RE: Tomatoes for Verisign at NANOG 29

Wouldn't it be just as easy to pay GoDaddy $9 per year and do a redirect yourself instead of relying on a verisign that half the knowledgable network ops community has filtered/blackholed? Eric > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > Kenny Sa

Re: /8 blocks allocation statistcs and current use data

As some noticed what is shown today for statistics does not show as announced ip blocks that are announced as entire /8 (3/8 for example). These are processed separately as exceptions and it'll be easier to wait until all scripts are run in order so tomorrow statistics page will be back to norma

Re: Completewhois Bogons Project - Initial Intro

On Fri, 17 Oct 2003 [EMAIL PROTECTED] wrote: > Nice to finally see competition to those people in cymru, who apparently > got too sloppy with their work. > > We can finally put an end to all those criminals like UU, L3, CW, GX, ATT, > DoD who are committing criminal activity by hijacking netblocks

Re: Email Deliverability Summit II Update

> Dave - the problem with basic email is that is has no assured delivery > capabilities or receipt processes. To that end, and to Dave's question (and some I've received off-list) - these are not particularly *technical* standards - they are practical standards, having to do more with email

IAB concerns against permanent deployment of edge-based filtering

IAB concerns against permanent deployment of edge-based filtering The IAB notes that there ISPs/ASes undertaking permanent deployment of edge-based protocol number/port number packet filtering on traffic received from eBGP peers. As a short term response to security incidents this is a prudent

Re: Email Deliverability Summit II Update

Dave - the problem with basic email is that is has no assured delivery capabilities or receipt processes. These have always been its failings relative to commercial transactional messaging and until they are resolved there is NO hope that email will be usable for anything other than casual messagi

Re: Completewhois Bogons Project - Initial Intro

Nice to finally see competition to those people in cymru, who apparently got too sloppy with their work. We can finally put an end to all those criminals like UU, L3, CW, GX, ATT, DoD who are committing criminal activity by hijacking netblocks. Enough is enough! > 207.47.39.0/24 ## AS816 : U

Re: Pitfalls of annoucing /24s

- Original Message - From: "Ejay Hire" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, October 17, 2003 5:54 PM Subject: RE: Pitfalls of annoucing /24s > Am I the only one that has never had an issue multihoming with /24's? Nope, Most of the networks I've run are basically

some DNS data ...

We have finished the latest quarterly audit of the DNS and now include not only the reverse trees, but 64% of the forward map too. This is the rough cut, using version.server and version.bind replies. Presenting some preliminary numbers for your amusment. For the DNSsec j

Re: False information: CEO of Versign facts are wrong

oops! [EMAIL PROTECTED] (me) wrote: > ... that's why ultradns, and nominum > before that, and several root server operators, are using anycast routing. i meant "ultradns, and nominum before they sold their dns ops biz to ultradns" obviously ultradns was doing it before nominum was doing it. s

Re: False information: CEO of Versign facts are wrong

> I'm going to play journalist for a while and make some calls. Ok, first part of my mission is a success. I spoke with a Jim Hock from Bite Communications (Verisign's PR firm), very nice conversation, started out with Verisign's concerns, then we spoke a little bit on the issues people have bro

Re: False information: CEO of Versign facts are wrong

> > http://d.root-servers.org/october21.txt: > > > >2.1. Some root name servers were unreachable from many parts of the > >global Internet due to congestion from the attack traffic delivered > >upstream/nearby. While all servers continued to answer all queries they > >received (du

RE: Pitfalls of annoucing /24s

Am I the only one that has never had an issue multihoming with /24's? Ejay Hire -Original Message- From: H. Michael Smith, Jr. [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 15, 2003 4:24 PM To: 'Phil Rosenthal'; 'John Palmer' Cc: [EMAIL PROTECTED] Subject: RE: Pitfalls of annoucing

Re: /8 blocks allocation statistcs and current use data

Try this in about one hour actually, I just noticed blue parts of graphs are missing since I rerun data collection twice today (yes, known bug, but I usually do not run collection manually and then its not a problem) On Fri, 17 Oct 2003 [EMAIL PROTECTED] wrote: > > As by-product of bogons p

