Re: Spam (un)blocking

At 06:43 PM 06-04-05 -0400, Daniel Senie wrote: Since the uptake on IRT has been slow, and after much internal discussion, RIPE has decided to add an abuse-mailbox attribute. For further details see: https://www.ripe.net/ripe/maillists/archives/db-wg/2005/msg00015.html -Hank At 06:10 PM

Netlantis --- is it ever coming back?

Does anyone know if netlantis.org is coming back? That was a very useful site but it has been down for a long time (with a note saying that it will be back soon) now. I would love to have access to that BGP info again, it was very helpful... I am still contributing a route feed, and that

Re: Spam (un)blocking

* JP Velders: Over here in RIPE land so to speak, several ISP's (most notably FIRST members) have put a lot of effort in getting 'IRT' objects in the RipeDB. I think you mean Terena/TI instead of FIRST, although there is some overlap. The IRT object is mostly useless because the way it was

Re: Netlantis --- is it ever coming back?

+-le 07/04/2005 00:17 -0700, John van Oppen a dit : | | Does anyone know if netlantis.org is coming back? That was a very | useful site but it has been down for a long time (with a note saying | that it will be back soon) now. | | I would love to have access to that BGP info again, it was

Re: BGP Anywhere - Global Redundancy

There are New IOS features for such situations, take a look at datacenter backup, SLB and these issues. On Apr 7, 2005 2:35 AM, Vandy Hamidi [EMAIL PROTECTED] wrote: All, We're an ASP and are considering adding a secondary Backup Datacenter (BDC) in the US to protect our web presence. My

Re: Netlantis --- is it ever coming back?

| Does anyone know if netlantis.org is coming back? That was a very | useful site but it has been down for a long time (with a note saying | that it will be back soon) now. | | I would love to have access to that BGP info again, it was very | helpful... I am still contributing a route feed,

RE: Spam (un)blocking

The ARIN DB allows many points of contact types, including the abuse contact. ARIN WHOIS reflects those registrants who choose to designate an abuse contact. Richard Jimmerson Director of External Relations American Registry for Internet Numbers (ARIN) We have tech support on duty 24/7 and

Re: The power of default configurations

Ask the ASN 112 folks how many queries their servers handle. http://www.as112.net/ I have a few stats for ISC's AS112 node: - It gets about 2300 DNS UDP queries/sec + about 1300/sec SOA (due to dynamic DNS updates) + about 1000/sec PTR - It also gets about 1200 DNS TCP

Re: The power of default configurations

---Original Message--- From: Sean Donelan [EMAIL PROTECTED] Subject: The power of default configurations Sent: 06 Apr 2005 14:00:05 On Mon, 4 Apr 2005, Paul Vixie wrote: adding more. oh and as long as you're considering whether to restrict things to your LAN/campus/ISP, i'm

Re: The power of default configurations

Ask the ASN 112 folks how many queries their servers handle. http://www.as112.net/ I have a few stats for ISC's AS112 node: - It gets about 2300 DNS UDP queries/sec + about 1300/sec SOA (due to dynamic DNS updates) + about 1000/sec PTR - It also gets about

Re: The power of default configurations

adding more. oh and as long as you're considering whether to restrict things to your LAN/campus/ISP, i'm ready to see rfc1918 filters deployed... Why does BIND forward lookups for RFC1918 addresses by default? Why isn't the default not to forward RFC1918 addresses (and

RE: BGP Anywhere - Global Redundancy

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Gibbard Sent: Wednesday, April 06, 2005 8:48 PM To: Vandy Hamidi Cc: nanog@merit.edu Subject: Re: BGP Anywhere - Global Redundancy On Wed, 6 Apr 2005, Vandy Hamidi wrote: Below is how I

Re: The power of default configurations

On Wed, 6 Apr 2005, Eric A. Hall wrote: On 4/6/2005 5:00 PM, Sean Donelan wrote: Why does BIND forward lookups for RFC1918 addresses by default? As has been pointed out already, caches need to be able to ask other (local) servers for the PTRs. OTOH, it might make a good feature (and

Re: The power of default configurations

On Thu, 7 Apr 2005, Paul Vixie wrote: adding more. oh and as long as you're considering whether to restrict things to your LAN/campus/ISP, i'm ready to see rfc1918 filters deployed... Why does BIND forward lookups for RFC1918 addresses by default? Why isn't the

Re: The power of default configurations

no to 1) prolong the pain, 2) beat a horsey.. BUT, why are 1918 ips 'special' to any application? why are non-1918 ips 'special' in a different way? i know this is hard to believe, but i was asked to review 1918 before it went to press, since i'd been vociferous in my comments about 1597. in

Re: The power of default configurations

On 4/7/2005 12:05 PM, Jon Lewis wrote: I added something like this to our binds that handle recursive queries. Is there any reason distros (or ISC) couldn't make this a part of the default config? This setup works if you know the server is the last resort for your local clients. It doesn't

Re: The power of default configurations

Paul Vixie wrote: no to 1) prolong the pain, 2) beat a horsey.. BUT, why are 1918 ips 'special' to any application? why are non-1918 ips 'special' in a different way? i know this is hard to believe, but i was asked to review 1918 before it went to press, since i'd been vociferous in my

Re: The power of default configurations

IMO, RFC1918 went off the track when both ISP's and registries started asking their customers if they have seriously considered using 1918 space instead of applying for addresses. This caused many kinds of renumbering nightmares, overlapping addresses, near death of ipv6, etc. just

