Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006, Paul Vixie wrote: and yet, when i consider my nontechnical friends with their DSL and cablemodem connections, i know that if they get hit by an exploding DLL, their ISP is one of the likely places they will place a call. For assistance with Microsoft security issues in the US, call (866) PC-SAFETY If your Microsoft systems have been affected by a virus and you need help, you can get free virus-related assistance from Microsoft in the United States and Canada via a toll-free support hot line, (866) PC-SAFETY (727-2338). For support outside the United States and Canada, please contact your Microsoft Help and Support worldwide.
Re: Removal of my name
On Wed, 20 Sep 2006, Randy Bush wrote: but there are a couple of more significant issues being discussed over there, those surrounding the community's desires for maintaining mailing list archive integrity. Personally I find it sad that at the prospect of a list archive being censored, the only discussion that could come up on this list was HTML versus plain text. Had the guy not re-sent the whole nonsense to the list itself I might have more sympathy for him. == Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
On Thu, 21 Sep 2006 12:41:41 -0400, Steven M. Bellovin [EMAIL PROTECTED]
said:
Paul, what exponent does the new key use? (I clicked on the public key
link, but I can't decode the base64 that easily...)
Here's a fairly simple way to extract e:
$ for rdata in `dig dlv.isc.org. dnskey +short | awk '/257/ {print $4}'`; do
echo $rdata | base64-decode | od -x -N4; done
000 0103 daa7
004
000 0301 0001
004
According to RFC2537 section 2, one of the KSKs of dlv.isc.org has e=3
and the other e=65537.
--
Alex
Re: tech support being flooded due to IE 0day
i've assumed that the hardcore bgp engineering community now meets elsewhere. Or perhaps BGP engineering hasn't changed in so many years that it is now more than adequately covered by books, certificate courses, and internal sharing of expertise. Lists are good for things that are new or confusing or difficult. BGP no longer fits into those categories. (c) the flames completely outweigh gadi's own original posts, Words of wisdom. I was wondering when someone would point this out. and (d) some of the folks lurking here actually tell me that they benefit from gadi's stuff. And, no doubt, they tell Gadi too which is why he continues to post on this list and does not seem to be wounded by the flaming arrows sent his way. ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email [EMAIL PROTECTED] Now that is on topic. Maybe we need more advertising on the list to make people happy? --Michael Dillon
Have you really got clue?
that, and a thread where half of the posts are from the initial poster himself anyway. but then, happily watching him, at least he is creative in topics... i am mentally killfilling his threads anyway, less and less relevant. it is scary what stuff is discussed lately. -ako OK, Alexander Koch. You apparently have clue and you apparently know what *IS* on topic for this mailing list. Instead of posting an off-topic message like the one above, kindly post a message listing *ALL* of the topics that belong on this list. And if anyone else here thinks they know what is on topic, please tell us. I am getting bored by the flood of negative messages that say only You can't say that here. Please stop telling us what you cannot say on NANOG. If you really must register your discontent with a message, then at least take the time to list some of the topics that belong on the list. What is NANOG all about? What is relevant to network operations? Is NANOG a narrowly focused technical list for a small group of technical specialists? Or is it some kind of broader industry-focused list that covers many issues relevant to the industry? --Michael Dillon
Re: tech support being flooded due to IE 0day
To the people who say we throw in the towel and just say Gadi will never stop posting off-topic crap, so why bother trying to correct him?, I'd suggest that this is a self-defeating attitude. Not only because Gadi could actually be posting useful stuff if set on the right path as to what is appropriate and what is not, but because 10,000 other people are going to be reading that post and thinking that this is appropriate subject matter. One off-topic post you can delete, but an entire list which has been co-opted by off-topic material can not be fixed. I agree with you 100%. Please give us your list of *ALL* the topics that you think are appropriate for this list. --Michael Dillon P.S. Note that I do not agree that anyone has yet tried to correct Gadi. All I have seen is bellyaching on a personal level, i.e. person A does not like person B's message. To set everyone on the right path we need a description of the path itself.
RE: Have you really got clue?
