On Thu, Jun 10, 2010 at 9:56 PM, Rubens Kuhl wrote:
> comeonspammer32...@wannahaveapieceofme.com, dynamically generated to
> match a download session, and suddenly this account starts to get
> spam...
well... yes.. doesn't help much if the token being abused is the
admin POC's phone number, howe
> I'm ok with whatever system they provide if the functionality stays
> the same. I don't understand what they gain by making a human login
> and download the file.
Accountability. If versions X and Y of database got abused (breach of
ToS), and only user U has downloaded such versions, gotcha.
Us
I've created a new list on puck, huawei-nsp
You can subscribe here:
https://puck.nether.net/mailman/listinfo/huawei-nsp
- Jared
--
Jared Mauch | pgp key available via finger from ja...@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
http://www.theatlantic.com/politics/archive/2010/06/homeland-securitys-cyber-bill-would-codify-executive-emergency-powers/57946/
http://tinyurl.com/2gyezyg
--
Somebody should have said:
A democracy is two wolves and a lamb voting on what to have for dinner.
Freedom under a constitutional republi
It's very clear. I went back and forth with support, asking how to
automate my bulk transfer with the new system.
Me: Is the bulk data download going to be available for automated
download. I can currently download the data daily from the ftp via a
script. The new web page doesn't seem to support
This usually indicates a heavily malware-contaminated userbase or
1-to-N NAT/PAT with a large N. Having both is what usually triggers
this, but sometimes if you are strong on one, it could be enough.
Rubens
On Thu, Jun 10, 2010 at 4:23 PM, Thomas Magill
wrote:
> Is anyone seeing warnings toda
> Apparently we're supposed to be going all Web 2.0 now.
Web 2.0 can handle bulk transfers of data just fine.
I wonder if this is somehow related to privacy and data protection laws.
Just recently, RIPE announced that they were going to block bulk
transfers as a result of data protection laws, p
Is anyone seeing warnings today from Google that they suspect that
searches are coming from an automated source and asking to complete some
captcha-type authentication to complete a search? We have had a couple
of reports on this and I want to make sure it isn't a google issue. I
know this isn't
On Thu, 10 Jun 2010 17:05:35 BST, Michael Dillon said:
> I expect that the collected members of this list could do a good job
> of defining some network security practices checklists.
Already done for some stuff: http://www.cisecurity.org
You disagree with the content or choices, feel free to jo
Yeah, I cannot reproduce from any other location so it seems tied to our PAT
address... Guess I have to actually do work. :) I suspect malware as our PAT
is actually running less translations than typical. Checking with our IDS
vendor. Thanks for the follow up.
-Original Message-
F
On Thu, Jun 10, 2010 at 2:23 PM, Seth Mattinen wrote:
> On 6/10/2010 11:46, Jason Lewis wrote:
> > I just found out that with the move to this new service that the bulk
> > access FTP is going to be phased out. By design, there will be no way
> > to automate the bulk download of this data.
> >
>
On 6/10/2010 11:46, Jason Lewis wrote:
> I just found out that with the move to this new service that the bulk
> access FTP is going to be phased out. By design, there will be no way
> to automate the bulk download of this data.
>
> Is anyone else using the data in an environment that will be ser
I just found out that with the move to this new service that the bulk
access FTP is going to be phased out. By design, there will be no way
to automate the bulk download of this data.
Is anyone else using the data in an environment that will be seriously
impacted by this change?
On Fri, Jun 4, 2
On Wed, Jun 09, 2010 at 16:44:38PM -0400, Barry Shein wrote:
> MAYBE IF [please read thru before replying because I probably cover
> most knee-jerk responses eventually]:
>
> d) Microsoft hadn't ignored all these basic security practices in
> operating systems which were completely well understood
On Thu, Jun 10, 2010 at 4:22 AM, Jorge Amodio wrote:
> Cyber Threats Yes, But Is It Cyber War?
> http://www.circleid.com/posts/20100609_cyber_threats_yes_but_is_it_cyberwar/
>
> -J
Cyber war is something made up by the security industry to save it from going
bankrupt because the traditional pro
On 6/9/10 2:56 PM, Owen DeLong wrote:
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any
regulation ?
Laws and regulation exist because people can't behave civilly and
be expected to respect the
This is a good topic for nanog-futures and not the main list since it's about
the organization.
Kris
On Jun 10, 2010, at 9:05 AM, Michael Dillon wrote:
> I expect that the collected members of this list could do a good job
> of defining some network security practices checklists. Now that NANOG
On Thu, Jun 10, 2010 at 05:05:35PM +0100, Michael Dillon wrote:
> I expect that the collected members of this list could do a good job
> of defining some network security practices checklists. Now that NANOG
> has been spun out as an independent entity, I would hate to see it
> become just another
I expect that the collected members of this list could do a good job
of defining some network security practices checklists. Now that NANOG
has been spun out as an independent entity, I would hate to see it
become just another conference organizer. In the recent past many
professions have learned h
On Jun 9, 2010, at 11:05 PM, JC Dill wrote:
> Owen DeLong wrote:
>>
>> Software has been out of control for a long time and I hope that the gov't
>> will start by ruling the "not responsible for our negligence or the damage
>> it causes" clauses of software licenses invalid.
>
> The beauty of
J. Oquendo wrote:
More finger pointing here.
You say that like it's a bad thing. I'm pointing fingers at the company
that has a long history of selling software with shoddy security
(including releasing newer versions with restored vulnerabilities that
were found and "fixed" years earlier),
> And "would damage the country" is a very fuzzy concept that you really don't
> want to go anywhere near.
I wasn't drafting legislation; I was introducing a concept. I would
expect that actual
legislation would explicitly list which industries were subject to
such regulation.
Otherwise it might
William Pitcock wrote (on Thu, Jun 10, 2010 at 01:45:18AM -0500):
> On Wed, 2010-06-09 at 23:40 -0700, jacob miller wrote:
> > Hi,
> >
> > Am getting the following error from my SCO UNIX box.
>
> They mean "use an operating system not made by crackheads." There's a
> reason why SCO switched from
Looks to me more like the constitution of the "Net'Cartel" somebody
forgot to invite ICANN ?
BITAG-BCP01 how to hijack the net and the standards process ...
Are we evolving ?
Cheers
Jorge
valdis.kletni...@vt.edu wrote (on Thu, Jun 10, 2010 at 06:27:09AM -0400):
> On Thu, 10 Jun 2010 05:39:43 EDT, "N. Yaakov Ziskind" said:
> > The best place to ask this question is on usenet:comp.unix.sco.misc.
>
> This is, of course, if you can find a still-functional usenet server. ;)
If not, the
> Checklists come in handy in fact if many were followed (BCP
> checklists, appropriate industry standard fw, system rules)
> the net would be a cleaner place.
Sensible checklists that actually improve matters, yes.
The audit checklists I've often been subjected to, full of security theatre and
This just popped up - BITAG, the Broadband Internet Technical Advisory
Group, which
apparently has some Google backing. While it does not impact router
configuration today, it sure does sound like they
want to in the future.
http://www.prnewswire.com/news-releases/initial-plans-for-broadband-
Tim Franklin wrote:
> and another checklist with a magic acronym that has everything to do
> with security theatre and nothing to do with either actual security or
> the reality of operating a network.
Checklists come in handy in fact if many were followed (BCP checklists,
appropriate industry stan
On Thu, 10 Jun 2010 12:27:18 BST, Michael Dillon said:
> If any organization operates an infrastructure which could be
> vulnerable to cyberattack that would damage the country in which they
> operate, that organization needs to be regulated to ensure that their
> networks cannot be exploited for
> I would expect that the increased awareness of network security that
> resulted would pay dividends in business and home use of networks.
I'd expect a lot of nice business for audit firms with the right government
connections, and another checklist with a magic acronym that has everything to
d
> Going back then to a previous question, do we want more/any regulation ?
Yes.
All vulnerable industries should have their use of network
communications regulated. This means all power stations, electricity
line operators, dam gate operators, etc. They should all be required
to meet a standard o
On 06/10/10 03:05, Andrew D Kirch wrote:
> On 06/10/2010 02:45 AM, William Pitcock wrote:
> The above should be considered the correct response to this and any
> similar question.
This reminds me of another person on this list who was heard at
INET-1996 to say:
"We build the highway, we don't fi
On Thu, 10 Jun 2010 05:39:43 EDT, "N. Yaakov Ziskind" said:
> The best place to ask this question is on usenet:comp.unix.sco.misc.
This is, of course, if you can find a still-functional usenet server. ;)
pgp74dWyAu0bD.pgp
Description: PGP signature
The best place to ask this question is on usenet:comp.unix.sco.misc.
jacob miller wrote (on Wed, Jun 09, 2010 at 11:40:27PM -0700):
> Hi,
>
> Am getting the following error from my SCO UNIX box.
>
> Any idea as to what they mean.
>
>
>
> proto: 0, age: 1274191185
>
> locks: inits:
>
> sock
This would appear to be political in nature and therefore not operational,
right?
"Larry Sheldon" wrote:
>On 6/9/2010 08:21, Joe Greco wrote:
>
>> Your car emits lots of greenhouse gases. Just because it's /less/ doesn't
>> change the fact that the Prius has an ICE. We have a Prius and a HiHy
From recent article at MIT Technology Review:
How ISPs Could Combat Botnets
Focusing on the top 50 infected networks could eliminate half of all
compromised machines.
Convincing Internet service providers to pinpoint infected computers on their networks could eliminate the lion's share of
zom
On Tue, Jun 08, 2010 at 11:14:10PM -0700, Paul Ferguson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> To cut through the noise and non-relevant discussion, let's see if we can
> boil this down to a couple of issues:
>
> 1. Should ISPs be responsible for abuse from within their cust
On 06/10/2010 02:45 AM, William Pitcock wrote:
On Wed, 2010-06-09 at 23:40 -0700, jacob miller wrote:
Hi,
Am getting the following error from my SCO UNIX box.
They mean "use an operating system not made by crackheads." There's a
reason why SCO switched from UNIX sales to Intellectua
38 matches
Mail list logo