/8 blocks allocation statistcs and current use data

As by-product of bogons project I just posted about, we also got some interesting statistics on how much ip space is allocated and used in each /8 block. This is all available in nice graphical format at: http://www.completewhois.com/statistics/ip_statistics.htm The data above is updated ever

Completewhois Bogons Project - Initial Intro

Hello all, I've been working on creating bogon ip filtering system in order to stop some of the dangerous activity that I've seen ip blocks not listed in whois used for and now have first "milestone" to report. A complete list of unallocated (bogon) ip space collected based on whois data from

Completewhois Bogons Project - Initial Intro

Hello all, I've been working on creating bogon ip filtering system in order to stop some of the dangerous activity that I've seen ip blocks not listed in whois used for and now have first "milestone" to report. A complete list of unallocated (bogon) ip space collected based on whois data from

Re: Tomatoes for Verisign at NANOG 29

KS> Date: Fri, 17 Oct 2003 13:02:31 -0700 (PDT) KS> From: Kenny Sallee KS> to their own Site Finder site, I'm sure they can KS> redirect to other large corporations, who would KS> probably pay for that kind of service. Buy this VeriGator? *cringe* Eddy -- Brotsman & Dreger, Inc. - EverQuick

Re: Fascinating interview with Verisign CEO

on 10/17/2003 12:05 PM Howard C. Berkowitz wrote: > At 10:59 AM -0500 10/17/03, Eric A. Hall wrote: > >>on 10/17/2003 3:17 AM Hank Nussbacher wrote: >> >> >>> http://news.com.com/2008-7347-5092590.html >> >>First reaction is that this guy *really* needs some schooling in the value >>of having p

RE: Tomatoes for Verisign at NANOG 29

> -Original Message- > From: Kenny Sallee > Sent: Friday, October 17, 2003 3:03 PM > To: Matt Levine; Dan Riley > Cc: NANOG > Subject: Re: Tomatoes for Verisign at NANOG 29 > > > From another perspective, it could be how Verisign > plans on making money off this. If they can redirect >

Re: Tomatoes for Verisign at NANOG 29

> Has anybody thought to explore the trademark > implications of sitefinder? > > For example, verisign is returning A records (and > subsequently earning > revenue from that traffic) for say: > > COKE-SOFT-DRINK.COM > TIDE-DETERGENT.COM > > etc.. > >From another perspective, it could be how

Re: Email Deliverability Summit II Update

Anne, APME> Those accomplishments include the promulgation and announcement of 5 APME> new industry standards for both email senders and receivers (this is APME> up at http://www.isipp.com/standards.php), the presentation of EDDB - APME> which is a receivers/senders contact information database (

Re: False information: CEO of Versign facts are wrong

Sean, SD> Historically, the only wide-spread failures have been due to NSI operators SD> screwing up the COM or NET zone files. Historically, the other network SD> operators have needed to pick up the load when NSI fell down. SD> NSI controls two root servers. Perhaps its time to split those u

Re: Fascinating interview with Verisign CEO

> > > Gerald wrote: > > >>http://news.com.com/2008-7347-5092590.html > >> > >> > > > >Are you looking to monetize DNS lookups? > >"No." ... "But it would be commercially unreasonable for anyone to suggest > >that we shouldn't be allowed to build incremental services on top of that > >if the

Re: Fascinating interview with Verisign CEO

Gerald wrote: http://news.com.com/2008-7347-5092590.html Are you looking to monetize DNS lookups? "No." ... "But it would be commercially unreasonable for anyone to suggest that we shouldn't be allowed to build incremental services on top of that if they deliver value." Who is speaking out of

Re: possible ORG problems, maybe?

> >> > >>dig @f.root-servers.net hostname.bind chaos txt > >> > > Joe > leads to the question that should occur elsewhere, BUT, why are there all these different ways to ID DNS servers? granted, the ISC reference implementation was first out, with the "vers

Re: False information: CEO of Versign facts are wrong

> Date: Fri, 17 Oct 2003 09:47:35 -0700 > From: Mark Boolootian <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > > It might be a matter of interpretation. According to > http://d.root-servers.org/october21.txt: > >2.1. Some root name servers were unreachable from many parts of the >gl

