Re: Topicality and audiences [was Re: tech support being flooded due to IE 0day]
It doesn't matter who wrote: If you don't find network operations to be relevant, then by all means STOP POSTING TO THE GOD DAMNED NETWORK OPERATIONS MAILING LIST. Some of those, particularly those who *gasp* run networks, still find it relevent. If there is this much disagreement about your posts, maybe you should find a different place to make them. In spite of repeated rants like this one (I'm too tired and lazy to disguise the author of it further, the particular author here is not important), the problem is not What kind of list is NANOG? It really isn't. I don't think a strong case that many active posters here are confused about that it really hard to make. There really ought to be a moratorium on the question of what kind of a list is NANOG. The question has always been, in my my mind, What the hell does Operations mean to the participants here. (I have on several occasions said what I think it means to others, I'll spare me the agony of doing that again just now.) I have for years incorrectly assumed (nay, insisted) that Operations topics include just about everything that has to do with operating a network or networks, or network of networks. I don't think it includes the mindless, repetitive, numbing harassment of somebody that has an issue affecting his or her operation that either needs help, or wants to share a lesson learned. Frankly, a scholarly analysis of the archives (edited or not) would show, I'll bet, that there are more items about what is on topic than there are about any other subject-group. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006, Paul Vixie wrote: and yet, when i consider my nontechnical friends with their DSL and cablemodem connections, i know that if they get hit by an exploding DLL, their ISP is one of the likely places they will place a call. For assistance with Microsoft security issues in the US, call (866) PC-SAFETY If your Microsoft systems have been affected by a virus and you need help, you can get free virus-related assistance from Microsoft in the United States and Canada via a toll-free support hot line, (866) PC-SAFETY (727-2338). For support outside the United States and Canada, please contact your Microsoft Help and Support worldwide.
Re: tech support being flooded due to IE 0day
i've assumed that the hardcore bgp engineering community now meets elsewhere. Or perhaps BGP engineering hasn't changed in so many years that it is now more than adequately covered by books, certificate courses, and internal sharing of expertise. Lists are good for things that are new or confusing or difficult. BGP no longer fits into those categories. (c) the flames completely outweigh gadi's own original posts, Words of wisdom. I was wondering when someone would point this out. and (d) some of the folks lurking here actually tell me that they benefit from gadi's stuff. And, no doubt, they tell Gadi too which is why he continues to post on this list and does not seem to be wounded by the flaming arrows sent his way. ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email [EMAIL PROTECTED] Now that is on topic. Maybe we need more advertising on the list to make people happy? --Michael Dillon
Re: tech support being flooded due to IE 0day
To the people who say we throw in the towel and just say Gadi will never stop posting off-topic crap, so why bother trying to correct him?, I'd suggest that this is a self-defeating attitude. Not only because Gadi could actually be posting useful stuff if set on the right path as to what is appropriate and what is not, but because 10,000 other people are going to be reading that post and thinking that this is appropriate subject matter. One off-topic post you can delete, but an entire list which has been co-opted by off-topic material can not be fixed. I agree with you 100%. Please give us your list of *ALL* the topics that you think are appropriate for this list. --Michael Dillon P.S. Note that I do not agree that anyone has yet tried to correct Gadi. All I have seen is bellyaching on a personal level, i.e. person A does not like person B's message. To set everyone on the right path we need a description of the path itself.
RE: tech support being flooded due to IE 0day
P.S. Note that I do not agree that anyone has yet tried to correct Gadi. i guess what i've found most bemusing about this whole thread is -- i went looking for the first email Gadi posted. turns out that his posting habits have convinced Outlook that his email is junk - and _all_ of his posts are in the Junk EMail folder. i was bemused. jury is out of Outlook is showing self-intelligence or not! cheers, lincoln.
