Re: Why the US Government has so many data centers
On Mon, Mar 14, 2016 at 04:49:38PM -0400, Sean Donelan wrote: > On Mon, 14 Mar 2016, Scott Weeks wrote: > > It's all phunny money. Real economics are not even considered. > > At all. > > And what makes your think the Data Center Optimization Initiative is any > different, when they are counting single servers instead of data centers? > > If it was a rational, coherent plan; that would be great. Instead I see > lots of people spending years looking for servers, and writing reports > about counting servers, and moving servers from on room to another room. > What's the return on investment counting paperclips? But when they're finished, they'll have the serial number of each individual paperclip, and a paperclip history form to go with it. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: BCOP Wiki Logo Missing
On Thu, Oct 08, 2015 at 01:27:32PM +, Nicholas Warren wrote: > http://nabcop.org/index.php > > For me the logo is a flower and it says "Set $wgLogo to the URL path to your > own logo image." > Am I the only one? Same here. I suspect that the page has not been fully customized. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Ear protection
On Thu, Sep 24, 2015 at 09:51:07AM -0500, Chris Boyd wrote: > > > On Sep 23, 2015, at 7:33 AM, Joe Grecowrote: > > > > Passive cooling typically translates to lower performance but also can > > be more expensive. > > $DAYJOB uses an immersion cooling system so it’s higher performance and much > quieter. And at what price differential over active air cooling and over passive cooling? -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: IP's with jitter/packet loss and very far away
On Fri, Sep 18, 2015 at 11:42:49AM -0400, Dovid Bender wrote: > Hi, > > I am working on a presentation and looking to create samples of what a > trace should not look like? Anyone have IP's that I can trace from the US > or UK that will show > 1) jitter > 2) packet loss > 3) very far away (perhaps an IP on a sat. link). Pref over 2000 ms www.gov.mg shows fairly long ping times (especially with 1kB payload), a fair amount of jitter, and some loss. It's not like pinging something at the D/E of a really bad link, but I wouldn't want to push X graphics over it. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: WiFI on utility poles
On Thu, Sep 10, 2015 at 02:06:14PM -0400, Josh Luthman wrote: > It's either Mike, Comcast or the NANOG list, so it's probably a safe bet. Bilingual English/French may indicate a Canadian mailserver. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
DamnTest: ignore
This post includes the word Damn. damn -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Data Center operations mail list?
On Tue, Aug 11, 2015 at 07:59:41AM -0700, James Downs wrote: On Aug 11, 2015, at 06:01, Rafael Possamai raf...@gav.ufsc.br wrote: style as nanog and registered the nadcog.org domain. Nad Cog? North American Data Center Operations Group, perhaps? -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Quakecon: Network Operations Center tour
On Mon, Aug 03, 2015 at 01:52:17PM -0700, alvin nanog wrote: hi ethan On 08/03/15 at 10:58am, Ethan wrote: Getting bandwidth into the events is a pain. Huge venues are meant for large corporate events not lower budget cons and festivals. Venue pricing I believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One year I rememeber there being a switch with 8 vlans on it sitting outside the back door with 8 clear modems spread out all blinking away. for connectivity, does the hotels and convention centers still have wifi jammers so you cannot use your own 56Mbit wifi to get connection to the outside world ? if possible, stick a bunch of dark mirrored-glass covered vans outside the event for wifi access In the US, the FCC has ruled that wifi jammers violate one or more parts of the FCC Rules and Regs. Marriott hotels paid a USD600K fine. A quick Google search on FCC hotel jammer pulls up a great many hits, of which these are the first seven: Jammer Enforcement | FCC.gov https://www.fcc.gov/.../jamme... U.S. Federal Communications Commission Federal law prohibits the operation, marketing, or sale of any type of jamming equipment, including devices that interfere with cellular and Personal ... Marriott to Pay $600K to Resolve WiFi-Blocking ... - FCC https://www.fcc.gov/.../marrio... U.S. Federal Communications Commission Oct 3, 2014 - Hotel Operator Admits Employees Improperly Used Wi-Fi Monitoring ... The complainant alleged that the Gaylord Opryland was “jamming ... WARNING: Wi-Fi Blocking is Prohibited | FCC.gov https://www.fcc.gov/.../warnin... U.S. Federal Communications Commission Jan 27, 2015 - which hotels and other commercial establishments block wireless ... into this kind of unlawful activity by the operator of a resort hotel and ... FCC warns hotels against blocking guests' wi-fi www.consumeraffairs.com/.../fcc-warns-hotels-against-blocking-guests-... Jan 28, 2015 - Hotels, miffed by guests who used their own wi-fi hotspots instead of paying ... It's illegal to jam legal radio transmissions of any kind, FCC vows tough enforcement ... Some had argued that jamming wi-fi and cellphone calls is ... Hotels ask FCC for permission to block guests' personal Wi ... www.pcworld.com/.../hotel-group-asks-fcc-for-permission-to-... PC World Dec 22, 2014 - Marriott argued some hotspot blocking may be justified, as long as the hotel isn't using illegal signal jammers. Unlicensed Wi-Fi hotspots ... FCC fines Marriott $600,000 for blocking guests' Wi-Fi ... www.cnn.com/2014/10/03/travel/marriott-fcc-wi-fi-fine/ CNN Oct 4, 2014 - It's the first time the FCC has investigated a hotel property for ... sense, where someone uses a jammer device to block wireless signals. Instead ... How This Hotel Made Sure Your Wi-Fi Hotspot Sucked ... readwrite.com/2014/.../marriott-nashville-opryland-jams-wifi-internet-wt... Oct 4, 2014 - Caught by FCC for Wi-Fi jamming, Marriott's still not sorry. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours
On Mon, Jul 20, 2015 at 09:50:44PM +0100, Colin Johnston wrote: blocking to mitigate risk is a better trade off gaining better percentage legit traffic against a indventant minor valid good network range. That may be your call, or your management's call, but that doesn't make it *my* call or my management's call. Reasonable people can disagree about this. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Remember Internet-In-A-Box?