Well said. He can't respond right now, his computer has been infected. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, September 22, 2006 5:18 AM To: nanog@merit.edu Subject: Have you really got clue? that, and a thread where half of the posts are from the initial poster himself anyway. but then, happily watching him, at least he is creative in topics... i am mentally killfilling his threads anyway, less and less relevant. it is scary what stuff is discussed lately. -ako OK, Alexander Koch. You apparently have clue and you apparently know what *IS* on topic for this mailing list. Instead of posting an off-topic message like the one above, kindly post a message listing *ALL* of the topics that belong on this list. And if anyone else here thinks they know what is on topic, please tell us. I am getting bored by the flood of negative messages that say only You can't say that here. Please stop telling us what you cannot say on NANOG. If you really must register your discontent with a message, then at least take the time to list some of the topics that belong on the list. What is NANOG all about? What is relevant to network operations? Is NANOG a narrowly focused technical list for a small group of technical specialists? Or is it some kind of broader industry-focused list that covers many issues relevant to the industry? --Michael Dillon
RE: tech support being flooded due to IE 0day
P.S. Note that I do not agree that anyone has yet tried to correct Gadi. i guess what i've found most bemusing about this whole thread is -- i went looking for the first email Gadi posted. turns out that his posting habits have convinced Outlook that his email is junk - and _all_ of his posts are in the Junk EMail folder. i was bemused. jury is out of Outlook is showing self-intelligence or not! cheers, lincoln.
Potentially on-Topic: is MSNBot for real?
On a website I host with nearly 9000 unique visits month-to-date (thats visits, not hits) a full 20% of the recorded 'hits' (Hitcount is ~40,000) are being generated by 'msnbot'. We see this as a large amount of http traffic from IP addresses owned by Microsoft. I've actually seen this across a number of websites (including my own) but the guest on my server has raised the issue of loading being completely misproportionate to the perceived value of the visit - and asked about potentially blocking them off entirely. Is this unusual, or what? Are search engines supposed to be amongst the biggest user agents recorded on a typical website? How much trolling and indexing is considered 'too much' ? At what point to the search engines themselves become a menace - the load the cause outweighs the value of said load? (I'd like my cpu cycles to be for real people, please...) Off-list thoughts on this welcome if the operational relevance of this issue is questioned... Cheers Mark.
[Closed-Dead-OT-CloseMe]Re: tech support being flooded due to IE 0day
On 22 Sep 2006, at 11:06, Lincoln Dale wrote: P.S. Note that I do not agree that anyone has yet tried to correct Gadi. i guess what i've found most bemusing about this whole thread is -- i went looking for the first email Gadi posted. turns out that his posting habits have convinced Outlook that his email is junk - and _all_ of his posts are in the Junk EMail folder. i was bemused. jury is out of Outlook is showing self-intelligence or not! cheers, lincoln. Could we please close this thread now? I believe it is well off-topic. Thank you