[Closed-Dead-OT-CloseMe]Re: tech support being flooded due to IE 0day
On 22 Sep 2006, at 11:06, Lincoln Dale wrote: P.S. Note that I do not agree that anyone has yet tried to correct Gadi. i guess what i've found most bemusing about this whole thread is -- i went looking for the first email Gadi posted. turns out that his posting habits have convinced Outlook that his email is junk - and _all_ of his posts are in the Junk EMail folder. i was bemused. jury is out of Outlook is showing self-intelligence or not! cheers, lincoln. Could we please close this thread now? I believe it is well off-topic. Thank you
Re: tech support being flooded due to IE 0day
Richard A Steenbergen wrote: Unless we're ready to admit that NANOG is completely and totally worthless as a forum for discussing network operations, people NEED to step up and take responsibility for the self policing that we're all supposed to be doing in srh's absence. I think you meant to say the self policing the mailing list committee has been begging for. srh (or any chunk of Merit, per se) != mailing list administration panel Let's embrace the reform movement, and let NANOG be NANOG, albeit with a lot more taste and a lot less filler. pt
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006 10:11:20 +0100 [EMAIL PROTECTED] wrote: Or perhaps BGP engineering hasn't changed in so many years that it is now more than adequately covered by books, certificate courses, and internal sharing of expertise. Lists are good for things that are new or confusing or difficult. BGP no longer fits into those categories. In other words, this should be a focussed, low volume list. and (d) some of the folks lurking here actually tell me that they benefit from gadi's stuff. And, no doubt, they tell Gadi too which is why he continues to post on this list and does not seem to be wounded by the flaming arrows sent his way. In other words, the some people think that the goal of a mailing list should be to keep a minimum volume of email going through it rather than keeping it focussed and useful. -- D'Arcy J.M. Cain darcy@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: tech support being flooded due to IE 0day
[EMAIL PROTECTED] (Sean Donelan) writes: For assistance with Microsoft security issues in the US, call (866) PC-SAFETY according to http://www.eweek.com/article2/0,1895,2019162,00.asp, microsoft has not released a patch for the VML thing, so calling (866) PC-SAFETY isn't going to be a universal fix (and who will $user call after that, we wonder?) according to http://www.websense.com/securitylabs/alerts/alert.php?AlertID=628, there is now malware-in-the-field that exploits the VML thing. and according to http://www.auscert.org.au/render.html?it=6771, there's already phishing. last but not least, according to http://isotf.org/zert/ there is a non-MSFT patch for the VML thing. i don't expect ISP's to recommend its use, due to liability reasons, but mentioning it or even proactively notifying about it might be a way to get people off the phone (or keep them from calling in). (i'll remove the ISC training ad from my .signature for this post, since i've gone way over my NANOG quota here -- three messages in 24 hours, oops.) -- Paul Vixie
Re: tech support being flooded due to IE 0day
Once again, ONE arguably off-topic post, followed by a non-stop stream of DOZENS of messages, for days, by self-appointed listcops. I'm sorry if the only thing which prompts you, and you know who you are, to post is that little rush of self-righteous adrenaline upon seeing a message you think is conceivably off-topic but resist the urge and sit on your hands or only send it to your imagined offender. It's a lot like shouting at the television set. Or, better, if you see something off-topic, POST A MESSAGE YOU FEEL IS ON-TOPIC, lead by example rather than by whining. Few things energize us more than another's sin. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Microsoft Support (was Re: tech support being flooded due to IE 0day)
On Fri, 22 Sep 2006, Paul Vixie wrote: For assistance with Microsoft security issues in the US, call (866) PC-SAFETY last but not least, according to http://isotf.org/zert/ there is a non-MSFT patch for the VML thing. i don't expect ISP's to recommend its use, due to liability reasons, but mentioning it or even proactively notifying about it might be a way to get people off the phone (or keep them from calling in). The largest residential ISPs, covering about 80% of the residential users of the Internet, also have an additional resource called GIAIS. GIAIS is a Microsoft supported group which gives ISP Operations, including help desks, a direct communications path with Microsoft. Microsoft makes the same PC-SAFETY Help Desk information it uses internally to GIAIS member ISP Help Desks so customers gets consistent answers whoever the customer calls. http://www.microsoft.com/serviceproviders/resources/securitygiais.mspx But more importantly GIAIS also provides a mechanism for ISPs to keep Microsoft up to date on the real-world situation. How many customers are being impacted, how many customers are calling ISP help desks with a particular security incidents, etc. By exchanging hard data through the GIAIS program, if necessary with appropriate non-disclosure agreements in place, ISPs can help Microsoft decide when to release accelerated patches or improved work-arounds until a patch is available. Unfortunately, Internet blogs and mailing lists are sometimes dominated by a few personalities that may be well-meaning, don't always have a good handle on relevant measurement data. Although computer professionals may understand the nuances, its probably better to keep the general message as simple as possible. For example, don't eat fresh spinach products. Its difficult enough to get residential users to patch their computers at all, let alone to evaluate third-party patches or phishers distributing fake patches. The simple message: For unmanaged Microsoft Windows computers, i.e. most home computers, turn on Automatic Windows Update. When this patch is available, your computer will get the patch directly from Microsoft; as well as future patches. Computer professionals should also review the relevant Microsoft security advisories and may evaluate whether third-party solutions are appropriate for their computer environment.
