Oh man can I relate to that. I remember my first ISP had no non routed IP space. Everything from the billing computer to the phone system and even the dial up pools were all routed official IP space.
Here’s a funny story and I’ll stop if the moderators wish but back in 1995 I had started my ISP and was adding additional capacity to the network as we were growing rapidly. I turned up a DS3 to UUnet, one to Sprint and one to MCI and for the first time started working with BGP (border gateway protocol) which is a routing protocol that lets complex multi homed networks update each other to the resources they host and so forth. Back then nobody filtered their peers so what ever I sent was installed in the table upstream etc with out sanity checks. Ok, so imagine this, I have a customer with several T1 connections to me and other people so they enable BGP to me where I dutifully rebroadcast their space upstream like any good provider wood. My customer decides to start making up IP addresses, not asking me for more or not using RFC-1918 space like 192.168.1.0/24 for example. This IP space was announced, I picked it up and rebroadcasted. Happened that some of the space belonged to major peering points so all the sudden I start to announce that I’m the provider of IP space for the networks that interconnect everyone at that time. The Internet totally fragments, people from Sprint can’t get to UUnet and so forth. I’m actually working with Cisco at the time and they can’t understand what happened. My phone rings, with in about 10 seconds of each other UUNet, Sprint, PSI Net, The .mil folks, MIT, Associated Press and NEAR Net all are wondering what the hell I’m doing and am I new.;). Yes, that’s right, in 1995 I caused a global outage. That’s what we like to call learning while under fire.:) > On Mar 24, 2017, at 12:32 PM, 'Chris Blouch' via MacVisionaries > <[email protected]> wrote: > > Since we're geezing here, I remember back in the early 90s setting up an > Oracle DB on a Novell server on .mil so it was open to the internet. I was > hosting data on GaAs high speed chip performance and they wanted it set up so > any researcher from anywhere could get to it. That was before the days of > firewalls and bad guys on the internet, which meant any computer on my desk > with an IP address was reachable from anywhere on the internet. Open access > like that today would just be asking for it. > > CB > > On 3/24/17 12:08 PM, Scott Granados wrote: >> Hi Chris, if I told you about some of the practices at Wells Fargo for >> example you’d run down and pull your money out tomorrow.:) >> >> Some banks are very good but yes you raise as always an excellent set of >> points. The trade offs are huge. Things like finger prints and other >> biometrics are a help but everything has its issues. >> This topic reminds me of a Department of Defense manual I read several >> years back concerning the proper methods of securing a windows server. I >> kid you not it required that the server be disconnected from any network >> services as well as be disconnected from power and locked securely in a >> SCIF.;) >> >> >> >>> On Mar 24, 2017, at 11:13 AM, 'Chris Blouch' via MacVisionaries >>> <[email protected]> wrote: >>> >>> Just the traditional security usability tradeoff. Like door locks, you just >>> want to make sure yours is tough enough to crack that the lazy bad guy >>> moves on to somebody else. It's always crackable if they think the value >>> inside is worth it. I can't imagine what it's like to try and do security >>> for a Wells Fargo or CitiBank. You can pretty much guarantee security for >>> your phone by embedding it in a chunk of concrete. Of course usability >>> suffers ;) >>> >>> CB >>> >>> On 3/24/17 3:55 AM, Simon Fogarty wrote: >>>> Yes 2 factor authentication is a great idea, >>>> >>>> Shame it's a pain in the ass. >>>> >>>> -----Original Message----- >>>> From: 'Chris Blouch' via MacVisionaries >>>> [mailto:[email protected]] >>>> Sent: Friday, 24 March 2017 3:00 AM >>>> To: [email protected] >>>> Subject: Re: Apple music on android. >>>> >>>> In light of >>>> >>>> https://www.macrumors.com/2017/03/22/apple-responds-to-hack-threats/ >>>> >>>> two-factor auth seems like a really good idea. >>>> >>>> CB >>>> >>>> On 3/23/17 4:30 AM, Scott Granados wrote: >>>>> Anders, you’re intuition is correct. On native apple devices we get a >>>>> separate pop up for the 2 factor response in this case the numerical >>>>> portion of the response. In your case, you don’t have that specific pop >>>>> up so you would respond like this. For our example say that your >>>>> password is marshmallow and your response you received on an authorized >>>>> device from Apple is 555333. In your password prompt you would put in >>>>> one group