BGP Update Report
BGP Update Report Interval: 08-Sep-06 -to- 21-Sep-06 (14 days) Observation Point: BGP Peering with AS4637 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS855 20458 1.9% 35.8 -- CANET-ASN-4 - Aliant Telecom 2 - AS17974 19425 1.8% 51.8 -- TELKOMNET-AS2-AP PT TELEKOMUNIKASI INDONESIA 3 - AS413417600 1.6% 33.5 -- CHINANET-BACKBONE No.31,Jin-rong Street 4 - AS5639 9959 0.9% 140.3 -- Telecommunication Services of Trinidad and Tobago 5 - AS9583 8988 0.8% 12.7 -- SIFY-AS-IN Sify Limited 6 - AS6147 7384 0.7% 32.0 -- Telefonica del Peru S.A.A. 7 - AS6197 6604 0.6% 5.3 -- BATI-ATL - BellSouth Network Solutions, Inc 8 - AS702 6539 0.6% 9.0 -- AS702 MCI EMEA - Commercial IP service provider in Europe 9 - AS239186260 0.6% 48.5 -- CBB-BGP-IBARAKI Connexion By Boeing Ibaraki AS 10 - AS174886132 0.6% 11.8 -- HATHWAY-NET-AP Hathway IP Over Cable Internet 11 - AS8151 6083 0.6% 9.9 -- Uninet S.A. de C.V. 12 - AS337835683 0.5% 53.1 -- EEPAD 13 - AS292575569 0.5% 47.2 -- CBB-IE-AS Connexion by Boeing Ireland, Ltd. 14 - AS156115303 0.5% 50.0 -- Iranian Research Organisation 15 - AS9121 5240 0.5% 5.1 -- TTNET TTnet Autonomous System 16 - AS308905116 0.5% 25.1 -- EVOLVA Evolva Telecom 17 - AS9443 4776 0.4% 15.5 -- INTERNETPRIMUS-AS-AP Primus Telecommunications 18 - AS111394762 0.4% 19.2 -- CWRIN CW BARBADOS 19 - AS126544713 0.4% 107.1 -- RIPE-NCC-RIS-AS RIPE NCC RIS Project. 20 - AS5803 4477 0.4% 48.1 -- DDN-ASNBLK - DoD Network Information Center TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS174703769 0.3%3769.0 -- CELLTEL-AS Celltel Lanka (Pvt) Ltd. 2 - AS12922 936 0.1% 936.0 -- MULTITRADE-AS Bank Outsourcer 3 - AS34378 903 0.1% 903.0 -- RUG-AS Razguliay-UKRROS Group 4 - AS39132 643 0.1% 643.0 -- ETRANS ETRANS AG 5 - AS185602395 0.2% 598.8 -- CYBERSHORE - Cybershore, Inc 6 - AS30298 536 0.1% 536.0 -- FIRST-AMERICAN-BANK-SSB - First American Bank 7 - AS39042 505 0.1% 505.0 -- GLOBAL63RU-AS CJSC Global Telecom Co AS 8 - AS39250 991 0.1% 495.5 -- COLOPROVIDER-AS Colo Provider 9 - AS20648 966 0.1% 483.0 -- RAN-INTERNET Spain 10 - AS177831911 0.2% 477.8 -- SRILRPG-AS SRIL RPG Autonomous System 11 - AS14548 452 0.0% 452.0 -- LISTEN-SF-1 - Listen.com 12 - AS3043 2988 0.3% 426.9 -- AMPHIB-AS - Amphibian Media Corporation 13 - AS15755 424 0.0% 424.0 -- ISPRO Autonomous System Izmir,TURKEY 14 - AS33996 420 0.0% 420.0 -- BACA-AS BA-Creditanstalt-Leasing Poland S.A. 15 - AS12408 408 0.0% 408.0 -- BIKENT-AS Bikent Ltd. Autonomous system 16 - AS3944 776 0.1% 388.0 -- PARTAN-LAB - Partan Partan 17 - AS15743 378 0.0% 378.0 -- IPH IPH AS 18 - AS23917 729 0.1% 364.5 -- BRIBIE-NET-AS-AP Bribie Island Net Multihomed, Brisbane 19 - AS31942 722 0.1% 361.0 -- COBECV - COBE CV 20 - AS27008 676 0.1% 338.0 -- BDC - BendTel TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 203.189.184.0/21 3769 0.3% AS17470 -- CELLTEL-AS Celltel Lanka (Pvt) Ltd. 2 - 208.0.225.0/24 3092 0.2% AS11139 -- CWRIN CW BARBADOS 3 - 209.140.24.0/242961 0.2% AS3043 -- AMPHIB-AS - Amphibian Media Corporation AS9121 -- TTNET TTnet Autonomous System 4 - 61.4.0.0/192247 0.2% AS9899 -- ICARE-AP iCare.com Ltd. 5 - 203.112.154.0/24 1892 0.1% AS17783 -- SRILRPG-AS SRIL RPG Autonomous System 6 - 203.199.128.0/19 1783 0.1% AS4755 -- VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System 7 - 143.81.0.0/21 1237 0.1% AS6034 -- DDN-ASNBLK - DoD Network Information Center 8 - 212.34.128.0/22 956 0.1% AS20648 -- RAN-INTERNET Spain 9 - 194.105.61.0/24 936 0.1% AS12922 -- MULTITRADE-AS Bank Outsourcer 10 - 202.125.147.0/24923 0.1% AS17557 -- PKTELECOM-AS-AP Pakistan Telecom 11 - 83.98.220.0/23 919 0.1% AS39250 -- COLOPROVIDER-AS Colo Provider 12 - 193.242.123.0/24903 0.1% AS34378 -- RUG-AS Razguliay-UKRROS Group 13 - 138.112.0.0/16 845 0.1% AS7132 -- SBIS-AS - SBC Internet Services 14 - 205.97.32.0/20 835 0.1% AS5839 -- DDN-ASNBLK - DoD Network Information Center 15 - 82.207.177.0/24 829 0.1% AS8881 -- VERSATEL Versatel Global Network 16 - 63.112.156.0/22
The Cidr Report
This report has been generated at Fri Sep 22 21:45:37 2006 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
15-09-06195282 127109
16-09-06195133 127173
17-09-06194972 127200
18-09-06195147 127202
19-09-06195369 127212
20-09-06195304 127349
21-09-06195342 127424
22-09-06195595 127261
AS Summary
23088 Number of ASes in routing system
9698 Number of ASes announcing only one prefix
1505 Largest number of prefixes announced by an AS
AS7018 : ATT-INTERNET4 - ATT WorldNet Services
91399680 Largest address span announced by an AS (/32s)
AS721 : DISA-ASNBLK - DoD Network Information Center
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 22Sep06 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 195503 1272646823934.9% All ASes
AS4134 1212 269 94377.8% CHINANET-BACKBONE
No.31,Jin-rong Street
AS4755 988 70 91892.9% VSNL-AS Videsh Sanchar Nigam
Ltd. Autonomous System
AS18566 962 123 83987.2% COVAD - Covad Communications
Co.
AS4323 1019 294 72571.1% TWTC - Time Warner Telecom,
Inc.
AS9498 854 144 71083.1% BBIL-AP BHARTI BT INTERNET
LTD.
AS721980 308 67268.6% DISA-ASNBLK - DoD Network
Information Center
AS22773 703 52 65192.6% CCINET-2 - Cox Communications
Inc.
AS6197 1030 488 54252.6% BATI-ATL - BellSouth Network
Solutions, Inc
AS7018 1505 981 52434.8% ATT-INTERNET4 - ATT WorldNet
Services
AS19262 700 186 51473.4% VZGNI-TRANSIT - Verizon
Internet Services Inc.
AS17488 533 54 47989.9% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS19916 565 87 47884.6% ASTRUM-0001 - OLM LLC
AS855552 88 46484.1% CANET-ASN-4 - Aliant Telecom
AS11492 741 291 45060.7% CABLEONE - CABLE ONE
AS17676 499 63 43687.4% JPNIC-JP-ASN-BLOCK Japan
Network Information Center
AS18101 454 23 43194.9% RIL-IDC Reliance Infocom Ltd
Internet Data Centre,
AS3602 513 104 40979.7% AS3602-RTI - Rogers Telecom
Inc.
AS4766 705 311 39455.9% KIXS-AS-KR Korea Telecom
AS812407 26 38193.6% ROGERS-CABLE - Rogers Cable
Inc.
AS15270 459 86 37381.3% AS-PAETEC-NET - PaeTec.net -a
division of
PaeTecCommunications, Inc.
AS6467 394 54 34086.3% ESPIRECOMM - Xspedius
Communications Co.
AS4812 398 61 33784.7% CHINANET-SH-AP China Telecom
(Group)
AS16852 368 53 31585.6% FOCAL-CHICAGO - Focal Data
Communications of Illinois
AS33588 391 94 29776.0% BRESNAN-AS - Bresnan
Communications, LLC.
AS16814 329 44 28586.6% NSS S.A.
AS9583 951 670 28129.5% SIFY-AS-IN Sify Limited
AS19115 375 96 27974.4% CHARTER-LEBANON - Charter
Communications
AS14654 285 15 27094.7% WAYPORT - Wayport
AS6167 369 106 26371.3% CELLCO-PART - Cellco
Partnership
AS17849 423 161 26261.9% GINAMHANVIT-AS-KR hanvit ginam
Re: Potentially on-Topic: is MSNBot for real?
