On (2012-01-19 12:10 -0800), jon Heise wrote:
Does anyone have any experience with these two routers, we're looking to
buy one of them but i have little experience dealing with cisco routers
and zero experience with juniper.
It might be because of your schedule/timetable, but you are
On 2012-01-20 10:47 , Yang Xiang wrote:
Hi,
I build a system ‘Argus’ to real-timely alert prefix hijackings.
Argus monitors the Internet and discovers anomaly BGP updates which caused
by prefix hijacking.
When Argus discovers a potential prefix hijacking, it will advertise it in
a very
Mark Andrews ma...@isc.org wrote:
I suspect most file sharing site don't have illegal content. Most
would have some content that is there without the permission of the
copyright holder. These are different things.
nitpick
Without the permission of the copyright holder _is_ contrary to
_
Yang Xiang . about.me/xiangyang
Ph.D candidate. Tsinghua University
Argus: argus.csnet1.cs.tsinghua.edu.cn
2012/1/20 Jeroen Massar jer...@unfix.org
On 2012-01-20 10:47 , Yang Xiang wrote:
Hi,
I build a system ‘Argus’ to real-timely alert prefix
In article 201201201025.q0kapdm5040...@mail.r-bonomi.com, Robert
Bonomi bon...@mail.r-bonomi.com writes
I suspect most file sharing site don't have illegal content. Most
would have some content that is there without the permission of the
copyright holder. These are different things.
nitpick
On Jan 20, 2012, at 11:25, Robert Bonomi wrote:
Public distribution without the permission of the copyright owner is
illegal.
This is veering off the purpose of this list, but maybe it is operationally
significant to be able to use the right terms when a law enforcement officer is
standing
On Fri, Jan 20, 2012 at 4:09 PM, Yang Xiang
xiang...@csnet1.cs.tsinghua.edu.cn wrote:
Hope I can find enough v6 route-servers before Jun 6 :)
Jeroen is just the guy to suggest where you can find them :)
Till then, if google is an acceptable substitute -
What sould fileshares must do, is to store files in these services in
a encrypted way, and anonimized name. So these services have
absolutelly no way to tell what are hosting.
Fileshares can organize thenselves in sites based on a forum software
that is private by default (open with
_
Yang Xiang . about.me/xiangyang
2012/1/20 Suresh Ramasubramanian ops.li...@gmail.com
On Fri, Jan 20, 2012 at 4:09 PM, Yang Xiang
xiang...@csnet1.cs.tsinghua.edu.cn wrote:
Hope I can find enough v6 route-servers before Jun 6 :)
Jeroen is just the guy to
On Jan 20, 2012, at 2:25 AM, Robert Bonomi wrote:
Mark Andrews ma...@isc.org wrote:
I suspect most file sharing site don't have illegal content. Most
would have some content that is there without the permission of the
copyright holder. These are different things.
nitpick
Without
On 20 Jan 2012, at 11:00, Tei wrote:
Fileshares can organize thenselves in sites based on a forum software
that is private by default (open with registration), then share some
information file that include the url to the files hosted, and the
key to unencrypt these files, and some metadata.
On Fri, Jan 20, 2012 at 03:05:47AM -0800, Owen DeLong wrote:
On Jan 20, 2012, at 2:25 AM, Robert Bonomi wrote:
Mark Andrews ma...@isc.org wrote:
I suspect most file sharing site don't have illegal content. Most
would have some content that is there without the permission of the
On 20 January 2012 12:14, Alec Muffett alec.muff...@gmail.com wrote:
On 20 Jan 2012, at 11:00, Tei wrote:
Fileshares can organize thenselves in sites based on a forum software
that is private by default (open with registration), then share some
information file that include the url to the
On Fri, Jan 20, 2012 at 5:48 AM, Carsten Bormann c...@tzi.org wrote:
On Jan 20, 2012, at 11:25, Robert Bonomi wrote:
Public distribution without the permission of the copyright owner is
illegal.
This is veering off the purpose of this list, but maybe it is operationally
significant to be
On 2012-01-20 12:01 , Yang Xiang wrote:
2012/1/20 Suresh Ramasubramanian ops.li...@gmail.com
mailto:ops.li...@gmail.com
On Fri, Jan 20, 2012 at 4:09 PM, Yang Xiang
xiang...@csnet1.cs.tsinghua.edu.cn
mailto:xiang...@csnet1.cs.tsinghua.edu.cn wrote:
Hope I can find enough
You could use RPKI and origin validation as well.
We have an application that does that.
http://www.labs.lacnic.net/rpkitools/looking_glass/
For example you can periodically check if your prefix is valid:
_
Yang Xiang . about.me/xiangyang
Ph.D candidate. Tsinghua University
Argus: argus.csnet1.cs.tsinghua.edu.cn
2012/1/20 Jeroen Massar jer...@unfix.org
On 2012-01-20 12:01 , Yang Xiang wrote:
2012/1/20 Suresh Ramasubramanian ops.li...@gmail.com
RPKI is great.
But, firstly, ROA doesn't cover all the prefixes now,
we need an alternative service to alert hijackings.
secondly, ROA can only secure the 'Origin AS' of a prefix,
while Argus can discover potential hijackings caused by anomalous AS path.
After ROA and BGPsec deployed in the
On 20 Jan 2012, at 10:38, Yang Xiang wrote:
RPKI is great.
But, firstly, ROA doesn't cover all the prefixes now,
we need an alternative service to alert hijackings.
Or to sign your prefixes.
secondly, ROA can only secure the 'Origin AS' of a prefix,
That's true.
Randy Carpenter rcar...@network1.net writes:
I am wondering how people out there are using DHCPv6 to handle
assigning prefixes to end users.
We have a requirement for it to be a redundant server that is
centrally located.
OK, so then you've already made your choice.
Another solution is
Isn't the ASR9001 closer to the MX80?
Thanks,
-Drew
-Original Message-
From: jon Heise [mailto:j...@smugmug.com]
Sent: Thursday, January 19, 2012 3:10 PM
To: nanog@nanog.org
Subject: juniper mx80 vs cisco asr 1000
Does anyone have any experience with these two routers, we're looking
2012/1/20 Arturo Servin aser...@lacnic.net
On 20 Jan 2012, at 10:38, Yang Xiang wrote:
RPKI is great.
But, firstly, ROA doesn't cover all the prefixes now,
we need an alternative service to alert hijackings.
Or to sign your prefixes.
Sign prefixes is the best way.
Before
RTG uses MySQL for it's backend, so you can basically setup queries however you
like and you can use RTGPOLL to graph multiple interfaces as well.
It's a super good tool and I think there is a group working on RTG2 at
googlecode (I think).
-Drew
-Original Message-
From: Keegan Holley
On a less serious note, did anyone notice the numbers on the fbi.gov
link? I'm pretty sure they are implying those are IP addresses.
123.456.789 and 987.654.321. Must be the same folks that do the Nexus
documentation for Cisco.
-Hammer-
I was a normal American nerd
-Jack Herer
On
On Jan 20, 2012, at 8:08 AM, Yang Xiang wrote:
I think network operators are only careless, but not trust-less,
so black-hole hijacking is the majority case.
This is aligned with the discussion on route leaks at the proposed
interim SIDR meeting just after NANOG.
Even with RPKI and BGPSEC
On Fri, 20 Jan 2012 12:00:15 +0100, Tei said:
What sould fileshares must do, is to store files in these services in
a encrypted way, and anonimized name. So these services have
absolutelly no way to tell what are hosting.
http://freenetproject.org/
pgpQ1myO3UNxN.pgp
Description: PGP
If you want to play around with RPKI Origin Validation, you can download the
RIPE NCC RPKI Validator here: http://ripe.net/certification/tools-and-resources
It's simple to set up and use: just unzip the package on a *NIX system, run
./bin/rpki-validator and browse to http://localhost:8080
On Fri, Jan 20, 2012 at 08:07:10AM -0600, -Hammer- wrote:
On a less serious note, did anyone notice the numbers on the fbi.gov
link? I'm pretty sure they are implying those are IP addresses.