marshmellow555333 which contains your password and then the two >>>>> factor response as an appended number. The authenticator at Apple knows >>>>> to strip off the last 6 digits and pass them to the second factoring >>>>> mechanism and your password goes off to LDAP and the database for >>>>> authentication. (Roughly so you get the idea). Let me know if that helps. >>>>> >>>>>> On Mar 22, 2017, at 7:06 PM, Anders Holmberg <[email protected]> >>>>>> wrote: >>>>>> >>>>>> Hi! >>>>>> I don’t know if its offtopic to ask about this here but if so i >>>>>> appologize and let me know that so i can ask it on the eyes-free list >>>>>> instead. >>>>>> I try to login to my apple music account with the apple music app on >>>>>> android. >>>>>> However when i click the login button i get a dialog telling me to type >>>>>> the password together with the 2 step verification code sent to my other >>>>>> devices. >>>>>> THen there is a try again button and i come back to the login screen. >>>>>> I can not find any where to type the verification code. >>>>>> So i am wondering if i should type the email in the e-mail field and the >>>>>> password and the verification code in the password field together? >>>>>> It sounds very odd to me but i want to try apple music out on my android >>>>>> device. >>>>>> Thanks in advance for all help. >>>>>> /A >>>>>> >>>>>> -- >>>>>> The following information is important for all members of the Mac >>>>>> Visionaries list. >>>>>> >>>>>> If you have any questions or concerns about the running of this list, or >>>>>> if you feel that a member's post is inappropriate, please contact the >>>>>> owners or moderators directly rather than posting on the list itself. >>>>>> >>>>>> Your Mac Visionaries list moderator is Mark Taylor. You can reach mark >>>>>> at: [email protected] and your owner is Cara >>>>>> Quinn - you can reach Cara at [email protected] >>>>>> >>>>>> The archives for this list can be searched at: >>>>>> http://www.mail-archive.com/[email protected]/ >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "MacVisionaries" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>>> an email to [email protected]. >>>>>> To post to this group, send email to [email protected]. >>>>>> Visit this group at https://groups.google.com/group/macvisionaries. >>>>>> For more options, visit https://groups.google.com/d/optout. >>> -- >>> ¯\_(ツ)_/¯ >>> >>> -- >>> The following information is important for all members of the Mac >>> Visionaries list. >>> >>> If you have any questions or concerns about the running of this list, or if >>> you feel that a member's post is inappropriate, please contact the owners >>> or moderators directly rather than posting on the list itself. >>> >>> Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at: >>> [email protected] and your owner is Cara Quinn - >>> you can reach Cara at [email protected] >>> >>> The archives for this list can be searched at: >>> http://www.mail-archive.com/[email protected]/ >>> --- You received this message because you are subscribed to the Google >>> Groups "MacVisionaries" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at https://groups.google.com/group/macvisionaries. >>> For more options, visit https://groups.google.com/d/optout. > > -- > ¯\_(ツ)_/¯ > > -- > The following information is important for all members of the Mac Visionaries > list. > > If you have any questions or concerns about the running of this list, or if > you feel that a member's post is inappropriate, please contact the owners or > moderators directly rather than posting on the list itself. > > Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at: > [email protected] and your owner is Cara Quinn - you > can reach Cara at [email protected] > > The archives for this list can be searched at: > http://www.mail-archive.com/[email protected]/ > --- You received this message because you are subscribed to the Google Groups > "MacVisionaries" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/macvisionaries. > For more options, visit https://groups.google.com/d/optout. -- The following information is important for all members of the Mac Visionaries list. If you have any questions or concerns about the running of this list, or if you feel that a member's post is inappropriate, please contact the owners or moderators directly rather than posting on the list itself. Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at: [email protected] and your owner is Cara Quinn - you can reach Cara at [email protected] The archives for this list can be searched at: http://www.mail-archive.com/[email protected]/ --- You received this message because you are subscribed to the Google Groups "MacVisionaries" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Message signed with OpenPGP
