Re: Novartis and Qwest AS209

2014-03-06 Thread Christopher Morrow
guessing that 209 registered some objects on behalf of novartis/customer? novartis isn't qwest who's now centurylink anyway. On Wed, Mar 5, 2014 at 2:02 PM, Jmac wrote: > All, I haven¹t posted something to Nanog in probably 10 years so forgive my > ignorance on protocol. I am sure this has been

Re: .org dns trouble?

2014-03-13 Thread Christopher Morrow
time travel, they haz it. On Thu, Mar 13, 2014 at 2:05 PM, Mike wrote: > Hi, > > Sorry if there's another list for this, but Im observing a strange problem > with a .org domain. Right now when I query dns, I am getting only a SOA for > '.org' which looks like this: > > > > dig -t ns somedomain.o

Re: 59.229.189.0/24

2014-03-24 Thread Christopher Morrow
On Mon, Mar 24, 2014 at 4:49 PM, greg whynott wrote: > 59.229.189.0 $ whois -h whois.cymru.com 59.229.189.0 AS | IP | AS Name NA | 59.229.189.0 | NA cymru seems to think there's no route for that network. my network agrees.

Re: BGPMON Alert Questions

2014-04-03 Thread Christopher Morrow
On Thu, Apr 3, 2014 at 9:15 AM, Mark Tinka wrote: > On Thursday, April 03, 2014 02:51:20 PM Randy Bush wrote: > >> you want revenge or to prevent the effects of recurrence? > > I'd like to consider targeted suggestions for fixes that > address the specific challenges affecting "seasoned" > upstrea

Re: BGPMON Alert Questions

2014-04-03 Thread Christopher Morrow
On Thu, Apr 3, 2014 at 11:05 AM, Mark Tinka wrote: > On Thursday, April 03, 2014 03:55:11 PM Christopher Morrow > wrote: > >> I'm going to guess: >> 1) who's going to pay for the filtering setup work? > > Well, your customers are paying you to ensure

Re: BGPMON Alert Questions

2014-04-03 Thread Christopher Morrow
On Thu, Apr 3, 2014 at 2:31 PM, Tony Tauber wrote: > On Thu, Apr 3, 2014 at 11:13 AM, Christopher Morrow > wrote: > I know this old saw and sales people will apply pressure to Ops if their > customers balk at the extra overhead. > The time is now to push back, hard, against tha

Re: Anternet

2014-04-04 Thread Christopher Morrow
On Sat, Apr 5, 2014 at 2:32 AM, Andrew D Kirch wrote: > So, if there's more than 4 billion ants... what are they going to do? there will never be more than 4 billion ants. > On 4/5/2014 1:44 AM, Larry Sheldon wrote: >> >> >> Offered for your amusement--no followup. >> >> http://kottke.org/14/04/

Re: autoresponding to Yahoo DMARC breakage

2014-04-09 Thread Christopher Morrow
On Wed, Apr 9, 2014 at 6:27 PM, John R. Levine wrote: >>> The most "sane" out-of-mind response should only be sent *if* the >>> out-of-mind person is named explicitly as a recipient in the RFC822 >>> To: header. Anything To: somelist@somehost does not qualify :) > > > This highly effective trick

Re: Gmail contact please?

2014-04-11 Thread Christopher Morrow
ICMP 0/0 On Apr 11, 2014 1:02 PM, "Dave Rand" wrote: > Is there a good contact at Gmail that can take care of a persistant issue > for me? > > Thanks in advance, > > Dave Rand > d...@kelkea.com or d...@bungi.com > > -- > >

Re: DNSSEC?

2014-04-11 Thread Christopher Morrow
(But you should change your DNSSEC password) ;) /troll (so I don't get lots if mail like my procmail question caused) On Apr 11, 2014 3:35 PM, "Barry Shein" wrote: > > On April 11, 2014 at 11:44 do...@dougbarton.us (Doug Barton) wrote: > > On 04/11/2014 11:35 AM, Barry Shein wrote: > > > So, D

Re: DMARC -> CERT?

2014-04-14 Thread Christopher Morrow
On Mon, Apr 14, 2014 at 1:25 PM, Laszlo Hanyecz wrote: > By their statement it's obvious that yahoo doesn't care about what they > broke. It's > unfortunate that email has become so centralized that one entity can cause so > much 'trouble'. Maybe it's a good opportunity to encourage the affecte

Re: DMARC -> CERT?

2014-04-14 Thread Christopher Morrow
On Mon, Apr 14, 2014 at 4:10 PM, Scott Howard wrote: > Whilst I don't agree with the way that Yahoo has done this (particularly > around communication), how could they have communicated this better? how can we all learn from this? -chris

Re: DMARC -> CERT?