On Wed, Jul 15, 2015 at 04:27:08PM +0300, John Kinsella wrote: On 7/15/15 1:28 PM, Baldur Norddahl wrote: You can't be a dummy and a service provider... oh? :) Counterexample: Cox. They refuse to even admit to me that they are even considering IPV6. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Hotels/Airports with IPv6
On Sat, Jul 11, 2015 at 05:34:03AM +, Mel Beckman wrote: Owen, I never said it was a greenfield deployment. Someone else tagged it with that term. My understanding of the term greenfield WRT wifi is that there are no interfering signals to contend with. I don't know of any U.S. airport that meets that definition. First you have all the wifi of concessionaires, the airlines' passenger clubs and operations, and service organizations for food, fuel, and FAA. You can't control those users, thanks to the FAA's recent decisions restricting wifi regulation to itself. FAA? Could you possibly have meant FCC? FAA has little or nothing to do with regulation of radio TTBOMK, while FCC has everything to do with it. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: World's Fastest Internet™ in Canadaland
On Fri, Jun 26, 2015 at 04:30:05PM -0400, A MEKKAOUI wrote: Your right. Actually, Bell knows that home does not need that much BW, Bell size their network for much less than that. However, from a marketing perspective, when Bell says to a client I am offering you 1G at $100 and competition are offering you 30M at $60, some clients likes that because they ignore that 1G will not make a difference compared to 30M. Also Bell is currently using ADSL technology to provide internet service which is a dead technology. So, Bell has no choice but to move to fiber if they want to stay on the market. KARIM M. When I'm downloading an ISO or USB bootable image of, say, FreeBSD 10.x, that speed difference makes a difference to me. I grant that I'm not Joe Typical by any means, but the number of people who aren't Joe Typical isn't zero -- not by a good bit. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: World's Fastest Internet™ in Canadaland
On Fri, Jun 26, 2015 at 01:06:26PM -0700, Owen DeLong wrote: On Jun 26, 2015, at 13:02 , Karl Auer ka...@biplane.com.au wrote: On Fri, 2015-06-26 at 13:39 -0500, Rafael Possamai wrote: How does one fully utilize a gigabit link for home use? For a single person it is overkill. This sentiment keeps popping up. It's a failure of vision. To suggest that single people or ordinary people or any other set of presumably average and uninteresting people will never be able to fully utilise the amazing properties of X, and that they can and should be satisfied with some limited version of X or the even more limited alternative Y, is to completely miss the point. And to actually provide no more than that is to build a self-fulfilling prophecy. I see a potential market for perhaps hundreds of aircraft in the coming century. And just possibly for more than seven computers on the continent. *Any* continent. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: World's Fastest Internet™ in Canadaland
On Fri, Jun 26, 2015 at 04:01:38PM -0500, Mike Hammett wrote: Some of those are why would one EVER need more than X, while others are why would one NOW need more than X. Big difference. Simple fact that there is no residential application that needs more than even 50 megabit much less 10,000 megabit. Define need. On the average, I probably don't need more than 56 KBaud, integrated over all the years I've been linked to the 'Net from home. Would I be willing to put up with it? Hell, no! Would I be willing to put up with 10 Gig to the house for what I'm paying now? Emphatically yes. Ditto 1 Gig. What I'm getting isn't more than 10 megabit down and 2.5 up, so a fatter pipe would be very welcome. At the same price, or even another $50/month. But I don't need it in the sense that I'll lose money or customers if I don't have it. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: OPM Data Breach - Whitehouse Petition - Help Wanted
On Thu, Jun 18, 2015 at 04:34:46PM +, Cryptographrix wrote: Have to agree with Shawn on this. If you watch her testimony in front of Congress, it is clear that she was completely flustered at the inability to hire competent people, and the lack of her superiors to prioritize the modernization project she had so passionately advocated for. When I've worked for organizations larger than - say - four or five office locations in diverse parts of the U.S., I've started to see how difficult it can become to get all of them to coordinate on *anything*, and I'm not even talking government here. From the sound of it, she ran into the ceiling of available workers that were willing to work for the pay grade that the government offers for those positions, which is usually much less than private industry offers and - as a consequence - they are not nearly as familiar with migrations of that size. I do not envy her position, and doubt in the ability of anyone in her position to do more than she has attempted. Give her some credit. She will have some large number of Civil Service Rockets working, or at least on the TOE below her: Won't work; can't be fired. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: AWS Elastic IP architecture
On Tue, Jun 02, 2015 at 07:21:12PM +0300, Nikolay Shopik wrote: Tell me how do you plan find printer in /64 subnet, scan it? On 02.06.2015 18:08, Matthew Kaufman wrote: I can't run my laser printer without a firewall in front of it, and I can't even guess how secure the controller in the septic system pump box might be... so I don't risk it. And I *know* that some of the webcams I have are vulnerable and have no updates available. Security by obscurity? Come, now. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: lots of latency on qwest to google?
