I guess router vendors need to start supporting
https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/ and I'd
imagine that'll take 6-12 months after it's even feature commit, so seeing
deployment of this in 2011 seems highly doubtful?
It's one of those features I doubt would ever be
On Wed, Dec 8, 2010 at 8:02 PM, JC Dill jcdill.li...@gmail.com wrote:
On 08/12/10 1:38 PM, valdis.kletni...@vt.edu wrote:
The second issue is that if you *do* establish a legal precident that
software vendors are liable for faults no matter what the contract/EULA
says,
It doesn't matter
For some ISPs an upgrade to IOS XR on the GSR is an alternative. But
probably not for all...
Yeah, particularly the ones who don't run IOS.
If you look at the national vulnerability database listings, though,
it's really not clear who you'd need to go after:
http://blogs.technet.com/b/security/archive/2008/05/15/q1-2008-client-
os-vulnerability-scorecard.aspx
Granted, that was two years ago; but it sure seems that just
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr tagn...@gmail.com wrote:
The problem is that they were also slashdotted. The logs would also have a
large number of unrelated.
pro-tip: the
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd
have to first prove the person installed it themselves, and then you'd
have to prove that they knew it would be used for illegal purposes.
Earlier this morning there were two people
On 9/12/10 7:49 PM, William Pitcock wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr tagn...@gmail.com wrote:
The problem is that they were also slashdotted. The logs would also have a
On Thu, Dec 09, 2010, Ben McGinnes wrote:
On 9/12/10 7:49 PM, William Pitcock wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr tagn...@gmail.com wrote:
The problem is that they were also
On Thu, Dec 09, 2010, Adrian Chadd wrote:
Be careful - plenty of Squid's make HTTP/1.0 version.
make HTTP/1.0 requests, not version. Tsk.
(And here I am, studying linguistics. Pshaw.)
Adrian
In article 4d00a373.3010...@prt.org, Paul Thornton p...@prt.org
writes
Earlier this morning there were two people interviewed on the BBC radio
4 Today program (this is considered the BBC's flagship morning
news/current affairs show on their serious nationwide talk radio
station) about this -
There are some pieces in the RPKI puzzle.
One is the definitions of protocols, that one is very advanced in the
SIDR WG in the IETF. Not RFCs yet but I am sure we will se some soon.
Another piece are repositories of CA's and ROAs and Trust Anchors. RIRs
have
Hi , first sorry for lame question but i'm new to BGP.
In my ISP I have two full BGP sessions with my two transit providers (X
and Y), and for every provider i have assigned PA (Provider
Aggregatable) networks. Is it possible (if there are no filters on other
side) to advertise X networks to Y and
On Wed, Dec 08, 2010 at 07:43:52AM -0800, JC Dill wrote:
ISPs are not the source. The source is Microsoft. The source is
their buggy OS that is easily compromised to enable the computers to
be taken over as part of the botnet.
I often disagree vehemently with JC, but not this time.
I've
IMHO one piece missing (not the only one, but one important in this
stage) is RTR (RPKI/Router Protocol) working in routers.
i have been running test versions on ios xr on a gsr and ios classic on
a 7200 for a while now.
I am only aware of one big vendor with testing code.
see your sales
Hi there,
I am not familiar with the west coast collocation facilities that are VoIP
friendly (either by QoS or good upstreams/peering).
Something in the Los Angeles area; been looking at IX2 on Wilshire.
Right now looking to collocate a few boxes, switch and a router...
Any recommendations?
On Thu, 09 Dec 2010 13:32:26 +0200
b2 b...@playtime.bg wrote:
Hi , first sorry for lame question but i'm new to BGP.
In my ISP I have two full BGP sessions with my two transit providers
(X and Y), and for every provider i have assigned PA (Provider
Aggregatable) networks. Is it possible (if
here is the audio from BBC Radio 4.
http://www.bbc.co.uk/news/technology-11935539
On Thu, Dec 9, 2010 at 1:37 AM, Paul Thornton p...@prt.org wrote:
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd
have to first prove the person
2010/12/9 b2 b...@playtime.bg:
Hi , first sorry for lame question but i'm new to BGP.