123.456.789 and 987.654.321. Must be the same folks that do the Nexus
documentation for Cisco.
And
In a message written on Fri, Jan 20, 2012 at 12:16:14AM -0600, Jimmy Hess wrote:
Except Cacti/RRDTOOL is really just a great visualization tool, while you
can build stacks, it is not something that accurately meters data for
billing purposes. The right kind of tool to use would be a netflow
Thanks all for the responses. I think I'm going to use cacti and plugins
to aggregate. Aggregated billing is kind of something that would be nice
to have but wasn't required. It's nice to know there are concerns with
using cacti for this. My last question is if there is any easy/automated
way
On 20/01/2012 15:36, Keegan Holley wrote:
using cacti for this. My last question is if there is any easy/automated
way to pull interfaces into cacti and configure graphs for them either via
SNMP or reading from a mysql DB. I suddenly remember how much I hate
importing large routers into
In a message written on Fri, Jan 20, 2012 at 10:36:38AM -0500, Keegan Holley
wrote:
using cacti for this. My last question is if there is any easy/automated
way to pull interfaces into cacti and configure graphs for them either via
SNMP or reading from a mysql DB. I suddenly remember how
Is there a plugin for MRTG that allows you to go back to specific times?
I like MRTG better for this as well but cacti's graphs are much more
flexible.
2012/1/20 Leo Bicknell bickn...@ufp.org
In a message written on Fri, Jan 20, 2012 at 10:36:38AM -0500, Keegan
Holley wrote:
using cacti
On Fri, Jan 20, 2012 at 05:47:21PM +0800, Yang Xiang wrote:
I build a system ?Argus? to real-timely alert prefix hijackings.
A suggestion: pick a different name. There's already a network tool
named Argus (it's been around for years): http://www.qosient.com/argus/
I suggest using the name of a
Once upon a time, Leo Bicknell bickn...@ufp.org said:
To suggest Netflow is more accurate than rrdtool seems rather strange
to me. It can be as accurate, but is not the way most people
deploy it.
Comparing Netflow to RRDTool is comparing apples to cabinets; one is a
source of information and
On 01/20/2012 10:53 AM, Chris Adams wrote:
Once upon a time, Leo Bicknellbickn...@ufp.org said:
To suggest Netflow is more accurate than rrdtool seems rather strange
to me. It can be as accurate, but is not the way most people
deploy it.
Comparing Netflow to RRDTool is comparing apples to
On 20/01/2012 15:44, Nick Hilliard n...@foobar.org wrote:
No. This is one of cacti's major failings: there is no externally
accessible API.
Not an external API but scripts have been available for some time now:
http://www.cacti.net/downloads/docs/html/scripts.html
Ian
2012/1/20 Chris Adams cmad...@hiwaay.net
Once upon a time, Leo Bicknell bickn...@ufp.org said:
To suggest Netflow is more accurate than rrdtool seems rather strange
to me. It can be as accurate, but is not the way most people
deploy it.
Comparing Netflow to RRDTool is comparing apples
- Original Message -
From: Robert Bonomi bon...@mail.r-bonomi.com
Mark Andrews ma...@isc.org wrote:
I suspect most file sharing site don't have illegal content. Most
would have some content that is there without the permission of the
copyright holder. These are different things.
On 20/01/2012 15:48, Leo Bicknell wrote:
I find using MRTG is easier than Cacti for _automation_ purposes.
It also has another slightly subtle but hugely useful advantage: the
primary index reference of a graph does not refer to an interface name or a
number, but can be defined as an arbitrary
BBN has also released an initial version of their relying party
software. Core features are basically the same as the other
validators (namely, RPKI certificate validation), with
-- more fine-grained error diagnostics and
-- more robust support for the RTR protocol for distributing validated
While the ASR1002 does offer more services, I generally disagree with some
parts of this comparison.