On Friday 22 Sep 2006 11:39, you wrote: Is this unusual, or what? Are search engines supposed to be amongst the biggest user agents recorded on a typical website? How much trolling and indexing is considered 'too much' ? Whenever it becomes a problem. If you don't have enough genuine traffic, and you don't have much, then the search engines will look like they are dominating it, as they are pretty thorough. I've seen issues arise with some search bots, where they have discovered loops in a websites structure and downloaded multiple copies, or found novels links to dynamic content and indexed your entire database. So worth checking what pages they have been to, to see if those could be an issue. Off-list thoughts on this welcome if the operational relevance of this issue is questioned... Trust me, anything involving 40,000 hits is off-topic in Nanog, unless you have reason to believe the same 40,000 are happening to everyone on the net, or they took down 40,000 important websites. Most of the regular are just getting in, so expect to be flamed mercilessly.
Re: Have you really got clue?
[EMAIL PROTECTED] wrote:
And if anyone else here thinks they know what is
on topic, please tell us.
I am getting bored by the flood of negative messages
that say only You can't say that here. Please stop
telling us what you cannot say on NANOG. If you really
must register your discontent with a message, then
at least take the time to list some of the topics that
belong on the list.
What is NANOG all about? What is relevant to network
operations? Is NANOG a narrowly focused technical list
for a small group of technical specialists? Or is it
some kind of broader industry-focused list that covers
many issues relevant to the industry?
It is pretty simple, really. These are examples of the topics that are
on-topic.
1. that posting is off-topic.
2. somebody with clue from ${SmallUnknownOperator} (e.g. AOL) please
contact me off list about a connectivity issue.:
3. that posting is terribly off-topic.
4. anybody know where I can get a free 300-baud dialup in
${Major_City_with_Wiffies_Everywhere}
5. Since when is NANOG about ${some-non-BGP-operational-issue}
6. Somebody left their nerd-pack in the meeting room for
${obscure_NANOG_topic
--
Requiescas in pace o email
Ex turpi causa non oritur actio
http://members.cox.net/larrysheldon/
Re: tech support being flooded due to IE 0day
Richard A Steenbergen wrote: Unless we're ready to admit that NANOG is completely and totally worthless as a forum for discussing network operations, people NEED to step up and take responsibility for the self policing that we're all supposed to be doing in srh's absence. I think you meant to say the self policing the mailing list committee has been begging for. srh (or any chunk of Merit, per se) != mailing list administration panel Let's embrace the reform movement, and let NANOG be NANOG, albeit with a lot more taste and a lot less filler. pt
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006 10:11:20 +0100 [EMAIL PROTECTED] wrote: Or perhaps BGP engineering hasn't changed in so many years that it is now more than adequately covered by books, certificate courses, and internal sharing of expertise. Lists are good for things that are new or confusing or difficult. BGP no longer fits into those categories. In other words, this should be a focussed, low volume list. and (d) some of the folks lurking here actually tell me that they benefit from gadi's stuff. And, no doubt, they tell Gadi too which is why he continues to post on this list and does not seem to be wounded by the flaming arrows sent his way. In other words, the some people think that the goal of a mailing list should be to keep a minimum volume of email going through it rather than keeping it focussed and useful. -- D'Arcy J.M. Cain darcy@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: tech support being flooded due to IE 0day
[EMAIL PROTECTED] (Sean Donelan) writes: For assistance with Microsoft security issues in the US, call (866) PC-SAFETY according to http://www.eweek.com/article2/0,1895,2019162,00.asp, microsoft has not released a patch for the VML thing, so calling (866) PC-SAFETY isn't going to be a universal fix (and who will $user call after that, we wonder?) according to http://www.websense.com/securitylabs/alerts/alert.php?AlertID=628, there is now malware-in-the-field that exploits the VML thing. and according to http://www.auscert.org.au/render.html?it=6771, there's already phishing. last but not least, according to http://isotf.org/zert/ there is a non-MSFT patch for the VML thing. i don't expect ISP's to recommend its use, due to liability reasons, but mentioning it or even proactively notifying about it might be a way to get people off the phone (or keep them from calling in). (i'll remove the ISC training ad from my .signature for this post, since i've gone way over my NANOG quota here -- three messages in 24 hours, oops.) -- Paul Vixie
Re: Have you really got clue?
