Re: Strange static route
On Fri, Sep 23, 2011 at 8:57 PM, jim deleskie deles...@gmail.com wrote: Wouldn't it make more sense to filter in bound default? or use a single static default if you where worried about that? Yes, the aesthetics of using a /1 route for that purpose are very poor. Don't implement design objectives using subtle side-effects, when a proper tool is available -- human errors later are likely. Using a /1 static to achieve a longer prefix to override a default falls in that category, whenrouters have a filtering mechanism capable of explicitly expressing the desired policy :) -jim -- -JH
Re: Earthlink Contact - DNS cache poisoning
On Sep 24, 2011, at 9:07 PM, Christopher Morrow wrote: On Sat, Sep 24, 2011 at 8:51 PM, Jimmy Hess mysi...@gmail.com wrote: I think actually.. earthlink uses barefruit? (or they did when ... kaminsky was off doing his destruction of the dns liars gangs...) Maybe the same backend is used though for the advertizer side? (barefruit provides the appliance, some third-party is the advertiser/website-host... same for paxfire?) Barefruit was just for returning a search engine result for a NXDOMAIN response. It appears Earthlink is now using Paxfire to sniff and proxy a users traffic to at least one popular website. Besides the obvious privacy implications, it introduces a nice captcha on Google. - Will
Nxdomain redirect revenue
Just an fyi for anyone who has a marketing person dreaming up a big nxdomain redirect business cases, the stats are actually very very poor... it does not make much money at all. It is very important to ask the redirect partners about yields... meaning, you may find that less than 5% of nxdomain redirects can be actually served an ad page because 95%+ of nxd are printer lookups and such that cannot be served an ad page. Then from that less than 5% pool, the click through rates are around 1% Net net, no free money of any meaningful value. But, ymmv... but I don't think by much. Cb
Re: Earthlink Contact - DNS cache poisoning
On Sat, Sep 24, 2011 at 9:21 PM, Will Dean w...@willscorner.net wrote: On Sep 24, 2011, at 9:07 PM, Christopher Morrow wrote: On Sat, Sep 24, 2011 at 8:51 PM, Jimmy Hess mysi...@gmail.com wrote: I think actually.. earthlink uses barefruit? (or they did when ... kaminsky was off doing his destruction of the dns liars gangs...) Maybe the same backend is used though for the advertizer side? (barefruit provides the appliance, some third-party is the advertiser/website-host... same for paxfire?) Barefruit was just for returning a search engine result for a NXDOMAIN response. ah, paxfire does the same... It appears Earthlink is now using Paxfire to sniff and proxy a users traffic to at least one popular website. Besides the obvious privacy implications, it introduces a nice captcha on Google. hrm, they could simply use the appliances to answer: www.google.com - jomax.net-ns-answer which is a frontend simply 30[24]'ing off to the jomax-esque site... Oh, you get the captcha though via earthlink? that sucks :( -chris
Re: Nxdomain redirect revenue
On Sat, Sep 24, 2011 at 9:33 PM, Cameron Byrne cb.li...@gmail.com wrote: Just an fyi for anyone who has a marketing person dreaming up a big nxdomain redirect business cases, the stats are actually very very poor... it does not make much money at all. It is very important to ask the redirect partners about yields... meaning, you may find that less than 5% of nxdomain redirects can be actually served an ad page because 95%+ of nxd are printer lookups and such that cannot be served an ad page. Then from that less than 5% pool, the click through rates are around 1% Net net, no free money of any meaningful value. But, ymmv... but I don't think by much. that's some interesting data points, thanks! Cb
Re: Nxdomain redirect revenue
On Sat, Sep 24, 2011 at 8:33 PM, Cameron Byrne cb.li...@gmail.com wrote: Just an fyi for anyone who has a marketing person dreaming up a big nxdomain redirect business cases, the stats are actually very very poor... it does not make much money at all. It is very important to ask the redirect partners about yields... meaning, you may find that less than 5% of nxdomain redirects can be actually served Not to take any position on there being a business case for NXDOMAIN redirect, or not butthe percentage of NXdomain redirects that actually serve ads isn't too important. It's absolute numbers that matter, even if it's just 1% of NXDOMAINS by percent. The rest of the 99% are referred to as noise and aren't relevant for justifying or failing to justify. The important number is at what frequency the _average_ user will encounter the redirect while they are surfing.If a sufficient proportion of their users see the ads at a sufficient rate, then they will probably justify whatever cost they have for the ad serving. When they are doing this crappy stuff like redirecting google.com DNS to intercept search requests; I have little doubt that they are able to inject sufficient volume of ads to make some sort of business case behind thehijacking evilness. Regards, -- -JH
ATT Wireless outage in SoCal
Hearing rumblings of a major ATT Wireless outage in southern California. Anyone have more detail? Limited to cell towers or are transit circuits affected? -Chris