SHA1 collisions proven possisble
Coworker passed this on to me. Looks like SHA1 hash collisions are now achievable in a reasonable time period https://shattered.io/ -Grant
Krebs on Security booted off Akamai network after DDoS attack proves pricey
Didn't realize Akamai kicked out or disabled customers http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/ "Security blog Krebs on Security has been taken offline by host Akamai Technologies following a DDoS attack which reached 665 Gbps in size." -Grant
Re: syslog server
+1 for ELKK (with kafka) Doing several hundred GB of log per day with a dozen instances on AWS (ES cluster + logstash hosts + kafak cluster) -Grant On Mon, Jun 6, 2016 at 11:25 PM,wrote: > On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said: > > What is the best syslog server (opensource)? > > Step 0: Define what "best" means in your environment. > > What features do you need? Routing to a central aggregation server over > TLS? > Powerful regex-based routing? Ingestion into a database (a la splunk or > Elk) > for data mining? Ability to deal with insanely high message rates? Other > must-have or don't-care features? License pricing? Vendor support? > > Step 1: After figuring out what you need, make a matrix of the available > options and how well they fit. > > (We have in production syslog-ng, rsyslog, splunk, Elk, and probably a few > others I've forgotten, for different purposes) > >
Re: GitHub outage - idle speculation thread
I haven't had any issues w/ push and pull via SSH so far during the outage. Appears to be only HTTP based interactions. -Grant On Wed, Jan 27, 2016 at 6:19 PM, Alex Forsterwrote: > Github has been down for about two hours now. No good public information > that I can find so far, except that they mention a "network disruption" in > early status updates. However, nothing interesting is showing up in BGPlay > (like a shift over to Prolexic due to a DDoS). Their colocation provider > is Rackspace, but Rackspace hasn't posted about any wider issues. > > https://status.github.com/graphs/past_day > > > Alex Forster > >
Re: ICYMI: FBI looking into LA fiber cuts, Super Bowl
Broke ground in April 2012 http://www.mercurynews.com/southbayfootball/ci_20434376/49ers-break-ground-this-evening-stadium-at-center -Grant On Tue, Jan 19, 2016 at 12:12 PM, Jay R. Ashworthwrote: > - Original Message - > > From: "Owen DeLong" > > > Correct me if I’m wrong, but these FO vandalisms have been going on in > the bay > > area since before the stadium > > was even funded. > > > > This leads me to believe that this is just another example of an LE > landgrab. > > How old's the stadium? The article does mention late '14. > > Cheers, > -- jra > -- > Jay R. Ashworth Baylink > j...@baylink.com > Designer The Things I Think RFC > 2100 > Ashworth & Associates http://www.bcp38.info 2000 Land > Rover DII > St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 > 1274 >
network issue on ec2 classic us-east-1??
Hi, Over the last 6 hrs i have had over 100 instances in us-east-1 in EC2 Classic fail their instance health checks and a reboot via the console solves them. Logs on the host point to a loss of all network connectivity. Anyone else experiencing something like this? Reached out to AWS support and haven't gotten anywhere with that yet. -Grant
Re: network issue on ec2 classic us-east-1??
Neil / Dovid, How long ago did your issues start? Symptoms are the same, but the issue for me started early this morning at an alarming rate. -Grant On Fri, Jan 15, 2016 at 1:45 PM, Neil Robst <neil.ro...@piksel.com> wrote: > Hi David and Grant, > > We have been experiencing exactly the same issue also now whereby > our > instances randomly stop getting their DHCP reservation and then drop > offline. A simple reboot in the AWS console usually sorts it but as yet we > do not know the root cause. > > Regards, > Neil > > On 1/15/16, 1:31 PM, "NANOG on behalf of Dovid Bender" > <nanog-boun...@nanog.org on behalf of do...@telecurve.com> wrote: > > >Grant, > > > >We have been having issues for a few weeks now with instances that > >randomly stop getting their IP from DHCP. Did you see any dhcp errors? > > > > > >Regards, > > > >Dovid > > > >-Original Message- > >From: Grant Ridder <shortdudey...@gmail.com> > >Sender: "NANOG" <nanog-boun...@nanog.org>Date: Fri, 15 Jan 2016 12:58:58 > >To: nanog@nanog.org<nanog@nanog.org> > >Subject: network issue on ec2 classic us-east-1?? > > > >Hi, > > > >Over the last 6 hrs i have had over 100 instances in us-east-1 in EC2 > >Classic fail their instance health checks and a reboot via the console > >solves them. Logs on the host point to a loss of all network > >connectivity. Anyone else experiencing something like this? > > > >Reached out to AWS support and haven't gotten anywhere with that yet. > > > >-Grant > >
Re: network issue on ec2 classic us-east-1??
Gotcha, thanks for the info. I am at 128 instances and counting in the last 8 hrs -Grant On Fri, Jan 15, 2016 at 1:58 PM, Neil Robst <neil.ro...@piksel.com> wrote: > Hi Grant, > We saw the first confirmed issue last week. So far only > experienced 2 > confirmed - that last week and one this morning, but its possible there > have been others. > > Neil > > From: Grant Ridder <shortdudey...@gmail.com> > Date: Friday, January 15, 2016 at 1:54 PM > To: Neil Robst <neil.ro...@piksel.com> > Cc: "do...@telecurve.com" <do...@telecurve.com>, NANOG > <nanog-boun...@nanog.org>, "nanog@nanog.org" <nanog@nanog.org> > Subject: Re: network issue on ec2 classic us-east-1?? > > > Neil / Dovid, > How long ago did your issues start? Symptoms are the same, but the issue > for me started early this morning at an alarming rate. > > -Grant > > > On Fri, Jan 15, 2016 at 1:45 PM, Neil Robst > <neil.ro...@piksel.com> wrote: > > Hi David and Grant, > > We have been experiencing exactly the same issue also now whereby > our > instances randomly stop getting their DHCP reservation and then drop > offline. A simple reboot in the AWS console usually sorts it but as yet we > do not know the root cause. > > Regards, > Neil > > On 1/15/16, 1:31 PM, "NANOG on behalf of Dovid Bender" > <nanog-boun...@nanog.org on behalf of > do...@telecurve.com> wrote: > > >Grant, > > > >We have been having issues for a few weeks now with instances that > >randomly stop getting their IP from DHCP. Did you see any dhcp errors? > > > > > >Regards, > > > >Dovid > > > >-Original Message- > >From: Grant Ridder <shortdudey...@gmail.com> > >Sender: "NANOG" <nanog-boun...@nanog.org>Date: Fri, 15 Jan 2016 12:58:58 > >To: nanog@nanog.org<nanog@nanog.org> > >Subject: network issue on ec2 classic us-east-1?? > > > >Hi, > > > >Over the last 6 hrs i have had over 100 instances in us-east-1 in EC2 > >Classic fail their instance health checks and a reboot via the console > >solves them. Logs on the host point to a loss of all network > >connectivity. Anyone else experiencing something like this? > > > >Reached out to AWS support and haven't gotten anywhere with that yet. > > > >-Grant > > > > > > > > >
Re: network issue on ec2 classic us-east-1??
Thanks to all the replied on and off list! tl;dr dhclient died and the instances gave up their IP's Turns out this one was inadvertently my fault. I got bit by a bug in an old version of NetworkManager. Something triggered an update of a package on some of my instances, which lead to this bug showing up. The bug appears in versions of NetworkManage prior to NetworkManager-1.0.0-14.git2015012 https://bugzilla.redhat.com/show_bug.cgi?id=1285974 https://bugzilla.redhat.com/show_bug.cgi?id=1136836 https://rhn.redhat.com/errata/RHBA-2015-0311.html Thanks! Grant On Fri, Jan 15, 2016 at 2:02 PM, Grant Ridder <shortdudey...@gmail.com> wrote: > Gotcha, thanks for the info. > I am at 128 instances and counting in the last 8 hrs > > -Grant > > On Fri, Jan 15, 2016 at 1:58 PM, Neil Robst <neil.ro...@piksel.com> wrote: > >> Hi Grant, >> We saw the first confirmed issue last week. So far only >> experienced 2 >> confirmed - that last week and one this morning, but its possible there >> have been others. >> >> Neil >> >> From: Grant Ridder <shortdudey...@gmail.com> >> Date: Friday, January 15, 2016 at 1:54 PM >> To: Neil Robst <neil.ro...@piksel.com> >> Cc: "do...@telecurve.com" <do...@telecurve.com>, NANOG >> <nanog-boun...@nanog.org>, "nanog@nanog.org" <nanog@nanog.org> >> Subject: Re: network issue on ec2 classic us-east-1?? >> >> >> Neil / Dovid, >> How long ago did your issues start? Symptoms are the same, but the issue >> for me started early this morning at an alarming rate. >> >> -Grant >> >> >> On Fri, Jan 15, 2016 at 1:45 PM, Neil Robst >> <neil.ro...@piksel.com> wrote: >> >> Hi David and Grant, >> >> We have been experiencing exactly the same issue also now whereby >> our >> instances randomly stop getting their DHCP reservation and then drop >> offline. A simple reboot in the AWS console usually sorts it but as yet we >> do not know the root cause. >> >> Regards, >> Neil >> >> On 1/15/16, 1:31 PM, "NANOG on behalf of Dovid Bender" >> <nanog-boun...@nanog.org on behalf of >> do...@telecurve.com> wrote: >> >> >Grant, >> > >> >We have been having issues for a few weeks now with instances that >> >randomly stop getting their IP from DHCP. Did you see any dhcp errors? >> > >> > >> >Regards, >> > >> >Dovid >> > >> >-Original Message- >> >From: Grant Ridder <shortdudey...@gmail.com> >> >Sender: "NANOG" <nanog-boun...@nanog.org>Date: Fri, 15 Jan 2016 12:58:58 >> >To: nanog@nanog.org<nanog@nanog.org> >> >Subject: network issue on ec2 classic us-east-1?? >> > >> >Hi, >> > >> >Over the last 6 hrs i have had over 100 instances in us-east-1 in EC2 >> >Classic fail their instance health checks and a reboot via the console >> >solves them. Logs on the host point to a loss of all network >> >connectivity. Anyone else experiencing something like this? >> > >> >Reached out to AWS support and haven't gotten anywhere with that yet. >> > >> >-Grant >> >> >> >> >> >> >> >> >> >
Re: Bluehost.com
Their site and my site work US west coast -Grant On Wed, Nov 25, 2015 at 9:28 AM, Brielle Brunswrote: > On 11/25/15 9:41 AM, JoeSox wrote: > >> Anyone have the scope on the outage for Bluehost? >> https://twitter.com/search?q=%23bluehostdown=tyah >> >> Cannot even move my DNS until its restored. :( >> I suggest moving the status page to outside your network as well. >> https://www.bluehost.com/hosting/serverstatus >> >> > I am in the last stages of getting rid of BlueHost for one of my clients. > Go figure this would happen _today_ at the exact same time I'm getting the > last bit of data off so I can cancel the account. > > > -- > Brielle Bruns > The Summit Open Source Development Group > http://www.sosdg.org/ http://www.ahbl.org >
Re: OT: BdNOG announces website blocks
Any idea if this includes Instagram as well since it is a Facebook asset? -Grant On Wed, Nov 18, 2015 at 3:22 PM, Scott Weekswrote: > > - > Md. abdullah Al naser mail.naserbd at yahoo.com > Wed Nov 18 12:56:15 BDT 2015 > > The service of Facebook, Viber and Whatsapp are > blocked from now till further notice. It has been > ordered by Begum Tarana Halim, State Minister, Post > and Telecommunications. > -- > > > > I just saw this on BdNOG and thought it might be > interesting to others here and where some of the > internet is headed... > > Wow, all of these govt's just can't seem to deal > with not being able to completely control *everything* > about the populace. > > So, in Bangladesh, no communicating with your social > peers, no free calls, text or picture sharing and no > mobile messaging. The new State Minister for Post > and Telecommunications in Bangladesh wants her money. > > It'd be interesting to hear how they're attempting > to make it happen. > > scott >
Fw: new message
Hey! New message, please read <http://akijukido.com/unless.php?vjwwq> Grant Ridder
Fw: new message
Hey! New message, please read <http://magnet-invest.ru/surely.php?u6jp0> Grant Ridder
Re: Microsoft blocking mail
http://go.microsoft.com/fwlink/?LinkID=614866 displays a form for me (Chrome w/ no ad extensions or custom settings) Try it in incognito mode On Thu, Sep 17, 2015 at 10:27 AM, Hugo Slabbertwrote: > > On Thu 2015-Sep-17 13:22:29 -0400, valdis.kletni...@vt.edu < > valdis.kletni...@vt.edu> wrote: > > On Thu, 17 Sep 2015 13:14:21 -0400, Josh Luthman said: >> >>> Well it's not a form and it redirects you to the support home page... >>> >>> https://support.microsoft.com/en-us >>> >> >> You didn't have NoScript or similar in effect at the time, did you? >> >> > Was going to ask the same; #worksforme, though there is a string of > redirects and noscript is filling pretty much the full height of my display > with a list of hosts... > > $ wget http://go.microsoft.com/fwlink/?LinkID=614866 > --2015-09-17 10:18:10-- http://go.microsoft.com/fwlink/?LinkID=614866 > Resolving go.microsoft.com (go.microsoft.com)... > 2001:4de0:4103:197::2c1a, 2001:4de0:4103:182::2c1a, 23.58.87.71 > Connecting to go.microsoft.com > (go.microsoft.com)|2001:4de0:4103:197::2c1a|:80... > connected. > HTTP request sent, awaiting response... 302 Moved Temporarily > Location: > https://support.microsoft.com/getsupport/?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us=en-us > [following] > --2015-09-17 10:18:10-- > https://support.microsoft.com/getsupport/?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us=en-us > Resolving support.microsoft.com (support.microsoft.com)... 184.24.236.218 > Connecting to support.microsoft.com > (support.microsoft.com)|184.24.236.218|:443... > connected. > HTTP request sent, awaiting response... 301 Moved Permanently > Location: > https://support.microsoft.com/getsupport?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us=en-us > [following] > --2015-09-17 10:18:10-- > https://support.microsoft.com/getsupport?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us=en-us > Reusing existing connection to support.microsoft.com:443. > HTTP request sent, awaiting response... 302 Moved Temporarily > Location: > /en-us/getsupport?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us > [following] > --2015-09-17 10:18:10-- > https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0=capsub=edfsmsbl3=en-us > Reusing existing connection to support.microsoft.com:443. > HTTP request sent, awaiting response... 200 OK > Length: 156614 (153K) [text/html] > Saving to: 'index.html?LinkID=614866' > > index.html?LinkID=614866 > 100%[==>] 152.94K > --.-KB/s in 0.1s > > 2015-09-17 10:18:11 (1.38 MB/s) - 'index.html?LinkID=614866' saved > [156614/156614] > > -- > Hugo >
weather.gov invalid ssl cert
If someone that works with or knows someone who works with weather.gov (National Weather Service) please take a look at this. I did a whois on weather.gov and there is no contact info. www.weather.gov is serving an akami cert weather.gov is serving a NWS SAN cert that does not cover weather.gov (includes www though) username@hostname ~ $ echo quit | openssl s_client -connect weather.gov:443 | openssl x509 -text depth=3 /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 DONE Certificate: Data: Version: 3 (0x2) Serial Number: 07:a2:c1:cb:fa:c1:18 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU= http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2 Validity Not Before: Nov 13 20:54:35 2014 GMT Not After : Nov 17 17:33:22 2015 GMT Subject: OU=Domain Control Validated, CN=ucc.weather.gov Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:9d:36:e8:eb:5d:00:1d:ce:ab:f2:6a:3f:83:5a: 39:29:dd:95:e9:bd:58:d7:2b:0f:67:5a:16:20:97: 2d:4c:96:e1:3c:cc:8f:2f:16:88:ae:fe:9c:15:d0: 67:f1:c9:0d:5c:c0:ae:3f:36:32:aa:90:1d:03:bb: d2:91:73:86:74:5f:e3:41:f2:e2:77:b3:5e:1c:a9: cc:9c:68:3a:99:3a:de:7a:19:bd:6a:70:a1:9f:3f: 1f:ec:c3:63:fd:e9:f5:e6:44:14:0d:db:ae:b4:46: fe:a8:b0:d7:07:01:ea:68:10:7f:9f:c8:f7:5a:20: 05:1d:77:47:d7:13:d1:f0:b8:8f:d2:94:a0:36:29: 95:c2:fd:3e:bc:80:14:1f:22:a2:5a:d0:56:5b:e6: 51:e1:94:3c:4c:dd:63:ae:81:42:7c:5e:87:f5:0c: b8:6f:37:f4:a6:53:f6:56:5e:c8:ec:57:f8:ec:0c: 7d:e0:11:7f:3d:07:8c:37:38:4e:05:8e:cd:46:b3: 21:a3:c1:2f:96:ee:e2:d7:5f:ed:8c:1c:6d:88:d7: 17:ba:90:d8:cb:49:2e:8d:4f:ca:bf:8c:53:da:f7: 38:9c:bc:e1:6c:ac:8a:62:27:d1:ec:dc:59:a9:3b: 62:07:68:3b:bd:d0:06:35:79:26:2d:83:4d:69:00: f3:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 CRL Distribution Points: URI:http://crl.godaddy.com/gdig2s1-87.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114413.1.7.23.1 CPS: http://certificates.godaddy.com/repository/ Authority Information Access: OCSP - URI:http://ocsp.godaddy.com/ CA Issuers - URI: http://certificates.godaddy.com/repository/gdig2.crt X509v3 Authority Key Identifier: keyid:40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE X509v3 Subject Alternative Name: DNS:ucc.weather.gov, DNS:www.ucc.weather.gov, DNS: alerts.weather.gov, DNS:nwschat.weather.gov, DNS:vpn.weather.gov, DNS: www.weather.gov X509v3 Subject Key Identifier: 01:7D:76:D9:61:68:EB:50:F7:C4:26:02:DC:94:56:62:45:0B:5B:58 Signature Algorithm: sha256WithRSAEncryption 96:4e:70:45:46:f8:69:80:48:b8:88:86:cd:06:2b:7b:d6:f1: 6b:0b:d8:89:ab:e8:9a:c0:f1:a8:99:0c:69:45:f8:a7:fb:ef: af:b3:6b:0d:41:bd:4d:3c:76:11:10:89:fa:8f:12:a5:47:27: 50:44:e7:37:93:f3:6b:84:f2:66:34:0d:99:69:13:da:dd:08: 32:6c:30:be:2e:af:8b:25:aa:9a:40:bf:61:35:a9:d9:2d:da: 97:b0:0c:e6:98:72:54:fe:44:21:6d:ad:9a:0a:cd:0b:18:74: be:f2:58:b0:d6:10:9b:dc:b7:fe:ae:81:b3:c0:21:f9:c8:eb: d5:54:bc:9e:d6:d0:ca:12:5c:c0:0d:94:93:03:9b:54:46:b8: af:86:46:e6:e0:4b:52:97:c2:8e:16:89:3c:8d:06:f8:f9:59: d6:21:39:4c:25:82:58:49:59:07:43:db:63:8d:98:aa:04:c1: 42:f5:4f:8a:4d:35:5b:f7:79:e5:e1:31:13:72:50:87:bd:68: 3f:bd:23:e2:88:3e:cf:72:00:a7:c8:1d:40:b6:34:00:5b:7b: 73:9f:8f:17:05:53:13:a1:70:15:59:66:88:61:6a:d7:d0:bf: df:89:1a:28:af:a8:cb:c7:95:e4:f9:01:7b:c2:99:51:93:33: 8f:94:fa:0b -BEGIN CERTIFICATE- MIIFdzCCBF+gAwIBAgIHB6LBy/rBGDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMS0wKwYDVQQLEyRodHRwOi8vY2VydHMu Z29kYWRkeS5jb20vcmVwb3NpdG9yeS8xMzAxBgNVBAMTKkdvIERhZGR5IFNlY3Vy ZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNDExMTMyMDU0MzVaFw0x NTExMTcxNzMzMjJaMD0xITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRl
HTTPS redirects to HTTP for monitoring
Hi Everyone, I wanted to see what opinions and thoughts were out there. What software, appliances, or services are being used to monitor web traffic for inappropriate content on the SSL side of things? personal use? enterprise enterprise? It looks like Websense might do decryption ( http://community.websense.com/forums/t/3146.aspx) while Covenant Eyes does some sort of session hijack to redirect to non-ssl (atleast for Google) ( https://twitter.com/CovenantEyes/status/451382865914105856). Thoughts on having a product that decrypts SSL traffic internally vs one that doesn't allow SSL to start with? -Grant
Re: How our young colleagues are being educated....
