Re: DDOS solution recommendation

2015-01-12 Thread Max Clark 
Ditto - we've been seeing average attack size pushing the 40-50 Gbps mark.
The serious attacks are much, much larger.

On Sat, Jan 10, 2015 at 8:50 PM, Ammar Zuberi am...@fastreturn.net wrote:

 I'd beg to differ on this one. The average attacks we're seeing are double
 that, around the 30-40g mark. Since NTP and SSDP amplification began, we've
 been seeing all kinds of large attacks.

 Obviously, these can easily be blocked upstream to your network. Hibernia
 Networks blocks them for us.

 Ammar

  On 11 Jan 2015, at 8:37 am, Paul S. cont...@winterei.se wrote:
 
  While it indeed is true that attacks up to 600 gbit/s (If OVH and
 CloudFlare's data is to be believed) have been known to happen in the wild,
 it's very unlikely that you need to mitigate anything close.
 
  The average attack is usually around the 10g mark (That too barely) --
 so even solutions that service up to 20g work alright.
 
  Obviously, concerns are different if you're an enterprise that's a DDoS
 magnet -- but for general service providers selling 'protected services,'
 food for thought.
 
  On 1/11/2015 午後 12:48, Damian Menscher wrote:
  On Thu, Jan 8, 2015 at 9:01 AM, Manuel Marín m...@transtelco.net
 wrote:
 
  I was wondering what are are using for DDOS protection in your
 networks. We
  are currently evaluating different options (Arbor, Radware, NSFocus,
  RioRey) and I would like to know if someone is using the cloud based
  solutions/scrubbing centers like Imperva, Prolexic, etc and what are
 the
  advantages/disadvantages of using a cloud base vs an on-premise
 solution.
  It would be great if you can share your experience on this matter.
  On-premise solutions are limited by your own bandwidth.  Attacks have
 been
  publicly reported at 400Gbps, and are rumored to be even larger.  If you
  don't have that much network to spare, then packet loss will occur
 upstream
  of your mitigation.  Having a good relationship with your network
  provider(s) can help here, of course.
 
  If you go with a cloud-based solution, be wary of their SLA.  I've seen
  some claim 100% uptime (not believable) but of course no refund/credits
 for
  downtime.  Another provider only provides 20Gbps protection, then will
  null-route the victim.
 
  On Sat, Jan 10, 2015 at 4:19 PM, Charles N Wyble char...@thefnf.org
 wrote:
 
  Also how are folks testing ddos protection? What lab gear,tools,methods
  are you using to determine effectiveness of the mitigation.
 
  Live-fire is the cheapest approach (just requires some creative
 trolling)
  but if you want to control the off button, cloud VMs can be tailored
 to
  your needs.  There are also legitimate companies that do network stress
  testing.
 
  Keep in mind that you need to test against a variety of attacks, against
  all components in the critical path.  Attackers aren't particularly
  methodical, but will still randomly discover any weaknesses you've
  overlooked.
 
  Damian

Tech Laptop with DB9

2014-11-10 Thread Max Clark 

Hi all,

DB9 ports seem to be a nearly extinct feature on laptops. Any 
suggestions on a cheap laptop for use in field support (with an onboard 
DB9)?


Thanks,
Max

Re: Tech Laptop with DB9

2014-11-10 Thread Max Clark 
On Mon, Nov 10, 2014 at 12:55 PM, Job Snijders j...@instituut.net wrote:

 Do you have a specific application that would prohibit the use of USB?


It's purely for convenience and forgetfulness.

One Wilshire Radio Room

2010-08-16 Thread Max Clark 
Hello all,

I'm looking for someone with space in the One Wilshire Radio Room.
Please contact me off list.

Thanks
Max

(310) 906-0296
max.cl...@gmail.com

Internap Looking Glass / Route Server

2010-05-01 Thread Max Clark 
Hello,

I'm looking for a public looking glass / route server connected to
Internap - preferably in Los Angeles. Does such a thing exist?

Thanks,
Max

Re: HE.net, Fremont-2 outage?

2009-11-03 Thread Max Clark 
http://www.dieselserviceandsupply.com/Diesel_Fuel_Consumption.aspx

On Tue, Nov 3, 2009 at 5:49 PM, Lyndon Nerenberg (VE6BBM/VE7TFX)
lyn...@orthanc.ca wrote:
 FWIW: http://www.he.net/releases/release18.html

 How long can they go on those 3000 gallons under their current
 load?

IPv6 Wow

2008-10-12 Thread Max Clark 
I'm in LA with Time Warner Cable - didn't know they rolled out an IPv6
link to AMS-IX.

HOST: macbook.local   Loss%   Snt   Last   Avg  Best  Wrst StDev
  1. 2002:4ca6:18c5::21b:63ff:fef  0.0%100.8   1.5   0.7   4.6   1.2
  2. 2002:82f4:21::1  50.0%10  185.4 188.3 185.4 197.1   5.0
  3. 2a00:800:0:1::2:2 0.0%10  219.8 215.3 205.8 229.9   8.6
  4. ams-ix.he.net 0.0%10  200.9 192.0 187.0 201.9   5.6
  5. 10gigabitethernet1-4.core1.l  0.0%10  195.7 198.1 192.8 214.1   6.5
  6. 10gigabitethernet2-3.core1.n  0.0%10  275.4 266.4 261.7 275.4   3.8
  7. 10gigabitethernet3-1.core1.s  0.0%10  344.4 345.1 342.4 351.0   2.4
  8. 10gigabitethernet3-2.core1.p  0.0%10  350.8 350.0 342.4 364.5   7.5
  9. ???  100.0100.0   0.0   0.0   0.0   0.0

Re: [NANOG] Purpose of Internap's PNET AS22212

2008-04-29 Thread Max Clark 
It's actually very easy to explain. The InterNAP Flow Control (FCP)
was designed to route traffic via the cheapest link available provided
the link is within an operating range. Over the years the PNAPs have
preferred different transit providers based on the underlying
contract rate - but what rate could possibly be better than free(1)?
So as time passes you will more than likely see more and more of
AS22212 in your path.

-Max

1. Peering is not free, but much less expensive than paying ATT.

On Mon, Apr 28, 2008 at 9:13 AM, Randy Epstein [EMAIL PROTECTED] wrote:
 Thurber,

  PNET (AS22212) is looked upon by InterNAP's PNAPs (its various ASes) as just
  another transit provider in the mix.

  So yes, InterNAP technically peers (under AS22212), but there is no
  guarantee its various PNAPs would choose that path, depending upon a number
  of factors.

  (Disclaimer: This is what I've gathered from public information, not from
  information obtained under non-disclosure.)

  Regards,

  Randy



  -Original Message-
  From: Thurber [mailto:[EMAIL PROTECTED]
  Sent: Monday, April 28, 2008 12:01 PM
  To: nanog@nanog.org
  Subject: [NANOG] Purpose of Internap's PNET AS22212

  Can anybody shed some light on Internap's PNET AS22212? Specifaly how it
  relates to their PNAP architecture?  Is Internap now doing peering? I was
  under the impression that their entire business model was based around
  isolated PNAPs and being a backboneless provider. Attempts at getting an
  explanation from Internap have been fruitless.

  CT



  ___
  NANOG mailing list
  NANOG@nanog.org
  http://mailman.nanog.org/mailman/listinfo/nanog


  ___
  NANOG mailing list
  NANOG@nanog.org
  http://mailman.nanog.org/mailman/listinfo/nanog


___
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog