-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Dec 12, 2008 at 11:36 PM, Randy Bush wrote:
>> So having said all that, what exactly was your point? :-)
>
> bluff calling.
>
> that you can not tell us if that specific host is a proxy means that this
> is pretty much bs.
>
> that you and yo
So having said all that, what exactly was your point? :-)
bluff calling.
that you can not tell us if that specific host is a proxy means that
this is pretty much bs.
that you and your no-girls-allowed club have some list of things you
think are proxies (sure would be nice to have a definiti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Dec 12, 2008 at 11:24 PM, Randy Bush wrote:
>> Give me an IP address (privately, of course). I can tell you if it is,
>> with
>> consult from other colleagues in the security community.
>
> 147.28.0.36
>
> and "consult with colleagues" is not
Give me an IP address (privately, of course). I can tell you if it is, with
consult from other colleagues in the security community.
147.28.0.36
and "consult with colleagues" is not something very operationally scalable.
randy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Dec 12, 2008 at 11:12 PM, Randy Bush wrote:
> On 08.12.13 09:33, Tomas L. Byrnes wrote:
>>
>> anyone with half a brain blocks proxies from their e-commerce site.
>
> can you know at a reasonable confidence level that it's a proxy?
>
Give me
On 08.12.13 09:33, Tomas L. Byrnes wrote:
anyone with half a brain blocks proxies from their e-commerce site.
can you know at a reasonable confidence level that it's a proxy?
randy
On Fri, Dec 12, 2008 at 7:33 PM, Tomas L. Byrnes wrote:
> Because anyone with half a brain blocks proxies from their e-commerce
> site.
>
I doubt it.
-M<
Because anyone with half a brain blocks proxies from their e-commerce
site.
>-Original Message-
>From: Owen DeLong [mailto:o...@delong.com]
>Sent: Friday, December 12, 2008 3:49 PM
>To: Nathan Stratton
>Cc: nanog@nanog.org
>Subject: Re: Netblock reassigned from Chile to US ISP...
>
>
>On D
We probably should move this to funsec, but I'll bite.
The basic problem is the lack of security and non-repudiation in credit
cards in general, and the US in particular. Non-clonable, card-present,
technologies have existed for a long time, and card readers are cheap.
AMEX tried to make this fre
Owen DeLong wrote:
>
> On Dec 12, 2008, at 3:14 PM, Nathan Stratton wrote:
>
>> On Fri, 12 Dec 2008, Joe Abley wrote:
>>
>>> On 2008-12-12, at 15:02, Martin List-Petersen wrote:
>>>
It's a misconception of some muppets, especially in IT related
products, that forget, that a lot or IT pr
Joe Abley wrote:
>
> On 2008-12-12, at 15:02, Martin List-Petersen wrote:
>
>> It's a misconception of some muppets, especially in IT related
>> products, that forget, that a lot or IT professionals do travel all
>> over the world and usually have a credit card in their home country.
>>
>> Pure a
On Dec 12, 2008, at 3:14 PM, Nathan Stratton wrote:
On Fri, 12 Dec 2008, Joe Abley wrote:
On 2008-12-12, at 15:02, Martin List-Petersen wrote:
It's a misconception of some muppets, especially in IT related
products, that forget, that a lot or IT professionals do travel
all over the world
On Fri, 12 Dec 2008, Joe Abley wrote:
On 2008-12-12, at 15:02, Martin List-Petersen wrote:
It's a misconception of some muppets, especially in IT related products,
that forget, that a lot or IT professionals do travel all over the world
and usually have a credit card in their home country.
On 2008-12-12, at 15:02, Martin List-Petersen wrote:
It's a misconception of some muppets, especially in IT related
products, that forget, that a lot or IT professionals do travel all
over the world and usually have a credit card in their home country.
Pure and utter nonsense.
Or perhaps
Leslie,
Can you summarize any other info you may have learned in the private
responses for the benefit of those that are interested ?
I am not at all familiar with the Force10s, am buying new border routers
now.
