Re: S.Korea broadband firm sues Netflix after traffic surge

2021-10-19 Thread Owen DeLong via NANOG 


> On Oct 19, 2021, at 08:47 , Tom Beecher  wrote:
> 
> Vs. an ISP that is causing the problem or trying to run a protection racket 
> against content providers, I think it wouldn’t be hard for the content
> provider to supply appropriate messaging inserted at the front end of 
> playback to explain the situation to their mutual customers. Instead of the
> typical FBI notice, imagine the movie starting with an ad that explains how 
> the ISP is trying to increase consumer costs by forcing Netflix to
> pass along additional fees paid to the ISP to deliver content the customer 
> has already paid said same ISP to deliver.
> 
> Wouldn't be hard, but doubtful it would be effective. 
> 
> Consumers already get the same message on a few TV channels during the annual 
> carriage dispute-a-palooza, with both sides telling them to call the other 
> one to complain. It clearly doesn't work. 

I don’t think that’s as commonplace in S. Korea as it is here.

It appears that the Netflix Verizon notices had the desired effect.

> Outside of our sphere, nobody cares about this stuff. They just want their 
> thing to work. 

Agreed… The trick is which side is able to convince the users that the other is 
the one preventing that.

Owen

> 
> On Mon, Oct 18, 2021 at 9:37 PM Owen DeLong via NANOG  > wrote:
> 
> 
> > On Oct 18, 2021, at 14:48 , Jay Hennigan  > > wrote:
> > 
> > On 10/18/21 07:02, Josh Luthman wrote:
> > 
> >>Netflix, as an example, has even been willing to bear most of the cost
> >>with peering or bringing servers to ISPs to reduce the ISP's costs and
> >>improve the ISP customer's experience.
> > 
> > Netflix doesn't do those things because it cares about the ISP's costs and 
> > the ISP customers' experience.
> > 
> > Netflix does these things because Netflix cares about Netflix's costs and 
> > Netflix's customers' experience.
> 
> Of course, that doesn’t change the fact that it does lower the ISP’s costs 
> and improve the ISP customers’ experience.
> 
> >>It's about time Netflix played
> >>chicken with one of these ISPs and stopped offering service  (or
> >>offered
> >>limited service) to the ISPs that try to extort them and other content
> >>providers:
> > 
> > Then Netflix would risk losing those customers, especially if the ISP in 
> > question is a cable company or offers its own video streaming services.
> 
> Vs. an ISP that is causing the problem or trying to run a protection racket 
> against content providers, I think it wouldn’t be hard for the content
> provider to supply appropriate messaging inserted at the front end of 
> playback to explain the situation to their mutual customers. Instead of the
> typical FBI notice, imagine the movie starting with an ad that explains how 
> the ISP is trying to increase consumer costs by forcing Netflix to
> pass along additional fees paid to the ISP to deliver content the customer 
> has already paid said same ISP to deliver.
> 
> Somehow, I don’t see the ISP doing well against such a PR onslaught.
> 
> > Also, by peering and bringing servers to ISPs, Netflix improves its 
> > customers' experience and reduces Netflix's costs because they no longer 
> > need to pay a transit provider to deliver content.
> 
> Where the ISP in question isn’t trying to force them to pay transit costs 
> within said eyeball network, sure. But in SK’s case, it looks like they’re 
> trying to force Netflix to pay to reach their eyeballs, even though the 
> eyeballs in question are already paying them to deliver Netflix (and other) 
> content.
> 
> >>Sorry, your service provider does not believe in net
> >>neutrality and has imposed limitations on your Netflix experience.
> > 
> > They actually did pretty much exactly that with Verizon back in 2014.
> > 
> > https://www.cnet.com/tech/home-entertainment/netflix-takes-aim-at-verizon-over-slow-data-speeds/
> >  
> > 
> 
> It appears to have worked out fairly well for them, too.
> 
> Owen
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Baldur Norddahl 
On Tue, 19 Oct 2021 at 19:20, Kain, Becki (.)  wrote:

> The thing is, who is in office to care?  Oh wait, guess equipment *is*
> important
>
>
For how long did you keep up with the evacuation of the equipment? :-)

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Neil Hanlon 
scammers and attackers aren't well known for their eloquent prose...

