Please contact me offlist, did you decide to stop accepting mail
from berkeley.edu?
thanks,
matt ghali
[EMAIL PROTECTED]darwin
The only thing necessary for the triumph
of evil is for good men to do nothing. - Edmund Burke
On Mon, 18 Apr 2005, Christopher L. Morrow wrote:
that'd be unfortunate, what with number portability and all, yes?
Until a couple of months ago, Cingular Wireless here was still
determining whether or not to bill for mobile to mobile calls
based on whether the called party's NPA was one of
http://rfc-ignorant.org/tools/lookup.php?domain=ebay.com
it's been three years, I don't think they really give a damn.
matto
On Sat, 16 Apr 2005, Scott Grayban wrote:
If there are any eBay admin here please fix your spoof@ abuse@
address because it is denying every spoof complaint
On Sun, 17 Apr 2005, Jay R. Ashworth wrote:
So here's the 64GB/s question:
If carriers are being paid to ensure physical separation between
circuits for the life of the circuit, why is it that they haven't
implemented change management systems (and I don't solely mean the
software)
Well, according to the release note URL I posted, this version was
built on 2/24/05, when it presumably went into beta testing.
The version string in the actual code says 3/3/05, which I guess is
when they resolved anything discovered in testing.
The first customer support email I recieved
Dear Support staff at Linksys:
This weekend I made a futile attempt to enable WPA Pre-Shared Key
mode on my home wireless network. The network consists of a
Linksys WRT54G router, two WET54GS5 bridges, and a pair of Apple
iBooks running MacOS X.
The iBooks had no problem communicating with
It seems that it's pretty dim there. After acknowledging that the
product was broken by design, they offered to replace them under
warranty. Great.
I wonder how Cisco feels about these jack-holes using their brand.
matto
On Mon, 11 Apr 2005, Roland H. Alden wrote:
Mark, rest assured
My apologies. Apparently I was mistaken when I thought that other
network operators might be interested in saving themselves the time
and money of buying a broken piece of network equipment, which the
manufacturer won't support.
I made a rash assumption that such behavior from a vendor might
yeah, I agree. this is one of the cases where they suck more and I
hoped that folks would be able to use the info to make an educated
guess as to who might suck less.
I'm kind of crazy like that. The last time I tried to warn off
unwitting consumers, I ended up spending $50k on legal fees
On Mon, 11 Apr 2005, just me wrote:
Dear Support staff at Linksys:
[blah blah blah]
For those of you who emailed me privately about also running into
this bug, I just got an email from Linksys support saying they
released a new firmware version today(!) that resolves the problem.
http
On Thu, 7 Apr 2005, Eric A. Hall wrote:
If folks were used to just adding forwarder entries to named.boot,
yes, since they'd also have to remember to undelegate authority
for the relevant rfc1918 address space now too. If somebody setup
a network using a subset of the address space
On Fri, 1 Apr 2005 [EMAIL PROTECTED] wrote:
Why can't we have VoIP phones with built-in GPS receivers and a built-in
911 dialplan that makes the phone transmit your coordinates along with the
emergency call?
are you serious? if you are, why don't you ask for a pony while
you're at it.
It has been my experience in the deployment of such anycasted dns
server pods that pushing ospf from the dns server hosts introduces
complexity and reduces reliability to the point that other, simpler
solutions become much more attractive.
You should also take a moment to take a look at your
If you are running Proofpoint appliances or software in a relatively
high (25k to 30k messages per hour) traffic environment, I would
love to hear from you regarding your experiences.
I will summarize to the list if there is aany interest; until then,
please reply to me directly.
thanks much,
On Mon, 7 Mar 2005, Brent Chapman wrote:
Could be. There also appear to have been mail problems with the list this
afternoon; my message sat in the queue at my end for 3.5 hours being
repeatedly rejected or timed out by mail.merit.edu, before finally going
through:
Maybe it was a
On Fri, 25 Feb 2005, Frank Louwers wrote:
The trick is to config port 587 in such a way that it ONLY accepts
smtp-auth mail, not regular smtp.
That way, virii/spam junk won't be able to use that port.
What are you, stupid? The spammers have drone armies of machines
with completely
On Fri, 25 Feb 2005, Christopher X. Candreva wrote:
On Fri, 25 Feb 2005, just me wrote:
What are you, stupid? The spammers have drone armies of machines
with completely compromised operating systems. What makes you think
that their mail credentials will be hard to obtain
On Fri, 25 Feb 2005, Edward B. Dreger wrote:
Internal users: With AUTH - correlate message with authenticated user,
then forbid mail transmission for them only. I'd rather do that than
slog through RADIUS logs. But, hey, maybe if I had more free time...
