All,
There are few if any ISP that will help you with something like this.
Law enforcement also does not have the resources to even begin to look
at a single DSL line being attacked unless you can show 7+ figures in
damage or some type of major threat to national infrastructure.
Your options are
Jeffrey Lyon wrote:
All,
There are few if any ISP that will help you with something like this.
Law enforcement also does not have the resources to even begin to look
at a single DSL line being attacked unless you can show 7+ figures in
damage or some type of major threat to national
Hello,
We are in the process of rolling out communities that our customers can use to
manipulate their routes. Are there any resources (books, web sites, mailing
lists, etc..) that anyone can recommend?
Thank you,
Babak
On Fri, Jul 10, 2009 at 08:17:43AM -0400, Babak Pasdar wrote:
Are there any resources (books, web sites, mailing lists, etc..) that
anyone can recommend?
Richard Steenbergen did a nice preso on this subject a couple years ago:
http://www.nanog.org/meetings/nanog40/presentations/BGPcommunities.pdf
Great presentation.
On 7/10/09, Babak Pasdar bpas...@batblue.com wrote:
Hello,
We are in the process of rolling out communities that our customers can use
to manipulate their routes. Are there any resources (books, web
On 10 jul 2009, at 14:17, Babak Pasdar wrote:
We are in the process of rolling out communities that our customers
can use to manipulate their routes. Are there any resources (books,
web sites, mailing lists, etc..) that anyone can recommend?
Since you ask... My book has a few pages about
Seth Mattinen wrote:
Dan White wrote:
Have you spoken with your provider? They should be giving you options,
like changing your static address, or null routing the attackers
upstream, or perhaps blocking port 80 to you, to limit your ingress
traffic.
For DSL? I've never had that kind
Hi,
Yes, I've tried google, I've tried www.nist.gov, I've tried
postmaster/hostmaster/ab...@nist.gov, I've even tried the phone.
Could someone give me a pointer to a mail admin at nist.gov? I've been
having issues getting mail through to them from one of our servers.
Thanks, and have a
Try 301-975-5375
-Ken
On Fri, Jul 10, 2009 at 10:10 AM, Jerry B. Altzmanjba...@altzman.com wrote:
Hi,
Yes, I've tried google, I've tried www.nist.gov, I've tried
postmaster/hostmaster/ab...@nist.gov, I've even tried the phone.
Could someone give me a pointer to a mail admin at nist.gov?
I spoke with SBC.
2 hours on the phone (all with US based support which was awesome) came
down to e-mail ab...@sbcglobal.net.
I'll let everyone know how it goes.
Dan White wrote:
Seth Mattinen wrote:
Dan White wrote:
Have you spoken with your provider? They should be giving you options,
like changing your static address, or null routing the attackers
upstream, or perhaps blocking port 80 to you, to limit your ingress
traffic.
For DSL?
Once upon a time, Ricky Beam jfb...@gmail.com said:
Ethernet is cheap because it's everywhere, and built into almost
everything. (however, the likes of Cisco and Juniper still charge insane
amounts for line cards, be they ethernet, T1, or OC48.) Given the choice
of buying a $4k DS3 card
Chris Adams wrote:
Once upon a time, Ricky Beam jfb...@gmail.com said:
Ethernet is cheap because it's everywhere, and built into almost
everything. (however, the likes of Cisco and Juniper still charge insane
amounts for line cards, be they ethernet, T1, or OC48.) Given the choice
of
Seth Mattinen wrote:
Dan White wrote:
Seth Mattinen wrote:
Dan White wrote:
Have you spoken with your provider? They should be giving you options,
like changing your static address, or null routing the attackers
upstream, or perhaps blocking port 80 to you, to limit your
It should be noted that this usually isn't recommened. Dropping an
ethernet circuit directly into a switch (even if it is laywer 3) can
create design issues, esecially later when you need to scale the
network. One big issue that is often overlooked is many swithces do not
support traffic shaping.