On 9/22/06, Laurence F. Sheldon, Jr. [EMAIL PROTECTED] wrote:
It is pretty simple, really. These are examples of the topics that are
on-topic.
1. that posting is off-topic.
2. somebody with clue from ${SmallUnknownOperator} (e.g. AOL) please
contact me off list about a connectivity issue.:
Now that we're firmly into offtopic territory -
http://www.kitenet.net/~joey/blog/entry/thread_patterns.html
Here's how to subscribe to mailing lists with a combined total posts
of 2000 or more per day, and live. It's all about pattern recognition.
[snip]
--
Suresh Ramasubramanian ([EMAIL PROTECTED])
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. Daily listings are sent to [EMAIL PROTECTED] For historical data, please see http://thyme.apnic.net. If you have any comments please contact Philip Smith [EMAIL PROTECTED]. Routing Table Report 04:00 +10GMT Sat 23 Sep, 2006 Analysis Summary BGP routing table entries examined: 198182 Prefixes after maximum aggregation: 108186 Unique aggregates announced to Internet: 96256 Total ASes present in the Internet Routing Table: 23166 Origin-only ASes present in the Internet Routing Table: 20205 Origin ASes announcing only one prefix:9692 Transit ASes present in the Internet Routing Table:2961 Transit-only ASes present in the Internet Routing Table: 68 Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 29 Max AS path prepend of ASN (36728) 27 Prefixes from unregistered ASNs in the Routing Table: 2 Unregistered ASNs in the Routing Table: 4 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space: 9 Number of addresses announced to Internet: 1600876812 Equivalent to 95 /8s, 107 /16s and 113 /24s Percentage of available address space announced: 43.2 Percentage of allocated address space announced: 61.3 Percentage of available address space allocated: 70.5 Total number of prefixes smaller than registry allocations: 98999 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:43558 Total APNIC prefixes after maximum aggregation: 17528 Prefixes being announced from the APNIC address blocks: 41156 Unique aggregates announced from the APNIC address blocks:18382 APNIC Region origin ASes present in the Internet Routing Table:2701 APNIC Region origin ASes announcing only one prefix:761 APNIC Region transit ASes present in the Internet Routing Table:404 Average APNIC Region AS path length visible:3.5 Max APNIC Region AS path length visible: 24 Number of APNIC addresses announced to Internet: 262496864 Equivalent to 15 /8s, 165 /16s and 98 /24s Percentage of available APNIC address space announced: 82.1 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911 APNIC Address Blocks 58/7, 60/7, 121/8, 122/7, 124/7, 126/8, 202/7 210/7, 218/7, 220/7 and 222/8 ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes: 99951 Total ARIN prefixes after maximum aggregation:59286 Prefixes being announced from the ARIN address blocks:73496 Unique aggregates announced from the ARIN address blocks: 27740 ARIN Region origin ASes present in the Internet Routing Table:10993 ARIN Region origin ASes announcing only one prefix:4169 ARIN Region transit ASes present in the Internet Routing Table:1009 Average ARIN Region AS path length visible: 3.3 Max ARIN Region AS path length visible: 29 Number of ARIN addresses announced to Internet: 301835520 Equivalent to 17 /8s, 253 /16s and 165 /24s Percentage of available ARIN address space announced: 78.2 ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106 (pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153 3354-4607, 4865-5119, 5632-6655, 6912-7466 7723-8191, 10240-12287, 13312-15359, 16384-17407 18432-20479, 21504-23551, 25600-26591, 26624-27647, 29696-30719, 31744-33791 35840-36863, 39936-40959 ARIN Address Blocks24/8, 63/8, 64/5, 72/6, 76/8, 199/8, 204/6, 208/7 and 216/8 RIPE Region Analysis Summary Prefixes being announced by RIPE Region ASes: 40144 Total RIPE prefixes after maximum aggregation:26667 Prefixes being announced from the RIPE address blocks:37075 Unique aggregates announced from the RIPE address blocks: 24951 RIPE Region origin ASes present in the Internet Routing Table: 8515 RIPE Region origin ASes announcing only one prefix:4465 RIPE Region transit ASes present in the
Re: tech support being flooded due to IE 0day