On Tue, Sep 20, 2011 at 02:06:18PM -0500, Chris Brookes wrote: Anyone else seeing a lot of latency to google via qwest? .. 11 2 ms 2 ms 2 ms min-edge-12.inet.qwest.net [207.225.128.1] 1215 ms13 ms12 ms chx-edge-03.inet.qwest.net [67.14.38.5] 1312 ms21 ms13 ms 72.14.214.78 The above address is is in Google IP space 1413 ms13 ms13 ms 72.14.236.178 The above address is is in Google IP space 1561 ms61 ms61 ms 216.239.43.80 The above address is is in Google IP space 1672 ms61 ms62 ms 66.249.94.200 The above address is is in Google IP space 17 152 ms 145 ms 144 ms 216.239.43.213 The above address is is in Google IP space 18 148 ms 149 ms 150 ms 64.233.175.2 The above address is is in Google IP space 19 149 ms 150 ms 149 ms 66.249.94.34 The above address is is in Google IP space 20 212 ms 221 ms 212 ms 66.249.94.105 The above address is is in Google IP space 21 244 ms 244 ms 245 ms 66.249.94.75 The above address is is in Google IP space 22 244 ms 244 ms 244 ms 209.85.241.33 The above address is is in Google IP space 23 244 ms 243 ms 243 ms 74.125.236.52 The above address is is in Google IP space Looks to me like the latency from Qwest to Google (chx-edge-03.inet.qwest.net [67.14.38.5] to 72.14.214.78) is quite tolerable, but the delay(s) inside Google are a tad bit high. I see much the same thing from work and from home to 74.125.236.52. As soon as I jump from my provider's upstream (Qwest at work, Cox at home) to Google, the times go up sharply along the route to 74.125.236.52. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: How to begin making my own ISP?
On Fri, Sep 16, 2011 at 02:10:29PM -0400, hass...@hushmail.com wrote: No one replied with any useful information. I guess no one wants competition on this list? Pretty poor tactic. On Sat, 10 Sep 2011 21:55:01 -0400 hass...@hushmail.com wrote: I want to begin making my own ISP, mainly for high speed servers and such, but also branching out to residential customers. I'm going to be in Germany for the next school year (probably either Frankfurt am Main or Berlin); any suggestions on what sort of classes I can take there that will be in English and will teach me all I need to know on how to build and manage my own ISP, AS, etc? Thanks. It's not safe to ass-u-me that absence of a reply is due to a desire to avoid competition. I strongly suspect that the answer to your question is very large, very complex, highly dependent on your location, business plan, connectivity, and the like, and that people simply don't have the free time to devote to tutoring you in how to build and run your startup. I know I don't. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: What do you do when your Home ISP is down?
On Thu, Aug 18, 2011 at 10:21:57AM -0700, Mark Keymer wrote: I am wondering what some of you guys do when your home ISP is down. At least those of you that don't give yourself internet. I myself have a cable provider at home that I use. And I find it quite frustrating to call and report issues in there network, because the people in the call center have you do the same things every time and are not very technical. Just the other week I could see fairly clearly that I was getting routed through there network and then started to have issues in a town about 3 hours away. I tried to explain this to the rep but they thought we needed to reboot my modem. Surprise that didn't work. I mostly called just to put in a FYI having issues here, please have the smart people look into it. It is my understanding that they need to get X amount of calls before things get escalated. Granted I am sure they monitor there network too. But I called about 10 mins after the routing issues started to happen and there was no notifications that there was any issues. Even after being on the phone with them for 20? mins. Still they showed all is good and that it must just be me. I know we have a wide range of people here some of which work for my Home ISP. and would love some feedback. I call. Frequently I'm the first to call in a problem. Turns out that I sufficiently impressed one of the helldesk twinkies (not a total bozo; he ran his own home net of FreeBSD and NetBSD boxes) that he put a note on the front page of my record saying something like This guy Knows His Sh*t; listen to him and believe what he says. This one even knew about flushing the ARP cache after renumbering. If you can get past the rote scripting and we only support Windows, you may well have a chance. I'm a cablemodem subscriber to a large ISP/phone/TV provider in .ok.us; that may nail it down sufficiently for most folks. Their helldesk scores above average in my book. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: What do you do when your Home ISP is down?
On Thu, Aug 18, 2011 at 02:09:03PM -0400, Eric Wieling wrote: Obligatory xkcd http://xkcd.com/806/ Damn, that's _fine_! -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: What do you do when your Home ISP is down?