As soon as you decide to not take one thing seriously, how do you draw the
line? three spelling mistakes and the wrong tense of a verb means its fake?
I'd rather not play chicken with peoples' lives.


On Tue, Oct 19, 2021, 14:11 Matt Hoppes 
wrote:

> Honestly, for how 'spammy' that e-mail looked it's hard to believe
> anyone took it seriously - but also, you never know.
>
> On 10/19/21 12:51 PM, Jon Sands wrote:
> > The kid sending these (if it is Bytefend, who has a history/tweets of
> > bragging about attacking Frantech within the past month if I understand
> > correctly) is going to be looking at serious jail time given the amount
> > of evacuations he's caused already. A brief list:
> >
> >
> https://abc6onyourside.com/news/local/police-clear-downtown-columbus-building-after-bomb-threat-10-19-2021
> >
> >
> https://miami.cbslocal.com/2021/10/19/miami-att-call-center-evacuated-bomb-threat/
> >
> >
> https://www.wwlp.com/news/local-news/franklin-county/greenfield-police-and-fire-investigate-bomb-threat-at-gcet/amp/
> >
> >
> https://www.mystateline.com/news/local-news/rockford-university-evacuated-due-to-bomb-threat/amp/
> >
> > https://globalnews.ca/news/8274492/bomb-threats-kitchener-waterloo/amp/
> >
> > https://amp.newsobserver.com/news/local/crime/article255116937.html
> >
> >
> https://www.technicianonline.com/news/nc-state-receives-bomb-threat-university-police-close-section-of-hillsborough-st/article_2ceca39e-30ea-11ec-a068-47bacab4a0f0.html
> >
> > On Tue, Oct 19, 2021, 11:30 AM Miles Fidelman
> > mailto:mfidel...@meetinghouse.net>> wrote:
> >
> > Matt Hoppes wrote:
> >  > I've now heard from several operators - our selves included -
> about
> >  > getting an e-mail bomb threat to our datacenters asking for
> > $5,000 USD
> >  > or the "bomb will be detonated".
> >  >
> >  > Is this being seen on a wide spread e-mail blast to the RIR
> > contacts,
> >  > or am I just unlucky to know like 6 other data center folks who
> have
> >  > also gotten this e-mail?
> >  >
> >  >  It seems like a very odd/bizarre spam/threat campaign which would
> >  > carry significant jail time.
> >
> > And now I REALLY want to get moving on a service to drop a drone on
> > spammers.  (Active Countermeasures!)
> >
> > Miles Fidelman
> >
> > --
> > In theory, there is no difference between theory and practice.
> > In practice, there is.   Yogi Berra
> >
> > Theory is when you know everything but nothing works.
> > Practice is when everything works but no one knows why.
> > In our lab, theory and practice are combined:
> > nothing works and no one knows why.  ... unknown
> >
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Matt Hoppes 
Honestly, for how 'spammy' that e-mail looked it's hard to believe 
anyone took it seriously - but also, you never know.


On 10/19/21 12:51 PM, Jon Sands wrote:
The kid sending these (if it is Bytefend, who has a history/tweets of 
bragging about attacking Frantech within the past month if I understand 
correctly) is going to be looking at serious jail time given the amount 
of evacuations he's caused already. A brief list:


https://abc6onyourside.com/news/local/police-clear-downtown-columbus-building-after-bomb-threat-10-19-2021

https://miami.cbslocal.com/2021/10/19/miami-att-call-center-evacuated-bomb-threat/

https://www.wwlp.com/news/local-news/franklin-county/greenfield-police-and-fire-investigate-bomb-threat-at-gcet/amp/

https://www.mystateline.com/news/local-news/rockford-university-evacuated-due-to-bomb-threat/amp/

https://globalnews.ca/news/8274492/bomb-threats-kitchener-waterloo/amp/

https://amp.newsobserver.com/news/local/crime/article255116937.html

https://www.technicianonline.com/news/nc-state-receives-bomb-threat-university-police-close-section-of-hillsborough-st/article_2ceca39e-30ea-11ec-a068-47bacab4a0f0.html

On Tue, Oct 19, 2021, 11:30 AM Miles Fidelman 
mailto:mfidel...@meetinghouse.net>> wrote:


Matt Hoppes wrote:
 > I've now heard from several operators - our selves included - about
 > getting an e-mail bomb threat to our datacenters asking for
$5,000 USD
 > or the "bomb will be detonated".
 >
 > Is this being seen on a wide spread e-mail blast to the RIR
contacts,
 > or am I just unlucky to know like 6 other data center folks who have
 > also gotten this e-mail?
 >
 >  It seems like a very odd/bizarre spam/threat campaign which would
 > carry significant jail time.

