Mea culpa: I meant "a few /16's" as opposed to "2"...
No flames, it's too late...
- ferg
-- "Fergie (Paul Ferguson)" <[EMAIL PROTECTED]> wrote:
Philip,
This sounds very much like a bully -- 2 /16's are a major
problem, as opposed to a single /8?
Where is the major heartburn in this particlua
Philip,
This sounds very much like a bully -- 2 /16's are a major
problem, as opposed to a single /8?
Where is the major heartburn in this particlualr case?
I could understand if here were lots of farctured
annnounced space (granted: I haven't checked this yet),
but what's up with that?
- ferg
[EMAIL PROTECTED] said the following on 4/8/05 12:03:
>
> We aren't going to consolidate to a single /8 announcement.
> We are going to continue to announce each individual /16 for incoming traffic
> engineering.
FWIW, if you don't announce your aggregate, do not be surprised if you
experience c
On Wed, Aug 03, 2005 at 08:52:55AM -1000, Randy Bush wrote:
>
> > You can ping to 126.66.0.30/8.
>
> and how does one ping a /8?
>
> randy
%ping 126.255.255.255 works for some mutant stacks.
plays old-hob w/ your arp cache tho.
but i suspect that the /8 on the referen
Gordon,
You should know better -- the edge, economically, always
wins. This is where the money is. And this _is_ a busines,
no longer a science experiment.
But this eventual discussion does not belong here...
- ferg
-- Gordon Cook <[EMAIL PROTECTED]> wrote:
But John Seely Brown, ex ceo of xer
Hi,
>Just out of curiosity... are you going to continue to announce each
>individual /16 or will you consolidate to a single /8 announcement?
We aren't going to consolidate to a single /8 announcement.
We are going to continue to announce each individual /16 for incoming traffic
engineering.
On Thu, 4 Aug 2005, Mohacsi Janos wrote:
> > Correct. You can create an in-memory startup script to do tunnel
> > configuration, as well, with something like this:
> PPPE over IPv6 also supported?
You mean that the other way round -- IPv6 over PPPoE natively, without
tunnelling?
I don't know
ck to
Friday.
[snip]
http://news.yahoo.com/news?tmpl=story&u=/ap/20050803/ap_on_go_ot/
fcc_broadband
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
[EMAIL PROTECTED] or [EMAIL PROTECTED]
ferg's tech blog: http://fergdawg.blogspot.com/
://news.yahoo.com/news?tmpl=story&u=/ap/20050803/ap_on_go_ot/fcc_broadband
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
[EMAIL PROTECTED] or [EMAIL PROTECTED]
ferg's tech blog: http://fergdawg.blogspot.com/
On Wed, 3 Aug 2005, Suresh Ramasubramanian wrote:
On 03/08/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Softbank BB (AS17676) was allocated 126/8 from APNIC, and Softbank
BB (AS17676) immediately tried to use 126/8.
Jon, could you tell Kawano san just how many sites are still blocking 69
On Wed, 3 Aug 2005, Joseph S D Yao wrote:
> > > If you feel like keeping 2500s in service, rather than replacing them
with
> > > something that holds NM-32As, the flash problem is easily resolved
for less
> > > than US$50:
> > > http://www.memorydealers.com/8mbcisthirpa.htm
On Wed, 3 Aug 2005, Mike Tancsa wrote:
> At 04:55 PM 03/08/2005, Christopher L. Morrow wrote:
> > > hops away, the TTL of the packet when it got to me was 56). Yes, I know
> > > those could be adjusted in theory to mask multiple sources, but in
> > > practice
> > > has anyone seen that ?
> >
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Adams wrote:
> Odd that lots of people are trying to download new IOS images and then
> CCO locks them out.
I really really like to give people the benefit of the doubt, but I am
having a hard time with this one. Where are the security people a
Title: Message
Got
this regarding the CCO password issue earlier today.
