uired by neustar sometime back) -
http://www.webmetrics.com
--
Suresh Ramasubramanian (ops.li...@gmail.com)
in some
> cases they'll be legacy space holders with no RSA with their region's RIR,
> and because they won't be worried about eligibility for future RIR
> allocations of v4 space...because there won't be any.
>
> ----------
> Jon Lewis, MCP :) | I route
> Senior Network Engineer | therefore you are
> Atlantic Net |
> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
lt;mailto:tmag...@providecommerce.com>
>
> provide-commerce
> 4840 Eastgate Mall
> San Diego, CA 92121
>
> ProFlowers<http://www.proflowers.com/> |
> redENVELOPE<http://www.redenvelope.com/> | Cherry Moon
> Farms<http://www.cherrymoonfarms.com/> | Shari's
> Berries<http://www.berries.com/>
>
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
> feel free to contact me directly
--
Suresh Ramasubramanian (ops.li...@gmail.com)
uplicated MACs across two physically different machines. What are the
> odds, that HP would dup¹d them and that both would eventually end up at my
> shop? Or maybe this type of thing isn¹t big of deal... ?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
service you can buy that from at least 4 or 5 nationwide
landline providers, besides several cellphone providers.
"Monopoly" is what there was like a decade back.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ion-options.aspx
>
>
> DISSENT = set interface null *1984*
> *
--
Suresh Ramasubramanian (ops.li...@gmail.com)
nherited. Does
> anybody know of anyone who would consider reconfiguring/fixing it.
>
> It seems that all mail presented to it appears to be from
> "localhost", when i reject unautorized destinations, it rejects all
> mail.
>
> Thanks in advance.
>
On Fri, Dec 10, 2010 at 6:25 AM, Brandon Kim wrote:
>
> Wow, sounds like TrueCrypt it is.not a single other app was suggested!!!
>
> Thank you gentlemen!
>
There's also PGP WDE (Whole Disk Encryption)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
f he'd like to reconsider it, given the new
security threats we all face that have outdated that meme.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
And if I ever find the genius who came up with the "we are not the
internet police" meme ...
On Fri, Dec 10, 2010 at 12:19 AM, Suresh Ramasubramanian
wrote:
> Let's put it this way.
>
> 1. If you host government agencies, provide connectivity to say a
> nuclear power
traffic
> profiles / signatures? Deny all, unless flow (addresses/protocol/port) is
> pre-approved / registered?
>
> What does the technical solution look like?
>
> Any solutions to maintain some semblance of freedom?
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
d by other SPs) are usually sent to a
separate address and auto processed.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
@@@ /_// /^\ \\_\
@x@@x@| | |/ WW( ( ) )WW
\/| |\| __\,,\ /,,/__
\||/ | | | jgs (__Y__)
/\/\/\/\/\/\/\/\//\/\\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
--
Suresh Ramasubramanian (ops.li...@gmail.com)
; guys)...
>
> http://www.webmetrics.com/
--
Suresh Ramasubramanian (ops.li...@gmail.com)
nds. Otherwise no.
>
> /me waits for the knock at the door and the yell of "Search warrant, we
> hear you're running an uncensored BIND"
--
Suresh Ramasubramanian (ops.li...@gmail.com)
dates referred to it seem more to be related to the routing
> leaks on April 8th. Or do you have additional information?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
d records? While there is no obvious
> indication of who made the change or for what reason, it's unlikely it was
> accidental.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ing which was presented to congress
So, lessigisms like "code is law" aside, I guess yes, it IS political now.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
http://www.foxnews.com/politics/2010/11/16/internet-traffic-reportedly-routed-chinese-servers/
--
Suresh Ramasubramanian (ops.li...@gmail.com)
this to load balance three
> satellite uplinks in Afghanistan, 2 Mbps each, but it will supposedly
> handle much higher.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
Juniper srx runs JunOS.
On Sat, Oct 30, 2010 at 11:31 AM, Jeffrey Lyon
wrote:
>
> Juniper Netscreen does, in case the OP is looking for alternatives.
>
> Best regards, Jeff
--
Suresh Ramasubramanian (ops.li...@gmail.com)
; on these businesses, expect to see wifi hotspots diminish. IMO, that
> classification would be a bad thing.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ized blacklists run by dedicated organizations haven't solved
> the problem yet, so I'm not holding my breath waiting for that to work out...)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
mitigation, or SPF .. or more likely both.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
in Outer Mongolia
if they want to.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
attacks were
> suddenly legal.
>
> --
> Brandon Galbraith
> Voice: 630.492.0464
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
t another hosting company, setup the VPN server,
> change the IPs their spam servers VPN to, and they're back in business.
> When sales brought me their initial request, I really didn't believe it, but
> I didn't have good enough cause to reject it.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ery much there - and if the port 25 filtering were to be
taken out, you'd at once see the increase in spam volumes.
