Sean,
SD ... A long-term end-to-end
SD identifier would let me immediately drop the specific infected computer's
SD traffic regardless of its rotating IP addresses, even if your abuse
What is to prevent rapid changes to the identifier, even more easily
than rapidly changing IP addresses?
In
For those interested in seeing how this has evolved, and what exactly
this particular accreditation database provides, our query pages have
been expanded, and include a link to the full suggested DNSL data
response codes.
The codes we use at present include:
127.0.0.1Listed in
On Tue, 2004-03-16 at 21:27, Mike Turner wrote:
I am currently looking for a statefull inspection firewall
that support asymmetric routing is there such a product?
Sounds like you are looking for an SI firewall that supports full load
balancing, not just high availability. FW-1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear All,
The RIPE NCC is pleased to announce that the Routing Information
Service's (RIS) second Remote Route Collector in North America,
RRC11, is now ready to peer with members at the New York
International Internet Exchange (NYIIX). The
thanks. but I use 127.0.0.0/8 for other stuff. Hope you don't mind.
For those interested in seeing how this has evolved, and what exactly
this particular accreditation database provides, our query pages have
been expanded, and include a link to the full suggested DNSL data
response
Netscreen rocks. They are record-breakingly sexy devices running the gamut
as far as networks they can be configured to service and they burlier beasties
are easily worthy of deployment on a carrier class network.
However, if you're looking to drop small change on a product that will not
be
On Tue, Mar 16, 2004 at 05:01:22PM -0600, Gregory Taylor said something to the effect
of:
..snip snip..
As discussed in a previous thread, I spoke about transparent bridging used for
packet filtering and mangling. On a small application, that might be a good idea,
because you get all of
The best option I guess is to figure out how important it is for you to have a
firewall,
_Everyone_ (network connected) should have a firewall. My grandma should
have a firewall. Nicole, holding dominion over this business network and
its critical infrastructure, should
On Wed, 17 Mar 2004 01:48:45 PST, Anne P. Mitchell, Esq. [EMAIL PROTECTED] said:
127.3.100.3Accepts unverified sign-ups, gives chance to opt out
127.3.100.5Has opt-in confirmation mechanism
127.3.100.6Has and uses opt-in confirmation mechanism
Also, the pricing seems a bit whacked - are you *really* expecting
sites that
have less than 30 customers to pay $200/month? I know a *lot* of
people
who have formed collectives of 10-15 people who chip in and get a 1U at
a colo
They are not email service providers; if you are talking
Stephen J. Wilcox wrote:
if the market for this is nanog and you're just looking for smtp/shell surely we
can manage this between ourselves without charge (ask your nanog buddy for a
shell as a favour).. I know I can and will do this
Well, I do have motives beyond outbound smtp.
I actually
On Wed, Mar 17, 2004 at 08:54:57AM -0800, bill said something to the effect of:
The best option I guess is to figure out how important it is for you to have a
firewall,
_Everyone_ (network connected) should have a firewall. My grandma should
have a firewall. Nicole, holding
_Everyone_ (network connected) should have a firewall.
Why?
Every network-connected device should have a security layer.
Firewalls provide a nice modular security layer and they
are cheap compared to the devices/networks that they protect.
When did the end2end
_Everyone_ (network connected) should have a firewall. My grandma should
have a firewall. Nicole, holding dominion over this business network and
its critical infrastructure, should _definitely_ have a firewall. ;)
By firewall, do you mean dedicated unit that does statefull filtering
Hi,
Federal agencies aren't doing enough to secure their
network systems, even as documented cyber-attacks
against the U.S. government continue to dramatically
rise, U.S. Rep. Adam Putnam (R-FL) said Thursday.
For more info check
http://www.internetnews.com/infra/article.php/3327081
Thanks,
The codes we use at present include:
127.0.0.1Listed in IADB
Hmmm... listed in my /etc/hosts as well.
Am I IADB compliant?
It's interesting to see how everyone tries to
reinvent LDAP on top of DNS and/or BGP instead of
just using the LDAP protocol itself.
Date: Wed, 17 Mar 2004 11:57:33 -0600
From: Rachael Treu [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
On Wed, Mar 17, 2004 at 08:54:57AM -0800, bill said something to the effect of:
The best option I guess is to figure out how important it is for you to have a
firewall,
On Wed, 17 Mar 2004, Janet Sullivan wrote:
How would this vetting process work? I'm willing to give other nanog
folks shell accounts on my machine in return for same, but I really
don't want to hand out accounts to packet kiddies.
Restrict it to people you've met or spoken to enough to
Hello Janet/List -
First, allow me to introduce myself, my name is Jonathan M. Slivko and I
work for InvisibleHand Networks, Inc. (http://www.invisiblehand.net).