Once again, ONE arguably off-topic post, followed by a non-stop stream of DOZENS of messages, for days, by self-appointed listcops. I'm sorry if the only thing which prompts you, and you know who you are, to post is that little rush of self-righteous adrenaline upon seeing a message you think is conceivably off-topic but resist the urge and sit on your hands or only send it to your imagined offender. It's a lot like shouting at the television set. Or, better, if you see something off-topic, POST A MESSAGE YOU FEEL IS ON-TOPIC, lead by example rather than by whining. Few things energize us more than another's sin. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Microsoft Support (was Re: tech support being flooded due to IE 0day)
On Fri, 22 Sep 2006, Paul Vixie wrote: For assistance with Microsoft security issues in the US, call (866) PC-SAFETY last but not least, according to http://isotf.org/zert/ there is a non-MSFT patch for the VML thing. i don't expect ISP's to recommend its use, due to liability reasons, but mentioning it or even proactively notifying about it might be a way to get people off the phone (or keep them from calling in). The largest residential ISPs, covering about 80% of the residential users of the Internet, also have an additional resource called GIAIS. GIAIS is a Microsoft supported group which gives ISP Operations, including help desks, a direct communications path with Microsoft. Microsoft makes the same PC-SAFETY Help Desk information it uses internally to GIAIS member ISP Help Desks so customers gets consistent answers whoever the customer calls. http://www.microsoft.com/serviceproviders/resources/securitygiais.mspx But more importantly GIAIS also provides a mechanism for ISPs to keep Microsoft up to date on the real-world situation. How many customers are being impacted, how many customers are calling ISP help desks with a particular security incidents, etc. By exchanging hard data through the GIAIS program, if necessary with appropriate non-disclosure agreements in place, ISPs can help Microsoft decide when to release accelerated patches or improved work-arounds until a patch is available. Unfortunately, Internet blogs and mailing lists are sometimes dominated by a few personalities that may be well-meaning, don't always have a good handle on relevant measurement data. Although computer professionals may understand the nuances, its probably better to keep the general message as simple as possible. For example, don't eat fresh spinach products. Its difficult enough to get residential users to patch their computers at all, let alone to evaluate third-party patches or phishers distributing fake patches. The simple message: For unmanaged Microsoft Windows computers, i.e. most home computers, turn on Automatic Windows Update. When this patch is available, your computer will get the patch directly from Microsoft; as well as future patches. Computer professionals should also review the relevant Microsoft security advisories and may evaluate whether third-party solutions are appropriate for their computer environment.
Re: Removal of my name
On Thu, Sep 21, 2006 at 09:38:15AM +0530, Suresh Ramasubramanian wrote: at least a rather updated version of ucb mail, that also does imap / pop / ssl / smtp + auth etc heirloom mailx aka nail - http://nail.sourceforge.net Try: http://heirloom.sourceforge.net/mailx.html. Moved to Heirloom. -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
On Thu, Sep 21, 2006 at 01:37:40PM -0400, Steven M. Bellovin wrote: On 21 Sep 2006 17:01:45 +, Paul Vixie [EMAIL PROTECTED] wrote: Paul, what exponent does the new key use? (I clicked on the public key link, but I can't decode the base64 that easily...) it was made with bind9's dnssec-keygen utility, using the -e option, so... -e use large exponent (RSAMD5/RSASHA1 only) ...hopefully it's a good exponent. (every few years someone tries to explain to me what a key exponent is, i think you steve have tried, but it just doesn't stick.) It's pretty simple, if you don't want to understand why it works... ;-) Not having committed the maths to heart, I might be able to explain it a little differently. Paul, I think you know the basic idea of what an exponent is. If you're raising one number to a certain power (say, 127 to the fifth power), then the power (5 in this example) is the exponent. 127^5 or 127**5 are ways in various of the thousands of computer languages in existence for expressing this. Many more languages just use functions. This exponent is used to encrypt or sign, by taking numbers calculated from what you want to encrypt, raising each one to the (exponent)th power, and doing a number of other mathematical operations on them. It matters what exponent you use. A bigger exponent isn't necessarily better - remember, I haven't committed the maths to heart, but I do recall Don Knuth's warning about choosing such numbers arbitrarily. Steve has pointed out that 3 is recommended for DNSSEC, and NIST likes 65537 [2^16 + 1]. I don't have the maths to say why, so I'll leave it at that. ;-) -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
