e.com
got changed to a CNAME to news.l.google.com, which wasn't there.
they're there now. not sure what the story is, though.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
Java, PHP, PostgreSQL, Unix, Linux, IP Network En
to entry than worrying about creating a barrier
to mail abuse.
sigh,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
ave been concerned about whether i was going to cross the
offtopic threshold by bringing up the subject of what the offtopic threshold
really was and how it was judged.
richard
(anticipating that this may be my last nanog posting for some time
to come)
--
Richard Welty
On Tue, 14 Sep 2004, Philip Smith wrote:
> NANOG, AfNOG, SANOG, JANOG, EOF, APOPS, SGNOG, NZNOG, NordNOG, SwiNOG, PACNOG
every time i see this list, it makes me want to tell NOG NOG jokes.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill P
ve to be invited. ;-)
well, i think at this point everyone on nanog can consider themselves
"invited". now can we please stop this?
aarrgghh,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
time for restoration of power
> > to the Sprint switch serving the towers.
> i assume this is florida?
that would be correct. i grew up in Pinellas County, and recognize all the
county names.
richard
--
Richard Welty [EMAIL P
es not do
to resolve this issue.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
g observation:
you can tell someone has become an intermediate driver because
they start regularly trashing their brakes.
you can tell someone has become an advanced driver when they
learn how to go even faster while not trashing their brakes.
cheers,
richard
--
Richard Welty
d, these bastards FLY at you.
and they stink when you stomp on them.
richard
(grew up in st. pete fl)
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, L
as the first provider continues to provide
transit.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
ve
shot themselves in the foot, as they won't be able to afford to sue
_everyone_ who is dropping their announcements as part of normal
filter policy going back many years. i don't think anyone should be
changing policies in response to this. let it play out in court.
for most ISPs, &
ing things that are in
some cases not true about spamhaus, and Steve is prohibited from
attempting to correct them.
hardly seems fair,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
This is a very common case if both providers are large.)
> It's worth pointing out, however, that if case 2 applies and case 1
> doesn't, then the ISP will still be providing a level of actual packet
> carrying service to the customer.
bt. if the ISPs ha
requested TRO incompletely solves
the problem, making it fairly pointless.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
gaining this TRO,
and it becomes a pattern across the industry, then everybody's
connectivity, router tables, and support budget will likely suffer.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
don't own.
richard
(i've got that bridge around here some where, anyone want to buy it?)
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
On Wed, 23 Jun 2004 19:06:54 + (GMT) "Edward B. Dreger" <[EMAIL PROTECTED]> wrote:
> RW> Date: Wed, 23 Jun 2004 13:35:06 -0400 (EDT)
> RW> From: Richard Welty
> RW> i had a customer once who had, for no reason they could
> RW> ever clearly explain,
d to talk
to ericson they were ok (yes, they used NAT at the border,
but we needed to see their internal IP address space, which
made for some serious annoyance.)
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
On Fri, 11 Jun 2004 17:51:00 -0400 (EDT) Scott McGrath <[EMAIL PROTECTED]> wrote:
> But wouldn't an interocitor with electron sorter option give you much more
> reliable packet delivery...
that works fine until someone reverse the polarity of the neutron flow.
richard
gging
SetEnvIf Request_URI "^/default.ida?" dontlog
SetEnvIf Request_Method "SEARCH" dontlog
and then later on...
CustomLog /var/log/httpd/access_log combined env=!dontlog
between the two of them, they were consuming an absurd amount
of space in my /var/log partitions.
r
g email to spamcop
to try and get off.
it's a guess, but it has happened before with other lists.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
only need to wait until 30 days before, not 11 hours before.
