Anyone hear of the SundownGroup?
On Thursday we received an interesting RFQ from them and suspect their
intentions for requesting an IP assignment isn't exactly what they state. We
have already turned them down, but thought others might be interested in their
activities as well. RIPE NCC has
We see this all the time, usually it involves either a /20 or multiple-/xx
that change every month.
Jeff
On Tue, Sep 7, 2010 at 12:54 PM, Tero Toikkanen tero.toikka...@nebula.fiwrote:
Anyone hear of the SundownGroup?
On Thursday we received an interesting RFQ from them and suspect their
Kind of funny how they intend to do enough 'WholesaleVoIP on a 10Mbps
connection/1GB RAM for a /20 :)
That is a giveaway in itself.
-Original Message-
From: Tero Toikkanen tero.toikka...@nebula.fi
Date: Tue, 7 Sep 2010 08:24:05
To: NANOG listnanog@nanog.org
Subject: IPv4 squatters on
Yeah, it's pretty obvious from the start. I'd like to see the VoIP-system with
those requirements...
I just think these cases should be made public to at least slow these guys
down, just in case someone else is less cluefull :) If these really happen all
the time in the big world, this list
Forgive the top posting, but Lookout is the corporate standard.
Now, on to the topic at hand. Why would you scan the address space in
the first place? Wouldn't it be easier to compromise a known host and
look at the ARP table? Or better yet, the router on the edge? If it's
moving packets,
Hello,
We're working on deploying some L2 services over an MPLS network. Our model
includes a CPE with OAM capabilities and QinQ from the PE to the CPE. For now
we
want to do simple OAM functions from CPE-CPE (no MIPs in the MPLS network).
Our lab testing has shown some sort of
On Tue, 7 Sep 2010, Tero Toikkanen wrote:
Anyone hear of the SundownGroup?
On Thursday we received an interesting RFQ from them and suspect their
intentions for requesting an IP assignment isn't exactly what they state. We
have already turned them down, but thought others might be interested
i keep hearing that, but am having a hard time finding supporting data.
Might see the stats from http://cbl.abuseat.org - by AS. Then compare
the stats on a non port 25 filtered network (they have stats by AS) to
stats on a network that is filtered on port 25
The networks that are
On Tue, 7 Sep 2010, Jeffrey Lyon wrote:
We see this all the time, usually it involves either a /20 or multiple-/xx
that change every month.
If they want frequently changing IPs, it's almost certainly for spamming.
I got the impression with these people they were just trying to get a
bunch
On Tue, Sep 7, 2010 at 10:03 AM, Jon Lewis jle...@lewis.org wrote:
On Tue, 7 Sep 2010, Jeffrey Lyon wrote:
We see this all the time, usually it involves either a /20 or multiple-/xx
that change every month.
If they want frequently changing IPs, it's almost certainly for spamming.
I got the
Forgive the top posting, but Lookout is the corporate standard.
It prevents you from typing at the bottom? How quaint :-)
Now, on to the topic at hand. Why would you scan the address space in
the first place?
Maybe because you haven't really thought about the magnitude of the
task?
Maybe
On Tue, 7 Sep 2010, Christopher Morrow wrote:
it used to be (~4-5 years ago) that the spammer code of 'voip service
provider' was really 'we intend on raping proxies all over the planet'
... when you call them out on the random port traffic out of their
pipe they point at their 'business' model
Yeah. This is just the way snowshoe spammers operate - GRE or VPN
tunnels back to a master server, and a /24 full of output points with
throwaway hostnames / reverse dns
On Tue, Sep 7, 2010 at 8:05 PM, Jon Lewis jle...@lewis.org wrote:
I haven't seen that excuse/justification from customers.
Hello,
We're working on deploying some L2 services over an MPLS network. Our model
includes a CPE with OAM capabilities and QinQ from the PE to the CPE. For now we
want to do simple OAM functions from CPE-CPE (no MIPs in the MPLS network).
Our lab testing has shown some sort of
I have a linux (ubuntu) box and I would like to install a BGP looking
glass. Are there any out there for free and how can one go about it? Is
linux the best OS to use?
Thanks,
Peter R.
Hmm, Google says you could use http://www.zebra.org/ to set your box
up as a route, and then you can just view the routes from there?
Or look here; http://www.bgp4.as/tools
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
I have a linux (ubuntu) box and I would like to install a BGP looking
glass. Are there any out there for free and how can one go about it?
Is linux the best OS to use?
i gave up. all but one required telnet access to the router(s). and
the one that did ssh did so by including half of the
The rancid package includes a perl based looking glass CGI thing. You may
want to look at that and modify it to suit your needs.
-Ryan
On Tue, Sep 7, 2010 at 11:29 AM, James Bensley jwbens...@gmail.com wrote:
Hmm, Google says you could use http://www.zebra.org/ to set your box
up as a route,
On Tue, Sep 07, 2010 at 05:09:21PM +0300, Peter Rudasingwa wrote:
:I have a linux (ubuntu) box and I would like to install a BGP looking
:glass. Are there any out there for free and how can one go about it?
:Is linux the best OS to use?
:
:Thanks,
:Peter R.