On Thu, Jul 9, 2009 at 4:43 PM, tbtbran...@gmail.com wrote:
My name is Todd Braning, I work on the technical side of the BandCon
house. I am afraid Paul's email is inaccurate.
Yo Todd!
It's good to hear that you've listened to feedback and made these key
operational operational changes. I
Dan White wrote:
Seth Mattinen wrote:
Dan White wrote:
Seth Mattinen wrote:
Dan White wrote:
Have you spoken with your provider? They should be giving you options,
like changing your static address, or null routing the attackers
upstream, or perhaps blocking port 80 to
Ken Fischer wrote:
Try 301-975-5375
-Ken
Oy to automation
Thank you for calling NIST please listen as our menu options have changed.
For Sales press 1
For Customer Support press 2
For IT related issues press 3
(press 3) - rerouted to an APNIC block (outsourced!):
Velcome is here to en
J. Oquendo wrote:
(press 3) - rerouted to an APNIC block (outsourced!):
Velcome is here to en eye esh tee dish is John
I'm having trouble with mail..
vell have you tried reboot?
vat vershun of vindows are you use?
*ducks
http://www.youtube.com/watch?v=QpmLrz_lSuE
The IT Crowd, one of
On Fri, Jul 10, 2009 at 8:17 AM, Babak Pasdarbpas...@batblue.com wrote:
We are in the process of rolling out communities that our customers can use
to manipulate their routes. Are there any resources (books, web sites,
mailing lists, etc..) that anyone can recommend?
The Steenbergen
Jerry B. Altzman wrote:
Hi,
Yes, I've tried google, I've tried www.nist.gov, I've tried
postmaster/hostmaster/ab...@nist.gov, I've even tried the phone.
Could someone give me a pointer to a mail admin at nist.gov? I've been
having issues getting mail through to them from one of our servers.
I'm looking for new core routers for a small ISP and having a hard time
finding something appropriate and reasonably priced. We don't have
huge traffic levels (1Gb) and are mostly running Ethernet interfaces to
upstreams rather than legacy interfaces (when did OC3 become legacy?).
Lot's
On Fri, 10 Jul 2009, Mark Radabaugh wrote:
I'm looking for new core routers for a small ISP and having a hard time
finding something appropriate and reasonably priced. We don't have huge
traffic levels (1Gb) and are mostly running Ethernet interfaces to upstreams
rather than legacy
Mark Radabaugh wrote:
I'm looking for new core routers for a small ISP and having a hard time
finding something appropriate and reasonably priced. We don't have
huge traffic levels (1Gb) and are mostly running Ethernet interfaces to
upstreams rather than legacy interfaces (when did OC3
Hi Paul,
As stated in my last post, I am happy to discuss the technical merits
of BandCon’s products with any individual.However, I think most
here will concur, this is not the proper platform for such
discussions.
On a personal note, I have been an active NANOG participant for over
10 years
On Fri, Jul 10, 2009 at 10:10 AM, Jerry B. Altzman jba...@altzman.comwrote:
Hi,
Yes, I've tried google, I've tried www.nist.gov, I've tried
postmaster/hostmaster/ab...@nist.gov, I've even tried the phone.
Could someone give me a pointer to a mail admin at nist.gov? I've been
having issues
We are getting an Ethernet DIA circuit from ATT but they insist that
they can't BGP peer with 2 routers on our side. The WAN circuit can
only have /30 they say. Has anyone been able to successfully talk
them in to bending their rule? If so, how?
I know this should have been negotiated before
On Jul 10, 2009, at 12:05 PM, Paul Wall wrote:
On Thu, Jul 9, 2009 at 4:43 PM, tbtbran...@gmail.com wrote:
My name is Todd Braning, I work on the technical side of the BandCon
house. I am afraid Paul's email is inaccurate.
Yo Todd!