ARIN in my experience responds with reasonable promptness to ASN requests,
and assuming your paperwork is in order, you really are worrying unnecessarily.
richard
--
Richard Welty [EMAIL PR
akes are lower.
ditto. i have some very specific memories of explaining to a CEO
who should have known better (an ex engineer) why we really
needed to "nuke the servers from orbit, it's the only way to be sure"
after an infestation at a startup some years
On Mon, 05 Apr 2004 20:03:58 -0400 Jeff Workman <[EMAIL PROTECTED]> wrote:
> --On Monday, April 05, 2004 5:48 PM -0400 Richard Welty
> <[EMAIL PROTECTED]> wrote:
> > for that matter, if i were running a very very large mail farm with high
> > volume in one or b
lume in one or both directions, separating the inbound mail handlers
(MX hosts) from the outbound mail relays would be something that i'd
seriously consider doing as part of the architecture. this would interact
very badly with the mail rejection strategy
response time, etc.
just out of curiosity, do you happen to use a mail reader which normally
only shows you the text portion of a mime message?
there's quite a lot of spam which has attempts at busting bayesian
filters in the text section, and the spam payload is in the html section.
richar
On Mon, 29 Mar 2004 07:20:47 -0500 Rob Nelson <[EMAIL PROTECTED]> wrote:
> Richard Welty wrote:
> >when smtp fixup is on (default on many older pixes, i gather that there
> >may be some improvements on newer pixes), the smtp banner
> >is mostly obscured by * characte
On Sun, 28 Mar 2004 10:22:44 -0500 (EST) Richard Welty <[EMAIL PROTECTED]> wrote:
i should add that i think that this proposal is a bad idea for any
number of reasons, but this cisco pix thing is very concrete
so i just wanted to get it out there.
before i write an extended explanation of
es the problem.
it's sufficiently frequent that it's generally the first thing i check
for these days (it's also first because ruling it in or out is very
quick.)
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
y got any data or observations on this?
yes. there are a lot of pix firewalls out there with smtp fixup turned on,
effectively disabling ESMTP (not to mention sporadically breaking
traditional SMTP.)
richard
--
Richard Welty [EMAIL P
al Presidents back, as I recall.
i was working on some government defense type projects (not SDI)
back when SDI was the big rage. we all thought that the SDI
was DoD contractor welfare at the time (mostly because it reduced
the funds available to us non
http://www.pizzashack.org/rssh/index.shtml
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
On Wed, 3 Mar 2004 18:35:27 -0500 "Patrick W.Gilmore" <[EMAIL PROTECTED]> wrote:
> On Mar 3, 2004, at 6:00 PM, Richard Welty wrote:
> >> Of the ones above, I only use spamhaus, combined with opm.blitzed.org
> >> &
> >> relays.visi.com
> >
the connection.
> Also, I like sender verification, but that's me.
i used it for some time, and reluctantly shut it down. blocked a lot of email
abuse, but too many false positives for my taste.
richard
--
Richard Welty [EMAIL PROTECTED]
Aver
responses.)
i've got a whole collection of them. been getting them
for months.
it's also somewhat offtopic for this list. i suggest that
followups be off list, unless they can be typed into
IOS.
richard
--
Richard Welty [EMAIL P
head that they need to make a NETBIOS
connection to the cited RFC1918 space.
could this be a side effect of one of the current generation of viruses?
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
l "precedence" value that was used to screen such mail.
nanog has a clear Precedence: bulk line in the header which is
the defacto standard for handling this, so that can't be it.
i think it's basically clueless IT staffs trying to reinvent a wheel
that's been invented, usu
so that you can trap the data needed
for AUP/TOS enforcement against proxy hijackers and other network
abusers w/o accidentally bringing down your network.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
sonal experience with the
GSRs and am looking for one of two things:
1) someone experienced in capturing this stuff on a GSR
or
2) a pointer to a cisco oriented list where i can get 1) above.
thanks in advance,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill
ken advantage of.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
and wasn't
the original intent of PNAT, but that doesn't mean it's not there.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
ugh. in addition to my
somewhat scattershot website (no time to work on it unti after i find a job),
there is also the datacenter mailing list, which is low volume and has some
extremely experienced and knowledgable people on it. send to
[EMAIL PROTECTED]
to join it.
ric
rences.
the big firms that do recruiting often take a cut that is all out of
proportion to the amount of work they actually do. an independent
will often be more reasonable.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
hink it'll take anyone to notice the extra locks?
cheers,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
t stick, and it's no fun at all. you ought to try it some
time before you casually toss off a statement like the one quoted
above.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-
e issue, given that Verisign apparently proposes to give the community 60
or 90 days notice of potentially significant changes to the infrastructure, affecting
unpredicatable numbers of entities in ways unknown, and impossible to cost out
in advance.
for all the flaws of the IETF, it is infini
n really assess the effects of unilateral design
> changes, especially when that assessment is shrouded in commercial
> secrecy.
agreed.
richard
("nine out of ten experts hand selected by Verisign agree...")