I used Stallings a couple years ago. Cisco is not the basis of networking. It is the basis for TCP/IP. -Grant On Thu, Dec 25, 2014 at 6:21 PM, Miles Fidelman mfidel...@meetinghouse.net wrote: Cisco as the basis of networking material? Does nobody use Comer, Stallings, or Tannenbaum as basic texts anymore? Miles Fidelman Mike Jones wrote: I am a university student that has just completed the first term of the first year of a Computer Systems and Networks course. Apart from a really out of place MATH module that did trig but not binary, it has been reasonably well run so far. The binary is covered in a different module, just not maths. The worst part of the course is actually the core networking module, which is based on Cisco material. The cisco material is HORRIBLE! those awkward book page things with the stupid higherarchical menu. As for the content.. a scalable network is one you can add hosts to, so what's a non-scalable network? will the building collapse if i plug my laptop in? As I have been following NANOG for years I do notice a lot of mistakes or over-simplifications that show a clear distinction between the theory in the university books and the reality on nanog, and demonstrate the lecturers lack of real world exposure. As a simple example, in IPv4 the goal is to conserve IP addresses therefore on point to point links you use a /30 which only wastes 50% of the address space. In the real world - /31's? but a /31 is impossible I hear the lecturers say... The entire campus is not only IPv4-only, but on the wifi network they actually assign globally routable addresses, then block protocol 41, so windows configures broken 6to4! Working IPv6 connectivity would at least expose students to it a little and let them play with it... Amoung the things I have heard so far: MAC Addresses are unique, IP fragments should be blocked for security reasons, and the OSI model only has 7 layers to worry about. All theoretically correct. All wrong. - Mike Jones On 22 December 2014 at 09:13, Javier J jav...@advancedmachines.us wrote: Dear NANOG Members, It has come to my attention, that higher learning institutions in North America are doing our young future colleagues a disservice. I recently ran into a student of Southern New Hampshire University enrolled in the Networking/Telecom Management course and was shocked by what I learned. Not only are they skimming over new technologies such as BGP, MPLS and the fundamentals of TCP/IP that run the internet and the networks of the world, they were focusing on ATM , Frame Relay and other technologies that are on their way out the door and will probably be extinct by the time this student graduates. They are teaching classful routing and skimming over CIDR. Is this indicative of the state of our education system as a whole? How is it this student doesn't know about OSPF and has never heard of RIP? If your network hardware is so old you need a crossover cable, it's time to upgrade. In this case, it’s time to upgrade our education system. I didn't write this email on the sole experience of my conversation with one student, I wrote this email because I have noticed a pattern emerging over the years with other university students at other schools across the country. It’s just the countless times I have crossed paths with a young IT professional and was literally in shock listening to the things they were being taught. Teaching old technologies instead of teaching what is currently being used benefits no one. Teaching classful and skipping CIDR is another thing that really gets my blood boiling. Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is? What about unicast and multicast? I confirmed with one student half way through their studies that they were not properly taught how DNS works, and had no clue what the term “root servers” meant. Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not by us, then by whom? How can we fix this? -- In theory, there is no difference between theory and practice. In practice, there is. Yogi Berra
Re: Comcast thinks it ok to install public wifi in your house
I think it may have already been slightly mentioned, but any reason why this is not being rolled out on a separate radio than the private customer facing one? Even if the bandwidth out to the internet is separated with DOCSIS channels, you are still using the same radio and one user streaming a large amount of data could bog down the radio. I have seen 1 or 2 clients destroy speed and cause large amounts (adding 100+ms) of latency for all clients connected to the same radio. -Grant On Thu, Dec 11, 2014 at 1:44 PM, Livingood, Jason jason_living...@cable.comcast.com wrote: On 12/11/14, 3:58 PM, Jay Ashworth j...@baylink.com wrote: No, I'm having a hard time figuring out what the use case *is* for this service as deployed against *residential* hardware, myself... Well, the great thing about the marketplace is that if it ultimately does not prove useful and of some value then it¹ll eventually go away. :-) Jason
Comcast residential DNS contact
Can someone from Comcast that works with the customer resolvers ( cdns01.comcast.net / cdns02.comcast.net) please contact me off list? The 01 resolver is sometimes not returning complete results when the DNS query type is set to ANY for $dayjob's domain. -Grant
Re: Comcast residential DNS contact
Both of Google’s public DNS servers return complete results every time and one of the two comcast ones works fine. If this is working by design, can you provide the RFC with that info? -Grant On Dec 3, 2014, at 2:51 AM, Niels Bakker niels=na...@bakker.net wrote: * shortdudey...@gmail.com (Grant Ridder) [Wed 03 Dec 2014, 10:49 CET]: Can someone from Comcast that works with the customer resolvers ( cdns01.comcast.net / cdns02.comcast.net) please contact me off list? The 01 resolver is sometimes not returning complete results when the DNS query type is set to ANY for $dayjob's domain. That's how DNS works, yes. -- Niels.
Re: Comcast residential DNS contact
Hi Everyone, Thanks for the replies! After reading them, i am doing some digging into DNS RFC's and haven't found much with respect to ANY queries. Not responding with full results to protect against being used in an attack makes sense. However, I find it odd that only 1 of the 4 anycast servers I tried would institute this. Also, as a side note, i hit all 4 anycast servers on both v4 and v6 with similar results already. -Grant On Wed, Dec 3, 2014 at 7:46 AM, Brian Rak b...@gameservers.com wrote: Shouldn't everyone be on IPv6 these days anyway ;) On 12/3/2014 10:28 AM, Jared Mauch wrote: So have A record queries. Do you filter those as well? Jared Mauch On Dec 3, 2014, at 9:08 AM, Stephen Satchell l...@satchell.net wrote: On 12/03/2014 04:04 AM, Niels Bakker wrote: * shortdudey...@gmail.com (Grant Ridder) [Wed 03 Dec 2014, 12:54 CET]: Both of Google’s public DNS servers return complete results every time and one of the two comcast ones works fine. If this is working by design, can you provide the RFC with that info? An ANY query will typically return only what's already in the cache. So if you ask for MX records first and then query the same caching resolver for ANY it won't return, say, any TXT records that may be present at the authoritative nameserver. This could be implementation dependent, but Comcast's isn't wrong, and you should not rely on ANY queries returning full data. This has been hashed out to tears in the past, for example when qm**l used to do these queries in an attempt to optimise DNS query volumes and RTT. At the ISP I consult to, I filter all ANY queries, because they have been used for DNS amplification attacks.
Re: Comcast residential DNS contact
Did more digging and found the RFC regarding ANY queries: 3.2.3 - * 255 A request for all records https://www.ietf.org/rfc/rfc1035.txt However Wikipedia (http://en.wikipedia.org/wiki/List_of_DNS_record_types) lists this as a request for All cached records instead of A request for all records per the RFC. -Grant On Wed, Dec 3, 2014 at 9:54 AM, Grant Ridder shortdudey...@gmail.com wrote: Hi Everyone, Thanks for the replies! After reading them, i am doing some digging into DNS RFC's and haven't found much with respect to ANY queries. Not responding with full results to protect against being used in an attack makes sense. However, I find it odd that only 1 of the 4 anycast servers I tried would institute this. Also, as a side note, i hit all 4 anycast servers on both v4 and v6 with similar results already. -Grant On Wed, Dec 3, 2014 at 7:46 AM, Brian Rak b...@gameservers.com wrote: Shouldn't everyone be on IPv6 these days anyway ;) On 12/3/2014 10:28 AM, Jared Mauch wrote: So have A record queries. Do you filter those as well? Jared Mauch On Dec 3, 2014, at 9:08 AM, Stephen Satchell l...@satchell.net wrote: On 12/03/2014 04:04 AM, Niels Bakker wrote: * shortdudey...@gmail.com (Grant Ridder) [Wed 03 Dec 2014, 12:54 CET]: Both of Google’s public DNS servers return complete results every time and one of the two comcast ones works fine. If this is working by design, can you provide the RFC with that info? An ANY query will typically return only what's already in the cache. So if you ask for MX records first and then query the same caching resolver for ANY it won't return, say, any TXT records that may be present at the authoritative nameserver. This could be implementation dependent, but Comcast's isn't wrong, and you should not rely on ANY queries returning full data. This has been hashed out to tears in the past, for example when qm**l used to do these queries in an attempt to optimise DNS query volumes and RTT. At the ISP I consult to, I filter all ANY queries, because they have been used for DNS amplification attacks.
Re: Comcast residential DNS contact
Ah that makes sense. I am not going to worry about the inconstancy then. Thanks to everyone that replied!! -Grant On Wed, Dec 3, 2014 at 10:30 AM, Doug Barton do...@dougbarton.us wrote: On 12/3/14 10:07 AM, Grant Ridder wrote: Did more digging and found the RFC regarding ANY queries: 3.2.3 - * 255 A request for all records https://www.ietf.org/rfc/rfc1035.txt When listing URLs for RFCs it's better to use the tools site, as it gives a much better experience: https://tools.ietf.org/html/rfc1035 Meanwhile, the text is correct, but what you're missing is the nuance of authoritative vs. recursive. If you send an ANY query to an authoritative server it is naturally going to send you all of the related records, since it has them all. A recursive (or iterative if you prefer) server only has what it has in the cache, but it will send you all records that it has. What this does not imply is that the recursive server will go out and do its own ANY query for the RR you're asking about, unless there is nothing in the cache to start with. There are any number of explanations for why some of the recursive servers you're querying have more records than others. None of them are bugs. :) However Wikipedia (http://en.wikipedia.org/wiki/List_of_DNS_record_types) lists this as a request for All cached records instead of A request for all records per the RFC. Wikipedia is good for a lot of things, but standards work is not one of them. :) The text above is a good example of why. Doug
Re: kohls.com issues
http://www.kohls.com/ comes up for me fine on the west coast. -Grant On Wed, Nov 26, 2014 at 6:18 PM, o...@columbus.rr.com wrote: Anyone know what’s up ? Looks like they are still working thru issues where I am. Not sure if their domain was hijacked or what exactly. If someone has a list where this is already being discussed id appreciate that info. Thanks, Steve
Re: Inside China GFW - basic dedicated server or cloud instance
You can try AWS China, but I think you need an ICP license for that. -Grant On Tue, Nov 11, 2014 at 8:27 AM, Andrius Kasparavicius andr...@andrius.org wrote: Business needs some permanent basic browser/tcp/ip view from *inside China great firewall* (Hong Kong or unfirewalled locations not good) for connectivity testing, troubleshooting for customers in China. Ideally just a dedicated windows box/server. Are there any simple providers with self-provisioning VPS or similar low cost solutions. Best to have it on ChinaTel network. No hosting or content would be shared from this box. Thanks
SSL 3 vulnerability released
Just incase anyone hasn't seen yet... http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html -Grant
Re: AWS EC2 us-west-2 reboot
For those interested, this is the Xen bug they were fixing with the reboots http://xenbits.xen.org/xsa/advisory-108.html -Grant On Wed, Sep 24, 2014 at 8:41 PM, Reed Loden r...@reedloden.com wrote: On Wed, 24 Sep 2014 21:39:39 -0400 Peter Beckman beck...@angryox.com wrote: Likely some sort of potentially serious bug or flaw in EC2 or Xen. AWS Security is really on the ball on such things and do everything they can to make invisible fixes with no customer impact, but sometimes a reboot is required in order to apply the changes necessary to keep customer instances safe from attacks and vulnerabilities. Rumor mill is that it's XSA-108, embargoed until 2014-10-01 12:00 (http://xenbits.xen.org/xsa/). Just somebody's guess, though, afaik. ~reed
AWS EC2 us-west-2 reboot
As an FYI, it looks like Amazon is doing a mass reboot of the physical hosts in us-west-2 across all AZ's and it is scheduled to start tomorrow and take a couple days. Go to *https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#Events https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#Events:* to see what instances are affected when. -Grant
Re: AWS EC2 us-west-2 reboot
Doubt it since a bash patch shouldn't require a reboot On Wed, Sep 24, 2014 at 1:51 PM, Gabriel Blanchard g...@teksavvy.ca wrote: Bash related? On Sep 24, 2014, at 4:47 PM, Grant Ridder shortdudey...@gmail.com wrote: As an FYI, it looks like Amazon is doing a mass reboot of the physical hosts in us-west-2 across all AZ's and it is scheduled to start tomorrow and take a couple days. Go to * https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#Events https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#Events:* to see what instances are affected when. -Grant
Re: Here comes iOS 8...