--srs
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ould likely increase a
> bit. but my guess, and i mean guess, is that the limiting parameter
> could well be how many bots the perps can get, not how well those bots
> are blocked.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
BCP38 / RFC2827 were created specifically to address some quite
similar problems. And googling either of those two strings on nanog
will get you a lot of griping and/or reasons as to why these aren't
being more widely adopted :)
--srs
On Fri, Sep 3, 2010 at 7:47 AM, Zhiyun Qian wrote:
> Suresh,
lr spamming"). This work appeared in this year's IEEE Security &
> Privacy conference. You can take a look at it if you are interested (and
> feedbacks are welcome):
>
> http://www.eecs.umich.edu/~zhiyunq/pub/oakland10_triangular-spamming.pdf
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ributions cannot go to religious or political organizations
> per corp policy*
>
> Thanks!
>
> -wil
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
and of course apricot (www.apricot.net)
On Sun, Aug 22, 2010 at 7:47 PM, Marshall Eubanks wrote:
>
> SANOG (Southeast Asia) - http://www.sanog.org/
>
> PACNOG (Pacific) - http://www.pacnog.org/
--
Suresh Ramasubramanian (ops.li...@gmail.com)
> That would be rarther funny Sven, you buying IBM. Sweet dreams.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Wed, Aug 11, 2010 at 4:59 PM, Sven Olaf Kamphuis wrote:
> hmm funny, it had the piratebay on it, the 3rd most visted .org domain in
> the world, as well as number 7 or so on the list of most visted websites in
> the entire world, until a few months ago.
no, that doesnt matter as much as just h
ileged
> and confidential and is intended only for the use of the individual or
> individuals addressed. Any other use, dissemination, distribution or
> copying of this communication is strictly prohibited.
>
>
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Thu, Jul 1, 2010 at 11:11 AM, Michael Painter wrote:
> As randy said not too long ago, First they came for...
No. Not Randy. That was pastor martin neimoller about the nazis.
So, you just invoked godwin's law. Thread over.
thank you
suresh
or may not hear a status back, or get your AS unblocked
>> Sit tight and wait, till then
>
> I am aware of this way, sure. I just hoped, there would be a more...
> efficient way.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
my guy contacts his base IT staff to bitch about his email
His base IT staff escalates the bitching up through a long and twisty channel
Then you may or may not hear a status back, or get your AS unblocked
Sit tight and wait, till then
--
Suresh Ramasubramanian (ops.li...@gmail.com)
gt;
> We are using a hodgepodge of homegrown stuff and RT but are outgrowing
> it.
>
> What's good? What sucks?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ng DNS records and prefixes should
> be able to be advertised through BGP like normal. (Apparently, people
> like to do funky DNS stuff to make this work and sometimes don't want
> to do BGP in other scenarios.)
>
> Thanks in advance,
>
> --
> William McCall
>
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
IDS result to redirect them to a
> special web page to tell them, they have to do something.
>
> The main issue, it not to know which machines are hijacked, but to support
> these machines.
>
> ----- Original Message -
> From: "Suresh Ramasubramanian"
> To:
Log and monitor all that you can. And watch for a large number of IPs
logging into an account over a day (over a set limit - even across
country - that takes into account "home - blackberry - airport lounge
- airport lounge in another country - hotel - RIPE meeting venue"
type scenarios).
And esp
or exim, it's mostly a place to hang the
> various on-connect filter regimes.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
need on my router to do BGP, you have to ask the
> fundamental question of how big your routing table will be. I don't see this
> as any different. Its helpful to provide opinions when you are guided by
> some data :)
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
Its nanog and not an RFQ process or I'd have asked him that too :)
On Mon, Apr 12, 2010 at 9:29 PM, Zaid Ali wrote:
> I haven't seen the man ask support for messages/hour, 3M..10M..1B ? Or maybe
> I missed this question?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Mon, Apr 12, 2010 at 8:45 PM, todd glassey wrote:
> On 4/12/2010 7:22 AM, Suresh Ramasubramanian wrote:
>> The man did say "carrier class" .. not "small webhost for four
>> families and dog".
>
> yes he did Suresh ... meaning that something larger and
aning they are worthless from an evidence
> perspective, something that we as network engineers are constrained by
> as well.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
s your needs go for it.
-suresh
2010/4/12 Alex Kamiru :
> Suresh,
> I am more interested in option 1 and would want opinion from those with
> experience on that.
>
> -Original Message-
> From: Suresh Ramasubramanian
> To: Alex Kamiru
> Cc: nanog
>
Areas that are key for me are centralized management and
> reporting, carrier class performance, per mailbox policy and quarantine,
> and favourable licensing for an MSSP. I know Ironport is rated highly in
> this space but I find its per user licensing is not favourable for a
> MSSP.
ng consumers...
