Has anyone on the list ever conduct business with Yipes
http://www.yipes.com/about/yipes_about.shtml? If anyone has any comments and
wishes to contact me off list with any specific comments it would be greatly
appreciated.
I'm sure most people on this list have heard of or use snort. There is an
add-on package called snortsam. This package allows automation of blocking
traffic deemed malicious via a null route statement or ACL statement. We
have been in the process over the last month of implementing this on our
Most major carriers have some way of communicating with them for this
purpose. Level(3) uses BGP community for a peer of theirs to issue /32
routes to their black hole router. Global Crossing uses an eBGP multi-hop
peer for these types of advertisements and others have their mechanisms as
Hi,
I would like to know if operators use GTSM techniques with BGP and other
routing protocols today? Is any at the perimeter of the routing domain
deployed? I would believe that GTSM can provide protection against attacks more
than a hop away and thus can save against a lot of potential Dos
On Thu, 17 Aug 2006, Jordan Medlen wrote:
I'm sure most people on this list have heard of or use snort. There is an
add-on package called snortsam. This package allows automation of blocking
traffic deemed malicious via a null route statement or ACL statement. We
have been in the process
Thanks for the info. I will pass this to our abuse department to get rid of
those. We are still tweaking our system and is only about 90% deployed, but
after all of the efforts to deploy the system, it should pay-off many many
times over.
Thanks again,
Jordan
-Original Message-
From:
Gadi,
I am unable to find the list in the archives or my email client. Can you
send me anything that you have so I can get it taken care of?
Thanks,
Jordan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gadi
Evron
Sent: Thursday, August 17, 2006
On Thu, 17 Aug 2006, Jordan Medlen wrote:
Gadi,
I am unable to find the list in the archives or my email client. Can you
send me anything that you have so I can get it taken care of?
Of course.
Gadi.
Thanks,
Jordan
-Original Message-
From: [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
in-line:
Jordan Medlen wrote:
I'm sure most people on this list have heard of or use snort. There is an
add-on package called snortsam. This package allows automation of blocking
traffic deemed malicious via a null route statement or ACL
On Thu, 17 Aug 2006 13:55:36 EDT, Jordan Medlen said:
Thanks for the info. I will pass this to our abuse department to get rid of
those. We are still tweaking our system and is only about 90% deployed, but
after all of the efforts to deploy the system, it should pay-off many many
times over.
Good point. At this time, we are not yet at completion as stated, but
something that could be done for the benefit of others once we have
completed the install and taken into account the amount spent vs. gained as
you stated. I will look to getting something to everyone once our experience
is
On 13 Aug 2006, Paul Vixie wrote:
which is, please move these threads to a non-SP mailing list.
R [ 41: Danny McPherson ] Re: mitigating botnet CCs has become useless
R [ 22: Laurence F. Sheldon]
R45: Danny McPherson
R [ 62: Laurence F. Sheldon]
R
Snort itself can be configured to send email notifications without the
snortsam add-on. Snortsam does have a do-not-block list as well so that
certain hosts are never blocked. This is useful for our NOC staff since we
continually run tests such as nmap towards our customer's servers that would
On Thu, Aug 17, 2006 at 02:48:01PM -0500, Gadi Evron wrote:
Paul, apparently, we are in disagreement! :)
Botnets are an operational issue affecting most of every large carrier to
momspops service provider here.
I believe a lot of the information about botnets, which is not that
I have to agree... I joined this list a few weeks ago, and am pretty
sad at the garbage I have to sift through. It's more of a FLAME Thrower
if you ask me.
I'm giving it another few days, and I'm off to looking for other lists
that are much more useful than this deal here.
Robert Hantson
On Thu, 17 Aug 2006, Richard A Steenbergen wrote:
On Thu, Aug 17, 2006 at 02:48:01PM -0500, Gadi Evron wrote:
Paul, apparently, we are in disagreement! :)
Botnets are an operational issue affecting most of every large carrier to
momspops service provider here.
I believe a lot of
On Thu, 17 Aug 2006 16:15:25 EDT, Richard A Steenbergen said:
If this is all we have to talk about and it is on-topic, then NANOG has
failed, and we need a new list where people can actually discuss network
operations.
Admittedly, discussions about how to mitigate a botnet are less on topic
On Thu, 17 Aug 2006, John Smith wrote:
I would like to know if operators use GTSM techniques with BGP and
other routing protocols today? Is any at the perimeter of the
routing domain deployed? I would believe that GTSM can provide
protection against attacks more than a hop away and thus can
On Thu, 17 Aug 2006, Jordan Medlen wrote:
I'm sure most people on this list have heard of or use snort. There is an
add-on package called snortsam. This package allows automation of blocking
traffic deemed malicious via a null route statement or ACL statement. We
have been in the process
Then is it fair to assume that operators are not using it?
- Original Message
From: Pekka Savola [EMAIL PROTECTED]
To: John Smith [EMAIL PROTECTED]
Cc: nanog@merit.edu
Sent: Friday, 18 August, 2006 2:15:31 AM
Subject: Re: GTSM - Do you use it?
On Thu, 17 Aug 2006, John Smith wrote:
I
I don't think that's a fair assumption. A few providers I talked to
for a security current practiced document I am writing said they were
deploying it between BGP peers and I recently asked for more
clarification from some individuals to ensure I had correct info with
respect to
On Thu, Aug 17, 2006 at 05:14:57PM -0700, Merike Kaeo wrote:
I don't think that's a fair assumption. A few providers I talked to
for a security current practiced document I am writing said they were
deploying it between BGP peers and I recently asked for more
clarification from some
On Thu, 17 Aug 2006, Gadi Evron wrote:
On Thu, 17 Aug 2006, Richard A Steenbergen wrote:
If this is all we have to talk about and it is on-topic, then NANOG has
failed, and we need a new list where people can actually discuss network
operations.
Who is stopping you? Either to raise
If A tries to peer with B, and B sends a BGP capability 64 to A, if A
does not support that capability what would proper and/or reasonable
behavior for A be?
(a published source for it, if you could possibly do so.)
a) send
unsupported capability code 64 lengh 6
## 2006-08-17 19:17:05 :
24 matches
Mail list logo
