than one server anyway, and discard the
bogus time. You'd think that d-link's crackshot development team would do
this, as well.
- Eric
On Thu, 2006-04-06 at 11:29:44 -0400, Christian Kuhtz proclaimed...
> You must be living in a curious world where operations is not
> constantly involved in policy or politics! ;-)
Damn, I was dreaming! You just had to wake me up...grr
Oh Ambien, sweet Ambien, where art thou?
>
On Thu, 2006-04-06 at 11:18:24 -0400, David Diaz proclaimed...
> The list is extremely quiet on Net Neutrality. I cannot find a single
> post. I thought this would be a good debate topic. The usual gov
> regulation vs free market argument along side the RBOC vs Everyone
> else topic.
North Amer
At 12:01 PM 4/3/2006, [EMAIL PROTECTED] wrote:
> Xen's bigges strength really is in the colocation business. With
VX-enabled
> machines, it is capable of running instrumented OS's (Linux,
Free/NetBSD) at
> almost native speeds, and non-instrumented OS's (Windows, Solaris) with
a
> couple-% hit
install process for
example? I am esp wondering about this with something like XP..
Thanks,
Eric
At 07:00 AM 4/3/2006, Todd Vierling wrote:
On Mon, 3 Apr 2006, Chris Adams wrote:
> > Xen is not, however, backed with
> > extensive commercial support (XenSource is still evolving a
isn't this a job for super-icann?
I need to find a third party who can help us figure out *what* is at fault,
even more importantly than who. Please contact me off list for details.
Thanks,
Eric
pt.
> Competition? I guess I have cable.
I certainly agree that the limited range of low-latency broadband options
is a problem. There is some choice there but not much.
But fear of telco might also result in another scenario: cable only.
--
Eric A. Hall
current monolith?
>
> Well, given the entire 'two-tiered' money-grab-tastic issues
> involved, I'd say you're a little out of touch.
>
> - ferg
>
>
> -- "Eric A. Hall" <[EMAIL PROTECTED]> wrote:
>
>
>
> On 3/5/2006 7:10
On 3/5/2006 7:10 PM, Steve Sobol wrote:
> Eric A. Hall wrote:
>
>>What are people worried about here exactly?
>
> The same lack of competition in telecommunications that we had in the 1980s?
Well that's an overreach. And if the primary concern is consolidation then
here's just not much of the old Ma Bell left in AT&T,
and the few parts that are left don't constitute anything like the
national monopoly that was broken up.
What are people worried about here exactly?
--
Eric A. Hallhttp://www.ehsco.com/
Int
for Automating Network Policy Enforcement
http://security.internet2.edu/netauth/docs/internet2-salsa-netauth-policy-enforcement-200504.html
We'd welcome any thoughts, criticism, complaints, praise, etc...
Eric :)
On Mon, 2006-02-20 at 23:40:48 +0200, Gadi Evron proclaimed...
[snip]
> I'll update on these as I find out more on: http://blogs.securiteam.com
>
> This write-up can be found here:
> http://blogs.securiteam.com/index.php/archives/312
Ah yes, the old self-promotion trick. You know, I get some
Heya,
I'm not sure what's going on, but we were seeing problems on outbound traces
on their DC-JFK-BOS stretch (we're connected to them in Boston) but it looks
like it might have cleared itself up a few mintues ago.
Eric :)
on how password safe works.. He also has a
link to what he did in Python..
http://jason.diamond.name/weblog/2005/10/04/pypwsafe-release-1
Thanks,
Eric
At 10:03 AM 1/24/2006, John Kinsella wrote:
One of my guys found a package called Password Gorilla, which is
basically a GUI which sits
On Thu, 2006-01-12 at 21:05:52 -0500, Steven M. Bellovin proclaimed...
>
> How much entropy is there in a such a serial number? Little enough
> that it can be brute-forced by someone who knows the pattern? Using
> some function of the serial number and a vendor-known secret key is
> better
On Fri, 2006-01-13 at 01:30:52 +0200, Gadi Evron proclaimed...
> Checking into new investments security-wise, especially with security
> products and external QA may help solve such issues in the future.
Thank you for this interruption. We now returned to our scheduled
programming, already in p
Enough talk about viruses and unpatched hosts! Maybe if we try hard
enough, we can create a Y2K syndrome for the removal of 3ffe:: from global
routing?
