On Thu, 2 Oct 2003, Stephen J. Wilcox wrote:
It does raise the question of whether ICMP Echo is a good mechanism for
monitoring systems that are across third party networks.
I personally think that filtering ICMP is becoming less useful and you
would get better results using other probe
Short of turning off their network access, why won't users fix
their computers when the computer is infected or needs a patch?
The University of Massachusetts posted bulletins, sent an email to
all incoming students, included an alert when they connected.
Nevertheless, almost three months after
On 03.10 04:12, Sean Donelan wrote:
Short of turning off their network access, why won't users fix
their computers when the computer is infected or needs a patch?
Hey, it's working! If it ain't broken
Related question for network engineers: When did you have your last
medical
On 03.10 10:36, Erik-Jan Bos wrote:
Hey, it's working! If it ain't broken
I doubt this. Recently, I worked with a couple of people that each had
their PCs infected. Their own virtual neighborhood complained to them,
and they surely were embaressed about the situation, but... They
On Fri, 3 Oct 2003, Erik-Jan Bos wrote:
I doubt this. Recently, I worked with a couple of people that each had
their PCs infected. Their own virtual neighborhood complained to them,
and they surely were embaressed about the situation, but... They just
did not know how to fix it, i.e. where to
Sean Donelan wrote:
On Fri, 3 Oct 2003, Erik-Jan Bos wrote:
I doubt this. Recently, I worked with a couple of people that each had
their PCs infected. Their own virtual neighborhood complained to them,
and they surely were embaressed about the situation, but... They just
did not know how to fix
So what you are suggesting basically is to add an application layer
sanity
checker and DoS preventer, am I right ?
More or less, yes. The main thing is to have something in front of the
clocks that can be used to block or mitigate network abuse activities like
DoS. And if this front-end is a
On 03.10 10:59, Erik-Jan Bos wrote:
Perhaps an auto club for PC-users: You call and within the next 24 or
48 hours, depending on your subscription, an expert would dial in or
come by to get you on the virtual road again.
If this was a viable business proposition, it would exist. My
Sean,
Ok, not everyone is a computer expert. If their TV, VCR or car started
belching smoke and flames, and they didn't know how to fix it, what would
they do? Take it to a repair shop? If you get a flat tire, pull off to
the side of the road and either repair the tire or call the auto
Anyone have any idea why a host from IANA would be scanning DNS
servers?
;; AUTHORITY SECTION:
4.32.198.in-addr.arpa. 10551
IN SOA dot.ip4.int.
hostmaster.ip4.int. 1928630 10800 900 604800 86400
10/03-01:29:45.947001 [**] [1:1616:4]
DNS
named version attempt [**] [Classification: Attempted
On Fri, Oct 03, 2003 at 09:25:16AM -0400, Andrew Fried wrote:
Anyone have any idea why a host from IANA would be scanning DNS servers?
Yes, and has been going on for years and years and ..
See link:
http://www.isi.edu/~bmanning/in-addr-audit.html
On Fri, Oct 03, 2003 at 09:30:57AM -0400, Jared Mauch wrote:
On Fri, Oct 03, 2003 at 09:25:16AM -0400, Andrew Fried wrote:
Anyone have any idea why a host from IANA would be scanning DNS servers?
Yes, and has been going on for years and years and ..
See link:
Speaking on Deep Background, the Press Secretary whispered:
Short of turning off their network access, why won't users fix
their computers when the computer is infected or needs a patch?
Hey, it's working! If it ain't broken
And when you DO patch it, then it REALLY breaks.
Gah, the hotels seem to have suddenly all got booked up.
Can anyone recommend a hotel close to NANOG29, sub $200/night room rate,
with internet access in the room, with availability 18-22 Oct? I can't find
any on the list on www.nanog.org with availability (or are $200/night).
Simon
--
Simon
John Renwick wrote:
You've put your finger on it. ISPs have to help users understand that their
machines are broken in a way that makes them unable to gain access to the
Internet -- then most will take them to the shop PDQ, and hopefully get them
back with some protection installed.
While
Can anyone recommend a hotel close to NANOG29, sub $200/night room rate,
with internet access in the room, with availability 18-22 Oct? I can't
find
any on the list on www.nanog.org with availability (or are $200/night).
