I Ar Es,
At least they have received the 2610:30::/32 allocation from ARIN.
Lets see if they how taxing they find IPv6 ;)
Greets,
Jeroen
--
OrgName:Internal Revenue Service
OrgID: IRS
Address: Constitution Ave. NW
City: Washington
StateProv: DC
PostalCode: 20224
Title: [NANOG] Cogent problem in NYC area
Cogent is having problems in the NYC area, they have said they are waiting for equipment to come back up. This has been going on for about 30 minutes now. They would not give me any more details than this.
Regards,
.myke
http://www.cs.columbia.edu/~smb/papers/v6worms.pdf - courtesy Schneier
on Security and then the ITU newslog.
Internet Worms and IPv6
Bruce Schneier's Schneier on Security points to a paper dismissing the
myth that worms won't be able to propagate under IPv6.
On 2/13/06, Bill Fenner [EMAIL PROTECTED] wrote:
http://disco-stu.dyndns.org/netdisco/public_map.html is a map of
access points and their loads. The radius of the circle represents
the number of associated users.
I think you just re-invented http://www.plazes.com - though that's
mostly for
On 2/14/06, Mohacsi Janos [EMAIL PROTECTED] wrote:
In the 6NET project we identified, that exhaustive search in IPv6 is not
feasible (e.g. nmap does not support it for IPv6), but there are also
Interesting. By the way is there a currently missing between not
and feasible there?
Even given the
In message [EMAIL PROTECTED], Sures
h Ramasubramanian writes:
http://www.cs.columbia.edu/~smb/papers/v6worms.pdf - courtesy Schneieron Secur
ity and then the ITU newslog.
Internet Worms and IPv6 Bruce Schneier's Schneier on Security points to a
paper dismissing the myth that worms won't be able
On 2/14/06, Suresh Ramasubramanian [EMAIL PROTECTED] wrote:
I think you just re-invented http://www.plazes.com
Well, Plazes requires user behavior to begin with, and doesn't
distinguish between multiple access points with the same SSID and same
subnet. Plazes could say NANOG in Dallas but not
Message: 3
Date: Thu, 09 Feb 2006 00:14:23 -0800
From: Declan McCullagh declan@well.com
Subject: [Politech] Delete web server logs, or get fined by the Feds?
Ed Markey's new bill [fs]
To: politech@politechbot.com
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain;
On 2/14/06, Jon R. Kibler [EMAIL PROTECTED] wrote:
A bill just announced in Congress would require every Web site operator
to delete information about visitors, including e-mail addresses, if the
data is no longer required for a legitimate business purpose.
Original posting from Declan
Same question here.
We have a filtering appliance that filters for porn, etc based on a
subscription basis, but I've considered filtering phishing and spyware sites
for all our customers. At what point does the ISP wanting to do good
infringe upon the 'rights' of those who accidentally hurt
On Tue, Feb 14, 2006 at 09:47:50AM -0500, Jon R. Kibler scribed:
http://www.politechbot.com/docs/markey.data.deletion.bill.020806.pdf
to delete information about visitors, including e-mail addresses, if the
data is no longer required for a legitimate business purpose.
Original
On Tue, Feb 14, 2006 at 10:33:19AM -0500, David G. Andersen wrote:
On Tue, Feb 14, 2006 at 09:47:50AM -0500, Jon R. Kibler scribed:
http://www.politechbot.com/docs/markey.data.deletion.bill.020806.pdf
to delete information about visitors, including e-mail addresses, if the
On 2/14/06, Frank Louwers [EMAIL PROTECTED] wrote:
Strange thing is that we have exact the opposite here in Europe. There
is a new bill that has been passed that forces us to keep al logs (mail
and web) for at least 1 or 2 years.
6 months to 2 years I think.
Strange thing is that we have exact the opposite here in Europe. There
is a new bill that has been passed that forces us to keep al
logs (mail and web) for at least 1 or 2 years.
Vriendelijke groeten,
Frank Louwers
That is far scarier.
On Tue, 14 Feb 2006 18:42:33 +0530, Suresh Ramasubramanian said:
After all when there's an unlimited number of hosts connected to the
v6 network, all that needs to happen is a small botnet to develop, and
then start to port scan.
