You can also try Command Information [EMAIL PROTECTED]
or
Sunset Learning
https://www.coursemax.com/sunset/CourseSchedule.aspx?CourseID=355ef422-32d3-
4379-a950-2087f6b13bcc
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Lucy Lynch
> Sent: Thu
I agree with John here. I am not going to speak for content providers, but I
have heard them raise serious business concerns about the lack of
infrastructure deployment. They make their living on responsiveness, and an
extended transition with its associated unpredictability without native
routing
Paul Jakma wrote:
> On Tue, 7 Mar 2006, Iljitsch van Beijnum wrote:
>
> > Hm, I would rather do this globally but maybe this is the way to go...
>
> Geo-aggregation is something that stands its best chance of being
> implemented locally:
While I agree that any aggregation would happen locally,
city yet
different hotels. I understand that synchronized meetings it not trivial,
but it is worth considering.
Tony
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 14, 2006 1:10 PM
> To: Tony Hain
> Cc: nanog@merit.ed
[EMAIL PROTECTED]
> Sent: Tuesday, February 14, 2006 1:01 PM
> To: Tony Hain; nanog@merit.edu
> Subject: RE: protocols that don't meet the need...
>
> > -Original Message-
> > From: Tony Hain [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, February 14, 2006 12:
A thought I had on the plane last night about the disconnect between the
NANOG and IETF community which leaves protocol development to run open-loop.
Rather than sit back and complain about the results, why not try to
synchronize meeting times. Not necessarily hotels, but within a reasonable
dist
Tony Li wrote:
> > .com is an abomination, as are the other gTLDs to a lesser
> > extent. .gov,
> > .mil, .edu, .info, and .biz need to be shifted under .us
> > immediately, and
> > everyone under .com, .net, and .org needs to be gradually moved
> > under the
> > appropriate part of the real DNS
Mangling the header did not prevent the worms, lack of state did that. A
stateful filter that doesn't need to mangle the packet header is frequently
called a firewall (yes some firewalls still do, but that is by choice).
Tony
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAI
Given that shim breaks fundamental assumptions about the stable relationship
between the packet header and the application context, there will be many
security related issues to be resolved after the shim spec stabilizes. Shim
is a 'more than a decade' effort if it ever completes.
The disappeara
Owen DeLong wrote:
> --On Wednesday, November 24, 2004 11:40 -0800 Tony Hain [EMAIL PROTECTED]>
> wrote:
>
> > Owen DeLong wrote:
> >> > I have never been a fan of the registered ULAs, and have argued
> against
> >> > the IETF's atte
Steven M. Bellovin wrote:
> ...
> The problem with this scheme is that it's only aggregatable if there's
> some POP that lots of carriers connect to in the proper geographic
> areas. What is the carriers' incentive to show up -- peer? -- at such
> points, rather than following today's practices?
Owen DeLong wrote:
> > I have never been a fan of the registered ULAs, and have argued against
> > the IETF's attempts to state specific monetary values or lifetime
> > practice as a directive to the RIRs; but I am equally bothered by the
> > thought that the operator community would feel a need t
John Curran wrote:
> ...
> If ARIN's members direct it to provide such a service, and provide
> guidance that
> the fees should based initial-only and on a cost recovery, I have a lot of
> faith that
> it would occur...
>
> That does, of course, presume that the operator community actually agree
Owen DeLong wrote:
> >> I still think that we should pursue making the design work and not
> >> adopt
> >> cruft as standards (ULA).
> >
> > ULAs aren't cruft. They serve a purpose. If you don't need them, don't
> > use them and they won't get in your way.
> >
> ULAs aren't cruft so long as provid
Daniel Roesen wrote:
> ...
>
> "fixed" as in "now using stateless autoconfig"? Fun... change NIC and
> you need to change DNS. Thanks, but no thanks. Not for non-mobile
> devices which need to be reachable with sessions initiated from remote
> (basically: servers).
>
You are allowed to do eithe
Randy Bush wrote:
> > I see this a lot recently: You are mixing up RfC1918 and NAT.