I've always liked the look of the House of Blues hotel
with its spiral
http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm
http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm
This is a return volly. The service in this match was three
weeks ago.
--bill
Thanks all for the recommendations - I managed to get $120/night @ Hotel 71 via
1800hotels.com, but even that is not showing any more (so I guess I got the
last room).
Simon
On Fri Oct 03, 2003 at 03:13:28PM +0100, Simon Lockhart wrote:
Gah, the hotels seem to have suddenly all got booked
Scott Bradner writes:
http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [Fri 03 Oct 2003, 16:47 CEST]:
This is a return volly. The service in this match was three
weeks ago.
So the question is now, who has who by the
In message [EMAIL PROTECTED],
Robert M. Enger [EMAIL PROTECTED] wrote:
An alternate time source could be the GLONASS system.
Receivers do exist, but I have never used one.
Note that GLONASS satellites are failing frequently, and unlike GPS
satellites, are not always being replaced. Currently
The recommendations of others to place the Stratum 1 source behind another
box is indeed good operational practice. However if you _really_ want to
provide Stratum 1 services there are a couple of options
1 - Purchase a Cesium clock this is a Primary Time/Frequency standard
which does
Two relevant points on GPS/LORAN
1 - GPS has two positioning systems
1 - SPS Standard Positioning Service which is what all civillian
uses of GPS utilize for positioning and timing uses and this can
be degraded or disabled with no notice to the user community
I apologize for bringing this to the list, but i have expended
approximately 22 hours since monday on the problem without resolution
and without consistent replies or consistent reliable response from
comcast. The short version of situation is that i am getting between
11% and 52% packet loss
Hi,
I wish to thank all who answered, indeed, it was helpful. But, as it
was mentioned here, any further dwelling into this particular topic would
be more appropriate in the NTP forums available, be it mailing lists or
newsgroups.
So, I would like to request that further replies
On Fri, 3 Oct 2003 [EMAIL PROTECTED] wrote:
http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm
This is a return volly. The service in this match was three
weeks ago.
While any reasonable person would know what ICANN asked Verisign to do,
any prediction whether
Speaking on Deep Background, the Press Secretary whispered:
Two relevant points on GPS/LORAN
1 - GPS has two positioning systems
1 - SPS Standard Positioning Service which is what all civillian
uses of GPS utilize for positioning and timing uses and this can
I have a twin room in the Marriott 18th-22nd (no ARIN), and am happy to share
for half the cost with anyone who knows me.
Steve
Thanks all for the recommendations - I managed to get $120/night @ Hotel 71 via
1800hotels.com, but even that is not showing any more (so I guess I got the
last
In [EMAIL PROTECTED] Sean Donelan [EMAIL PROTECTED] writes:
While any reasonable person would know what ICANN asked Verisign to do,
any prediction whether Verisign will adopt a passive-agressive posture
and inteprete the letter in a way to cause maximum disruption to all
users of the
] (so I guess I got the last room).
You may have. There is a convention of surgeons running at the same
time as NANOG. The good news is that I can be assured of quick
resuscitation if we run out of coffee. :)
--
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);
Hello Andrew,
This is not being done by the IANA or from an IANA machine.
This is something being carried out by epnet I believe
John crain
Friday, October 03, 2003
AF Anyone have any idea why a host from IANA would be scanning DNS servers?
AF ;; AUTHORITY SECTION:
AF
true enough. when it first was initiated, back in 1997, it was
an IANA chartered activity. It is not now, nor ever has been run
on IANA machines. If you have specific questions, I'd be pleased
to talk about them off-list.
--bill manning
310.322.8102
Hello Andrew,
This is not
Derating GPS wouldn't affect the time reference functionality. Turning
off GPS entirely would seriously affect military aviation operations.
Not so:
Selective Availability (SA) is the deliberate introduction of error by
either altering the precise timekeeping of GPS satellites or the position
] (so I guess I got the last room).
You may have. There is a convention of surgeons running at the same
time as NANOG. The good news is that I can be assured of quick
resuscitation if we run out of coffee. :)
Er, you are confused...
Surgeons -cut- people.