In my ISP I have two full BGP sessions with my two transit providers (X
and Y), and for every provider i have assigned PA (Provider
Aggregatable) networks. Is it possible (if there are no filters on other
Can a Global Crossing IP engineer please contact me off-list?
Thanks,
Matt
https://gettys.wordpress.com/2010/12/06/whose-house-is-of-glasse-must-not-throw-stones-at-another/
I wonder why this hasn't made the rounds here. From what I see, a change
in this part (e.g. lower buffers in customer routers, or a change (yet
another) to the congestion control algorithms) would
On 12/9/2010 5:32 AM, b2 wrote:
Hi , first sorry for lame question but i'm new to BGP.
In my ISP I have two full BGP sessions with my two transit providers (X
and Y), and for every provider i have assigned PA (Provider
Aggregatable) networks. Is it possible (if there are no filters on other
On Thu, Dec 9, 2010 at 3:49 AM, William Pitcock
neno...@systeminplace.net wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0
On Thu, 9 Dec 2010, Vasil Kolev wrote:
I wonder why this hasn't made the rounds here. From what I see, a change
in this part (e.g. lower buffers in customer routers, or a change (yet
another) to the congestion control algorithms) would do miracles for
end-user perceived performance and should
On 12/8/2010 5:07 PM, Owen DeLong wrote:
This assumes a 1:1 ratio between prefixes and routing policies. This is
unrealistic in all but the most
trivial of networks.
Yet we can achieve much closer to this with IPv6 due to looser
allocation policies.
Yes... It should. However, even with
On Thursday, December 09, 2010 03:43:11 am George Bonser wrote:
Is anyone actually using Ubuntu 6.06LTS anymore? That was published for
Q1 2008, that was almost three years ago which in internet years is a
long time.
Yes. I have some desktop users still on 6.06LTS, and they are kept updated.
On Dec 9, 2010, at 4:37 AM, Paul Thornton wrote:
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd
have to first prove the person installed it themselves, and then you'd
have to prove that they knew it would be used for illegal
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how they were coordinated
over Twitter and Facebook,
so now they are making a profit from Wikileaks.
true Capitalism.
-
**
*
*
*http://www.dailypaul.com/*
*
*
*http://www.thenewamerican.com/*
*
*
*
*
* http://www.thenewamerican.com/
*
On Thu, Dec 9, 2010 at 8:29 AM, Jim Mercer
On Dec 8, 2010, at 10:10 PM, Thomas Mangin wrote:
Until this is sorted I believe flowspec will be a marginal solution.
We're seeing a significant uptick in flowspec interest, actually, and S/RTBH
has been around for ages.
Great to hear :)
But my point is still valid [...]
After
In article 20101209162936.ga9...@reptiles.org, Jim Mercer
j...@reptiles.org writes
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU/
this is all becoming quite surreal.
Please note: This
On 12/09/2010 11:29 EST, Jim Mercer wrote:
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU/
This book contains commentary and analysis regarding recent WikiLeaks
disclosures, not the
On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote:
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how
On Dec 9, 2010, at 12:25 PM, Marshall Eubanks wrote:
On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote:
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
On Thu, Dec 09, 2010 at 05:18:39PM +, Roland Perry wrote:
In article 20101209162936.ga9...@reptiles.org, Jim Mercer
j...@reptiles.org writes
amazon is selling a Kindle version of the Wikileaks released cables:
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Realistically, if the folks from Anonymous wanted to really cause
trouble, they'd be doing (legitimate looking) SSL requests against the
actual payment gateways. The force-multiplier there is the computational
effort it
On 12/8/2010 3:04 PM, Seth Mattinen wrote:
On 12/8/2010 08:06, Jack Bates wrote:
I call BS. Windows has it's problems, but it is the most common
exploited as it holds the largest market share. Many Windows infections
I've seen occur not due to the OS, but due to lack of patching of
applications
Uh, no.