On Thu, Aug 18, 2011 at 11:17:07AM -0700, Jeff Johnstone wrote: On Thu, Aug 18, 2011 at 10:21 AM, Mark Keymer m...@viviotech.net wrote: I am wondering what some of you guys do when your home ISP is down. At least those of you that don't give yourself internet. snip I know we have a wide range of people here some of which work for my Home ISP. and would love some feedback. Sincerely, Mark Keymer I've had great luck by working through the system a couple of times until reaching a level 3 or 4 tech and then working things through. If you work with them, have them make a note on your account that acknowledges your technical skills and lets you bypass front line staff. I almost never get stuck talking to front line staff anymore, and I know my feedback has been helpful in problem resolution more than a few times :) Get to know the techs, best solution, but it takes perseverance the first few times. +1. I find it unfortunate that I've _had_ the opportunity to get to know the helldesk and local techs. People have a bad habit of taking overheight trucks down the street just behind my house, pulling the drop down from one of the two poles that theoretically support it at each end. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: IPv6 end user addressing
On Thu, Aug 11, 2011 at 05:49:03PM -0430, Greg Ihnen wrote: What standards? The RFID tag on the milk carton will, essentially, replace the bar code once RFID tags become cheap enough. It'll be like an uber-barcode with a bunch more information. For keeping track of how much, cheap sensitive pressure transducers will know by the position of the RFID tag combined with the weight of the thing at that location in the refrigerator. There's no new standard required. The technology to do this exists today. The integration and mainstream acceptance is still years, if not decades off, but, IPv6 should last for decades, so, if we don't plan for at least the things we can see coming today and already know feasible ways to implement, we're doomed for the other unexpected things we don't see coming. What reads the RFID's and the pressure sensors? What server or application receives this data and deals with it according to the user's desires? How does that data or the information and alerts this system would generate get to the user's devices? There has to be a device in the home or a server somewhere for a service the home owner subscribes to which keeps an inventory of all these things and acts on it. Do you really think it's going to be common place for people to have this kind of technology and more importantly use it? And why do you think the fridge manufacturers will get it right in cheaply-made consumer-grade products, when it's not being done right in muh pricier automated self-check-out checkstands? I avoid self-check-out checkstands because they fail in one way or another so damnably often. My last encounter had the software failing to realize that a package of 100 nuts and 100 screws weighed a significan amount; the result was that for each such package I tried to check out, I had to have someone from the store come over, log in, do something, and log out again. Five times total. *Not* satisfactory. I don't expect that the fridge makers will do any better. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: network issue help
On Thu, Aug 11, 2011 at 10:39:59AM +1000, Matthew Palmer wrote: On Wed, Aug 10, 2011 at 07:33:53PM -0400, Stefan Fouant wrote: Is there an acronym for RTFM when there are a volume of manuals that need to be read? FOAD, perhaps? Well, there's ADD: Attention Deficit Disorder. Then there's ADHD: Attendion Deficit Hyperactivity Disorder. And there's ADCD: Absent During Clue Distribution. I think #3 may fit best. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Yup; the Internet is screwed up.
On Thu, Jun 23, 2011 at 05:47:18PM -0700, Seth Mattinen wrote: On 6/22/2011 14:33, Nathan Eisenberg wrote: I agree, the whole use of the terms 'need' and 'want' in this conversation are ridiculous. It's the Internet. The entire thing isn't a 'need'. It's not like life support or something that will cause loss of life if it isn't there. The only thing to even discuss here is 'want'. Yes, consumers 'want' super-fast Internet, faster than any of us can comprehend right now. 1Tbps to the house, for everyone, for cheap! Wait, the internet isn't a need? Is this 1991? Of course it's a need, as surely as heat or electricity are needs. Without even trying, I can think of a dozen life-safety systems that rely solely on the internet for their functionality. Life safety aside, enough common stuff is moving online (whether it's paying bills, schoolwork, or preparing forms for the DMV ahead of time), and it's slowly becoming a disadvantage to not have the internet. A friend is having to job-hunt. It pretty much _requires_ Net access. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: ICANN to allow commercial gTLDs
On Fri, Jun 17, 2011 at 05:04:25PM -0400, Jay Ashworth wrote: Aw, Jeezus. No. Just, no. http://tech.slashdot.org/story/11/06/17/202245/ Yeah. Maybe ICANN needs its own special TLD: .idiots? -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: (OT) Firearms Was: UN declares Internet access a human right
On Mon, Jun 06, 2011 at 10:21:35AM -0700, Owen DeLong wrote: On Jun 6, 2011, at 7:31 AM, Daniel Seagraves wrote: On Jun 6, 2011, at 8:41 AM, valdis.kletni...@vt.edu wrote: Nice try, but the human right you just made a case for is the right to rid yourself of criminals and despots. A fundamental right for citizens to have firearms does *not* automatically follow. Yes, despots usually need to be removed by force. What Ghandi showed was that the force didn't have to be military - there are other types of force that work well too... I believe that as a law-abiding citizen, I should have the right to be at least as well-armed as the average criminal. If the average criminal has access to firearms, then I should have that option as well. I should not be forced into a disadvantage against criminals by virtue of my compliance with the law. Once law enforcement is effective enough to prevent the average criminal from having access to firearms, then the law-abiding population can be compelled to disarm. This stance can result in an escalation scenario in which criminals strive to remain better-armed than their intended victims, but the job of law enforcement is to prevent them from being successful. I take it a step further. I believe that in order to preserve the ability of the people to defend themselves from the possibility of tyranny, the people must be allowed to possess any level of hardware allowed to the government. While your statement above sounds wonderfully utopian, the reality is that unless the citizens can take up arms against the government, the government can, over time, become criminal. A disarmed populace has no ability to protect itself from such a government. At present, the average criminal in my area does not have firearms, and so I do not own one. Gun crime is on the increase, however, so this situation may change. In my area, most of the gun murders are committed by police officers. I live in San Jose, California. The people of the various provinces are strictly forbidden to have in their possession any swords, short swords, bows, spears, firearms, or other types of arms. The possession of unnecessary implements makes difficult the collection of taxes and dues and tends to foment uprisings. -- Toyotomi Hideyoshi, August 1588 -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Had an idea - looking for a math buff to tell me if it's possible with today's technology.