tech support being flooded due to IE 0day
Hi guys, several ISP's are experiencing a flood of calls from customers who get failed installations of the recent IE 0day - VML - (vgx.dll). If you are getting such floods too, this is why. This is currently discussed on the botnets@ list, as raised by Cox, and I figured I will float it out here. No patch is currently available from Microsoft, workaround are available. Gadi.
Re: tech support being flooded due to IE 0day
On Thu, Sep 21, 2006 at 08:06:13PM -0500, Gadi Evron wrote: Hi guys, several ISP's are experiencing a flood of calls from customers who get failed installations of the recent IE 0day - VML - (vgx.dll). If you are getting such floods too, this is why. This is currently discussed on the botnets@ list, as raised by Cox, and I figured I will float it out here. No patch is currently available from Microsoft, workaround are available. Ok I'll admit I've been reading less and less of this godforsaken list with each passing day, but at what point did we change the name to North American Network Tech Support Operators Group? Was the memo distributed via HTML e-mail only or something? Maybe it was redacted from the archives so I didn't see it... Seriously Gadi, what *possible* relevence could this have to network operations? -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: tech support being flooded due to IE 0day
Gadi Evron wrote: Hi guys, several ISP's are experiencing a flood of calls from customers who get failed installations of the recent IE 0day - VML - (vgx.dll). If you are getting such floods too, this is why. This is currently discussed on the botnets@ list, as raised by Cox, and I figured I will float it out here. No patch is currently available from Microsoft, workaround are available. Gadi. And this has to do with Network Operations in what way? -Bill -- Bill Sehmel - [EMAIL PROTECTED] -- 1-703-288-3081 Systems Administrator, HopOne Internet Corp. DCA2 NOC Bandwidth full range of carrier/web host colo + networking services: http://www.hopone.netASN 14361
Re: tech support being flooded due to IE 0day
On Thu, 21 Sep 2006, Bill Sehmel wrote: Gadi Evron wrote: Hi guys, several ISP's are experiencing a flood of calls from customers who get failed installations of the recent IE 0day - VML - (vgx.dll). If you are getting such floods too, this is why. This is currently discussed on the botnets@ list, as raised by Cox, and I figured I will float it out here. No patch is currently available from Microsoft, workaround are available. Gadi. And this has to do with Network Operations in what way? In my book, if very large ISPs abuse desks become saturated, this is a problem ISPs face. Most ISPs would like to know how to respond to these questions, as well as know what's going on. Are you telling me tech support overflow at this immense scale does not affect the ISP and its network staff as well? It's not BGP, it's on-topic to others here. Gadi.
