On Tue, 20 Apr 2004, Richard A Steenbergen wrote:
Anyone who seriously wanted to protect against this attack could easily
deploy RST rate limits against their management interfaces, rather than
run around trying to set up MD5 with every peer. As a long term
improvement, a random ephemeral
On Sun, 18 Apr 2004, Matt Hess wrote:
late-night-humor
# Do not allow Windows 9x SMTP connections since they are typically
# a viral worm. Alternately we could limit these OSes to 1 connection each.
block in on $ext_if proto tcp from any os {Windows 95, Windows 98} \
to any port smtp
Someone coming up with tools to solve Paul's problems. Anyone can send an
XML formated notice to an ISP, and the user's Internet access is
automatically restricted. Spoofing?
Btw, the music industry has applied for a patent on the technique. Prior
art anyone?
On Mon, 19 Apr 2004, Paul Vixie wrote:
two things, though: (1) you'll never get those things fixed and (we both
know it), (2) so you'd better prepare for the inevitability of widespread
filtering against your DSL/Cable blocks (whether you talk to me or not.)
Paul, where have you been? There
On Sun, 18 Apr 2004, Paul Vixie wrote:
MAPS or SORBS or somebody needs to set up a BBL (broad band list) which is
just a list of broadband customer netblocks, with no moral/value judgement
expressed or implied. If it's complete and updated frequently, I'd pay for
a feed because of all the
On Sun, 18 Apr 2004, Alex Bligh wrote:
Whilst that may gave you some heuristic help, I'm not sure
about the language. HINFO used that way neither /authenticates/
the address (in any meaningful manner as the reverse DNS holder
can put in whatever they like), nor does it /authenticate/ the
On Sun, 18 Apr 2004, Doug White wrote:
Well, Paul did advance a methodology - blackhole them all grin
If Paul came up with a practical way to fix millions of compromised
computers which didn't involve hiring entire second-world countries
to talk grandma through the process, I think many people
On Sun, 18 Apr 2004, Doug White wrote:
I likewise would like to see a better way - but changing the whole internet is
completely illogical.
Educating the masses is the same.
As soon as I see a solution that will work, I will probably try to implement it
on my system.
Abbot and Costello do
The power at the Bellagio failed for about three days. The failure
involved about 1,000 feet of internal primary power cable. Although
the Bellagio had emergency and backup power, because it was an internal
cable, the backup generators couldn't supply power either. The Las Vegas
Sun has one of
On Tue, 13 Apr 2004, John Curran wrote:
I'm very much suggesting blocking outward to the Internet port 25
traffic, except from configured mail relays for that end-user site.
Those hosts which have MSTP malware are stopped cold as a result.
NNTP is set up almost everywhere with
This was covered in the Washington Post, but the real information is
on Stanford's web site.
http://securecomputing.stanford.edu/alerts/multiple-unix-6apr2004.html
On Mon, 12 Apr 2004, Robert Blayzor wrote:
I can understand the reasoning behind what they are doing, but perhaps
they are taking things in the wrong direction. Our abuse@ email address
is just that, abused. Our abuse@ mailbox gets probably 500+ spams a day
with maybe 2-3 legit emails that
Why do people have the irresitable urge to click on things?
Click here to find out:
http://www.washingtonpost.com/wp-dyn/articles/A349-2004Apr9.html
The experts advised people not to click on strange attachments in
e-mail, which can activate the worm, and to update their antivirus
If you connect a dialup modem to the public switched telephone network, do
you rely on Caller ID for security? Or do you configure passwords on the
systems to prevent wardialers with blocked CLIDs from accessing your
system? Have a generation of firewalls and security practices distracted
us
On Sun, 11 Apr 2004, Suresh Ramasubramanian wrote:
NTL peers at Linx, right? I'm sure somebody's mentioned
http://www.linx.net/noncore/bcp/ube-bcp.html to them?