On Fri, May 20, 2011 at 09:34:59AM -1000, Paul Graydon wrote: On 05/20/2011 08:53 AM, Brett Frankenberger wrote: On Fri, May 20, 2011 at 06:46:45PM +, Eu-Ming Lee wrote: To do this, you only need 2 numbers: the nth digit of pi and the number of digits. Simply convert your message into a single extremely long integer. Somewhere, in the digits of pi, you will find a matching series of digits the same as your integer! Decompressing the number is relatively easy after some sort-of recent advances in our understanding of pi. Finding out what those 2 numbers are--- well, we still have a ways to go on that. Even if those problems were solved, you'd need (on average) just as many bits to represent which digit of pi to start with as you'd need to represent the original message. -- Brett Not quite sure I follow that. Start at position xyz, carry on for 1 bits shouldn't be as long as telling it all 1 bits? This depends strongly on the size of the number expressing position xyz. Pi is infinitely long, so there is no guarantee that for some random string which can be found starting at position xyz in, say, the binary, decimal, or hexadecimal expansion of pi, xyz can be expressed in fewer than 1 (or indeed any fixed number N) bits. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: 365x24x7 (sleep patterns)
On Fri, Apr 15, 2011 at 11:53:47AM -0500, Chad Dailey wrote: +1. I'd go to six months, having been the night shift bitch. Flipping shifts around damn near killed me. On Fri, Apr 15, 2011 at 11:44 AM, Mark Green ktm200...@hotmail.com wrote: Suggestion; once on the 'night shift' stay put for at least three months... Sleep patterns take time to adjust. Jumping between day and night shifts will burn out even the most motivated employee. Amen. There is evidence that, other things being relatively equal, people working rotating shifts have shorter life expectancies and that the faster the rotation, the shorter the expectancy gets. There also is some evidence that people working rotating shifts are more likely to get cancer. My experience: 6 on, 2 off, 8 hours, rotating to the next later shift: I never, ever got enough sleep -- for 2 years. 6 on, 2 off, 12 hours, straight mids, no rotation: much less bad. 5 on, 2 off, 8 hours, straight mids: quite tolerable. 5 on, 2 off, 8 hours, straight swings (1600-): out of phase with the world. YMMV; I expect it to. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Level 3 Agrees to Purchase Global Crossing
On Mon, Apr 11, 2011 at 02:41:18PM +, Mike Walter wrote: I find it amusing that the article says - The deal will combine two unprofitable companies So I guess the thinking is that two negatives make a positive? They may lose on every subscriber, but now they'll make it up in volume. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
On Thu, Mar 24, 2011 at 11:34:13AM -0400, Steven Bellovin wrote: On Mar 24, 2011, at 10:27 58AM, Aaron Wendel wrote: That's a good question. Maybe they can't qualify under Arin rules. Another question will be: how is Arin going to handle it? Im pretty sure that the RSA says that in the event of bankruptcy ips revert to the Arin pool. I understand that these were legacy addresses but... I wonder if the bankruptcy court agrees with that. Does it have the power to order ARIN to accept this? Send lawyers, guns, and money... Disregard previous; I see the bankruptcy is in the Delaware courts. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Christchurch New Zealand
On Wed, Feb 23, 2011 at 10:08:39AM -0800, JC Dill wrote: On 22/02/11 10:38 PM, Joe Hamelin wrote: The other CERT: Community Emergency Response Team. https://www.citizencorps.gov/cert/about.shtm +1 for CERT. I also think that taking a CERT class is a great way to re-evaluate your own network emergency procedures. You may find new ways to prepare for network disasters, and to triage damage when a network disaster occurs. Agreed on CERT. I diffidently suggest that amateur radio licensing, together with some battery-operated gear (think 2-meter or 70-cm handy-talkies at a minimum for short-haul comms, HF gear for longer-haul) may be Very Good Indeed in a disaster that takes down POTS service or government emergency communications. Folks interested in this might want to investigate ARES and/or RACES in the US, or similar activities in other countries. Examples: New Orleans: hams did EMCOMM for police, fire, and other services after grid power failed, until FEMA was able to move generators and other hardware in. NYC, 9/11/2001: EMCOMM repeaters were on one of the WTC buildings. When that collapsed, hams did EMCOMM for police, fire, and other services until FEMA and NY State got EMCOMM repeater hardware moved in. Hurricane Ike, Galveston TX and surrounding area: Grid power failed and many areas flooded, taking out government EMCOMM. Hams provided EMCOMM. I helped work this one, and *KNOW* there were lives saved by hams poviding EMCOMM services for government. Oklahoma City, after the Murrah Building bombing: wired POTS overloaded, cell services were restricted. Hams provided EMCOMM. This won't help you get your networks back in service, except indirectly, but you certainly can help others while you're waiting for things to improve. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: [arin-ppml] NAT444 rumors (was Re: Looking for an IPv6naysayer...)
On Fri, Feb 18, 2011 at 10:14:04AM -0800, George Bonser wrote: From: Jeff Wheeler Sent: Friday, February 18, 2011 8:13 AM To: nanog@nanog.org Subject: Re: [arin-ppml] NAT444 rumors (was Re: Looking for an IPv6naysayer...) I suspect Google, Microsoft, and others have already figured out a beneficial (to everyone) way to monetize this. If I'm an ISP with working IPv6, and my competitor in a given region is an ISP without IPv6, I'd like to advertise to all the end-users of that ISP whenever they go to a search engine that sells ads. One thing they can do, and I would live to see some popular destination site do this, is to say something like: we have this really cool new thing we are rolling out but, sorry, it is available only via IPv6 or we will continue supporting all of today's features on v4 but all new features will be rolled out on v6 only. That would result in eyeballs demanding access to that content and nothing drives innovation like customer demand does. You never been told something like We don't do (or stock) that because there's no demand for it! You know, you're the Nth person to ask about it today. I have, and many more times than merely once. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Internet blocked in Algeria?
