Re: Mailing list SPF Failure

On 17/05/2024 5:45, Karl Auer wrote: On Thu, 2024-05-16 at 19:27 -0700, Michael Thomas wrote: On 5/16/24 7:22 PM, Scott Q. wrote: Mike, you do realize Google/Gmail rejects e-mails with invalid/missing SPF right ? I was receiving the mail while NANOG had no SPF record, so no? Any receiver

Re: puck not responding

On 29/02/2024 17:21, Jared Mauch wrote: On behalf of cisco-nsp and outages - we salute you. -Hank On Feb 28, 2024, at 1:30 AM, Daniel Marks via NANOG wrote: We’re getting rocked by storms here in Michigan, could be related. [ brief version of what happened from what I can tell

puck not responding

Any clue as to when bgp.he.net will be back?

Thanks, Hank

Re: Issue with Geolocation in Lasvegas

On 04/01/2024 9:13, Raja Sekhar Gullapalli via NANOG wrote: https://www.iucc.ac.il/en/blog/2021-05-google-geo-location/ :-) Regards, Hank Team, We are having issues in our lasvegas office & it shows geolocation in all browsers as Israel instead of US region when we access news.google.com

Re: Any comprehensive listing of where Google's IPs originate from?

On 04/12/2023 16:09, Drew Weaver wrote: Although not an answer to your specific question, when I need to reduce latency to a Google cloud region I use: https://gcping.com/ Regards, Hank Hello, We are trying to reduce latency to a region in Google Cloud which we are in the same city of.

BGP hijack?

We just had every single prefix in AS378 start being announced by AS2027. Every announcement by AS2027 is failing RPKI yet being propagated a bit. Is this yet another misbehaving device or an actual attack? Thanks, Hank

Re: Low to Mid Range DWDM Platforms

On 06/10/2023 16:07, Mike Hammett wrote: I  have found that for low end DWDM solutions, https://www.packetlight.com/ has always been the cheapest available. Regards, Hank I've been using various forms of passive WDM for years. I have a couple different projects on my plate that require me

Re: Providing geofeed info to Google

Old topic: if one doesn't have access to https://isp.google.com how does one update their geo-location data so Google sees it? Thanks, Hank On Tue, Aug 30, 2022 at 12:34:41PM -0700, Hugo Slabbert wrote: Google folks: I see historical reference to needing to use the Google Peering Portal (

Re: v6 route mess frm AS266970

On 29/08/2023 18:41, Randy Bush wrote: is a massive route leak not even menntioned when it is only ipv6? the guess i heard was it looked like a classic config reorigination disaster. randy Has the route leak been resolved?    BGPstream still shows it as active:

Re: Geolocastion and FF and Whatsapp

On 18/08/2023 16:36, J. Hellenthal wrote: Private (incognito) in FF gives English page. Interesting. Thanks, Hank Move your FF profile out of the way and reopen FF... diff results ? On Aug 18, 2023, at 00:45, Hank Nussbacher wrote: When I go to https://www.whatsapp.com/ I see the page

Geolocastion and FF and Whatsapp

When I go to https://www.whatsapp.com/ I see the page in Latvian - but only on FF. When using Chrome I see the page in English. So who is doing bad geolocation?  FF or Whatsapp? Thanks, Hank

Re: Do ISP's collect and analyze traffic of users?

On 19/05/2023 15:27, Justin Streiner wrote: It amazes me how people can focus on Netflow metadata and ignore things like Microsoft telemetry data from every Windows box, or ignore the massive amount of html cookies that are traded by companies or how almost every corporate firewall or

Re: Best Linux (or BSD) hosted BGP?

On 02/05/2023 17:56, Warren Kumari wrote: For those that like FRR: https://thehackernews.com/2023/05/researchers-uncover-new-bgp-flaws-in.html Regards, Hank +lots. I've used a number of Linux routing thingies (BIRD, Quagga, VyOS/Ubiquiti, OpenBGPd, ExBGP), and FRR is (for me at least) by

RPKI in Lacnic?

Just got this: Possible TA malfunction or incomplete VRP file: 100.00% of the ROAs disappeared from lacnic DETAILS: -- Event type:   rpki-diff When event started:   2023-04-15 17:17:30 UTC Last event:   2023-04-15 17:17:30

Re: Starlink routing

On 23/01/2023 0:42, Michael Thomas wrote: I read in the Economist that the gen of starlink satellites will have the ability to route messages between each satellite. Would conventional routing protocols be up to such a challenge? Or would it have to be custom made for that problem? And since a

Re: Getting Fiber to My Town by Jared Mauch

On 10/09/2020 15:16, Jared Mauch wrote: Go Jared: https://www.dailystar.co.uk/tech/news/man-who-built-broadband-avoid-27717560 -Hank On Sep 10, 2020, at 8:06 AM, Jared Brown wrote: I believe this belongs here: Getting Fiber to My Town by Jared Mauch

Re: Test email

On 20/06/2022 11:30, Peter Potvin wrote: I did not send this to the list. I assume the admins are testing out what has been blocking my emails for the past month and somehow this email slipped thru. Just ignore and delete. -Hank Why did moderation let this through the filters? I don't

Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)

On 14/05/2022 00:16, Jakob Heitz (jheitz) via NANOG wrote: 'RPKI-dropped-only' causes the dropped routes to be stored. This will prevent the unnecessary route-refreshes described above. It does not prevent all route-refreshes, but uses significantly less memory than 'RPKI-tested-only'

Re: Sabotage: several severed cables at the origin of a major internet outage in France

On 27/04/2022 17:29, Nick Hilliard wrote: https://twitter.com/apb_laudrain/status/1519252859598032898 -Hank + pics: https://twitter.com/acontios_net/status/1519296590015606787 https://twitter.com/acontios_net/status/1519280710762348545

Re: Any sign of supply chain returning to normal?

On 23/04/2022 01:28, na...@jima.us wrote: Ordered a pair of ASR9906s in Jan 2022 with delivery Aug 2022. -Hank Anecdotally, I had a pair of Nexus 93180s that I ordered in May 2021 show up in February 2022, so 9 months. The estimated ship date got punted several times (probably due to being

SATCOM terminals under attack in Europe

https://www.reversemode.com/2022/03/satcom-terminals-under-attack-in-europe.html -Hank

Re: Russia to disconnect from global Internet

Bill Woodcock wrote: > This applies exclusively to Russian federal government networks, not ISPs or telecom operators. https://twitter.com/krisnova/status/1500590779047170048?s=12 says otherwise. -Hank

Re: identity.cisco.com certificate has expired

On 05/03/2022 21:08, Matthew Huff wrote: Arghh… Just an FYI, id.cisco.com is fubar’ed. Hopefully cisco has already fixed it and the proxies/caches/cdns just need to timeout, but just in case anyone knows a contact at Cisco’s ops group… You mean in addition to all the other Cisco boxes that

Conflicts and fiber cuts

As the discussion rages on NANOG, RIPE, CENTR and many other uber-technical forums, I would like to see whether we can focus on what we know best - networking.  Perhaps a weekly report of fiber cuts throughout Europe (starting from Feb 15) and the RFO that the carrier provided.  Of especial

Re: enom giving Google a bad name

On 16/01/2022 19:57, Rubens Kuhl wrote: On Sun, Jan 16, 2022 at 2:38 PM Hank Nussbacher wrote: Many of you might be following the enom weekend fiasco: https://twitter.com/enomsupport/status/1482621466151571456 https://twitter.com/enomsupport/status/1482707275529678849 https

enom giving Google a bad name

Many of you might be following the enom weekend fiasco: https://twitter.com/enomsupport/status/1482621466151571456 https://twitter.com/enomsupport/status/1482707275529678849 https://enomstatus.com/ Thousands of domains have been knocked out. But I just found out that Google is an enom

Re: Contact request AS 6453

On 15/01/2022 10:00, jim deleskie wrote: Did you try: https://www.peeringdb.com/net/437 peering-pol...@as6453.net peering-...@as6453.net ip...@tatacommunications.com Regards, Hank Have you found anyone.  Not there any more but can probably still find someone for you. -jim On Thu, Jan 13,

Re: Cloudflare Abuse Contact

On 07/01/2022 21:35, Töma Gavrichenkov wrote: I would try n...@cloudflare.com based on: https://www.peeringdb.com/net/4224 Regards, Hank Peace, On Fri, Jan 7, 2022 at 8:42 PM Mike Hale wrote: The abuse email sends an auto-responder that tells you to use the web form. The web form is

Re: Anyone seeing ping corruption?

On 20/12/2021 04:41, J Doe wrote: Hi, Out of curiosity - does anyone know why Google is truncating ICMP responses ? As Google has stated in many forums and I quote: "Google Public DNS is a Domain Name System service, not an ICMP network testing service." -Hank

Re: Log4j mitigation

On 13/12/2021 15:28, bofh139 wrote: Now we have the long journey from Java, Ldap, DNS, Birds and Coffee Cups behind us. Does anyone else have any advice on prevention? Scan your systems: https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/fullhunt/log4j-scan -Hank

Re: Latency/Packet Loss on ASR1006

On 07/12/2021 17:32, Blake Hudson wrote: Suggestion: move this thread to cisco-nsp where you might find more assistance. Regards, Hank On 11/26/2021 1:09 PM, Colin Legendre wrote: Hi, We have ... ASR1006  that has following cards... 1 x ESP40 1 x SIP40 4 x SPA-1x10GE-L-V2 1 x 6TGE 1 x

Re: .bv ccTLD

On 04/12/2021 00:45, Jay R. Ashworth wrote: My favorite youtuber has just pointed out that Bougainville will separate formally from Papua New Guinea in 2027, which, surprisingly, is only 5 or 6 years from now. So I looked up .bv, and of course... it's assigned to Bouvet Island, an uninhabited

Re: Google location question

On 23/11/2021 22:31, Chuck Church wrote: Old issue. Everyone encounters this at some point: https://www.iucc.ac.il/en/blog/2021-05-google-geo-location/ You can try reporting it to Google: https://support.google.com/websearch/workflow/9308722?hl=en and wait a month or so to see if the issue

BGP hujack by AS25478?

Based on my own observation as well as via bgpstream there was a massive BGP hijack attempt last night by IHOME-AS iHome LLC, RU (AS 25478). Lasted about 10 minutes.  Noction?  Finger faddle? Malicious? Thanks, Hank

Re: Internet history

On 21/10/2021 21:52, Patrick W. Gilmore wrote: On Oct 21, 2021, at 2:37 PM, Michael Thomas wrote: [changed to a more appropriate subject] On 10/20/21 3:52 PM, Grant Taylor via NANOG wrote: On 10/20/21 3:26 PM, Michael Thomas wrote: Just as an interesting aside if you're interested in the

Geolocation accuracy

Can anyone recommend a geo-location service with high city accuracy? Maxmind, for most countries (broadband, which does move) is below 50% accuracy (they claim 68% accuracy for USA cities): https://www.maxmind.com/en/geoip2-city-accuracy-comparison?country==city=excluding Thanks, Hank

Re: DNS pulling BGP routes?

On 06/10/2021 22:38, Jon Lewis wrote: But I just don't understand why this is a good idea at all. Network topology is not DNS's bailiwick so using it as a trigger to withdraw routes seems Everything I've seen posted about this (whether from Facebook directly, or others) is so vague as to

Re: Facebook post-mortems...

On 05/10/2021 21:11, Randy Monroe via NANOG wrote: Updated: https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ Lets try to breakdown this "engineering" blog posting: - "During one of these routine maintenance jobs, a command was issued with the intention to assess the

Re: Facebook post-mortems...

On 05/10/2021 13:17, Hauke Lampe wrote: On 05.10.21 07:22, Hank Nussbacher wrote: Thanks for the posting.  How come they couldn't access their routers via their OOB access? My speculative guess would be that OOB access to a few outbound-facing routers per DC does not help much

Re: Facebook post-mortems...

On 05/10/2021 05:53, Patrick W. Gilmore wrote: Update about the October 4th outage https://engineering.fb.com/2021/10/04/networking-traffic/outage/ Thanks for the posting. How come they couldn't access their routers via their OOB access? -Hank

Re: massive facebook outage presently

On 04/10/2021 22:05, Jason Kuehl wrote: BGP related: https://twitter.com/SGgrc/status/1445116435731296256 as also related by FB CTO: https://twitter.com/atoonk/status/1445121351707070468 -Hank https://twitter.com/disclosetv/status/1445100931947892736?s=20

FYI: NANOG and ICANN

https://www.icann.org/en/announcements/details/icann-signs-a-memorandum-of-understanding-with-nanog-27-9-2021-en Regards, Hank

Re: An update on the AfriNIC situation

On 27/08/2021 18:36, Bill Woodcock wrote: As many of you are aware, AfriNIC is under legal attack by Heng Lu / “Cloud Innovation.” John Curran just posted an excellent summary of the current state of affairs here:

Re: netflow in the core used for surveillance

On 26/08/2021 00:13, Randy Bush wrote: https://www.vice.com/en/article/jg84yy/data-brokers-netflow-data-team-cymru used to get dissidents, activists, and journos killed at, comcast, ... zayo, please tell us you do not do this. randy I'm confused. Quoting from the article: "In a recent

Re: Setting sensible max-prefix limits

On 18/08/2021 13:03, Chriztoffer Hansen wrote: On Wed, 18 Aug 2021 at 11:33, Lars Prehn wrote: I guess for long standing peers one could just eyeball it, e.g., current prefix count + some safety margin. How does that work for new peers? If you have automation in place. Another approach is to

Re: "Tactical" /24 announcements

On 12/08/2021 17:59, William Herrin wrote: If you prune the routes from the Routing Information Base instead, for any widely accepted size (i.e. /24 or shorter netmask) you break the Internet. How does this break the Internet? I would think it would just result in sub-optimal routing

Re: "Tactical" /24 announcements

On 09/08/2021 18:47, Billy Croan wrote: How does the community feel about using /24 originations in BGP as a tactical advantage against potential bgp hijackers? All of our allocations are larger and those prefixes we announce for clients as well usually are. But we had a request recently to

Re: Where to get IPv4 block these day

Been a while since I had to deal with NetOps stuff. Was wondering, where do you go these days to get IPv4 blocks? It seems like getting assignments is hard due to exhaustion. I have found some "Auction" sites but it all feels very scammy. Any info would be

Re: Global Akamai Outage

On 25/07/2021 09:18, Saku Ytti wrote: Hey, Not a critique against Akamai specifically, it applies just the same to me. Everything seems so complex and fragile. Complex systems are apt to break and only a very limited set of tier-3 engineers will understand what needs to be done to fix it.

Re: Global Akamai Outage

On 23/07/2021 09:24, Hank Nussbacher wrote: From Akamai.  How companies and vendors should report outages: [07:35 UTC on July 24, 2021] Update: Root Cause: This configuration directive was sent as part of preparation for independent load balancing control of a forthcoming product. Updates

Re: Global Akamai Outage

On 22/07/2021 19:34, Mark Tinka wrote: https://edgedns.status.akamai.com/ Mark. [18:30 UTC on July 22, 2021] Update: Akamai experienced a disruption with our DNS service on July 22, 2021. The disruption began at 15:45 UTC and lasted for approximately one hour. Affected customer sites were

Re: Google Geo Location Issues

On 30/06/2021 17:43, Jason Kuehl wrote: Once you have access to isp.google.com your problems are far from over. You would assume that they would use whois info to know which prefix belongs to your ASN. That would be wrong. If you have, for example, a multi-homed customer and you provided

Re: Google Geo Location Issues

On 30/06/2021 02:25, Jason Kuehl wrote: Good luck. I had a case where Israeli users were located in Iceland. Took me well over a month to get it resolved. You can read about it in my blog entry: https://www.iucc.ac.il/en/blog/2021-05-google-geo-location/ Just heard of two more incidents

Re: shadowserver.org

What is the difference between shodan.io and shadowserver.org ? Jean Just those 2?  Greynoise maps them all.  See an old preso from 2018: https://www.slideshare.net/andrewwantsyou/identifying-and-correlating-internetwide-scan-traffic-to-newsworthy-security-events See slide 7 for a 4 year old

Re: shadowserver.org

On 28/06/2021 06:19, Scott Aldrich wrote: Anyone have an idea how to get HE/ShadowServer,org servers to stop attempting to penetrate the comcast drop at my house? Their website claims altruism.. but my logs dont support that claim. Scott Scott, Did you look at:

Re: ROA coverage info

On 24/08/2020 17:49, Rayhaan Jaufeerally (NANOG) wrote: There's also this site run by NIST: https://rpki-monitor.antd.nist.gov/  which contains further breakdowns Anyone know why https://rpki-monitor.antd.nist.gov/ is down? Thanks, Hank

Re: Google uploading your plain text passwords

On 12/06/2021 08:31, Damian Menscher via NANOG wrote: The Chrome password manager is convenient, and the sync can be incredibly handy (I can sign into stuff on different computers or even my phone without needing to copy over the passwords), but you might consider leaving your highest-value

Re: Google IP Geolocation

On 22/04/2021 11:36, Hank Nussbacher wrote: Jared wrote earlier: I've had a similar issue in the past trying to get ready to peer with them. I wanted portal access to look at things. I may yet post a geofeed file just because. (I was also rejected a portal account, didn't escalate to friends

Re: Google IP Geolocation

On 22/04/2021 11:36, Hank Nussbacher wrote: The issues that others had earlier this month just hit us this morning. Users in Israel (132.74.0.0/15) trying to access Google.com or Youtube.com appear as coming from Iceland (see screenshot). Change happened overnight.  Someone internally

Re: Google IP Geolocation

The issues that others had earlier this month just hit us this morning. Users in Israel (132.74.0.0/15) trying to access Google.com or Youtube.com appear as coming from Iceland (see screenshot). Change happened overnight.  Someone internally in Google's geo-location group typo'ed Israel as

Re: BGP and The zero window edge

On 22/04/2021 02:24, Job Snijders via NANOG wrote: On Wed, Apr 21, 2021 at 09:22:57PM +, Jakob Heitz (jheitz) wrote: I'd like to get some data on what actually happened in the real cases and analyze it. [snip] TCP zero window is possible, but many other things could cause it too.

Re: Perhaps it's time to think about enhancements to the NANOG list...?

On 20/03/2021 21:34, Stan Barber wrote: +1 -Hank +1 from the peanut gallery On Sat, Mar 20, 2021 at 2:30 PM Allen Kitchen mailto:allenmckinleykitc...@gmail.com>> wrote: On Sat, Mar 20, 2021 at 2:07 PM Randy Bush mailto:ra...@psg.com>> wrote: i do not find the volume or

RPKI invalid logs?

Is there a place where one can examine RPKI invalid logs for a specific date & time or even better logs showing those that dropped RPKI invalid announcements? Thanks, Hank

Re: bgp.he.net?

On 18/02/2021 15:08, Hank Nussbacher wrote: Is it down? -Hank Back up. -Hank

bgp.he.net?

Is it down? -Hank

Re: Problems with newish IP block assignment issues from ARIN

On 08/02/2021 22:14, Justin Wilson (Lists) wrote: It acts like the IP block was blacklisted at some point and got on some bad lists but I don’t want ti limit myself to that theory. I have opened up a ticket with ARIN asking for any guidance. Has anyone ran into

Re: RTBH and Flowspec Measurements - Stop guessing when the attack will over

On 02/02/2021 19:08, Douglas Fischer wrote: Well... That is a point of view! And I must respect that. Against this position, there are several companies, including some tier 1, that sells this as an

Re: Centurylink having a bad morning?

On 30/08/2020 20:08, Baldur Norddahl wrote: https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/ Sounds like Flowspec possibly blocking tcp/179 might be the cause. But that is Cloudflare speculation.

Re: Centurylink having a bad morning? [EXTERNAL]

On 30/08/2020 18:22, Joseph Jenkins wrote: Well at least it looks like the issue is starting to resolve  and stuff is coming back up. On Sun, Aug 30, 2020 at 8:21 AM Matt Hoppes

Bottlenecks and link upgrades

At what point do commercial ISPs upgrade links in their backbone as well as peering and transit links that are congested?  At 80% capacity?  90%?  95%?  Thanks, Hank Caveat: The views expressed above are solely my own and do not

ISPs are hit hardest by COVID-19 disruption

https://betanews.com/2020/08/04/isps-covid-19-disruption/ Really? -Hank Caveat: The views expressed above are solely my own and do not express the views or opinions of my employer

Re: BGP route hijack by AS10990

On 01/08/2020 00:50, Mark Tinka wrote: On 31/Jul/20 23:38, Sabri Berisha wrote: Kudos to Telia for admitting their mistakes, and fixing their processes. Considering Telia's scope and "experience", that is one thing. But for the general

Re: BGP route hijack by AS10990

On 30/07/2020 20:32, Sadiq Saif wrote: On Thu, 30 Jul 2020, at 13:09, Patrick Schultz wrote: so, bgp optimizers... again? -- Patrick More like shame on Telia for not filtering properly. But wait - MANRS indicates that Telia

Re: BGP route hijack by AS10990

On 30/07/2020 05:46, Clinton Work wrote: See: https://bgpstream.com/event/245264 https://bgpstream.com/event/245265 -Hank Caveat: The views expressed above are solely my own and do not express the views or opinions of my

Re: Survey on the use of IP blacklists for threat mitigation

On 16/06/2020 22:08, J. Hellenthal via NANOG wrote: This issue was raised in Reddit and Github: https://www.reddit.com/r/sysadmin/comments/h149em/calls_to_replace_blacklist_whitelist_black_hat/

IBM Cloud global outage caused by "incorrect" BGP routing

https://www.bleepingcomputer.com/news/technology/ibm-cloud-global-outage-caused-by-incorrect-bgp-routing/ -Hank Note: the views expressed above are my own and do not necessarily reflect the views of my employer

Spike in traffic to Google caches?

Did anyone notice a huge jump in traffic today between 11:30-11:40 (GMT) directed at Google and Akamai caches coming from Amazon and Google? Gaming updates? Thanks, Hank Caveat: The views expressed above are solely my own and do not express the views or opinions of my employer

Re: Backhoe season?

On 26/03/2020 20:02, Aaron Gould wrote: Numerous gov'ts and municipalities, which had planned constructions jobs but postponed them to the summer due to heavy traffic volume, have started to implement all those construction jobs, which includes backhoes. -Hank I heard, and am seeing that

Re: Gmail email blocking is off the rails (again)

On 04/12/2019 05:04, Matthew Pounsett wrote: Cute way to promote Google Groups over Mailman.  Gotta give 'em credit for being creative :-) -Hank For some reason Gmail has started blocking mailman administrative emails to someone who's an admin on a list I host.  Their SMTP 552 error

Re: "Using Cloud Resources to Dramatically Improve Internet Routing"

On 07/10/2019 17:42, Stephane Bortzmeyer wrote: On Fri, Oct 04, 2019 at 03:52:26PM -0400, Phil Pishioneri wrote a message of 9 lines which said: Using Cloud Resources to Dramatically Improve Internet Routing UMass Amherst researchers to use cloud-based ‘logically centralized control’

Re: Art and Tech is madness

On 05/09/2019 08:09, Kasper Adel wrote: No.  This is art & tech from 12 years ago: https://www.youtube.com/watch?v=_y36fG2Oba0 -Hank In SPRING a time when segment and routing had no mismatch, a time when isis and ospf ate a forbidden encap, all they had to do was forward bgp like its hot,

Looking for Cloudfront clue

Can someone with routing/BGP/peering clue in AWS's Cloudfront, please contact me offlist? Thanks, Hank

Re: Mx204 alternative

On 02/09/2019 11:16, Mark Tinka wrote: On 8/Aug/19 05:33, Brandon Martin wrote: MX204 is a very nice pizza box router for service providers.  I'm not aware of anything quite like it in terms of having a mature control plane.  I like the JunOS config language better than Cisco-style that

Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17

On 15/08/2019 06:16, Ronald F. Guilmette wrote: - If the resource owner is no where to be found, why should we as a community care? I'm so glad you asked. Regardless, in -either- the case where no heir can be found -or- in the case where the rightful heir is either just too dumb or just too

Re: RPKI adoption

On 14/08/2019 06:24, John Curran wrote: When you did that Whois look up at the ARIN website, you did agree to terms of use for the Whois service which contains indemnification provisions and are legally enforceable. If you instead used a

Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17

On 13/08/2019 22:17, Ronald F. Guilmette wrote: Just as an observer to your long resource theft postings: - Do you attempt to contact directly the organization or person who have had their resource taken over? - Do they care or are they apathetic? - If the resource owner is no where to be

Re: Bgpmon alternatives?

On 18/07/2019 08:44, Töma Gavrichenkov wrote: On Thu, Jul 18, 2019 at 3:16 AM TJ Trout wrote: Anyone know of a hosted alternative to bgpmon? I'm testing Qrator but I can't determine if it will notify in real-time of a prefix hijack? Qrator guy there. Real-time notifications are there but are

Re: Performance metrics used in commercial BGP route optimizers

On 16/07/2019 20:41, Job Snijders wrote: On Tue, Jul 16, 2019 at 3:33 PM Mike Hammett > wrote: More like do whatever you want in your own house as long as you don't infringe upon others. That's where the rub is; when using "BGP optimisers" to influence public

Re: CloudFlare issues?

On 25/06/2019 08:17, Christopher Morrow wrote: On Tue, Jun 25, 2019 at 12:49 AM Hank Nussbacher wrote: On 25/06/2019 03:03, Tom Beecher wrote: Disclaimer : I am a Verizon employee via the Yahoo acquisition. I do not work on 701. My comments are my own opinions only. Respectfully, I believe

Re: CloudFlare issues?

On 25/06/2019 03:03, Tom Beecher wrote: Disclaimer : I am a Verizon employee via the Yahoo acquisition. I do not work on 701.  My comments are my own opinions only. Respectfully, I believe Cloudflare’s public comments today have been a real disservice. This blog post, and your CEO on Twitter

Re: Russian Anal Probing + Malware

On 24/06/2019 00:23, Randy Bush wrote: e.g. i am aware of researchers scanning to see patching spread and trying to make a conext paper dreadline this week or infocom next month. hard to tell the sheep from the goats and the wolf from the sheep. i get the appended. sheep or wholf? i sure do

Re: Bgpmon alternatives?

On 16/06/2019 12:28, Töma Gavrichenkov wrote: On Sun, Jun 16, 2019, 4:57 AM TJ Trout > wrote: Any simple and easy bgpmon alternatives you guys could recommend? https://radar.qrator.net/ (this is not an advertisement!) -- Töma I have been a subscribed member to

Cisco Crosswork Network Insights - or how to destroy a useful service

[mailto:ad...@crosswork.cisco.com] Sent: 15 May 2019 11:39 To: Hank Nussbacher Subject: CCNI Notification Active alarm count 1 starting at 2019-05-15 08:34:42.960762315 + UTC. Please click on the link for each alarm below: https://crosswork.cisco.com/#/alarm/ba7c5084-f05d-4c12-a17f-be9e815d6647

Re: Widespread Firefox issues

On 05/05/2019 00:04, Lee wrote: On 5/4/19, Mark Foster wrote: Official update from Mozilla: https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/ where they say Please note: The fix does not apply to Firefox ESR which is what I'm running, so about:config

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On 27/04/2019 06:44, William Herrin wrote: On Fri, Apr 26, 2019 at 7:48 PM Owen DeLong > wrote: > Do you honestly believe that hijackings are being committed by ARIN members or even ARIN resource holders that have signed RSAs with ARIN? Wasn't Softlayer (an ARIN

Re: A Deep Dive on the Recent Widespread DNS Hijacking

On 25/02/2019 11:37, Ask Bjørn Hansen wrote: On Feb 24, 2019, at 22:03, Hank Nussbacher wrote: Did you have a CAA record defined and if not, why not? If the attacker got a CA to issue the cert because they changed the DNS server to be their own, a CAA record wouldn’t have helped

Re: A Deep Dive on the Recent Widespread DNS Hijacking

On 25/02/2019 07:20, Bill Woodcock wrote: On Feb 24, 2019, at 7:41 PM, Montgomery, Douglas (Fed) wrote: In the 3rd attack noted below, do we know if the CA that issued the DV CERTS does DNSSEC validation on its DNS challenge queries? We know that neither Comodo nor Let's Encrypt were DNSSEC

Re: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released

On 21/12/2018 17:10, Jared Mauch wrote: So expect now BGP hijackers to announce /25s from here on in.  They generally adopt BCPs faster than providers. -Hank Folks have studied announcing a /25 etc.. and it can help because many providers will accept them.. it won’t get everyone, but

Re: Should ISP block child pornography?

On 07/12/2018 20:48, Max Tulyev wrote: Yes, you may nullroute some IP with some site, but as the collateral damage you will block part of Cloudflare or Amazon, for example. So you have to buy and install additional equipment and software to do it a bit less painful. That's not so cheap, that

  1   2   3   >