> >
> > If I have globally unique addresses I can NAT them as well
> > as 10/8. One has nothing to do with the other.
> >
> > Having to NAT RfC1918 addresses to reach the internet, does not imply
> > that I have to
First issue is that IPv6 interfaces support both the old & new prefixes at
the same time, so the provider change case is not as dramatic as people fear
based on past IPv4 experience. Second:
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-renumbering-procedure-0
1.txt
talks about other issues
Ray Plzak wrote:
> ... This is a valuable discussion but to a large extent
> the efforts can be considered as a non input into the working group as the
> discussion is not on their mail list. The IETF works best when people
> directly contribute to the discussion and consensus building process.
While it is often great sport to poke at MS, did you consider that this
might have nothing to do with classfullness or CIDR? I believe you will find
that 0 & -1 are invalid for whatever netmask the windows stack is given. You
might also find that some 'features' are mitigation for exploits that
ex
Iljitsch van Beijnum wrote:
> On 11-mei-04, at 3:13, Darrin Miller wrote:
>
> > http://www.cisco.com/security_services/ciag/documents/v6-v4-threats.pdf
>
> Ok, some comments:
> ...
> - Fragmentation
>
> You can't drop non-last fragments that are smaller than 1280 bytes as a
> host may fragment
Dave Crocker wrote:
> Folks,
>
>
> TH> If you insist on restricting the service to a small set of 'approved'
> TH> applications, people will simply encapsulate what they really want to
> do in
> TH> the approved service and you will lose visibility.
>
> A small elaboration:
>
> You will make
MAIL PROTECTED]
> Sent: Tuesday, February 17, 2004 4:48 PM
> To: Tony Hain; 'Steven M. Bellovin'
> Cc: [EMAIL PROTECTED]; Alex Bligh
> Subject: RE: Clueless service restrictions (was RE: Anti-spam System Idea)
>
>
>
> --On 17 February 2004 16:19 -0800 Tony Hain <[EMA
Alex Bligh wrote:
> Steve,
>
> --On 17 February 2004 17:28 -0500 "Steven M. Bellovin"
> <[EMAIL PROTECTED]> wrote:
>
> > In almost all circumstances, authentication is useful for one of two
> > things: authorization or retribution. But who says you need
> > "authorization" to send email? Autho
Most of the responses to the anti-spam thread, and the comments to Itojun's
IAB presentation in Miami about filtering, show that this community has been
thoroughly infiltrated and is now as CLUELESS as the PSTN providers, and
just as power hungry. The current ISPs have the opportunity to turn the
As I mentioned yesterday, the DoC is looking for public comment on IPv6.
http://www.ntia.doc.gov/reports.html
Specifically toward the end they ask:
In some instances, government has responded to concerns over potential
"chicken and egg" problems by playing an active role in the introduction of
c
just me wrote:
> On Fri, 5 Dec 2003, Petri Helenius wrote:
>
> And I refer you to the blocks which are properly registered down
> to the /29 level and you are saying that if you are a good citizen
> collateral damage is recommended regardless because antispammers
> are either lazy or tech
[EMAIL PROTECTED] wrote:
> ...
> It's not the reverse DNS itself that is meaningful. It is the
> fact that the SMTP server operator with proper IN PTR records
> probably has the cooperation of their ISP.
This is a broken model. People that are buying high level services should
expect those to be
Scott McGrath wrote:
> Agreed NAT's do not create security although many customers believe they
> do. NAT's _are_ extremely useful in hiding network topologies from casual
> inspection.
This is another bogus argument, and clearly you have not done the math on
how long it takes to scan a /64 wort
Kuhtz, Christian wrote:
> ...
> All hairsplitting aside, given that the term NAT these days is mostly used
> in a PAT (particularly in a customer connecting to the I) context, what
> isn't secure about?
mangling the header doesn't provide any security, and if you believe it
does, do the following
Matthew Crocker wrote:
> Shouldn't customers that purchase IP services from an ISP use
> the ISPs
> mail server as a smart host for outbound mail?
Look carefully at that question and find the logic error.
