On Fri, Nov 06, 2009 at 12:04:18AM +0100, Daniel Roesen wrote:
> On Mon, Nov 02, 2009 at 02:13:38PM -0600, Richard A Steenbergen wrote:
> > Rather than simply double the size and break it
> > up into 32:32, the designers reserved the top 16 bits for "type" and
> > "subtype" attributes, leaving you
On Nov 6, 2009, at 7:46 AM, Stefan Fouant wrote:
So if I'm hearing you correctly, you're saying that no matter how
much infrastructure you have to potentially absorb the problem,
there is nothing you can do because the bad guys are always going to
have more bandwidth at
their disposal.
Barry Shein wrote:
I was at an IP (as in intellectual property), um, "constituency" I
think, IPC, meeting at ICANN which basically consisted of 99 lawyers
and me in the room.
By the Montevideo ICANN meeting '01 the "Internet Service Providers
Constituency"
(ISPC) had dwindled down to the co
I was at an IP (as in intellectual property), um, "constituency" I
think, IPC, meeting at ICANN which basically consisted of 99 lawyers
and me in the room.
There was a fair amount of grousing about how ISPs give them the
run-around when they inform them of a violation looking for a
takedown, and
> -Original Message-
> From: Paul Ferguson [mailto:fergdawgs...@gmail.com]
> Sent: Thursday, November 05, 2009 8:26 PM
>
> On Thu, Nov 5, 2009 at 4:46 PM, Stefan Fouant
> wrote:
>
> >>
> >> Actually, no - the miscreants are always going to have more
> bandwidth
> >> at their disposal, pl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 5, 2009 at 4:46 PM, Stefan Fouant
wrote:
>>
>> Actually, no - the miscreants are always going to have more bandwidth
>> at their disposal, plus they utilize attack vectors which provide a
>> great deal of amplification (including at layer
Net neutrality suffers another blow. I liked Congress when they had no
idea what the internet was, now they've progressed to "still have no
idea but like to pretend."
Jeff
On Thu, Nov 5, 2009 at 7:58 PM, Steven Bellovin wrote:
>
> On Nov 5, 2009, at 7:44 PM, Richard Bennett wrote:
>
>> I think t
IANAL, but I wouldn't set too much stock by that order - there are
numerous errors of fact in the opinion, and much of it relates to the
lack of due process in the maintenance of a secret blacklist. It was
also a state law, not a federal one, so there was a large jurisdictional
question (the Co
On Nov 5, 2009, at 4:30 PM, Michael Peddemors wrote:
On November 5, 2009, Robert Boyle wrote:
It's
because someone circumvented the rules,
processes, and cross checks put in place to
prevent the problem in the first place. Nothing
can be made idiot proof because idiots are so creative.
-Rober
On Nov 5, 2009, at 7:44 PM, Richard Bennett wrote:
I think the idea is for the government to create an official
blacklist of the offending sites, and for ISPs to consult it before
routing a packet to the fraud site. The common implementation would
be an ACL on the ISPs border router. The C
> -Original Message-
> From: Roland Dobbins [mailto:rdobb...@arbor.net]
> Sent: Thursday, November 05, 2009 4:35 PM
>
> On Nov 6, 2009, at 2:11 AM, Stefan Fouant wrote:
>
> > Obviously the cloud is no different than any other infrastructure
> > insofar as
> > implementing protection mecha
I think the idea is for the government to create an official blacklist
of the offending sites, and for ISPs to consult it before routing a
packet to the fraud site. The common implementation would be an ACL on
the ISPs border router. The Congress doesn't yet understand the
distinction between I
On November 5, 2009, Robert Boyle wrote:
> It's
> because someone circumvented the rules,
> processes, and cross checks put in place to
> prevent the problem in the first place. Nothing
> can be made idiot proof because idiots are so creative.
>
> -Robert
> SEL/MEL Private Instrument
>
No,
On Nov 5, 2009, at 5:56 PM, valdis.kletni...@vt.edu wrote:
On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
Did I miss a thread on this? Has anyone looked at this yet?
`(2) INTERNET SERVICE PROVIDERS- Any Internet service provider
that, on
or through a system or network controlled or op
In message <23895.1257461...@turing-police.cc.vt.edu>, valdis.kletni...@vt.edu
writes:
> --==_Exmh_1257461806_2581P
> Content-Type: text/plain; charset=us-ascii
>
> On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
> > Did I miss a thread on this? Has anyone looked at this yet?