Seeya,
Dave
-Original Message-From: Kim Christensen
(kichrist) [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 03,
2005 11:58 AMSubject: CISCO - CCO Passwords
Dear Cisco Partner,
I’
At 04:55 PM 03/08/2005, Christopher L. Morrow wrote:
> hops away, the TTL of the packet when it got to me was 56). Yes, I know
> those could be adjusted in theory to mask multiple sources, but in practice
> has anyone seen that ?
what exactly was the question?
You answered it mostly-- what d
Today at 16:07 (+0200), Elmar K. Bins wrote:
> Date: Wed, 3 Aug 2005 16:07:55 +0200
> From: Elmar K. Bins <[EMAIL PROTECTED]>
> To: nanog@merit.edu
> Subject: Re: OT: Cisco.com password reset.
>
>
> [EMAIL PROTECTED] (Scott Stursa) wrote:
>
> > > When I tried to access my CCO account this morning
On Wed, 3 Aug 2005, Mike Tancsa wrote:
>
>
> I had a DDoS this morning (~ 130Mb) against one of my hosts. Packets were
> coming in all 3 of my transit links from a handful of source IP addresses
> that sort of make sense in terms of the path they would take to get to
> me. They were all large U
On Wed, 3 Aug 2005, Joel Jaeggli wrote:
>
>
> On Wed, 3 Aug 2005, [EMAIL PROTECTED] wrote:
>
> >
> > Dear Network Operators and whom it may concern
> >
> > I hope you are doing well, We are facing a difficult problem and we
> > would like to ask your assistance!
>
> Makoto san, can you provide a
On 3 Aug 2005, at 16:15, Roy Badami wrote:
Marlon> just remember that not all networks use '126.255.255.255'
Marlon> as a broadcast address. there are non-broadcast networks
Marlon> where that address is a 'host' one.
Surely the only networks on which this can be a host are:
Marlon> just remember that not all networks use '126.255.255.255'
Marlon> as a broadcast address. there are non-broadcast networks
Marlon> where that address is a 'host' one.
Surely the only networks on which this can be a host are:
one using a /7 or shorter netmask
a /
> just remember that not all networks use '126.255.255.255' as a broadcast
> address. there are non-broadcast networks where that address is a 'host'
> one.
i suspect not in this one interesting case, as the following ip address is
part of a very special block, 127/8.
randy
Em Qua, 2005-08-03 às 15:00 -0400, [EMAIL PROTECTED] escreveu:
> On Wed, 03 Aug 2005 08:52:55 -1000, Randy Bush said:
> >
> > > You can ping to 126.66.0.30/8.
> >
> > and how does one ping a /8?
>
> Smurf. 'ping 126.255.255.255'.
>
> How quickly they forget. :)
just remember that not all net
> I got an email that my CCO account's password was reset
> last night. Not sure how widespread this issue was, but
> I called my account contact and verified that this is
> a valid email, and that my password needed to be reset.
funny, i had a similar incident
o could not log on to account
Randy Bush wrote:
You can ping to 126.66.0.30/8.
and how does one ping a /8?
Most trojans for zombie networks provide this functionality. Connect to
your favourite C&C server and issue;
.advscan ping 42 2 64 126.X.X.X
(this will ping the address space with 42 threads, using two sec
On Wed, 3 Aug 2005, Sargon wrote:
> Sveasoft's Talisman does.
>
> "Yes, support is in Talisman/basic. Current support is CLI-based up to
> layer 3 and includes radvd. Web interface additions to configure IPv6
> options are planned.
>
> To enable support, do the following:
> nvram set ipv6_enabl
On Aug 3, 2005, at 7:45 AM, <[EMAIL PROTECTED]> wrote:
Hi
Thank you for your reply.
Makoto san, can you provide an ip-address within your assigned range
that people can ping to test?
You can ping to 126.66.0.30/8.