Re: False information: CEO of Versign facts are wrong

On Fri, 17 Oct 2003, Mark Boolootian wrote: > > This factoid has been proven false multiple times, in multiple forums over > > the last year. Its incredible that a CEO of a company that claims DNS > > expertise wouldn't know this was false. One particular "internet > > security" company was PINGi

Re: Fascinating interview with Verisign CEO

At 10:59 AM -0500 10/17/03, Eric A. Hall wrote: on 10/17/2003 3:17 AM Hank Nussbacher wrote: http://news.com.com/2008-7347-5092590.html First reaction is that this guy *really* needs some schooling in the value of having public-interest bodies facilitate and regulate interstate commerce in a fede

Re: False information: CEO of Versign facts are wrong

- Original Message - From: "Sean Donelan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, October 17, 2003 8:26 AM Subject: False information: CEO of Versign facts are wrong > > http://news.com.com/2008-7347-5092590.html > > Quotes Stratton Sclavos: > "The DDOS (distributed de

Re: False information: CEO of Versign facts are wrong

- Original Message - From: "Sean Donelan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, October 17, 2003 8:26 AM Subject: False information: CEO of Versign facts are wrong > > http://news.com.com/2008-7347-5092590.html > > Quotes Stratton Sclavos: > "The DDOS (distributed de

A Cautionary Tale of Tomatoes

I do believe the Verisign discussion and the opinions of operators is very much on-topic. At the same time, while I participated in the fun of tomato discussions, people are right in saying it won't play well to media. Perhaps still on topic, if we consider protest and HOW it's received, I had

Email Deliverability Summit II Update

I've had so many people over the past few weeks ask me for an update as to how Email Deliverability Summit II went that I thought I really ought to at least point to some links, which is exactly what I'm going to do, in the interest of not taking up list bandwidth. In short, it was absolutely

Re: False information: CEO of Versign facts are wrong

> This factoid has been proven false multiple times, in multiple forums over > the last year. Its incredible that a CEO of a company that claims DNS > expertise wouldn't know this was false. One particular "internet > security" company was PINGing the root servers, and some of the root > server o

Re: possible ORG problems, maybe?

> Hard data: see Subject: ORG was broken with serious customer impact, and for a while. and it took a while to debug. qed randy

Re: Fascinating interview with Verisign CEO

on 10/17/2003 3:17 AM Hank Nussbacher wrote: > http://news.com.com/2008-7347-5092590.html First reaction is that this guy *really* needs some schooling in the value of having public-interest bodies facilitate and regulate interstate commerce in a federated system. Second reaction is that "comme

Re: Fascinating interview with Verisign CEO

On Fri, 17 Oct 2003, Hank Nussbacher wrote: > http://news.com.com/2008-7347-5092590.html Are you looking to monetize DNS lookups? "No." ... "But it would be commercially unreasonable for anyone to suggest that we shouldn't be allowed to build incremental services on top of that if they deliver v

Re: Fascinating interview with Verisign CEO

At 01:17 AM 10/17/2003, Hank Nussbacher wrote: http://news.com.com/2008-7347-5092590.html "Sclavos also says it's time to transfer the responsibility for operating the root servers from volunteers to the commercial sector. " No, it's time for ICANN to transfer the responsibility for operating th

Re: Tomatoes for Verisign at NANOG 29

> Date: Fri, 17 Oct 2003 10:23:28 -0500 (CDT) > From: Rob Thomas <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > > You can save the rotten fruit for my presentation instead. I'm > a moving target, and that makes it much more fun. :) Except for the fact that Cliff is still with us, I would th

Re: Tomatoes for Verisign at NANOG 29

Hi, NANOGers. Here is what I plan to do: Listen, and perhaps question. I'll register my pleasure or displeasure through my subsequent business and technical decisions. I may or may not approve of what is said, but I'll extend common courtesy to those who say it. You can save the rotten fruit

Re: Mail problems continued, AOL sprung back up

Thus spake Damian Gerow ([EMAIL PROTECTED]) [17/10/03 11:09]: > Apologies for using this as a 'Please contact me' list, but can a postmaster > from AOL please give me a call? Our outbound mail has (again) mysteriously > started getting bounced, even while having a 30-day temporary whitelist on >

Mail problems continued, AOL sprung back up

Apologies for using this as a 'Please contact me' list, but can a postmaster from AOL please give me a call? Our outbound mail has (again) mysteriously started getting bounced, even while having a 30-day temporary whitelist on this server. Calls to the NOC line receive a fast busy after the auto

Re: possible ORG problems, maybe?