For those that are curious, it looks like the download is 1.1 gigs. -Grant On Wed, Sep 17, 2014 at 10:04 AM, Nick Olsen n...@flhsi.com wrote: I've been waiting all morning. Expedited repair of a primary link to prepare for the traffic. Not that it didn't have multiple backups. But one doesn't trifle with IOS8 release traffic.. If it's anything like IOS7 was.. Nick Olsen Network Operations (855) FLSPEED x106 From: Zachary McGibbon zachary.mcgibbon+na...@gmail.com Sent: Wednesday, September 17, 2014 12:59 PM To: NANOG nanog@nanog.org Subject: Here comes iOS 8... So Apple is about to release iOS 8... Have you done anything special to your network setup to accommodate the traffic flood ie traffic shaping rules, cache servers, etc? I heard that Apple Caching servers won't work with this update, so I'm guessing it will be pushed through Akamai servers as is usually is. - Zachary
Re: Here comes iOS 8...
My reference was the update page in settings said the download was 1.1 gig Grant Sent from my iPhone On Sep 17, 2014, at 7:04 PM, JoeSox joe...@gmail.com wrote: Grant, Do you have a reference? Someone just told me it is more around 5GB. -- Later, Joe On Wed, Sep 17, 2014 at 10:31 AM, Grant Ridder shortdudey...@gmail.com wrote: For those that are curious, it looks like the download is 1.1 gigs. -Grant On Wed, Sep 17, 2014 at 10:04 AM, Nick Olsen n...@flhsi.com wrote: I've been waiting all morning. Expedited repair of a primary link to prepare for the traffic. Not that it didn't have multiple backups. But one doesn't trifle with IOS8 release traffic.. If it's anything like IOS7 was.. Nick Olsen Network Operations (855) FLSPEED x106 From: Zachary McGibbon zachary.mcgibbon+na...@gmail.com Sent: Wednesday, September 17, 2014 12:59 PM To: NANOG nanog@nanog.org Subject: Here comes iOS 8... So Apple is about to release iOS 8... Have you done anything special to your network setup to accommodate the traffic flood ie traffic shaping rules, cache servers, etc? I heard that Apple Caching servers won't work with this update, so I'm guessing it will be pushed through Akamai servers as is usually is. - Zachary
Re: FCC Help Wanted
If you have ties to Grand Ayatollah, it would probably be an automatic acceptance into the position. Grant Sent from my iPhone On Sep 1, 2014, at 1:24 PM, Keith Medcalf kmedc...@dessus.com wrote: Of couse such applications will be accepted. However, applicants are warned that failure to include a donation will require alternate verification of the requisite lack of morals and ethics. Will applications without a cancelled check for at least 100k in donations be considered? On Mon, Sep 1, 2014 at 3:19 AM, Joly MacFie j...@punkcast.com wrote: https://www.usajobs.gov/GetJob/ViewDetails/379628100 Job Title:Telecommunications Policy and Technology Specialist (Internet) Agency:Federal Communications Commission SALARY RANGE: $124,995.00 to $157,100.00 / Per Year DUTIES: As Telecommunications Policy and Technology Specialist (Internet), he/she serves as a senior expert consultant and advisor with regard to wireline and wireless broadband technologies used in communications networks, Internet technologies, Internet networking, and traffic exchange evolution issues. Provides expert technical and policy advice on the technology, design, and operations of Internet networks, including changes in network design and traffic exchange practices and policies resulting from emerging commercial practices and strategies. Performs investigative analyses and original research with respect to critical and unprecedented network operations, service provision, traffic exchange, and content delivery issues that involve emerging technologies, services, and commercial incentives; evaluates technical, social, legal, institutional and other related implications of proposed policy decisions on technology adoption, deployment, network operations, communications services provision; and provides input into Commission proceedings that implement those proposed policy decisions. Drafts recommendations, decision memoranda, notices of inquiry, notices of proposed rulemaking, orders, and public notices concerning the technical and business/financial aspects of designing, building, operating, and exchanging traffic among Internet backbone networks, and content delivery and other Internet networks. Drafts correspondence and reports concerning controversial technical aspects of pending or future issues that may warrant Commission actions, requesting additional information as necessary. Initiates correspondence responsive to inquiries from the public, other government agencies, other parts of the FCC, and Congress. Initiates communications with the public (including service providers, trade associations, and consumer groups) concerning technological, business, and operational issues of specific interest or concern to the Commission. Provides guidance and leadership over unusually complex newly emerging technical matters, including those of a precedent-setting nature. Provides expert technical and policy analysis for the Division on any issues relating to advanced communications systems, including broadband systems and the Internet, as assigned by the Division Chief or designees. Facilitates decision and action on such matters by drafting briefing material or rulemaking documents and by briefing the Division and/or Division management on policy or action alternative issues. QUALIFICATIONS REQUIRED: Specialized Experience: Applicants must have a minimum of one year of specialized experience equivalent to at least the GS-14 grade level in the Federal service. For this position, specialized experience includes the following: 1) Experience applying knowledge of network management and operations, network architecture, Internet technologies and services, broadband technologies, data communications, and communications network technology; 2) Experience in a variety of communications networks and systems including Internet and broadband networks; 3) Experience performing investigative analyses and original research with respect to unprecedented network operations and service provision issues that involve emerging technologies; and 4) Experience presenting complex technical and policy information to various audiences. -- --- Joly MacFie 218 565 9365 Skype:punkcast WWWhatsup NYC - http://wwwhatsup.com http://pinstand.com - http://punkcast.com VP (Admin) - ISOC-NY - http://isoc-ny.org -- -
Google voice contact
Hi Everyone, Can someone with Google voice contact me offlist? My work has a google voice number that was setup long ago, and no one knows what email address it is attached to. -Grant
AOL Mail updates DMARC policy to 'reject'
Thought i would throw this out there. http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-reject/ -Grant
Any issues in asia-pac due to typhoon
Hi Everyone, I am curious to see if anyone has been any issues or outages due to the typhoon in the area of the Philippines. Satellite: http://www.pagasa.dost.gov.ph/wb/sat_images/satpic.jpg http://www.usatoday.com/story/news/world/2013/11/07/philippines-typhoon/3465779/ -Grant P.S. - Also sent this to outages list earlier
Re: Verizon So Cal issues?
There is definitely a VZ / LVL3 issue http://www.internetpulse.net/ It is affecting VZ's Atlanta node but not Boston node: http://www.internetpulse.net/Main.aspx?OriginValue=Level3OriginLevel=1DestinationValue=VerizonDestinationLevel=1Metric=TCP -Grant On Wed, Aug 28, 2013 at 9:15 AM, Todd Lyons tly...@ivenue.com wrote: On Wed, Aug 28, 2013 at 8:25 AM, James Laszko jam...@mythostech.com wrote: We are seeing huge latency and packet loss issues with Verizon (DSL/FIOS) in Southern California. Does anyone have any insight? Issues started around 8:10AM Pacific. Been using FIOS served from the Pomona plant all morning with no issues, so I'd suspect it's a locational issue, not regional. Or per David's post, maybe it's dependent upon what you're accessing; I've been mostly VPN'd to the office (VZ - Alter - Savvis), which doesn't touch David's paths. ...Todd -- The total budget at all receivers for solving senders' problems is $0. If you want them to accept your mail and manage it the way you want, send it the way the spec says to. --John Levine
Re: Hilton proxy issue
Anyone from Hilton out there? We are still having this issue. It is not a wayport address since I looked and they are not registered under Hilton's name. -Grant On Tue, Jul 16, 2013 at 1:17 PM, Grant Ridder shortdudey...@gmail.comwrote: The requests are coming from 167.187.100.202 which is in a /16 assigned to Hilton. As far as i know, the waypoint service has its own netblocks. -Grant On Tue, Jul 16, 2013 at 1:11 PM, Jared Mauch ja...@puck.nether.netwrote: On Jul 16, 2013, at 3:44 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, Anyone from Hilton Hotels NOC or related on here? We are seeing their internet proxy doing weird things to http requests to servers at $DAYJOB. Many of the hilton properties have migrated to Wayport/attwifi. Are you seeing the requests from ATT/Wayport or from their corporate? (btw, if you're here and with wayport/attwifi, i would be interested in chatting briefly with you). - Jared
Re: Hilton proxy issue
Better yet, does anyone have any Hilton contacts they could pass my info to? -Grant On Wed, Jul 31, 2013 at 8:54 AM, Grant Ridder shortdudey...@gmail.comwrote: Anyone from Hilton out there? We are still having this issue. It is not a wayport address since I looked and they are not registered under Hilton's name. -Grant On Tue, Jul 16, 2013 at 1:17 PM, Grant Ridder shortdudey...@gmail.comwrote: The requests are coming from 167.187.100.202 which is in a /16 assigned to Hilton. As far as i know, the waypoint service has its own netblocks. -Grant On Tue, Jul 16, 2013 at 1:11 PM, Jared Mauch ja...@puck.nether.netwrote: On Jul 16, 2013, at 3:44 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, Anyone from Hilton Hotels NOC or related on here? We are seeing their internet proxy doing weird things to http requests to servers at $DAYJOB. Many of the hilton properties have migrated to Wayport/attwifi. Are you seeing the requests from ATT/Wayport or from their corporate? (btw, if you're here and with wayport/attwifi, i would be interested in chatting briefly with you). - Jared
Re: Hilton proxy issue
Sounds great Jay, thanks! On Wed, Jul 31, 2013 at 1:31 PM, Jay Moran jay+na...@tp.org wrote: I have BCC'd the likely appropriate Hilton contact for you on this response so they can take a look at the NANOG emails below regarding their Internet proxies to see if it looks like something they can assist with. They were able to have some MTA issues corrected last time Hilton came up on the NANOG list. Good luck! -- Jay Moran http://linked.com/in/jaycmoran On Wed, Jul 31, 2013 at 4:16 PM, Grant Ridder shortdudey...@gmail.comwrote: Better yet, does anyone have any Hilton contacts they could pass my info to? -Grant On Wed, Jul 31, 2013 at 8:54 AM, Grant Ridder shortdudey...@gmail.com wrote: Anyone from Hilton out there? We are still having this issue. It is not a wayport address since I looked and they are not registered under Hilton's name. -Grant On Tue, Jul 16, 2013 at 1:17 PM, Grant Ridder shortdudey...@gmail.com wrote: The requests are coming from 167.187.100.202 which is in a /16 assigned to Hilton. As far as i know, the waypoint service has its own netblocks. -Grant On Tue, Jul 16, 2013 at 1:11 PM, Jared Mauch ja...@puck.nether.net wrote: On Jul 16, 2013, at 3:44 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, Anyone from Hilton Hotels NOC or related on here? We are seeing their internet proxy doing weird things to http requests to servers at $DAYJOB. Many of the hilton properties have migrated to Wayport/attwifi. Are you seeing the requests from ATT/Wayport or from their corporate? (btw, if you're here and with wayport/attwifi, i would be interested in chatting briefly with you). - Jared
Hilton proxy issue
Hi, Anyone from Hilton Hotels NOC or related on here? We are seeing their internet proxy doing weird things to http requests to servers at $DAYJOB. -Grant
Re: Hilton proxy issue
The requests are coming from 167.187.100.202 which is in a /16 assigned to Hilton. As far as i know, the waypoint service has its own netblocks. -Grant On Tue, Jul 16, 2013 at 1:11 PM, Jared Mauch ja...@puck.nether.net wrote: On Jul 16, 2013, at 3:44 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, Anyone from Hilton Hotels NOC or related on here? We are seeing their internet proxy doing weird things to http requests to servers at $DAYJOB. Many of the hilton properties have migrated to Wayport/attwifi. Are you seeing the requests from ATT/Wayport or from their corporate? (btw, if you're here and with wayport/attwifi, i would be interested in chatting briefly with you). - Jared
Re: One of our own in the Guardian.
Someone I know in Washington state has 100/100 at home and made the comment to me a year ago that it was one of the slower speeds offered. I am not sure who his ISP is however. -Grant On Sat, Jul 13, 2013 at 9:20 PM, Joe Hamelin j...@nethead.com wrote: Jima said: Really, who has 100/100 at home? Oddly, those living in Grand Coulee, WA. I went there once to setup corporate connectivity for a regional tire store. They ordered the minimal drop, 50/50Mbs. One of the tire changers there told me that he had 100/100 at home for $50/month. This was a town without T-Mobile service. I had to haul out the butt set and clip on to the business POTS lines to turn up the VPN. Most of rural Central Washington has very good fiber connectivity. Forward looking Public Utility Districts FTW! -- Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474
Re: One of our own in the Guardian.
In Mountain View (the middle of Silicon Valley) the only choice i have is overpriced Comcast w/ a 300 gig limit. I used to chew threw 300 gig in a week when i was in school. -Grant On Sat, Jul 13, 2013 at 9:44 PM, Alex Rubenstein a...@corp.nac.net wrote: Yet, here, where I live, only 47 road miles from New York City, I have a cable company who sells me metered (yes, METERED) DOCSIS, for nearly $100/month, 35/3. The limitation is like 100 GB/month or something (the equivalent of the amount of Netflix or AppleTV my kids watch in a weekend) No alternatives, no FiOS, no nothing. Well, I can get 3/.768 DSL if I please. Someone, please help me. Please. Jima said: Really, who has 100/100 at home? Oddly, those living in Grand Coulee, WA. I went there once to setup corporate connectivity for a regional tire store. They ordered the minimal drop, 50/50Mbs. One of the tire changers there told me that he had 100/100 at home for $50/month. This was a town without T-Mobile service. I had to haul out the butt set and clip on to the business POTS lines to turn up the VPN. Most of rural Central Washington has very good fiber connectivity. Forward looking Public Utility Districts FTW! -- Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Touché Sent from my iPhone On Jul 12, 2013, at 8:56 AM, Eric Wieling ewiel...@nyigc.com wrote: Suspecting your spouse of cheating is much different than coming home and finding them in bed with someone. -Original Message- From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: Thursday, July 11, 2013 9:40 PM To: Rodrick Brown Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages I 2nd Rodrick's statement of so please tell me why are most people shocked with all the spying by governments?. All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown rodrick.br...@gmail.comwrote: : off topic rant : Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- user-data Sent from my Mobile Device.
Re: Google bot contact
I received a very helpful and very prompt off list response, thanks! On Fri, Jul 12, 2013 at 12:41 PM, Nick Khamis sym...@gmail.com wrote: If lucky maybe bot google contact shortdudey...@gmail.com On 7/11/13, Grant Ridder shortdudey...@gmail.com wrote: Can someone that works with the Google Bot contact me off list? I am seeing some really weird access activity for a site I manage. -Grant
Google bot contact
Can someone that works with the Google Bot contact me off list? I am seeing some really weird access activity for a site I manage. -Grant
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I really hope that this doesn't surprise anyone on this list On Thu, Jul 11, 2013 at 2:15 PM, Robert Webb rw...@ropeguru.com wrote: Trying my best here to bail. Between this and the fact they are pulling Technet, along with lots of other little things, I am working my way out. Robert From: Scott Weeks Sent: Thursday, July 11, 2013 15:26 To: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages --- wbai...@satelliteintelligencegroup.com wrote: From: Warren Bailey wbai...@satelliteintelligencegroup.com Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data -- Bail on M$ period. If they give the data willingly this way, I'm sure they also do it in other currently unknown ways. Company culture and all that... scott
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I 2nd Rodrick's statement of so please tell me why are most people shocked with all the spying by governments?. All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown rodrick.br...@gmail.comwrote: : off topic rant : Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data Sent from my Mobile Device.
Re: google troubles?