Just out of curiosity... are you going to continue to announce each
in
On Wed, 03 Aug 2005 08:52:55 -1000, Randy Bush said:
>
> > You can ping to 126.66.0.30/8.
>
> and how does one ping a /8?
Smurf. 'ping 126.255.255.255'.
How quickly they forget. :)
pgpxdJ3MrNwIQ.pgp
Description: PGP signature
> You can ping to 126.66.0.30/8.
and how does one ping a /8?
randy
I'm having similar results.
First, a layer 4 trace to port 80 on download.microsoft.com
Tracing ..?.?.?..|
TTL LFT trace to 61.200.83.61:80/tcp
1 192.168.1.3 1.4ms
2 new-iserv-serial-69.iserv.net (205.217.75.69) 13.9ms
** [neglected] no reply packets received from TTLs 3 through
I dont mean anything actually, i am really supporting this brave man,
some so called hackers claim that they will hunt cisco down, its in the
news that some people think they should revenge.On 8/3/05, Etaoin Shrdlu <[EMAIL PROTECTED]> wrote:
Kim Onnel wrote:> On 8/3/05, Joe Blanchard <
[EMAIL PROTE
Richard,
You're not lying when you say the resolvers are spitting out different
results every minute, now the Cox uplink here goes from Dallas to San
Jose to and endpoint in Tokyo.
*Insert obligatory Microsoft expletive here*
JWP
On 8/3/05, Richard A Steenbergen <[EMAIL PROTECTED]> wrote:
> On
> From a cable modem in Seattle behind broadwing, it is going to this,
> behind SBC in southern California:
>
> 1662 ms 61ms 50 ms
> Savvis-CDN-IAF1075825.cust-rtr.pacbell.net [69.108.147.58]
>
> Makes you wonder if they'll be switching back to Akamai soon. :)
>
>From Southern C
On Wed, Aug 03, 2005 at 01:01:59PM -0500, Justin W. Pauler wrote:
>
> New Zeland and Australia? Me thinks someone goofed. And what's really
> strange is that Monday I ran this exact same traceroute for
> informational purposes and at or around hop #7 - cox dallas handed off
> to atlanta who hande
On Wednesday 03 August 2005 12:32, Fergie (Paul Ferguson) wrote:
> Completely unrelated, but apparently Vonage is also
> having some problems this morning:
>
> http://gigaom.com/2005/08/03/massive-vonage-outage/
>
> - ferg
>
>
> -- Richard A Steenbergen <[EMAIL PROTECTED]> wrote:
>
> On Wed, Aug 0
--On August 3, 2005 2:10:10 PM +0100 [EMAIL PROTECTED] wrote:
<...>
Contrary to what some may be worrying about, it it not the GSRs
that are most at risk. It is those old 2500's that are connected to
your customers. Imagine that one of those customer routers is
exploited, the hacker installs
Richard,
Check this out...
Tracing route to download.microsoft.com.c.footprint.net [210.8.118.62]
over a maximum of 30 hops:
310 ms12 ms15 ms btnrsysc01-gex0405.br.br.cox.net
426 ms15 ms15 ms ip24-248-104-85.br.br.cox.net
512 ms17 ms 8 ms btnrbbrc01-
Completely unrelated, but apparently Vonage is also
having some problems this morning:
http://gigaom.com/2005/08/03/massive-vonage-outage/
- ferg
-- Richard A Steenbergen <[EMAIL PROTECTED]> wrote:
On Wed, Aug 03, 2005 at 10:44:40AM -0400, Drew Weaver wrote:
> Hi there, we've had
"United States Federal Communications Commission Chairman
Kevin Martin is expected to officially propose the
deregulation of DSL services from telecommunications
carriers on Thursday."
http://www.redherring.com/article.aspx?a=13022
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architect
On Wed, Aug 03, 2005 at 10:44:40AM -0400, Drew Weaver wrote:
> Hi there, we've had a few complaints about connectivity
> issues to Microsoft, is anyone else seeing a problem? Usually I get
> between 2-3MBps when I download from them, at the moment I get 8k/sec
> downloading
> http://do
Apparently, the OMB has release a memo outlining it's
IPv6 migration plans. From an article in GCN.com:
[snip]
Agencies may have until June 30, 2008, to transition to Internet Protocol
Version 6, but the planning starts now.