Re: The power of default configurations

On Thu, 7 Apr 2005, Eric A. Hall wrote: This setup works if you know the server is the last resort for your local clients. It doesn't work as a default install unless you are also willing to scream warnings about changing the defaults everytime named.conf is modified for local use. Would

Re: The power of default configurations

On Thu, 7 Apr 2005, Paul Vixie wrote: no to 1) prolong the pain, 2) beat a horsey.. BUT, why are 1918 ips 'special' to any application? why are non-1918 ips 'special' in a different way? i know this is hard to believe, but i was asked to review 1918 before it went to press, since i'd

Re: The power of default configurations

Paul Vixie wrote: IMO, RFC1918 went off the track when both ISP's and registries started asking their customers if they have seriously considered using 1918 space instead of applying for addresses. This caused many kinds of renumbering nightmares, overlapping addresses, near death of ipv6, etc.

Re: The power of default configurations

So, this highlights some good operational practices in networking and DNS-applications, but doesn't answer how 1918 is 'different' or 'special' than any other ip address. I think what I was driving at is that putting these proposed road blocks in bind is akin to the 'cisco auto secure'

RE: botted hosts

I will build this if there is interest and it doesn't exist elsewhere. Is there a need for a centralized repository of this information? (I know about dshield, but without a way to aggregate the data it's not altogether useful.) -ejay -Original Message- From: [EMAIL PROTECTED]

Re: The power of default configurations

On 4/7/2005 1:02 PM, Jon Lewis wrote: On Thu, 7 Apr 2005, Eric A. Hall wrote: Would you really have to scream? If folks were used to just adding forwarder entries to named.boot, yes, since they'd also have to remember to undelegate authority for the relevant rfc1918 address space now too. If

Re: The power of default configurations

On Thu, 7 Apr 2005, Eric A. Hall wrote: On 4/7/2005 1:02 PM, Jon Lewis wrote: On Thu, 7 Apr 2005, Eric A. Hall wrote: Would you really have to scream? If folks were used to just adding forwarder entries to named.boot, yes, since they'd also have to remember to undelegate authority for

Re: The power of default configurations

On 4/7/2005 1:21 PM, Jon Lewis wrote: On Thu, 7 Apr 2005, Eric A. Hall wrote: On 4/7/2005 1:02 PM, Jon Lewis wrote: On Thu, 7 Apr 2005, Eric A. Hall wrote: Would you really have to scream? If folks were used to just adding forwarder entries to named.boot, yes, since they'd also have to

Cingular

Can someone from Cingular please contact me off-list Thank you, -- -- Tom Sands Chief Network Engineer Rackspace Managed Hosting (210)447-4065 --

US still leads global spam list according to BBC article

* US still leads global spam list * More than a third of all spam e-mails originate in the US, according to a survey by security firm Sophos. Full story: http://news.bbc.co.uk/1/hi/technology/4420161.stm US still leads global spam list Spam: Made in the USA? More than a third of all spam

Re: Router choice for medium size hosting provider

That's nowhere near real figures, even for optimal topologies and big packets. That was exactly why I suggested that someone do some lab work on them. -Bill

DNS cache poisoning update

SANS Internet Storm Center: The InfoCon is currently set at yellow in response to the DNS cache poisoning issues that we have been reporting on for the last several days. We originally went to yellow because we were uncertain of the mechanisms that allowed seemingly secure systems to be

Re: DNS cache poisoning update

posting news clippings to large mailing lists is just so yesterday. try http://www.blogger.com/start randy

Re: DNS cache poisoning update

So call me old-fashioned (oh, wait a minute -- you just did)... :-) - ferg -- Randy Bush [EMAIL PROTECTED] wrote: posting news clippings to large mailing lists is just so yesterday. try http://www.blogger.com/start randy

Re: DNS cache poisoning update

Fergie (Paul Ferguson) wrote: So call me old-fashioned (oh, wait a minute -- you just did)... :-) How about I point, laugh, and call you OLD, ob? :) Seriously though, your 3 articles a week are actually interesting, and I find them on-topic. Gadi.

Network-Automation discussion mailing list created

I've created a Network-Automation mailing list for discussions of issues related to automating network configuration and management, including (but not limited to) methods, mechanisms, techniques, philosophies, policies, and products. Since 1990 or so, much of the research in the system

Re: Network-Automation discussion mailing list created

On Thu, 7 Apr 2005, Brent Chapman wrote: I've created a Network-Automation mailing list for discussions of issues related to automating network configuration and management, including (but not limited to) methods, mechanisms, techniques, philosophies, policies, and products. In the spirit of

Re: Network-Automation discussion mailing list created

At 3:15 PM -0700 4/7/05, Bill Nash wrote: On Thu, 7 Apr 2005, Brent Chapman wrote: I've created a Network-Automation mailing list for discussions of issues related to automating network configuration and management, including (but not limited to) methods, mechanisms, techniques, philosophies,

Re: Network-Automation discussion mailing list created

On Thu, 7 Apr 2005, Brent Chapman wrote: At 3:15 PM -0700 4/7/05, Bill Nash wrote: I've created a Network-Automation mailing list for discussions of issues related to automating network configuration and management, including (but not limited to) methods, mechanisms, techniques, philosophies,

Re: Network-Automation discussion mailing list created

I've added the following the the Policies section of the Network-Automation list (it's a little more general than what you suggested): Harvesting of email addresses from this mailing list or its archives for any purpose (but particularly commercial mailings) is