Yeap:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-02.txt
TCPM WGJ. Touch
Internet Draft USC/ISI
Obsoletes: 2385 A. Mankin
There is a discussion of this going on in CFRG.
https://www.irtf.org/mailman/listinfo/cfrg
Regards
Marshall
On Jan 4, 2009, at 2:22 AM, Hank Nussbacher wrote:
At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
On Sat, 3 Jan 2009, Hank Nussbacher wrote:
You mean like for BGP neighbors?
On Sun, Jan 4, 2009 at 11:40 AM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Sun, Jan 4, 2009 at 9:37 AM, Marshall Eubanks t...@multicasttech.com
wrote:
There is a discussion of this going on in CFRG.
https://www.irtf.org/mailman/listinfo/cfrg
sadly, and apropos I suppose,
This is sort of a rinse and repeat of the degradation of the Iraqi voice
and data networks we annotated in March of 2003. The first is Ma'an
(Turkish), the second is AP (American). Cell service is at the point of
failure. Data is coming close to failure, and landline voice is
problematic too.
* Hank Nussbacher:
Who is working on this? I don't find anything here:
http://www.ietf.org/html.charters/idr-charter.html
I think this belongs to the tcpm WG or the btns WG.
On Sun, Jan 4, 2009 at 9:37 AM, Marshall Eubanks t...@multicasttech.com wrote:
There is a discussion of this going on in CFRG.
https://www.irtf.org/mailman/listinfo/cfrg
sadly, and apropos I suppose, www.irtf.org is serving up a *.ietf.org
ssl cert :( and the archives require membership to
On Thu, 1 Jan 2009, Simon Lockhart wrote:
My Oracle boxes that rebooted were running RAC (version 10G R2), too. Another
Solaris 10 box running the same version of Oracle, but not RAC, did not reboot.
Looks rather like an Oracle 10 RAC bug.
It's a known bug in Oracle 10. When the time is set
* Brian Keefer:
My apologies if you were commenting on some other aspect, or if my
understand is in some way flawed.
I don't think so.
There's a rule of thumb which is easy to remembe: Never revoke
anything just because some weak algorithm is involved. The rationale
is that that
Date: Sun, 04 Jan 2009 09:22:06 +0200
From: Hank Nussbacher h...@efes.iucc.ac.il
At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
On Sat, 3 Jan 2009, Hank Nussbacher wrote:
You mean like for BGP neighbors? Wanna suggest an alternative? :-)
Well, most likely MD5 is better than the
Has anyone seen evidence that Sprint's cellular network has not
adopted the leap second yet ?
(I have reports, but cannot check myself.)
Marshall
On Jan 4, 2009, at 12:05 PM, Joe Greco wrote:
The opinions on whether or not it is necessary to replace certs
seems to
vary depending on whose opinion you're listening to, but a
relatively safe
rule of thumb for this sort of security issue is to take the path
that is
most likely to avoid
SSL is cracked, VeriSign to blame! was pretty much the top security
story for several days. They had to do something to turn around the
perception, despite accurate analysis and publications by
organizations such as Microsoft. Perception is reality, and
regardless of the technical
On Sun, 04 Jan 2009 15:58:34 CST, Joe Greco said:
Technically the only thing necessary to prevent
this attack has already been done, and that is to stop issuing certs
signed with MD5 so that no one else can create a rogue CA via this
means.
Are we certain that existing certs
On Sat, Jan 03, 2009 at 01:31:28AM -0500, Martin Hannigan wrote:
Overall, geo location has turned out to be a somewhat valuable tool in terms
of language, fraud, and localization. I think that it's important to
continue to urge improvements in this technology, not divestment.
I don't see how
Any security provided (I must assume that you speak of fraud prevention
services) is the probablistic sort, of reducing, for example, aggregate (and
not specific) losses.
– S
-Original Message-
From: Greg Skinner g...@gds.best.vwh.net
Sent: Sunday, January 04, 2009 15:52
To: Martin
A visual comparison of my Sprint phone and xclock with second hand on a
synchronized workstation suggests that they have not yet implemented the
leap second.
Our single CDMA NTP clock did handle the leap second at the correct moment.
However, that CDMA clock is West of Philadelphia and I am in
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used for legitimate internal security
purposes? How does your company approach this dilemma?
Our company for instance has always relied
On Sun, Jan 4, 2009 at 7:23 PM, Skywing skyw...@valhallalegends.com wrote:
Any security provided (I must assume that you speak of fraud prevention
services) is the probablistic sort, of reducing, for example, aggregate (and
not specific) losses.
Yes, probablistic in a wholistic fashion i.e.
I would say to roll your own binary hardcoded to only hit 1 IP address, and
have it held on a law enforcement approved network under the supervision of
a qualified agent. 0.02
On Sun, Jan 4, 2009 at 8:06 PM, Jeffrey Lyon jeffrey.l...@blacklotus.netwrote:
Say for instance one wanted to create an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Jan 4, 2009 at 6:06 PM, Jeffrey Lyon jeffrey.l...@blacklotus.net
wrote:
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used
Super risky. This would be a 99% legal worry plus. Unless all the end points
and networks they cross sign off on it the risk is beyond huge.
-jim
--Original Message--
From: Jeffrey Lyon
Sender:
To: na...@merit.edu
Subject: Ethical DDoS drone network
Sent: Jan 4, 2009 10:06 PM
Say for
Am 05.01.2009 um 03:06 schrieb Jeffrey Lyon:
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used for legitimate internal security
purposes? How does your company approach this
Refer earlier posts.
End points ('drones') would have to be legitimate endpoints, not drones on
random boxes. That eliminates legal liability client-side.
If the traffic is non abusive then I don't see the risk for the network
providers in the middle either.
If it's clearly established that
On Sun, 4 Jan 2009, Jeffrey Lyon wrote:
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used for legitimate internal security
purposes? How does your company approach this dilemma?
If the drones send a few packets a seconds even say 1000's of pkts per second
its value is not likely to be very meaningful, atleast no more so then building
an on net resourse. To be meaningful you'd want/need something that could
simulate a DDoS. Maybe my assumptions are way off base.
On Sun, 4 Jan 2009 21:06:34 -0500
Jeffrey Lyon jeffrey.l...@blacklotus.net wrote:
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used for legitimate internal security
purposes?
On Sun, 4 Jan 2009, John Kristoff wrote:
On Sun, 4 Jan 2009 21:06:34 -0500
Jeffrey Lyon jeffrey.l...@blacklotus.net wrote:
Say for instance one wanted to create an ethical botnet, how would
this be done in a manner that is legal, non-abusive toward other
networks, and unquestionably used for
Agreed, Gadi. It wouldn't be an attack if it were ethical. Technically,
that would be load testing or stress testing.
Might I suggest this to help?
http://www.opensourcetesting.org/performance.php
On Sun, Jan 4, 2009 at 9:55 PM, Gadi Evron g...@linuxbox.org wrote:
On Sun, 4 Jan 2009, John
On Sun, Jan 04, 2009 at 09:55:20PM -0600, Gadi Evron wrote:
A legal botnet is a distributed system you own.
A legal DDoS network doesn't exist. The question is set wrong, no?
kind of depends on what the model is. a botnet for hire
to red-team my network might be just the
On Jan 4, 2009, at 9:18 PM, deles...@gmail.com wrote:
Super risky. This would be a 99% legal worry plus. Unless all the
end points and networks they cross sign off on it the risk is beyond
huge.
Since when do I need permission of networks they cross to send data
from a machine I
On Sun, Jan 4, 2009 at 10:27 PM, bmann...@vacation.karoshi.com wrote:
On Sun, Jan 04, 2009 at 09:55:20PM -0600, Gadi Evron wrote:
A legal botnet is a distributed system you own.
A legal DDoS network doesn't exist. The question is set wrong, no?
kind of depends on what the model is. a
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
You want to 'attack' yourself, I do not see any problems. And I see
lots of possible benefits.
This can be done internally using various traffic-generation and
exploit-testing tools (plenty of open-source and commercial ones
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
You want to 'attack' yourself, I do not see any problems. And I
see lots of possible benefits.
This can be done internally using various traffic-generation and
exploit-testing tools
On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
You want to 'attack' yourself, I do not see any problems. And I see lots
of possible benefits.
This can be done internally using various
Assuming that what you're getting from Verizon is copper and not FIOS,
there should be a number of small to medium-sized ISPs that will provide you
with Layer 3 Internet Service using that copper.
It will cost you a few dollars a month more, but not a lot more,
and you'll not only have more chance
On Jan 4, 2009, at 11:11 PM, Gadi Evron wrote:
On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
I can think of several instances where it _must_ be external. For
instance, as I said
On Jan 5, 2009, at 3:04 PM, Patrick W. Gilmore wrote:
I can think of several instances where it _must_ be external. For
instance, as I said before, knowing which intermediate networks are
incapable of handling the additional load is useful information.
AUPs are a big issue, here..
37 matches
Mail list logo