Increasing the detail of an
On Fri, 25 Feb 2005, J.D. Falk wrote:
On 02/25/05, just me [EMAIL PROTECTED] wrote:
Increasing the detail of an audit trail doesnt mean anyone will
automatically use the information in an effective manner.
Without auth, most ISPs could correlate abuse behavior between MTA
On Thu, 3 Feb 2005, Joel Perez wrote:
I keep reading these articles and reports about this botnet and that
botnet problem and how many user's pc's are infected. The only thing
I don't see is a way to remove these bots!
http://www.sun.com/software/javadesktopsystem/features.xml
On Tue, 21 Dec 2004, Paul Vixie wrote:
i've also been thinking that AXFR's known incoherency could be reduced by
using some kind of in-band embargo that would bring a new zone version
online synchronously on servers supporting this feature and configured to
enable it for a particular
On Thu, 16 Dec 2004 [EMAIL PROTECTED] wrote:
On Thu, 16 Dec 2004 12:24:56 PST, just me said:
So the competing .org provider deploys their better solution and
survives, how, exactly?
Are there not a variety of other registries?
It's not a registry problem
On Thu, 16 Dec 2004, Iljitsch van Beijnum wrote:
And that's exactly why UltraDNS' treatment of .org is evil. I really don't
understand why people with .org domains aren't complaining louder about this.
Instead of re-starting this particular perennial thread, can we please
just
On Thu, 16 Dec 2004 [EMAIL PROTECTED] wrote:
On Thu, 16 Dec 2004 10:33:27 PST, just me said:
and be done with it? Look. Some folks think that $technology is a good
solution for $application. Some don't. The great thing about teh
internat is that differing solutions to common
I second the recommendation for PowerDNS. I built an anycasted, sql
backended instant-update DNS server platform for a registrar who was
interested in selling a premium dns service product. We looked long
and hard at bind+dlz as well as PDNS.
Both are great products, and the developer who
On Thu, 2 Dec 2004, just me wrote:
I second the recommendation for PowerDNS.
Dear Nanog,
My apologies for not reading down the thread and seeing that the OP
was looking for a way to *stop* using powerdns.
My apologies also for failing once again to sign my post with my full,
legal name
My brother is looking for 1 to 2mbps of connectivity in Jonestown, TX.
He promises not to drink the kool-aid.
Wireless links, licensed or unlicensed spectrum are acceptable, as
well as leased line.
Please reply to us off-list; I will summarize on the off chance that
someone else is
On Thu, 11 Nov 2004, Robert Mathews wrote:
On Thu, 11 Nov 2004, Alexei Roudnev wrote:
Hmm - just introduce some jitter into your network, and add random delay to
the short packets - and no VoIP in your company -:).
How exactly then would anyone implement this, without screwing-up
http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP7900
On Mon, 19 Apr 2004, Christopher J. Wolff wrote:
That makes two votes for the Baytech. Thank you.
[EMAIL PROTECTED]darwin
Flowers on the razor wire/I know you're here/We are few/And far
between/I was thinking
On Mon, 19 Apr 2004 [EMAIL PROTECTED] wrote:
After all, people who build DNS infrastructure intend it to be
used to for generic DNS translations, not generic database
lookups.
Wait. What's the difference? I must have missed something.
matt ghali
[EMAIL PROTECTED]darwin
Flowers on the
On Thu, 18 Mar 2004, Kelly Setzer wrote:
This is relevant, if tangential, to the current discussion on 1U colo
for remote ops/looking glass/etc.
[...]
4) One nanog member indicated that I am an idiot.
Personally, I recently priced intel server systems from a variety of major
vendors
On Fri, 12 Mar 2004, Ricardo G Patara wrote:
On Thu, Mar 11, 2004 at 10:59:01PM -0800, just me wrote:
|
| Behind all of LACNIC's 200/8 and Iskimaro, whoever the heck they are!
I'd say that it is not a wise thing to do, but it is up to you.
