> What is this group's name? Oh yeah. So that means you have one of
> two choices ;-)
Smart NANOGers have taken the time to read the NANOG
charter here: http://www.nanog.org/charter.html
which says...
The purpose of NANOG is to provide forums in the
North American region for education
--- [EMAIL PROTECTED] wrote:
On Dec 8, 2006, at 10:36 AM, Scott Weeks wrote:
> Lawful in which country?
What is this group's name? Oh yeah. So that means you have one of
two choices ;-)
I was speaking about 'the internet' and not jus
>> Lawful in which country?
> What is this group's name? Oh yeah. So that means you have one of two
> choices ;-)
i know this will come as a shock to many, but there are more than two
countries in north america.
and like afnog, nanog is not as isolationist or jingoist as the current
us adminis
On Dec 8, 2006, at 10:36 AM, Scott Weeks wrote:
Lawful in which country?
What is this group's name? Oh yeah. So that means you have one of
two choices ;-)
--
Jo Rhett
senior geek
Silicon Valley Colocation
On Dec 8, 2006, at 9:56 AM, Petri Helenius wrote:
Has anyone figured out a remote but lawful way to repair zombie
machines?
Having remote power control over all of our customer's equipment.
Though the customer might not consider that a "repair", I do :-)
--
Jo Rhett
senior geek
Silicon Vall
In article <[EMAIL PROTECTED]> you write:
>
>On Mon, 11 Dec 2006, Simon Waters wrote:
>
>> Yes. Most of the root server traffic is answering queries with
>> "NXDOMAIN" for non-existant top level domains, if you slave root
>> on your recursive servers, your recursive servers can answer those
>> q
On Mon, 11 Dec 2006, Simon Waters wrote:
Yes. Most of the root server traffic is answering queries with
"NXDOMAIN" for non-existant top level domains, if you slave root
on your recursive servers, your recursive servers can answer those
queries directly (from the 120KB root zone file), rather
On Monday 11 December 2006 16:15, you wrote:
> > I use to slave "." which can save time on recursive DNS servers when they
have
> >a lot of dross to answer (assuming it is totally random dross).
>
> I'm not sure to understand your solution.
> You configure your name-server as a slave-root-server?
I use to slave "." which can save time on recursive DNS servers when they
have
a lot of dross to answer (assuming it is totally random dross).
I'm not sure to understand your solution.
You configure your name-server as a slave-root-server?
On 12/8/06, Simon Waters <[EMAIL PROTECTED]> wrote:
of course, my company is working on two main tasks:
the first team is focused on discovering what is the virus, and what is the
best anti-virus.
instead, my team has already scaled our DNS service, by doubling the number
of DNSs.
I'm not completely satisfied by the "scaling solution": I wish to f
On Fri, 8 Dec 2006, Petri Helenius wrote:
Has anyone figured out a remote but lawful way to repair zombie machines?
Pete
Virtual patching.
-Hank
On Dec 8, 2006, at 6:40 AM, Luke wrote:
Hi,
as a consequence of a virus diffused in my customer-base, I often
receive big bursts of traffic on my DNS servers. Unluckly, a lot of
clients start to bomb my DNSs at a certain hour, so I have a
distributed tentative of denial of service. I ca
, December 08, 2006 8:59 AM
To: '[EMAIL PROTECTED]'
Subject: DNS - connection limit (without any extra hardware)
Hi,
as a comsequence of a virus diffused in my customer-base, I often receive
big bursts of traffic on my DNS servers.
Unluckly, a lot of clients start to bomb my DNSs at a certai
On Fri, 8 Dec 2006, Gadi Evron wrote:
Luke:
It is possible the DNS queries made are for non existent domains, fake
replies, perhaps even making them something in 1918 space, and they MAY
stop being not nice netizens.
Configuring your nameservers to randomly give bad answers isn't
considered
On Fri, 8 Dec 2006, Simon Waters wrote:
I suspect complex rate limiting may be nearly as expensive as providing DNS
answers with Bind9.