Currently, we offer colocation and bandwidth services in the New
York/New Jersey market (Telehouse and Equinix to be precise). The
Depending on your chosen vendor the ACL cost is unlikely to be $0 - if you
steal CPU cycles from packet forwarding then you incur earlier router
upgrade costs and that has a NPV cost increase associated with it. It's just
not as obvious as a invoice for a firewall.
Matt.
-Original
Mike Damm wrote:
That being said, I've had the idea for a couple years now of getting enough
geeky folks together to rent a rack on both coasts and populate it with a
few different operating systems and bits of gear for just the reasons
outlined in this thread.
So if you decide to put something
Not _firewalling_, but access limitation. Grandma can live with PNAT
router - she do not need any firewall, if she do not grant external access
to anything. She can live with Windows _default deny_ setting. If grandma
have extra money, it is better to purchase anty-virus.
Moreover. Just for
On Wed, 17 Mar 2004, Jonathan M. Slivko wrote:
SNIP INTRO SALES BLURB
I look forward to talking to you soon.
Jonathan M. Slivko [EMAIL PROTECTED]
Sales/Network Operations Invisible Hand Networks, Inc.
I am currently doing a little of both sales/network admin at my
Folks,
We are now up and running at the LINX (London Internet
Exchange) and would like to invite folks at the LINX to
peer with route-views. You can get to the open CLI via
'telnet route-views.linx.routeviews.org' (of course,
nothing much there
I've a core switch (cisco 5505) with 10+ VLANs configured on that and a
cisco 7204 directly connected to it. 7204 then connects to my upstream and
we run BGP. we announce two different /21 blocks and was fine until last
week.
We got new /20 IP block and we advertised it (added to 7204 config).
Rachael Treu wrote:
_Everyone_ (network connected) should have a firewall. My grandma should
have a firewall. Nicole, holding dominion over this business network and
its critical infrastructure, should _definitely_ have a firewall. ;)
No, the applications should accept only authorized
Guys...firewall is as generic a term as any. Saying grandma needs a
router does not mean that an M20 is interchangeable with her Linksys.
The definition of firewall[1]:
1. A fireproof wall used as a barrier to prevent the spread of fire.
2. Computer Science. Any of a number of security
Firewall refers to access control. Firewall appliances are dedicated
machines that perform firewall functions.
ACLs on many router platforms are called firewalls. Juniper calls them
firewall filters.
My personal context was covered in a reply I sent earlier in this thread
that read:
On Wed, 2004-03-17 at 21:02, Petri Helenius wrote:
No, the applications should accept only authorized connections. If that
would be the case, there would be no need to filter at packet level.
No, since this would be assuming that each application is perfect and
there's no such thing as buffer
** Reply to message from Gerald [EMAIL PROTECTED] on Wed, 17 Mar 2004
14:22:25 -0500 (EST)
On Wed, 17 Mar 2004, Jonathan M. Slivko wrote:
SNIP INTRO SALES BLURB
I look forward to talking to you soon.
Jonathan M. Slivko [EMAIL PROTECTED]
Sales/Network Operations
On Wed, Mar 17, 2004 at 12:19:53PM -0500, Eric Gauthier said something to the effect
of:
_Everyone_ (network connected) should have a firewall. My grandma should
have a firewall. Nicole, holding dominion over this business network and
its critical infrastructure, should
In message [EMAIL PROTECTED], Petri Helenius writes:
No, the applications should accept only authorized connections. If that
would be the case, there would be no need to filter at packet level.
No. Quite apart from the fact that you mean authorized, not
authenticated, the primary purpose
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Erik Haagsman wrote:
| On Wed, 2004-03-17 at 21:02, Petri Helenius wrote:
|
|No, the applications should accept only authorized connections. If that
|would be the case, there would be no need to filter at packet level.
|
|
| No, since this would be
127.3.100.3 Accepts unverified sign-ups, gives chance to opt out
127.3.100.5 Has opt-in confirmation mechanism
127.3.100.6 Has and uses opt-in confirmation mechanism
127.3.100.10 All mailing list mail is confirmed opt-in
Hmm.. this is
Based on the response I've gotten off-list from people interested in
sharing our resources know-how with each other, I've just registered
net-co-op.org. In the next couple of days I'll set up a mailing list
and a basic web page.
Once the mailing list is set up, I'll post another message to
On Wed, 2004-03-17 at 21:44, Bruce Pinsky wrote:
Everything I've ever read about security (network or otherwise) suggests
that a layered approach increases effectiveness. I certainly don't trust a
firewall appliance as my only security device, so I also do prudent things
like disable ports
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
_
Check out MSN PC Safety Security to help ensure your PC is protected and
safe. http://specials.msn.com/msn/security.asp
On Wed, Mar 17, 2004 at 02:01:43PM -0700, Janet Sullivan wrote:
Based on the response I've gotten off-list from people interested in
sharing our resources know-how with each other, I've just registered
net-co-op.org. ...