...
In case you missed it, the customer purchased 'IP' service, not 'ISP mail
servic
Petri Helenius wrote:
>
> > decides to attack, it would use some neighbor's IP. The
> subnet I am
> > on is a /24 and there very well may be a few dozen hosts.
> I could be
> > real sneaky and alter my IP randomly to be any of my neighbors for
> > every packet I send out.
> >
> This gets
To reiterate the comment I made during the session yesterday, the places
where strict rpf will be most effective are at the very edge interfaces
without explicit management (SOHO). This also tends to be the place
where there is insufficient clue to turn it on. One hopes that in the
nanog community
The sad part is that absolutely clueless articles like this one get
wider distribution than they deserve, and it takes even more travel and
face time to refute the nonsense. In most cases it is hard to tell if
the author is really as clueless as the resulting article would lead you
to believe, or
Rafi Sadowsky wrote:
> How about using a combination of technical and "social"
> measures For example in a Cyber Cafe use passive technical
> measures to count the total number of outbound SMTP sessions
> and charge 1$ per Email over an average rate of 2
> Emails/minute and 10$ per Email exc
Tony Tauber wrote:
> On Mon, 8 Jul 2002, Rob Thomas wrote:
>
> > Hi, John.
> >
> > > 192.88.99.0/24 which is the 6to4 anycast network. Do we
> really want
> > > to be filtering that prefix?
> >
> > Good question. I'm re-reading RFC 3068 now, and the RFC appears to
> > allow for the advertis
This probably isn't certified for flight use, but:
http://www.kvh.com/products/product.asp?id=60
would provide the uplink with usable bandwidth. The downlink requires:
http://www.kvh.com/products/product.asp?id=13 for auto tracking.
Tony (who is not affiliated in any way with the manufacturer)
Leo Bicknell wrote:
> In a message written on Fri, May 31, 2002 at 02:35:18PM
> -0700, Tony Hain wrote:
> > The only reason for an ASN is the need to globally announce routing
> > policy due to multihoming. Unless policy changes, this
> community tends
> > to in
nal Message-
> From: Marshall Eubanks [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 31, 2002 3:09 PM
> To: Tony Hain
> Cc: Andy Walden; nanog
> Subject: Re: IP renumbering timeframe
>
>
> This is described in rfc2373 and rfc2374. The 128 bit address space
> is separated
Andy Walden wrote:
> On Fri, 31 May 2002, Tony Hain wrote:
>
> > What is the point of an ASN if all you are multi-homing is a single
> > subnet?
>
> Tony,
>
> I'm missing the correlation between the amount of address
> space announced
> and multihomi
Marshall Eubanks wrote:
> On Thu, 30 May 2002 17:52:55 -0700
> "Tony Hain" <[EMAIL PROTECTED]> wrote:
> > Marshall Eubanks wrote:
> > > Since I run a small AS :
> > >
> > > I like this idea.
> > >
> > > Since I beli
Marshall Eubanks wrote:
> Since I run a small AS :
>
> I like this idea.
>
> Since I believe in living dangerously :
>
> I also think that a /64 should be reserved in the IPv6 address space,
A /64 would have no use in the proposed scheme since it identifies a
single subnet. I suspect you really
This appears to have bounced due to a configuration error on my end...
> -Original Message-
> From: Tony Hain [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 15, 2002 11:40 AM
> To: Stephen Sprunk; Scott A Crosby
> Cc: Patrick Thomas; [EMAIL PROTECTED]
> Subject: RE:
Stephen Sprunk wrote:
> Interesting idea though. Perhaps someone will write an i-d
> on autonomous
> numbering for IPv6.
RFC 3041 & http://www.tml.hut.fi/~pnr/publications/cam2001.pdf
Jasper Wallace wrote:
> Location - either distribute all the addresses evenly over
> the planet or try
> to
Joel Baker wrote:
> ...
> but the
> fact that it has arrived should not be suprising anyone who's
> even mildly
> aware of the world outside the innards of a router.
Do you expect to find people like that reading this list. ;)
44 matches
Mail list logo