:-> "Chuck" == Chuck Anderson writes:
> d000::/8 *[BGP/170] 01:08:26, MED 760, localpref 200
> AS path: 30071 6762 28716 I
>> to 2001:4830:e1:10::1 via ge-0/0/0.593
I fail to see how this could have gone through this:
ipv6 prefix-list AS28716-V6-IN: 1
.-- My secret spy satellite informs me that at Mon, 11 Jan 2010, Mark Jackson
wrote:
> I'd say that is a bogus route/AS announcement.
> I see nothing in the address assignment for that. But I see traffic
> started originating around 12/15/2009.
Actually d000::/8 has been around for 2 months alre
Mark Jackson wrote:
> I'd say that is a bogus route/AS announcement.
> I see nothing in the address assignment for that. But I see traffic
> started originating around 12/15/2009.
I envision that work will be done in this regard shortly.
God willing, our RIRs will be handing out prefixes to every
I'd say that is a bogus route/AS announcement.
I see nothing in the address assignment for that. But I see traffic
started originating around 12/15/2009.
Mark Jackson, CCIE #4736
Sent from my iPhone. Please excuse spelling errors
On Jan 11, 2010, at 6:17 PM, Chuck Anderson wrote:
> Anyone know
To be honest, when I figured a big BUNCH of d000 was going to hit the
Internet, I did not expect it to come from Italy.;)
Chuck Anderson wrote:
Anyone know why this ISP from Italy is advertising d000::/8 to the
IPv6 Internet?
show route d000::/8
inet6.0: 2446 destinations, 5143 r
Anyone know why this ISP from Italy is advertising d000::/8 to the
IPv6 Internet?
> show route d000::/8
inet6.0: 2446 destinations, 5143 routes (2445 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
d000::/8 *[BGP/170] 01:08:26, MED 760, loca
I know you can measure the actual performance if you use Ixia hardware. We
have used Ixia to find the limitations of hardware before putting it in
production.
On Mon, Jan 11, 2010 at 8:03 PM, GIULIANO (UOL) wrote:
> People,
>
> I have seen a discussion about DDoS Mitigation in this list.
>
> Som
People,
I have seen a discussion about DDoS Mitigation in this list.
Someone reference Juniper SRX equipments like good equipments to prevent
DDoS attacks.
Like Juniper SRX, other players like fortinet has some hardware based (
FORTIGATE) Appliances to provide great throughput, ddos mitigation,
On Mon, Jan 11, 2010 at 7:01 PM, JC Dill wrote:
> Michael J. Hartwick wrote:
>>
>> I have never understood how posting the "warning" at the bottom of the
>> email
>> after you have already given up the "protected" information could possibly
>> be considered enforceable.
>
> It might be useful to l
Michael J. Hartwick wrote:
I have never understood how posting the "warning" at the bottom of the email
after you have already given up the "protected" information could possibly
be considered enforceable.
It might be useful to look at what some people in the legal business say
about these di
Ummm... there is some proprietary information I would have to remove first.
Will NANOG accept a message to the forum with an attachment? If not I can
put it up on my site.
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> From: jul [m
Stefan Fouant wrote on 11/01/10 14:45:
> If anyone is interested, I did pretty exhaustive research into the Service
> Provider marketplace last summer (before Verisign came out with their VIDN).
> I've got some slides which outline the costs, mitigation capacity, etc. of
> many different providers.
On Thu, Jan 07, 2010 at 22:55:25PM -0800, Jay Hennigan wrote:
> Nenad Andric wrote:
> > On Tue Jan 05, 2010 at 01:04:01PM -0800, Jay Hennigan wrote:
>
> >> Or better:
> >> - Allow from anywhere port 80 to server port > 1023 established
> >
> > Adding "established" brings us back to stateful
I have never understood how posting the "warning" at the bottom of the email
after you have already given up the "protected" information could possibly
be considered enforceable. I thought most NDA's required willing acceptance
by both parties before it could be considered valid, a message at the b
Right. Some providers allow you to BGP community trigger RTBH. There was a
separate mention of D/DoS-mitigation-providers using DNS and BGP tunneling.
Rick
On Mon, Jan 11, 2010 at 8:14 AM, Stefan Fouant <
sfou...@shortestpathfirst.net> wrote:
> > -Original Message-
> > From: Rick Ern
On Mon, Jan 11, 2010 at 12:40 PM, Steve Ryan wrote:
> SORBS is a joke, always been a joke, and always will be a joke. I'm quite
> saddened by the fact an entity actually provided financial support to keep
> it going. The internet community would have been better served had they
> just went away.
On Mon, Jan 11, 2010 at 1:12 PM, Stefan Fouant
wrote:
> Precisely - I was saying that in order to add more point to your argument.
> I wasn't disagreeing with you :)
i need more coffee :( thanks!
-Chris
Precisely - I was saying that in order to add more point to your argument.
I wasn't disagreeing with you :)
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
> -Original Message-
> From: christopher.mor...@gmail.com
> [mailto:christopher.mor...@gmail.com] On
On Mon, Jan 11, 2010 at 9:33 AM, Stefan Fouant
wrote:
>> -Original Message-
>> From: Christopher Morrow [mailto:morrowc.li...@gmail.com]
>> Sent: Monday, January 11, 2010 2:05 AM
>>
>> On Mon, Jan 11, 2010 at 12:26 AM, jul wrote:
>> > Martin Hannigan wrote on 05/01/10 16:50:
>> >
>> > Out
On 1/11/2010 8:54 AM, telmn...@757.org wrote:
Did SORBS really cause you that much pain?
SORBS causes people pain every day. I worked at an ISP that used
SORBS and it was nothing short of a nightmare. Donations to ge things
removed, nobody would help you, everything was 'automated' and if
On Jan 11, 2010, at 8:18 AM, Patrick W. Gilmore wrote:
> people using SORBS stop using SORBS.
>
> --
> TTFN,
> patrick
Usually that's the easiest path. All it takes is asking the site using SORBS
to do a few Google searches.
There are much better options out there than SORBS. Why anyone t
On Mon, 2010-01-11 at 11:15 -0500, telmn...@757.org wrote:
> > Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
>
> Our solution was to find new IP space. It was hopeless.
>
>
"me too"; for 2 of my old (smaller sized) customers in the last 4 or 5
month.
Nothing seemed to wor
Did SORBS really cause you that much pain?
Yes. We purchased colo space for some systems that didn't need high class
of service (mostly development systems.) The IP space in a former lifetime
was a dialup pool for analog modems.
We of course changed the reverse DNS entries, and did the norma
On Mon, Jan 11, 2010 at 10:01:11AM -0600, Larry Smith's said:
>host 67.196.137.1
>1.137.196.67.in-addr.arpa domain name pointer
>H1.C137.B196.A67.tor.colo.heavycomputing.ca.
Yeah I didnt make the .colo. up, it's in their proposed-RFC document in section
6.3.
They even go so far as to use th
On Jan 11, 2010, at 11:15 AM, telmn...@757.org wrote:
>> Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
>
> Our solution was to find new IP space. It was hopeless.
Did SORBS really cause you that much pain?
I ask because the other possible solution is enough people do not
Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
Our solution was to find new IP space. It was hopeless.
> -Original Message-
> From: Rick Ernst [mailto:na...@shreddedmail.com]
> Sent: Monday, January 11, 2010 10:39 AM
> To: NANOG
> Subject: Re: D/DoS mitigation hardware/software needed.
>
> As a service-provider/data-center, it seems like outsourcing would be
> either
> ineffective and/or re
On Mon, 11 Jan 2010, Ken Chase wrote:
Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
We've followed their RFC proposed static reverse DNS assignment naming
and all elements of their FAQ.
Have you tried all 3 of the routes listed at
http://www.au.sorbs.net/faq/dul.shtml
On Mon January 11 2010 09:48, Ken Chase wrote:
> Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
>
> We've followed their RFC proposed static reverse DNS assignment naming and
> all elements of their FAQ.
>
> We are not spammers. The /24 in question isnt listed on any RBLs excep
Anyone got some pointers on how to get off SORBS' Dynamic IP lists?
We've followed their RFC proposed static reverse DNS assignment naming and all
elements of their FAQ.
We are not spammers. The /24 in question isnt listed on any RBLs except SORBS
DUL.
We've submitted requests in various differ
I thought I had mentioned outsourcing earlier, but I don't see it in the
thread...
The two mechanisms I've seen for outsources D/DoS are DNS manipulation, or
essentially remote BGP peering with an tunnel back to the local presence.
Even if we are purely hosting, DNS manipulation doesn't do anythi
Can someone from AT&T please contact me off list regarding a problem
with a segment of our network being blocked?
Thanks.
--Matt
> -Original Message-
> From: Christopher Morrow [mailto:morrowc.li...@gmail.com]
> Sent: Monday, January 11, 2010 2:05 AM
>
> On Mon, Jan 11, 2010 at 12:26 AM, jul wrote:
> > Martin Hannigan wrote on 05/01/10 16:50:
> >
> > Outsourced services have higher cost than Arbor but can handled m
> -Original Message-
> From: Hank Nussbacher [mailto:h...@efes.iucc.ac.il]
> Sent: Monday, January 11, 2010 4:40 AM
> To: jul
> Cc: NANOG
> Subject: Re: D/DoS mitigation hardware/software needed.
>
> On Mon, 11 Jan 2010, jul wrote:
>
> > Known leader of the clean-pipe solution is Prolexic
On Mon, 11 Jan 2010, jul wrote:
Known leader of the clean-pipe solution is Prolexic
http://www.prolexic.com/
Akamai and Verisign also tries to go on this market
http://www.akamai.com/security (through CDN)
http://www.verisign.com/internet-defense-network/index.html
Indeed, these 3 also ended
35 matches
Mail list logo