--
Richard Welty [EMAIL PROTECT
On Mon, 20 Oct 2003 17:15:23 -0400 "Howard C. Berkowitz" <[EMAIL PROTECTED]> wrote:
> At 5:04 PM -0400 10/20/03, Richard Welty wrote:
> >may i suggest another operational issue then?
> >how does verisign plan to identify and notify all affected parties
> >
how do they plan to identify every party running
postfix and inform them that they need to upgrade their MTA?
this seems non-trivial to me.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
o get done faster, i think they should volunteer
to pay the costs, don't you?
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
;s wrong with this
picture?
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
h the development of FAQs and tutorials targeted at business
consumers of internet services.
again, comments offlist, please.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, P
us. this spamhaus customer is
talking through their hat.
additionally, to the best of my knowledge, spamhaus listing and escalation
procedures differ from the ones you described.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
thing is that spamming may be the closest thing to a legitimate
business that Eddy Marin has ever been involved in.)
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
tes".
cheers,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
On Wed, 27 Aug 2003 13:36:54 -0400 "Nathan J. Mehl" <[EMAIL PROTECTED]> wrote:
>
> In the immortal words of Richard Welty ([EMAIL PROTECTED]):
> > On Tue, 26 Aug 2003 15:25:46 -0700 (PDT) "Gary E. Miller"
> <[EMAIL PROTECTED]> wrote:
> >
orbz?)
it was more complicated than that. orbs went away without a clean shutdown
plan, and one of the secondary DNS operators started answering with
127.0.0.2 to try and get people to stop querying his server.
it worked, although with non-trivial pain attached.
richa
ose who don't use it will know what
to say when the issue comes up.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
een a heavy DOS in progress against a couple of prominent
anti-spammers for a week or so now, Joe Jared/Osirusoft is one of them.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Java, P
nterconnection."
"We do not know the cause at present but will continue to evaluate the
situation," said Ellen Vancko, speaking for the council.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
forwarded (with permission) for someone who can't post to nanog:
-- Forwarded message --
From: Ben Venzke <[EMAIL PROTECTED]>
Date: Thu, 14 Aug 2003 18:56:00 -0400
Subject: NANOG - Outage Summary
To: Richard Welty
NE Outages - v2.9
The cause appears to be an overload of
G, east of Albany NY, which is joined to Ni-Mo at the hip.) it's back
up, but i suspect it'll be shaky for a while.
all the burning transformers, etc., are all probably side effects of the
major power outage.
richard
--
Richard Welty [EMAIL PROTE
hitting the button labeled
"emergency power off".
in retrospect, it's funny, but at the time we were leaning towards killing
him right then and there.
cheers,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
had the authority to buy into the do not call list. they
have done so, and so the extemptions have mostly gone away. i think
politicians can still pester you for money at dinner time, though.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Netw
ther transportation and industrial
applications. you can run a long time on the oil, but you need the analysis
to correctly recognize when the jig is up.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
ent oil changes.
> I thought it was the exact opposite. Diesel fuel has much better
> lubricity than LPG/CNG/gasoline.
diesels need frequent oil filter changes because they load the oil up
with soot. the oil itself can last a long time.
richard
--
Richard Welty
onomics alone.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
same.
additionally, in cold climates, diesel fuel can and will gel if it isn't
the right mix.
the fuel delivered in the summer may not have the right additives. some
vendors of diesel fuel do a better job with their winter mix than others.
richard
--
Richard Welty
more
> battery?
just how certain are you that your generator is always going to start
within 15 minutes?