Indeed. It is generally accepted that it is easier to simply scale
your service to provide adequate headroom than implement per-client
traffic policies.
Aaron Glenn wrote:
On 12/8/06, Petri Helenius <[EMAIL PROTECTED]> wrote:
Has anyone figured out a remote but lawful way to repair zombie
machines?
sure, null route the customer until they clean their hosts up
My question was specifically directed towards zombies that are not local
to t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry for the top-post, but wanted to retain context here.
Also, sorry for the specific product mention, but much of is
mentioned below is something that we are doing with ICSS/BASE:
http://www.trendmicro.com/en/products/nss/icss/evaluate/overview.
--- [EMAIL PROTECTED] wrote:
From: Petri Helenius <[EMAIL PROTECTED]>
Geo. wrote:
> I know this is kind of a crazy idea but how about making cleaning up
> all these infected machines the priority as a solution instead of
> defending your dns from your infected clients. They not only affect
On 12/8/06, Petri Helenius <[EMAIL PROTECTED]> wrote:
Has anyone figured out a remote but lawful way to repair zombie machines?
sure, null route the customer until they clean their hosts up
On Fri, 8 Dec 2006, Petri Helenius wrote:
>
> Geo. wrote:
> > I know this is kind of a crazy idea but how about making cleaning up
> > all these infected machines the priority as a solution instead of
> > defending your dns from your infected clients. They not only affect
> > you, they affect
"I have a bots infested network, they really task my services! How can I
make my services ignore them so that the clients start calling me and
spending my tech support budget?"
Or:
"I have bots on my network and as part of a multi-pronged approach to
cleaning my network while keeping the se
On 8-Dec-2006, at 11:52, Geo. wrote:
Actually, reading your reply (which is the same as my own, pretty
much), I
figure the guy asked a question and he has a real problem.
Assuming he
doesn't want to clean them up is not nice of us.
Infected machines (bots) will cause a lot more than ju
*Sent:* Friday, December 08, 2006 9:41 AM
*To:* [EMAIL PROTECTED]
*Subject:* DNS - connection limit (without any extra hardware)
Hi,
as a comsequence of a virus diffused in my customer-base, I often
receive big bursts of traffic on my DNS servers.
Unluckly, a lot of clients
> Actually, reading your reply (which is the same as my own, pretty much), I
> figure the guy asked a question and he has a real problem. Assuming he
> doesn't want to clean them up is not nice of us.
Infected machines (bots) will cause a lot more than just DNS issues. Issues
like this have a way
On Fri, 8 Dec 2006, Luke wrote:
> Hi,
> as a comsequence of a virus diffused in my customer-base, I often receive
> big bursts of traffic on my DNS servers.
> Unluckly, a lot of clients start to bomb my DNSs at a certain hour, so I
> have a distributed tentative of denial of service.
> I can't bla
OTECTED] Behalf Of
> Luke
> Sent: Friday, December 08, 2006 9:41 AM
> To: [EMAIL PROTECTED]
> Subject: DNS - connection limit (without any extra hardware)
>
>
> Hi,
> as a comsequence of a virus diffused in my customer-base, I often receive
> big bursts of traff
On Friday 08 December 2006 14:40, you wrote:
>
> For this reason, I would like that a DNS could response maximum to 10
> queries per second given by every single Ip address.
That may trap an email server or two.
Did you consider checking what they are looking up, and lying to them about
the TT
don't appear to care about causing problems for the rest of us?
George Roettger
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Luke
Sent: Friday, December 08, 2006 9:41 AM
To: [EMAIL PROTECTED]
Subject: DNS - connection limit (without any
Hi,
as a comsequence of a virus diffused in my customer-base, I often receive
big bursts of traffic on my DNS servers.
Unluckly, a lot of clients start to bomb my DNSs at a certain hour, so I
have a distributed tentative of denial of service.
I can't blacklist them on my DNSs, because the infected
29 matches
Mail list logo