On Aug 8, 2013, at 9:13 PM, Blake Dunlap wrote:
> Thanks, this is quite interesting. I never would have expected that kind of
> behavior.
I've been having trouble getting in touch with the Netgear security group about
this, if someone knows how to contact them, I'd appreciate a referral on th
Thanks, this is quite interesting. I never would have expected that kind of
behavior.
-Blake
On Thu, Aug 8, 2013 at 3:37 PM, Jared Mauch wrote:
>
> On Aug 8, 2013, at 2:07 PM, Blake Dunlap wrote:
>
> > On a related note, how are you actually getting this data?
>
> Sure:
>
>
> https://www.nano
That's correct, I have seen L3 use that for MPLS as recently as a few months
ago.
-James
-Original Message-
From: Brad Fleming [mailto:bdfle...@gmail.com]
Sent: Thursday, August 08, 2013 7:49 AM
To: Humberto Galiza
Cc: NANOG Mailing List
Subject: Re: Strange entries from AS1 in global t
On Aug 8, 2013, at 2:07 PM, Blake Dunlap wrote:
> On a related note, how are you actually getting this data?
Sure:
https://www.nanog.org/sites/default/files/tue.lightning3.open_resolver.mauch_.pdf
I would point you at the streaming archive, but I'm not sure where they went.
Perhaps they can
Hi,
> I'm pretty sure that if 6connect doesn't have an existing tool to import
> Northstar that they'd work with your client to get it done.
+1 on 6connect. Very helpful people there :-)
Sander
Dear NANOGers,
Hope you are enjoying this great Summer. Following our July 15, 2013 posting
‘‘Announcing the October 2013 NANOG Elections’ which provided a preview into
our election process, on behalf of the Board and 2013 Elections Committee, we
are pleased to open the Call for Board Member N
All,
Here's the correct list, apologies for the confusion.
http://openresolverproject.org/spoofers-20130804-byasn-count.txt
Top ASN excerpt:
Count ASN
46024 5617
43729 9394
28358 17964
27923 3269
24323 12874
22726 4847
22690 286 1136
21541 6079
2038
On a related note, how are you actually getting this data?
What you have said previously ( Number of unique IPs that spoofed a packet
to me. (eg: I sent a packet to 1.2.3.4 and 5.6.7.8 responded). ) doesn't
even make sense.
-Blake
On Thu, Aug 8, 2013 at 12:51 PM, Jared Mauch wrote:
> Oops, I
On Thu, 08 Aug 2013 12:46:10 -0500, Blake Dunlap said:
> I noticed that two of my ASNs are on that list for example with low
> numbers. I can't fathom how as at least one of them has uRPF implemented on
> any actual interfaces and no downstreams/peers.
Most likely, you have places where one host i
Oops, I pulled the wrong data (off by one column) out before a trip and didn't
realize it until now.
This is not the spoofer list, but the list of ASNs with open resolvers.
Let me reprocess it.
Apologies, corrected data being generated.
- Jared
On Aug 8, 2013, at 1:29 PM, Jared Mauch wrote:
I noticed that two of my ASNs are on that list for example with low
numbers. I can't fathom how as at least one of them has uRPF implemented on
any actual interfaces and no downstreams/peers.
-Blake
On Thu, Aug 8, 2013 at 12:40 PM, Matthew Petach wrote:
> On Thu, Aug 8, 2013 at 10:29 AM, Jared M
On Aug 8, 2013, at 1:40 PM, Matthew Petach wrote:
>
>
> On Thu, Aug 8, 2013 at 10:29 AM, Jared Mauch wrote:
>
> On Aug 1, 2013, at 2:31 AM, Saku Ytti wrote:
>
> > On (2013-07-31 17:07 -0700), bottiger wrote:
> >
> >> But realistically those 2 problems are not going to be solved any time
>
On Thu, Aug 8, 2013 at 10:29 AM, Jared Mauch wrote:
>
> On Aug 1, 2013, at 2:31 AM, Saku Ytti wrote:
>
> > On (2013-07-31 17:07 -0700), bottiger wrote:
> >
> >> But realistically those 2 problems are not going to be solved any time
> >> in the next decade. I have tested 7 large hosting networks
On Aug 1, 2013, at 2:31 AM, Saku Ytti wrote:
> On (2013-07-31 17:07 -0700), bottiger wrote:
>
>> But realistically those 2 problems are not going to be solved any time
>> in the next decade. I have tested 7 large hosting networks only one of
>> them had BCP38.
>
> I wonder if it's truly that u
It's a fair question and had nothing to do with the other network (TW
Telecom, in this case, not TIme Warner Cable).
Sorry for not filling in details sooner.
We recently needed to adjust the scale profile on some of our Cisco ASR9k
trident chip (80gig) Line Cards as we reached . The default profil
On (2013-08-08 17:48 +0300), Martin T wrote:
> > In most cases upstream does not do any automatic prefix filter generation,
> > it's maybe somewhat popular in mid-sized european shops but generally not
> > too common.
>
> What do you mean? In most cases upstreams do not filter prefixes at all?
I think Level(3) uses it for at least some L3 MPLS VPN stuff. We peer with that
AS for dedicated SIP service transport for example.
On Aug 8, 2013, at 5:25 AM, Humberto Galiza wrote:
> Looking at our routers I can see this:
> 3549 3356 26114 1 i
> 12956 1239 23520 23383 1 ?
>
> but neither 26
Saku,
> In most cases upstream does not do any automatic prefix filter generation,
> it's maybe somewhat popular in mid-sized european shops but generally not too
> common.
What do you mean? In most cases upstreams do not filter prefixes at all?
> There is active on-going work to secure BGP
Level 3 currently uses AS 1 in their MPLS network. I'm unsure if it's used
elsewhere, but AS 1 could get into the AS paths of prefixes in the global
routing table this way. I wouldn't expect to see it originating routes outside
of the WAN interface for customers though and those are typically wa
They do happen, but they get little publicity. People that I've talked to
about this say, for reasons mostly unspecified, they'd rather not talk
about it.
On Wed, Aug 7, 2013 at 6:06 PM, Christopher Morrow
wrote:
> On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray wrote:
> >
> > It would be incredibly
Looking at our routers I can see this:
3549 3356 26114 1 i
12956 1239 23520 23383 1 ?
but neither 26114 or 23383 are Brazilian ISP´s. Anyway, I guess it´s
probably leaked routes or even use of AS 1 as private one (I don´t
think level3 guys are using this AS anymore...).
Cheers,
Humberto Galiza
21 matches
Mail list logo