2014-04-14 Thread Christopher Morrow
On Mon, Apr 14, 2014 at 4:28 PM, Doug Barton wrote: > The obvious ones would have been to announce a flag day somewhere far enough > in advance to give list software devs time to adapt, and to work with list > software devs on a solution. where would they communicate this? on the blog that matt p

Re: DMARC -> CERT?

2014-04-14 Thread Christopher Morrow
On Mon, Apr 14, 2014 at 4:34 PM, Matthias Leisi wrote: > They could have communicated, as in "listen folks, we are going to make a > critical change that will affect mailing lists (etc...) in four weeks time". communicated it where? > They could have made the change not late on a Friday afternoo

Re: DMARC -> CERT?

2014-04-14 Thread Christopher Morrow
On Mon, Apr 14, 2014 at 4:44 PM, Scott Howard wrote: > On Mon, Apr 14, 2014 at 1:39 PM, Christopher Morrow > wrote: >> >> On Mon, Apr 14, 2014 at 4:34 PM, Matthias Leisi >> wrote: >> > They could have communicated, as in "listen folks, we are going to make

Re: Requirements for IPv6 Firewalls

2014-04-22 Thread Christopher Morrow
On Tue, Apr 22, 2014 at 2:55 PM, Brian Johnson wrote: > Eric, > > If you read what he posted and really believe that is what he is saying, you > need to re-think your career decision. It is obvious that he is not saying > that. > Roland's saying basically: 1) if you deploy something on 'the i

Re: Requirements for IPv6 Firewalls

2014-04-22 Thread Christopher Morrow
own to the design goals of the whole system. -chris > > > > Matthew Huff | 1 Manhattanville Rd > Director of Operations | Purchase, NY 10577 > OTA Management LLC | Phone: 914-460-4039 > > -Original Message- > From: Christopher Morrow [mailt

Re: Phase 4.

2014-04-24 Thread Christopher Morrow
On Thu, Apr 24, 2014 at 7:13 AM, Alain Hebert wrote: > Well, > > Sorry Bryan, > > Your post is just to awful to take seriously. I think you mean 'too awful to take seriously'.

Re: Paging HP DNS admin

2014-05-03 Thread Christopher Morrow
On Sat, May 3, 2014 at 10:02 PM, Mark Radabaugh wrote: > Either way - it breaks Sendmail, some versions of Exchange, and possibly > other MTA's. The proper answer to a non-existent record is NOERROR, > with ANSWER 0. if I ask ns1/2/3/4/5/6.hp.com directly for for onramp01.hpeprint.com

Re: Paging HP DNS admin

2014-05-03 Thread Christopher Morrow
On Sat, May 3, 2014 at 11:13 PM, Chris Adams wrote: > Once upon a time, Christopher Morrow said: >> if I ask ns1/2/3/4/5/6.hp.com directly for for onramp01.hpeprint.com.: >> >> ; <<>> DiG 9.8.1-P1 <<>> onramp01.hpeprint.com. @ns6.hp.co

Re: bgp convergence problem

2014-05-08 Thread Christopher Morrow
On Thu, May 8, 2014 at 1:51 AM, Mark Tinka wrote: > On Wednesday, May 07, 2014 07:28:46 PM Peter Rubenstein > wrote: > >> Operationally speaking, AS1 should not be leaking routes >> from one upstream to the other. Bad route policy. ideally it'd be nice to be valley-free... so to speak. >> Also,

Re: bgp convergence problem

2014-05-08 Thread Christopher Morrow
On Thu, May 8, 2014 at 10:51 AM, Mark Tinka wrote: > On Thursday, May 08, 2014 04:41:21 PM Christopher Morrow > wrote: > >> if only there were some technology that could be used to >> thwart such things. > > It's gotten to a point where a repeat offender has me wou

Re: Observations of an Internet Middleman (Level3)

2014-05-15 Thread Christopher Morrow
On Thu, May 15, 2014 at 1:06 PM, Ryan Brooks wrote: > On 5/15/14, 11:58 AM, Joe Greco wrote: >> >> 2) Netflix purchases 5Mbps "fast lane" >> > > I appreciate Joe's use of quotation marks here.A lot of the dialog has > included this 'fast lane' terminology, yet all of us know there's no 'fast >

Re: Observations of an Internet Middleman (Level3)

2014-05-15 Thread Christopher Morrow
es will kick in, I suspect. Sure, if there is only one it's not a problem, but there are already not just one... > > Scott Helms > Vice President of Technology > ZCorum > (678) 507-5000 > > http://twitter.com/kscotthelms > --

Re: Observations of an Internet Middleman (Level3)

2014-05-15 Thread Christopher Morrow
#x27;. -chris > > Scott Helms > Vice President of Technology > ZCorum > (678) 507-5000 > > http://twitter.com/kscotthelms > > > > On Thu, May 15, 2014 at 2:01 PM, Christopher Morrow > wrote: >> &g