Re: tech support being flooded due to IE 0day
On Thu, 21 Sep 2006, Gadi Evron wrote: Are you telling me tech support overflow at this immense scale does not affect the ISP and its network staff as well? define 'immense scale' ... no calls here... so 'immense scale' in this case is 'nothing'. No, one thing you might say is that increased (channelling Vijay here...) calls from customers means increased 'Support Cost' and decreased profit margin over time. I'd also say: 1) how is this different from a large scale network outage for a provider 2) how is this different from any other large worm outbreak thing 3) is this blackworm all over again? (all hype no bite... byte?) -Chris
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006, Christopher L. Morrow wrote: On Thu, 21 Sep 2006, Gadi Evron wrote: Are you telling me tech support overflow at this immense scale does not affect the ISP and its network staff as well? define 'immense scale' ... no calls here... so 'immense scale' in this case is 'nothing'. No, one thing you might say is that increased (channelling Vijay here...) calls from customers means increased 'Support Cost' and decreased profit Thank you for providing me with a correct explanation. margin over time. I'd also say: 1) how is this different from a large scale network outage for a provider Exactly the same, only seen at a few, so is likely to be seen with others. 2) how is this different from any other large worm outbreak thing It's not. 3) is this blackworm all over again? (all hype no bite... byte?) A lot of bite. Unfortunately. Every month on the third many still lose their files. What was interesting to nanog then was the IMMENSE global cooperation and coordination, encompassing too many and working, to mitigate it. Unless some us us, others here try and keep nanog in the loop. I know this interested many here, and nanog is the best way to reach them. Such occasional operational issues not interesting to you are interesting to us. These emails cause more disturbance. Is nanog to be BGP only? Please let me know and I won't email these here. Simple enough. If not, we all take note of what is interesting to us. Gadi. -Chris
Re: tech support being flooded due to IE 0day
On Sep 21, 2006, at 10:11 PM, Christopher L. Morrow wrote: On Thu, 21 Sep 2006, Gadi Evron wrote: Are you telling me tech support overflow at this immense scale does not affect the ISP and its network staff as well? define 'immense scale' ... no calls here... so 'immense scale' in this case is 'nothing'. I'm seeing email saying my employer's (large broadband) call centers are taking extremely high call volumes due they believe to this exploit. I don't think this is a case of crying wolf, since there are apparently several broadband providers who are getting hit with this, based on Gadi's email. I'll leave the flamewar as to whether this is on topic for NANOG or not to the experts. Bob
Re: tech support being flooded due to IE 0day
On Thu, 21 Sep 2006, Dave Stewart wrote: At 10:28 PM 9/21/2006, you wrote: 2) how is this different from any other large worm outbreak thing It's not. Which makes it operational in which sense? I'm starting to think that these alerts need to be filed along with the daily OMG, evil people are taking over your computer if you don't send this to at least 10 people IMs. Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Thanks, Gadi.
Re: tech support being flooded due to IE 0day
On Thu, Sep 21, 2006, Gadi Evron wrote: Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) Adrian
Re: tech support being flooded due to IE 0day
On Fri, 22 Sep 2006, Adrian Chadd wrote: On Thu, Sep 21, 2006, Gadi Evron wrote: Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) Not like Bagle did, to my knowledge. That said, this is spreading at an increasing rate that is unbelievable. That means worms, bots, and yes, ISP support, network and system personnel time depending on ISP. Adrian
Re: tech support being flooded due to IE 0day
On Fri, Sep 22, 2006 at 12:01:58PM +0800, Adrian Chadd wrote: On Thu, Sep 21, 2006, Gadi Evron wrote: Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) I was thinking sql-slammer, massive flood causing signifcant amount of network infrastructure to go down. (people on low speed links with large blocks of address space were DoS'ed off the network). I don't think of drive-by browser/desktop infection as a networking issue, more of an end-host issue. - Jared -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: tech support being flooded due to IE 0day
Gadi Evron wrote: On Thu, 21 Sep 2006, Dave Stewart wrote: At 10:28 PM 9/21/2006, you wrote: 2) how is this different from any other large worm outbreak thing It's not. Which makes it operational in which sense? I'm starting to think that these alerts need to be filed along with the daily OMG, evil people are taking over your computer if you don't send this to at least 10 people IMs. Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Gadi, your initial query lacked the factual background that would have been useful for someone to decide if it was relevant to them or not. While I do believe that the intersection of host and applications issues and networking has applicability here I will make two observations that I hope are not wildly off the mark. Many of the people on the operations side of networks do not spend a lot of time on security mailing lists. They also don't spend a lot of time looking into their own support organizations until until problems get escalated to them, so your initial post could have used more background. Even in an enterprise it's really hard to justify the expenditure that a rapid response to a host security problem involves. For an isp which is not likely to be in the position to recover the cost of being reactive let alone pro-active I can't imagine how they would possibly support desktop issues like this. joelja Thanks, Gadi. -- Joel Jaeggli Unix Consulting [EMAIL PROTECTED] GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Re: tech support being flooded due to IE 0day
