On 5 Jun 2015, at 10:56, David Mandelberg wrote:
Could you elaborate on your enumeration and DDoS concerns?
Crypto = more overhead. Less priority to crypto plus DDoS = routing
update issues.
One can infer peering relationships in a way not possible before.
What about bogus signatures?
-
On 06/02/2015 10:04 PM, Ethan Katz-Bassett wrote:
> The same folks also followed up that workshop paper with a longer paper on
> the topic:
> https://www.cs.bu.edu/~goldbe/papers/sigRPKI.pdf
And a different set of folks (including me) are working on a different
mechanism to protect against attacks
On 06/03/2015 04:27 AM, Roland Dobbins wrote:
> (not to mention the
> enumeration and enhanced DDoS impact of packeting routers doing crypto
> for their BGP sessions and which aren't protected via iACLs/GTSM).
Could you elaborate on your enumeration and DDoS concerns? If you're
concerned about the
On Thu, Jun 4, 2015 at 1:53 PM, Sadiq Saif wrote:
> I am looking for providers that can provide me a VPS with a BGP session
> so I can announce my PI IP space (v4 + v6). I have looked at other
> threads on NANOG regarding this and already have sessions up with ARP
> Networks, Mythic Beasts, and Kn
Well, I was kinda thinking this would turn out to be a dumb question / have
an obvious answer. Apparently not. But it seems I can't go buy a solution
either. I guess there isn't much of a market (though I am just talking
software - maybe someone could make an update :) ).
On Thu, Jun 4, 2015 at 2:52 PM, Rob Seastrom wrote:
>
...
> MC on thereifixed.com or similar sites).
thereifixedit.com
iftfy. ;P
Matt
A company has asked me if I could find anyone who could provide:
1. Roof space for a 1.2m dish
2. About 2U rackspace (i.e., not a whole rack minimum)
3. Modest (5-10mb) bandwith.
4. Cabling between the rackspace and roof dish
5. Power
Prefer Boston/Cambridge area but would consider other venues.
On June 4, 2015 10:11:02 AM PDT, Victor Zakharyev
wrote:
>Does anyone have videos from Google presentations on Telemetry?
>
>Thanks!
>
>Victor
>
>чт, 4 июня 2015 г. в 9:51, Jay Ashworth :
>
>> - Original Message -
>> > From: "Sadiq Saif"
>>
>> > For those that missed them:
>> >
>https://
On 06/04/2015 01:16 PM, Christopher Morrow wrote:
> On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote:
>> I’d argue that SSH is several thousand, not a few hundred. In any case, I
>> suppose you can make the argument that only a few people are trying to
>> access their home network resources rem
This takes me back to the days of old with bread racks full of modems and
the mess of wall-warts and power-strips.
--
Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474
On Thu, Jun 4, 2015 at 2:52 PM, Rob Seastrom wrote:
>
> William Herrin writes:
>
> > Isn't it against the NEC and the fire code to
In message
, Philip Dorr writes:
> On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow
> wrote:
> > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote:
> >> I=E2=80=99d argue that SSH is several thousand, not a few hundred. In an=
> y case, I suppose you can make the argument that only a few peo
William Herrin writes:
> Isn't it against the NEC and the fire code to stack power strips? We
> all do it, but isn't it against code?
Sorry to be late to the party (I plead vacation), but no, afaik it is
not. About as close as the NEC comes art 400.8 - you can't use
flexible cord as a substitu
On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow
wrote:
> On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote:
>> I’d argue that SSH is several thousand, not a few hundred. In any case, I
>> suppose you can make the argument that only a few people are trying to
>> access their home network res
You could look into LXD for that type of deployment.
On Thu, Jun 4, 2015 at 12:55 PM, Pavel Odintsov
wrote:
> Brilliant idea! But in Docker we could offer only sflow and sflow. Port
> mirror capture need support from the kernel side. Will try shortly!
>
> On Thursday, June 4, 2015, Roberto Bertó
I also reboot for kernel updates!
On Thu, Jun 4, 2015 at 11:57 AM, Jay Ashworth wrote:
> - Original Message -
> > From: "Cowboy"
>
> > On Sunday 31 May 2015 03:49:10 pm Graham Wilman wrote:
>
> > > after getting the play out working on clienta terminal for the past
> > > 6 days
> > > th
On Thu, Jun 4, 2015 at 1:44 PM, Måns Nilsson wrote:
> You have successfully demonstrated that users will need some locating
> service. More so with the cure-all IPv6; because remembering hex is hard
> for People(tm).
but it's not just hex. Even today you (if given a bare ipv4 address)
would need
Brilliant idea! But in Docker we could offer only sflow and sflow. Port
mirror capture need support from the kernel side. Will try shortly!
On Thursday, June 4, 2015, Roberto Bertó wrote:
> What about we build a Docker?