On Fri, 03 Oct 2003 09:59:59 -0700
Owen DeLong [EMAIL PROTECTED] wrote:
I used to work with GPS navigation / calibration. The entire system is
designed to free wheel for at least a month, and probably many months,
giving adequate performance
even if all the ground control stations were
In the immortal words of Scott McGrath ([EMAIL PROTECTED]):
1 - Purchase a Cesium clock this is a Primary Time/Frequency standard
which does not require access to a reference standard to maintain
accuracy.
This is a Stratum 0 source so once placed behind a Unix/Cisco/Juniper
On Fri, Oct 03, 2003 at 11:48:42AM -0400, Sean Donelan wrote:
On Fri, 3 Oct 2003 [EMAIL PROTECTED] wrote:
http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm
This is a return volly. The service in this match was three
weeks ago.
While any reasonable person
Nathan J. Mehl [EMAIL PROTECTED] writes:
This is a Stratum 0 source so once placed behind a Unix/Cisco/Juniper
box you have a stratum 1 source. This will cost you 30,000 -
100,000 US per unit. The beam tube will require replacement
approx every 5 years for about
From a service provider perspective, does anyone know if there is a way
to make a cisco router that is acting as a dhcp relay agent install a
/32 host route for the assigned IP address?
I'm looking for a way to assign static IP addresses from the same pool
independant of the router that is
http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html
And they act like they're the victims. Amazing.
Without so much as a hearing, ICANN today formally asked us to shut down
the Site Finder service, said VeriSign spokesman Tom Galvin. We will
accede to their request while we
On Fri, 3 Oct 2003, Tim Wilde wrote:
http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html
And they act like they're the victims. Amazing.
Yep, I told you so :-) I said that before this was over, Verisign would
claim they were the victims and a bunch of hooligans on the West
In the immortal words of Tim Wilde ([EMAIL PROTECTED]):
And they act like they're the victims. Amazing.
Without so much as a hearing, ICANN today formally asked us to shut down
the Site Finder service, said VeriSign spokesman Tom Galvin. We will
accede to their request while we explore
: Without so much as a hearing, ICANN today formally asked us to shut down
: the Site Finder service, said VeriSign spokesman Tom Galvin. We will
: accede to their request while we explore all of our options.
:
: How about a public outcry? Did you miss that part? You don't deserve a
: hearing.
On Fri, 3 Oct 2003 09:59:49 -1000 (HST)
Scott Weeks [EMAIL PROTECTED] wrote:
VeriSign also angered the close-knit group of engineers and scientists
who are familiar with the technology underpinning the Internet. They
say that Site Finder undermines the worldwide Domain Name System,
I wonder if they will still present at Nanog?
http://www.nanog.org/mtg-0310/dns.html
- Jared
On Fri, Oct 03, 2003 at 03:44:26PM -0400, Tim Wilde wrote:
http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html
And they act like they're the victims. Amazing.
OK, so was ANYONE on NANOG happy with
a) Verisign's site finder
b) How they launched it
Speak up on or off list.
---Mike
At 04:14 PM 03/10/2003, George Bakos wrote:
On Fri, 3 Oct 2003 09:59:49 -1000 (HST)
Scott Weeks [EMAIL PROTECTED] wrote:
VeriSign also angered the close-knit
In a Washington Post article, it was reported that a close-knit group of
engineers were angered by Verisign's SiteFinder service, claiming that
it caused e-mail systems, spam blocking technology and other
applications to malfunction. Verisign responded that these claims are
overblown.
In
Outside of one other person on this list, I know no one else personally, so
where do they come up with the close-knit stuff? I thought that most of
the traffic I have monitored, re: this topic, has come from a very diverse
and rather large group of people from all around the world who have been
VeriSign said the claims are overblown.
There is no data to indicate the core operation of the domain name
system or the stability of the Internet has been adversely affected,
VeriSign's Galvin said.
LOL.
VeriSign, woudl you like a copy of all the spams I got b/c your
On Fri, Oct 03, 2003 at 04:23:29PM -0400, Mike Tancsa wrote:
OK, so was ANYONE on NANOG happy with
a) Verisign's site finder
Unfair competition, more confusions, broke a lot of stuff, etc, etc , beneficial to
nobody
b) How they launched it
Here... let's change the way DNS works..
## On 2003-10-03 15:56 -0400 Sean Donelan typed:
SD
SD
SD Without so much as a hearing, ICANN today formally asked us to shut down
SD the Site Finder service, said VeriSign spokesman Tom Galvin. We will
SD accede to their request while we explore all of our options.