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP N
IAA, etc.) are trying hard to get certain
things criminalized that are dealt with perfectly well already in civil
contract law.
an ISP can permit or ban NAT as they see fit, per their TOS. no need for
this to be criminal.
richard
--
Richard Welty
body's open relay
list.
richard
(just fixed one of those types of open relay at a customer's site)
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
an't
> pull
> up the MAPS RSS website at the moment to check why. Anyone know contact
> info for Verizon for this kind of issue?
maps RSS is open relays.
try the abuse.net relay tester on the BL'd IP and see what it turns up,
http://www.abuse.n
hived polling data does go into
MySQL, but the database of monitored nodes was still in the
proprietary database the last time i looked at this.
note also that there are a bunch of up-and-coming NMS systems that may or
may not be better than Spectrum. the last time i did an evalu
es to die.
cheers,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
x27;s been a while, but i used to park in the lot underneath the building.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
8ball.ofb.net/howto.html
i might be persuaded to make a presentation on this at the next nanog
meeting.
cheers,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
arry, moe and curly.
the only reason their frame network between branches worked at all was
because they turned the whole thing over to us. they didn't have a clue,
not a single one between the three of them.
it really is that bad.
richard
--
Richard Welty
personally, i'd be happier if they'd focus on abuse problems on their own
network. they don't seem to be doing much of a job of turfing spammers
among their customer base.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
2, as the others have remedies or are else apparently unimportant?
turning up WEP would keep the riffraff out. is that actually necessary or
important?
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
n inspected.
therefore, to attack many colo facilities, it is sufficient to sign
contracts that i never intend to honor and then carry boxes of "stuff"
up that has nothing to do with colo.
richard
--
Richard Welty
efering to "class C"'s?
about 2 years ago, interviewing fresh graduates for jobs, i found that they
were still being taught classful networking at many colleges.
it was a fairly depresssing discovery.
richard
--
Richard Welty
red EPO button in front of them is
like dangling a shiney object in front of some people i know.
once at GE R&D, we had an electrician announce that "the room was running
on emergency power", so he had to turn the emergency power off.
richard
--
Richard Welty
sks to see
> your badge again...
or you're standing in the parking lot, and suddenly find yourself
surrounded by men in suits carrying mac-10s.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
so available as RFCs,
> I think 871-875.
yes, 871 is a personal favorite of mine; i've photocopied it and
passed it out in classes i've taught.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
based on the HTTP host
request-header field. in https, the certificates are processed before the
Host request-header is transmitted; Host is supposed to be inside the
encrypted tunnel.
a different design might have permitted named based https identification of
virtual web site, but they did
e mahogany developers are on it, i expect my client to be fixed in the
near future.
thanks again,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux,
vance,
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
nt cabinet is a good thing, as when you blow a
router config and it stops talking to the network, dialing into it via
said modem is the only quick path to saving your job.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
re white hat. i have some direct personal experience
them, and believe that at best, they're deeply confused.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
lied and it may take awhile before
they develop the reputations for responsiveness that an outfit like
rcn currently has.
give 'em a little time, guys. they're working on it. complaint to abuse@
like you're supposed to, and give them a chance to deal with it.
richard
--
Ric
, but Monsterhut lied to the
court about the source of their addresses in order to try and weasel out of
being terminated.
the whole mess took a year or so to wend its way through the NY court
system. bleah.
richard
("spammers lie? i'm shocked!")
--
Richard
tion working, with
no thanks due Ameritech.)
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
e
of the box.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
d the "urban legend" thing is incorrect. AOL has in some cases had mailing
list providers sign agreements governing their behavior. that's the only
one i know of, but there could be others.
richard
--
Richard Welty [EMAIL PROTECTED]
Averi
l of MFNX.
> The real question is will they merge it with Genuity?
1) $975B seems a tad large
2) it was my understanding that Genuity was spun off when GTE merged with
BA, a requirement imposed by the regulators.
richard
--
Richard Welty [EMAIL PR
the examples others have given.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
96 matches
Mail list logo