Inside this /8 block there are a lot
On Fri, 12 Mar 2004, Suresh Ramasubramanian wrote:
Wholesalebandwidth = Scott Richter.
http://groups.google.com/groups?q=scott+richter+wholesalebandwidth
You can safely nullroute 69.6.0.0/18
You can say that again. He's a strong third on my list:
http://mrtg.snark.net/nullstats.cgi
http://www.wired.com/news/culture/0,1284,57760,00.html
[EMAIL PROTECTED]darwin
Flowers on the razor wire/I know you're here/We are few/And far
between/I was thinking about her skin/Love is a many splintered
thing/Don't be afraid now/Just walk on in. #include disclaim.h
I think I have what you are looking for; at least for the APNIC region
so far:
http://mrtg.snark.net/apnic.php
It updates weekly from data on the APNIC web site.
matto
On Mon, 9 Feb 2004, Matthew Crocker wrote:
I've look at IANA but it doesn't give enough detailed information. I
would
Your analogies suck for two reasons:
1: take a look at the huge problems apple is having with quality
control and returns on the ibooks. They've finally started admitting
there's a problem (after months and months of consumer outrage)
http://www.apple.com/support/ibook/faq/
2: VW build
On Mon, 8 Dec 2003, Petri Helenius wrote:
just me wrote:
Can you explain to the less hyperbolic among us, why I should be
obligated to exchange packets with a provider who hosts abusive
customers.
You, and nobody else is not. The difference is if you carpet-bomb
the provider
On 5 Dec 2003, james wrote:
On Fri, 2003-12-05 at 16:05, Laurence F. Sheldon, Jr. wrote:
Everything else was forged, spoofed, or unintelligble.
I was probably not filtering off traffic from you (for any value of
you), I was filtering off stuff with your IP address in it.
I was
On Fri, 5 Dec 2003, Petri Helenius wrote:
And I refer you to the blocks which are properly registered down
to the /29 level and you are saying that if you are a good citizen
collateral damage is recommended regardless because antispammers
are either lazy or technically incompetent or
Interstingly enough, the FTP url hasnt changed:
http://ftp.apnic.net/stats/apnic/apnic-latest
there are some strange differences between the http version and
the ftp version.
I have some automated stuff that grabs the data once a week and makes
it available in an actually-human-usable format
On Mon, 3 Nov 2003, John Brown (CV) wrote:
rural or not, capitalism will hinder redundancy unless
the shareholders or the insurance companies say otherwise.
YM, capitalism will foster redundancy? It does from where I sit..
matto
[EMAIL PROTECTED]darwin
Flowers on the razor wire/I
Many thanks to the dozens of folks who took time to offer me advice on
coloing in the Asia-Pacific and EU. I've had recommendations to look
at the following providers:
hong kong: pbase.net, att
singapore: singtel, att
korea: kidc
japan: jpix
Joe and Bill recommeded the PAIX. Not a bad idea from
2003, just me wrote:
I'm trying to find some KT contacts. Email to the sales contacts on
their web pages are vanishing, and we'd really like to colo.
Any contact info would be appreciated.
thanx!
matto
- [EMAIL PROTECTED]darwin
Flowers on the razor wire/I know you're here/We
On Mon, 27 Oct 2003, Suresh Ramasubramanian wrote:
just me writes on 10/27/2003 4:24 PM:
So, let me change the question. Anyone know of good colo in the AP
region with excellent regional connectivity? I know it's a large,
Which part of asiapac do you really want to colo
Hi Joe-
On Mon, 27 Oct 2003, Joe Abley wrote:
On 27 Oct 2003, at 16:49, just me wrote:
The physical location is secondary to the quality of connectivity to
the region, and the quality of the facility, in that order.
The pertinent questions are, I think (a) what do you mean
I'm trying to find some KT contacts. Email to the sales contacts on
their web pages are vanishing, and we'd really like to colo.
Any contact info would be appreciated.
thanx!
matto
[EMAIL PROTECTED]darwin
Flowers on the razor wire/I know you're here/We are few/And far
between/I was
Eh?
I don't see a delegation to tulku.nic.ar. anywhere down the delegation
chain.
. says ch nameservers are:
NS.APNIC.NET. 2D IN A 203.37.255.97
DOMREG.NIC.ch. 2D IN A 130.59.1.80
MERAPI.SWITCH.ch. 2D IN A 130.59.211.10
DNS.PRINCETON.EDU.
On Thu, 16 Oct 2003 [EMAIL PROTECTED] wrote:
So...correct me if I'm wrong here...does this mean that the
registry services operations and the GTLD maintenance operations
for .com/.net will be owned by different companies?