Should anonymous use of the Internet be eliminated so all forms
of abuse can be tracked and dealt with?
Exception
An exception
On Sat, 10 Apr 2004, Scott Call wrote:
While both the Telco and ISP are communications services, they are
completely different beasts in the abuse department (as well as support,
provisioning, billing, etc)
http://www.dailystar.com/dailystar/dailystar/17393.php
Overseas scam artists have
John Borland, a reporter for CNET News.com, made the mistake of loading
some software on a Windows machine and hoping it was possible to restore
the trustworthiness of a compromised Windows machine. In the end the
CNET IT department took his computer away and re-installed a fresh
image.
On Tue, 6 Apr 2004, Jon R. Kibler wrote:
fax telephone number. We have captured several dozen faxes sent through
that number over the past few days, and they all have 'enter your number
here to delete' toll free numbers on them and we would like to find out
the telco that owns those blocks of
Spam is a topic for a different forum, but falsifying business records
by forging mail headers is a more general network issue.
http://www.oag.state.ny.us/press/2004/apr/apr1b_04.html
Carmack was found guilty of stealing the identity of two Buffalo-area
residents to open Internet access
On Thu, 18 Mar 2004, Paul Vixie wrote:
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
http://www.vix.com/personalcolo/
As of March 17 2004
Total personal colo listings: 36
Total providers with one or more addresses block listed: 18
The eighteen providers are sometimes
By Jim Hu
Staff Writer, CNET News.com
High-speed Internet service providers are increasingly putting their
customers in the security hot seat, as they try to fight recent virus
attacks that turn computers into spam factories.
[...]
Still, the question remains whether the techniques broadband
On Wed, 17 Mar 2004, Steve Linford wrote:
From Deep Throat, received 17/3/04, 21:10 + (GMT):
Disturbing information on one of the founders of Spamhaus.org
http://www.geocities.com/jackjack9872004/
Not just a load of BS, but posted to NANOG anonymously, through a
hijacked machine
On Mon, 15 Mar 2004, Petri Helenius wrote:
I see this as a two different processes. There are definetly some
individuals who have no help whatsoever with their computers and need
the abuse/helpdesk to walk them through the disinfecting process.
Gartner estimates the total cost of ownership of
On Sun, 14 Mar 2004, Andrew Dorsett wrote:
In a dorm room situation or an apartment situation, you again know the
physical port the DHCP request came in on. You then know which room that
port is connected to and you therefore have a general idea of who the
abuser is. So whats the big deal
On Mon, 15 Mar 2004, Scott McGrath wrote:
What is desired here is a system by which all communications
originating/or terminating at $DESIGNATED_TARGET can be intercepted with
no intervention by and/or knowledge of the carrier hence ensuring the
security of the investigation.
I don't think
The US Department of Interior was ordered to disconnect most, but
not all, Internet connections. They don't have to disconnect their
modems, private networks, or other agency networks.
This is the third time the court has ordered the Interior Department
to disconnect some or all of their
On Sun, 14 Mar 2004, Paul Vixie wrote:
Some do. However, without a server that can be impounded and then sold
on E-Bay, there's no reason to think that the provider will have less
abuse volume from such customers than they would have from SMTP AUTH
customers or DSL customers or
On Sat, 13 Mar 2004, Paul Vixie wrote:
every time i tell somebody that they shouldn't bother trying to send e-mail
from their dsl or cablemodem ip address due to the unlikelihood of a well
staffed and well trained and empowered abuse desk defending the reputation
of that address space, i also
On Sat, 13 Mar 2004, Stephen Sprunk wrote:
So DOCSIS has a technical limitation which may or may not apply. This is
reasonable justification for limiting upstream bandwidth, not for specifying
that users can't run servers. If users can run servers effectively in the
limited available
On Sat, 13 Mar 2004, Christopher J. Wolff wrote:
I believe that CALEA versions of IOS are already available on cisco.com. It
has a backdoor for any traffic originating from dhs.gov address space. ;)
If law enforcement was satisified with the solutions already available, I
don't think they
On Fri, 12 Mar 2004, James Edwards wrote:
I see a lot of unicast UPnP traffic on my networks.
UPnP seems like a train wreck waiting to happen, to me.
Yep. Giving insecure PC's the power to change firewall settings. Doesn't
sound like the cleverest idea.
I have a firewall, my computer can't
On Thu, 11 Mar 2004, Baldwin, James wrote:
I applaud the idea of a outsourced department that will manage the
denial of service, and hordes of script kiddie (nod to Ranum) problems
that plague modern networks. Anything that keeps me from being
distracted from more interesting lines of
On Wed, 10 Mar 2004, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Joshua Brady writes:
http://news.zdnet.co.uk/internet/security/0,39020375,39148215,00.htm
Comments?
The phrase seriously bad idea comes to mind. Other phrases include
illegal, collateral damage, and stupid.
On Mon, 8 Mar 2004, Steve Francis wrote:
That was exactly what I was doing by saying I will only get service from
ISPs that run loose-uRPF in cores. (or all edges, including peering links.)
I will not take service from ISP X, who is cheaper than ISP Y, if ISP X
cannot assure me that I will
On Sun, 7 Mar 2004, E.B. Dreger wrote:
If SAV were universal (ha ha ha!), one could discount spoofed
traffic when analyzing flows. But, hey, why bother playing nice
and helping other networks, eh?
SAV doesn't tell you where the packets came from. At best SAV tells you
where the packets
On Sun, 7 Mar 2004, Paul Vixie wrote:
in the therefore-unreal world i live in, the ability to tell a GWF (goober
with firewall) that the incident report they sent our noc could not possibly
have come from here, is a net cost savings over having to prove it every time.
Of course, some people
On Mon, 8 Mar 2004, E.B. Dreger wrote:
SD They saw no _net_ savings.
SD
SD In the real world, it costs more to deploy and maintain
SD SAV/uRPF.
The benefit is to other networks. When other networks make your
life easier, you benefit.
This confirms my statement. You save nothing by
On Sun, 7 Mar 2004, Avleen Vig wrote:
No. The work you've done is expected of you, as a good Internetwork
neighbour.
If you're not a good neighbour, next time you need my help, or the help
of anyone else I know, please expect the finger.
But I keep trying to do good work; and you keep giving
On Sat, 6 Mar 2004, Paul Vixie wrote:
(and according to that text, it was a 9-year-old idea at that time.)
it's now 2004. how much longer do we want to have this problem?
Source address validation (or Cisco's term uRPF) is perhaps more widely
deployed than people realize. Its not 100%, but
On Sun, 7 Mar 2004, Paul Vixie wrote:
don't be lulled into some kind of false sense of security by the fact
that YOU are not seeing spoofed packets TODAY. let's close the doors we
CAN close, and give attackers fewer options.
I don't have a false sense of security. We have lots of open doors
On Sat, 6 Mar 2004, Dan Hollis wrote:
sadly the prevailing thought seems to be 'we cant block every exploit so
we will block none'. this (and others) are used as an excuse to not deploy
urpf on edge interfaces facing singlehomed customers.
This is one of the few locations SAV/uRPF
On Sat, 6 Mar 2004, Avleen Vig wrote:
On Sat, Mar 06, 2004 at 06:39:21PM -0500, Sean Donelan wrote:
Source address validation (or Cisco's term uRPF) is perhaps more widely
deployed than people realize. Its not 100%, but what's interesting is
despite its use, it appears to have had very
Of course, I'm certain Sandvine is selling something to solve the
problem, but it is still a very nice article with some measurable
numbers.
http://www.globeandmail.com/servlet/story/RTGAM.20040303.gtsandmar2/BNStory/Technology/
On any given day, its white paper concluded, between 2 and 12 per
On Wed, 25 Feb 2004, Bora Akyol wrote:
It needs to be as reliable as the services that depend on it.