Re: Observations of an Internet Middleman (Level3)

2014-05-16 Thread Christopher Morrow
On Fri, May 16, 2014 at 7:56 AM, Vinny Abello wrote: > I think he's questioning why packets from speedtest.comcast.net have CS1 if > everything is supposedly equal, and what that is used for. A quick Wireshark > shows that to be true right now running to your Plainfield, NJ speedtest > site, and

Re: Observations of an Internet Middleman (Level3) (was: RIP

2014-05-16 Thread Christopher Morrow
On Fri, May 16, 2014 at 2:47 PM, Blake Hudson wrote: > in the context of this discussion I think it's silly for a residential ISP > to purport themselves to be a neutral carrier of traffic and expect peering > ratios to be symmetric is 'symmetric traffic ratios' even relevant though? Peering is a

Re: Observations of an Internet Middleman (Level3) (was: RIP

2014-05-16 Thread Christopher Morrow
On Fri, May 16, 2014 at 3:15 PM, Matthew Petach wrote: > > > > On Fri, May 16, 2014 at 11:52 AM, Christopher Morrow > wrote: >> >> On Fri, May 16, 2014 at 2:47 PM, Blake Hudson wrote: >> > in the context of this discussion I think it's silly for a reside

Re: Observations of an Internet Middleman (Level3) (was: RIP

2014-05-16 Thread Christopher Morrow
On Fri, May 16, 2014 at 3:11 PM, Blake Hudson wrote: > > Christopher Morrow wrote the following on 5/16/2014 1:52 PM: > >> On Fri, May 16, 2014 at 2:47 PM, Blake Hudson wrote: >>> >>> in the context of this discussion I think it's silly for a residential >

Re: IPv6 at 50% for VZW (Re: NAT IP and Google)

2014-05-22 Thread Christopher Morrow
On Thu, May 22, 2014 at 8:41 AM, Jared Mauch wrote: > I remind vendors when I talk to them, "IPv6 first, then IP classic(tm)". Coke Classic managed to outlast NewCoke... pattern repeating?

Re: IPv6 at 50% for VZW (Re: NAT IP and Google)

2014-05-22 Thread Christopher Morrow
On Fri, May 23, 2014 at 1:24 AM, Julien Goodwin wrote: > On 23/05/14 11:21, Jared Mauch wrote: >> You can't cater to everyones broken network. I can't reach 1.1.1.1 from >> here either, but sometimes when I travel I can, even with TTL=1. At some >> point folks have to fix what's broken. > > 1.

Re: crave your indulgence

2014-05-27 Thread Christopher Morrow
Measurement: 1666834 should be bill's measurement request... 50 icmptraceroutes from around the globez. On Tue, May 27, 2014 at 2:35 PM, Brian Rak wrote: > This seems like a perfect use for ATLAS: https://atlas.ripe.net/ > > > On 5/27/2014 2:28 PM, manning bill wrote: >> >> If you wouldn’t mind a

Re: ipmi access

2014-06-02 Thread Christopher Morrow
On Mon, Jun 2, 2014 at 11:11 AM, Randy Bush wrote: >> My IPMI (super micro) you can put v6 and v4 filters into for >> protecting the ip space from trusted sources. > > cool. can i put in "star alliance?" :) restfulwhois look up for gogoinflight ... done.

Re: ipmi access

2014-06-02 Thread Christopher Morrow
On Mon, Jun 2, 2014 at 12:14 PM, Blake Hudson wrote: > We just reported a bug to Dell regarding their last 2 generations of remote > access controllers where the firewall rules only apply to TCP and not to > ICMP or UDP. Their first response was to replace the motherboard. Second > response was th

Re: ipmi access

2014-06-02 Thread Christopher Morrow
On Mon, Jun 2, 2014 at 1:32 PM, Nikolay Shopik wrote: > > On 02/06/14 20:56, Christopher Morrow wrote: >> >> so... as per usual: >>1) embedded devices suck rocks >>2) no updates or sanity expected anytime soon in same >>3) protect yourself, or

Re: ipmi access

2014-06-02 Thread Christopher Morrow
On Mon, Jun 2, 2014 at 3:19 PM, Nikolay Shopik wrote: > Java only used for mouting images. KVM is transfered via VNC protocol iirc. hahaha! not on a Dell/drac ;( where it's some goofy key'd (xor'd I think?) vnc bastardization :(

Re: question about bogon prefix

2014-06-09 Thread Christopher Morrow
On Mon, Jun 9, 2014 at 11:00 PM, Song Li wrote: > Hi everyone, > > I found many ISP announced bogon prefix, for example: sad, right? > OriginAS Announcement Description > AS7018 172.116.0.0/24 unallocated > AS209 209.193.112.0/20 unallocated > > my question is why the tier1 and other ISP ann