Hell, funnily enough Susan Crawford warned at the time that the FCC
action wouldn't stand up in court the way it was done.
http://www.circleid.com/posts/comcast_vs_the_fcc_a_reply_to_susan_crawfords_article/
--srs
--
Suresh Ramasubramanian (ops.li...@gmail.com)
flow will
> eventually
> partition the Internet sufficiently to break it beyond recognition.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Wed, Apr 7, 2010 at 8:12 PM, Chris Grundemann wrote:
> They are now using the phrase "Open
> Internetworking" to describe their stance on the issue.
How very sensible of ISOC.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Sun, Apr 4, 2010 at 2:42 PM, James Bensley wrote:
>
> Also having the email account ipv3@gmail.com, thats not very useful?
He's still got to reach the heights of IPv9
--
Suresh Ramasubramanian (ops.li...@gmail.com)
Limoncelli, Hogan, and
> Challup. I may be biased, being married to Hogan.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Thu, Apr 1, 2010 at 8:24 PM, Mark Andrews wrote:
> You only need to add PTR records for the addresses in use.
>
Not really the way most automated dns provisioning systems work today
.. and where would they be without $GENERATE in bind? :)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
all , i am not a document specialist, i come across
> some requirement where i need to search for ...that is what all other people
> do..
--
Suresh Ramasubramanian (ops.li...@gmail.com)
gt; queries/second is.. not to economically Dos someone, it's to
> obliterate their service infrastructure.
>
> Sure, you could ALSO target something hosted (for instance) at
> Amazon-AWS and increase costs by making lots and lots and lots of
> queries, but that wasn't the point of w
ormal” but are
> done so to drive compute, network, and storage utility billings in a cloud
> model abnormally high."
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ons on good hotels that allow smoking?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
s already SS7 which is, essentially a centralized
> layer of indirection for phone numbers. This was necessary in order to support
--
Suresh Ramasubramanian (ops.li...@gmail.com)
s should be on the list. Others have made claims
> about its accuracy and say great things about it. Others complain that
> we unjustly block them, however, 99.9% of the people who are blocked and who
> contact
> us find a BOT in their network.
>
>
> Sincerely,
>
> Dean Drako
> CEO Barracuda Networks
>
>
>
>
>
>
>
>
>
>
>
>
--
Suresh Ramasubramanian (ops.li...@gmail.com)
have false positives.
Christ. You pick APEWS as a reputation filter.. and then even bother
to *count* the false positives?
That's not a list that's particularly designed to minimize FPs, to put
it very mildly.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Thu, Feb 11, 2010 at 7:50 AM, Randy Bush wrote:
>> But, as a hyper-aware viewer I did detect a tone in favor of "network
>> neutrality" type arguments- and I suppose that is OK.
>
> is this a bug or a feature
bug
--
Suresh Ramasubramanian (ops.li...@gmail.com)
abuse
> report where the most important parts would be "type of abuse", "IP doing
> the abuse", "time the abuse occured" and " happened>" that could be used by end users. Creating a new MIME type
> precludes most end users from ever using it b
ddress is about a decade old.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
es from/through google and google groups.
>
> is this accepted/supported activity on google?
>
> if not, where might i find a contact who can cluefully respond?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
on to the whole process, the
> whole chain of information flow.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ly way to eliminate human error completely
> is to eliminate the presence of humans in the activity.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
liminated. One is too many."
Automated config deployment / provisioning. And sanity checking
before deployment.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
ong with citable sources if possible.
>
> Ideally - number of zombified PCs, percentage of zombified PCs, name of
> nation, source.
>
> Threat reports from symantec and macafee suggest the US leads, with
> China a very close second.
>
> Yes, we realize that answers will
ig/index files for itself, instead of me
> having to do it on each and every port change.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
zones serving up v6.
--srs
On Fri, Jan 15, 2010 at 9:20 PM, Mark Schouten wrote:
> Hi,
>
> FYI:
>
> http://virbl.bit.nl/index.php#ipv6
>
> Comments on the listing method are appreciated.
>
> Regards,
--
Suresh Ramasubramanian (ops.li...@gmail.com)
is what I believe you
> actually meant.
>
fair enough.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Tue, Jan 5, 2010 at 10:38 AM, Dobbins, Roland wrote:
>
>> Additional mitigation would be via manual or automatic RTBH or
>> security/abuse@ involvement with upstreams.
>
> Automagic is generally bad, as it can be gamed.
... and manual wont scale in ddos
--
Suresh Ra
ibm.com/aurora/
Now commercially available as
http://www-01.ibm.com/software/tivoli/products/netcool-performance-flow/
Full disclosure - I work for big blue - but not in any division that
works on Aurora / Tivoli Netcool.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
d reasons I won't
> get into now.