E.g. if bank A is using the Internet exclusively without
leased line back up to run its ATMs, or to interface with
its customers, then it needs to be VERY reliable.
That's not very reliable.
Communication providers of all sizes, which may include Internet
service providers, may want to review
http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-04-30A1.pdf
This is the FCC's notice of proposed rulemaking concerning
communication provider outage reporting. The definitions are
very
http://news.com.com/2100-1038_3-5163931.html?tag=nefd_top
A Level 3 spokesman would not confirm or deny that hardware was the source
of the problem, nor would he elaborate on the nature of the issue.
We are investigating the cause of the problem, which is fully resolved at
this time, said
On Sat, 21 Feb 2004, Michel Py wrote:
I wonder how many will install worms and viruses from a CD that they got
not from Microsoft but from phishing schemes that will inevitably pop up
around it.
As far as I know, Microsoft is currently mailing the CDs to only consumers
that request the
On Sat, 21 Feb 2004, David Lesher wrote:
In the future you may be able to obtain patches through other
distribution channels, e.g. your ISP or consumer electronics chain or
original equipment manufacturer. Regardless of the distribution method,
geniune Microsoft patches are always
Public reply, because private are blocked.
http://www.ietf.org/internet-drafts/draft-stumpf-dns-mtamark-01.txt
uses rev-dns TXT RRs to let admins document which IP addresses are
supposed to act as MTA (as well as to document which addresses are
supposed not to send mail).
The difference
On Thu, 19 Feb 2004, Patrick W.Gilmore wrote:
Honestly, I do not know about OSPF (or BGP) on Windows, however, you
can just static route to the Windows box(es). Sure, if the OS hangs,
the interface will stay up and the static route will still push bits at
the dead box, but it will work (FSVO
How well does Anycast work with Windows 2000 or XP servers? Is the
Microsoft OSPF implementation good enough to use or do people port another
routing implementation?
Yeah, I know about Unix/Linux. All the large scale anycast deployments
I know about are on unix, but I was wondering if anyone
On Mon, 16 Feb 2004, Daniel Reed wrote:
On 2004-02-15T17:33-0500, Sean Donelan wrote:
) The unfortunate fact is lots of people like to operate open, anonymous
) services and then expect other people to clean up after them.
)
) Why don't IRC operators require authentication of their users
On Sun, 15 Feb 2004, Jon R. Kibler wrote:
We find that at least 85% of all spam originates from DHCP addresses. Thus, if
a significant number of ISPs would perform port 25 egress filtering, I believe
that it would significantly reduce spam, and force criminal spammers to develop
completely
On Fri, 13 Feb 2004, Rob Pickering wrote:
--On 13 February 2004 09:27 -0500 [EMAIL PROTECTED] wrote:
Y-Haw! A return to the Old West of bangbaths and pathalias.
No thanks.
That's absolutely the issue with emerging resignation to e-mail
peering and the like being the only solution
On Sun, 15 Feb 2004 [EMAIL PROTECTED] wrote:
DialUp Lists (DUL) dns block lists permits you to ignore e-mail from
many dynamic IP addresses. You can configure your mail server to do this
today without waiting for ISPs to do anything.
If we advertise the DHCP pools for AS1312 in a DUL, we
On Sun, 15 Feb 2004 [EMAIL PROTECTED] wrote:
On Sun, 15 Feb 2004 17:46:05 EST, Sean Donelan said:
What if I told you about a method to identify the type of connection for
every IP address in our DNS? You don't need to rely on third-party DUL
lists.
Hmm.. color me dubious, but keep
On Sun, 15 Feb 2004, Jon R. Kibler wrote:
DialUp Lists (DUL) dns block lists permits you to ignore e-mail from
many dynamic IP addresses. You can configure your mail server to do this
today without waiting for ISPs to do anything.
