At 08:51 PM 2/9/2004, Suresh Ramasubramanian wrote:
till such time as resolver patches in existence are modified if
necessary to cope with the new edition of sitefinder.
Suresh,
You clearly aren't having enough fun playing Whack-A-Mole with spammers,
now you get to play Whack-A-Mole with
[I'm sure that Paul Vixie knows the difference but others may not and
the Washington Post paper, mentioned at the beginning of the thread,
was quite confused.]
On Tue, Feb 10, 2004 at 04:37:09AM +,
Paul Vixie [EMAIL PROTECTED] wrote
a message of 22 lines which said:
why? that is, why
(Yes, that's an operational issue - if they are harvesting and selling a
list of known-good From: addresses on misrouted mail, this will eventually
end up adding to spam - and that's operational)
Site Finder on its own added to spam; spam volumes increased as the number
of sender domain does
Your staff will still get a ton of complaints. If these can
be parsed by a script that looks for virus / trojan strings in the
complaint,extracts the IP (or has your NOC dude just click the IP in his
ticketing system, like in RT + IRTT) and the account just goes away - then
fine.
So you
Steve Birnbaum wrote:
So you want a major ISP to simply automatically disable accounts of its
users based only on automated detection of an IP address and timestamp in
something that APPEARS to be a complaint to an automated script?
Hi
You have two things confused from my previous mail.
1. Set
Thanks! What are the capabilities that are looked for,
in a NMS for Internet??
--- Sean Donelan [EMAIL PROTECTED] wrote: On Tue,
10 Feb 2004, [iso-8859-1] Savitha Kumar
wrote:
them, accounting management which is one of the
FCAPS
functionality is not supported on any of the
NMS's.
So I guess my point is that after years of
resistance to Outlook, even I am reconsidering due to high user demand
and
a void in the market for a robust group calendaring and task management
application. Does anyone have any pointers for me. Something that fills
the
organizations needs and
We need to start with an Email Service Consortium with a code of email
server practices in which the larger ISPs agree to stop accepting SMTP
connections from anyone who is not in the consortium or a customer.
This
will get everyone implementing a set of well-known and consistent
controls.
Hmmm ... ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-latest exists
and ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest as
well ...
Yep, my bad, I was only using ftp.arin.net to pull the data for all 4
RIRs. ARIN doesn't have the symlinks for ripe lacnic latest files.
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
itojun
% dig
-BEGIN PGP SIGNED MESSAGE-
Jun-ichiro itojun Hagino wrote:
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
By fixing the software as ip6.int was deprecated 2
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
By fixing the software as ip6.int was deprecated 2 years+++
-BEGIN PGP SIGNED MESSAGE-
Jun-ichiro itojun Hagino wrote:
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame
delegation
of blah.ip6.int. ip6.arpa. query returns
On Tuesday, February 10, 2004 1:02 AM [GMT-5=EST], Scott Savage
[EMAIL PROTECTED] wrote:
When NXDOMAIN returned, the issue disappeared and we haven't tested it
again.
I can confirm this same type of issue with several clients of mine that run
microsoft networking stuff, suddenly were unable
If there is someone
on the list from Williams Telecom please contact me.
Thanks,
Wes Vaux, CCNA, CCDA Network Security Engineer,
9000 Regency Pkwy Ste 500 Cary, NC
27511 t 919.463.6782 f
919.463.1290
Global Knowledge Experts Teaching Experts http://www.globalknowledge.com
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
the ip6.int entry times out, no servers
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
By fixing the software as ip6.int was deprecated 2 years+++
ago as you
As I mentioned yesterday, the DoC is looking for public comment on IPv6.
http://www.ntia.doc.gov/reports.html
Specifically toward the end they ask:
In some instances, government has responded to concerns over potential
chicken and egg problems by playing an active role in the introduction of
At 08:37 PM 2/9/2004, Paul Vixie wrote:
the response you included...
There's an easy way to kill sitefinder stone cold dead.
...
It would be trivial to create a bot to start walking through every
possible 20 letter domain name - and if ICANN held them to the rules,
Verisign would be
As I mentioned yesterday, the DoC is looking for public comment on IPv6.
http://www.ntia.doc.gov/reports.html
Specifically toward the end they ask:
In some instances, government has responded to concerns over potential
chicken and egg problems by playing an active role in the introduction
On Tue, 10 Feb 2004, Matthew Crocker wrote:
Hmmm ... ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-latest exists
and ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest as
well ...
Yep, my bad, I was only using ftp.arin.net to pull the data for all 4
RIRs. ARIN doesn't
So, how do you explain that NIC France accepts the use of linux.fr
to someone who pretends to be the author proprietary of
the name linux and who IS NOT Linus Torvalds?
This reminds me of the times when people on the list
accused other list members of being closet spammers.