Try OpenBSD w/ OpenBGPd. It includes a
On 9/7/10 7:09 AM, Peter Rudasingwa wrote:
I have a linux (ubuntu) box and I would like to install a BGP looking
glass. Are there any out there for free and how can one go about it? Is
linux the best OS to use?
Setup quagga [1] and write a perl script [2] to peer with the box.
The perl
On Tue, Sep 7, 2010 at 10:35 AM, Jon Lewis jle...@lewis.org wrote:
On Tue, 7 Sep 2010, Christopher Morrow wrote:
I used to have some quick/dirty instructions for how to verify that
the traffic was in fact proxy traffic, something like:
1) log traffic from the soon-to-be-ex-customer (acl logs
More often than not today the only replies I've been getting back from
the ARIN whois servers is:
ERROR 503: Unable to service request due to high volume.
Is there really high volume today, or is the new restful thing broken
again?
On 9/7/2010 1:24 AM, Tero Toikkanen wrote:
Anyone hear of the SundownGroup?
yes it is the fictional name - it pertains to a covert operations group
from a Tommy Lee Scott Gene Hackman movie called The Package. As I
recall Operation Sundown was the op name and it was a bunch of
assassins but
On 9/7/10 10:23 AM, Jon Lewis wrote:
More often than not today the only replies I've been getting back from
the ARIN whois servers is:
ERROR 503: Unable to service request due to high volume.
Is there really high volume today, or is the new restful thing broken
again?
S, it's an
On Tue, 07 Sep 2010 09:03:12 EDT, Jamie Bowden said:
Now, on to the topic at hand. Why would you scan the address space in
the first place? Wouldn't it be easier to compromise a known host and
look at the ARP table? Or better yet, the router on the edge? If it's
moving packets, something
James Bensley jwbens...@gmail.com writes:
Hmm, Google says you could use http://www.zebra.org/ to set your box
up as a route, and then you can just view the routes from there?
Aehm, Zebra is dead. Quagga it the successor.
Last change date on zebra.org website is 5 years old.
Jens
--
So i guess im new at internets as my colleagues told me because I havent gone
around to 30-40 systems I control (minus customer self-managed gear) and
installed a restrictive robots.txt everywhere to make the web less useful to
everyone.
Does that really mean that a big outfit like yahoo should
FWIW Quagga works fine as a looking glass if you don't mind the telnet
interface. Though, if you really want ssh, you could make a user on the
machine whose login script runs 'vtysh' and logs out on exit, however it's
admittedly less elegant.
-Jack Carrozzo
On Tue, Sep 7, 2010 at 4:09 PM, Jens
That speed doesn't seem too bad to me - robots.txt is our friend when
one had bandwidth limitations.
Leslie
On 9/7/10 1:19 PM, Ken Chase wrote:
So i guess im new at internets as my colleagues told me because I havent gone
around to 30-40 systems I control (minus customer self-managed gear)
On Tue, 7 Sep 2010, Jack Carrozzo wrote:
FWIW Quagga works fine as a looking glass if you don't mind the telnet
interface. Though, if you really want ssh, you could make a user on the
machine whose login script runs 'vtysh' and logs out on exit, however it's
admittedly less elegant.
Anyone
On Tue, Sep 7, 2010 at 6:35 PM, Nathan Stratton nat...@robotics.net wrote:
Anyone know of a good http looking glass that works with quagga?
I realize this is probably more hacking than you want to do, but Quagga can
expose much of it's info via SNMP. Thus it would be fairly trivial to write
Hi there...
We are examining several options currently for appliances/devices that
sit inline (most likely) and can perform all/some of these services:
-Track customer usage and generate monthly reports based on username
(PPPOE) or cable MAC (DHCP) - and doesn't require any changes to our
*Install quagga and rancid
sudo apt-get install rancid rancid-cgi quagga
*Enable bgpd in /etc/quagga/daemons
*Hook up your Quagga.conf with all the fun bgp configuration bits. Search on
the intarwebs or man pages for configuration details.
*Set up a user with vtysh as their shell.
*Set up
On Tue, 07 Sep 2010 17:09:21 +0300
Peter Rudasingwa peter.rudasin...@altechstream.rw wrote:
I have a linux (ubuntu) box and I would like to install a BGP looking
glass. Are there any out there for free and how can one go about it?
Is linux the best OS to use?
Thanks,
Peter R.
I have used
From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Tue Sep 7 15:15:13
2010
Date: Mon, 6 Sep 2010 19:55:06 -0500
From: Brett Frankenberger rbf+na...@panix.com
To: deles...@gmail.com
Subject: Re: ISP port blocking practice
Cc: NANOG list nanog@nanog.org
On Mon, Sep 06, 2010 at
On Tue, Sep 07, 2010 at 04:19:58PM -0400, Ken Chase wrote:
This makes it look like Yahoo is actually trafficking in pirated software, but
that's kinda too funny to expect to be true, unless some yahoo tech decided to
use that IP/server @yahoo for his nefarious activity, but there are better
08.09.2010 01:35, Nathan Stratton пишет:
On Tue, 7 Sep 2010, Jack Carrozzo wrote:
FWIW Quagga works fine as a looking glass if you don't mind the telnet
interface. Though, if you really want ssh, you could make a user on the
machine whose login script runs 'vtysh' and logs out on exit,
37 matches
Mail list logo