Like most other simple solutions, how effective is it?
On Sun, 15 Feb 2004, Jon R. Kibler wrote:
OK, I was sloppy in my wording... I should have said that we block
published dynamic netblks, including dial, cable, xDSL, and wireless.
That still catches something less than 5% of spam originating from DHCP
connections.
Then it sounds like you have
On Wed, 11 Feb 2004 [EMAIL PROTECTED] wrote:
On Wed, 11 Feb 2004 11:15:20 PST, Dave Crocker said:
what about port 25 blocking that is now done by many access providers?
this makes it impossible for mobile users, coming from those providers,
to access your server and do the auth.
Port
On Wed, 11 Feb 2004 [EMAIL PROTECTED] wrote:
Or should we just say Submit mail via webmail, let's see the ISP block
*THAT*?
*THAT* has been suggested, and there are vendors trying to sell boxes to
ISPs that would allow them to block mail submission via webmail (or
wiretap mail submission via
On Wed, 11 Feb 2004, Daniel Senie wrote:
Why, to restrain trade? To forbid people from using AUTHENTICATED services
of their mail provider of choice? Why shouldn't users be able to hire an
Email service provider who might have a LOT more clue about how to run
email services than the broadband
On Wed, 11 Feb 2004, Alex Bligh wrote:
I think you are missing the point. I have lots of people abusing my port
25. They can abuse this due to the nature of the (current unadorned) SMTP
protocol as I have to leave it open and unauthenticated in order to receive
mail to users served by my
On Mon, 9 Feb 2004, John Payne wrote:
--On Sunday, February 8, 2004 10:46 PM + Paul Vixie [EMAIL PROTECTED]
wrote:
There is nothing wrong with a user who thinks they should not have to know
how to protect their computer from virus infections.
However, someone attending NANOG should at
I do not know why Messenger is having difficulties. But if you are
looking for status updates to feed your front desk folks, the MSN
network status web page for Messenger is
http://support.msn.com/networkstatusresults.aspx?ProductNum=100ProductName=Messenger
Messenger
Feature: Sign In
The
On Tue, 10 Feb 2004, [iso-8859-1] Savitha Kumar wrote:
them, accounting management which is one of the FCAPS
functionality is not supported on any of the NMS's.
I think you have your networking models confused.
FCAPS is part of the ITU model for TMN-layers. You
need to look at ITU networks,
On Sun, 8 Feb 2004, Suresh Ramasubramanian wrote:
Another thing that helps with easier identification is a practice some
ISPs have of inserting the MAC address of the host into the reverse DNS
record, with a short TTL. When a new host gets that IP, the MAC address
changes too. I have seen
The 'nothing to do with me' mob are the major offenders, making up 90 per
cent of the 1,000 UK employees surveyed. This vast majority believe that
they have no part to play in preventing the spread of viruses, and that
it is the responsibility of the IT department, Microsoft or the government.
On Sun, 8 Feb 2004, Suresh Ramasubramanian wrote:
In practice MAC address tracking only works for a few very specific ISP
architectures, such as when the ISP supplies the hardware used to connect
to the network.
I'm aware of these - but surely there's something about the user which
you
On Sun, 8 Feb 2004, E.B. Dreger wrote:
SD Instead of Doubleclick tracking users with Cookies, they
SD would be able to track the unique computers from the MAC
SD address in the reverse DNS record over time.
A MAC address is six octets. Append time past Epoch when IP was
assigned; that's
On Sun, 8 Feb 2004, Paul Vixie wrote:
The puzzling thing about this is the basic assumption (by the author of
the article) that computers are fragile and infection-prone and that users
who don't know how to protect them are somehow part of the problem.