Source code from LOIC:
byte[] buf;
if (random == true)
{
buf =
System.Text.Encoding.ASCII.GetBytes(String.Format(GET
{0}{1} HTTP/1.1{2}Host:
My question is what architectural recommendations will you make to your
employer if/when the US Govt compels our employers to accept our role as the
front lines of this cyberwar?
I figure once someone with a relevant degree of influence in the govts
realizes that the cyberwar is between
i found it funny how M$ started giving away virus/security software for its OS.
it can't fix the leaky roof, so it includes a roof patch kit. (and puts about
10 companies out of business at the same time)
Many Windows infections
I've seen occur not due to the OS, but due to lack of
In article 20101209180619.ga12...@reptiles.org, Jim Mercer
j...@reptiles.org writes
Please note: This book contains commentary and analysis regarding
recent WikiLeaks disclosures, not the original material disclosed via
the WikiLeaks website.
i don't have a cache, but i'm pretty sure those
On 12/9/2010 12:19 PM, Michael Smith wrote:
So... if/when our
employers are unable to resist the US Govt's demand that we join in the
national defense, wouldn't this community be the ones asked to guard the
border?
CALEA
done
On Thu, Dec 09, 2010 at 01:08:12PM -0500, Michael Holstein said:
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Realistically, if the folks from Anonymous wanted to really cause
trouble, they'd be doing (legitimate looking) SSL requests against the
On Dec 10, 2010, at 1:19 AM, Michael Smith wrote:
front lines of this cyberwar?
Warfare isn't the correct metaphor.
Espionage/covert action is the correct metaphor.
---
Roland Dobbins rdobb...@arbor.net //
How is what to block identified? ...by content key words? ..traffic
profiles / signatures? Deny all, unless flow (addresses/protocol/port) is
pre-approved / registered?
What does the technical solution look like?
Any solutions to maintain some semblance of freedom?
On Thu, Dec 9, 2010 at
On 12/08/2010 11:08 PM, Iljitsch van Beijnum wrote:
On 8 dec 2010, at 20:10, Mohacsi Janos wrote:
Do you think adopting LISP or similar architectures to reduce the
problems mentioned above?
[...]
Do you lose initial packets when there is no mapping state yet?
Yes. But there are
On Thu, Dec 9, 2010 at 1:23 PM, Roland Perry li...@internetpolicyagency.com
wrote:
In article 20101209180619.ga12...@reptiles.org, Jim Mercer
j...@reptiles.org writes
Please note: This book contains commentary and analysis regarding
recent WikiLeaks disclosures, not the original material
On 12/9/2010 12:31 PM, Michael Smith wrote:
How is what to block identified? ...by content key words? ..traffic
profiles / signatures? Deny all, unless flow (addresses/protocol/port)
is pre-approved / registered?
CALEA doesn't provide block. It provides full data dumps to the
authorities.
Let's put it this way.
1. If you host government agencies, provide connectivity to say a
nuclear power plant or an army base, or a bank or .. .. - you'd
certainly work with your customers to meet their security
requirements.
2. If you are a service provider serving up DSL - why then, there are
And if I ever find the genius who came up with the we are not the
internet police meme ...
On Fri, Dec 10, 2010 at 12:19 AM, Suresh Ramasubramanian
ops.li...@gmail.com wrote:
Let's put it this way.
1. If you host government agencies, provide connectivity to say a
nuclear power plant or an
On Thu, Dec 9, 2010 at 3:45 AM, Rich Kulawiec r...@gsp.org wrote:
On Wed, Dec 08, 2010 at 07:43:52AM -0800, JC Dill wrote:
ISPs are not the source. The source is Microsoft. The source is
their buggy OS that is easily compromised to enable the computers to
be taken over as part of the botnet.