Does anyone have traceroutes showing where the issues are? -Grant On Wed, Jul 10, 2013 at 7:45 AM, John York jo...@griffintechnology.comwrote: We saw the same thing, but seems to be cleared up now. All our providers that routed to Google addresses in ATL had the issue. We have one provider that lands on Google addresses in DFW, and it was working. ...And now I see that it isn't completely resolved. Some Google apps are still inaccessible via the Atlanta routes. On Wed, Jul 10, 2013 at 9:28 AM, Blair Trosper blair.tros...@gmail.com wrote: Seeing lots of reports of people unable to get to many Google services. Seems to be affecting Comcast users disproportionately. It's fine for me, but a lot of my staff are basically out of luck...but according to the Google Apps Status page, everything is fine. It's anecdotal, but it would seem like there's an issue based on these reports. Oh, and this: http://www.cnn.com/2013/07/10/tech/web/google-down/index.html Anyone know what's up? Fiber cut? DC outages? -- blair -- John York Information Technology | Network Administrator Phone: 615-399-7000 x:333 Griffin Technology 2030 Lindell Avenue Nashville, TN 37203 USA This message and any attachments should be treated as confidential information of Griffin Technology, Inc.
Re: google troubles?
tcptraceroutes working fine too? On Wed, Jul 10, 2013 at 8:16 AM, Milt Aitken m...@net2atlanta.com wrote: We (were) peered with Google in Atlanta. We were unable to bring up web pages for google.com or gmail.com. Traceroute worked, though. I shut off the peering my outbound route switched to Cogent, which works now. I'll try peering again tonight. Maybe they'll have fixed it by then. -Original Message- From: N. Max Pierson [mailto:nmaxpier...@gmail.com] Sent: Wednesday, July 10, 2013 11:00 AM To: Grant Ridder Cc: nanog@nanog.org Subject: Re: google troubles? Traceroutes worked fine for me during the outage. Seems to have been something at L4-L7. -- max On Wed, Jul 10, 2013 at 9:56 AM, Grant Ridder shortdudey...@gmail.comwrote: Does anyone have traceroutes showing where the issues are? -Grant On Wed, Jul 10, 2013 at 7:45 AM, John York jo...@griffintechnology.com wrote: We saw the same thing, but seems to be cleared up now. All our providers that routed to Google addresses in ATL had the issue. We have one provider that lands on Google addresses in DFW, and it was working. ...And now I see that it isn't completely resolved. Some Google apps are still inaccessible via the Atlanta routes. On Wed, Jul 10, 2013 at 9:28 AM, Blair Trosper blair.tros...@gmail.com wrote: Seeing lots of reports of people unable to get to many Google services. Seems to be affecting Comcast users disproportionately. It's fine for me, but a lot of my staff are basically out of luck...but according to the Google Apps Status page, everything is fine. It's anecdotal, but it would seem like there's an issue based on these reports. Oh, and this: http://www.cnn.com/2013/07/10/tech/web/google-down/index.html Anyone know what's up? Fiber cut? DC outages? -- blair -- John York Information Technology | Network Administrator Phone: 615-399-7000 x:333 Griffin Technology 2030 Lindell Avenue Nashville, TN 37203 USA This message and any attachments should be treated as confidential information of Griffin Technology, Inc.
Re: Leap Second
This might sound like an easy question, but how do you verify if a Red Hat box took a leap second? -Grant On Wed, Jul 3, 2013 at 3:25 AM, David Malone david.mal...@nuim.ie wrote: I had a quick look at the data, and only 5 of the servers that I was monitoring advertised a leap on June 30th - three in the US, one in Argentina and one in New Zealand. If Todd or Michael want, we can compare notes and see if they are peering with one of the servers that I spotted. David.
Re: Google news down
Main page is accessible fine from a comcast circuit in Mountain View, CA 313 ms11 ms10 ms te-0-0-0-12-ur05.santaclara.ca.sfba.comcast.net [2001:558:82:87::1] 414 ms35 ms14 ms te-1-1-0-11-ar01.sfsutro.ca.sfba.comcast.net[2001:558:80:40::1] 550 ms14 ms43 ms he-3-7-0-0-cr01.sanjose.ca.ibone.comcast.net[2001:558:0:f775::1] 616 ms14 ms13 ms pos-0-5-0-0-pe01.529bryant.ca.ibone.comcast.net [2001:558:0:f600::2] 712 ms13 ms13 ms 2001:559::386 813 ms13 ms14 ms 2001:4860::1:0:7ea 917 ms13 ms15 ms 2001:4860:0:1::693 1015 ms41 ms14 ms nuq05s02-in-x00.1e100.net[2607:f8b0:4005:802::1000] Trace complete. On Sun, Jun 23, 2013 at 11:46 PM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: Does anyone happen to know what's going on with Google news? Getting an xml parse error for all responses (not well formed) to anything google news related. NSA taking down google news or something? Sent from my Mobile Device.
Re: Google news down
Mobile page works fine via the same comcast circuit as previously mentioned On Mon, Jun 24, 2013 at 12:37 AM, Joly MacFie j...@punkcast.com wrote: Maybe they are adjusting in preparation for Aug 1. http://techcrunch.com/2013/06/21/google-makes-google-news-in-germany-opt-in-only-to-avoid-paying-fees-under-new-copyright-law/ On Mon, Jun 24, 2013 at 2:54 AM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: Seems to be isolated to the mobile site, if anyone finds it of interest. Sent from my Mobile Device. Original message From: Warren Bailey wbai...@satelliteintelligencegroup.com Date: 06/23/2013 11:48 PM (GMT-08:00) To: nanog@nanog.org Subject: Google news down Does anyone happen to know what's going on with Google news? Getting an xml parse error for all responses (not well formed) to anything google news related. NSA taking down google news or something? Sent from my Mobile Device. -- --- Joly MacFie 218 565 9365 Skype:punkcast WWWhatsup NYC - http://wwwhatsup.com http://pinstand.com - http://punkcast.com VP (Admin) - ISOC-NY - http://isoc-ny.org -- -
Re: Need help in flushing DNS
The only apparent link is registration thru network solutions On Wed, Jun 19, 2013 at 10:49 PM, Alex Buie alex.b...@frozenfeline.netwrote: Anyone have news/explanation about what's happening/happened? On Wed, Jun 19, 2013 at 10:34 PM, Paul Ferguson fergdawgs...@gmail.com wrote: Sure enough: ; DiG 9.7.3 @localhost yelp.com A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 53267 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;yelp.com. IN A ;; ANSWER SECTION: yelp.com. 300 IN A 204.11.56.20 ;; Query time: 143 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jun 20 07:33:13 2013 ;; MSG SIZE rcvd: 42 NetRange: 204.11.56.0 - 204.11.59.255 CIDR: 204.11.56.0/22 OriginAS: AS40034 NetName: CONFLUENCE-NETWORKS--TX3 NetHandle: NET-204-11-56-0-1 Parent: NET-204-0-0-0-0 NetType: Direct Allocation Comment: Hosted in Austin TX. Comment: Abuse : Comment: ab...@confluence-networks.com Comment: +1-917-386-6118 RegDate: 2012-09-24 Updated: 2012-09-24 Ref: http://whois.arin.net/rest/net/NET-204-11-56-0-1 OrgName: Confluence Networks Inc OrgId: CN Address: 3rd Floor, Omar Hodge Building, Wickhams Address: Cay I, P.O. Box 362 City: Road Town StateProv: Tortola PostalCode: VG1110 Country: VG RegDate: 2011-04-07 Updated: 2011-07-05 Ref: http://whois.arin.net/rest/org/CN OrgAbuseHandle: ABUSE3065-ARIN OrgAbuseName: Abuse Admin OrgAbusePhone: +1-917-386-6118 OrgAbuseEmail: ab...@confluence-networks.com OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3065-ARIN OrgNOCHandle: NOCAD51-ARIN OrgNOCName: NOC Admin OrgNOCPhone: +1-415-462-7734 OrgNOCEmail: n...@confluence-networks.com OrgNOCRef: http://whois.arin.net/rest/poc/NOCAD51-ARIN OrgTechHandle: TECHA29-ARIN OrgTechName: Tech Admin OrgTechPhone: +1-415-358-0858 OrgTechEmail: ipad...@confluence-networks.com OrgTechRef: http://whois.arin.net/rest/poc/TECHA29-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # - ferg On Wed, Jun 19, 2013 at 10:30 PM, Grant Ridder shortdudey...@gmail.com wrote: Yelp is evidently also affected On Wed, Jun 19, 2013 at 10:19 PM, John Levine jo...@iecc.com wrote: Reaching out to DNS operators around the globe. Linkedin.com has had some issues with DNS and would like DNS operators to flush their DNS. If you see www.linkedin.com resolving NS to ns1617.ztomy.com or ns2617.ztomy.com then please flush your DNS. Any other info please reach out to me off-list. While you're at it, www.usps.com, www.fidelity.com, and other well known sites have had DNS poisoning problems. When I restarted my cache, they look OK. -- Fergie, a.k.a. Paul Ferguson fergdawgster(at)gmail.com
Re: Need help in flushing DNS
Yelp is evidently also affected On Wed, Jun 19, 2013 at 10:19 PM, John Levine jo...@iecc.com wrote: Reaching out to DNS operators around the globe. Linkedin.com has had some issues with DNS and would like DNS operators to flush their DNS. If you see www.linkedin.com resolving NS to ns1617.ztomy.com or ns2617.ztomy.com then please flush your DNS. Any other info please reach out to me off-list. While you're at it, www.usps.com, www.fidelity.com, and other well known sites have had DNS poisoning problems. When I restarted my cache, they look OK.
Re: Mailman reverting settings
Hi, I received a couple offlist replies. To answer Phil's questions, iptables appeared to have spiked the cpu to 100% and caused it to overload and become unresponsive. Var was lot filled up to my knowledge. An offlist reply suggested that if the config.pck file gets corrupted, then mailman will revert to using an old config.db file. After doing a file level restore of the appropriate config.pck file, the list returned to normal. Thanks, Grant On Fri, May 24, 2013 at 9:23 AM, Phil Fagan philfa...@gmail.com wrote: What hung the box? Core dump? Filled up var? On May 23, 2013 11:57 AM, Grant Ridder shortdudey...@gmail.com wrote: Hi Everyone, Has anyone ever seen Mailman revert to an old user list? This morning we had out lists VM pounded on from India and hung the box. After blocking the ip on our firewall and rebooting the hung vm, everything came back up except 1 list. The list appears to have reverted to old settings. I found the config.pck file and it does not have the current settings in it. This has happened once before. The box is running Ubuntu 10.04 and Mailman 2.1.13. Anyone know what would cause this and how to fix it? We are working to try a file level restore from a backup. Thanks, Grant ~~ Grant Ridder Assistant Systems Administrator Milwaukee School of Engineering http://www.msoe.edu/
Mailman reverting settings
Hi Everyone, Has anyone ever seen Mailman revert to an old user list? This morning we had out lists VM pounded on from India and hung the box. After blocking the ip on our firewall and rebooting the hung vm, everything came back up except 1 list. The list appears to have reverted to old settings. I found the config.pck file and it does not have the current settings in it. This has happened once before. The box is running Ubuntu 10.04 and Mailman 2.1.13. Anyone know what would cause this and how to fix it? We are working to try a file level restore from a backup. Thanks, Grant ~~ Grant Ridder Assistant Systems Administrator Milwaukee School of Engineering http://www.msoe.edu/
Re: Feedly and Facebook having issues?
I am not seeing any slowness from a TWTC circuit in Milwaukee, WI. (The spike an noon is due to a script that also runs that slows the server a bit) -Grant On Wed, May 8, 2013 at 12:16 PM, Hank Nussbacher h...@efes.iucc.ac.ilwrote: http://www.isitdownrightnow.**com/facebook.com.htmlhttp://www.isitdownrightnow.com/facebook.com.html http://www.isitdownrightnow.**com/feedly.com.htmlhttp://www.isitdownrightnow.com/feedly.com.html -Hank
Re: Problem reaching Wikipedia (AS43821) via Tele2
Looks like ge-2-5.br1-knams.wikimedia.org (130.244.6.250) is filtering you somehow. Grant Sent from my iPhone On May 2, 2013, at 9:01 AM, Israel G. Lugo israel.l...@lugosys.com wrote: Hello, Anyone else having problems reaching Wikipedia? I can't reach AS43821 (Wikimedia RIPE) from within the Portuguese NREN (AS1930), via Cogent (AS174) - Tele2 (AS1257): traceroute to en.wikipedia.org (91.198.174.225), 30 hops max, 60 byte packets 1 Router3.10GE.Lisboa.fccn.pt (193.136.1.89) [AS1930] 0.953 ms 2 ROUTER10.10GE.Lisboa.fccn.pt (193.137.0.8) [AS1930] 0.939 ms 3 ROUTER4.10GE.Lisboa.fccn.pt (193.137.0.20) [AS1930] 1.000 ms 4 fccn.mx2.lis.pt.geant.net (62.40.124.97) [AS20965] 1.000 ms 5 xe-2-3-0.rt1.mad.es.geant.net (62.40.98.107) [AS20965] 13.926 ms 6 as2.rt1.gen.ch.geant2.net (62.40.112.25) [AS20965] 37.882 ms 7 ae3.mx1.gen.ch.geant.net (62.40.112.14) [AS20965] 37.874 ms 8 ae1.mx1.fra.de.geant.net (62.40.98.109) [AS20965] 44.154 ms 9 ae4.rt1.fra.de.geant.net (62.40.98.135) [AS20965] 43.935 ms 10 te0-4-0-2.mag21.fra03.atlas.cogentco.com (149.6.42.73) [AS174] 44.842 ms 11 fra36-peer-1.xe-1-2-0-unit0.tele2.net (130.244.200.41) [AS1257] 44.368 ms 12 fra36-core-1.bundle-ether2.tele2.net (130.244.64.186) [AS1257] 44.977 ms 13 * 14 ams13-peer-1.ae0-unit0.tele2.net (130.244.53.123) [AS1257] 50.299 ms 15 * 16 * 17 * 18 * 19 * 20 * Tele2's traceroute server (http://services.tele2net.at/traceroute.html) reaches the same IP without problems: 1 213.90.34.4 (213.90.34.4) 0.268 ms 0.124 ms 0.151 ms 2 213.90.1.20 (213.90.1.20) 0.430 ms 0.382 ms 0.303 ms 3 wat1-15-93.net.uta.at (62.218.15.93) 0.497 ms 0.368 ms 0.387 ms 4 c76wmode1-tengigE4-1.net.uta.at (212.152.192.206) 0.644 ms 0.572 ms 0.599 ms 5 wen1-core-2.tengige0-0-1-1.tele2.net (130.244.205.57) 0.836 ms 0.874 ms 0.737 ms 6 fra36-core-1.bundle-ether7.tele2.net (130.244.206.28) 13.683 ms 13.472 ms 13.817 ms 7 ams-core-2.bundle-ether4.tele2.net (130.244.64.201) 20.421 ms 20.482 ms 20.762 ms 8 ams13-peer-1.ae0-unit0.tele2.net (130.244.53.123) 19.972 ms 19.936 ms 19.962 ms 9 ge-2-5.br1-knams.wikimedia.org (130.244.6.250) 20.727 ms 20.641 ms 20.660 ms 10 wikipedia-lb.esams.wikimedia.org (91.198.174.225) 20.610 ms 20.539 ms 20.615 ms Trying from $HOME_ISP, via AS6453 (Globe) - AS1299 (Telia) works fine. Regards, Israel G. Lugo
Re: Fake or Real Google servers from China Hong Kong (116.92.194.14x)?