On Sat, Feb 12, 2011 at 05:01:12PM -0500, Joly MacFie wrote: Any confirmation of internet blocking? http://bikyamasr.com/wordpress/?p=26849 As massive street demonstrations are met with widespread violence in Algeria, the country is reporting that many Facebook accounts have been deleted or blocked by the government, in an effort to stifle protests against President Abdelaziz Boutifleka, activists on Twitter reported around midday in the country. They also said that the government is working fast to cut off all Internet providers in the country. At least some websites, though not all of them, that are linked off http://www.erepublic.org/egovincountriesa/algeria.html seem to be working OK. I grant they're all government, but they're up and serving requests. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Found: Who is responsible for no more IP addresses
On Thu, Jan 27, 2011 at 12:26:58PM -0800, Mark Keymer wrote: What I don't understand is I can only guess they must have a IT team. And Maybe even 1 or more people that view this list. Why don't they just talk to there own staff about the issues? Maybe one of the IT guess saw the issues talked about the articles and contacted the news team about the bad info. I donno. I agree they kind of did a poor job on this. If you work at FOX maybe you should help get the news guys on the right page. :) My experience working with newspaper and TV reporters leads me to believe that they can't recognize when they're on the wrong page, and will sacrifice accuracy to catchy titles and text simplified to the point of being ludicrously wrong -- at least when it comes to topics such as computers, networking, and spam. I certainly don't expect any better of Fox. Remember that study on people so incompetent that they can't recognize their own incompetence? That's it, in spades. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Found: Who is responsible for no more IP addresses
On Thu, Jan 27, 2011 at 08:20:54PM -0500, Steven Bellovin wrote: On Jan 27, 2011, at 4:53 22PM, mikea wrote: On Thu, Jan 27, 2011 at 12:26:58PM -0800, Mark Keymer wrote: What I don't understand is I can only guess they must have a IT team. And Maybe even 1 or more people that view this list. Why don't they just talk to there own staff about the issues? Maybe one of the IT guess saw the issues talked about the articles and contacted the news team about the bad info. I donno. I agree they kind of did a poor job on this. If you work at FOX maybe you should help get the news guys on the right page. :) My experience working with newspaper and TV reporters leads me to believe that they can't recognize when they're on the wrong page, and will sacrifice accuracy to catchy titles and text simplified to the point of being ludicrously wrong -- at least when it comes to topics such as computers, networking, and spam. I certainly don't expect any better of Fox. Mmm... I've dealt with the press a lot. In general, the reporters from well-respected news organizations really are a lot better. One can argue cause and effect; the fact remains that when I've talked to the NY Times, the Wall Street Journal, NPR, and the Washington Post, I've been a lot happier with what appeared than when, say, I've spoken with (quite literally) Entertainment Weekly. No, the major outlets haven't been perfect, and I've occasionally spoken with reporters who, shall we say, didn't know which end the high-order bit was on; in general, though, my comments hold. Fox? Since I don't see that the Tea Party has any particular axe to grind here (the administration is neither pushing IPv6 on a reluctant private sector nor is it responsible for the forthcoming debacle), they're probably in the middle of the pack. Mine was considerably less exalted: network TV stations and the local poor excuse for a newspaper. The newspaper reporter tried, but just got it *so* wrong. The TV folks didn't even try, and got it even wronger. I was being interviewed on spam and botnets, which is a fairly arcane topic, and wasn't surprised. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: test-ipv6.com
On Thu, Jan 27, 2011 at 06:59:15PM -0600, Jack Bates wrote: On 1/27/2011 6:25 PM, Matthew Moyle-Croft wrote: Anyone for peering cake? Yeah, Google, HE, Cogent, Sprint, Qwest, and Level3 all need peering cakes (as I'm pretty sure there is no participant in that list which is connected to every other participant in that list). If you could bake Qwest a Juniper IPv6 cake and Sprint an OKC gig-e termination w/ dual stack cake, that would be swell too. :) Jack (why did I decide to live in Oklahoma again?) Because the weather is so exciting. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Satellite IP
On Mon, Jan 10, 2011 at 04:33:30PM -0500, Jay Ashworth wrote: - Original Message - From: Valdis Kletnieks valdis.kletni...@vt.edu Why the hostility, Valdis? As I said several times - it's not hard to be 98% or 99% sure you can make all your commitments. However, since predicting the future is an inexact science, it's really hard to provide a *100% guarantee* that you'll have enough contended capacity to make all the performance targets even if every single occasional customer shows up at once. As Jay pointed out in his follow-up note, his backup strategy is scramble around and hope another provider can come through in time, which is OK if you *know* that's your strategy and are OK on it. However, blindly going along with my usual provider guaranteed 100% availability is a bad idea. I don't think Kelly is on his first rodeo, and I know I'm not. scramble around is a bit pejorative as descriptions for my booking strategy go, but everyone has a cranky day every so often, not least me. :-) And note that I *also* pointed out that carrier statmuxing on the transport is a valid strategy for capacity elasticity, in that particular environment. Remember, we're coming out of a solar minimum. ;) Are we in fact coming out of it yet? I heard it was getting deeper, and that we were looking at a Dalton, if not another Maunder. I'll have to find the paper I read yesterday that said we should expect to wait a long time before we see sunspot counts back where they should be. ... Try this: http://news.sciencemag.org/sciencenow/2010/09/say-goodbye-to-sunspots.html -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: NIST IPv6 document
