William Allen Simpson wrote:
Marshall Eubanks wrote:
I used to count the proportion of Mac laptops in the room (or, at
least, my row) to pass the time when I was bored.
I remember at the 1999 Washington IETF I saw exactly one, and I
could hear people whisper about it around me.
I
hi,
is there any tool could measue e2e TCP connection
speed?
e.g. we want to measue the delay between the TCP SYN
and receiving SYN ACK packet.
Joe
__
Search, browse and book your hotels and flights through
Best way to do it is right after the SYN just count one one thousand, two one
thousand until you get the ACK. This works best for RFC 1149 traffic, but is
applicable for certain others as well.
I don't know of any automated tool, per se. You really couldn't do it *well*
on the software
On 2008-03-10, Joe Shen [EMAIL PROTECTED] wrote:
is there any tool could measue e2e TCP connection
speed?
hping (or tcpdump while you make a connection by any method).
On 2008-03-10, Joe Shen [EMAIL PROTECTED] wrote:
is there any tool could measue e2e TCP connection speed?
WireShark, which also has a basic analysis package built-in for error and
connection setup statistics.
--
Scanned for viruses and dangerous content at
http://www.oneunified.net
We use LAN Traffic v2 to test speeds on our network.
http://www.omnicor.com/netest.htm
-
Michienne Dixon
Network Administrator
liNKCity
312 Armour Rd
North Kansas City, MO 64116
www.linkcity.org
(816) 412-7990
From: Joe Shen
Sent: Mon 3/10/2008 4:00 AM
To: NANGO
Subject: Tools to measure TCP
On Mon, Mar 10, 2008 at 4:00 AM, Joe Shen [EMAIL PROTECTED] wrote:
hi,
is there any tool could measue e2e TCP connection
speed?
e.g. we want to measue the delay between the TCP SYN
and receiving SYN ACK packet.
So, all you want to know is basic RTT? Do you want to know about the
Dave Pooser wrote:
Do bots try brute force attacks on Telnet and FTP? All I see at my firewall
are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block
23 too; I think it's used about as rarely by normal customers as SSH is.
Depending on the ip space I find FTP brute force
Do bots try brute force attacks on Telnet and FTP? All I see at my firewall
are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block
23 too; I think it's used about as rarely by normal customers as SSH is.
Depending on the ip space I find FTP brute force attacks 10 times
Adrian Chadd wrote:
Does anyone have any handy links to actual raw data and papers about this?
I'm sure we've all got our own personal datapoints to support automated
network probes but I'd prefer to stuff something slightly more concrete
and official(!) into the Wiki.
SANS ISC might have
we do not just want to analyze e2e performance, but to
monitor network performance at IP and TCP layer.
We monitor end-to-end ping with smokeping, but as you
know, ICMP data does not reflect application layer
permance at any time. So, we set up two hosts to
measure TCP permance.
Is there
All,
Some of you are aware of the site for network operators:
http://iar.cs.unm.edu/ which has running for two years now. The purpose of
the site is to detect and distribute network anomaly information to the
network operators that need to know. The flip side of our proposed security
system,
Ttcp will give you what you're looking for, but it's not something you
can run in the background and forget. You have to bring it up on both
ends, and while it's running, it won't even pretend to try and be
friendly about bandwidth usage. It'll give you a summary after it has
finished
A couple of tools I use from time to time are iperf and ttcp. I'll run
iperf on some host and either run ttcp to it from a router or iperf to
another host. You can also run ttcp router to router.
-wil
On Mar 10, 2008, at 8:51 AM, Joe Shen wrote:
we do not just want to analyze e2e
On Fri, 7 Mar 2008, Scott Weeks wrote:
To me there is no question of whether or not you filter traffic for
residential broadband customers.
SBC in my area (Dallas) went from wide open to outbound 25 blocked by
default/opened on request. I think doing the same thing with port 22 would
hardly
The American Registry for Internet Numbers (ARIN), in cooperation with
the Cooperative Association for Internet Data Analysis (CAIDA), is
conducting a survey to gather data regarding the current and future use
of IPv6 throughout the ARIN Region. For a complete list of countries go
to:
Long response with answers inline...