And now I REALLY want to get moving on a service to drop a drone on
spammers.  (Active Countermeasures!)

Miles Fidelman

-- 
In theory, there is no difference between theory and practice.

In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

RE: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Kain, Becki (.) 
The thing is, who is in office to care?  Oh wait, guess equipment *is* important


-Original Message-
From: NANOG  On Behalf Of Sadiq Saif
Sent: Tuesday, October 19, 2021 9:11 AM
To: nanog@nanog.org
Subject: Re: Anyone else getting the 'spam' bomb threat?

WARNING: This message originated outside of Ford Motor Company. Use caution 
when opening attachments, clicking links, or responding.


On Tue, 19 Oct 2021, at 08:40, Matt Hoppes wrote:
> Are you contacting your LEO?  Or is this so spammy just hit delete?
>
> I feel like even spam chosen poorly comes with consequences.

I hit delete after I saw Frantech had already reported it the FBI as per their 
website.

Whoever this is seems to be scraping ASN WHOIS data, the spam got sent to the 
noc@ address that's in whois for my ASN and IP space.
--
Sadiq Saif
https://clicktime.symantec.com/3CGqBWqm6zQeVfjidfCLhna7Vc?u=https%3A%2F%2Fbastetrix.com

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Jon Sands 
The kid sending these (if it is Bytefend, who has a history/tweets of
bragging about attacking Frantech within the past month if I understand
correctly) is going to be looking at serious jail time given the amount of
evacuations he's caused already. A brief list:

https://abc6onyourside.com/news/local/police-clear-downtown-columbus-building-after-bomb-threat-10-19-2021

https://miami.cbslocal.com/2021/10/19/miami-att-call-center-evacuated-bomb-threat/

https://www.wwlp.com/news/local-news/franklin-county/greenfield-police-and-fire-investigate-bomb-threat-at-gcet/amp/

https://www.mystateline.com/news/local-news/rockford-university-evacuated-due-to-bomb-threat/amp/

https://globalnews.ca/news/8274492/bomb-threats-kitchener-waterloo/amp/

https://amp.newsobserver.com/news/local/crime/article255116937.html

https://www.technicianonline.com/news/nc-state-receives-bomb-threat-university-police-close-section-of-hillsborough-st/article_2ceca39e-30ea-11ec-a068-47bacab4a0f0.html

On Tue, Oct 19, 2021, 11:30 AM Miles Fidelman 
wrote:

> Matt Hoppes wrote:
> > I've now heard from several operators - our selves included - about
> > getting an e-mail bomb threat to our datacenters asking for $5,000 USD
> > or the "bomb will be detonated".
> >
> > Is this being seen on a wide spread e-mail blast to the RIR contacts,
> > or am I just unlucky to know like 6 other data center folks who have
> > also gotten this e-mail?
> >
> >  It seems like a very odd/bizarre spam/threat campaign which would
> > carry significant jail time.
>
> And now I REALLY want to get moving on a service to drop a drone on
> spammers.  (Active Countermeasures!)
>
> Miles Fidelman
>
> --
> In theory, there is no difference between theory and practice.
> In practice, there is.   Yogi Berra
>
> Theory is when you know everything but nothing works.
> Practice is when everything works but no one knows why.
> In our lab, theory and practice are combined:
> nothing works and no one knows why.  ... unknown
>
>

Your opinion on Internet monitoring and measurements - a 10min survey

2021-10-19 Thread Pavlos Sermpezis 
Hi all,

Do you use Internet monitoring and measurements (e.g., RIPEstat, RIPE
RIS/Atlas, RouteViews, bgp.he.net, etc.) for your operations? What are your
use cases?

We (researchers) are trying to identify limitations and biases of the
Internet monitoring infrastructure, and come up with ideas to fix them.

We would like to hear your opinion! Please help us by answering our short
anonymous survey; it should take less than 10min.