The potentially larger number of hosts that can get infected
Suresh Ramasubramanian wrote:
On 2/14/06, Jon R. Kibler [EMAIL PROTECTED] wrote:
A bill just announced in Congress would require every Web site operator
to delete information about visitors, including e-mail addresses, if the
data is no longer required for a legitimate business purpose.
From: Andy Davidson
Speaking with my e-commerce vendor hat on, server logs (apache, mail,
application audit logs) and other information about visitors
(especially those who have conducted a purchase transaction with
us, or signed up to our newsletter) never stop having a business
Mark Borchers wrote:
Strange thing is that we have exact the opposite here in Europe. There
is a new bill that has been passed that forces us to keep al
logs (mail and web) for at least 1 or 2 years.
Vriendelijke groeten,
Frank Louwers
That is far scarier.
Which hard drive vendor
On Tue, 14 Feb 2006, Jeroen Massar wrote:
I Ar Es,
At least they have received the 2610:30::/32 allocation from ARIN.
Lets see if they how taxing they find IPv6 ;)
so.. this is surprising why? the us-gov mandate for ipv6 uptake will mean
lots of us-gov folks will be spinning up
On Tue, 14 Feb 2006 16:14:11 GMT, Andy Davidson said:
It's interesting that the US government is requiring less user data is
stored when European politicians are calling for greater data and log
retention rules.
Obviously, none of the Total Info Awareness proponents were able to get
their
On Tue, 14 Feb 2006, David Hubbard wrote:
From: Andy Davidson
Speaking with my e-commerce vendor hat on, server logs (apache, mail,
application audit logs) and other information about visitors
(especially those who have conducted a purchase transaction with
us, or signed up to our
I guess the question is how to read legitimate word. ^.^
I guess the bill was written in mind of privacy concern.
But also there is some requirement for security/law-enforcement viewpoint.
I received the request from some law-enforcement about actual user of IP
address 3 year ago or older.
Date: Tue, 14 Feb 2006 09:47:50 -0500
From: Jon R. Kibler [EMAIL PROTECTED]
Date: Thu, 09 Feb 2006 00:14:23 -0800
From: Declan McCullagh declan@well.com
I've posted the text here:
http://www.politechbot.com/docs/markey.data.deletion.bill.020806.pdf
A summary is here:
This is a pro-privacy bill that would regulate business, and it's been
introduced by a Democrat in a Republican-controlled Congress with a
Republican president, at a time when privacy is out of favor. It's not
going to pass. (To me, of course, that's a bug, especially since I'd
rather that
---Original Message---
From: Christopher L. Morrow [EMAIL PROTECTED]
Subject: Re: IRS goes IPv6!
Sent: 14 Feb '06 08:31
On Tue, 14 Feb 2006, Jeroen Massar wrote:
I Ar Es,
At least they have received the 2610:30::/32 allocation from ARIN.
Lets see if they how
On Tue, 14 Feb 2006, Hyunseog Ryu wrote:
I guess the question is how to read legitimate word. ^.^
I guess the bill was written in mind of privacy concern.
But also there is some requirement for security/law-enforcement viewpoint.
I received the request from some law-enforcement about actual
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeroen Massar wrote:
I Ar Es,
At least they have received the 2610:30::/32 allocation from ARIN.
Lets see if they how taxing they find IPv6 ;)
And who'd have thought they would be such late filers :-)
[IPv6 whois information for
On Tue, Feb 14, 2006 at 11:31:48AM -0500, [EMAIL PROTECTED] wrote:
On Tue, 14 Feb 2006 16:14:11 GMT, Andy Davidson said:
It's interesting that the US government is requiring less user data is
stored when European politicians are calling for greater data and log
retention rules.
* Frank Louwers:
Strange thing is that we have exact the opposite here in Europe. There
is a new bill that has been passed that forces us to keep al logs (mail
and web) for at least 1 or 2 years.
It's not a bill, it's a EU directive which still has to be implemented
in national law. Nothing
Apologies in advance, notes from this morning will be a bit
more scattered, as I was working on an issue in parallel
to taking notes.
Matt
2006.02.14 talk 1 IRR Power Tools
12:10 to 12:25, extra talk added, not on
printed agenda.
Thanks to those who submitted lightning
talks.
PC committee
2006.02.14 talk 2 Netflow tools
Bill Yurcik
byurcik at ncsa.uiuc.edu
NVisionIP and VisFlowConnect-IP
probably a dozen tools out there, this is just
two of them. Concenses is there's something to
this.