The Office of Management and Budget has released a memo [.pdf] that g
On Wed, Aug 03, 2005 at 10:26:21AM -0400, Jared Mauch wrote:
>
> I've talked to "People" at cisco before about email handling
> stuff, it takes them a lot of effort to make lists such as
> 'cust-security-announce' deliver quickly. I've had some experience
> tweaking large lists as well, i
On Wed, Aug 03, 2005 at 10:49:38AM +0100, Stephen J. Wilcox wrote:
> On Wed, 3 Aug 2005, Bill Woodcock wrote:
...
> > If you feel like keeping 2500s in service, rather than replacing them with
> > something that holds NM-32As, the flash problem is easily resolved for less
> > than US$50:
> >
> >
I started noticing this exact behavior yesterday afternoon, normally I
am able to pull things from microsoft.com at 500-900KB/s, but I'm down
in the 50-100KB range now.
I've run some traceroutes from my Cox uplink (which appears to be
peering with Microsoft), and nothing seems out of place or 'od
Perhaps they were /.-ed (http://slashdot.org/article.pl?
sid=05/08/03/0016223&tid=109&tid=189&tid=1) ?!? ;) ... sorry,
couldn't refrain ...
On a more serious note: do you really mean 2-3 MB(ytes)ps, or 2-3 Mb
(its)ps? In any case - FYI - I am getting right now, with the link
you indicated
What security risk does TFTP pose that isn't also shared by
HTTP?
Not security of the protocol necessarily, but you will find that TFTP is
filtered by a number of cable modem providers on the CPE side of the cable
modem.
Not arguing if filtering/not filtering it is better, just thats one
> Now imagine if instead of 2655 users it was 1-1.5million,
Sure, 1.5MM. That's a lot. Don't get owned in the first place.
Todays CSCO market cap is 124.0B. This is not our problem.
-M<
I am having very poor luck making a successful connection to
download.microsoft.com sites as well. When I do, instead of the typical
10mbps, I'm seeing 5kb/sec just as you are. Ping times/traceroutes to
them looks normal, so I don't immediately suspect an overloaded link, so
I'm not quite s
On Wed, 3 Aug 2005 02:08:30 -0700 (PDT)
Bill Woodcock <[EMAIL PROTECTED]> wrote:
> What security risk does TFTP pose that isn't also shared by HTTP?
I find it disappointing that the filtering police rarely stop to think
about their decision about what and why protocols are a security risk.
Looke
Kim Onnel wrote:
> On 8/3/05, Joe Blanchard <[EMAIL PROTECTED]> wrote:
> > I got an email that my CCO account's password was reset
> > last night...
> People claim that accounts were compromised, thats why they are resetting
> them all,
>
> looks like Lynn's friends have made their m
On (2005-08-03 09:02 -0500), Church, Chuck wrote:
> I eventually got an email stating it couldn't associate my email address
> with an active CCO ID. I'm guessing their system is getting backed up
> because it's affecting lots of people. Next step:
Send three times from mutt, and got same com
No, it means that the password scheme of whatever the web-site uses to allow
access or not is not directly a Cisco product. It means it's something that
could happen to anyone.
One could have a great network of great products and all it takes is one
small door to remain open someplace in a seemi
Another "me too" here. However, it appears that there is a hiccup with
my account. According to the note, there's more than one CCO account
associated with my email addy (which is strange since I only know of
one) so now I'm on hold with Cisco Live to see if I can get it all
worked out.
W
Don't worry this will all get fixed. Just take it as a break from work for
a few hours and enjoy the day. Personally I would like to do some
downloading but will enjoy the fact I am forced not to work in such a hectic
world.