Obviously the environment is created by layers 8/9, but I'm interested in
the layer 1-7 solutions that the community would consider/recommend.
BGP blackhole communities is a good way to push the problem upstream,
assuming your provider will agree to it. In theory, that could also work
on
And if I ever find the genius who came up with the we are not the
internet police meme ...
he died over a decade ago
Was it the original IANA?
- Original Message -
From: Randy Bush ra...@psg.com
To: Suresh Ramasubramanian ops.li...@gmail.com
Cc: North American Network Operators Group nanog@nanog.org
Sent: Thu Dec 09 14:12:41 2010
Subject: Re: [Operational] Internet Police
And if I ever find the
On Dec 9, 2010, at 10:19 AM, Michael Smith wrote:
My question is what architectural recommendations will you make to your
employer if/when the US Govt compels our employers to accept our role as the
front lines of this cyberwar?
I figure once someone with a relevant degree of influence in
On Thu, Dec 09, 2010 at 06:26:30PM +, Dobbins, Roland wrote:
On Dec 10, 2010, at 1:19 AM, Michael Smith wrote:
front lines of this cyberwar?
Warfare isn't the correct metaphor.
Espionage/covert action is the correct metaphor.
Low intensity conflict may be more correct.
--
Mike
On Thu, 09 Dec 2010 06:45:45 EST, Rich Kulawiec said:
I've been studying bot-generated spam for most of the last decade, and to
about 6 nine's, it's all been from Windows boxes. (The rest? A smattering
of indeterminate and various 'nix systems including MacOS.)
The botnet problem is a
Customers of ours on Comcast are experiencing poor
throughput to us when whatever location they're at
takes a route to us via Level 3; Level 3 being
one of our upstreams.
I've set a community of 65004:7922 which is supposed
to tell Level 3 to prepend four times to Comcast
for our AS but the
Once upon a time, Fred Baker f...@cisco.com said:
did you know that DSLRs are illegal in Kuwait unless one is a registered
journalist?
Did you know that they are not?
http://thenextweb.com/me/2010/11/30/kuwait-dslr-ban-does-not-exist-after-all/
This is like the people attacking EasyDNS
On Dec 9, 2010, at 10:44 AM, Jack Bates wrote:
[CALEA] is designed to track down and prosecute people, not stop malicious
activity.
Right.
In order for the law to try and stop malicious activities (digital or real),
it must place constraints on our freedoms. See TSA/Airport Security.
Or,
On 9 Dec 2010, at 18:06, Jim Mercer wrote:
i don't have a cache, but i'm pretty sure those comments were added after i
posted.
The new words are:
-=--=-
Looking for something?
We're sorry. The Web address you entered is not a functioning page on our site
inline:
Mostly the input is done by a library implementing the Posix
version of fprintf or fscanf.
10 = 10, 0xa, 012
010 = 8, 0x8, 010
0x10 = 16, 0x10, 020
and there are others. google( fscanf )
Mostly everything understands fscanf syntax.
Cheers
Peter
Greg Whynott wrote:
i was pinging a host
It was a quick arrest wasn't it?
- Original Message -
From:Michael Smith msm...@internap.com
To:andrew.wallace andrew.wall...@rocketmail.com
Cc:
Sent:Thursday, 9 December 2010, 21:49:16
Subject:RE: Mastercard problems
1 down, 3896 to go... :)
-Original Message-
From:
Exactly... Rounding up script kiddies one at a time is a pretty serious
deterrent ;). I'm sure the bot-masters are quaking in their boots... :)
- Original Message -
From: andrew.wallace andrew.wall...@rocketmail.com
To: Michael Smith
Cc: nanog@nanog.org nanog@nanog.org
Sent: Thu Dec 09
Hey guys:
This is most definitely OT so please contact me off list. (don't want to annoy
anyone)
I come to you all because of all your wisdom. =)
I want to know if there's software out there that will encrypt files on win2k3,
winxp, win7, so that if someone
decides to steal the computer and
Truecrypt
John Menerick
On 12/9/2010 4:24 PM, Brandon Kim wrote:
Hey guys:
This is most definitely OT so please contact me off list. (don't want to annoy
anyone)
I come to you all because of all your wisdom. =)
I want to know if there's software out there that will encrypt files on win2k3,
Wow, sounds like TrueCrypt it is.not a single other app was suggested!!!