At the end
I still maintain that what sitefinder is trying to do is not really
wrong but it's the wrong way to go about it. This is functionality
that is strictly for web users. Why should every other protocol that
relies on domain name service be subject to this garbage?
If they want to partner with
-BEGIN PGP SIGNED MESSAGE-
Randy Bush wrote:
if i try to log into my machines back in tokyo by IPv6 SSH, it takes
very long time. i guess i found the reason - (possible) lame delegation
of blah.ip6.int. ip6.arpa. query returns instantly.
how could we fix it?
By fixing the
--On Tuesday, February 10, 2004 08:58 -0700 Wayne E. Bouchard
[EMAIL PROTECTED] wrote:
I still maintain that what sitefinder is trying to do is not really
wrong but it's the wrong way to go about it. This is functionality
that is strictly for web users. Why should every other protocol that
On Tuesday, February 10, 2004, at 11:24 AM, Michael Loftis wrote:
--On Tuesday, February 10, 2004 08:58 -0700 Wayne E. Bouchard
[EMAIL PROTECTED] wrote:
I still maintain that what sitefinder is trying to do is not really
wrong but it's the wrong way to go about it. This is functionality
On Tue, 10 Feb 2004, David Luyer wrote:
Site Finder on its own added to spam; spam volumes increased as the number
of sender domain does not resolve bounces dropped away.
That is a myth: http://www.xtdnet.nl/paul/spam/graphs/versign.png
If you want to blame spam on a single corporatin,
Now, from your logs, just how much legitimate mail do you get that comes
from an IP without PTR RR, and how much is that expressed as a
percentage of legitimate incoming mail to your lists? How much is that
as a percentage of spam inbound to your list [to be fair, let's make it
spam
Randy Bush wrote:
btw, i did give you a cursory answer to this. and i asked if you
would provide some data.
As I told you in another email, a good 40% of my mail on my personal
colo comes from sources without rDNS - mostly within India, from and to
some fairly large linux lists.
regards
On Tue, 10 Feb 2004, David Luyer wrote:
Site Finder on its own added to spam; spam volumes increased as
the number
of sender domain does not resolve bounces dropped away.
That is a myth: http://www.xtdnet.nl/paul/spam/graphs/versign.png
If you want to blame spam on a single corporatin,
Randy Bush wrote:
btw, i did give you a cursory answer to this. and i asked if you
would provide some data.
After all the filters that I use were applied - 682 unique IP addresses,
with no rDNS sent at least 6124 legitimate (assumed legitimate as not
caught by my filters) emails in the period
Paul Wouters wrote:
On Tue, 10 Feb 2004, David Luyer wrote:
Site Finder on its own added to spam; spam volumes increased as the number
of sender domain does not resolve bounces dropped away.
That is a myth: http://www.xtdnet.nl/paul/spam/graphs/versign.png
If you want to blame spam
2. isc already runs one (f-root).
You should be the authority IMO.
Do you have any particular reasons for requesting this, unless you can
demonstrate a problem then why change anything.
Also, if you spend some time thinking about this you will soon realise that its
a bad idea for one
On Tue, 10 Feb 2004 14:03:52 EST, Stephen J. Wilcox said:
Also, if you spend some time thinking about this you will soon realise that its
a bad idea for one organisation to control the roots. In fact it works nicely if
you find 13 different organisations.
I'll overlook the additional fact
On Tuesday, February 10, 2004, at 11:24 AM, Michael Loftis wrote:
--On Tuesday, February 10, 2004 08:58 -0700 Wayne E. Bouchard
[EMAIL PROTECTED] wrote:
I still maintain that what sitefinder is trying to do is not really
wrong but it's the wrong way to go about it. This is functionality
Most of the complaints seem centered around the management of the
servers [a-m].gtld-servers.net, which is a totally different beast.
So that would indeed be a different topic.
Is the problem with the management of the servers of the administration of the
com/net domains?
.. detail
Sorry for barging in to this fine mailing list like this; long time reader,
first time contributor.
We, as the Internet engineering community, have made a great mistake.
Actually, it wasn't even one large mistake, but a series of small ones.
Engineers are busy people, and most us work under the
On Tue, 10 Feb 2004 14:40:49 EST, Stephen J. Wilcox said:
Is the problem with the management of the servers of the administration of the
com/net domains?
By all accounts I've heard, the servers reliably serve up the contents of the
zones they have been given. The problem is that some people
On Tue, 10 Feb 2004, David Monosov wrote:
where there is power, there are struggles to take control over that power,
and exploit it. This is apparently one of the beauties of democratic
capitalism (under which I will be so bold to presume many of us live).
The United States is a republic,
On Tue, 10 Feb 2004, David Monosov wrote:
where there is power, there are struggles to take control over that power,
and exploit it. This is apparently one of the beauties of democratic
capitalism (under which I will be so bold to presume many of us live).
The United States is a
-BEGIN PGP SIGNED MESSAGE-
Mark Andrews wrote:
The correct fix to this will be to just stop making IP6.INT
queries.
The best think that could be done is for the PTB to install
IP6.INT. DNAME IP6.ARPA. *now*. This will allow the legacy
resolvers to
In article [EMAIL PROTECTED] you write:
-BEGIN PGP SIGNED MESSAGE-
Mark Andrews wrote:
The correct fix to this will be to just stop making IP6.INT
queries.
The best think that could be done is for the PTB to install
IP6.INT. DNAME IP6.ARPA. *now*. This will
Jun-ichiro itojun Hagino wrote:
if i try to log into my machines back in tokyo by IPv6 SSH, it takes very
long time. i guess i found the reason - (possible) lame delegation of
blah.ip6.int. ip6.arpa. query returns instantly. how could we fix it?
[EMAIL PROTECTED] (Jeroen Massar) writes:
[EMAIL PROTECTED] (David Monosov) writes:
...
Root servers, and the .net, .com (as well as .org) domains belong to the
world now; Welcome to the global democracy, brought to you by the ability
to send packets across the globe at the speed of light. We all rely on
them, and their management
Scott Weeks wrote:
On Mon, 9 Feb 2004, Matthew Crocker wrote:
: I've look at IANA but it doesn't give enough detailed information. I
: would like to find a list of /8 or /16s and what geographic region the
: exist in. I know it isn't an exact science but something close would
: be nice. I
Greetings,
Were a medium sized regional MSO/broadband provider
with 200k+ mailboxes, strongly considering enabling SMTP authentication on our
customer-facing SMTP mail servers. We feel this is the next logical step
to minimize our users UCE/virus impact (we already tarpit, virus scan, UCE
On Tue, Feb 10, 2004 at 08:42:29PM -0500, Dan Ellis wrote:
I'm looking for comments on whether this is generally seen as a positive
change or a waste of time (ie - will the next virus or worm gleam your
SMTP username and password from Outlook Express and use it to
replicate/SPAM)?
I've
On Tue, 10 Feb 2004, Scott Weeks wrote:
: exist in. I know it isn't an exact science but something close would
: be nice. I know 210/8 211/8 are APNIC, I likes to know stuff like
This only works for a certain percentage of networks. Most likely a
higher percentage post tech bubble
Jun-ichiro itojun Hagino wrote:
if i try to log into my machines back in tokyo by IPv6 SSH, it takes very
long time. i guess i found the reason - (possible) lame delegation of
blah.ip6.int. ip6.arpa. query returns instantly. how could we fix it?
[EMAIL PROTECTED] (Jeroen Massar)
I figured I wouldn't bore the rest of you
with this slight oddity I've come across in ExtremeWare that I am having
an issue getting resolved, but if anyone knows a decent deal about how these
switches really work, and doesn't mind giving me a hand, could you tag me
off list?
Thanks,
As I told you in another email, a good 40% of my mail on my personal
colo comes from sources without rDNS - mostly within India, from and to
some fairly large linux lists.
After all the filters that I use were applied - 682 unique IP addresses,
with no rDNS sent at least 6124 legitimate
Randy Bush wrote:
as your percentiles look worse than those here, do you think
it is indian dns maintenance or politics, or linux list
users, or both?
DNS maintenance, and cluelessness at several ISPs - quite a few ISPs
don't even have PTR RR for their smarthosts.
Luckily most of the larger
We're a medium sized regional MSO/broadband provider with 200k+
mailboxes, strongly considering enabling SMTP authentication on our
customer-facing SMTP mail servers.
We're relying exclusively on SMTP AUTH for SMTP relaying. The single
biggest issue is that it requires ongoing user
We have built an experimental system that aggregates IDS alerts by
sorting them into subnets, then associating them with routes from
the a view of the global BGP table, and in turn associates them with
their ASN. From there, we can create lists of security events as they
are related to the
[ interesting work ]
More to the point, should we consider using contact information in
maintainer objects as security incident POCs?
there is a related discussion about abuse-c: in route objects
going on over in the ripe-db wg/mauling list.
randy
On Wed, 07 Jan 2004, I posted:
They recently refreshed the platform with RSP16, VIP8, and MX. It's still
a viable platform for many medium size providers.
As an exercise see if you can determine when this 7513:
http://noc.ilan.net.il/stats/ILAN-CPU/new-gp-cpu.html
swapped from an RSP8 to an
Dear All!
My name is Enrico Riedel, and I'm a Graduate Student in Management
Information Systems at the University at Buffalo. Currently, I'm working
on my Master's Thesis, and researching the Metro Area Networks and Metro
Ethernet Networks from a technical, economical, and emerging practices
The animations from Tina Wong's Making Sense of BGP talk at NANOG-30
this morning are available at:
http://www.packetdesign.com/technology/presentations/nanog-30/index.htm
The animations are in SVG (a W3C graphics standard) and should be
viewable in any web browser but you'll probably have to
59 matches
Mail list logo