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Wed, Jun 18, 2014 at 9:13 PM, Edward Arthurs wrote: > There are several obstacles to overcome, IMHO > 1. The companies at the mid size and smaller levels have to invest in newer > equipment that handles IPV6. if they have gear made in the last 7yrs it's likely already got the right bits for v6

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 1:51 PM, Barry Shein wrote: > > Really. You're really completely discounting ICANN in having any > leadership or participative role in the IPv4/IPv6 transition? > What leadership position have you seen them take ASIDE from marketing (in the last 2-3 yrs, but most of that h

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 11:11 AM, Justin M. Streiner wrote: > On Thu, 19 Jun 2014, Christopher Morrow wrote: > >>> 2. The network Admins at the above mentioned companies need to learn >>> IPV6, >>> most will want there company to pay the bill for this. >>

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 1:53 PM, Edward Arthurs wrote: > The difference between IPV4 and IPV6 for someone not familiar is huge, > 1. There is a totally new format dotted decimal to colon. > 2. The 32 bit to 128 bit is/or can be quite challenging for some net admins. these seem like the smallest o

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 2:32 PM, Edward Arthurs wrote: > You are correct, but this is the tip of the iceberg as other configurations > will need to come into play as pointed out by several people on this thread. > This learning curve is not impossible, if the net admin really applies > his/her s

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 4:27 PM, Lee Howard wrote: > > How does IPv6 to end users make IPv4 unnecessary for growth, if > enterprises and content providers haven't deployed IPv6? content folk are mostly getting v6 done already, right? (minus AWS/etc which are on-plan to deploy as near as I can tel

Re: Ars Technica on IPv4 exhaustion

2014-06-19 Thread Christopher Morrow
On Thu, Jun 19, 2014 at 5:24 PM, Lee Howard wrote: > > > On 6/19/14 4:30 PM, "Christopher Morrow" wrote: > >>On Thu, Jun 19, 2014 at 4:27 PM, Lee Howard wrote: >>> >>> How does IPv6 to end users make IPv4 unnecessary for growth, if >>>

Re: MACsec SFP

2014-06-24 Thread Christopher Morrow
On Tue, Jun 24, 2014 at 3:59 AM, Pieter Hulshoff wrote: > features they should have. I'll then try to build a business case to get the > product developed. MACsec is currently on the top of my own list, but I'll > gladly pass other ideas to my colleagues. what would be your key management strate

Re: MACsec SFP

2014-06-24 Thread Christopher Morrow
On Tue, Jun 24, 2014 at 9:59 AM, Pieter Hulshoff wrote: > On 24-6-2014 15:50, Christopher Morrow wrote: >> >> On Tue, Jun 24, 2014 at 3:59 AM, Pieter Hulshoff >> wrote: >> >>> features they should have. I'll then try to build a business case to get

Re: MACsec SFP

2014-06-24 Thread Christopher Morrow
On Tue, Jun 24, 2014 at 12:07 PM, Saku Ytti wrote: > On (2014-06-24 11:50 -0400), Christopher Morrow wrote: > >> Programmable seems like the way to go, provided there's a path to do >> that in the cli of the device you plugged the SFP into? (which I think >> is

Re: MACsec SFP

2014-06-24 Thread Christopher Morrow
On Tue, Jun 24, 2014 at 1:19 PM, Saku Ytti wrote: > On (2014-06-24 12:30 -0400), Christopher Morrow wrote: > >> it's going to be hard to schedule a key roll then, right? I would >> expect that in most/many deployments where someone enters a 'key' >> there

Re: MACsec SFP

2014-06-24 Thread Christopher Morrow
On Tue, Jun 24, 2014 at 6:30 PM, Randy Bush wrote: >>> Solution could be same as for tunable optics, first you tune with >>> eeprommer until CLI gets support. >>> Remote legs could have their own eeprommer, which can be easy enough >>> to use not to require training and costs like 10EUR. >> it's g

Re: MACsec SFP

2014-06-25 Thread Christopher Morrow
1:27 PM, Pieter Hulshoff > wrote: > >> On 24-06-14 17:50, Christopher Morrow wrote: >> >>> So.. now when my SFP in Elbonia dies I need to get a truck to Elbonia >>> AND it's paired link in west caledonia? yikes. Also, is that a >>> 'ybFxasasda

Re: MACsec SFP

2014-06-25 Thread Christopher Morrow
On Wed, Jun 25, 2014 at 4:51 PM, Pieter Hulshoff wrote: > On 25-06-14 22:45, Christopher Morrow wrote: >> >> today you program the key (on switches that do macsec, not in an SFP >> that does it for you, cause those don't exist, yet) in your router >> config and as

Re: hotmail email issues today?

