At 12:07:16 local time here in sweden, I saw a new address 70.86.80.98.
At 12:09:36 another new address 64.57.246.123
At 12:20:10 the address 70.86.80.98 started to ask for funny domain name like:
pjphcdfwudgaaabaaacboinf. This ended at 12:55:01 when it was back to
just ask for the .NS
You all may wish to check your logs for 202.108.12.112, it could be a
new target; although I only saw two requests from it.
--
Charles Morris
cmor...@cs.odu.edu,
cmor...@occs.odu.edu
Network Security Administrator,
Software Developer
Office of Computing and Communications
Hi
On Wed, 2009-01-28 at 13:16 +0100, fredrik danerklint wrote:
At 12:07:16 local time here in sweden, I saw a new address 70.86.80.98.
At 12:09:36 another new address 64.57.246.123
At 12:20:10 the address 70.86.80.98 started to ask for funny domain name like:
This, in a thread where paul vixie is posting .. and on a list where
there are several people who do run professional blocklists.
Well, I dare say there'll be some difference of opinion. Cant help that.
On Wed, Jan 28, 2009 at 8:48 PM, aljuhani i...@linuxmount.com wrote:
Well the RBLs, in
On 1/28/09 11:45 AM, Antonio Querubin t...@lava.net wrote:
Anyone else noticing Google's logo has been scrambled?
It was done in honor of Jackson Pollock's birthday.
Cheers,
Tim Nowaczyk
--
Timothy Nowaczyk
Network Systems Engineer
University of Virginia - ITC
ta...@virginia.edu
Yea, it is Jackson Pollack's B-day art...
Jay Murphy
IP Network Specialist
NM Department of Health
ITSD - IP Network Operations
Santa Fe, New Mexico 87502
Bus. Ph.: 505.827.2851
We move the information that moves your world.
-Original Message-
From: Antonio Querubin
On Wed, Jan 28, 2009 at 09:45, Antonio Querubin t...@lava.net wrote:
Anyone else noticing Google's logo has been scrambled?
If you click on it you will see that it is a Jackson Pollack inspired
image, most likely a tribute to his birthday today.
~Chris
Antonio Querubin
whois: AQ7-ARIN
That's one hell of a captcha..
On Wed, Jan 28, 2009 at 10:47 AM, Tim Nowaczyk ta...@virginia.edu wrote:
On 1/28/09 11:45 AM, Antonio Querubin t...@lava.net wrote:
Anyone else noticing Google's logo has been scrambled?
It was done in honor of Jackson Pollock's birthday.
Cheers,
Tim
On Jan 28, 2009, at 8:45 AM, Antonio Querubin wrote:
Anyone else noticing Google's logo has been scrambled?
Antonio Querubin
whois: AQ7-ARIN
Look closely. It's Jackson Pollock's birthday.
That will be because of Jackon Pollock's Birthday
http://www.jacksonpollock.org/
Stephen Bailey - Senior Lead Systems Engineer
Network Operations - ISP DSL
FUJITSU
+ Infinity House, Mallard Way, Crewe Business Park, Crewe, Cheshire, CW1
6ZQ
( Tel: +44 (0) 870 325 3457 or Internally: 7225
On Wed, 28 Jan 2009, Dozens of Overpaid Engineers wrote:
That's a Jackson Pollock.
Question should be - How does this affect route patterns,
traffic, policies, etc.?
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP
Enough research will tend
On Wed, 28 Jan 2009, Peter A. Friend wrote:
Look closely. It's Jackson Pollock's birthday.
Heh. My first thought was the site might have been hacked. The logo
looks cool though. Thanks for the reply :)
Antonio Querubin
whois: AQ7-ARIN
the site is an interesting phrase to use with Google.
What is the google site anyway? Does it exist in any one place in
space-time?
--
Leigh
Antonio Querubin wrote:
On Wed, 28 Jan 2009, Peter A. Friend wrote:
Look closely. It's Jackson Pollock's birthday.