Yep.
Uh, actually, no. They're spinning off the registRAR
Some of the more pedantic registries require that nameservers for a
new domain reg be up and available. In theory they are also supposed
to answer auth for the new domain being registered, but I am not sure
how many actually check for an SOA.
Afternic used to wildcard NS records for that reason,
On Wed, 8 Oct 2003, Paul G wrote:
they could try to get some legitimate traffic as , say, google or yahoo do
by providing a valuable service. if it is as valuable as they claim, users
will keep coming back.
pg
Apparently even Verisign doesn't think it's a very valuable or
legitimate
They probably upgraded the code on their { CSSes | Localdirectors }.
;-)
On Mon, 6 Oct 2003, Sean McPherson wrote:
And poof, that's it. No data. Try again, and I randomly get the whole
page, part of the page down to the 'Feedback' line, or nothing.
Same thing happens from work (ATT /
On Thu, 2 Oct 2003, Eliot Lear wrote:
[EMAIL PROTECTED] wrote:
Beware the single point of failure. If all your clocks come from GPS, then
GPS is the SPOF.
Can you describe what would be involved to cause this sort of single
point of failure to fail?
Eliot
- Antenna failure
-
I'm keeping track of sitefinder vs. google page load times, just for
giggles. You can see the results at:
http://mrtg.snark.net/http-time/
One thing thats missing is accounting for refused connections; I'll
have to put a little more thought into that.
matto
On Wed, 24 Sep 2003, Declan
On Mon, 22 Sep 2003, David G. Andersen wrote:
With load balancing, traffic can get routed down a non-functional
path while routing takes place over the other one - BBN did that
to us once, was very entertaining).
Ah yes, I'll always have a special place in my heart for those
On Thu, 18 Sep 2003, Todd Vierling wrote:
BGP has no way to know that an internal network problem occurred. If
someone mistakenly tripped over a network cable that disconnected DNS
clusters from a router, how would the router know to drop anycast
advertisements?
(Sure, you could run
On Mon, 15 Sep 2003, Joshua Sahala wrote:
as is usually suggested on this list, do your talking with your money,
pull your zones from verisign, and never do business with them again,
Ah, if you own any domains in .com or .net; you are doing business
with Verisign. Sorry...
matto
[EMAIL
On 27 Aug 2003, Robert E. Seastrom wrote:
N. Richard Solis [EMAIL PROTECTED] writes:
FedEx will be your best bet. Trust me.
FedEx Heavy = pay a surcharge for heavy boxes, get it moved by a 120
pound delivery person with a handtruck rather than a pallet jack or
other appropriate
If anyone from SBCi ops is on the list, please give me a call. I have
a client that's been dead in the water for 24 hours, who desperately
needs some ICMP dropped on your side.
Matt Ghali
(650) 704-2964
[EMAIL PROTECTED]darwin
Flowers on the razor wire/I know you're here/We are few/And far
Much thanks to Eric from Tier 2 for the quick followup!
On Thu, 21 Aug 2003, just me wrote:
If anyone from SBCi ops is on the list, please give me a call. I have
a client that's been dead in the water for 24 hours, who desperately
needs some ICMP dropped on your side.
Matt Ghali
On Wed, 20 Aug 2003, Christopher Chin wrote:
Okie doke is Netscalibur in the house? I might assume so
based on the nanog-ish return address on the received e-mail
from [195.157.87.253]. This IP is sourcing Sobig.F to me, and
*as* me.
The received mail:
From [EMAIL
On Wed, 20 Aug 2003, Karsten W. Rohrbach wrote:
Some switched to Mac. Many UNIX users are on mutt or similar MUAs which
do not bear the potential for execution of arbitrary code.
http://www.cert.org/advisories/CA-1997-14.html
http://www.cert.org/advisories/CA-1998-10.html
Wow, the second
On Wed, 20 Aug 2003, Karsten W. Rohrbach wrote:
just me([EMAIL PROTECTED])@2003.08.20 14:17:17 +:
http://www.cert.org/advisories/CA-1997-14.html
http://www.cert.org/advisories/CA-1998-10.html
Wow, the second one even mentions Mutt by name.