Thanks,
Mike
On Fri, 2008-12-12 at 14:27 -0800, Leslie wrote:
> Thanks to everyone
Thanks to everyone who wrote back privately --
I also didn't know that force10 now has dual-cam linecards which raises
the amount of routes it can handle
Leslie wrote:
Hey nanog-izens
So for routers that are touching our transit and (hopefully soon) future
peering, we're looking at both the
How many BGP sessions will you run on these routers?
Sincerely,
David Kotlerewsky,
Sr. Network Engineer
-
OVERSEE.NET
515 S. Flower Street, Suite 4400
Los Angeles, CA 90071
ph 213.408.0080 x1458
cell 310.350.0399
www.oversee.net
dkotlerew...@over
Hey nanog-izens
So for routers that are touching our transit and (hopefully soon) future
peering, we're looking at both the force10 e300's and juniper mx240's.
The e300's are cheap but I have heard some rumors/talk of falling over
when it has to deal with large numbers of prefixes and routes?
Replying to my own since there are currently about a dozen responses.
- Hardware/ASIC routers are a consistent response. We are currently
evaluating Juniper for other reasons, but I'll add DoS mitigation to
mix.
- Upstream involvement: We get transit from 701, 1239, etc. I've had
mixed re
Although the problem we had wasn't DoS, but rather high packet rates for market
data, we saw a huge improvement by moving from a 7204VRX to a 7600 platform.
Going from a software switched environment to a hardware one help deal with
large number of packet drops during peaks of burst activity.
W
Nicolas Antoniello wrote:
Sorry for my ignorance... but may some one explain how this
fraud-prevention service works?
How about US tourists in Chile trying to buy something with it's US
based credit card? :)
It's a misconception of some muppets, especially in IT related products,
that for
On Fri, Dec 12, 2008 at 14:38, Nicolas Antoniello
wrote:
> How about US tourists in Chile trying to buy something with it's US
> based credit card? :)
It just doesn't work.
-Jim P.
Sorry for my ignorance... but may some one explain how this
fraud-prevention service works?
How about US tourists in Chile trying to buy something with it's US
based credit card? :)
Thx,
Nic.
Frank Bulk wrote:
> Is there an easy way to get past history on an IP block? Most sites will
> show y
Is there an easy way to get past history on an IP block? Most sites will
show you aspects of that *now*
Frank
-Original Message-
From: Robert Tarrall [mailto:tarr...@ecentral.com]
Sent: Thursday, December 11, 2008 9:45 PM
To: nanog@nanog.org
Subject: Re: Netblock reassigned from Chi
On Dec 13, 2008, at 2:27 AM, David Kotlerewsky wrote:
2. As far as hardware is concerned, we're in the same boat as far as
various UDP/ICMP floods, and our Juniper M10i's handle it with no
issues
(running multiple BGP sessions, OSPF, firewall sets/access lists).
Right - a hardware-based pl
Couple of things come to mind:
1. Take a packet capture to see some UDP traffic characteristics, based
on which traffic rate-limiting may be configured by your upstream
providers, so that this traffic doesn't saturate your pipes, and maybe
the ISP can even drop it. That is if they're willing to he
On Dec 13, 2008, at 2:15 AM, Rick Ernst wrote:
- Are there any platforms that deal with high PPS/small packet more
gracefully?
S/RTBH can deal with any type of packet-flooding DDoS at layer-3, up
to the capacity of the platform in question. It sounds as if a) you
should investigate gett
We've had an increasing rate of DoS attacks that spew tens-of-thousands of
small UDP packets to a destination on our network. We are getting roughly
2x our entire normal pps across all providers through one interface, or
about 4x normal through the individual interface. The Cisco
7206VXR/NPE-G1
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to bgp-st...@lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith .
Routing
On behalf of the NANOG Program Committee and Merit I'm pleased to
announce that an updated Agenda is available and posted at:
http://www.nanog.org/meetings/nanog45/agenda.php
We're excited about the quality of the agenda and we hope you are,
too. I want to thank all of the members of the Program
This report has been generated at Fri Dec 12 21:18:53 2008 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
BGP Update Report
Interval: 05-Nov-08 -to- 06-Dec-08 (32 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS4538 232133 1.9% 45.7 -- ERX-CERNET-BKB China Education
and Research Network Center
32 matches
Mail list logo