They're an edge network, comes into ISP domain,
their tools are used by entities with many
2006.02.14 talk 3 Flamingo netflow visualization
Manish (from BGP Inspect project from Merit)
bgpinspect.merit.edu:8080
He'll be talking later at the Tools BOF as well
apparently.
Introduction: What is Flamingo?
Visualization
The Flamingo Tool
combining visualizations with controls
Case
2006.02.14 talk 4 Flooding attacks
Jianhong Xia
A new talk added right before lunch by
Randy Bush will push us to 12:25.
Two talks coming up about DoS attacks
against control information
Flooding Attacks by exploiting persistent
forwarding loops.
Introduction: routing determines forwarding
A thought I had on the plane last night about the disconnect between the
NANOG and IETF community which leaves protocol development to run open-loop.
Rather than sit back and complain about the results, why not try to
synchronize meeting times. Not necessarily hotels, but within a reasonable
Many apologies...I'm no Stan Barber, but still doing my best to keep up
with the note-taking. ^_^;;
Matt
Slides are on Randy's site at
http://rip.psg.com/~randy/060214.nanog-pki.pdf
What I want for Eid ul-Fitr
Randy Bush
randy at psg.com
Definition of Eid ul-Fitr; end of Ramadan; breaking
I am not going to speak for the IETF, but why would they? Their meetings are
already open, and to be globally fair the proposed coordinators would have
to attend 3-5 extra meetings a year to cover all the ops groups.
Tony
-Original Message-
From: Eastgard, Tom [mailto:[EMAIL
On Tue, 14 Feb 2006 12:35:19 PST, Tony Hain said:
Rather than sit back and complain about the results, why not try to
synchronize meeting times. Not necessarily hotels, but within a reasonable
distance of each other so the issue about ROI for the trip can be mitigated.
The IETF apparently has
I agree that attendance is not required, but it can help some discussions.
Given the logistical differences it would be much easier to schedule NANOG
into a nearby hotel than to try to move the IETF around. For example this
time if NANOG had been a month later it would have been in the same
So, NANOG has worked in the past (eg: ARIN) at joint
meetings at a venue before, perhaps something similar would work.
I find it interesting that NANOG and IETF are both in Dallas
about a month from each other and both parties likely navigated
the logistics issues of
Tony/all,
I am not going to speak for the IETF, but why would they? Their meetings are
already open, and to be globally fair the proposed coordinators would have
to attend 3-5 extra meetings a year to cover all the ops groups.
I am also not speaking for the IETF (IAB), but the
---Original Message---
From: [EMAIL PROTECTED]
Subject: Re: protocols that don't meet the need...
Sent: 14 Feb '06 13:10
On Tue, 14 Feb 2006 12:35:19 PST, Tony Hain said:
Rather than sit back and complain about the results, why not try to
synchronize meeting times. Not
On Feb 14, 2006, at 4:47 PM, David Meyer wrote:
Tony/all,
I am not going to speak for the IETF, but why would they? Their
meetings are
already open, and to be globally fair the proposed coordinators
would have
to attend 3-5 extra meetings a year to cover all the ops groups.
Of course, there is nothing stopping NANOG or anyone else from
collocating their meetings to be near the IETF's (in time or
space)... but right now they would have a tough time figuring where
that would be :)
The IETF commits to having its meetings
not collide with certain other
Christian
On Feb 14, 2006, at 4:47 PM, David Meyer wrote:
Tony/all,
I am not going to speak for the IETF, but why would they? Their
meetings are
already open, and to be globally fair the proposed coordinators
would have
to attend 3-5 extra meetings a year to cover all
One of method missing is doing top down random walks of ip6.arpa.
Mark
On Tue, 14 Feb 2006 12:35:19 -0800, Tony Hain [EMAIL PROTECTED]
said:
A thought I had on the plane last night about the disconnect between the
NANOG and IETF community which leaves protocol development to run
open-loop.
The real problem is that people have unrealistic expectations wrt the
David,
On Feb 14, 2006, at 5:07 PM, David Meyer wrote:
Hmm, well, when there is lots of vendor and academia involvement, no,
there's no operator community presented in number of things I'm
following in the IETF. Take manet, for example, I don't even know to
begin where to inject operator
As originally sent to the registrars list by Rick Wesson...
