On Sat, 8 Mar 2003, Joe St Sauver wrote:
you will see that for bulk TCP flows, the median throughput is still only
2.3Mbps. 95th%-ile is only ~9Mbps. That's really not all that great,
throughput wise, IMHO.
Strange. Why is that? RFC 1323 is widely implemented, although not
widely enabled
Also as the OS's are shipped they come with small default maximum window sizes (I
think Linux is typically 64KB and Solaris is 8K), and so one has to get the sysadmin
with root privs to change this.
-Original Message-
From: Iljitsch van Beijnum [mailto:[EMAIL PROTECTED]
Sent: Sunday,
On Sun, Mar 09, 2003 at 02:25:25PM +0100, Iljitsch van Beijnum quacked:
On Sat, 8 Mar 2003, Joe St Sauver wrote:
you will see that for bulk TCP flows, the median throughput is still only
2.3Mbps. 95th%-ile is only ~9Mbps. That's really not all that great,
throughput wise, IMHO.
See Comments In-line below..
So I'm curious what people think. We have semi centralized
various things in
the past such as IP assignments and our beloved DNS root
servers. Would it
not also make sense to handle common security checks in a
similar manner? In
creating an authority to
On Sun, 09 Mar 2003 11:50:04 CST, Jack Bates [EMAIL PROTECTED] said:
So I'm curious what people think. We have semi centralized various things in
the past such as IP assignments and our beloved DNS root servers. Would it
not also make sense to handle common security checks in a similar
On Sun, Mar 09, 2003 at 08:29:16AM -0800, Cottrell, Les wrote:
Strange. Why is that? RFC 1323 is widely implemented, although not
widely enabled (and for good reason: the timestamp option kills header
compression so it's bad for lower-bandwidth connections). My guess is
that the OS
- Original Message -
From: [EMAIL PROTECTED]
To: Jack Bates [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Sunday, March 09, 2003 12:31 PM
Subject: Re: Question concerning authoritative bodies.
So who do you trust to be objective enough about a centralized registry
of security,
On Sun, 09 Mar 2003 13:09:14 CST, Jack Bates said:
There are private systems in use today like NJABL which act as centralized
private systems. Plural. Because..
resources. I believe that it is possible to come to an agreement on a
standardized test suit that can be used and what the
From: Valdis.Kletnieks
I'd just *LOVE* to hear how you intend to avoid the same problems that the
crew
from ORBS ran into with one large provider who decided to block their
probes.
Failing to address that scenario will guarantee failure
Run the probes from the DNS root servers. Problem
On Sun, 9 Mar 2003, Jack Bates wrote:
made. Instead of contacting 3-5 DNSBLs, one must contact every ISP that
happened to do a scan during the outage period. Centralizing scanning
for
security issues is a good thing in every way. It is the responsible
thing to do.
This, IMO, is where
Here is a graph of scans for port 445:
http://isc.incidents.org/port_details.html?port=445
On Sun, 9 Mar 2003, Jack Bates wrote:
networks back it. Blocking the scans at a TCP/IP level is easily detectable.
Provider received email from said server, IP was submitted for testing, no
connection can be established to said server. Place it in the wouldn't
allow scan list. Politely ask
Are other people having problems with this right now?
There doesn't seem to be very much traffic or information about this on any of
the security lists (it is Sunday...).
The last posted URL points to an impending storm...
Other operators opinions about blocking port 445 before this thing
Are other people having problems with this right now?
There doesn't seem to be very much traffic or information about this on any of
the security lists (it is Sunday...).
The last posted URL points to an impending storm...
Other operators opinions about blocking port 445 before this
Date: Sun, 9 Mar 2003 14:59:05 -0500 (EST)
From: jlewis
In AOL's case, they couldn't even tell us why our mail was
being rejected or our connections to their MX's blocked and I
had to wait a week for their postmaster dept. to get to my
ticket and return my call to fill me in on what was
On Sun, 9 Mar 2003, Jonathan Claybaugh wrote:
Are other people having problems with this right now?
There doesn't seem to be very much traffic or information about this on any of
the security lists (it is Sunday...).
The last posted URL points to an impending storm...
Other operators
On Sun, 9 Mar 2003, E.B. Dreger wrote:
True. It cracks me up when someone complains about being on
Selwerd XBL.
You may find it funny, but I do not. I get literally dozens, possibly
hundreds of calls a year about that moron. He costs us real money in lost
cycles. His inclusion in the
From: Sean Donelan
So far the Deloder worm appears to be responding to normal congestion
feedback controls, limiting its network impact. Like CodeRed, Nimda, etc
some edge providers may need to implement network controls due to
scanning activities causing cache busting, but I suspect most
So far the Deloder worm appears to be responding to normal congestion
feedback controls, limiting its network impact. Like CodeRed, Nimda, etc
some edge providers may need to implement network controls due to
scanning activities causing cache busting, but I suspect most network
backbones
On Sun, 9 Mar 2003, E.B. Dreger wrote:
In AOL's case, they couldn't even tell us why our mail was
being rejected or our connections to their MX's blocked and I
had to wait a week for their postmaster dept. to get to my
ticket and return my call to fill me in on what was going on.
We just had this same exact thing happen to us, but not by AOL, by
Comcast. We have alot of aliases pointing to Comcast email addresses, so
my best guess is that one or more of them had enough spam or spam bounces
going to them to trigger something. Nobody there could tell me exactly
what
21 matches
Mail list logo