Kim
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMA
http://software.silicon.com/security/0,39024655,39150991,00.htm
On Aug 3, 2005, at 9:02 AM, Church, Chuck wrote:
I eventually got an email stating it couldn't associate my email
address
with an active CCO ID. I'm guessing their system is getting backed up
because it's affecting lots of pe
I think just about everyone's got reset. Internal and external folks from
what I've heard. *shrug*
On the other hand, people aren't usually good about resetting passwords, so
that's one way to mitigate problems. :)
Scott
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROT
On Wed, Aug 03, 2005 at 04:07:55PM +0200, Elmar K. Bins wrote:
>
> [EMAIL PROTECTED] (Scott Stursa) wrote:
>
> > > When I tried to access my CCO account this morning I got a page with
> > > instructions to email [EMAIL PROTECTED] to get a new password. I did
> > > this from the email address reg
On Wed, 3 Aug 2005, Kim Onnel wrote:
People claim that accounts were compromised, thats why they are resetting
them all,
looks like Lynn's friends have made their moves for revenge.
demonstrate proof for your assertion please.
On 8/3/05, Joe Blanchard <[EMAIL PROTECTED]> wrote:
FYI
I
I had a DDoS this morning (~ 130Mb) against one of my hosts. Packets were
coming in all 3 of my transit links from a handful of source IP addresses
that sort of make sense in terms of the path they would take to get to
me. They were all large UDP packets of the form
09:08:58.981781 xx:xx:x
> > We should all be looking to the security auditing work done by
> > the OpenBSD team for an example of how systems can be
> > cleaned up, fixed, and locked down if there is a will to do so.
>
> Beer, unsupported assertions, and lack of rigorous audit methodology
> can be blended together to m
We began having this problem yesterday for about 30+ accounts. Some
passwords weren't changed, some were, and some users received a response
that they weren't valid users.. This is the response I received from Cisco..
A third-party security research organization has brought to our
attention
> From [EMAIL PROTECTED] Wed Aug 3 09:07:20 2005
> To: [EMAIL PROTECTED]
> Cc: nanog@merit.edu
> Subject: Re: Your router/switch may be less secure than you think
> From: "Robert E.Seastrom" <[EMAIL PROTECTED]>
> Date: Wed, 03 Aug 2005 09:58:53 -0400
>
>
>
> [EMAIL PROTECTED] writes:
>
> > We sh
Hi there, we’ve had a few complaints about
connectivity issues to Microsoft, is anyone else seeing a problem? Usually I
get between 2-3MBps when I download from them, at the moment I get 8k/sec
downloading http://download.microsoft.com/download/b/6/2/b624b535-644a-41e1-9727-812d
On Wed, 3 Aug 2005, Robert Hayden wrote:
> Another "me too" here. However, it appears that there is a hiccup with
> my account. According to the note, there's more than one CCO account
> associated with my email addy (which is strange since I only know of
> one)
Yes, that's what it said in my
On Wed, 3 Aug 2005, Elmar K. Bins wrote:
> What bothers me is that some people got notifications while others got
> none - any idea on why (I didn't get any)?
The notice I saw (purely on accident) - and the same that was quoted by
Jared Mauch - is/was shown when you hit no/cancel on the HTTP aut
No proof, just a sarcastic comment, dont get me jailed :)
but really, everyone is claiming its a compromiseOn 8/3/05, Joel Jaeggli <[EMAIL PROTECTED]
> wrote:On Wed, 3 Aug 2005, Kim Onnel wrote:> People claim that accounts were compromised, thats why they are resetting
> them all,>> looks like Lyn
Once upon a time, Jared Mauch <[EMAIL PROTECTED]> said:
> From the Cisco website:
>
> IMPORTANT NOTICE:
> * This incident does not appear to be due to a weakness in Cisco products
> or technologies.