2014-07-09 Thread Christopher Morrow
it's not clear (to me at least) that hotmail has deployed any DMARC config at all, actually: $ dig txt _dmarc.hotmail.com +short $ dig txt _dmarc.outlook.com +short no results... but: $ dig txt _dmarc.gmail.com +short "v=DMARC1\; p=none\; rua=mailto:mailauth-repo...@google.com"; On Wed, Jul 9, 2

Re: Verizon Public Policy on Netflix

2014-07-11 Thread Christopher Morrow
On Fri, Jul 11, 2014 at 3:07 PM, Blake Hudson wrote: > > joel jaeggli wrote the following on 7/11/2014 1:39 PM: > >> CDN's choose which exit the use all the time, it's kinda the raison de >> etré. they do this with DNS changes for client requests... pushing a customer to an endpoint reachable acr

Re: Inevitable death, was Re: Verizon Public Policy on Netflix

2014-07-14 Thread Christopher Morrow
On Mon, Jul 14, 2014 at 11:51 PM, Brett Glass wrote: > Netflix's arrangement isn't "peeering." (They call it that, misleadingly, as > a way of attempting to characterize the connection as one that doesn't > require money to change hands.) 'peering' here probably really means 'bgp peer', and it pr

Re: Multi-Vendor Configuration Pusher

2014-07-15 Thread Christopher Morrow
On Mon, Jul 14, 2014 at 9:18 AM, Ryan Shea wrote: > I have a chunk of code for a multi-vendor configuration push tool under the > Apache 2.0 > license. Some of you may be interested. > > https://code.google.com/p/ldpush/ > (as a contributor and user externally of this code) excellent :) > This i

Re: DDoS mitigation Equinix?

2014-07-20 Thread Christopher Morrow
isn't the offering just a whiteboxed verisgn/prolexic equivalent though? On Sat, Jul 19, 2014 at 3:51 AM, Paul S. wrote: > This is done by performing some sort of filtering / acling, be it proactive > or reactive on the traffic before it's handed off to you. > > How exactly EQX' solution is engin

Re: DDoS mitigation Equinix?

2014-07-20 Thread Christopher Morrow
On Sun, Jul 20, 2014 at 10:32 AM, Ameen Pishdadi wrote: > Equinix doesn't provide Ddos protection , cloud flare is able to mitigate > attacks by spreading out the traffic across 20-30 different pops which are > mostly located at Equinix. Cloud flare is pretty much a cdn , people have > been us

Re: DDoS mitigation Equinix?

2014-07-20 Thread Christopher Morrow
On Sun, Jul 20, 2014 at 2:54 PM, Ameen Pishdadi wrote: > It was none of the mentioned , didn't wanna come off as advertising .. > Gigenet is the company > ok, cool the OP probably is interested... thanks! > Sent from my iPhone > >> On Jul 20, 2014, at 1:51 PM, Chr

Re: Muni Fiber and Politics

2014-07-21 Thread Christopher Morrow
On Mon, Jul 21, 2014 at 1:28 PM, Scott Helms wrote: > I am equally certain that some there > were some folks, perhaps lawyers, who said this gives us a better position > to argue from if we need to against Netflix. wasn't this part of the verizon network specifically NOT the red part in the veri

Re: ICANN to allow commercial gTLDs

2011-06-17 Thread Christopher Morrow
too late... someone sign up for .nanog! On Fri, Jun 17, 2011 at 5:04 PM, Jay Ashworth wrote: > Aw, Jeezus. > > No.  Just, no. > >  http://tech.slashdot.org/story/11/06/17/202245/ > > Cjeers, > -- jra > -- > Jay R. Ashworth                  Baylink                       > j...@baylink.com > Desig

coresite in reston?

2011-06-21 Thread Christopher Morrow
apparently had a bad day? fbi raid? (happy to lend a hand if folk who aren't local need assistance getting things put back together... wkumari used to run a list at: newhere.co

Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))

2011-07-15 Thread Christopher Morrow
On Thu, Jul 14, 2011 at 9:47 PM, Owen DeLong wrote: > > Very true. This is where Mr. Wheeler's arguments depart from reality. He's > right > in that the problem can't be truly fixed without some very complicated code > added > to lots of devices, but, it can be mitigated relatively easily and m

Re: OOB

2011-07-26 Thread Christopher Morrow
On Tue, Jul 26, 2011 at 10:03 AM, Paul Stewart wrote: > We do everything in-band with strict monitoring/policies in place. what do you do if your in-band fails? if a router/switch/ROADM is isolated from the rest of your network? (isn't that the core point of the OP?) > -Original Message-

Re: OOB

2011-07-26 Thread Christopher Morrow
(or the problemchild itself) 2) think about a solution to provide OOB access via another infrastructure? Presume you can figure the costs as well so loss of a node/set-of-nodes SLA-wise is more expensive than 1yr of oob access? -chris > > -Original Message- > From: christopher.mor...@gm