On Thu, 21 Sep 2006, Joel Jaeggli wrote: Gadi, your initial query lacked the factual background that would have been useful for someone to decide if it was relevant to them or not. While I do believe that the intersection of host and applications issues and networking has applicability here I will make two observations that I hope are not wildly off the mark. Many of the people on the operations side of networks do not spend a lot of time on security mailing lists. They also don't spend a lot of time looking into their own support organizations until until problems get escalated to them, so your initial post could have used more background. Even in an enterprise it's really hard to justify the expenditure that a rapid response to a host security problem involves. For an isp which is not likely to be in the position to recover the cost of being reactive let alone pro-active I can't imagine how they would possibly support desktop issues like this. Thank you, I will make sure and learn from this in the future! Gadi. joelja Thanks, Gadi. -- Joel Jaeggli Unix Consulting [EMAIL PROTECTED] GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Re: tech support being flooded due to IE 0day
Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) I was thinking sql-slammer, massive flood causing signifcant amount of network infrastructure to go down. (people on low speed links with large blocks of address space were DoS'ed off the network). I don't think of drive-by browser/desktop infection as a networking issue, more of an end-host issue. - Jared so, how many netops folks use or are forced to use IE in the mgmt of their particular sector of an IP network? netops being deaf/blind; ... the MRTG/Cricket graphs are not visable... does that mean nothing is happening?... might be considered operationaly significant. Or not.. YMMV... --bill
Re: tech support being flooded due to IE 0day
[EMAIL PROTECTED] (Jared Mauch) writes: I was thinking sql-slammer, massive flood causing signifcant amount of network infrastructure to go down. (people on low speed links with large blocks of address space were DoS'ed off the network). right. I don't think of drive-by browser/desktop infection as a networking issue, more of an end-host issue. given that network operations now includes all kinds of non-bgp activities like datacenter design, tcp syn flood protection, nonrandom initial tcp sequence number prediction, and a googolplex or two of other issues, i've assumed that the hardcore bgp engineering community now meets elsewhere. (i wouldn't be needed or welcome there if so, so i'm just guessing.) so, for lack of a better forum, things that can beat the hell out of your abuse desk does indeed seem like safe fare for nanog@ in 2006, even though in 1996 maybe not so much so. (hell, in 1996 one could still send MIME attachments to abuse desks, since they were generally running solaris on NCD terminals rather than microsoft outlook, and attachments were just opaque data, grrr.) can we all agree to stop shooting the messenger? every time gadi speaks up here, three or four folks bawl him out for being off-topic. time has proved that (a) gadi's not going to STFU no matter whether he's flamed or isn't, (b) those flaming arrows sticking out of his chest don't seem to injure him at all, (c) the flames completely outweigh gadi's own original posts, and (d) some of the folks lurking here actually tell me that they benefit from gadi's stuff. henceforth if you see a post, a poster, or a thread that you aren't interested in, just hit delete. it'll save more bandwidth than flaming about it would. -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email [EMAIL PROTECTED] -- Paul Vixie
Re: tech support being flooded due to IE 0day
[EMAIL PROTECTED] (Joel Jaeggli) writes: Even in an enterprise it's really hard to justify the expenditure that a rapid response to a host security problem involves. For an isp which is not likely to be in the position to recover the cost of being reactive let alone pro-active I can't imagine how they would possibly support desktop issues like this. and yet, when i consider my nontechnical friends with their DSL and cablemodem connections, i know that if they get hit by an exploding DLL, their ISP is one of the likely places they will place a call. and then they'll carefully nav their way through what they call voice mail hell until they can talk to a live operator, no matter how complex that is, no matter how many steps, and no matter how much musak-on-hold they'll have to listen to. the perfect storm is a million extra customers calling over the course of a week just to explain that they have exploding DLL symptoms and listen to a live operator tell them that this isn't a network problem and they should contact the dealer where they bought their computer, which is likely CostCo. assuming that this takes less than 60 seconds per affected customer, it's still a nasty unbudgeted expense and as a secondary burn it will make real network problems harder to report. -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email [EMAIL PROTECTED] -- Paul Vixie
