e done, but the security as now implemented
is not even close to enough IMHO. Networkwise (to bring this back on
topic) I'm not sure there is really much that can be done.
bye,
ken emery
but it can be profitable. I'm just waiting for someone to put out
a typo in a large press release and then sue Verisign for stealing all
the traffic.
According to the article in the link posted from cbronline.com this has
been done by NeuStar who runs the .biz and .us domain registries. The
company which runs this service for NeuStar claims to be able to
differentiate between http and other requests. I'm still waiting to
see how they do this as you can't tell from a DNS request alone.
bye,
ken emery
On Tue, 16 Sep 2003 [EMAIL PROTECTED] wrote:
> I hope you mean OpenSSH 3.7p1 ?
No, he means 3.7.1. There was another release today.
bye,
ken emery
> On Tue, 16 Sep 2003, Alex Lambert wrote:
>
> >
> > 3.7.1 was just released.
> >
> > Two patches for similar
d
say, "the collateral damage is very high for this type of change".
Is Verisign going to hold the internet hostage to its whims?
So let us know why exactly you should be able to redirect any protocol
you wish to your IP addresses if someone mistypes a domain.
I look forward to your response.
bye,
ken emery
st). I used the
directives "Verisign" and "you" a bit interchanably. They both
were to mean the same thing, Verisign the company, not Matt
Larson the person. I think the other responses I've seen so
far were much the same. I'm hoping Matt doesn't take any of
this
eb browser for everything. Thus all those other protocols are not
necessary in the Verisign world.
bye,
ken emery
> - Original Message -
> From: "Howard C. Berkowitz" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, October 07, 2003 1:41 AM
&
ecause this redirection is
believed to have adverse side effects. The way things are being
painted it seems that the SiteFinder service was turned off and
there is nothing further from the truth.
bye,
ken emery
oe user will understand this because.
> Currently Windows 2000 can be configured to be extremely secure
> without any additional software. Unfortunately you must have a
> *lot* of clue to configure the Machine and IP security policies it
> provides.
And there lies your problem (among other places)
bye,
ken emery
er what if your neighbor
wants to IPSEC to the same place (say you work at the same place).
If both of you are NAT'd from the same IP address trying to IPSEC
to the same IP address? I don't believe things will work in this
instance.
bye,
ken emery
ything happened with this draft (I'm guessing
nothing went on). The draft expired on December 1, 2001.
bye,
ken emery
the Sitefinder web site in any
number of ways which don't affect other applications. These methods
have been noted here and elsewhere (web browser plugins, advertising of
the site, make it better than anything else and they will come, ...).
Verisign's Sitefinder is NOT a TLD web site but
e careful about how you respond to this particular claim of his. You
> can't dismiss it out-of-hand. Misleading? Yes. Flat out false? You'd
> have to be more convincing.
Can Sclavos prove that the same thing did not happen to Verisign's
root servers?
bye,
ken emery
us if one goes down
and you can't physically see it you have no idea where the problem
is until someone gets onsite.
bye,
ken emery
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Stephen Sprunk
> Sent: Friday, December 19, 2003 10:13 AM
On Sat, 20 Dec 2003, Stephen J. Wilcox wrote:
> On Fri, 19 Dec 2003, ken emery wrote:
> > On Fri, 19 Dec 2003, Roy wrote:
> >
> > > Media converters are much cheaper than specialized FX cards like these. A
> > > 10Mbps converters are just $99 each and 100Mbps i
man-readable information.
This I agree with. However for my .org domain and a couple of
others I work with (that are at different registrars) all have the
same outputs if you use "whois -h whois.pir.org domainname.org".
Different registrars at the .com/.net level have different outputs
so I can't see where this would be a difficult problem.
bye,
ken emery
lt, they see it.
>
> So I just wanted to see if anyone that is defaulting to AT&T is seeing this
> same problem just to verify that what we're seeing is correct (for my
> customer's edification). Yes, I'm calling AT&T now :)
Yep, they are sending 10.X.X.X routes to customers. From several places
actually, Level3, Comcast (multiple AS's), AT&T, MediaOne, and AccessPoint.
bye,
ken emery
owever why are there routes from Level3? Also
I'm not Comcast so why am I seeing the routes? Also if Comcast needs
this they should be paying for a tunnel over AT&T network (like the
rest of us would have to do).
bye,
ken emery
or some smaller prefixes though and didn't just
> look for 10/8 :-/
Btw, I was wrong in saying Level3 was one of the sources. They are
announcing 8/8 which was just above the 10.X announcements. I was
off by a line. Sorry if this caused any confusion.
Btw, the announcements we are seeing are sized from /12 to /24.
bye,
ken emery
y did infact not leak it but just routed it
> inside their own network?
This is not true. I am attached to 7018 and we saw 10/X routes. We
are not AT&T.
bye,
ken emery
to see the network design.
>From my point of view I'd have to question the need to carry that many
VLAN's over a large portion of the network. I would think that the
network should be more partitioned so most of the VLAN's don't need to
be seen outside a small area.
bye,
ken emery
On Sun, 25 Jan 2004, Bill Nash wrote:
> On Sun, 25 Jan 2004, ken emery wrote:
> > > The point of using VLANs is that you don't need to route. There's
> > > probably a good reason for switching instead of routing in the original
> > > poster
a host with a name of www.*. So they really can't
make this work without breaking sometihng.
bye,
ken emery
> It's a module plug-in into bind and if you prefer to try and do this in a
> opt-in basis they have a client program that you download and it gets hooked
> into the
22 matches
Mail list logo