>
> > `(2) INTE
At 09:20 AM 11/5/2009, Owen DeLong wrote:
Regarding Reliability and Availability:
We could learn a lot about this from Aviation.
Owen,
I think if we conducted a poll, a
disproportionate percentage of NANOG folks are
likely also pilots (compared to the general
population anyway) I agree wit
On Mon, Nov 02, 2009 at 02:13:38PM -0600, Richard A Steenbergen wrote:
> Rather than simply double the size and break it
> up into 32:32, the designers reserved the top 16 bits for "type" and
> "subtype" attributes, leaving you only 48 bits to work with. Clearly the
> only suitable mapping for supp
On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
> Did I miss a thread on this? Has anyone looked at this yet?
> `(2) INTERNET SERVICE PROVIDERS- Any Internet service provider that, on
> or through a system or network controlled or operated by the Internet
> service provider, transmits, routes
Steve Meuse wrote:
I put this up there with trynig to define inter-provider QoS. You are never
going to get two business to agree to the same model.and after all,
community support is basically a business tool. I know from experience that
some providers deliberately constrain their commun
Did I miss a thread on this? Has anyone looked at this yet?
http://m.news.com/2166-12_3-10390779-38.html
Section 508 of H.R.3817:
SEC. 508. PENALTY FOR MISREPRESENTATION OF SIPC MEMBERSHIP OR PROTECTION.
Section 14 of the Securities Investor Protection Act of 1970 (15 U.S.C.
78jjj) is amen
Jack Bates expunged (jba...@brightok.net):
> I think creating a standard or at least a template might push more
> people to adopt communities support and to use them.
I put this up there with trynig to define inter-provider QoS. You are never
going to get two business to agree to the same mod
Randy Bush expunged (ra...@psg.com):
> i try to complicate the internals of my network as little as possible,
> after all, complexity == opex and i value my time, it is a non-renewable
> resource.
I'm guessing you don't have the same financial constraints that others on this
list have.
When you
On Nov 6, 2009, at 2:11 AM, Stefan Fouant wrote:
Obviously the cloud is no different than any other infrastructure
insofar as
implementing protection mechanisms. Ample bandwidth (typically more
so than
in the enterprise) should make it easier to absorb larger amounts of
the bad
stuff.
>Postini also does outgoing email filtering. Just requires setup.
Based on the amount of spam their customers send me, it doesn't
work very well.
R's,
John
I (we) use SBG, if you like the Symantec stuff it is much better than
the SMS SMTP product.
-Original Message-
From: Gregory Hicks [mailto:ghi...@hicks-net.net]
Sent: Thursday, November 05, 2009 2:31 PM
To: nanog@nanog.org; mark.urb...@pnpt.com
Subject: Re: Email filtering and protection
> From: Mark Urbach
> To:
> Subject: Email filtering and protection Help
> Date: Thu, 5 Nov 2009 12:02:43 -0600
>
> Today we use Postini for inbound email protection.
> Today we use Symantec's SMTP Gateway (running on Solaris) for outgoing
email
> filtering. (helps stop bad stuff from our cust
> -Original Message-
> From: jeffrey.l...@gmail.com [mailto:jeffrey.l...@gmail.com] On Behalf
> Of Jeffrey Lyon
> Sent: Thursday, November 05, 2009 1:20 PM
> To: Stefan Fouant
> Cc: NANOG list
> Subject: Re: Pros and Cons of Cloud Computing in dealing with DDoS
>
> DDoS is a threat to the
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thu, Nov 5, 2009 at 10:27 AM, Seth Mattinen wrote:
>
> > Jeffrey Lyon wrote:
> >> DDoS is a threat to the cloud just as DDoS is a threat to any other
> >> service when you fail to implement protection. Our company recently
> >> put out a D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 5, 2009 at 10:27 AM, Seth Mattinen wrote:
> Jeffrey Lyon wrote:
>> DDoS is a threat to the cloud just as DDoS is a threat to any other
>> service when you fail to implement protection. Our company recently
>> put out a DDoS mitigated clou
> Does anyone have recommendations for other products/software to filter
> our outgoing email, from our customers going to the internet.
For Roll-your-own it's hard to beat a combo of MIMEDefang/SA/Clam (MD is a
milter, so sendmail or postfix needed).
The MIMEDefang developer also started a compa
30 matches
Mail list logo