It's good to hear that you've listened to feedback and made
On Jul 10, 2009, at 1:48 PM, Jay Nakamura wrote:
We are getting an Ethernet DIA circuit from ATT but they insist that
they can't BGP peer with 2 routers on our side. The WAN circuit can
only have /30 they say. Has anyone been able to successfully talk
them in to bending their rule? If so,
On Fri, 10 Jul 2009, Jay Nakamura wrote:
We are getting an Ethernet DIA circuit from ATT but they insist that
they can't BGP peer with 2 routers on our side. The WAN circuit can
only have /30 they say. Has anyone been able to successfully talk
them in to bending their rule? If so, how?
I suggested the telephone to another a few weeks ago and that wasn't well
received. Let me elaborate. Today is Friday. It's July. It's about 2PM.
Probably lunchtime where NIST is. Calling the IT help desk at NIST is
likely to get you further faster. NANOG is not really real time.
Contact me off
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to bgp-st...@lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith
If it is the way ATT have designed their product, there may be no other
way around.
From ATT's viewpoint, it will add more complexity to troubleshoot.
If you pay extra, ATT may have some solution for you.
Alex
Antonio Querubin wrote:
On Fri, 10 Jul 2009, Jay Nakamura wrote:
We are
Hi,
I am searching for opinions on OEMs of X2 form factor 10G LAN PHY
optics. We've found that most router/switch vendors mark these
particular items up significantly just to provide their own
sticker/EEPROM ID. As such, we'd prefer if we can to procure from the
OEM (or their reseller). Is
Threaten to twitter about it. Worked for the guy on myth busters.. ;)
- Original Message -
From: Jay Nakamura zeusda...@gmail.com
To: na...@merit.edu na...@merit.edu
Sent: Fri Jul 10 09:48:15 2009
Subject: ATT and having two BGP peers
We are getting an Ethernet DIA circuit from ATT but
Cancel the circuit...I know most of the providers I've worked with have
a 90 satisfaction guarantee. Chances are if you cancel the circuit they
will mysteriously find a way to work with you.
Warren Bailey wrote:
Threaten to twitter about it. Worked for the guy on myth busters.. ;)
-
Martin Hannigan wrote:
On Fri, Jul 10, 2009 at 10:10 AM, Jerry B. Altzman jba...@altzman.comwrote:
Hi,
Yes, I've tried google, I've tried www.nist.gov, I've tried
postmaster/hostmaster/ab...@nist.gov, I've even tried the phone.
Could someone give me a pointer to a mail admin at nist.gov?
Att is hard to deal with I ran into a situation not long ago where I
needed to get a t1 cross connect from one cage to another within a
building. They consider floor 3 a CO and floor 7 a different CO. both
floors share the same wiring frame room like on the 5th floor. Well
they wouldn't allow
That is crazy when we turn up new BGP customers, we always put a /29 in
place now - for that reason and for others saves a LOT of headaches when
some changes are needed down the road...;)
Paul
-Original Message-
From: Bret Clark [mailto:bcl...@spectraaccess.com]
Sent: Friday,
Hate to say it, but also some of the cost on the circuits can be blamed
on uncle Sam. ATM circuits are currently tariffed that same way are
voice circuits. These tariffs are not charged to Ethernet because it is
a 'data circuit'. At least that was the case a little while back.
--
On Fri, Jul 10, 2009 at 11:53:58AM -0700, Roy wrote:
...
Must be the group that is in training to handle the new health insurance
plan ;-)
Sorry for the OT, but now you have me confused - what does USA NIST have
to do with health insurance??? Standards and Technology is more like
weights and
On Fri, Jul 10, 2009 at 2:11 AM, Jeffrey
Lyonjeffrey.l...@blacklotus.net wrote:
All,
There are few if any ISP that will help you with something like this.
coughuunet/vzb would/will/cough
(for free most times even)
Would what? Null route the IP? I'm talking about actually filtering the
attack.