Heh. My first thought was the
On Wed, Jan 28, 2009 at 10:38 PM, J. Oquendo s...@infiltrated.net wrote:
On Wed, 28 Jan 2009, Dozens of Overpaid Engineers wrote:
That's a Jackson Pollock.
Question should be - How does this affect route patterns,
traffic, policies, etc.?
Suspected global case of bitrot leading to the logo
Anyone else noticing Google's logo has been scrambled?
Did you notice what happens when you mouse-over it (same thing that
happens anytime they do a doodle, btw).
http://www.google.com/search?q=Jackson+Pollockhl=enct=pollock09oi=ddle
http://en.wikipedia.org/wiki/Google_logo
From the outages list:
Cogent is currently experiencing problems on their backbone in Chicago,
manifesting as packet loss and latency. The master ticket # is 853582.
On Wed, 2009-01-28 at 12:27 -0800, John Martinez wrote:
http://www.internetpulse.net/
--
Prediction is very difficult,
https://puck.nether.net/pipermail/outages/2009-January/001101.html
-wil
On Jan 28, 2009, at 12:27 PM, John Martinez wrote:
http://www.internetpulse.net/
- Original Message -
From: aljuhani i...@linuxmount.com
Subject: Re: Tightened DNS security question re: DNS amplification
attacks.
To: nanog na...@merit.edu
Well the RBLs, in using dns queries, is another form of legal DDoS attacks,
mainly when the
suddenly cease to
That ticket was opened yesterday, and we have been hit very hard with
it. This problem started on Monday night - I don't know what they did,
but we lost all of our Toronto sites in the middle of the night for a
good bit - so I assume maintenance - Then all h*ll broke loose over the
last couple
Ryan Werber wrote:
That ticket was opened yesterday, and we have been hit very hard with
it. This problem started on Monday night - I don't know what they did,
but we lost all of our Toronto sites in the middle of the night for a
good bit - so I assume maintenance - Then all h*ll broke loose
Ryan Werber wrote:
That ticket was opened yesterday, and we have been hit very hard with
it. This problem started on Monday night - I don't know what they did,
but we lost all of our Toronto sites in the middle of the night for a
good bit - so I assume maintenance - Then all h*ll broke loose
We're using this a product by CD and happy with it:
http://www.cdstandbypower.com/product/power_sys/system/sageon.html
Runs very quietly, very efficient (compared to what we used to have)
For our smaller sites, we use Valere:
http://www.eltekvalere.com/wip4/telecom/c/detail.epl?cat=11071
It's
On 2009-01-28 at 19:30 +, Paul Vixie wrote:
DNS-oriented attacks are of a completely different kind. today's attacks were
precisely described in
http://www.icann.org/en/committees/security/sac004.txt
(which wasn't news in october 2002 but somebody had to write it down so i
did).
the
Sorry to follow up to myself; a few more moments reviewing before
sending were warranted.
On 2009-01-28 at 15:11 -0800, Phil Pennock wrote:
I'd be perfectly happy to have X list every root server, gTLD server and
ccTLD server, as a starting point, on the basis that none of those
should ever be
Paul Vixie wrote:
have been able to bind a reputation to an IP address and act in some way based
on that reputation because TCP more or less requires that a real IP address
be used. we're seeing cracks at the edges of this model now, because so many
core routers have login: cisco; password:
At 09:21 PM 1/27/2009, Paul Vixie wrote:
Douglas C. Stephens steph...@ameslab.gov writes:
...
I choose the latter, and that is why went to the effort of blocking this
abusive traffic before it reaches my authoritative-only DNS servers.
this is an odd implementation choice. the 1PPS query
The bad guys want amplification but will take obscuring
if that's all they can get.
RD=1 is only the signature of the current attack.
RD=0 is equally viable.
Can you cope with RD=0 NS . directed to the root servers
from forged addresses? This is
In message 20090128232123.ga66...@redoubt.spodhuis.org, Phil Pennock writes:
Sorry to follow up to myself; a few more moments reviewing before
sending were warranted.
On 2009-01-28 at 15:11 -0800, Phil Pennock wrote:
I'd be perfectly happy to have X list every root server, gTLD server and
28 matches
Mail list logo