Re: OOB

2011-07-26 Thread Christopher Morrow
On Tue, Jul 26, 2011 at 5:34 PM, Måns Nilsson wrote: > Subject: Re: OOB Date: Tue, Jul 26, 2011 at 10:14:21AM -0400 Quoting > Christopher Morrow (morrowc.li...@gmail.com): >> On Tue, Jul 26, 2011 at 10:03 AM, Paul Stewart wrote: >> > We do everything in-band with strict m

Re: US internet providers hijacking users' search queries

2011-08-08 Thread Christopher Morrow
On Sat, Aug 6, 2011 at 10:03 PM, Scott Helms wrote: > Not trying to be obtuse, but none of the technical docs you cite appear to > talk about HTTP proxies nor does the newswire report have any technical > details.  I have tested several of the networks listed in the report and in > none of the cas

Re: US internet providers hijacking users' search queries

2011-08-08 Thread Christopher Morrow
On Mon, Aug 8, 2011 at 7:47 PM, Cameron Byrne wrote: > > On Aug 8, 2011 4:24 PM, "Christopher Morrow" > wrote: >> >> On Sat, Aug 6, 2011 at 10:03 PM, Scott Helms >> wrote: >> > Not trying to be obtuse, but none of the technical docs you cite appear

Re: US internet providers hijacking users' search queries

2011-08-08 Thread Christopher Morrow
On Mon, Aug 8, 2011 at 7:57 PM, Oren Levin wrote: > On 8/7/11 12:10 PM, Joe Provo wrote: >> >> This is finally something new, and I retract my assertion that the new >> scientist got it wrong. Drilling through to actual evidence and details, >> rather than descriptions which match previous behavio

Re: US internet providers hijacking users' search queries

2011-08-09 Thread Christopher Morrow
On Mon, Aug 8, 2011 at 11:52 PM, David Conrad wrote: > Chris, > > On Aug 8, 2011, at 2:56 PM, Christopher Morrow wrote: >> messing with basic plumbing will have unintended consequences, they will be >> bad. >> >> If the users her WANT to have this experience

Re: (O.T.) The 10 Most Bizarre and Annoying Causes of Fiber Cuts

2011-08-09 Thread Christopher Morrow
and the number 1 threat ... suprisingly no Bears! On Tue, Aug 9, 2011 at 1:17 AM, Michael Painter wrote: > http://blog.level3.com/2011/08/04/the-10-most-bizarre-and-annoying-causes-of-fiber-cuts/ > >

Re: network issue help

2011-08-10 Thread Christopher Morrow
On Wed, Aug 10, 2011 at 8:39 PM, Matthew Palmer wrote: > On Wed, Aug 10, 2011 at 07:33:53PM -0400, Stefan Fouant wrote: >> Is there an acronym for RTFM when there are a volume of manuals that need to >> be read? > > FOAD, perhaps? folks do get that deric's primary language isn't English right? s

Re: network issue help

2011-08-10 Thread Christopher Morrow
On Wed, Aug 10, 2011 at 9:43 PM, Carlos Kamtha wrote: > On Wed, Aug 10, 2011 at 09:22:11PM -0400, Christopher Morrow wrote: >> On Wed, Aug 10, 2011 at 8:39 PM, Matthew Palmer wrote: >> > On Wed, Aug 10, 2011 at 07:33:53PM -0400, Stefan Fouant wrote: >> >> Is there

Re: 4g hack

2011-08-11 Thread Christopher Morrow
On Thu, Aug 11, 2011 at 2:32 AM, Charles N Wyble wrote: > http://seclists.org/fulldisclosure/2011/Aug/76 > > Wondering what folks think about this? If this was true then we just > entered a whole new era of mass WAN exploitation. > This isn't really all that new is it? haven't people been able to

Re: Verizon Business - LTE?

2011-08-15 Thread Christopher Morrow
On Mon, Aug 15, 2011 at 10:28 PM, chris wrote: > I've apparently hit some kind of magic bw limit. My 4G LTE is now magically > fixed at max 1.5mbps > > Last month's usage was about 200gb. > > cmon verizon seriously :( they've been fairly public about 'unlimited' != "unlimited" cause basically yo

Re: Verizon Business - LTE?

2011-08-16 Thread Christopher Morrow
On Tue, Aug 16, 2011 at 10:24 AM, Leo Bicknell wrote: > In a message written on Mon, Aug 15, 2011 at 11:34:50PM -0400, Christopher > Morrow wrote: >> On Mon, Aug 15, 2011 at 10:28 PM, chris wrote: >> > I've apparently hit some kind of magic bw limit. My 4G LTE is now m

Re: Verizon Business - LTE?