Re: tech support being flooded due to IE 0day
Paul Vixie wrote: [EMAIL PROTECTED] (Joel Jaeggli) writes: Even in an enterprise it's really hard to justify the expenditure that a rapid response to a host security problem involves. For an isp which is not likely to be in the position to recover the cost of being reactive let alone pro-active I can't imagine how they would possibly support desktop issues like this. snip the perfect storm is a million extra customers calling over the course of a week just to explain that they have exploding DLL symptoms and listen to a live operator tell them that this isn't a network problem and they should contact the dealer where they bought their computer, which is likely CostCo. assuming that this takes less than 60 seconds per affected customer, it's still a nasty unbudgeted expense and as a secondary burn it will make real network problems harder to report. Indeed. I'm fairly certain that in the life-cycle of some network maladies that decision has to be made as to whether you want to go out of business sooner (no more customers) or later (costs). When given the choice, I prefer the later. -- Joel Jaeggli Unix Consulting [EMAIL PROTECTED] GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Re: tech support being flooded due to IE 0day
On Thu, 21 September 2006 21:01:51 -0400, Richard A Steenbergen wrote: [..] Seriously Gadi, what *possible* relevence could this have to network operations? that, and a thread where half of the posts are from the initial poster himself anyway. but then, happily watching him, at least he is creative in topics... i am mentally killfilling his threads anyway, less and less relevant. it is scary what stuff is discussed lately. -ako
Re: tech support being flooded due to IE 0day
On Fri, Sep 22, 2006 at 12:11:33AM -0400, Jared Mauch wrote: Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) I was thinking sql-slammer, massive flood causing signifcant amount of network infrastructure to go down. (people on low speed links with large blocks of address space were DoS'ed off the network). I don't think of drive-by browser/desktop infection as a networking issue, more of an end-host issue. Even more to the point, a lot of people with network infrastructure that couldn't handle random destination traffic were affected. Such impact is precisely the kind of thing that should be discussed on NANOG, both from an operational how do we deal with this and a design what you should know about your gear when it doesn't have a prepopulated table in its fast path perspective. A web browser crapping out has nothing to do with networks, or network operations. I'm not aware of any network of any consequence where the people who run, design, or build the infrastructure have any relationship to end user tech support call centers. I'm sure there are many fines places where this particular issue is great on-topic discussion, but since as Gadi said it not only has nothing to do with BGP but nothing to do with networks at all, this just isn't it. To the people who say we throw in the towel and just say Gadi will never stop posting off-topic crap, so why bother trying to correct him?, I'd suggest that this is a self-defeating attitude. Not only because Gadi could actually be posting useful stuff if set on the right path as to what is appropriate and what is not, but because 10,000 other people are going to be reading that post and thinking that this is appropriate subject matter. One off-topic post you can delete, but an entire list which has been co-opted by off-topic material can not be fixed. Unless we're ready to admit that NANOG is completely and totally worthless as a forum for discussing network operations, people NEED to step up and take responsibility for the self policing that we're all supposed to be doing in srh's absence. -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: tech support being flooded due to IE 0day
Ok so: 1) Gadi sends his org email out stating bla bla bl abla 2) a dozen people reply back with to-all.. which causes further controversy 3) Gadi replys, trying to save him self Can we please keep the flamewar offlist! .. if you got something to say.. say it to the person and not the entire list of people on nanog! -ps, my apologies for contributing to this useless thread and mass listing nanog. -Payam On Fri, 22 Sep 2006, Adrian Chadd wrote: On Thu, Sep 21, 2006, Gadi Evron wrote: Paranoia has its place, but this ain't the place. The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems. Does it impact the network operation? Eg, does it adversely affect the network? (say, like Beagle did.) Not like Bagle did, to my knowledge. That said, this is spreading at an increasing rate that is unbelievable. That means worms, bots, and yes, ISP support, network and system personnel time depending on ISP. Adrian -- -- Payam Tarverdyan Chychi Network Analyst