Hmmm. It wouldn't have anything to do with prime numbers, now would it? :-) - ferg -- Joseph S D Yao [EMAIL PROTECTED] wrote: [snip] Steve has pointed out that 3 is recommended for DNSSEC, and NIST likes 65537 [2^16 + 1]. I don't have the maths to say why, so I'll leave it at that. -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
On Fri, Sep 22, 2006 at 11:39:51PM +, Fergie wrote: Hmmm. It wouldn't have anything to do with prime numbers, now would it? :-) Well, yes, but there are an infinite number of them. Of course, 17 is the most prime of them all. -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
Date: Fri, 22 Sep 2006 19:55:39 -0400 From: Joseph S D Yao [EMAIL PROTECTED] To: Fergie [EMAIL PROTECTED] Cc: nanog@merit.edu Subject: Re: fyi-- [dns-operations] early key rollover for dlv.isc.org On Fri, Sep 22, 2006 at 11:39:51PM +, Fergie wrote: Hmmm. It wouldn't have anything to do with prime numbers, now would it? :-) Well, yes, but there are an infinite number of them. Of course, 17 is the most prime of them all. isc.org announced the early key rollover just as a discussion about exponent 3 damage spreads on the cryptography list was heating up. This discussion started with a statement that: I've just noticed that BIND is vulnerable to: http://www.openssl.org/news/secadv_20060905.txt Executive summary: RRSIGs can be forged if your RSA key has exponent 3, which is BIND's default. Note that the issue is in the resolver, not the server. Fix: Upgrade OpenSSL. So I thought that the early key rollover was due to this. Yet it seems to me that this discussion is still recommending that -e 3 be used. Regards, GRegory hicks --- I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision. - Benjamin Franklin The best we can hope for concerning the people at large is that they be properly armed. --Alexander Hamilton
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
On Fri, 22 Sep 2006 19:29:31 -0400, Joseph S D Yao [EMAIL PROTECTED] wrote: Not having committed the maths to heart, I might be able to explain it a little differently. Well, yes, I did just teach the RSA equations to my Network Security class --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: Potentially on-Topic: is MSNBot for real?
On Fri, 22 Sep 2006, Simon Waters wrote: On Friday 22 Sep 2006 11:39, you wrote: Is this unusual, or what? Are search engines supposed to be amongst the biggest user agents recorded on a typical website? How much trolling and indexing is considered 'too much' ? Whenever it becomes a problem. If you don't have enough genuine traffic, and you don't have much, then the search engines will look like they are dominating it, as they are pretty thorough. I spose its all about scale. In a country of 4 million odd people, a website with a domestic focus in a niche area - 40,000 hits in 21 days is 'fair' IMHO. I've seen issues arise with some search bots, where they have discovered loops in a websites structure and downloaded multiple copies, or found novels links to dynamic content and indexed your entire database. So worth checking what pages they have been to, to see if those could be an issue. Good point. Thanks for the pointer. Off-list thoughts on this welcome if the operational relevance of this issue is questioned... Trust me, anything involving 40,000 hits is off-topic in Nanog, unless you have reason to believe the same 40,000 are happening to everyone on the net, or they took down 40,000 important websites. Seeing stats on sites much bigger than my own helps put perspective on it, so i'm already grateful for those who've responded. Most of the regular are just getting in, so expect to be flamed mercilessly. Anythings gotta be better tham beating on Gadi, right? =) Mark.
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
But of course. So ask yourself; What is special about 3 and 65537? - ferg -- Joseph S D Yao [EMAIL PROTECTED] wrote: On Fri, Sep 22, 2006 at 11:39:51PM +, Fergie wrote: Hmmm. It wouldn't have anything to do with prime numbers, now would it? :-) Well, yes, but there are an infinite number of them. Of course, 17 is the most prime of them all. [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