Whois record isn't Google. inetnum:116.92.0.0 - 116.92.255.255 descr: This field was added to fix syntax error netname:PACNET remarks:Spam and Security: ab...@pacnet.com remarks:Network Issues : r...@pacnet.com country:HK admin-c:PNH4-AP tech-c: PNH4-AP mnt-by: APNIC-HM mnt-lower: MAINT-AP-PACNET mnt-lower: MAINT-AP-PACNET-NOC changed:r...@pacnet.com status: ALLOCATED PORTABLE changed:hm-chan...@apnic.net 20080604 source: APNIC role: PACNET NIC Handler address:PACNET country:HK phone: +65-6872-1010 e-mail: r...@pacnet.com remarks:- remarks:Spam and Security: ab...@pacnet.com remarks:Network Issues : r...@pacnet.com remarks:- admin-c:PR132-AP admin-c:AN155-AP tech-c: PR132-AP tech-c: AN155-AP nic-hdl:PNH4-AP remarks:http://www.pacnet.com notify: r...@pacnet.com mnt-by: MAINT-AP-PACNET changed:r...@pacnet.com 20090911 source: APNIC changed:hm-chan...@apnic.net 2014 On Mon, Mar 25, 2013 at 3:42 PM, Manu Chao linux.ya...@gmail.com wrote: Could someone confirm me following IP are legitimated from Google China (HK) or not (fake=dangerous) ??? 116.92.194.140 116.92.194.141 116.92.194.142 116.92.194.143 No DNS resolution from Google DNS, i am suspicious... Any help appreciate
Re: Time Warner Cable YouTube throttling
Can any one provide traceroutes to youtube to see if there is any correlation between last mile providers? -Grant On Wed, Mar 6, 2013 at 6:37 PM, Derek Ivey de...@derekivey.com wrote: I don't think it's just Time Warner. Definitely looks like XO. I have Verizon FiOS and it was pretty bad for me as well (not sure if it still is since I'm not home right now). There's also atleast two threads in the Verizon FiOS section on Broadband Reports: http://www.dslreports.com/forum/r28027601-Horrible-youtube-speeds http://www.dslreports.com/forum/r28071070-How-to-Reddit-YouTube-firewall-rule-with-MI424wr Derek On Wed, Mar 6, 2013 at 5:56 PM, Rick Coloccia coloc...@geneseo.edu wrote: I'd like to help, too, I'm from a TWC business class site with 650 Mbps bandwidth and still regularly poor performance with YouTube. -Rick Sent from my iPhone 4S On Mar 6, 2013, at 4:10 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Wed, Mar 6, 2013 at 3:34 PM, Randy Carpenter rcar...@network1.net wrote: - Original Message - On Wed, Mar 6, 2013 at 3:11 PM, Randy Carpenter rcar...@network1.net wrote: We have recently been having some serious speed issues with YouTube on our home connections, which are all Time Warner Cable. Some searching on forums and such revealed a work around: Block 206.111.0.0/16 at the router. this was reported elsewhere... it seems odd, since that's XO space, not Google and not TWC space. Would you care to engage in some troubleshooting to help everyone out? :) I'll be happy to help troubleshoot in any way I can. excellent.. I'll arrange my ducks, let's chat offlist?
Re: Time Warner Cable YouTube throttling
The 1st one gets slow at XO and the 2nd and 3rd get slow at Sprint. Now the interesting one with XO is that it is routed in a /30 that is assigned to Google by XO. network:Class-Name:network network:ID:NET-XO-NET-d1302a54 network:Auth-Area:209.48.0.0/15 network:Network-Name:XO-NET-d1302a54 network:Organization;I:GOOGLE INC. (328874-1) network:IP-Network:209.48.42.84/30 network:Admin-Contact;I:XCIA-ARIN network:Tech-Contact;I:XCIA-ARIN network:Created:20120917 network:Updated:20121018 network:Updated-By:ipad...@eng.xo.com -Grant On Wed, Mar 6, 2013 at 8:25 PM, Min qiu.mi...@gmail.com wrote: 3 traces all indicated the last hub are 80~100ms faster than the second last hub. Interesting. Min On Wed, Mar 6, 2013 at 9:07 PM, Derek Ivey de...@derekivey.com wrote: I just got home and tested with quite a few 1080p videos. No issues over my Hurricane Electric IPv6 tunnel. I did notice frequent stops to buffer on my FiOS IPv4 connection. I have a 50 Mbps down connection and don't even come close to maxing it when watching Youtube videos. Here are a few traceroutes: [2.1-BETA0][root@pfsense]/root(1): traceroute r19---sn-p5qlsm7d.c.youtube.com traceroute to r19.sn-p5qlsm7d.c.youtube.com (208.117.251.184), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.222 ms 1.348 ms 0.834 ms 2 G10-0-8-112.HRBGPA-LCR-01.verizon-gni.net (130.81.184.148) 2.839 ms 2.589 ms 2.443 ms 3 P12-0-0.HRBGPA-LCR-02.verizon-gni.net (130.81.27.185) 14.880 ms 14.614 ms 14.698 ms 4 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.647 ms 14.696 ms 14.552 ms 5 0.xe-3-1-1.BR1.IAD8.ALTER.NET (152.63.37.141) 15.027 ms 15.004 ms 15.064 ms 6 te9-2-0d0.cir1.ashburn-va.us.xo.net (206.111.0.201) 38.517 ms 36.033 ms 34.816 ms 7 216.156.8.189.ptr.us.xo.net (216.156.8.189) 31.958 ms 30.994 ms 29.194 ms 8 209.48.42.86 (209.48.42.86) 124.931 ms 126.117 ms 124.303 ms 9 208.117.251.184 (208.117.251.184) 26.483 ms 27.792 ms 27.974 ms [2.1-BETA0][root@pfsense]/root(2): traceroute r15---sn-p5qlsm76.c.youtube.com traceroute to r15.sn-p5qlsm76.c.youtube.com (208.117.251.148), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.077 ms 0.863 ms 0.968 ms 2 G10-0-8-112.HRBGPA-LCR-01.verizon-gni.net (130.81.184.148) 2.429 ms 2.265 ms 2.456 ms 3 P12-0-0.HRBGPA-LCR-02.verizon-gni.net (130.81.27.185) 14.788 ms 14.666 ms 14.643 ms 4 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.591 ms 14.479 ms 16.041 ms 5 0.xe-10-0-0.BR2.IAD8.ALTER.NET (152.63.38.165) 15.007 ms 15.109 ms 14.975 ms 6 144.232.8.209 (144.232.8.209) 187.038 ms 115.363 ms 117.669 ms 7 sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 116.263 ms sl-st31-ash-0-8-0-2.sprintlink.net (144.232.1.19) 116.491 ms sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 116.934 ms 8 sl-googl10-584821-0.sprintlink.net (144.228.205.34) 122.521 ms 122.780 ms 121.535 ms 9 208.117.251.148 (208.117.251.148) 33.669 ms 37.652 ms 38.478 ms [2.1-BETA0][root@pfsense]/root(6): traceroute r10---sn-p5qlsm7l.c.youtube.com traceroute to r10.sn-p5qlsm7l.c.youtube.com (208.117.251.47), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.159 ms 0.831 ms 0.806 ms 2 G9-0-4-212.HRBGPA-LCR-02.verizon-gni.net (130.81.139.126) 2.396 ms 2.435 ms 2.167 ms 3 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.497 ms 14.767 ms 14.695 ms 4 0.xe-11-0-0.BR2.IAD8.ALTER.NET (152.63.38.169) 15.001 ms 15.074 ms 15.024 ms 5 144.232.8.209 (144.232.8.209) 118.582 ms 116.717 ms 113.669 ms 6 sl-st31-ash-0-4-0-3.sprintlink.net (144.232.3.169) 114.433 ms 117.698 ms sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 115.981 ms 7 sl-googl10-584821-0.sprintlink.net (144.228.205.34) 123.912 ms 124.402 ms 125.384 ms 8 208.117.251.47 (208.117.251.47) 30.591 ms 30.676 ms 29.528 ms Derek On 3/6/2013 8:31 PM, Grant Ridder wrote: Can any one provide traceroutes to youtube to see if there is any correlation between last mile providers? -Grant On Wed, Mar 6, 2013 at 6:37 PM, Derek Ivey de...@derekivey.com mailto:de...@derekivey.com wrote: I don't think it's just Time Warner. Definitely looks like XO. I have Verizon FiOS and it was pretty bad for me as well (not sure if it still is since I'm not home right now). There's also atleast two threads in the Verizon FiOS section on Broadband Reports: http://www.dslreports.com/forum/r28027601-Horrible-youtube-speeds http://www.dslreports.com/forum/r28071070-How-to-Reddit-YouTube-firewall-rule-with-MI424wr Derek On Wed, Mar 6, 2013 at 5:56 PM, Rick Coloccia coloc...@geneseo.edu mailto:coloc...@geneseo.edu wrote: I'd like to help, too, I'm from a TWC
Re: Time Warner Cable YouTube throttling
One thing to keep in mind is that youtube may be anycast. Google's distributed file system is pretty amazing and it could be traffic to one specific datacenter that is possibly slow. -Grant On Wed, Mar 6, 2013 at 8:47 PM, Min qiu.mi...@gmail.com wrote: I use FIOS. In my case, I suspected two things. 1. congestion (my first hub appeared over subscribed) 2. packet out of order (high packet drop in alternet-google could be a symptom of multipath) Not sure which has bigger performance impact to youtube. Min On Wed, Mar 6, 2013 at 9:35 PM, Grant Ridder shortdudey...@gmail.com wrote: The 1st one gets slow at XO and the 2nd and 3rd get slow at Sprint. Now the interesting one with XO is that it is routed in a /30 that is assigned to Google by XO. network:Class-Name:network network:ID:NET-XO-NET-d1302a54 network:Auth-Area:209.48.0.0/15 network:Network-Name:XO-NET-d1302a54 network:Organization;I:GOOGLE INC. (328874-1) network:IP-Network:209.48.42.84/30 network:Admin-Contact;I:XCIA-ARIN network:Tech-Contact;I:XCIA-ARIN network:Created:20120917 network:Updated:20121018 network:Updated-By:ipad...@eng.xo.com -Grant On Wed, Mar 6, 2013 at 8:25 PM, Min qiu.mi...@gmail.com wrote: 3 traces all indicated the last hub are 80~100ms faster than the second last hub. Interesting. Min On Wed, Mar 6, 2013 at 9:07 PM, Derek Ivey de...@derekivey.com wrote: I just got home and tested with quite a few 1080p videos. No issues over my Hurricane Electric IPv6 tunnel. I did notice frequent stops to buffer on my FiOS IPv4 connection. I have a 50 Mbps down connection and don't even come close to maxing it when watching Youtube videos. Here are a few traceroutes: [2.1-BETA0][root@pfsense]/root(1): traceroute r19---sn-p5qlsm7d.c.youtube.com traceroute to r19.sn-p5qlsm7d.c.youtube.com (208.117.251.184), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.222 ms 1.348 ms 0.834 ms 2 G10-0-8-112.HRBGPA-LCR-01.verizon-gni.net (130.81.184.148) 2.839 ms 2.589 ms 2.443 ms 3 P12-0-0.HRBGPA-LCR-02.verizon-gni.net (130.81.27.185) 14.880 ms 14.614 ms 14.698 ms 4 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.647 ms 14.696 ms 14.552 ms 5 0.xe-3-1-1.BR1.IAD8.ALTER.NET (152.63.37.141) 15.027 ms 15.004 ms 15.064 ms 6 te9-2-0d0.cir1.ashburn-va.us.xo.net (206.111.0.201) 38.517 ms 36.033 ms 34.816 ms 7 216.156.8.189.ptr.us.xo.net (216.156.8.189) 31.958 ms 30.994 ms 29.194 ms 8 209.48.42.86 (209.48.42.86) 124.931 ms 126.117 ms 124.303 ms 9 208.117.251.184 (208.117.251.184) 26.483 ms 27.792 ms 27.974 ms [2.1-BETA0][root@pfsense]/root(2): traceroute r15---sn-p5qlsm76.c.youtube.com traceroute to r15.sn-p5qlsm76.c.youtube.com (208.117.251.148), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.077 ms 0.863 ms 0.968 ms 2 G10-0-8-112.HRBGPA-LCR-01.verizon-gni.net (130.81.184.148) 2.429 ms 2.265 ms 2.456 ms 3 P12-0-0.HRBGPA-LCR-02.verizon-gni.net (130.81.27.185) 14.788 ms 14.666 ms 14.643 ms 4 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.591 ms 14.479 ms 16.041 ms 5 0.xe-10-0-0.BR2.IAD8.ALTER.NET (152.63.38.165) 15.007 ms 15.109 ms 14.975 ms 6 144.232.8.209 (144.232.8.209) 187.038 ms 115.363 ms 117.669 ms 7 sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 116.263 ms sl-st31-ash-0-8-0-2.sprintlink.net (144.232.1.19) 116.491 ms sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 116.934 ms 8 sl-googl10-584821-0.sprintlink.net (144.228.205.34) 122.521 ms 122.780 ms 121.535 ms 9 208.117.251.148 (208.117.251.148) 33.669 ms 37.652 ms 38.478 ms [2.1-BETA0][root@pfsense]/root(6): traceroute r10---sn-p5qlsm7l.c.youtube.com traceroute to r10.sn-p5qlsm7l.c.youtube.com (208.117.251.47), 64 hops max, 40 byte packets 1 L100.HRBGPA-VFTTP-12.verizon-gni.net (98.117.0.1) 1.159 ms 0.831 ms 0.806 ms 2 G9-0-4-212.HRBGPA-LCR-02.verizon-gni.net (130.81.139.126) 2.396 ms 2.435 ms 2.167 ms 3 so-12-1-0-0.RES-BB-RTR1.verizon-gni.net (130.81.28.254) 14.497 ms 14.767 ms 14.695 ms 4 0.xe-11-0-0.BR2.IAD8.ALTER.NET (152.63.38.169) 15.001 ms 15.074 ms 15.024 ms 5 144.232.8.209 (144.232.8.209) 118.582 ms 116.717 ms 113.669 ms 6 sl-st31-ash-0-4-0-3.sprintlink.net (144.232.3.169) 114.433 ms 117.698 ms sl-st31-ash-0-4-0-0.sprintlink.net (144.232.28.6) 115.981 ms 7 sl-googl10-584821-0.sprintlink.net (144.228.205.34) 123.912 ms 124.402 ms 125.384 ms 8 208.117.251.47 (208.117.251.47) 30.591 ms 30.676 ms 29.528 ms Derek On 3/6/2013 8:31 PM, Grant Ridder wrote: Can any one provide traceroutes to youtube to see if there is any correlation between last mile providers
Re: Time Warner Cable YouTube throttling
RIT is probably on a commercial circuit and from what i have seen on this chain so far, it is only affecting home/consumer users. At MSOE (msoe.edu) i dont show any latency but we are on TWTC. Anyone chime in if that is wrong. -Grant On Wed, Mar 6, 2013 at 10:46 PM, Mark Jeremy mej...@rit.edu wrote: Jumping into the bandwagon here to help out. Here's the result from RIT to r19.sn-p5qlsm7d.c.youtube.com, going through at least 4 hops through XO territory. traceroute to r19.sn-p5qlsm7d.c.youtube.com (208.117.251.184), 30 hops max, 60 byte packets 1 rit-west1-gw-014-vlan453.rit.edu (129.21.153.254) 0.593 ms 0.584 ms 0.576 ms 2 rit-core1-pp-west2-vlan824.rit.edu (129.21.8.93) 1.938 ms 1.941 ms 2.116 ms 3 rit-rit1-pp-core1-vlan2811.rit.edu (129.21.8.42) 0.508 ms 0.497 ms 0.484 ms 4 te-7-2.car2.Buffalo1.Level3.net (4.59.214.21) 2.293 ms 2.294 ms 2.282 ms 5 ae-4-4.ebr2.NewYork1.Level3.net (4.69.140.242) 10.332 ms 10.339 ms 11.022 ms 6 ae-72-72.csw2.NewYork1.Level3.net (4.69.148.38) 15.274 ms 10.212 ms ae-92-92.csw4.NewYork1.Level3.net (4.69.148.46) 10.204 ms 7 ae-1-60.edge2.NewYork1.Level3.net (4.69.155.16) 10.202 ms ae-2-70.edge2.NewYork1.Level3.net (4.69.155.80) 10.174 ms 10.171 ms 8 206.111.13.65.ptr.us.xo.net (206.111.13.65) 10.160 ms 10.345 ms 10.336 ms 9 207.88.14.185.ptr.us.xo.net (207.88.14.185) 18.555 ms 18.541 ms 20.749 ms 10 ae0d1.cir1.ashburn-va.us.xo.net (207.88.13.65) 16.241 ms 16.322 ms 16.261 ms 11 209.48.42.86 (209.48.42.86) 16.673 ms 64.114 ms 64.054 ms 12 208.117.251.184 (208.117.251.184) 16.313 ms 16.306 ms 16.486 ms -MJ -Original Message- From: John Zettlemoyer [mailto:j...@razorservers.com] Sent: Wednesday, March 06, 2013 11:19 PM To: 'Derek Ivey' Cc: nanog@nanog.org Subject: RE: Time Warner Cable YouTube throttling Yup... This might be more helpful. I went to r19.sn-p5qlsm7d.c.youtube.com for better comparison. Verizon FIOS 1 8 ms 4 ms 4 ms l100.cmdnnj-vfttp-27.verizon-gni.net [98.110.113.1] 2 9 ms 6 ms 7 ms g0-3-3-6.cmdnnj-lcr-22.verizon-gni.net [130.81.182.44] 310 ms 9 ms 9 ms xe-9-1-2-0.ny5030-bb-rtr2.verizon-gni.net [130.81.209.144] 4 8 ms 8 ms 9 ms 0.xe-3-1-0.br3.nyc4.alter.net [152.63.26.117] 523 ms24 ms24 ms 204.255.168.118 633 ms34 ms34 ms 144.232.4.93 722 ms22 ms22 ms sl-crs4-nyc-0-3-5-0.sprintlink.net [144.232.7.122] 825 ms22 ms24 ms sl-crs2-dc-0-4-0-2.sprintlink.net [144.232.8.164] 922 ms21 ms22 ms sl-st31-ash-0-2-0-0.sprintlink.net [144.232.25.15] 1050 ms49 ms49 ms sl-googl10-584821-0.sprintlink.net [144.228.205.34] 1120 ms19 ms19 ms 208.117.251.184 Comcast 127 ms31 ms21 ms 68.38.220.1 2 8 ms 9 ms11 ms xe-11-3-0-0-sur01.burlington.nj.panjde.comcast.net [68.85.128.237] 311 ms 9 ms 9 ms xe-13-0-0-0-ar03.audubon.nj.panjde.comcast.net [68.85.62.89] 415 ms16 ms15 ms pos-4-0-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.93.233] 514 ms14 ms13 ms be-27-pe06.ashburn.va.ibone.comcast.net [68.86.82.174] 615 ms13 ms14 ms 144.232.6.97 715 ms14 ms15 ms sl-st31-ash-0-4-0-3.sprintlink.net [144.232.3.169] 834 ms32 ms31 ms sl-googl10-584821-0.sprintlink.net [144.228.205.34] 930 ms31 ms31 ms 208.117.251.184 Our DC 11 ms1 ms1 ms static.razorinc.net [70.34.208.101] 21 ms1 ms1 ms mx1.razorinc.net [70.34.252.9] 31 ms1 ms1 ms xe-0-2-0.phi10.ip4.tinet.net [199.168.63.233] 4 3 ms 8 ms 3 ms xe-7-2-1.was14.ip4.tinet.net [89.149.181.174] 5 3 ms 3 ms 3 ms as2828.ip4.tinet.net [77.67.68.14] 6 3 ms 3 ms 3 ms 216.156.8.189.ptr.us.xo.net[216.156.8.189] 7 4 ms 4 ms 4 ms 209.48.42.86 8 4 ms 4 ms 4 ms 208.117.251.184 John
Re: After Being Cut From Norway, The Pirate Bay Returns From North Korea or is it just BGP Tricks
It was a hoax http://www.pcworld.com/article/2030073/the-pirate-bay-admits-to-north-korean-hosting-hoax.html On Tue, Mar 5, 2013 at 10:10 AM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: Seems easy enough to convince North Korea that they should announce my prefixes... ;) From my Android phone on T-Mobile. The first nationwide 4G network. Original message From: Stephane Bortzmeyer bortzme...@nic.fr Date: 03/05/2013 10:55 AM (GMT-05:00) To: Bacon Zombie baconzom...@gmail.com Cc: nanog@nanog.org Subject: Re: After Being Cut From Norway, The Pirate Bay Returns From North Korea or is it just BGP Tricks On Mon, Mar 04, 2013 at 09:43:05PM +, Bacon Zombie baconzom...@gmail.com wrote a message of 71 lines which said: But there is a lot of debate on Reddit that they are not really in North Korea and just doing some BGP trickery: And ICMP trickery, to send false ICMP replies (with a delay) to traceroute requests. I am certain they are not in North Korea. The TCP latency when you connect with HTTP to thepiratebay.se if 40 ms, something which you cannot have from North Korea.