Survey URL: https://forms.gle/9xJpYFw3PBo8KShz9


Thank you in advance,
Pavlos Sermpezis

PS. You can find more about our research project (funded by RIPE NCC) here
https://sermpezis.github.io/ai4netmon/

-- 

Pavlos Sermpezis
Postdoctoral researcher
Datalab (https://datalab.csd.auth.gr/)
Informatics Dept.
Aristotle University of Thessaloniki, Greece

Re: S.Korea broadband firm sues Netflix after traffic surge

2021-10-19 Thread Tom Beecher 
>
> Vs. an ISP that is causing the problem or trying to run a protection
> racket against content providers, I think it wouldn’t be hard for the
> content
> provider to supply appropriate messaging inserted at the front end of
> playback to explain the situation to their mutual customers. Instead of the
> typical FBI notice, imagine the movie starting with an ad that explains
> how the ISP is trying to increase consumer costs by forcing Netflix to
> pass along additional fees paid to the ISP to deliver content the customer
> has already paid said same ISP to deliver.
>

Wouldn't be hard, but doubtful it would be effective.

Consumers already get the same message on a few TV channels during the
annual carriage dispute-a-palooza, with both sides telling them to call the
other one to complain. It clearly doesn't work.

Outside of our sphere, nobody cares about this stuff. They just want their
thing to work.

On Mon, Oct 18, 2021 at 9:37 PM Owen DeLong via NANOG 
wrote:

>
>
> > On Oct 18, 2021, at 14:48 , Jay Hennigan  wrote:
> >
> > On 10/18/21 07:02, Josh Luthman wrote:
> >
> >>Netflix, as an example, has even been willing to bear most of the
> cost
> >>with peering or bringing servers to ISPs to reduce the ISP's costs
> and
> >>improve the ISP customer's experience.
> >
> > Netflix doesn't do those things because it cares about the ISP's costs
> and the ISP customers' experience.
> >
> > Netflix does these things because Netflix cares about Netflix's costs
> and Netflix's customers' experience.
>
> Of course, that doesn’t change the fact that it does lower the ISP’s costs
> and improve the ISP customers’ experience.
>
> >>It's about time Netflix played
> >>chicken with one of these ISPs and stopped offering service  (or
> >>offered
> >>limited service) to the ISPs that try to extort them and other
> content
> >>providers:
> >
> > Then Netflix would risk losing those customers, especially if the ISP in
> question is a cable company or offers its own video streaming services.
>
> Vs. an ISP that is causing the problem or trying to run a protection
> racket against content providers, I think it wouldn’t be hard for the
> content
> provider to supply appropriate messaging inserted at the front end of
> playback to explain the situation to their mutual customers. Instead of the
> typical FBI notice, imagine the movie starting with an ad that explains
> how the ISP is trying to increase consumer costs by forcing Netflix to
> pass along additional fees paid to the ISP to deliver content the customer
> has already paid said same ISP to deliver.
>
> Somehow, I don’t see the ISP doing well against such a PR onslaught.
>
> > Also, by peering and bringing servers to ISPs, Netflix improves its
> customers' experience and reduces Netflix's costs because they no longer
> need to pay a transit provider to deliver content.
>
> Where the ISP in question isn’t trying to force them to pay transit costs
> within said eyeball network, sure. But in SK’s case, it looks like they’re
> trying to force Netflix to pay to reach their eyeballs, even though the
> eyeballs in question are already paying them to deliver Netflix (and other)
> content.
>
> >>Sorry, your service provider does not believe in net
> >>neutrality and has imposed limitations on your Netflix experience.
> >
> > They actually did pretty much exactly that with Verizon back in 2014.
> >
> >
> https://www.cnet.com/tech/home-entertainment/netflix-takes-aim-at-verizon-over-slow-data-speeds/
>
> It appears to have worked out fairly well for them, too.
>
> Owen
>
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Miles Fidelman 

Matt Hoppes wrote:
I've now heard from several operators - our selves included - about 
getting an e-mail bomb threat to our datacenters asking for $5,000 USD 
or the "bomb will be detonated".


Is this being seen on a wide spread e-mail blast to the RIR contacts, 
or am I just unlucky to know like 6 other data center folks who have 
also gotten this e-mail?