2011-08-16 Thread Christopher Morrow
On Tue, Aug 16, 2011 at 10:37 AM, Leo Bicknell wrote: > In a message written on Tue, Aug 16, 2011 at 10:29:13AM -0400, Christopher > Morrow wrote: >> > PCMag did the math, you can use up the 5GB alotment in 32 minutes >> > with LTE.  Seems like as the speeds get f

Re: Verizon Business - LTE?

2011-08-16 Thread Christopher Morrow
On Tue, Aug 16, 2011 at 11:49 AM, chris wrote: > Overall, IMO the trends are just seem to be going backwards. We have more > speed but we can use it less? What kind of technology advancement is that? I think you're thinking of this the wrong way 'round ... the carriers are doing better:) see, it'

Re: Verizon Business - LTE?

2011-08-16 Thread Christopher Morrow
On Tue, Aug 16, 2011 at 1:15 PM, Cameron Byrne wrote: > Really, any phone you buy free and clear without > subsidy and contract should work fine as a phone with a prepaid sim except for the fact that mobile carriers CAN do these monkey business moves (note that tmo seems to NOT do these things,

Re: Cogent --> Google Public DNS routing issue

2011-08-16 Thread Christopher Morrow
On Wed, Aug 17, 2011 at 12:09 AM, Robert Glover wrote: > Hello, > > We have noticed that from our Cogent link (as well as from ALL U.S. based > points we tested via the Cogent Looking Glass: > http://www.cogentco.com/en/network/looking-glass), traceroutes to 8.8.8.8 > and 8.8.5.5 all seem to go ov

Re: Verizon Business - LTE?

2011-08-17 Thread Christopher Morrow
On Wed, Aug 17, 2011 at 2:52 AM, Måns Nilsson wrote: > Subject: Re: Verizon Business - LTE? Date: Tue, Aug 16, 2011 at 11:49:38AM > -0400 Quoting chris (tknch...@gmail.com): > > OTOH, never underestimate "Because we can". in their own words (vzw)[1]: "Verizon Communications (NYSE: VZ) provided

Re: Saudi Telecom sending route with invalid attributes 212.118.142.0/24

2011-09-10 Thread Christopher Morrow
On Fri, Sep 9, 2011 at 9:26 PM, Kyle Duren wrote: > Is this announcement still showing up this way (no easy way to check > myself). ripe ris? > -Kyle > > On Thu, Sep 8, 2011 at 4:20 PM, Clay Haynes wrote: > >> On Thu, Sep 8, 2011 at 7:11 PM, Jonas Frey (Probe Networks) < >> j...@probe-networks.

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

2011-09-11 Thread Christopher Morrow
somewhat rhetorically... On Sun, Sep 11, 2011 at 2:30 AM, Damian Menscher wrote: > Because of that lost trust, any cross-signed cert would likely be revoked by > the browsers.  It would also make the browser vendors question whether the > signing CA is worthy of their trust. given a list of ca'

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

2011-09-11 Thread Christopher Morrow
On Sun, Sep 11, 2011 at 3:37 PM, wrote: > On Sun, 11 Sep 2011 13:00:09 MDT, Keith Medcalf said: >> The current system provides no more authentication or confidentiality >> than if everyone simply used self-signed certificates. > > Not strictly true.  The current system at least gives you "you hav

Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

2011-09-11 Thread Christopher Morrow
On Sun, Sep 11, 2011 at 2:44 PM, Mike Jones wrote: > EV certificates have a > different status and probably still need the CA model what's the real benefit of an EV cert? (to the service owner, not the CA, the CA benefit is pretty clearly $$) -chris (I've never seen the value in EV or even DV ce

Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

2011-09-11 Thread Christopher Morrow
On Sun, Sep 11, 2011 at 10:23 PM, Jimmy Hess wrote: > On Sun, Sep 11, 2011 at 9:08 PM, Christopher Morrow > wrote: > >> what's the real benefit of an EV cert? (to the service owner, not the >> CA, the CA benefit is pretty clearly $$) > > The benefit is to the end

Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

2011-09-11 Thread Christopher Morrow
On Sun, Sep 11, 2011 at 11:06 PM, Hughes, Scott GRE-MG wrote: > Companies that wrap their services with generic domain names (paymybills.com > and the like) have no one to blame but themselves when they are targeted by > scammers and phishing schemes. Even EV certificates don't help when consume

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

2011-09-12 Thread Christopher Morrow
On Mon, Sep 12, 2011 at 4:39 AM, wrote: > On Sun, 11 Sep 2011 22:01:47 EDT, Christopher Morrow said: >> If I have a thawte cert for valdis.com on host A and one from comodo >> on host B... which is the right one? > > You wouldn't have 2 certs for that... I'd h

Re: Disappointing ARIN - A great advertisement for the USA ?