- Forwarded message from Mike Bran <[EMAIL PROTECTED]> -
Date: Fri, 6 Jan 2006 10:27:11 -0500
From: Mike Bran <[EMAIL PROTECTED]>
To: [
At 01:40 AM 1/5/2006, Thomas Kuehling wrote:
Hi Eric
Am Mittwoch, den 04.01.2006, 08:14 -0800 schrieb Eric Frazier:
> Hi,
>
> I finally decided this was serious enough to do something about it sooner
> than the MS patch, but while this seems to be the official link to the
SANS
have "repackaged" this, but I really don't want to download
something that doesn't match the SANS MD5..
Any links or suggestions?
Thanks,
Eric
> >
> > here's the real challenge. i would like to chat to a couple of dead
nanog users.
Rename thread to "dead chat with other nanog'ers" and then it will just
work, no ?
On Thu, 2005-12-29 at 19:04:42 -0800, Kyle Lutze proclaimed...
> whatever it would take to get some steering guys to register that chan
> and give some of us access so we can have good chats, without script
> kiddies coming in, I'm all for it
I'm part of another "og"ish type channel on freenod
heaper ways to do this solution without paying for a
blackbox, but there's no moving parts in the device and thus is good for
small offices that have no clue built-in.
- Eric
each and every domain ? Any input,
advice or ideas is appreciated.
Thanks
Eric
mary
http://graphics.cs.uiuc.edu/~garland/CMU/cow-formfac.html
"For evaluating thermal radiant exchange between a cow and her
surroundings, the cow can be represented by an equivalent sphere..."
Eric,
trained theoretical physicist who is bothered daily
by the operational realities of his network...
On Thu, 2005-12-01 at 16:20:28 -0800, Dan Hollis proclaimed...
>
> IMO, such disclaimers are incompatible with the nanog ml, anyone posting
> from such disclaimer-encumbered accounts should be forcefully
> unsubscribed. If you can't post from a disclaimer-free account, you
> shouldn't be posti
Matthew Sullivan <[EMAIL PROTECTED]> writes:
> John Levine wrote:
>
Moving sshd from port 22 to port 137, 138 or 139. Nasty eh?
>>>don't do that! Lots of (access) isps around the world (esp here in
>>>Europe) block those ports
>>>
>>
>>If you're going to move sshd somewhere else, port 44
171,933
11/17/2005 10:20 171,928
11/17/2005 10:25 171,924
11/17/2005 10:30 171,920
11/17/2005 10:35 171,936
11/17/2005 10:40 171,933
Eric :)
Dear Cisco,
Since your postmaster account doesn't answer (probably for good reason)
and no one has noticed internally, your locksmith thingy is broke.
"|/opt/httpd/root/data/mmbprod/post/locksmith"
(expanded from: <[EMAIL PROTECTED]>)
- Transcript of session follows -
Could not
Looks like vendor J is going to benefit from the issues laid out for
Vendor C.
http://www.networkworld.com/news/2005/110405-juniper-cisco-hacker.html
>
> At 08:52 AM 11/7/2005, you wrote:
>>On Mon, Nov 07, 2005 at 06:43:35AM -0500, J. Oquendo wrote:
>> > the center of the information security
;t readily repair it. Unfortunately, so far we've
gotten the run-around and haven't been able to get a better answer, again
leading me to believe the worst.
Eric :)
Now, one really needs to wonder why the agreement could not be reached
*prior* to the depeering on 10/5
It's not rocket science.
It's only as complex as one makes it out to be. (one can attempt to explain
away the complexities, but they apparently were able to *finalize* an
agreement in 3 weeks
e 72.x.x.x space, FYI. Adjust filters
accordingly.
We now return you to non-operational content
Eric
DISCLAIMER: From one of the clueless
During this entire debaucle, I never saw any mention of:
1) Cogent sending "transit" traffic to Level3, which leads me to believe
that all the traffic from Cogent through the peering points was actually
*destined* for Level3 customers. Does the routing
On Wed, 2005-10-05 at 06:01:15 -0400, Richard A Steenbergen proclaimed...
>
> I guess the earlier reports of (3)'s lack of testicular fortitude may have
> been exagerated after all. :)
Luckily, many of us have ipv6 tunnels that managed to help us get around
this. See, ipv6 has a purpose, after
lea on the export issue,
as the cost for agreement to a plea appears to be indeffinite sentancing,
rather than an ordinary rational cost of business fine.
Cheers,
Eric
the same standards were
applied to Worldcom's Bernie the Bandit, Vint could have been in the
pokey too, and even his Worldcom pencil sharpener would have a DOJ do
not remove under penalty of law seal on it.
Eric
sure if I understand your note, but since you seem to be making
a pragmatic "it works better" observation (and I don't know that it does)
for one 3166 code point, why not another?
Eric
d before the present excitement, but
a lot of cctld operators could then be, and can now be, similarly
characterized.
Eric
1 - 100 of 624 matches
Mail list logo