Oh come on, what was .coop for if not this? :)
--
Daniel Medina
On Wed, Mar 17, 2004 at 09:48:30AM -0800, Kevin Oberman said something to the effect
of:
..snip snip..
I dislike firewalls for many applications, although I have a Sonic Wall
on my cable modem. On the whole, they lead to false belief that
firewalls really make you safe. They also block many
Janet,
Since your note earlier today there have been just under 200 fetches of
the html.
I've written to Byron Henderson and asked him to help me with the coop
formation. He and I worked on the .coop sTLD proposal, and as I mention
I discussed member-owned colo coop with Carolyn Hoover of the
On Wed, 17 Mar 2004, Daniel Medina wrote:
On Wed, Mar 17, 2004 at 02:01:43PM -0700, Janet Sullivan wrote:
Based on the response I've gotten off-list from people interested in
sharing our resources know-how with each other, I've just registered
net-co-op.org. ...
Oh come on, what was
I Just received this. I would like to check if others have received it
and did it indeed come through nanog mailist:
Date: Wed, 17 Mar 2004 21:10:38 +
From: Deep Throat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Spamhaus Exposed
Disturbing information on one of the founders of
Got it, came from nanog, originated from DISA (purportedly, anyways):
Received: from 198.26.130.36 by by13fd.bay13.hotmail.msn.com with HTTP;
Wed, 17 Mar 2004 21:10:38 GMT
#whois 198.26.130.36
OrgName:The Defense Information Systems Agency
OrgID: DISA
Address:
On 17.03.2004 23:57 william(at)elan.net wrote:
And while the website was unavailable and the sender is being anonymous
(whichis against nanog list policies if this was sent through it), what I
do find worse is that they managed to do it so that [EMAIL PROTECTED] is not
added to CC (which if I
From: william(at)elan.net [mailto:[EMAIL PROTECTED]
I Just received this. I would like to check if others
have received it and did it indeed come through nanog mailist
It came through NANOG, delivered from a Hotmail account that accepted it
from 198.26.130.36. Yes, that is a military IP,
At 04:58 PM 17/03/2004, Alon Tirosh wrote:
I *think* I loaded the page in lynx before it got rate-limited, and lynx
flashed through a whole mess of fast redirects before faulting out. No
logs, unfortunately.
A safe way I find to examine potentially trojaned pages is via fetch (or wget)
fetch -o
net-co-op.org. ...
Oh come on, what was .coop for if not this? :)
People in the poultry business? :-)
chicken.coop was sought for by many, myself included.
The Director, Co-op Business Development and Member Services, National
Cooperative Business Association, and I are now playing
On Wednesday, March 17, 2004 5:57 PM [EST], william(at)elan.net
[EMAIL PROTECTED] wrote:
I Just received this. I would like to check if others have received it
and did it indeed come through nanog mailist:
Date: Wed, 17 Mar 2004 21:10:38 +
From: Deep Throat [EMAIL PROTECTED]
To: [EMAIL
From Deep Throat, received 17/3/04, 21:10 + (GMT):
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
Not just a load of BS, but posted to NANOG anonymously, through a
hijacked machine at 198.26.130.36 (The Pentagon) no less.
--
Steve
On Wed, 17 Mar 2004, Steve Linford wrote:
From Deep Throat, received 17/3/04, 21:10 + (GMT):
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
Not just a load of BS, but posted to NANOG anonymously, through a
hijacked machine at
Hi folks.
On a cisco AS5800, what are the parameters that could be tweaked to reduce
CPU utilization ?
With 360 active calls here's what i have:
NAS01-MTNDODS#sh proc cpu | exclude 0.00
CPU utilization for five seconds: 79%/17%; one minute: 81%; five minutes:
80%
PID Runtime(ms) Invoked
the primary purpose of a firewall is to keep the bad
guys away from the buggy code. Firewalls are the networks' response to
the host security problem.
a pretty good sound bite. :)
Add to that that you don't really know what's
safe or unsafe, and that you have some services that
(On topic to nanog for a change...)
I'll be soon going through resetup of one of our primary hosting POPs
(moving to different DC and upstream provider) and as a result have
opportunity to make some changes to the configuration, etc and want to
set it up so there is standby backup available
On Wed, Mar 17, 2004 at 03:01:50PM -0800, bill said something to the effect of:
the primary purpose of a firewall is to keep the bad
guys away from the buggy code. Firewalls are the networks' response to
the host security problem.
a pretty good sound bite. :)
Add to that
I believe under USC18 there is a section that clearly states hacking a government computer can get you a maximum of 30 years in federal prison and a $250,000.00 fine
Please correct me if that postscription of law has been vacated.