 It seems like a very odd/bizarre spam/threat campaign which would 
carry significant jail time.


And now I REALLY want to get moving on a service to drop a drone on 
spammers.  (Active Countermeasures!)


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: [External] Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Hunter Fuller via NANOG 
We have a distinct abuse address (not just abuse@) and that is where
the messages were sent.

We didn't receive the bomb threat ones. We only received the (somewhat
more amusing) messages entitled "Your network has been PWNED" and
"Fuck you".
The situation loses its humor entirely with the introduction of bomb
threats. Seems like a script kiddie taking things way too far.

--
Hunter Fuller (they)
Router Jockey
VBH M-1A
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Network Engineering


On Tue, Oct 19, 2021 at 8:57 AM Sadiq Saif  wrote:
>
> On Tue, 19 Oct 2021, at 08:40, Matt Hoppes wrote:
> > Are you contacting your LEO?  Or is this so spammy just hit delete?
> >
> > I feel like even spam chosen poorly comes with consequences.
>
> I hit delete after I saw Frantech had already reported it the FBI as per 
> their website.
>
> Whoever this is seems to be scraping ASN WHOIS data, the spam got sent to the 
> noc@ address that's in whois for my ASN and IP space.
> --
> Sadiq Saif
> https://bastetrix.com

RE: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Steven Shalita via NANOG 
I think that Dell is one of the few vendors using it AFAIK?

My understanding same class as T2+, with lower cost, but there are some
limitations.

https://www.broadcom.com/products/ethernet-connectivity/switching/strataxgs/bcm56760

I thought this was a good explanation:
https://people.ucsc.edu/~warner/Bufs/maverick.html



-Original Message-
From: Colton Conor 
Sent: Tuesday, October 19, 2021 6:40 AM
To: Steven Shalita 
Cc: Drew Weaver ; NANOG 
Subject: Re: PowerSwitch S4100 (S4148-ON) chipset

What is the Broadcom Maverick chipset primarily used or designed for?
This seems like a not commonly used chip to me.

On Tue, Oct 19, 2021 at 8:27 AM Steven Shalita via NANOG 
wrote:
>
>
>
> Dell S4148 is based on Broadcom Maverick.  S4048 is Trident2 (4048-T is
> Trident2+) and S5248 is Trident3.
>
>
>
>
>
>
>
> From: NANOG  On
> Behalf Of Drew Weaver
> Sent: Tuesday, October 19, 2021 6:09 AM
> To: 'nanog@nanog.org' 
> Subject: PowerSwitch S4100 (S4148-ON) chipset
>
>
>
> Hello all,
>
>
>
> I’ve been googling around trying to figure out which Broadcom silicon is
> in the S4148-ON.
>
>
>
> I haven’t really been able to make much of a determination.
>
>
>
> Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?
>
>
>
> Thanks so much if anyone has already figured this out.
>
>
>
> -Drew
>
>

Re: Geolocation accuracy

2021-10-19 Thread Siyuan Miao 
You can try IPInsight.io.

We've been using it for years and its accuracy is better than MaxMind,
usually.

On Tue, Oct 19, 2021 at 8:28 PM Jeroen Massar via NANOG 
wrote:

> On 2021-10-19 13:39, Hank Nussbacher wrote:
> > Can anyone recommend a geo-location service with high city accuracy?
> > Maxmind, for most countries (broadband, which does move) is below 50%
> > accuracy (they claim 68% accuracy for USA cities):
> >
> https://www.maxmind.com/en/geoip2-city-accuracy-comparison?country=&resolution=city&cellular=excluding
>
> What is the purpose of the geo-locating?
>
> As that might influence how much it actually matters where the user is...
>
> Greets,
>   Jeroen
>
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Sadiq Saif 
On Tue, 19 Oct 2021, at 08:40, Matt Hoppes wrote:
> Are you contacting your LEO?  Or is this so spammy just hit delete?
>
> I feel like even spam chosen poorly comes with consequences.

I hit delete after I saw Frantech had already reported it the FBI as per their 
website.

Whoever this is seems to be scraping ASN WHOIS data, the spam got sent to the 
noc@ address that's in whois for my ASN and IP space.
-- 
Sadiq Saif
https://bastetrix.com

RE: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Robert Berlin 
We received 2, and I heard from other operators that they had received it as 
well. This is the second or third "threat" in a matter of a couple of weeks. 
Seems like someone scraped some information from somewhere.