>
> 4. Indeed, were equipped to handle substantially higher than 150kpps.
>
> I'm sure Arbor is really neat but I disagree that any DDoS appliance is a
> standalone solution. I don't expect an employee of the vendor themselves t
Two more options. And for Netflow device - read that to mean Arbor or
its competitors.
5 Ditch the stateful firewall and exclusively use a netflow device
6. Outsource to a hosted DDoS mitigation service (Prolexic etc)
On Tue, Jan 5, 2010 at 8:43 AM, Suresh Ramasubramanian
wrote:
> Do
at the risk of a DDoS that exceeds your firewall's rated
capacity is extremely low? [and yes, 150k ++ connections per second
ddos is going to be massive, and relatively rare for most people]
--srs
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Sun, Jan 3, 2010 at 10:24 PM, Eric Brunner-Williams
wrote:
> On 1/2/10 11:38 PM, Suresh Ramasubramanian wrote:
>> ... it would be interesting if some process were developed to
>> deaccredit or otherwise kill off the shell registrars
>
> Suresh, Why?
My comment was more i
CANN accreditations: eNom (116), Directi/PDR (47), Dotster
> (51), and Snapnames (104). Source: http://www.knujon.com/registrars/
--
Suresh Ramasubramanian (ops.li...@gmail.com)
If our friend here is checking for spamhaus.rg he's out of luck. I am
sure he'll have better luck checking for spamhaus.ORG instead
--srs
On Thu, Dec 31, 2009 at 6:41 PM, John Peach wrote:
> On Thu, 31 Dec 2009 12:28:41 +0100 (CET)
> Raymond Dijkxhoorn wrote:
>
>> > Are this Blacklistservers s
t; - - ferg
>
> [1] http://en.wikipedia.org/wiki/Mutual_Legal_Assistance_Treaty
--
Suresh Ramasubramanian (ops.li...@gmail.com)
er issued by a competent court in a public hearing (and no,
> administrative tribunals are not courts of law).
>
Wow. I always knew there existed some alternate universe where the
RBN were actually the good guys. Didn't expect to find it so fast,
and on nanog at that.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
; Are any of your customers multinationals?
What would you do if a shell company (the european equivalent of a LLC
with a UPS store address) came to you with a large sized PA netblock
from out of region, and asked you to route it for them?
--
Suresh Ramasubramanian (ops.li...@gmail.com)
wrote:
> Sounds like a snowshoe setup to me.
>
> Tony.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
s not to present details of tools,
> but rather a rough taxonomy. Feel free to suggest tools you find useful.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
(or outbound) mail.
>
> Since the RDNS domain is different, and in fact generic, which helps
> avoid assisting the spammer in identifying the IP as an inbound
> mail server.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
buse, relay, etc all seem to be
> deadends.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
s the same procedure as the mail administrator does which is
> to e-mail blockedbyearthlink@ address with the subject BLOCKED:
> xxx.xxx.xxx.xxx (replace with the ip) and if it is blocked they will unblock
> you. Sadly, I tried that already.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
etc accounts
>> 2. Spam generated by infected PCs / laptops, hacked machines etc on
>> your campus LAN
>
> 3. Spammers abusing your webmail and/or remote message submission service
> using phished credentials.
--
Suresh Ramasubramanian (ops.li...@gmail.com)
o a mail
> server before determining where to forward the connection onto (Layer 7
> stuff, gets a bit tricky)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
e because of
>> said issues.
>
> I'd prefer to not create a blacklist of hotels that have ghetto internet
> access, but perhaps this is something we can aggregate?
>
> I'm mostly tired of people saying the internet is http(s) only. Even had
> hotels in Japan do
e paper on this, like he does
on most other security related issues under the sun :)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
Remote hand found. Thank you.
Too damn early (5:23 AM) .. the box is at Sherman Oaks CA - near Los Angeles LA.
Sigh.
>> --Original Message--
>> From: Suresh Ramasubramanian
>> To: nanog@nanog.org
>> Subject: Remote hands requested near sherman oaks LA [urgent]
>> Sent: Dec 6, 2009 1
elp' for a list of commands
(initramfs):
--
Suresh Ramasubramanian (ops.li...@gmail.com)
On Fri, Dec 4, 2009 at 9:55 PM, Jeffrey Negro wrote:
> I'm wondering if a few DNS experts out there could give me some input on
> SPF record configuration. Our company sends out about 50k - 100k emails
> a day, and most emails are on behalf of customers to their end users at
SPF records aren't g
On Thu, Dec 3, 2009 at 10:35 PM, Matthew Huff wrote:
> We are seeing a large number of tcp connection attempts to ports known to
> have security issues. The source addresses are spoofed from our address
> range. They are easy to block at our border router obviously, but the number
> and volume
301 - 400 of 555 matches
Mail list logo