-Henry
Dan Hollis [EMAIL PROTECTED] wrote:
On Wed, 17 Mar
On Wed, 17 Mar 2004, Steve Linford wrote:
From Deep Throat, received 17/3/04, 21:10 + (GMT):
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
Not just a load of BS, but posted to NANOG anonymously, through a
hijacked machine
In message [EMAIL PROTECTED], bill writes:
the primary purpose of a firewall is to keep the bad
guys away from the buggy code. Firewalls are the networks' response to
the host security problem.
a pretty good sound bite. :)
Thanks -- I've been using that line for about 10 years, and
[EMAIL PROTECTED] [17/03/04 17:34 +]:
The codes we use at present include:
127.0.0.1Listed in IADB
Hmmm... listed in my /etc/hosts as well.
Am I IADB compliant?
Am i missing something or isn't this a standard dns block / white list
implementation? I
In message [EMAIL PROTECTED], Henry Linneweh
writes:
--0-1103097329-1079567080=:87987
Content-Type: text/plain; charset=us-ascii
I believe under USC18 there is a section that clearly states hacking a governm
ent computer can get you a maximum of 30 years in federal prison and a $250,00
0.00
Mailed out through an open proxy / hacked machine in some australian
museum, with a body that tries to load this html page -
http://24.84.218.164:81/641280.php
Page is hosted on a shawcable conection (probably another trojaned box)
that I can't seem to access, though the host is barely
Erm, something is definately up tonight. Message is below, for those of you
who didn't want to touch this message.
I can't get to the site listed in the message, so I have no idea what its
trying to deliver exactly.
Anyone care to comment?
--
Brian Bruns
The Summit Open Source Development
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
notes:
(1) even in germany they call them 19 inch racks, thus setting the clock
back several decades.
(2) i'm very interested in listing more non-US locations
(3) i'm interested in listing
In message [EMAIL PROTECTED], Paul Vixie writes:
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
notes:
(1) even in germany they call them 19 inch racks, thus setting the clock
back several decades.
(2) i'm very interested in listing more
Me thinks somebody has found a trapdoor in nanog mailsetup and is in
general out to get us ...
This one supposedely came from 203.18.63.43 (australia powerhous museum -
phm.gov.au) and advertises page on ip 165.134.187.102 (saint louis
univerisity - slu.edu). Connection refused when I tried
In message [EMAIL PROTECTED], william(a
t)elan.net writes:
Me thinks somebody has found a trapdoor in nanog mailsetup and is in
general out to get us ...
This one supposedely came from 203.18.63.43 (australia powerhous museum -
phm.gov.au) and advertises page on ip 165.134.187.102 (saint
william(at)elan.net writes on 3/18/2004 11:03 AM:
Me thinks somebody has found a trapdoor in nanog mailsetup and is in
general out to get us ...
Have you, by any chance, heard of bcc? That isn't a bug, that's a
feature.
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager,
Interesting, it does respond, albiet sporadically.. It contains the
usual stuff... a trojan..
It looks like a variant of Psyme.. *sigh*
-colin.
On 18/03/2004, at 4:33 PM, william(at)elan.net wrote:
Me thinks somebody has found a trapdoor in nanog mailsetup and is in
general out to get us
[EMAIL PROTECTED] (TxRx Lists) writes:
One thing you may want to devote a bit more text to: what are typical
provisions for remote hands at these places?
that's one item. others are serial console access, remote power cycle,
whether an appointment/escort is required for on-site
No. Quite apart from the fact that you mean authorized, not
authenticated, the primary purpose of a firewall is to keep the bad
guys away from the buggy code. Firewalls are the networks' response to
the host security problem.
No. let's imagine, that I have 4 hosts, without ANY security
And I think you have hit it right on the head...another line of defense.
Everything I've ever read about security (network or otherwise) suggests
that a layered approach increases effectiveness. I certainly don't trust
a
firewall appliance as my only security device, so I also do prudent
On Wed, 17 Mar 2004, Steve Linford wrote:
From Deep Throat, received 17/3/04, 21:10 + (GMT):
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
Not just a load of BS, but posted to NANOG anonymously, through a
hijacked
Dan Hollis said:
federal interest site. thats automatic prison time, isnt it?
Alexei Roudnev replied:
Of course, not - he is not from USA (more likely), the end.
Why people believe, that this acts means ANYTHING? In
Internet, they (acts) means NOTHING.
Unless, of course, she happens to
Brian Bruns wrote:
Erm, something is definately up tonight. Message is below, for those of you
who didn't want to touch this message.
I can't get to the site listed in the message, so I have no idea what its
trying to deliver exactly.
Anyone care to comment?
SpamAssassin whacked it good -
75 matches
Mail list logo