The way corporations solve the problem
On Sat, 7 Feb 2004, Randy Bush wrote:
I think the tipping point went by a while ago, and that anyone
who wants their e-mail to be accepted will make sure their mail
relay has a PTR and that that this PTR holds the same name used
in the SMTP HELO command.
so you think it is fine if i
On Sun, 8 Feb 2004, Paul Vixie wrote:
... What do you suggest otherwise-responsible operators like me do,
when after begging SBC for two years, my reverse DNS still isn't
delegated correctly?
or send SBC a copy of RFC 2317 every hour via a crontab. might not be
very effective but it
Asia (remember the international date line) started on MyDoom already,
although some reports said the worm used 1609 GMT to start its attack.
SCO appears to have deleted the A record for www.sco.com from their DNS
about 1 hour ago. I don't know how often MyDoom does the DNS lookup, so
it may
On Sun, 1 Feb 2004, Adam 'Starblazer' Romberg wrote:
SCO appears to have deleted the A record for www.sco.com from their DNS
about 1 hour ago. I don't know how often MyDoom does the DNS lookup, so
it may not stop things.
As of 1:33AM CST, www.sco.com is still resolving... however their
EWeek is reporting an anonymous source that Wanadoo, a major French ISP,
has stopped all traffic to SCO's web site?
Is this true? Have any other ISPs taken similar action?
SCO's spokesperson Blake Stowell blamed ISPs around the world
for blocking access to SCO's web site. SCO says their web site
bandwidth is at normal levels. According to SCO the attack is
not schedule to begin until Sunday at 1609 GMT.
On Fri, 30 Jan 2004, Leo Bicknell wrote:
If anyone has any good analysis on the current worm (other than it
attacks www.sco.com), that would be welcome.
Yep, the information gap is pretty big on this one. Neither the
anti-virus vendors nor the ex-Symantec guy at Homeland Security
seems to be
On Fri, 30 Jan 2004, Mike Tancsa wrote:
Are there any reliable estimates as to the amount of infected hosts out
there? Looking at my stats for email sent this week, I am seeing a 70:1
ratio for mydoom.a as compared to Swen.a (the next most prevalent virus).
Perhaps if we had some rough #s to
On Wed, 28 Jan 2004, Coppola, Brian wrote:
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to
192.228.79.201 we have posted updated root hints files. They are available
from the following URLs:
The previous change to the root hints was November 5 2002. The previous
On Thu, 22 Jan 2004, Brett Watson wrote:
The customer installed a network mapping tool today and suddenly
discovered they were seeing RFC1918 addresses in the map (hundreds of them)
that were *not* part of the customer's internal network. It turns out that
from what we can tell,
On Sun, 18 Jan 2004, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Paul Vixie writes:
i'm fairly sure that this is what law enforcement uses for wiretap warrants.
I believe you're correct. In fact, I first learned of these devices
from government documents during the Carnivore
On Sat, 17 Jan 2004, Suresh Ramasubramanian wrote:
You just noticed this now?
AOL has, since the past several months (over a year I think) set up
their dynamic IP pool *.ipt.aol.com to hijack port 25 outbound requests
and reroute it through a set of their own mailservers, that do some
On Sat, 10 Jan 2004, Rob Thomas wrote:
If folks require assistance with the modification and testing of
filters, please don't hesitate to ping on us!
Don't forget about the other half of the problem. ISPs need to
verify the network announcements by their downstream BGP networks.
Eventually
On Fri, 9 Jan 2004, Stephen J. Wilcox wrote:
I'm not sure whats involved in getting your own root certs added to browser/OS
distributions but theres nothing afaik that says Verisign is the sole company
providing this, presumably anyone else can agree with MS/whoever to have their
root certs
On Fri, 9 Jan 2004, Jeff Shultz wrote:
So there appear to be alternatives to VeriSign (why is it that most of
these companies have two capitals in their names?). I do remember
seeing someone elsewhere complaining that he'd been trying to get his
root cert added to Mozilla for two years now,
Verisign's Certificate Revocation structure apparently was not
designed to handle the load of large numbers of systems using
crl.verisign.net. Verisign has introduced a 50% failure
mechanism to gap the load on their servers. This is a side
effect of the expiration of one of Verisign's
On Mon, 22 Dec 2003, k claffy wrote:
for those who don't speak inside-dc-beltway,
the below is a request for information that
a well-funded federal agency will use to write
a proposal solicitation, to which folks
(including but not limited to operators)
then write proposals to get ops
On Sun, 21 Dec 2003, David Lesher wrote:
http://www.iana.org
It appears so from here...and other places..