From: Travis Garrison 
Sent: 10/19/21 8:32 AM
To: Matt Hoppes 
Cc: "Nanog@nanog.org" 
Subject: RE: Anyone else getting the 'spam' bomb threat?

Yup, same here

Travis
From: NANOG  On Behalf Of 
Shawn L via NANOG
Sent: Tuesday, October 19, 2021 7:25 AM
To: Matt Hoppes 
Cc: North American Network Operators' Group 
Subject: RE: Anyone else getting the 'spam' bomb threat?



we received it as well

 -Original Message-
From: "Matt Hoppes" 
Sent: Tuesday, October 19, 2021 8:21am
To: "North American Network Operators' Group" 
Subject: Anyone else getting the 'spam' bomb threat?
I've now heard from several operators - our selves included - about
getting an e-mail bomb threat to our datacenters asking for $5,000 USD
or the "bomb will be detonated".

Is this being seen on a wide spread e-mail blast to the RIR contacts, or
am I just unlucky to know like 6 other data center folks who have also
gotten this e-mail?

It seems like a very odd/bizarre spam/threat campaign which would
carry significant jail time.

Re: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Tim Jackson 
It's a lower bandwidth Trident2+ with some different I/O options iirc. Same
featureset, but a mix of 10G and 25G serdes, targeted at like 48x10g+4x100G
boxes.

--
Tim

On Tue, Oct 19, 2021 at 8:42 AM Colton Conor  wrote:

> What is the Broadcom Maverick chipset primarily used or designed for?
> This seems like a not commonly used chip to me.
>
> On Tue, Oct 19, 2021 at 8:27 AM Steven Shalita via NANOG
>  wrote:
> >
> >
> >
> > Dell S4148 is based on Broadcom Maverick.  S4048 is Trident2 (4048-T is
> Trident2+) and S5248 is Trident3.
> >
> >
> >
> >
> >
> >
> >
> > From: NANOG  On
> Behalf Of Drew Weaver
> > Sent: Tuesday, October 19, 2021 6:09 AM
> > To: 'nanog@nanog.org' 
> > Subject: PowerSwitch S4100 (S4148-ON) chipset
> >
> >
> >
> > Hello all,
> >
> >
> >
> > I’ve been googling around trying to figure out which Broadcom silicon is
> in the S4148-ON.
> >
> >
> >
> > I haven’t really been able to make much of a determination.
> >
> >
> >
> > Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?
> >
> >
> >
> > Thanks so much if anyone has already figured this out.
> >
> >
> >
> > -Drew
> >
> >
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Siyuan Miao 
Yes, it's from the operator of bytefend and they have been sending numerous
threatening emails for months.

You can check the statement from the victim Frantech from the link below:

https://frantech.ca/

On Tue, Oct 19, 2021 at 9:34 PM Ray Bellis  wrote:

>
>
> On 19/10/2021 13:29, Travis Garrison wrote:
>
> > Yup, same here
>
> and here.
>
> For now we're just ignoring it, but if anyone wants to quote us (ISC, a
> DNS root server operator) in the event of law enforcement action please
> let me know.
>
> Ray
>
>

Re: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Colton Conor 
What is the Broadcom Maverick chipset primarily used or designed for?
This seems like a not commonly used chip to me.

On Tue, Oct 19, 2021 at 8:27 AM Steven Shalita via NANOG
 wrote:
>
>
>
> Dell S4148 is based on Broadcom Maverick.  S4048 is Trident2 (4048-T is 
> Trident2+) and S5248 is Trident3.
>
>
>
>
>
>
>
> From: NANOG  On Behalf 
> Of Drew Weaver
> Sent: Tuesday, October 19, 2021 6:09 AM
> To: 'nanog@nanog.org' 
> Subject: PowerSwitch S4100 (S4148-ON) chipset
>
>
>
> Hello all,
>
>
>
> I’ve been googling around trying to figure out which Broadcom silicon is in 
> the S4148-ON.
>
>
>
> I haven’t really been able to make much of a determination.
>
>
>
> Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?
>
>
>
> Thanks so much if anyone has already figured this out.
>
>
>
> -Drew
>
>

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Ray Bellis 



On 19/10/2021 13:29, Travis Garrison wrote:

> Yup, same here

and here.