On 17 Oct 2003, at 03:47, Randy Bush wrote: Incidentally, there is a similar mechanism available for the F root nameserver, in case people are not aware: dig @f.root-servers.net hostname.bind chaos txt For most people this will reveal a nameserver hostname with a "PAO" or an SFO in it. Peopl

False information: CEO of Versign facts are wrong

http://news.com.com/2008-7347-5092590.html Quotes Stratton Sclavos: "The DDOS (distributed denial-of-service) attacks last October on the root system--hey, there are 13 global copies of that, and they're all operating. It should scare people that nine of the 13 went down. It's time for the Intern

The Cidr Report

This report has been generated at Fri Oct 17 21:48:15 2003 AEST. The report analyses the BGP Routing Table of an AS4637 (Reach) router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/as4637 for a current version of this report. Recent Table Hist

Re: Fascinating interview with Verisign CEO

--On Friday, October 17, 2003 11:02 AM +0100 Andrew Bangs <[EMAIL PROTECTED]> wrote: Yes, but, part of what pissed off many folk was that someone was messing about with data near the top of the DNS tree which they thought were inviolable. Reconfiguring nameservers to ask for .COM and .NET detai

Re: Tomatoes for Verisign at NANOG 29

>But, done politely, without the traditional throwing part. Taking the tomatoes to the front of the room would be disruptive to the meeting. I suggest that people keep the tomato at their table and hold them in the air when the Verisign people are introduced and again at the end of the talk when

Re: Fascinating interview with Verisign CEO

On Fri, Oct 17, 2003 at 01:40:00AM -0700, Vadim Antonov wrote: > > > Actually, if ISPs and engineering folks at ISPs are so pissed off at > VeriSign they can easily kill the entire Sitefinder scam by simply routing > its traffic to a bit bucket. And by rerouting the .COM and .NET to the > boxes

Re: Site Finder

>I wonder how eager they would be to implement wildcards if restricted >from making any revenue from the service the wildcard points to (ie. >sitefinder). If Verisign establishes that it is a legitimate business practice to redirect traffic for misspelled domain names, then the question is, who

Re: Verisign to sell Network Solutions

CW> So...correct me if I'm wrong here...does this mean that the CW> registry services operations and the GTLD maintenance CW> operations for .com/.net will be owned by different CW> companies? >I wonder just how different they are, and what deals are being >made under the table. People don't nor

Re: possible ORG problems, maybe?

On 17.10 09:47, Randy Bush wrote: > > but one has little assurance that the response is from the same > server as the one from which one had the dns response one is debugging. That is true. However this only matters if the operator of the server allows them to be inconsistent *and* routing so vo

Re: Fascinating interview with Verisign CEO

Actually, if ISPs and engineering folks at ISPs are so pissed off at VeriSign they can easily kill the entire Sitefinder scam by simply routing its traffic to a bit bucket. And by rerouting the .COM and .NET to the boxes having the sanitized versions of zones. It does not say anywhere that prov

Re: Fascinating interview with Verisign CEO

On Oct 17, 2003, at 4:17 AM, Hank Nussbacher wrote: http://news.com.com/2008-7347-5092590.html -Hank This has to be the most unbelievable propaganda I have ever read. What needs to be done to take the GTLD service away from these crooks? Voting with my dollar, I'm happy to say I never have,

Fascinating interview with Verisign CEO

http://news.com.com/2008-7347-5092590.html -Hank

Re: Tomatoes for Verisign at NANOG 29

At 01:32 PM 16-10-03 -0700, David Meyer wrote: >> I would also suggest that we try to make contact with a second-harvest or >> other organization that may be able to use the tomatoes afterwards. Or just use your time and resources to do some good for those who are less fortunate in

Re: possible ORG problems, maybe?

> Incidentally, there is a similar mechanism available for the F root > nameserver, in case people are not aware: > >dig @f.root-servers.net hostname.bind chaos txt > > For most people this will reveal a nameserver hostname with a "PAO" or > an SFO in it. People within the catchment of a l