Re: Check this out T-Mobile Launches GoSmart Prepaid Service Nationally on Phone Scoop
haha i love the header: Received: (from nobody@localhost) On Tue, Feb 19, 2013 at 7:48 PM, Jay Ashworth j...@baylink.com wrote: Check this out: http://www.phonescoop.com/articles/article.php?a=11946 This email was sent via Phone Scoop (www.phonescoop.com). The sender thought you might be interested in the page linked above.
Re: Reachability problem with AS8388 [194.63.246.0/23]
Can you provide the traceroute? -Grant On Tue, Feb 12, 2013 at 6:01 AM, Carlos Friacas cfria...@fccn.pt wrote: Hello, Does anyone has reachability issues with AS8388? It seems i'm unable to get packets back from 194.63.246.0/23, but only if the source is my 193.136.0.0/15 block, at AS1930. It works well from my other netblocks. I'm basically performing a (non-recursive) DNS query to DNS servers within 194.63.246.0/23. I've been trying to involve upstream providers to take a deeper look at this problem, but i haven't had any luck so far. I can't even get a traceroute back to my network from anyone at AS8388. Any suggestions? Best Regards, Carlos Friaças
Re: Reachability problem with AS8388 [194.63.246.0/23]
Traceroute to the same address from a TWTC circuit in Milwaukee, Wi drops in the same network as you. 7 7 ms 6 ms 7 ms xe-7-3-0.edge4.Chicago3.Level3.net[4.53.98.45] 8 114 ms 110 ms 113 ms vlan52.ebr2.Chicago2.Level3.net[4.69.138.190] 9 112 ms 110 ms 111 ms ae-6-6.ebr2.Washington12.Level3.net[4.69.148.145] 10 113 ms 113 ms 114 ms ae-5-5.ebr2.Washington1.Level3.net[4.69.143.221] 11 113 ms 109 ms 109 ms ae-43-43.ebr2.Paris1.Level3.net[4.69.137.57] 12 111 ms 111 ms 115 ms ae-45-45.ebr1.Frankfurt1.Level3.net[4.69.143.133] 13 111 ms 111 ms 111 ms ae-81-81.csw3.Frankfurt1.Level3.net[4.69.140.10] 14 110 ms 107 ms 109 ms ae-3-80.edge1.Frankfurt1.Level3.net[4.69.154.133] 15 190 ms 189 ms 183 ms 212.162.9.6 16 *** Request timed out. 17 176 ms 169 ms 169 ms tengigaeth00-00-00-00.adr00.csr.hol.gr[62.38.93.98] 18 *** Request timed out. 19 *** Request timed out. 20 *** Request timed out. 21 *** Request timed out. 22 ^C On Tue, Feb 12, 2013 at 9:52 AM, Carlos Friacas cfria...@fccn.pt wrote: On Tue, 12 Feb 2013, Grant Ridder wrote: Hello, Can you provide the traceroute? Yes. Please see below. We were already told they drop icmp packets making the traceroute useless beyond 62.38.94.98 I strongly suspect there is an issue only on the return path, but i would need a traceroute originated at the other end so i can be sure and understand where the packets (tcp udp) are exactly being dropped. Regards, Carlos Friaças # traceroute 194.63.247.20 traceroute to 194.63.247.20 (194.63.247.20), 30 hops max, 60 byte packets 1 193.136.2.29 (193.136.2.29) 0.278 ms 0.256 ms 0.241 ms 2 ROUTER4.10GE.Lisboa.fccn.pt (193.137.0.20) 0.294 ms 0.282 ms 0.269 ms 3 fccn.mx2.lis.pt.geant.net (62.40.124.97) 0.332 ms 0.320 ms 0.337 ms 4 xe-2-3-0.rt1.mad.es.geant.net (62.40.98.107) 12.650 ms 12.725 ms 12.641 ms 5 as2.rt1.gen.ch.geant2.net (62.40.112.25) 34.808 ms 34.791 ms 34.863 ms 6 ae3.rt1.fra.de.geant2.net (62.40.112.161) 43.062 ms 43.022 ms 43.010 ms 7 te0-7-0-5.ccr22.fra03.atlas.**cogentco.comhttp://te0-7-0-5.ccr22.fra03.atlas.cogentco.com(149.6.42.73) 43.724 ms 43.808 ms 43.889 ms 8 te0-0-0-2.ccr22.ams03.atlas.**cogentco.comhttp://te0-0-0-2.ccr22.ams03.atlas.cogentco.com(130.117.3.89) 50.106 ms te0-2-0-2.ccr22.ams03.atlas.**cogentco.comhttp://te0-2-0-2.ccr22.ams03.atlas.cogentco.com(130.117.1.65) 50.240 ms te0-0-0-2.ccr22.ams03.atlas.**cogentco.comhttp://te0-0-0-2.ccr22.ams03.atlas.cogentco.com(130.117.3.89) 50.114 ms 9 te0-2-0-0.ccr22.lon13.atlas.**cogentco.comhttp://te0-2-0-0.ccr22.lon13.atlas.cogentco.com(130.117.1.170) 55.518 ms te0-0-0-0.ccr22.lon13.atlas.**cogentco.comhttp://te0-0-0-0.ccr22.lon13.atlas.cogentco.com(130.117.1.225) 55.453 ms te0-5-0-0.ccr22.lon13.atlas.**cogentco.comhttp://te0-5-0-0.ccr22.lon13.atlas.cogentco.com(154.54.61.154) 55.689 ms 10 te0-1-0-0.ccr22.lon01.atlas.**cogentco.comhttp://te0-1-0-0.ccr22.lon01.atlas.cogentco.com(154.54.57.178) 55.570 ms te0-4-0-0.ccr22.lon01.atlas.**cogentco.comhttp://te0-4-0-0.ccr22.lon01.atlas.cogentco.com(130.117.0.205) 55.452 ms te0-2-0-0.ccr22.lon01.atlas.**cogentco.comhttp://te0-2-0-0.ccr22.lon01.atlas.cogentco.com(154.54.57.174) 55.481 ms 11 te2-1.mag02.lon01.atlas.**cogentco.comhttp://te2-1.mag02.lon01.atlas.cogentco.com(154.54.74.114) 55.439 ms 55.356 ms 55.342 ms 12 149.6.187.234 (149.6.187.234) 55.370 ms 55.451 ms 55.493 ms 13 POS00-07-00-03.med00.brd.hol.**grhttp://POS00-07-00-03.med00.brd.hol.gr(62.38.36.13) 127.954 ms * 127.106 ms 14 tengigaeth00-01-00-02.med00.**ccr.hol.grhttp://tengigaeth00-01-00-02.med00.ccr.hol.gr(62.38.97.29) 136.321 ms * * 15 tengigaeth00-07-00-00.med00.**csr.hol.grhttp://tengigaeth00-07-00-00.med00.csr.hol.gr(62.38.94.98) 125.525 ms 125.519 ms 125.584 ms 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * -Grant On Tue, Feb 12, 2013 at 6:01 AM, Carlos Friacas cfria...@fccn.pt wrote: Hello, Does anyone has reachability issues with AS8388? It seems i'm unable to get packets back from 194.63.246.0/23, but only if the source is my 193.136.0.0/15 block, at AS1930. It works well from my other netblocks. I'm basically performing a (non-recursive) DNS query to DNS servers within 194.63.246.0/23. I've been trying to involve upstream providers to take a deeper look at this problem, but i haven't had any luck so far. I can't even get a traceroute back to my network from anyone at AS8388. Any suggestions? Best Regards, Carlos Friaças
Re: ripe/ncc likes cookies
Don't most browsers accept all cookies by default without asking the user? -Grant Sent from my iPhone On Jan 12, 2013, at 11:03 PM, Randy Bush ra...@psg.com wrote: Local law in EU which I assumed that most knew about http://www.cookielaw.org/about-this-message.aspx this says what you must do if you want to feed the client a cookie. it does not mandate feeding them a cookie. in fact, it would seem to suggest that you might do so only if you really must. randy
Re: SSL Certificates and ... Providers
Yes the Verisign auth stuff is done by Symantic as of 2010. -Grant On Thursday, December 27, 2012, Christopher Morrow wrote: On Thu, Dec 27, 2012 at 3:37 PM, Blake Pfankuch bl...@pfankuch.mejavascript:; wrote: Our stuff is currently through Verisign because of the reliability of the name and the nature of the industry. verisign sold this business (like 2+ years ago?), maybe it's time to find someone else with a reliable name? (who hasn't sold the business out from under you)
Re: gmail offline?
Not seeing any issues from a TWTC circuit in Milwaukee, Wi. -Grant On Mon, Dec 10, 2012 at 11:01 AM, Andrew Latham lath...@gmail.com wrote: On Mon, Dec 10, 2012 at 11:56 AM, Philip Lavine source_ro...@yahoo.com wrote: getting a 502 error Some network issues on a normal Monday morning. -- ~ Andrew lathama Latham lath...@gmail.com http://lathama.net ~
Re: gmail offline?
I stand corrected, the web interface just stopped working with a 502 error Sent from my iPhone On Dec 10, 2012, at 11:06 AM, Tom Beecher tbeec...@localnet.com wrote: Web interface for Gmail/GChat seems to be the culprit. My email and chat clients that don't use the web interface seem pretty uneffected. It's Google. They'll straighten it out quick enough. On 12/10/2012 12:00 PM, Peter Kristolaitis wrote: I'm getting the same thing when I try to access the web interface, but SMTP IMAP seem to be working fine at the moment. - Peter On 12/10/2012 11:56 AM, Philip Lavine wrote: getting a 502 error
Apple iMessage
Hi, Is anyone having trouble with apples iMessage service? A friend and I are in Wisconsin and Illinois respectfully and messages via iMessage are taking up to several minutes to send. I am using a 4s on iOS 5 and my friend is using a 3GS. Thanks Grant
Re:
I love spam from Honduras. I am hoping that someone is going to kick this email from the members list. On Tue, Aug 21, 2012 at 4:47 PM, ty chan chanty...@yahoo.com wrote: http://homeprobestprice.info/wp-admin/bjsdvs.php?comz=comz
Re: DNS Changer items
From the little blurb on the RIPE site, it sounds like the Dutch police are making threats (taking over administration) that they can't legally keep. It also sounds like RIPE did a big screw you to the Dutch police for trying to interfere. -Grant On Wed, Aug 15, 2012 at 4:46 AM, Stephen Wilcox steve.wil...@ixreach.comwrote: FYI RIPE reallocated these blocks. Whilst I understand they didn't want the court order, this seems a bit silly, doesn't that now make the machines residing in these blocks special - even if the owners arent miscreants, it makes them a viable target. https://www.ripe.net/internet-coordination/news/clarification-on-reallocated-ipv4-address-space-related-to-dutch-police-order inetnum: 93.188.160.0 - 93.188.167.255 netname: LT-HOSTING-20120810 descr: Aurimas Rapalis trading as II Hosting Media country: US inetnum: 85.255.112.0 - 85.255.127.255 netname: INEVO-NET descr: Inevo Labs SRL country: RO On 13 July 2012 19:48, Owen DeLong o...@delong.com wrote: On Jul 7, 2012, at 10:31 AM, Jay Ashworth wrote: - Original Message - From: Seth Mattinen se...@rollernet.us On Fri, 06 Jul 2012 13:20:55 -0400, Andrew Fried said: The dns-ok.us site is getting crushed from all the sudden media interest. One wonders why it's so hard to get the media interested when it would be *helpful*. DNS Changer gets traction like 3 days before the drop dead date, IPv6 gets on the radar *after* we run out of v4 /8's to give to regionals, etc... Reactive is easier to justify to the powers that be than proactive. It's easier to justify *not* being smart enough to deal with the problem when it doesn't cause a major disruption? When it isn't causing a major problem, the powers that be have a harder time understanding the need to act. Once it is causing a major disruption, the powers that be have no trouble understanding the need to act. This is not veneration of stupidity, it is human nature. Often summarized in the colloquialism The squeaky wheel gets the grease. Owen -- Director / Founder IX Reach Ltd E: steve.wil...@ixreach.com M: +44 7966 048633 Tempus Court, Bellfield Road, High Wycombe, HP13 5HA, UK.