Juniper has some very aggressive pricing on mx80 bundles license-locked to
5gb, which are cheaper and blow the performance specifications of the
equivalent low end ASR1002 out of the water for
On 20 January 2012 07:53, Rich Kulawiec r...@gsp.org wrote:
On Fri, Jan 20, 2012 at 05:47:21PM +0800, Yang Xiang wrote:
I build a system ?Argus? to real-timely alert prefix hijackings.
A suggestion: pick a different name. There's already a network tool
named Argus (it's been around for
RTG uses MySQL for it's backend, so you can basically setup queries
however you like and you can use RTGPOLL to graph multiple interfaces
as well.
It's a super good tool and I think there is a group working on RTG2 at
googlecode (I think).
Another RTG user! I didn't know many of us
Carsten Bormann c...@tzi.org wrote:
On Jan 20, 2012, at 11:25, Robert Bonomi wrote:
Public distribution without the permission of the copyright owner is
illegal.
This is veering off the purpose of this list, but maybe it is operationally s
This is veering off the purpose of this list, but
From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Fri Jan 20 08:11:24
2012
Date: Fri, 20 Jan 2012 08:07:10 -0600
From: -Hammer- bhmc...@gmail.com
To: nanog@nanog.org
Subject: Re: US DOJ victim letter
On a less serious note, did anyone notice the numbers on the fbi.gov
link? I'm
On Fri, 20 Jan 2012 12:46:51 CST, Robert Bonomi said:
Sorry, but the last sentence is simply _not_ true. If the making of the
copy was a violation of 17 USC 106 (1) or (2), it's existance is proscribed
by law.
Nice try, but reading 17 USC 503 (b) we see:
As part of a final judgment or
On Thu, 19 Jan 2012 22:34:33 -0500, Michael Painter tvhaw...@shaka.com
wrote:
I quickly read through the indictment, but the gov't claims that when
given a takedown notice, MU would only remove the *link* and not the
file itself.
That's actually a standard practice. It allows the uploader
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
TRNOG, CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to
On 01/20/2012 09:11 AM, Ricky Beam wrote:
On Thu, 19 Jan 2012 22:34:33 -0500, Michael Painter
tvhaw...@shaka.com wrote:
I quickly read through the indictment, but the gov't claims that when
given a takedown notice, MU would only remove the *link* and not the
file itself.
That's actually a
On 20 January 2012 19:37, Paul Graydon p...@paulgraydon.co.uk wrote:
From what I understand about MegaUpload's approach, they created a hash of
every file that they stored. If they'd already got a copy of the file that
was to be uploaded they'd just put an appropriate link in a users space,
In a message written on Fri, Jan 20, 2012 at 09:37:16AM -1000, Paul Graydon
wrote:
From what I understand about MegaUpload's approach, they created a hash
of every file that they stored. If they'd already got a copy of the
file that was to be uploaded they'd just put an appropriate link in
- Original Message -
From: Paul Graydon p...@paulgraydon.co.uk
To: nanog@nanog.org
Sent: Friday, January 20, 2012 2:37:16 PM
Subject: Re: Megaupload.com seized
SNIP
From what I understand about MegaUpload's approach, they created a
hash of every file that they stored. SNIP
So
On Fri, 20 Jan 2012 14:37:16 -0500, Paul Graydon p...@paulgraydon.co.uk
wrote:
... Whenever they received a DMCA take-down they would remove the link,
not the underlying file, so even though they knew that a file was
illegally hosted, they never actually removed it.
And that's where their
The MX80 license locked is not 5Gb
The MX5 is 20Gb TP - 20 SFP ports card, only one MIC slot active
The MX10 is 40Gb TP - 20 SFP ports card. both MIC slots active
The MX40 is 60Gb TP - 20 SFP ports card, both MIC slots + 2 of the onboard
10GbE ports
The MX80 is 80Gb TP - 20 SFP ports card, both
aka deduplication.
In Viacom vs. YouTube it was pretty successfully argued that there was no
way for YT to know that *every* instance of a work was illegally uploaded.
However they *were* able to produce 'smoking gun' evidence of Viacom agents
uploading material.
j
On Fri, Jan 20, 2012 at 2:37
Thank you, that is great to know and have for reference.
Yeah, looking at this invoice from a a few months back, I have a MX80
Promotional 5G Bundle for channels... So I'm guessing that's now the MX5.
(I had assumed it was a mx80 in my response).
My first Juniper box ever, so forgive my
Incidentally, some traffic stats on
http://gigaom.com/2012/01/20/follow-the-traffic-what-megauploads-downfall-did-to-the-web/
MegaUpload was indeed one of the more popular sites on the web for storing
and sharing content. It ranked as .98 percent of the total web traffic in
the U.S. and 11.39
In article 20120120200216.ga62...@ussenterprise.ufp.org, Leo Bicknell
bickn...@ufp.org writes
Also, when using a hashed file store, it's possible that some uses
are infringing and some are not. I might make a movie, put it on
Megaupload, and then give the links only to the 5 people who bought
On Fri, Jan 20, 2012 at 3:02 PM, Leo Bicknell bickn...@ufp.org wrote:
In a message written on Fri, Jan 20, 2012 at 09:37:16AM -1000, Paul Graydon
wrote:
From what I understand about MegaUpload's approach, they created a hash
of every file that they stored. If they'd already got a copy of the
BGP Update Report
Interval: 12-Jan-12 -to- 19-Jan-12 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS34205 50143 3.1%5571.4 -- MRBD-AS OJSC Rostelecom
2 - AS840245021 2.8%
I certainly agree they have very different applications, and hopefully
that will help those looking for this kind of insight.
On Fri, Jan 20, 2012 at 3:54 PM, Saku Ytti s...@ytti.fi wrote:
On (2012-01-20 09:50 -0700), PC wrote:
Juniper has some very aggressive pricing on mx80 bundles
On Fri, Jan 20, 2012 at 10:45 PM, RijilV rij...@riji.lv wrote:
A suggestion: pick a different name. There's already a network tool
named Argus (it's been around for years): http://www.qosient.com/argus/
I suggest using the name of a different Wishbone Ash album: Bona Fide. ;-)
Ha, there are
On Jan 20, 2012, at 12:49, Nathan Eisenberg nat...@atlasnetworks.us wrote:
The web interface allows for interface aggregation, and the code for doing
that could probably be reverse engineered easily enough for other reporting
mechanisms as well.
On this point (of nice aggregation UIs) is
Matt Addison matt.addi...@lists.evilgeni.us wrote:
On this point (of nice aggregation UIs) is anyone here using Graphite
as a backend for their time series data stores?
I'm not personally, but I know some of our support clients are happily using it
along with OpenNMS' support for outboarding
On Tue, Jan 17, 2012 at 4:04 PM, Randy Carpenter rcar...@network1.netwrote:
We have a requirement for it to be a redundant server that is centrally
located. DHCPv6 will be relayed from each customer access segment.
We have been looking at using ISC dhcpd, as that is what we use for v4.
- Original Message -
From: Ricky Beam jfb...@gmail.com
On Fri, 20 Jan 2012 14:37:16 -0500, Paul Graydon
p...@paulgraydon.co.uk
wrote:
... Whenever they received a DMCA take-down they would remove the
link,
not the underlying file, so even though they knew that a file was
- Original Message -
On Tue, Jan 17, 2012 at 4:04 PM, Randy Carpenter
rcar...@network1.net wrote:
We have a requirement for it to be a redundant server that is
centrally located. DHCPv6 will be relayed from each customer access
segment.
We have been looking at using ISC
Technical nuances notwithsatnding, isn't the guts of the case that the
megaupload team wilfully engaged in harbouring infringing files as
evidenced by the email snooping, eg boasting to each other about having
feature movies available prior to release etc.
Similar evidence brought grokster down,
69 matches
Mail list logo