For now we're just ignoring it, but if anyone wants to quote us (ISC, a
DNS root server operator) in the event of law enforcement action please
let me know.

Ray

RE: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Steven Shalita via NANOG 
Dell S4148 is based on Broadcom Maverick.  S4048 is Trident2 (4048-T is
Trident2+) and S5248 is Trident3.







*From:* NANOG  *On
Behalf Of *Drew Weaver
*Sent:* Tuesday, October 19, 2021 6:09 AM
*To:* 'nanog@nanog.org' 
*Subject:* PowerSwitch S4100 (S4148-ON) chipset



Hello all,



I’ve been googling around trying to figure out which Broadcom silicon is in
the S4148-ON.



I haven’t really been able to make much of a determination.



Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?



Thanks so much if anyone has already figured this out.



-Drew

Re: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Stefano Sasso 
With OS10 you should be able to see it with:

system "sudo hshell -c 'show unit 0'"

i.e., from a S4128F-ON:
PLAT-SW-A-1# system "sudo hshell -c 'show unit 0'"

Unit 0 chip BCM56762_B0 (current)
driver BCM56560_B0 (apache)

(should be Trident 2+)

-Stefano


Il giorno mar 19 ott 2021 alle ore 15:13 Drew Weaver 
ha scritto:

> Hello all,
>
>
>
> I’ve been googling around trying to figure out which Broadcom silicon is
> in the S4148-ON.
>
>
>
> I haven’t really been able to make much of a determination.
>
>
>
> Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?
>
>
>
> Thanks so much if anyone has already figured this out.
>
>
>
> -Drew
>
>
>

Re: PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Tim Jackson 
https://people.ucsc.edu/~warner/Bufs/S4148.html

Seems to be BCM Maverick which is pretty close to a Trident2+ iirc..

--
Tim

On Tue, Oct 19, 2021 at 8:14 AM Drew Weaver  wrote:

> Hello all,
>
>
>
> I’ve been googling around trying to figure out which Broadcom silicon is
> in the S4148-ON.
>
>
>
> I haven’t really been able to make much of a determination.
>
>
>
> Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?
>
>
>
> Thanks so much if anyone has already figured this out.
>
>
>
> -Drew
>
>
>

PowerSwitch S4100 (S4148-ON) chipset

2021-10-19 Thread Drew Weaver 
Hello all,

I've been googling around trying to figure out which Broadcom silicon is in the 
S4148-ON.

I haven't really been able to make much of a determination.

Does anyone know which chipset this is? Trident 1? Trident 2? Trident 3?

Thanks so much if anyone has already figured this out.

-Drew

RE: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Milt Aitken 
I got one and I don’t have a datacenter.  I’d better check my pockets….

 

 

From: NANOG [mailto:nanog-bounces+milt=net2atlanta@nanog.org] On Behalf Of 
Travis Garrison
Sent: Tuesday, October 19, 2021 8:29 AM
To: Matt Hoppes
Cc: Nanog@nanog.org
Subject: RE: Anyone else getting the 'spam' bomb threat?

 

Yup, same here

 

Travis

From: NANOG  On Behalf Of 
Shawn L via NANOG
Sent: Tuesday, October 19, 2021 7:25 AM
To: Matt Hoppes 
Cc: North American Network Operators' Group 
Subject: RE: Anyone else getting the 'spam' bomb threat?

 

we received it as well


-Original Message-
From: "Matt Hoppes" <  
mattli...@rivervalleyinternet.net>
Sent: Tuesday, October 19, 2021 8:21am
To: "North American Network Operators' Group" <  
nanog@nanog.org>
Subject: Anyone else getting the 'spam' bomb threat?

I've now heard from several operators - our selves included - about 
getting an e-mail bomb threat to our datacenters asking for $5,000 USD 
or the "bomb will be detonated".

Is this being seen on a wide spread e-mail blast to the RIR contacts, or 
am I just unlucky to know like 6 other data center folks who have also 
gotten this e-mail?

It seems like a very odd/bizarre spam/threat campaign which would 
carry significant jail time.

Re: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Matt Hoppes 

Are you contacting your LEO?  Or is this so spammy just hit delete?