The more recent of those two
On Thu, 21 Aug 2003, Karsten W. Rohrbach wrote:
Mutt and similar MUAs are prone to misconfiguration, which makes them
vulnerable to some degree, but this fact alone does not expose enough
surface for implementation of an internet-wide worm attack ;-)
So you are saying that all MUA's are
Pardon the posting from (for once) a non-blackout area, but I have a
small request.
I just lost a large chunk of my work to a disk failure. A couple of
months ago, I mailed out a bunch of my anti-spam scripts and database
schemas to someone on this list. I'd know who, but my mail was hosed,
2003, Andy Dills wrote:
On Wed, 18 Jun 2003, just me wrote:
For my little corner:
http://mrtg.snark.net/spam/
It seems 1:1 is the norm these days, at least at my scale.
How do you get your mail delivery attempts to occur so linearly? :)
I think something's busted with your mrtg
On Thu, 19 Jun 2003, Andy Dills wrote:
Yeah, mea culpa :)
Don't know why you have your graphs set up that way, unless you have no
other way of reporting aggregate scores for the day...
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/reference.html
In the absence of 'gauge' or
On Wed, 18 Jun 2003, Miles Fidelman wrote:
It occurs to me that a lot of people on this list might have that sort of
quantitative data - so... any comments?
Regards,
Miles Fidelman
For my little corner:
http://mrtg.snark.net/spam/
It seems 1:1 is the norm these days, at least at my
On Fri, 28 Mar 2003, Mike Damm wrote:
Here was my official reply I sent to him:
[smarmy email elided]
Thats the email you sent to Mr. Miyoko Shioda? You might want to get
in touch with Mr. JC Dill then, and ask her which bothers her more-
gender assumptions or MUA snobbery.
Cheers, toots.
On Wed, 5 Feb 2003, Stephen Milton wrote:
Maybe it's just me, but isn't there something odd about a DNS query
coming back with 78 entries for the same host? It sends back an UDP
packet that gets truncated and the DNS resolver reverts to TCP to get
the full list.
It seems to cause
On Wed, 5 Feb 2003, Alex Lambert wrote:
The 78 addresses listed here are all in one bit of a /24. In the cases I've
seen, there are a few servers listed in several different locations,
network- (and location-) wise. I agree that this looks really weird. Perhaps
they use it as a cheap
On Thu, 6 Feb 2003, Joe Abley wrote:
On Thursday, Feb 6, 2003, at 19:19 Canada/Eastern, just me wrote:
If they lack the sense to stop trying to relay to a host that does not
even ACK their SYNs after several thousand tries, I suspect their
proficiency at configuring rfc-compliant DNS
On Tue, 28 Jan 2003, Scott Francis wrote:
He argued instead that OSes should be redesigned to implement the
principle of least privilege from the ground up, down to the
architecture they run on.
[...]
The problem there is the same as with windowsupdate - if one can spoof the
central
On Wed, 29 Jan 2003, Jeff Godin wrote:
The new whois server for the .ORG TLD can be found at
whois.publicinterestregistry.net. Web interface for .ORG WHOIS can
be found at URI:http://www.pir.org/whois/.
Wed Jan 29 11:08:09
matt@pants:~$ whois -h whois.publicinterestregistry.net
entries..
matto
On Wed, 29 Jan 2003, Jeff Godin wrote:
On Wed, Jan 29, 2003 at 11:13:27AM -0800, just me wrote:
On Wed, 29 Jan 2003, Jeff Godin wrote:
The new whois server for the .ORG TLD can be found at
whois.publicinterestregistry.net. Web interface for .ORG WHOIS can
Am I the only one that finds this perversion of the DNS protocol
abhorrent and scary? This is straight up hijacking.
On Fri, 3 Jan 2003, Verd, Brad wrote:
To improve this user experience and to encourage the adoption of an
application that supports IDNA, VGRS is announcing a measure
On Mon, 18 Nov 2002, David Diaz wrote:
In the real world however, yes, off several dsl links Im seeing those
levels to various sites, I think it's more a factor of congested
peering links or traffic aggregation at a hub. People arent spending
the money to upgrade links right now.
I
On Thu, 3 Oct 2002, Scott Francis wrote:
On Wed, Oct 02, 2002 at 05:48:16PM -0700, [EMAIL PROTECTED] said:
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random problem of the day,
you tell me how to manage 'sudoers' on
On Wed, 2 Oct 2002, Scott Francis wrote:
Can you back up that statement in /any/ way? What exactly are your reasons
why sudo is a worse solution (or even a bad idea)?
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random
78 matches
Mail list logo