Does this mean that CCO is not a Cisco product or technology?
Odd that lots of peo
I eventually got an email stating it couldn't associate my email address
with an active CCO ID. I'm guessing their system is getting backed up
because it's affecting lots of people. Next step:
"Please email [EMAIL PROTECTED] to have your correct email address
associated
with your User ID. To e
[EMAIL PROTECTED] (Scott Stursa) wrote:
> > When I tried to access my CCO account this morning I got a page with
> > instructions to email [EMAIL PROTECTED] to get a new password. I did
> > this from the email address registered to me on CCO and promptly received
> > a new password to my email ad
People claim that accounts were compromised, thats why they are resetting them all,
looks like Lynn's friends have made their moves for revenge.On 8/3/05, Joe Blanchard <[EMAIL PROTECTED]> wrote:
FYII got an email that my CCO account's password was resetlast night. Not sure how widespread this is
[EMAIL PROTECTED] writes:
> We should all be looking to the security auditing work done by
> the OpenBSD team for an example of how systems can be
> cleaned up, fixed, and locked down if there is a will to do so.
Beer, unsupported assertions, and lack of rigorous audit methodology
can be blend
On Wed, 3 Aug 2005, Mikael Abrahamsson wrote:
>
> On Wed, 3 Aug 2005, Dan Armstrong wrote:
> >
> > My PW to CCO did not work this morning either. I am on hold with the TAC
> > right now
>
> When I tried to access my CCO account this morning I got a page with
> instructions to email [EMAIL PR
On Wed, 3 Aug 2005, Joe Blanchard wrote:
> FYI
>
> I got an email that my CCO account's password was reset
> last night. Not sure how widespread this issue was, but
> I called my account contact and verified that this is
> a valid email, and that my password needed to be reset.
>
> Just a heads u
Same here. I didnt get a notice that it was reset, but I cannot login
---Mike
At 09:30 AM 03/08/2005, Dan Armstrong wrote:
My PW to CCO did not work this morning either. I am on hold with the TAC
right now
Joe Blanchard wrote:
FYI
I got an email that my CCO account's passw
On Wed, Aug 03, 2005 at 09:30:58AM -0400, Dan Armstrong wrote:
>
> My PW to CCO did not work this morning either. I am on hold with the
> TAC right now
From the Cisco website:
IMPORTANT NOTICE:
* Cisco has determined that Cisco.com password protection has been
compromised.
On Wed, 3 Aug 2005, Dan Armstrong wrote:
My PW to CCO did not work this morning either. I am on hold with the TAC
right now
When I tried to access my CCO account this morning I got a page with
instructions to email [EMAIL PROTECTED] to get a new password. I did
this from the email ad
My PW to CCO did not work this morning either. I am on hold with the
TAC right now
Joe Blanchard wrote:
FYI
I got an email that my CCO account's password was reset
last night. Not sure how widespread this issue was, but
I called my account contact and verified that this is
a valid e
On Sunday, 31-July-2005 18:33, Christopher L. Morrow wrote:
>
> After looking over the various WRT54G options, do any of them
> support native ipv6? :) (not the tunneled v6 over v4... native v6)
Sveasoft's Talisman does.
"Yes, support is in Talisman/basic. Current support is CLI-based up to
lay
FYI
I got an email that my CCO account's password was reset
last night. Not sure how widespread this issue was, but
I called my account contact and verified that this is
a valid email, and that my password needed to be reset.
Just a heads up.
-Joe Blanchard
On Wed, 03 Aug 2005 03:49:43 PDT, Aaron Glenn said:
> ...here's what the junior kernel hacker in me doesn't quite understand
> - doesn't software like ProPolice and it's brethren mitigate this type
> of vulnerability specifically? What, precisely, prevents Cisco from
> implementing such code in wit
Michael Lynn is not the only person out there reverse engineering
routers, switches, printers and other embedded systems. Lynn's
presentation gave far less info than other people have published.