SD
SD Uhm, was that
... in an attempt to assert a dubious right to regulate non-registry
services.
This explains everything. They don't believe the stability of
com and net are in any way related to their registry duties.
That quote alone should be sufficient to deny them custody of
com and net.
It may not be a hearing but they can still appeal.
If, during this period, further technical and operational evaluations
of the changes made by VeriSign on 15 September indicate that those
measures can be reinstated, or reinstated with modifications, without
adverse effects, I will
It also imtimates that they do not believe that ICANN has any right
under current legislation to monitor what actually goes into the zone
file; only the way verisign behaves as a registry. The fact of the
matter is that yes, there is a seperation between those two items but
ICANN most deffinitely
We could almost pretend it was because of the NXDOMAIN signs that got
plastered on their HQ :)
From
http://slashdot.org/article.pl?sid=03/10/01/212231mode=nocommenttid=126tid=15
wednesday:
Verisign seems to have issues
Scott Weeks wrote:
VeriSign also angered the close-knit group of engineers and scientists
who are familiar with the technology underpinning the Internet. They
say that Site Finder undermines the worldwide Domain Name System,
causing e-mail systems, spam-blocking technology and
On Fri, 3 Oct 2003, Mike Tancsa wrote:
:: OK, so was ANYONE on NANOG happy with
:: a) Verisign's site finder
:: b) How they launched it
::
Disregarding their implementation issues, the product is pretty good.
I've actually used it to fix a few typos, etc... From an end user
perspective, it's
Verisign press releases have never been about the facts. Instead it's
about trying to manipulate public perception to their side. Verisign has
never expressed any actual concern or even care about how much damage
their actions do to the internet. Any expectation that this would change
in this
VeriSign was directed by ICANN to suspend the Site Finder service by
0100 UTC on Sunday, October 5. We requested an extension from ICANN
to give more notice to the community but were denied. We will be
removing the wildcard A records from the .com and .net zones beginning
at 2300 UTC on
jeffrey.arnold wrote:
On Fri, 3 Oct 2003, Mike Tancsa wrote:
:: OK, so was ANYONE on NANOG happy with
:: a) Verisign's site finder
:: b) How they launched it
::
Disregarding their implementation issues, the product is pretty good.
I've actually used it to fix a few typos, etc... From an end
On Oct 3, 2003, at 5:50 PM, Matt Larson wrote:
VeriSign was directed by ICANN to suspend the Site Finder service by
0100 UTC on Sunday, October 5. We requested an extension from ICANN
to give more notice to the community but were denied. We will be
So now you care about giving notice the
Well, considering that large numbers of community members here
installed the BIND patch (and patches for other vendors software) the
day it was released, I think we're just fine with this. :-)
On Fri, Oct 03, 2003 at 06:03:16PM -0400, Gerald wrote:
I keep trying to think of how this discussion
to give more notice to the hehe.. i think i just wet my pants..
On Fri, 3 Oct 2003, Matt Larson wrote:
Date: Fri, 3 Oct 2003 17:50:02 -0400
From: Matt Larson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Removal of wildcard A records from .com and .net zones
VeriSign was
Quoting Matt Larson [EMAIL PROTECTED]:
VeriSign was directed by ICANN to suspend the Site Finder service by
0100 UTC on Sunday, October 5. We requested an extension from ICANN
to give more notice to the community but were denied.
Since when does Verisign argue that the community should
What valid reason would you have for getting in contact with a domain
owner, if they've unlisted themselves and don't want to be contacted?
What valid reason is there for allowing a domain owner to be unlisted and
uncontactable. If you want to remain anonymous, then you don't need a
Wonder if it's the close-knit group that did this:
http://irc.sh.nu/download/
Found the link on slashdot:
http://slashdot.org/article.pl?sid=03/10/01/212231mode=threadtid=126tid=158tid=167tid=95tid=99
too funny
-p
On Fri, Oct 03, 2003 at 04:25:58PM -0400, Alex Kamantauskas wrote:
In a
OK... I'll correct the phone number. However, I will note that the address
and email address are both valid contact information, and, you could easily
have sent this in private email had your intent been to avoid further
off-topic discussion.
