Re: IEEE OUI regauth (search ?) site

Brandon Applegate writes: Hi, > Anyone have any insight on how one can look up an OUI (yes I know about > oui.txt, but I’m asking about a live query site). https://www.wireshark.org/tools/oui-lookup.html ? Jens --

Re: IEEE OUI regauth (search ?) site

On Wed, Dec 9, 2015 at 6:32 AM, Brandon Applegate wrote: > They’ve made some changes recently - I had a perl script that would do the > lookup and scrape live - it was great. It broke a week or so ago. > > This seems to be the page to search for OUI: > >

IEEE OUI regauth (search ?) site

They’ve made some changes recently - I had a perl script that would do the lookup and scrape live - it was great. It broke a week or so ago. This seems to be the page to search for OUI: https://regauth.standards.ieee.org/standards-ra-web/pub/view.html

Re: Ransom DDoS attack - need help!

hi jean-f On 12/08/15 at 11:46pm, Jean-Francois Mezei wrote: > Since the OP mentioned a "ransom" demand (aka: extortion), should law > enforcement be contacted in such cases ? simply saying "these bozo's are attempting to extort $100 from me" with their email demands probably will not get the

Re: Modem as a service?

On Mon, Dec 07, 2015 at 11:54:17AM -0600, Larry Sheldon wrote: > I'll join the confusion--I thought the OP wanted to test for power > availability at the distant site by seeing if a modem there would answer > the phone there. That it HAD to be a modem in that case makes no sense > to me. > >

Re: Looking for VPS providers with BGP session

Hi, you might find useful to see Nat Morris's presentation on "Anycast on a shoe string". He lists several VPS providers that do BGP for his project. Here is one link: http://www.slideshare.net/natmorris/anycast-on-a-shoe-string Regards, Felipe On 7 December 2015 at 12:40, Philippe Bonvin via

Re: IGF Mandate Renewl

On 12/8/15 1:06 AM, Randy Bush wrote: > they eat better food than we do Not in my considerable experience. I always thought that was part of the problem. Eliot signature.asc Description: OpenPGP digital signature

Re: Is RouteViews dead? Is there any alternatives?

PCH maintains routing archives here: https://www.pch.net/resources/Raw_Routing_Data/ In aggregate, our AS3856 collects routes from 1307 distinct ASNs spread across 82 IXPs. > *From:* Kurt Kraut via NANOG > > *Date:* December 8, 2015 at 08:24:31 PST >

Re: Ransom DDoS attack - need help!

I believe that is what he meant, yeah. Figurative opening of the bank account - showing them that you're willing to pay makes you a target for future payments as well. On Thu, 03 Dec 2015, Daniel Corbe wrote: > > > On Dec 3, 2015, at 10:26 AM, Nick Hilliard wrote: > > > > On

CAIDA BGP Hackathon 6,7 Feb 2016 -- Call for Participation

What: CAIDA BGP Hackathon, Call for Participation (CFP) When: Feb 6-7, 2016 Where: the San Diego Supercomputer Center (SDSC) on the University of California at San Diego (UCSD) campus. Who: Parties interested in hacking on live BGP data. Inquiries: bgp-hackathon-i...@caida.org Important Deadline:

Re: Ransom DDoS attack - need help!

We received a similar ransom e-mail yesterday followed by a UDP flood attack. Here is a sample of the attack traffic we received as well as a copy of the ransom e-mail. Thought this might be useful to others who have been targeted as well. I will have to talk with our upstream providers to get a

Re: Ransom DDoS attack - need help!

hi joe On 12/08/15 at 01:24am, Joe Morgan wrote: > We received a similar ransom e-mail yesterday :-) dont pay real $$$ ... pretend that it was paid and watch for them to come get the ransom ... never give your real banking info ask them, where do you send the "$xx,000" mastercard gift card

Re: Ransom DDoS attack - need help!

> > > On 10 December 2015 at 01:48, alvin nanog > wrote: > >> what app do yu have that talks to port 1900 ? >> > > UDP 1900 is a "Chargen" UDP reflection attack. The DNS and NTP packets are > also from a reflection attack. > > Sorry I was made aware that UDP 1900

Re: Ransom DDoS attack - need help!

On 8 Dec 2015, at 14:24, Joe Morgan wrote: At the point in time we blackholed our ip we were seeing 20+Gbps. These two presos discuss extortion DDoS and UDP reflection/amplification attacks, specifically - it isn't necessary to resort to D/RTBH to deal with these attacks:

Re: Ransom DDoS attack - need help!

On 10 December 2015 at 01:48, alvin nanog wrote: > what app do yu have that talks to port 1900 ? > UDP 1900 is a "Chargen" UDP reflection attack. The DNS and NTP packets are also from a reflection attack. We filter UDP 1900 at our border. Not to protect our

Re: Looking for VPS providers with BGP session

On Tue, Dec 8, 2015 at 8:52 PM, Yucong Sun wrote: > I recommend http://www.quadranet.com/ ! I have been a happy customer > for almost two years, > > I have a single dedicated server over there, running full BGP feed > with them, It's a fairly extensive setup with multiple

Re: Ransom DDoS attack - need help!

Just an update for those following. We have custom in house software that watches the traffic flows from our edge routers and automatically blackholes any ip getting targeted. The blackhole gets sent upstream which is what we did to maintain the network for our customers during the first attack.

Re: Ransom DDoS attack - need help!

On 10 Dec 2015, at 13:21, Joe Morgan wrote: We have custom in house software that watches the traffic flows from our edge routers and automatically blackholes any ip getting targeted. Suggest you take a look at the presos I posted earlier and look into S/RTBH, flowspec, some limited QoS, and