Re: Att funkyness
What kind of circuit? residential? commercial? DNS server ip's? On Wed, Aug 15, 2012 at 9:17 AM, jeff jones jeff.jjo...@gmail.com wrote: Anyone seeing issues with ATT and DNS resolution? Still troubleshooting, but wanted other input. Thanks ~Jeff
Re: Att funkyness
I have ATT DSL at home and the DNS servers (68.94.156.1 and 68.94.157.1) pushed from ATT work fine. -Grant On Wed, Aug 15, 2012 at 9:34 AM, Justin Vocke justin.vo...@gmail.comwrote: https://twitter.com/#!/search/AT%26T%20DNS ATT is having some DNS issues on their backbone. There is currently no ETA for resolution. -- Justin Vocke On 8/15/12 9:20 AM, Grant Ridder shortdudey...@gmail.com wrote: What kind of circuit? residential? commercial? DNS server ip's? On Wed, Aug 15, 2012 at 9:17 AM, jeff jones jeff.jjo...@gmail.com wrote: Anyone seeing issues with ATT and DNS resolution? Still troubleshooting, but wanted other input. Thanks ~Jeff
Re: DNS Changer items
Caved? How so? It looks like RIPE is ignoring the court order to keep the blocks locked. Unless i am misunderstanding it. On Wed, Aug 15, 2012 at 3:52 PM, Randy Bush ra...@psg.com wrote: It also sounds like RIPE did a big screw you to the Dutch police for trying to interfere. no, they caved.
Re: DNS Changer items
Gotcha On Wed, Aug 15, 2012 at 4:34 PM, Randy Bush ra...@psg.com wrote: Caved? How so? at the time, ripe caved to the court order. took some weeks before they woke up. now a lot of noise, lawyers, and whitewash. randy
Comcast outage
Does anyone know about or experiencing a Comcast outage in the Santa Clara area? -Grant
Re: UCSF Network Admin??
Ditto on that from TWTC in Milwaukee, WI. # dig www.ucsf.edu @ucsfns2.ucsf.edu ; DiG 9.8.1-P1 www.ucsf.edu @ucsfns2.ucsf.edu ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 49793 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 6 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.ucsf.edu. IN A ;; ANSWER SECTION: www.ucsf.edu. 3600IN A 64.54.132.50 ;; AUTHORITY SECTION: ucsf.edu. 3600IN NS adns1.Berkeley.edu. ucsf.edu. 3600IN NS ucsfns2.ucsf.edu. ucsf.edu. 3600IN NS adns2.Berkeley.edu. ucsf.edu. 3600IN NS ucsfns1.ucsf.edu. ;; ADDITIONAL SECTION: adns1.Berkeley.edu. 172800 IN A 128.32.136.3 adns1.Berkeley.edu. 3600IN 2607:f140::fffe::3 adns2.Berkeley.edu. 172800 IN A 128.32.136.14 adns2.Berkeley.edu. 3600IN 2607:f140::fffe::e ucsfns1.ucsf.edu. 3600IN A 128.218.254.10 ucsfns2.ucsf.edu. 3600IN A 128.218.254.40 ;; Query time: 63 msec ;; SERVER: 128.218.254.40#53(128.218.254.40) ;; WHEN: Wed Aug 1 13:48:51 2012 ;; MSG SIZE rcvd: 259 On Wed, Aug 1, 2012 at 1:07 PM, Henry Stryker he...@hup.org wrote: On 08/01/12 10:51 , Robert Glover wrote: We are not able to query their DNS servers from our network. We've got users not able to access anything UCSF due to this. I am querying them OK. I am in US AZ. I am also able to reach manana.garlic.com. [hyperion]/usr/local# dig www.ucsf.edu @ucsfns2.ucsf.edu www.ucsf.edu. 3600IN A 64.54.132.50 ucsf.edu. 3600IN NS ucsfns1.ucsf.edu. ucsf.edu. 3600IN NS adns2.Berkeley.edu. ucsf.edu. 3600IN NS adns1.Berkeley.edu. ucsf.edu. 3600IN NS ucsfns2.ucsf.edu. adns1.Berkeley.edu. 172800 IN A 128.32.136.3 adns1.Berkeley.edu. 3600IN 2607:f140::fffe::3 adns2.Berkeley.edu. 172800 IN A 128.32.136.14 adns2.Berkeley.edu. 3600IN 2607:f140::fffe::e ucsfns1.ucsf.edu. 3600IN A 128.218.254.10 ucsfns2.ucsf.edu. 3600IN A 128.218.254.40 ;; Query time: 41 msec ;; SERVER: 128.218.254.40#53(128.218.254.40) ;; WHEN: Wed Aug 1 11:02:46 2012 ;; MSG SIZE rcvd: 270
Re: Another LTE network turns up as IPv4-only squat space + NAT
I am on sprint and my ip is always in the 20. net even though my wan up is totally different. Grant On Wednesday, July 18, 2012, TJ wrote: Even if they did OK it (which i doubt), actually using it - especially in a public/customer facing / visible deployment - is a Bad Idea. *Traceability fail and possibly creating unreachable networks out there ...* /TJ On Wed, Jul 18, 2012 at 9:24 PM, Andrey Khomyakov khomyakov.and...@gmail.com javascript:; wrote: So some comments on the intertubes claim that DoD ok'd use of it's unadvertized space on private networks. Is there any official reference that may support this statement that anyone of you have seen out there? --Andrey
Re: NAT66 was Re: using reserved IPv6 space
If you are running an HA pair, why would you care which box it went back through? -Grant On Monday, July 16, 2012, Mark Andrews wrote: In message CAD8GWsswFwnPKTfxt= squumzofs3_-yrihy8o4gt3w9+x6f...@mail.gmail.com javascript:;, Lee writes: On 7/16/12, Owen DeLong o...@delong.com javascript:; wrote: Why would you want NAT66? ICK!!! One of the best benefits of IPv6 is being able to eliminate NAT. NAT was a necessary evil for IPv4 address conservation. It has no good use in IPv6. NAT is good for getting the return traffic to the right firewall. How else do you deal with multiple firewalls asymmetric routing? Traffic goes where the routing protocols direct it. NAT doesn't help this and may actually hinder as the source address cannot be used internally to direct traffic to the correct egress point. Instead you need internal routers that have to try to track traffic flows rather than making simple decisions based on source and destination addresess. Applications that use multiple connections may not always end up with consistent external source addresses. Yes, it's possible to get traffic back to the right place without NAT. But is it as easy as just NATing the outbound traffic at the firewall? It can be and it can be easier to debug without NAT mangling addresses. The only thing helpful NAT66 does is delay the externally visible source address selection until the packet passes the NAT66 box. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.orgjavascript:;
Re: The Cidr Report
if the admins are not going to moderate this list... give me the admin password to the list serve and i will set it up right... gees
Re: The Cidr Report
Mailman also allows keyword filtering On Fri, Jul 13, 2012 at 12:56 PM, Lynda shr...@deaddrop.org wrote: On 7/13/2012 10:46 AM, Grant Ridder wrote: if the admins are not going to moderate this list... give me the admin password to the list serve and i will set it up right. These emails seem to be originating from comcast (75.144.246.6). Please note I said seem to be since it's very easy to forge such things. I was quite sad when yahoo started dispensing *new* accounts from Rocketmail (a property they acquired in the long ago times), since I have a rocketmail account that long predates yahoo, or the acquisition. Still, there needs to be a filter of some sort set up. Mailman permits this, and I'd be a fan of it. It seems to be generated by someone who has the serious hate on for the list. That actually narrows it down quite a bit. Maybe I'll do a bit of traffic analysis over the weekend. Or not... -- Politicians are like a Slinky. They're really not good for anything, but they still bring a smile to your face when you push them down a flight of stairs.
Re: Communications Committee volunteers [was: The Cidr Report]
The admins say they are working on a content filter system. All you really should have to do if do keyword filtering in mailman. I have this setup on a maillist that i manage. On Fri, Jul 13, 2012 at 2:51 PM, Jared Mauch ja...@puck.nether.net wrote: On Jul 13, 2012, at 3:49 PM, Patrick W. Gilmore wrote: On Jul 13, 2012, at 14:20 , JC Dill wrote: On 13/07/12 10:46 AM, Grant Ridder wrote: if the admins are not going to moderate this list... give me the admin password to the list serve and i will set it up right... gees +1 Most excellent! Just so you know, the admins are the Communications Committee, and they are always looking for new volunteers. I assume you both will be volunteering forthwith? They already did in public. I don't think they can turn it down now :) - Jared
Re: HELP IN SETTING UP iBGPlay
can someone do a blanket block on nanog*@yahoo.com? On Tue, Jul 10, 2012 at 10:45 AM, NIG NOG nanog...@yahoo.com wrote: When he sat down on the bed, he quickly pulled his stretchy pants down as far as he could reach. Still, his tremendous prick was trapped, the pants leg tight around his ankle and the swollen, almost eighteen inch circumference pole. Unh! Gotta give my dick some room! I need this out! Chris lunged forward and desperately pulled at the pants, trying to free his gargantuan schlong and give himself some needed relief. WHACK! Freed of its confinement, the tree trunk of Chris’s cock slammed into his face. Chris was stunned by the hot, solid mass of his colossal prick. The wide, firm shaft pushed against his face, rising to its full thirty inches proudly. Trying to right himself, Chris grasped his dick firmly with both hands (although unable to fully encircle its eighteen inch girth) and felt any resolve he might have had melt away. Ohh, man. I gotta jerk off. My cock needs to be jerked off. It’s so hard and it’s been waiting sooo long. I won’t call the girls. Jen will understand. I can’t help it. There’s no way I could wait that long. It’s impossible. If I can just jerk off once…a few times… some, I can wait for Jen to get back. Just a few times and I can wait. Maybe an hour or two and I will be fine. Chris’s hands eagerly roamed up and down the expanse of his giant dick, caressing himself and causing him to gasp in anticipation. Yesss. Been waiting so long, haven’t you? Chris wrapped both hands under his throbbing monster and bounced it up and down, feeling every ounce of its massive, twenty-five pound weight. Gotta take good care of this cock. Oooh! Wait! Jen has lube in here! Nothing but the best for my huge cock. You’ve been such a good boy, waiting all this time. Stroking himself lovingly, Chris levered himself upright, spreading his legs wide to accommodate the twenty pound weight of his full, heavy ballsack. That lube will feel sooo good on my fat dick. Oh, yes it will, won’t it? Chris patted his titanic rod proudly, and stood up, feeling the sudden weight of his hugely bloated cock and balls. Ohhh, yeah. Who’s got the biggest package in the world? Me. He caught a glimpse of himself in Jen’s mirror and straightened up proudly. His gargantuan, smooth ballsack hung heavy between his legs to his knees, pushing his thighs apart due to its incredible size. His thirty inch long cock bobbed up and down as he straighened up, standing up fully erect despite its monumental dimensions. His slender frame was dwarfed by his mammoth package. Chris’s swollen cock was thicker than his arm, and looked to be almost as thick as his thigh. Oh, yeah. That’s what a real man looks like. Nobody else has a cock half as nice as this one. Chris continued to stroke himself as he turned to admire himself in the mirror, watching his gargantuan rod bob up and down hypnotically. Chris experimentally thrust his hips back and forth and was rewarded with the consuming sensation of forty five pounds of hot cock and balls bouncing and flopping between his legs. Ohhh, that feels great! No wonder the girls can’t resist me. Look at all this meat. I’m surprised that Terry and Greg can keep their hands off this beautiful dick. James can’t keep his hands or mouth off my prick, and he hates gays. I must drive Greg crazy. Chis watched his thick, stiff prick slowly bob as he pumped his hips again and again, letting his immense nutsack shift between his legs. Chris reveled in the feeling of his huge, heavy ballsack sliding over the skin of his thighs He reached down and cupped his immense, bloated balls. He slowly lifted them up, feeling their mass in his arms, and letting their upper curves lift his gargantuan slab of meat. Oh, yeah. Nice and full. Tasha’s right. I do like to keep my balls nice and full. Chris bobbed his nuts up and down, admiring himself in the mirror. Why not? Bigger is better, right? Like Jen said, too big is best. Chis was mesmerized by the sight of his gargantuan genitals, looking so oversized on his small frame. Time to give this fantastic dick a little TLC. Chris confidently leaned forward to grab a bottle of Astroglide from Jen’s bedside table. “Argh!” Chris’s erection, longer than his reach, slammed into the table. Oh, baby! Daddy’s sorry! Chris wrapped his arms around his shaft and hugged it tightly, caressing it with his fingers as he winced. The motion brought his thick, warm shaft to his face as he did so, and without thinking, he leaned forward and kissed it several times. I’m so sorry, gorgeous. I never want to hurt you. Chris continued to kiss his fat salami, moving from quick pecks with closed lips to open-mouthed kisses. Is my baby okay? Can I make it feel better? Chris continued to plant sloppy, wet kisses all over his veiny, throbbing rod. His wet lips wandered over all the hot flesh he could reach. Finally,
Re: Cisco Update
Keep in mind, that to receive the update, the router has to be connected to the internet. So routers that are not connected to the internet by design will be unaffected. -Grant On Thu, Jul 5, 2012 at 11:55 AM, David Hubbard dhubb...@dino.hostasaurus.com wrote: Technical users could always just flash DD-WRT onto the device and replace the Linksys/Cisco firmware; then you have a much more robust system without any big brother stuff.
Re: FYI Netflix is down
The problem is large scale tests take a lot of time and planning. For it to be done right, you really need a dedicated DR team. -Grant On Mon, Jul 2, 2012 at 11:31 AM, AP NANOG na...@armoredpackets.com wrote: This is an excellent example of how tests should be ran, unfortunately far too many places don't do this... -- Thank you, Robert Miller http://www.armoredpackets.com Twitter: @arch3angel On 7/2/12 12:09 PM, Leo Bicknell wrote: In a message written on Mon, Jul 02, 2012 at 11:30:06AM -0400, Todd Underwood wrote: from the perspective of people watching B-rate movies: this was a failure to implement and test a reliable system for streaming those movies in the face of a power outage at one facility. I want to emphasize _and test_. Work on an infrastructure which is redundant and designed to provide 100% uptime (which is impossible, but that's another story) means that there should be confidence in a failure being automatically worked around, detected, and reported. I used to work with a guy who had a simple test for these things, and if I was a VP at Amazon, Netflix, or any other large company I would do the same. About once a month he would walk out on the floor of the data center and break something. Pull out an ethernet. Unplug a server. Flip a breaker. Then he would wait, to see how long before a technician came to fix it. If these activities were service impacting to customers the engineering or implementation was faulty, and remediation was performed. Assuming they acted as designed and the customers saw no faults the team was graded on how quickly the detected and corrected the outage. I've seen too many companies who's test is planned months in advance, and who exclude the parts they think aren't up to scratch from the test. Then an event occurs, and they fail, and take down customers. TL;DR If you're not confident your operation could withstand someone walking into your data center and randomly doing something, you are NOT redundant.
Re: FYI Netflix is down
well one would think that they could at least get power redundancy right... On Sat, Jun 30, 2012 at 1:07 AM, Roy r.engehau...@gmail.com wrote: On 6/29/2012 10:38 PM, jamie rishaw wrote: you know what's happening even more? ..Amazon not learning their lesson. they just had an outage quite similar.. they performed a full audit on electrical systems worldwide, according to the rfo/post mortem. looks like they need to perform a full and we mean it audit, and like I've been doing/participating in at dot coms for a decade plus: Actually Do Regular Load tests.. Related/equally to blame: companies that rely heavily on one aws zone, or arguably one cloud (period), are asking for it. Please stop these crappy practices, people. Do real world DR testing. Play What If This City Dropped Off The Map games, because tonight, parts of VA infact did. ... I am not a computer science guy but been around a long time. Data centers and clouds are like software. Once they reach a certain size, its impossible to keep the bugs out. You can test and test your heart out and something will slip by. You can say the same thing about nuclear reactors, Apollo moon missions, the NorthEast power grid, and most other technology disasters.