Jeff
On Jul 10, 2009 5:10 PM, Christopher Morrow morrowc.li...@gmail.com
wrote:
On Fri, Jul 10, 2009 at 2:11 AM, Jeffrey Lyonjeffrey.l...@blacklotus.net
wrote: All, There a...
coughuunet/vzb would/will/cough
On 2009-07-10-14:21:49, Duane Waddle duane.wad...@gmail.com wrote:
I am searching for opinions on OEMs of X2 form factor 10G LAN PHY
optics. We've found that most router/switch vendors mark these
particular items up significantly just to provide their own
sticker/EEPROM ID. As such, we'd
On Fri, Jul 10, 2009 at 5:12 PM, Jeffrey
Lyonjeffrey.l...@blacklotus.net wrote:
Would what? Null route the IP? I'm talking about actually filtering the
attack.
as was I. (talking about filtering the attack)
On Jul 10, 2009 5:10 PM, Christopher Morrow morrowc.li...@gmail.com
wrote:
On Fri,
On 2009-07-10-12:42:24, Mark Radabaugh m...@amplex.net wrote:
[...]
What projections are you using regarding the default free zone over the
next 5 years when picking new hardware?
Geoff Huston, et al provide some useful trending:
http://bgp.potaroo.net/index-bgp.html
With that said, I've
Filter like in using the Cisco Guard of sort, to send the good traffic back
to the customers? And that service is coughfree through vzb?/cough
--
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
[Web] http://www.netcraftsmen.net
--
I second Adam's recommendation. Fluxlight has always been awesome to deal with.
On 7/10/09, Adam Rothschild asr+na...@latency.net wrote:
On 2009-07-10-14:21:49, Duane Waddle duane.wad...@gmail.com wrote:
I am searching for opinions on OEMs of X2 form factor 10G LAN PHY
optics. We've found
BGP Update Report
Interval: 02-Jul-09 -to- 09-Jul-09 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS919896848 3.9% 320.7 -- KAZTELECOM-AS Kazakhtelecom
Corporate Sales Administration
This report has been generated at Fri Jul 10 21:11:56 2009 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
On Fri, Jul 10, 2009 at 5:49 PM, Luan Nguyenl...@netcraftsmen.net wrote:
Filter like in using the Cisco Guard of sort, to send the good traffic back
to the customers? And that service is coughfree through vzb?/cough
as in: find some way to keep the customer alive and kicking
which might be:
1)
Fact: Filtering TCP/80 attacks is a 3 to 4 figure job, sometimes even 5 figure.
Jeff
On Fri, Jul 10, 2009 at 6:16 PM, Christopher
Morrowmorrowc.li...@gmail.com wrote:
On Fri, Jul 10, 2009 at 5:49 PM, Luan Nguyenl...@netcraftsmen.net wrote:
Filter like in using the Cisco Guard of sort, to send
Is there any way to force a delay on a BGP session from establishing
when a link comes up? Say, for example, if a link flaps and
fast-external-fallover takes it down we should wait X minutes before
trying to bring the session back up.
~Seth
Seth Mattinen wrote:
Is there any way to force a delay on a BGP session from establishing
when a link comes up? Say, for example, if a link flaps and
fast-external-fallover takes it down we should wait X minutes before
trying to bring the session back up.
Dammit, that was supposed to go to
On Fri, Jul 10, 2009 at 11:06 PM, Jeffrey
Lyonjeffrey.l...@blacklotus.net wrote:
I don't know of any internet access services that provide a SLA against DDoS.
vzb/mci/uunet used to, there is (I believe) still a 'response' SLA,
and there was an SLA for their dos-mitigation service as
I don't know of any internet access services that provide a SLA against DDoS.
Jeff
On Fri, Jul 10, 2009 at 10:57 PM, Christopher
Morrowmorrowc.li...@gmail.com wrote:
On Fri, Jul 10, 2009 at 6:38 PM, Jeffrey
Lyonjeffrey.l...@blacklotus.net wrote:
Fact: Filtering TCP/80 attacks is a 3 to 4
Charles;
SBC belongs to ATT which has a ddos mitigation offering
http://www.business.att.com/content/productbrochures/PB-DDoS_16651_v1_6-27-08.pdf
Verizon also
has such an offering under
Managed Services
Security Solutions
Powered by Cybertrust a company they bought
57 matches
Mail list logo