Thank you gentlemen!
Date: Thu, 9 Dec 2010 16:27:05 -0800
From: jmener...@netsuite.com
To: nanog@nanog.org
Subject: Re: Windows Encryption Software
Truecrypt
John Menerick
On 12/9/2010 4:24 PM, Brandon
On Fri, Dec 10, 2010 at 12:42 AM, Randy Bush ra...@psg.com wrote:
And if I ever find the genius who came up with the we are not the
internet police meme ...
he died over a decade ago
All due respect to him, but I didnt want to kick his teeth in or
anything, merely ask if he'd like to
On Thu, Dec 9, 2010 at 7:24 PM, Brandon Kim brandon@brandontek.com wrote:
I want to know if there's software out there that will encrypt files on
win2k3, winxp, win7, so that if someone
decides to steal the computer and plug the harddrive into a USB external
case, they won't be able to
On Fri, Dec 10, 2010 at 6:25 AM, Brandon Kim brandon@brandontek.com wrote:
Wow, sounds like TrueCrypt it is.not a single other app was suggested!!!
Thank you gentlemen!
There's also PGP WDE (Whole Disk Encryption)
--
Suresh Ramasubramanian (ops.li...@gmail.com)
mikea mi...@mikea.ath.cx writes:
On Thu, Dec 09, 2010 at 06:26:30PM +, Dobbins, Roland wrote:
On Dec 10, 2010, at 1:19 AM, Michael Smith wrote:
front lines of this cyberwar?
Warfare isn't the correct metaphor.
Espionage/covert action is the correct metaphor.
Low intensity
On 12/6/10 5:35 AM, Jeff Johnstone wrote:
Speaking of IPV6 security, is there any movement towards any open source
IPV6 firewall solutions for the consumer / small business?
Almost all the info I've managed to find to date indicates no support, nor
any planned support in upcoming releases.
Speaking of IPV6 security, is there any movement towards any open
source
IPV6 firewall solutions for the consumer / small business?
Almost all the info I've managed to find to date indicates no
support, nor
any planned support in upcoming releases.
Any info would be helpful.
On Dec 9, 2010, at 9:39 PM, George Bonser wrote:
Speaking of IPV6 security, is there any movement towards any open
source
IPV6 firewall solutions for the consumer / small business?
Almost all the info I've managed to find to date indicates no
support, nor
any planned support in
On Dec 10, 2010, at 10:01 AM, Robert E. Seastrom wrote:
cyber-intifada was the proper trope, but so far it has failed to grow legs.
The problem is that non-ironic use of the appellation 'cyber-' is generally
inversely proportional to actual clue, so it should be avoided at all costs.
;
Butlerian Jihad.
-Bill
On Dec 9, 2010, at 19:02, Robert E. Seastrom r...@seastrom.com wrote:
mikea mi...@mikea.ath.cx writes:
On Thu, Dec 09, 2010 at 06:26:30PM +, Dobbins, Roland wrote:
On Dec 10, 2010, at 1:19 AM, Michael Smith wrote:
front lines of this
On 12/10/2010 12:52 AM, Wil Schultz wrote:
On Dec 9, 2010, at 9:39 PM, George Bonser wrote:
Speaking of IPV6 security, is there any movement towards any open
source
IPV6 firewall solutions for the consumer / small business?
Almost all the info I've managed to find to date indicates no
76 matches
Mail list logo