I feel like even spam chosen poorly comes with consequences.

On 10/19/21 8:29 AM, Travis Garrison wrote:

Yup, same here

Travis

*From:* NANOG  *On 
Behalf Of *Shawn L via NANOG

*Sent:* Tuesday, October 19, 2021 7:25 AM
*To:* Matt Hoppes 
*Cc:* North American Network Operators' Group 
*Subject:* RE: Anyone else getting the 'spam' bomb threat?

we received it as well


-Original Message-
From: "Matt Hoppes" >

Sent: Tuesday, October 19, 2021 8:21am
To: "North American Network Operators' Group" >

Subject: Anyone else getting the 'spam' bomb threat?

I've now heard from several operators - our selves included - about
getting an e-mail bomb threat to our datacenters asking for $5,000 USD
or the "bomb will be detonated".

Is this being seen on a wide spread e-mail blast to the RIR contacts, or
am I just unlucky to know like 6 other data center folks who have also
gotten this e-mail?

It seems like a very odd/bizarre spam/threat campaign which would
carry significant jail time.

RE: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Travis Garrison 
Yup, same here

Travis
From: NANOG  On Behalf Of 
Shawn L via NANOG
Sent: Tuesday, October 19, 2021 7:25 AM
To: Matt Hoppes 
Cc: North American Network Operators' Group 
Subject: RE: Anyone else getting the 'spam' bomb threat?


we received it as well

-Original Message-
From: "Matt Hoppes" 
mailto:mattli...@rivervalleyinternet.net>>
Sent: Tuesday, October 19, 2021 8:21am
To: "North American Network Operators' Group" 
mailto:nanog@nanog.org>>
Subject: Anyone else getting the 'spam' bomb threat?

I've now heard from several operators - our selves included - about
getting an e-mail bomb threat to our datacenters asking for $5,000 USD
or the "bomb will be detonated".

Is this being seen on a wide spread e-mail blast to the RIR contacts, or
am I just unlucky to know like 6 other data center folks who have also
gotten this e-mail?

It seems like a very odd/bizarre spam/threat campaign which would
carry significant jail time.

Re: Geolocation accuracy

2021-10-19 Thread Jeroen Massar via NANOG 

On 2021-10-19 13:39, Hank Nussbacher wrote:

Can anyone recommend a geo-location service with high city accuracy?
Maxmind, for most countries (broadband, which does move) is below 50% 
accuracy (they claim 68% accuracy for USA cities):
https://www.maxmind.com/en/geoip2-city-accuracy-comparison?country=&resolution=city&cellular=excluding 


What is the purpose of the geo-locating?

As that might influence how much it actually matters where the user is...

Greets,
 Jeroen

RE: Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Shawn L via NANOG 

we received it as well

-Original Message-
From: "Matt Hoppes" 
Sent: Tuesday, October 19, 2021 8:21am
To: "North American Network Operators' Group" 
Subject: Anyone else getting the 'spam' bomb threat?



I've now heard from several operators - our selves included - about 
getting an e-mail bomb threat to our datacenters asking for $5,000 USD 
or the "bomb will be detonated".

Is this being seen on a wide spread e-mail blast to the RIR contacts, or 
am I just unlucky to know like 6 other data center folks who have also 
gotten this e-mail?

 It seems like a very odd/bizarre spam/threat campaign which would 
carry significant jail time.

Anyone else getting the 'spam' bomb threat?

2021-10-19 Thread Matt Hoppes 
I've now heard from several operators - our selves included - about 
getting an e-mail bomb threat to our datacenters asking for $5,000 USD 
or the "bomb will be detonated".


Is this being seen on a wide spread e-mail blast to the RIR contacts, or 
am I just unlucky to know like 6 other data center folks who have also 
gotten this e-mail?


 It seems like a very odd/bizarre spam/threat campaign which would 
carry significant jail time.

Geolocation accuracy

2021-10-19 Thread Hank Nussbacher 

Can anyone recommend a geo-location service with high city accuracy?
Maxmind, for most countries (broadband, which does move) is below 50% 
accuracy (they claim 68% accuracy for USA cities):

https://www.maxmind.com/en/geoip2-city-accuracy-comparison?country=&resolution=city&cellular=excluding

Thanks,

Hank