On Mon, Jan 10, 2011 at 02:52:56PM -0500, Lamar Owen wrote: On Friday, January 07, 2011 09:25:59 am David Sparro wrote: I find that the security Layers advocates tend not to look at the differing value of each of those layers. Different layers very much have different values, and, yes, this is often glossed over. Going back to the physical door analogy, it's like saying that a bank vault protected by a bank vault door is less secure than a vault with the bank vault door AND a screen door. More analogous would be the safe with glass relockers and a vial of tear gas behind the ideal drill point. Yes, those do exist, and, should you want to see a photo of such a vial, I can either provide one (have to take the photo with the safe door open next time I'm on that site, which may be a while with all this snow and ice on the ground) or you can find pics through google. Even physical locks have layered security principles. Think Medeco locks with chisel-pointed pins and the associated sidebar in the center, or ASSA's Twin double-stack pin technology, or the use of spool pins in locks, or Schlage's Primus system (also sidebar driven) or anti-drill armor in front of the pin stack (to prevent drilling the shear line), etc. The use of layers in the physical security realm is a proven concept, and the synergy of the layers has been shown effective over time. Not totally secure, of course, but as the number of layers increases the security becomes better and better. My father used to tell me that Locks keep the honest people out. He was right; the clever non-honest are the ones we have to deal with at that level. Computers are so great a force multiplier that we are having to do the same sorts of things to defend against assaults from them. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: FAA - ASDI servers
On Wed, Jan 05, 2011 at 06:36:25AM -0500, Robert E. Seastrom wrote: TR Shaw ts...@oitc.com writes: There is a federal directive that has been in place for a number of years that requires IPV6 support for all new IT contracts/systems and also a directive to all federal agencies to support IPV6 by 2008 (See http://ipv6.com/articles/general/US_Government_IPv6.htm ) And conveniently it's even getting more traction than GOSIP did. I think there have been some federal directives to balance the budget too. Point being that a PDF of such a directive is worth the paper it is written on if people are inclined to just figure out a way around it. (for those who are lucky or young enough to not remember: http://en.wikipedia.org/wiki/GOSIP ) Bad cess to you for that! I thought I had recycled those neurons, but it turns out I hadn't. I suppose that cautionary tales are necessary, and GOSIP certainly is one. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: The tale of a single MAC
On Sat, Jan 01, 2011 at 09:33:46PM -0600, Graham Wooden wrote: Hi there, I encountered an interesting issue today and I found it so bizarre ? so I thought I would share it. I brought online a spare server to help offload some of the recent VMs that I have been deploying. Around the same time this new machine (we?ll call it Server-B) came online, another machine which has been online for about a year now stopped responding to our monitoring (and we?ll name this Server-A). I logged into the switch and saw that the machine that stopped responding was in the same VLAN as this newly deployed, and then quickly noticed that Server-A?s MAC address was now on Server-B?s switch port. ?What the ...? was my initial response. I went ahead and moved Server-B?s to another VLAN, updated the switchport, cleared the ARP, and Server-A came back to life. Happy new year to me. So ? here is the interesting part... Both servers are HP Proliant DL380 G4s, and both of their NIC1 and NIC2 MACs addresses are exactly the same. Not spoofd and the OS drivers are not mucking with them ... They?re burned-in ? I triple checked them in their respective BIOS screen. I acquired these two machines at different times and both were from the grey market. The ?What the ...? is sitting fresh in my mind ... How can this be? In the last 15 years of being in IT, I have never encountered a ?burned-in? duplicated MACs across two physically different machines. What are the odds, that HP would dup?d them and that both would eventually end up at my shop? Or maybe this type of thing isn?t big of deal... ? We got a batch of NICS that had duplicate MACs in several pallets of IBM desktops, about 15 years back. We noticed this only when two of the machines were shipped to the same field office location. I've heard other state agencies talk about the same sort of problem with IBM and several other vendors. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Some truth about Comcast - WikiLeaks style
On Sun, Dec 19, 2010 at 06:41:09PM -0800, Seth Mattinen wrote: Contrary to popular belief the average person tend to severely dislike all forms of road construction or having their yard repeatedly torn up. I know it's all happy fun times to say let's have 10 water/electrical providers and you can select which molecules/electrons you want!, but there's a practical limit as to how much stuff one can pack under a street's limited right of way. If you look at what's under there right now it's actually quite crowded. We just don't see it because it's buried. True indeed. My employer, the Oklahoma Dept. of Transportation, is a major owner, but not the only one, of right-of-way in the state. We have severe problems with trying to wedge into our rights-of-way all the things that people want to wedge in around our structures and drainage: pipelines, fiber, etc. It is beginning to look as though we will have to increase the ROW width in the future, just to make it possible to run everything necessary. The lawmakers were not particularly happy about this, but I understand that they were shown some cross-section maps of places where things are quite dense, and most of them came around. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Some truth about Comcast - WikiLeaks style
On Thu, Dec 16, 2010 at 12:13:21PM -0800, Matthew Petach wrote: You may find that simply fewer content providers decide it's worth it to play in that space, under those conditions, which results in fewer choices for the consumer, and something closer to a monopoly on the available content to be consumed. People *were* happy with only having three national TV networks to choose from for their major content in the US, right? bar.com doesn't have to drive foo.com out of business; they just have to outlast them in the war of attrition driven by the monopoly holder, until bar.com decides it's no longer worth providing that content anymore. end game--one monopoly access provider, and one giant content source--and a huge barrier to entry keeping anyone else from providing an alternative view of the world. Sometimes expressed as It is not enough that you win; all others must fail. Treating this as a zero-sum game is not good for the end users, however good it may be for the winning enterprise. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Alleged backdoor in OpenBSD's IPSEC implementation.