>
> 2015-06-04 14:47 GMT-03:00 Alexander Maassen >:
>
> > It's a security t
Hi,
I am looking for providers that can provide me a VPS with a BGP session
so I can announce my PI IP space (v4 + v6). I have looked at other
threads on NANOG regarding this and already have sessions up with ARP
Networks, Mythic Beasts, and Knightswarm. Host Virtual is unfortunately
out of my bud
What about we build a Docker?
2015-06-04 14:47 GMT-03:00 Alexander Maassen :
> It's a security tool. So ppl using it want to publicly hide the fact they
> use it in case you screw up and it contains leaks ;)
>
> Oorspronkelijk bericht
> Van: Pavel Odintsov
> Datum:
> Aan: Jim P
It's a security tool. So ppl using it want to publicly hide the fact they use
it in case you screw up and it contains leaks ;)
Oorspronkelijk bericht
Van: Pavel Odintsov
Datum:
Aan: Jim Popovitch
Cc: nanog@nanog.org
Onderwerp: Re: FastNetMon 1.1.2 - open source solution f
Subject: Re: AWS Elastic IP architecture Date: Thu, Jun 04, 2015 at 01:16:03PM
-0400 Quoting Christopher Morrow (morrowc.li...@gmail.com):
> On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote:
> > I’d argue that SSH is several thousand, not a few hundred. In any case, I
> > suppose you can make t
Looks like many folks want hide company emails ;) I'm good guy and will not
spam or offer slmething ;)))
But I'm impressed about amount of off list requests. Really huge interest
in tool.
On Thursday, June 4, 2015, Jim Popovitch wrote:
> There's a surprising amount of GMail (yes, including me)
On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote:
> I’d argue that SSH is several thousand, not a few hundred. In any case, I
> suppose you can make the argument that only a few people are trying to access
> their home network resources remotely other than via some sort of
> proxy/rendezvous s
Does anyone have videos from Google presentations on Telemetry?
Thanks!
Victor
чт, 4 июня 2015 г. в 9:51, Jay Ashworth :
> - Original Message -
> > From: "Sadiq Saif"
>
> > For those that missed them:
> > https://www.youtube.com/playlist?list=PLO8DR5ZGla8ju3ftZv_S6L12jBkZKEJVZ
>
> Oh,
On Thu, Jun 4, 2015 at 5:16 AM, Owen DeLong wrote:
>
>> On Jun 3, 2015, at 9:24 PM, Christopher Morrow
>> wrote:
>
>> let's skip all NAT discussions on this topic from here on out, yes?
>
> Only if you can promise me 100% that the NAT in question will not break
> anything.
:) people don't seem
- Original Message -
> From: "Cowboy"
> On Sunday 31 May 2015 03:49:10 pm Graham Wilman wrote:
> > after getting the play out working on clienta terminal for the past
> > 6 days
> > the decision was taken today to get clientb terminal working which
> > it now partially is
> > unfortunate
I have no relation, but as a mail server operator I can say that I
wouldn't be surprised if this is actually a TLS version mismatch or
intolerance problem. I would suggest ensuring that both ends support TLS
1.0, 1.1, and 1.2 and use version tolerant TLS implementations. Next on
the short list
There's a surprising amount of GMail (yes, including me) and new-ness
in this thread.Should I be impressed with the freshness or
concerned about astroturfing? :-)
Bah Humbug!
-Jim P.
- Original Message -
> From: "Sadiq Saif"
> For those that missed them:
> https://www.youtube.com/playlist?list=PLO8DR5ZGla8ju3ftZv_S6L12jBkZKEJVZ
Oh, outstanding. Thanks.
Cheers,
-- jra
--
Jay R. Ashworth Baylink j...@baylink.com
Designer
Dear Pavel ,
This is definitely interesting project .
I already tested the previous version but due to some feature limitation i
could not continue but i think this new version added very important
features . Definitely I will trail the new version soon .
On Wed, Jun 3, 2015 at 2:16 AM, Pavel
Anyone on the list who does outbound delivery for Verizon (which I think
is actually Superpages)? A client has smart-hosted outbounds to *one*
of his customers bouncing suddenly with
Deferred: 403 4.7.0 TLS handshake failed.
*My* inclination is to think that a cert expired somewhere, but his
> On Jun 3, 2015, at 9:24 PM, Christopher Morrow
> wrote:
>
> On Wed, Jun 3, 2015 at 7:56 AM, Owen DeLong wrote:
>> For example, let’s say you have 20 machines for whom you want to allow
>> inbound SSH access. In the IPv4 world, with NAT, you have to configure an
>> individual port mapping f
>>>
>>> IPv4 with NAT, standard NAT/firewall traversal techniques are used so that
>>> things inside your house are reachable as necessary. Almost nobody
>>> configures their firewall to open up anything.
>>
>> HuH?
>>
>> How do I SSH into my host behind my home NAT firewall without configurat
33 matches
Mail list logo