One person has published detailed instructions on how to exploit
IOS including code to do the exploit
Hi
Thank you for your reply.
>Makoto san, can you provide an ip-address within your assigned range that
>people can ping to test?
You can ping to 126.66.0.30/8.
regards,
--
Makoto Kawano <[EMAIL PROTECTED]>
SOFTBANK BB Corp.
Yahoo!BB Network Operation Center
-Original Message-
From:
On Wed, 3 Aug 2005, Joel Jaeggli wrote:
Makoto san, can you provide an ip-address within your assigned range
that people can ping to test?
$ ping 126.0.0.1
PING 126.0.0.1 (126.0.0.1) 56(84) bytes of data.
64 bytes from 126.0.0.1: icmp_seq=1 ttl=4 time=362 ms
64 bytes from 126.0.0.1: icmp_seq=
On Wed, 3 Aug 2005, [EMAIL PROTECTED] wrote:
Dear Network Operators and whom it may concern
I hope you are doing well, We are facing a difficult problem and we
would like to ask your assistance!
Makoto san, can you provide an ip-address within your assigned range that
people can ping to
On 03/08/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Softbank BB (AS17676) was allocated 126/8 from APNIC, and Softbank
> BB (AS17676) immediately tried to use 126/8.
Jon, could you tell Kawano san just how many sites are still blocking 69/8? :)
Dear Network Operators and whom it may concern
I hope you are doing well, We are facing a difficult problem and we would like
to ask your assistance!
The following address blocks were allocated from IANA to APNIC on the 27th of
JAN of 2005. Please refer to the following link.
http://www.cymru.
On 8/3/05, Saku Ytti <[EMAIL PROTECTED]> wrote:
> You might want to read lynn-cisco.pdf. This means that today to
> exploit heap overflows you need to know the offsets per release, supposedly
> tomorrow the offsets will be static per releasese in new (in some terms
> better)
> architecture, whic
On (2005-08-03 06:24 -0400), Joe Maimon wrote:
> But at the same time, now that I think they already are, I will say it's
> not as bad as you probably think it is. Not yet ... because the version
> that makes this an unstoppable critical problem is not out yet.
>
>What exactly does this mean?
quotes from wired interview with Mike Lynn
"
WN: So this new version of the operating system that they're coming out
with, that's in beta testing.
Lynn: It's actually a better architecture ... but it will be less
secure That's why I felt it was important to make the point now
rather tha
On Wed, 3 Aug 2005, Bill Woodcock wrote:
> > note image size of 11/12/16 mb... note that many (most?) 2500's don't
> have
> > 16M flash.
>
> If you feel like keeping 2500s in service, rather than replacing them with
> something that holds NM-32As, the flash problem is easily resolved fo
On Wed, 3 Aug 2005, Bill Woodcock wrote:
> > 3: What protocols should be used for firmware upgrades to ATA
> > devices? We are thinking HTTPS or SFTP, or HTTP if those aren't
> > available on selected devices. I am trying to stay away from TFTP
> > for security reasons.
>
> What
On Tue, 2 Aug 2005, Shane Owens wrote:
> 1: Does it make sense to scatter nodes around the globe to limit latency
on intraregional calls? If so how many? We were
> thinking about 7 placed at strategic points around the globe.
The short answer is "yes". This is a VoIP peering issue
> note image size of 11/12/16 mb... note that many (most?) 2500's don't have
> 16M flash.
If you feel like keeping 2500s in service, rather than replacing them with
something that holds NM-32As, the flash problem is easily resolved for
less than US$50:
http://www.memorydealers.com/8mbc
Randy Bush wrote:
very helpful analysis. some questions:
mrai stiffle that? could it be used to cascade to a neighbor? i
suppose that diverting the just the right 15-30 seconds of traffic
could be profitable.
More recent hardware allows you to take copies of packets and push them
down a
93 matches
Mail list logo
