Hello Everyone.
Barry Greene and I will be hosting an ISP Security BOF at the upcoming
meeting. Please check out http://www.nanog.org/mtg-0210/securebof.html
We are soliciting input from peering coordinators who wish to participate
in this BOF.if you are one, please fill out the form
NANOG:
Since Ethernet strings die, I give you my opinion of how to stop SPAM. We
shall let Ethernet defend for itself for now. It is doing fine w/o my help.
Mail Adminstrators need to have peering policies. Traffic Adminstrators
need to have traffic policies. Processes beget policies.
On Wed, 02 Oct 2002 13:29:49 -, Bob Martinez [EMAIL PROTECTED] said:
server (ex.). As with PIM Snooping, Ethernet based networks can easily
snoop this activity (authenticated traffic) and deny it at wirespeed as
close the source as you dare go (domain). These service could easily be
Hi,
We're trying to assemble a small herd of script hackers in Eugene
in the form of a BOF.
If anybody has interesting tools they use to wrangle routers (or
interesting problems that can currently only be solved by hand, for
which automated solutions would be useful), want to drop me a line
reports of equinix's demise appear to have been grossly premature. see
http://biz.yahoo.com/bw/021002/20088_1.html, whose title is something like:
Equinix Gains Strategic Investment From Singapore Technologies Telemedia
and Creates the Largest Global Network Neutral Internet Exchange
On Tue, Oct 01, 2002 at 02:43:41PM -0700, [EMAIL PROTECTED] said:
[snip]
I have question for the security community on NANOG.
What is your learned opinion of having host accounts
(unix machines) with UID/GID of 0:0
otherwords
jmbrown_r:password:0:0:John M.
On Wed, Oct 02, 2002 at 11:34:38AM -0700, [EMAIL PROTECTED] said:
[snip]
This is a really /really/ REALLY bad idea. I had nightmare issues dealing
with a network formerly run by a 'sysadmin' who thought every user that
might need to do something as root should have a uidzero account.
On Tue, Oct 01, 2002 at 02:43:41PM -0700, [EMAIL PROTECTED] said:
[snip]
On Mon, Sep 23, 2002 at 02:44:34PM -0700, Scott Francis wrote:
On Sun, Sep 22, 2002 at 03:22:11PM -0700, [EMAIL PROTECTED] said:
I have question for the security community on NANOG.
What is your learned
I'm looking for carrier neutral colo in San Diego. We are a wireless isp,
and will need rooftop rights. Any advice/experiences would be
appreciated.
Specifically we are interested in thoughts on Switch and Data, and
ClearBlue.
TIA.
Steve Rude
I to join in, I want to publicly congrat Jay and the rest. There
were a lot of people throwing FUD around, nowadays it's too easy to
be negative and very counterproductive to growth and deployment.
Equinix is obviously here to stay and a safe place to do peering and
interconnections.
On Wed, Oct 02, 2002 at 04:06:00PM -0400, [EMAIL PROTECTED] said:
[ On Wednesday, October 2, 2002 at 11:47:12 (-0700), Scott Francis wrote: ]
Subject: Re: Security Practices question
Absolutely so - which is why no account should have multiple equally valid
passwords, which is what
Hats off to Jay and Bill and the entire TEAM at EQIX.
As a soon to be customer (times 2), a shareholder and a fan, I'm most
happy to hear about this deal..
All the work Bill Norton has done on peering and IX issues, the costs
in travel and time away from family and home I think have paid EQIX
On Wed, Oct 02, 2002 at 05:08:05PM -0400, [EMAIL PROTECTED] said:
[ On Wednesday, October 2, 2002 at 13:26:15 (-0700), Scott Francis wrote: ]
Subject: Re: Security Practices question
grr. Please read Barb's post about exactly why multiple aliases for the
UID 0 account is a Bad Idea. It's
Why would you want peering coordinators to speak at a Security BOF? I
would think that you would want network engineers who are knowledgable in
backbone security techniques to speak. The interaction of this set to the
set of peering coordinators tends to be rather weak - not nonexistant,
just
The Equinix Team,
Congratulations on this strategic move. Way to go!
Shannon M. Lake Sr.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Paul Vixie
Sent: Wednesday, October 02, 2002 10:02 AM
To: [EMAIL PROTECTED]
Subject: Re: Equinix to join role
On Wed, 2 Oct 2002, dgold wrote:
Why would you want peering coordinators to speak at a Security BOF? I
would think that you would want network engineers who are knowledgable in
backbone security techniques to speak. The interaction of this set to the
set of peering coordinators tends to be
As Sean stated, it is more of an issue of who comes to NANOG. Anyone
working on security issues within ISP's is welcome to come.we WANT them
to come and participate. Sorry if it was misleading.
- merike
At 05:07 PM 10/2/2002 -0500, dgold wrote:
Why would you want peering coordinators
On Wed, 2 Oct 2002, Scott Francis wrote:
Can you back up that statement in /any/ way? What exactly are your reasons
why sudo is a worse solution (or even a bad idea)?
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random
jm Date: Wed, 2 Oct 2002 17:48:16 -0700 (PDT)
jm From: just me
jm In an environment where every sysadmin is interchangable, and
jm any one of them can be woken up at 3am to fix the random
jm problem of the day, you tell me how to manage 'sudoers' on
jm 4000 machines.
krb5/ksu
Eddy
--
On Wed, 2 Oct 2002, just me wrote:
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random problem of the day,
you tell me how to manage 'sudoers' on 4000 machines.
In an situation where the team needs root; all per-admin UID 0
On Wed, Oct 02, 2002 at 05:48:16PM -0700, just me wrote:
On Wed, 2 Oct 2002, Scott Francis wrote:
Can you back up that statement in /any/ way? What exactly are your reasons
why sudo is a worse solution (or even a bad idea)?
In an environment where every sysadmin is interchangable,
At 05:48 PM 10/2/02 -0700, just me wrote:
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random problem of the day,
you tell me how to manage 'sudoers' on 4000 machines.
Sudo provides for one master sudoers file that you can copy
could use scp also. Altho not as secure you'd need null keys.
But could also have the same issues with rdist.
Joel Baker wrote:
On Wed, Oct 02, 2002 at 05:48:16PM -0700, just me wrote:
On Wed, 2 Oct 2002, Scott Francis wrote:
Can you back up that statement in /any/ way? What exactly
eddy == E B Dreger [EMAIL PROTECTED] writes:
jm Date: Wed, 2 Oct 2002 17:48:16 -0700 (PDT)
jm From: just me
jm In an environment where every sysadmin is interchangable, and any
jm one of them can be woken up at 3am to fix the random problem of
jm the day, you tell me how to manage 'sudoers'
I would like to restrict access from certain countries to content on my
network (for security and legal reasons).
So far the best algorithm I've been able to come up with is a combination
of reverse DNS and APNIC/ARIN/RIPE whois queries. I've written a perl
cgi that checks reverse DNS first,
On Wed, Oct 02, 2002 at 11:21:04PM -0400, Ralph Doncaster wrote:
Is there a more accurate method to determine the country of origin for an
IP than the methods I've described above?
Several companies offer such services. I'd be happy to give some
pointers offlist.
On Wednesday, Oct 2, 2002, at 23:21 Canada/Eastern, Ralph Doncaster
wrote:
I would like to restrict access from certain countries to content on my
network (for security and legal reasons).
So far the best algorithm I've been able to come up with is a
combination
of reverse DNS and
27 matches
Mail list logo