2011-09-12 Thread Christopher Morrow
On Mon, Sep 12, 2011 at 12:53 PM, Jon Lewis wrote: > On Mon, 12 Sep 2011, Eric Krichbaum wrote: > >> That was on June 25th according to Mark Kosters.  They started to answer >> with both the parent and delegated objects.  That hosed the way RWHOIS >> data >> was being reported to most things as th

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

2011-09-12 Thread Christopher Morrow
On Mon, Sep 12, 2011 at 1:39 PM, Robert Bonomi wrote: > >> Date: Mon, 12 Sep 2011 11:22:11 -0400 >> Subject: Re: Microsoft deems all DigiNotar certificates untrustworthy, >>  releases updates >> From: Christopher Morrow >> >> I think I need a method that th

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

2011-09-13 Thread Christopher Morrow
On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klaver wrote: > At 22-07-28164 20:59, Tei wrote: >> >> *a random php programmer shows* >> >> He, I just want to self-sign my CERT's and remove the ugly warning that >> browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I >> just don't

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

2011-09-13 Thread Christopher Morrow
On Tue, Sep 13, 2011 at 11:33 PM, Jima wrote: > On 2011-09-13 20:26, Christopher Morrow wrote: >> >> On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klaver >>  wrote: >>> >>> No need for (financial) pain, there are free of charge ssl certificates >&

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

2011-09-13 Thread Christopher Morrow
On Tue, Sep 13, 2011 at 11:44 PM, Christopher Morrow wrote: > On Tue, Sep 13, 2011 at 11:33 PM, Jima wrote: >> On 2011-09-13 20:26, Christopher Morrow wrote: >>> >>> On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klaver >>>  wrote: >>>> >>>>

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

2011-09-14 Thread Christopher Morrow
On Tue, Sep 13, 2011 at 11:55 PM, Ted Cooper wrote: > > As claimed by the DigiNotar hacker - He compromised their servers but > Eddy was manually approving certs at the time and so no certs were signed. > > There was information about it on the site, but it seems to be gone now. > Articles still s

Re: routing issue for verizon dsl customers in western massachusetts

2011-09-15 Thread Christopher Morrow
On Thu, Sep 15, 2011 at 3:34 PM, Brian Gold wrote: > Hello all, I posted this to the tech@lopsa mailing list and was advised to > repost it here. If anyone can help, I would be very happy to avoid having to > deal with hours more of Verizon level 1 tech support. > > > > Over the past week, we've d

Re: routing issue for verizon dsl customers in western massachusetts

2011-09-15 Thread Christopher Morrow
On Thu, Sep 15, 2011 at 4:13 PM, Steve Bohrer wrote: > On Sep 15, 2011, at 3:39 PM, Christopher Morrow wrote: > >> On Thu, Sep 15, 2011 at 3:34 PM, Brian Gold wrote: >>> >>> Over the past week, we've discovered that there is an issue with the way >>>

Re: Disappointing ARIN - A great advertisement for the USA ?

2011-09-15 Thread Christopher Morrow
I hate to beat/stab a dead horsey, but I found this by happenstance: which describes some of the differences between RWS output and traditional output. For the scripty-minded folks out there: $ wget -O - -q http://whois.arin.net/rest/ip/1

Re: Traceroute losses through NYC1.gblx.net?

2011-09-16 Thread Christopher Morrow
On Fri, Sep 16, 2011 at 2:42 PM, Steve Bohrer wrote: > Can I expect that backbone routers should never give me timeouts on a > traceroute through them, so, lots of asterisks from these systems indicate a > packet loss problem that needs to be fixed? something inside the router has to make the ic

Re: Saudi Telecom sending route with invalid attributes 212.118.142.0/24 - Redux

2011-09-19 Thread Christopher Morrow
t;> >> Aftab A. Siddiqui >> >> >> On Sun, Sep 11, 2011 at 3:26 AM, Richard Barnes >> wrote: >> >>> Looks like the RIS collectors are seeing it originating mostly from >>> STC and KACST ASNs: >>> <http://stat.ripe.net/212.118.142.0/24

Re: Saudi Telecom sending route with invalid attributes 212.118.142.0/24 - Redux

2011-09-19 Thread Christopher Morrow
suliman.alz...@saudi.net.sa - bounces :( Ripe folks (if listening) perhaps you could ping the other live POC's there and request an update? :) On Mon, Sep 19, 2011 at 4:54 PM, Christopher Morrow wrote: > In the off chance that no one already attempted an email to the folks > nominall

Re: Saudi Telecom sending route with invalid attributes 212.118.142.0/24 - Redux

2011-09-19 Thread Christopher Morrow
On Mon, Sep 19, 2011 at 5:17 PM, Erik Bais wrote: > Hi Chris, > > I've send an email to the person I know within STC responsible for > international transit. > > Let's hope he can assist. excellent! :) >> -----Original Message- >> From: Christophe

<    3   4   5   6   7   8   9   10   11   12   >