--- [EMAIL PROTECTED] wrote:---
Might as well do TCP 20, 21 and 23, too. Woah, that slope's getting slippery!
Depends on how you ask the questions.
How about: Should a statefull firewall be provided for casual broadband
dynamic
On Mon, 10 Mar 2008, Scott Weeks wrote:
The hard part is I now always take over networks that have been in
operation a long time and enabling these policies can be very painful
after the fact. Establishing them when the network is new is a
different story.
Whatever you decide, whether you
-- [EMAIL PROTECTED] wrote: --
On Mon, 10 Mar 2008, Scott Weeks wrote:
The hard part is I now always take over networks that have been in
operation a long time and enabling these policies can be very painful
after the fact. Establishing them when the network is new is a
On Mon, Mar 10, 2008 at 11:01 AM, Josh Karlin [EMAIL PROTECTED] wrote:
All,
Some of you are aware of the site for network operators:
http://iar.cs.unm.edu/ which has running for two years now. The purpose of
the site is to detect and distribute network anomaly information to the
network
Hi Justin (and all others on-list)
I understand your grounds for blocking outbound SMTP for your customers
(especially those on dynamic IP connections).
It probably will do good to block infected customers that are spewing
spam all over the world.
However, considering the number of mobile
On Tue, 11 Mar 2008, Ang Kah Yik wrote:
Hi Justin (and all others on-list)
I understand your grounds for blocking outbound SMTP for your customers
(especially those on dynamic IP connections).
It probably will do good to block infected customers that are spewing spam all
over the world.
Hi Andy (and all who responded),
Thanks for the heads-up on the redirection on SMTP traffic. I've yet to
see an implementation of it but I agree that it's a possible solution.
As for the issue I raised previously, perhaps corporate users isn't a
good example but what about users of email
--
Date: Tue, 11 Mar 2008 07:58:01 +0800
From: Ang Kah Yik [EMAIL PROTECTED]
Subject: Customer-facing ACLs
Hi Justin (and all others on-list)
I understand your grounds for blocking outbound SMTP for your customers
(especially those on dynamic IP
On Mon, 10 Mar 2008, Scott Weeks wrote:
The default policy is we allow eveything. It takes no explaining.
If you don't bother to explain to the same customers who you believe
couldn't figure out how to change the default settings, what the
risks and how to protect their computers on the
Chris,
That's a good question. IAR peers that also wish to run PGBGP will transmit
their anomalous routes out of band to the IAR. This will likely be done via
logs and a simple forwarding script.
Josh
On Mon, Mar 10, 2008 at 4:01 PM, Christopher Morrow
[EMAIL PROTECTED] wrote:
On Mon,
On Mon, Mar 10, 2008 at 7:58 PM, Ang Kah Yik [EMAIL PROTECTED] wrote:
Hi Justin (and all others on-list)
I understand your grounds for blocking outbound SMTP for your customers
(especially those on dynamic IP connections).
It probably will do good to block infected customers that are
I've attempted to summarise the replies I found useful in the Wiki:
http://nanog.cluepon.net/index.php/MailTopics#Customer-Facing_ACLs
My personal observations:
* More information about what networks are doing would be nice!
* More data points about probes/scans/etc would be nice!
* Filtering
Ang Kah Yik wrote:
However, considering the number of mobile workers out there who send
email via their laptops to corporate SMTP servers, won't blocking
outbound SMTP affect them?
After all, there are also those who frequently move from place to place
so they're going to have to keep
We have a two-dozen line long ACL applied to our CMTS and BRAS blocking
Windows and virus ports and have never had a complaint or a problem. We
do have a more sophisticated residential or large-biz customers ask, but
only once has our ACL been the source of a problem and it's only because the
Those using Google for SMTP can still use their ISP's SMTP servers for
outbound
Frank
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ang
Kah Yik
Sent: Monday, March 10, 2008 7:40 PM
To: Andy Dills
Cc: nanog@merit.edu
Subject: Re: Customer-facing
31 matches
Mail list logo