Through 2005, the reg-ops (Registrar Operations) mailing list which was
established after the first Panix incident, was working by trial and
error, learning from past mistakes, formalizing reporting guidelines and
operating
On Wed, 15 Feb 2006, Gadi Evron wrote:
As originally sent to the registrars list by Rick Wesson...
Through 2005, the reg-ops (Registrar Operations) mailing list which was
established after the first Panix incident, was working by trial and error,
learning from past mistakes, formalizing
Sorry for last message that was supposed to be offline - forgot to remove
list address.
--
William Leibzon
Elan Networks
[EMAIL PROTECTED]
On Tue, 14 Feb 2006, Tony Hain wrote:
A thought I had on the plane last night about the disconnect between the
NANOG and IETF community which leaves protocol development to run open-loop.
[Hm, what happened last night that I missed]
I rather thought today's talk (last one in morning) by
On Wed, 15 Feb 2006, Mark Andrews wrote:
One of method missing is doing top down random walks of ip6.arpa.
That's only easy if delegation were on a per-nybble basis, which is commonly
not the case. Because there are not typically NS's at every nybble level,
you have to do more than one
On Wed, 15 Feb 2006, Mark Andrews wrote:
One of method missing is doing top down random walks of ip6.arpa.
That's only easy if delegation were on a per-nybble basis, which is commonly
not the case. Because there are not typically NS's at every nybble level,
you have to do more
On Wed, 15 Feb 2006, Mark Andrews wrote:
One of method missing is doing top down random walks of ip6.arpa.
That's only easy if delegation were on a per-nybble basis, which is commonly
not the case. Because there are not typically NS's at every nybble level,
you have to do more
Original posting from Declan McCullagh's PoliTech mailing list. Thought
NANOGers would be interested since, if this bill passes, it would impact
almost all of us. Just imagine the impact on security of not being able
to login IP address and referring page of all web server connections!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
thanks for taking notes.
comments in-line:
Matthew Petach wrote:
2006.02.14 talk 2 Netflow tools
Bill Yurcik
byurcik at ncsa.uiuc.edu
NVisionIP and VisFlowConnect-IP
probably a dozen tools out there, this is just
two of them. Concenses
On Wed, 15 Feb 2006, Mark Andrews wrote:
I suggest that you re-read RFC 1034 and RFC 1035. A empty
node returns NOERROR. A non-existant node returns NXDOMAIN
(Name Error).
Right. This means depth-first walk, which will reduce the *possible*
address space to probe, but
Here is the revised NANOG36 agenda for Wednesday, Feb. 15:
9:00-9:30v6fix: Wiping the Slate Clean for IPv6
Kenjiro Cho, WIDE/IIJ, Ruri Hiromi, WIDE/Intec NetCore
9:30-10:00 Hurricane Katrina: Telecom Infrastructure Impacts,
Solutions, and Opportunities
On Wed, 15 Feb 2006, Mark Andrews wrote:
I suggest that you re-read RFC 1034 and RFC 1035. A empty
node returns NOERROR. A non-existant node returns NXDOMAIN
(Name Error).
Right. This means depth-first walk, which will reduce the *possible*
address space to probe, but
Last notes of the day...
Matt
2006.02.14 Tools BOF
Todd Underwood, panel moderator
A number of interesting tools presented earlier today;
all of them are good and interesting and solve a
particular set of problems. None are in widespread
use. There's a lot of possible reasons; do they
solve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christopher L. Morrow wrote:
On Tue, 14 Feb 2006, Jeroen Massar wrote:
I Ar Es,
At least they have received the 2610:30::/32 allocation from ARIN.
Lets see if they how taxing they find IPv6 ;)
so.. this is surprising why? the us-gov
Roland Dobbins - that's me asking about the time intervals for the
bins and the TCP flags stuff.
;
Note that 5-minute bins may not always be optimal for opsec - 5
minutes minimum to see something happening and then 5 minutes to see
if your mitigation action was effective is a long
Through 2005, the reg-ops (Registrar Operations) mailing list which was
established after the first Panix incident, was working by trial and
error, learning from past mistakes, formalizing reporting guidelines and
operating procedures.
The mailing list now holds representatives from most of
63 matches
Mail list logo