Owen
--On Friday, October 3, 2003 13:05 -0400 Booth,
On Fri, 3 Oct 2003, Wayne E. Bouchard wrote:
Well, considering that large numbers of community members here
installed the BIND patch (and patches for other vendors software) the
day it was released, I think we're just fine with this. :-)
I am personally thrilled they are reverting. I also
The university netreg lists has a frequently asked question if its
possible to perform a virus scan of new computers as part of the network
registration process. So far, people have only been able to do a network
scan (e.g. open ports), or some version of proxy check or nessus.
But none of
--On Friday, October 03, 2003 7:36 PM -0400 Gerald [EMAIL PROTECTED] wrote:
I just wanted to point out if anyone did something other than just
patching bind and moving on, consider the repercussions of Verisign
reverting or you might have your weekend plans averted to undo your
changes.
Gerald
Sean Donelan wrote:
The university netreg lists has a frequently asked question if its
possible to perform a virus scan of new computers as part of the network
registration process. So far, people have only been able to do a network
scan (e.g. open ports), or some version of proxy check or
: or some version of proxy check or nessus.
I am still not having any luck with Nessus and the
MS virus plug in. I have been scanning my users
(20K) and not finding any viruses. No way !
This is after I removed ACL's through out the network.
Gotta read some more on this, this weekend.
I would
JM Date: Fri, 3 Oct 2003 16:16:29 -0400
JM From: Jared Mauch
JM I wonder if they will still present at Nanog?
JM
JM http://www.nanog.org/mtg-0310/dns.html
Perhaps they could give away limited-edition Snubby Mail Rejector
t-shirts; bonus points if the shirts include expect script or is
I have confidence in the bind patch not breaking bind when Verisign
reverts back, but there were some pretty rash suggestions when the
sitefinder service first came online. (Paul, bind won't break when this
goes back to normal will it?)
ask yourself how many DNS admins are going to
On Fri, 3 Oct 2003, Matt Larson wrote:
VeriSign was directed by ICANN to suspend the Site Finder service by
0100 UTC on Sunday, October 5. We requested an extension from ICANN
to give more notice to the community but were denied.
You don't need an extension, we wanted it to go away as fast
On Fri, Oct 03, 2003 at 05:34:05PM -0400, jeffrey.arnold quacked:
On Fri, 3 Oct 2003, Mike Tancsa wrote:
:: OK, so was ANYONE on NANOG happy with
:: a) Verisign's site finder
:: b) How they launched it
::
Disregarding their implementation issues, the product is pretty good.
I've
On Fri, 3 Oct 2003, Alex Lambert wrote:
The university netreg lists has a frequently asked question if its
possible to perform a virus scan of new computers as part of the network
registration process. So far, people have only been able to do a network
scan (e.g. open ports), or some
- Original Message -
From: Matt Larson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, October 03, 2003 5:50 PM
Subject: Removal of wildcard A records from .com and .net zones
VeriSign was directed by ICANN to suspend the Site Finder service by
0100 UTC on Sunday, October 5.
Daniel Karrenberg wrote:
There is that too; but I have frequently observed people not doing it
even when provided detailed step-by-step instructions. On the
other hand
they would proceed relatively quickly once it stopped working,
e.g. the Internet plug was pulled. Some of them would use
Terry Baranski wrote:
Obviously, this is by no means specific to computer patching. People
are either busy, lazy, apathetic, etc. Most don't pay attention until
they're forced to; i.e., when their system stops working because a virus
broke it or because their network access is shut off.
for most virus type stuff i find an acl on thier nearest interface to
both deny and log thier traffic patterns is helpfull. im not sure how
feasable that would be on a larger network. i've only got about 10k
users so the above is not yet unreasonable.
On Fri, 3 Oct 2003, Sean
Donelan wrote:
ML Date: Fri, 3 Oct 2003 17:50:02 -0400
ML From: Matt Larson [EMAIL PROTECTED]
ML VeriSign was directed by ICANN to suspend the Site Finder service by
ML 0100 UTC on Sunday, October 5. We requested an extension from ICANN
ML to give more notice to the community but were denied. We will be
From time to time this thread pops up. I found something which looked
interesting and the price was right. I bought one and WOW! It is VERY
impressive stuff for any price especially considering how cheap it was. I
purchased 10 individual temperature sensors and two
83 matches
Mail list logo