Its up from here.
There is also a mirror avaiable at http://iana.netnod.se/
On Thu, 4 Dec 2003, Tony Hain wrote:
This is a broken model. People that are buying high level services should
expect those to be delivered correctly, but those who are buying bit
transport should not be required to obtain additional services to become
fully functional. It is nice to
On Thu, 4 Dec 2003, Tony Hain wrote:
Can you explain to the less hyperbolic among us, why I should be
obligated to exchange packets with a provider who hosts abusive
customers.
Disclaimer: I am not a lawyer.
That said, IMHO you are free to do what you want as an individual, but
You could drop ICMP packets at your firewall if the firewalls properly
implemented stateful inspection of ICMP packets. The problem is few
firewalls include ICMP responses in their statefull analysis. So you are
left with two bad choices, permit all ICMP packets or deny all ICMP
packets.
On Sun, 30 Nov 2003 [EMAIL PROTECTED] wrote:
What we (UC Santa Cruz) share with LB is the vendor that will be
adding scanning to their net-auth box: Perfigo. We have heard of
the LB plans indirectly through the vendor, but in the context of
the article, it all fits.
Do people find
On Mon, 1 Dec 2003, joshua sahala wrote:
Do people find self-certification by end-users actually fixes
anything?
depends on how badly they want to get back on that interweb-thing...and
how clueful they are (or can be made to be). if the penalties for not
being clean are steep enough (no
On Mon, 1 Dec 2003, Ryan Dobrynski wrote:
would be nice if microsoft had some sort of launcher like you see on
all the good mmorpg's. pop open the launcher and it checks for updates
and antivirus BEFORE it lets you out of jail to the rest of the world.
Heck, I'm just asking for simple stuff
On Sat, 29 Nov 2003, Petri Helenius wrote:
If you are an access provider, specially in the consumer space, you can
do many things to help the Greater Internet by keeping your own back
yard in good shape. In the transit business, you are expected to
deliver the bits regardless of the content
After sending out e-mails and notifying students, Dartmouth College
has started to disconnect virus-infected computers.
http://www.thedartmouth.com/article.php?aid=2003112001020
The service denials come after Computing Services sent out a campus-wide
e-mail earlier this month announcing that
On Wed, 26 Nov 2003, Arjan Hulsebos wrote:
The Netherlands were hit as well. We saw a massive flood of queries for
lockup.zonelabs.com, too. It performed a nice DoS on our client name
servers :-(
You'd think that an unresponsive nameserver would be flagged dead, and such
information be
On Wed, 26 Nov 2003, David Lesher wrote:
Speaking on Deep Background, the Press Secretary whispered:
My company is investigating the use of wireless in a couple of our
conference rooms. Aside from limiting the scope of reception with various
directional antennae, does anyone have any
On Tue, 25 Nov 2003, Rob Thomas wrote:
Our choke points were always our peering or transit links. This
was the case for our (large) enterprise customers as well.
Some people refer to it as the hourglass effect, but it has more than one
bump. Generally only the smallest bottleneck controls
On Mon, 24 Nov 2003, Suresh Ramasubramanian wrote:
Most if not all computers that are sold (branded ones at least) do come
with an antivirus + personal firewall (aka snake oil firewall, as
vernon schryver keeps saying on news.admin.net-abuse.email and
elsewhere) package, with 6 months to a
501 - 600 of 982 matches
Mail list logo