Re: [c-nsp] NTP Servers
I don't understand why anyone would use windows server for anything that needed precision like time. On Sat, Jun 30, 2012 at 5:39 PM, Keith Medcalf kmedc...@dessus.com wrote: Or you can ask the it guys to use a windows server... Eg: http://support.microsoft.com/kb/816042 That is a joke Jared? You left off the smiley. Windows doesn't do NTP out-of-the-box (Microsoft assertions to the contrary notwithstanding). You can build a reasonably working standard daemon, however don't expect time to be very accurate. Windows out-of-the-box can keep time +/- 10 minutes or so using the Microsoft lets-pretend-NTP. You can build the current standard NTPD distribution on Windows. You can also spend lots of time to make it work as well as possible (once you manage to get it to compile, that is). Even so, when you have configured it to the optimality of accuracy, this is what you can expect: remote refid st t when poll reach delay offset jitter == +tic.nrc.ca .PPS.1 u 13 64 377 55.5445.913 0.870 -tac.nrc.ca .ATOM. 1 u 48 64 377 56.1884.768 3.041 -toc.nrc.ca .ATOM. 1 u1 64 377 55.4854.758 0.981 +tick.usask.ca .GPS.1 u 34 64 377 19.5666.942 5.699 *tock.usask.ca .GPS.1 u 29 64 377 19.6655.955 1.937 -clock.isc.org .GPS.1 u 37 64 377 53.0918.311 0.649 +clock.sjc.he.ne .CDMA. 1 u 48 64 377 43.5916.066 2.501 offset: 0.005955 s frequency:23.346 ppm poll adjust: -30 watchdog timer: 47 s is about the best you will get. Statistics are pretty awful: Date# O.Avg O.Median O.Range O.CI O.Skew O.KurtF.Avg F.Median F.Range F.CI F.Kurt 2012-01 899 0.765559 0.004198 20.05221 0.000371 -0.56023 0.751151 21.31698 20.9705 2.96850.108050 -0.88068 2012-02 9673 0.237434 -7.46502 59.75607 0.000156 -1.43583 8.609085 19.01126 19.3495 5.29950.040683 -0.54578 2012-03 1380 -0.02157 -14.8416 44.00043 0.000124 -1.08589 4.559049 18.08941 16.8227.536 0.045387 0.268831 2012-04 1322 0.196654 21.16261 106.1250 0.000141 -0.48643 26.05868 17.56811 16.8126.111 0.040561 -0.38021 2012-05 8849 0.118125 27.44213 72.01526 0.000161 0.296114 8.939429 17.88685 15.2595 9.31950.080186 1.121740 2012-06 1457 0.409662 -20.2809 63.32684 0.000114 -1.44144 11.98237 20.50724 19.5425 6.74250.042372 -0.08891 6102 0.201651 21.16261 106.1250 6.065429 -0.84354 13.78161 18.71838 16.1125 10.1725 0.023443 1.215941 This is from a custom ntpd build using the highest precision that it can manage to coerce from Windoze. Of course, this may be accurate enough for most uses -- at least it does not have to time-step. Doesn't compare to ntpd on linux on an 80286 with 640K ram booting from a floppy, which can maintain time sync within less than 1 ms easily. --- () ascii ribbon campaign against html e-mail /\ www.asciiribbon.org
Re: FYI Netflix is down
From Amazon Amazon Elastic Compute Cloud (N. Virginia) (http://status.aws.amazon.com/) 8:21 PM PDT We are investigating connectivity issues for a number of instances in the US-EAST-1 Region. 8:31 PM PDT We are investigating elevated errors rates for APIs in the US-EAST-1 (Northern Virginia) region, as well as connectivity issues to instances in a single availability zone. -Grant On Fri, Jun 29, 2012 at 10:40 PM, Jason Baugher ja...@thebaughers.comwrote: Seeing some reports of Pinterest and Instagram down as well. Amazon cloud services being implicated. On 6/29/2012 10:22 PM, Joe Blanchard wrote: Seems that they are unreachable at the moment. Called and theres a recorded message stating they are aware of an issue, no details. -Joe
Re: FYI Netflix is down
I have an instance in zone C and it is up and fine, so it must be A, B, or D that is down. On Fri, Jun 29, 2012 at 10:42 PM, James Laszko jam...@mythostech.comwrote: To further expand: 8:21 PM PDT We are investigating connectivity issues for a number of instances in the US-EAST-1 Region. 8:31 PM PDT We are investigating elevated errors rates for APIs in the US-EAST-1 (Northern Virginia) region, as well as connectivity issues to instances in a single availability zone. 8:40 PM PDT We can confirm that a large number of instances in a single Availability Zone have lost power due to electrical storms in the area. We are actively working to restore power. -Original Message- From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: Friday, June 29, 2012 8:42 PM To: Jason Baugher Cc: nanog@nanog.org Subject: Re: FYI Netflix is down From Amazon Amazon Elastic Compute Cloud (N. Virginia) (http://status.aws.amazon.com/ ) 8:21 PM PDT We are investigating connectivity issues for a number of instances in the US-EAST-1 Region. 8:31 PM PDT We are investigating elevated errors rates for APIs in the US-EAST-1 (Northern Virginia) region, as well as connectivity issues to instances in a single availability zone. -Grant On Fri, Jun 29, 2012 at 10:40 PM, Jason Baugher ja...@thebaughers.com wrote: Seeing some reports of Pinterest and Instagram down as well. Amazon cloud services being implicated. On 6/29/2012 10:22 PM, Joe Blanchard wrote: Seems that they are unreachable at the moment. Called and theres a recorded message stating they are aware of an issue, no details. -Joe
Re: FYI Netflix is down
Yes, although, when you launch an instance, you do have the option of selecting a zone if you want. However, once the instance is started it stays in that zone and does not switch. On Fri, Jun 29, 2012 at 10:47 PM, Ian Wilson ian.m.wil...@gmail.com wrote: On Fri, Jun 29, 2012 at 11:44 PM, Grant Ridder shortdudey...@gmail.com wrote: I have an instance in zone C and it is up and fine, so it must be A, B, or D that is down. It is my understanding that instance zones are randomized between customers -- so your zone C may be my zone A. Ian -- Ian Wilson ian.m.wil...@gmail.com Solving site load issues with database replication is a lot like solving your own personal problems with heroin -- at first, it sorta works, but after a while things just get out of hand.
Re: FYI Netflix is down
They may use it for content, but reddit.com resolves to IPs own by quest On Fri, Jun 29, 2012 at 10:51 PM, Seth Mattinen se...@rollernet.us wrote: On 6/29/12 8:47 PM, Mike Lyon wrote: Whatever happened to UPSs and generators? You don't need them with The Cloud! But seriously, this is something like the third or fourth time AWS fell over flat in recent memory. ~Seth
Re: FYI Netflix is down
8:49 PM PDT Power has been restored to the impacted Availability Zone and we are working to bring impacted instances and volumes back online On Fri, Jun 29, 2012 at 10:52 PM, Grant Ridder shortdudey...@gmail.comwrote: They may use it for content, but reddit.com resolves to IPs own by quest On Fri, Jun 29, 2012 at 10:51 PM, Seth Mattinen se...@rollernet.uswrote: On 6/29/12 8:47 PM, Mike Lyon wrote: Whatever happened to UPSs and generators? You don't need them with The Cloud! But seriously, this is something like the third or fourth time AWS fell over flat in recent memory. ~Seth
Re: DNS poisoning at Google?
It also redirects with facebook, youtube, and ebay but NOT amazon. -Grant On Wed, Jun 27, 2012 at 12:57 AM, Matthew Black matthew.bl...@csulb.eduwrote: Our web lead was able to run curl. Thanks. ** ** matthew black information technology services california state university, long beach ** ** *From:* Grant Ridder [mailto:shortdudey...@gmail.com] *Sent:* Tuesday, June 26, 2012 10:53 PM *To:* Matthew Black *Cc:* Landon Stewart; nanog@nanog.org; Jeremy Hanmer *Subject:* Re: DNS poisoning at Google? ** ** Matt, what happens you get on a subnet that can access the webservers directly and bypass the load balancer. Try curl then and see if its something w/ the webserver or load balancer. ** ** -Grant On Wed, Jun 27, 2012 at 12:40 AM, Matthew Black matthew.bl...@csulb.edu wrote: Thanks again to everyone who helped. I didn't know what to enter with curl, because Outlook clobbered the line breaks in Jeremy's original message. Also, curl failed on our primary webserver because of firewall and load balancer magic settings. The Telnet method worked better! Our team is now scouring for that hidden redirect to couchtarts. matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.net] Sent: Tuesday, June 26, 2012 10:37 PM To: Matthew Black Cc: Jeremy Hanmer; nanog@nanog.org Subject: Re: DNS poisoning at Google? There is definitely a 301 redirect. $ curl -I --referer http://www.google.com/ http://www.csulb.edu/ HTTP/1.1 http://www.csulb.edu/%0d%0aHTTP/1.1 301 Moved Permanently Date: Wed, 27 Jun 2012 05:36:31 GMT Server: Apache/2.0.63 Location: http://www.couchtarts.com/media.php Connection: close Content-Type: text/html; charset=iso-8859-1 On 26 June 2012 22:05, Matthew Black matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edu wrote: Google Webtools reports a problem with our HOMEPAGE /. That page is not redirecting anywhere. They also report problems with some 48 other primary sites, none of which redirect to the offending couchtarts. matthew black information technology services california state university, long beach -Original Message- From: Jeremy Hanmer [mailto:jeremy.han...@dreamhost.commailto: jeremy.han...@dreamhost.com] Sent: Tuesday, June 26, 2012 9:58 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? It's not DNS. If you're sure there's no htaccess files in place, check your content (even that stored in a database) for anything that might be altering data based on referrer. This simple test shows what I mean: Airy:~ user$ curl -e 'http://google.com' csulb.eduhttp://csulb.edu !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title301 Moved Permanently/title /headbody h1Moved Permanently/h1 pThe document has moved a href=http://www.couchtarts.com/media.php here/a./p /body/html Running curl without the -e argument gives the proper site contents. On Jun 26, 2012, at 9:24 PM, Matthew Black matthew.bl...@csulb.edu mailto:matthew.bl...@csulb.edu wrote: Running Apache on three Solaris webservers behind a load balancer. No MS Windows! Not sure how malicious software could get between our load balancer and Unix servers. Thanks for the tip! matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.netmailto: lstew...@superb.net] Sent: Tuesday, June 26, 2012 9:07 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? Is it possible that some malicious software is listening and injecting a redirect on the wire? We've seen this before with a Windows machine being infected. On 26 June 2012 20:53, Matthew Black matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edu wrote: Google Safe Browsing and Firefox have marked our website as containing malware. They claim our home page returns no results, but redirects users to another compromised website couchtarts.comhttp://couchtarts.com http://couchtarts.com. We have thoroughly examined our root .htaccess and httpd.conf files and are not redirecting to the problem target site. No recent changes either. We ran some NSLOOKUPs against various public DNS servers and intermittently get results that are NOT our servers. We believe the DNS servers used by Google's crawler have been poisoned. Can anyone shed some light on this? matthew black information technology services california state university, long beach www.csulb.eduhttp://www.csulb.eduhttp://www.csulb.edu http://www.csulb.edu -- Landon Stewart lstew...@superb.netmailto:lstew...@superb.netmailto: lstew
Re: DNS poisoning at Google?
Matt, what happens you get on a subnet that can access the webservers directly and bypass the load balancer. Try curl then and see if its something w/ the webserver or load balancer. -Grant On Wed, Jun 27, 2012 at 12:40 AM, Matthew Black matthew.bl...@csulb.eduwrote: Thanks again to everyone who helped. I didn't know what to enter with curl, because Outlook clobbered the line breaks in Jeremy's original message. Also, curl failed on our primary webserver because of firewall and load balancer magic settings. The Telnet method worked better! Our team is now scouring for that hidden redirect to couchtarts. matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.net] Sent: Tuesday, June 26, 2012 10:37 PM To: Matthew Black Cc: Jeremy Hanmer; nanog@nanog.org Subject: Re: DNS poisoning at Google? There is definitely a 301 redirect. $ curl -I --referer http://www.google.com/ http://www.csulb.edu/ HTTP/1.1 301 Moved Permanently Date: Wed, 27 Jun 2012 05:36:31 GMT Server: Apache/2.0.63 Location: http://www.couchtarts.com/media.php Connection: close Content-Type: text/html; charset=iso-8859-1 On 26 June 2012 22:05, Matthew Black matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edu wrote: Google Webtools reports a problem with our HOMEPAGE /. That page is not redirecting anywhere. They also report problems with some 48 other primary sites, none of which redirect to the offending couchtarts. matthew black information technology services california state university, long beach -Original Message- From: Jeremy Hanmer [mailto:jeremy.han...@dreamhost.commailto: jeremy.han...@dreamhost.com] Sent: Tuesday, June 26, 2012 9:58 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? It's not DNS. If you're sure there's no htaccess files in place, check your content (even that stored in a database) for anything that might be altering data based on referrer. This simple test shows what I mean: Airy:~ user$ curl -e 'http://google.com' csulb.eduhttp://csulb.edu !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title301 Moved Permanently/title /headbody h1Moved Permanently/h1 pThe document has moved a href=http://www.couchtarts.com/media.php here/a./p /body/html Running curl without the -e argument gives the proper site contents. On Jun 26, 2012, at 9:24 PM, Matthew Black matthew.bl...@csulb.edu mailto:matthew.bl...@csulb.edu wrote: Running Apache on three Solaris webservers behind a load balancer. No MS Windows! Not sure how malicious software could get between our load balancer and Unix servers. Thanks for the tip! matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.netmailto: lstew...@superb.net] Sent: Tuesday, June 26, 2012 9:07 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? Is it possible that some malicious software is listening and injecting a redirect on the wire? We've seen this before with a Windows machine being infected. On 26 June 2012 20:53, Matthew Black matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto: matthew.bl...@csulb.edu wrote: Google Safe Browsing and Firefox have marked our website as containing malware. They claim our home page returns no results, but redirects users to another compromised website couchtarts.comhttp://couchtarts.com http://couchtarts.com. We have thoroughly examined our root .htaccess and httpd.conf files and are not redirecting to the problem target site. No recent changes either. We ran some NSLOOKUPs against various public DNS servers and intermittently get results that are NOT our servers. We believe the DNS servers used by Google's crawler have been poisoned. Can anyone shed some light on this? matthew black information technology services california state university, long beach www.csulb.eduhttp://www.csulb.eduhttp://www.csulb.edu http://www.csulb.edu -- Landon Stewart lstew...@superb.netmailto:lstew...@superb.netmailto: lstew...@superb.net Sr. Administrator Systems Engineering Superb Internet Corp - 888-354-6128 x 4199tel:888-354-6128%20x%204199 Web hosting and more Ahead of the Rest: http://www.superbhosting.nethttp://www.superbhosting.net/ -- Landon Stewart lstew...@superb.netmailto:lstew...@superb.net Sr. Administrator Systems Engineering Superb Internet Corp - 888-354-6128 x 4199 Web hosting and more Ahead of the Rest: http://www.superbhosting.net http://www.superbhosting.net/
Re: HE IPv6 tunnel inbound
Hi, Thanks for all the replies. I will look at Chris's solution to see if that will work. I had found similar instructions, but none as extensive. Also, I am using the AWS free tier right now, hence the choice, but i am open to other suggestions. Thanks, Grant On Thu, Jun 14, 2012 at 7:54 AM, seth s...@untethered.org wrote: On Jun 13, 2012, at 11:10 PM, Cameron Byrne cb.li...@gmail.com wrote: On Jun 13, 2012 8:29 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, I have a Hurricane Electric v6 tunnel setup on an AWS (amazon web services) instance so that i can have ipv6 connectivity. I can ping and traceroute out of the tunnel fine, but am unable to access the tunnel from outside. For example, i am unable to traceroute to the tunnel address outside the tunnel address, even with the AWS instance firewall completely open. I would like to host a website accessible via IPv6, hence the tunnel setup. Is this possible? if so, what could i be doing wrong? Or is there a better was to go about this? Thanks, Grant Sigh. Or you could take your business to the dozen or so cloud / vps providers that support ipv6. ... Softlayer and Arpnetworks come to mind. I have used both with a high level of sucess CB But everybody knows that amazon and cloud are synonyms.
Re: LinkedIn password database compromised
Hi Everyone, I thought that i would share an IEEE article about LinkenIn and eHarmony. http://spectrum.ieee.org/riskfactor/telecom/security/linkedin-and-eharmony-hacked-8-million-passwords-taken/?utm_source=computerwiseutm_medium=emailutm_campaign=061312 -Grant On Wed, Jun 13, 2012 at 1:05 PM, Phil Pishioneri pgp+na...@psu.edu wrote: On 6/8/12 7:22 PM, Luke S. Crawford wrote: I haven't found any way that is as simple and as portable as using ssh that works in a web browser. The Enigform Firefox Add-on (plus mod_openpgp on Apache httpd) seems similar: http://wordpress.org/extend/**plugins/wp-enigform-**authentication/http://wordpress.org/extend/plugins/wp-enigform-authentication/ Enigform is a Firefox Add-On which uses OpenPGP to digitally sign outgoing HTTP requests and Securely login to remote web sites, as long as the remote web server is Enigform-compliant. -Phil