On Tue, Dec 14, 2010 at 11:51:24PM -0800, Michael J Wise wrote: On Dec 14, 2010, at 9:56 PM, Ken Chase wrote: On Tue, Dec 14, 2010 at 09:39:02PM -0800, Chaim Rieger said: Does anyone remember the last time a law enforcement agency had someone sign a 10 year NDA on a backdoor? Oh, times up, I can post it on Facebook now. Cool. 22:42 @smartboy curious what the guy's motives really are. pretty sure the NDA expiration on putting a backdoor into software for the FBI would be when you're dead 22:42 @smartboy or when you'd like to be dead Someone is confusing FBI with NSA, methinks. And yes, if this is the kind of thing not talked about, NDAs expire when you do. But seriously ... this would seem to be the kind of code that Smart People should be doing security audits on Just Because. So rustle up a couple of PostDocs, and give them an idea for a Thesis, and yer set. More to the point, I think it wouldn't be an NDA, but a security classification on the knowledge of the backdoors, and probably one not subject to automatic downgrading. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Alleged backdoor in OpenBSD's IPSEC implementation.
On Wed, Dec 15, 2010 at 12:00:56PM -0500, Stefan Fouant wrote: -Original Message- From: mikea [mailto:mi...@mikea.ath.cx] Sent: Wednesday, December 15, 2010 8:28 AM To: nanog@nanog.org Subject: Re: Alleged backdoor in OpenBSD's IPSEC implementation. Someone is confusing FBI with NSA, methinks. And yes, if this is the kind of thing not talked about, NDAs expire when you do. But seriously ... this would seem to be the kind of code that Smart People should be doing security audits on Just Because. So rustle up a couple of PostDocs, and give them an idea for a Thesis, and yer set. More to the point, I think it wouldn't be an NDA, but a security classification on the knowledge of the backdoors, and probably one not subject to automatic downgrading. Please pardon my ignorance on the matter as I am not involved in any way with Open Source development, but it stands to reason that anything of this sort would have been scrutinized by the many developers involved with OpenBSD and surely would have been discovered at some point. And to further that point, is this not something that can be verified now if this code is still in the public domain? Or is writing a crypto stack such an esoteric task that only a relegated few can possibly decipher the inner workings? Not that I don't love a good government conspiracy theory, and yes I do believe there are a fair amount of backdoors in most code (including that of many private and publicly held corporations)... but open source? Just seems unlikely to me based on my limited understanding... In sober honesty, I doubt that there are any backdoors in any *BSD crypto stack that is really open source -- modulo the issues set out in On trusting trust. But while I doubt it, that doesn't mean that I'm certain there are none. At this point, a real Conspiracy Theorist (TM) would ramble on about how all the *BSD crypto stack folks either were co-opted by the NSA or were under threat of death or worse if they talked. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: LOIC tool used in the Anonymous attacks
On Sat, Dec 11, 2010 at 11:59:07AM -0800, andrew.wallace wrote: I was reading about this- yeah really anonymous. http://praetorianprefect.com/archives/2010/12/anonymous-releases-very-unanonymous-press-release/ Also: http://www.boingboing.net/2010/12/11/anonymous-isnt-loic.html All we know with certainty is that there is *a* name in the metadata. Why would anyone conclude that it is definitely the name of the author? -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: [Operational] Internet Police
On Thu, Dec 09, 2010 at 06:26:30PM +, Dobbins, Roland wrote: On Dec 10, 2010, at 1:19 AM, Michael Smith wrote: front lines of this cyberwar? Warfare isn't the correct metaphor. Espionage/covert action is the correct metaphor. Low intensity conflict may be more correct. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: The scale of streaming video on the Internet.
On Thu, Dec 02, 2010 at 06:29:54PM -1000, Antonio Querubin wrote: On Thu, 2 Dec 2010, Paul Ferguson wrote: Old skool. Twitter is much faster: http://www.thejakartaglobe.com/home/government-disaster-advisors-twitter-ha cked-used-to-send-tsunami-warning/408447 But morse code is still faster :) http://www.google.com/search?q=morse+code+beats+textingie=utf-8oe=utf-8aq=trls=org.mozilla:en-US:officialclient=firefox-a Faster and doesn't require infrastructure (other than possibly electrical power). Those hams were throttled _way_ back, too, to about 21 words per minute; I frequently hear Morse at speeds up to about 50 wpm in the ham bands. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Domain shut downs by Registrar?
On Fri, Dec 03, 2010 at 10:49:47AM -0500, Christopher Morrow wrote: On Fri, Dec 3, 2010 at 10:45 AM, John R. Levine jo...@iecc.com wrote: We do remember, don't we, that the domain that started this discussion were shut down by Verisign, the registry, not a registrar? interesting that in THIS case the registry just took the action, was the domain registered through their registrar arm? They haven't had a registrar arm since they spun off Network Solutions in 2002. thanks... so, in this case, why did they take this action? why didn't they push the action to the registrar? or did they and the registrar refused to comply? (potentially because the domains weren't violating a TOS?) I suppose though, on the good side, we can expect the Verisign folks to now shutdown other domains we bring to their attention as malware/spamware/etc without protest? Without a doubt. And all the pigs have been fueled and serviced, and are in all respects ready for flight. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Want to move to all 208V for server racks
On Thu, Dec 02, 2010 at 12:17:37PM -1000, Antonio Querubin wrote: On Thu, 2 Dec 2010, Ricky Beam wrote: I think they are now a violation of the NEC. And they were delisted by UL years ago. They pose a hazard as they will not react fast enough to prevent a fatal shock. (and the only one's I've ever seen were outlawed as the breaker itself was a fire hazard.) You sure about that? GFCI breakers as well as their close cousins AFCIs are still being sold and bought at hardware stores. A quick browse of www.homedepot.com and www.lowes.com shows that both of them sell GFCI breakers online and in the stores local to me. Moreover, the UL website (www.ul.com) doesn't say anything about GFCI breakers being delisted, and _does_ mention GFCI breakers as one of three types of GFCI devices. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin