Re: Anyone having issues updating RADB tonight?

Updates completing is fine for everyone but Level 3. Switched to a new data center and both they and I updated our records and Level 3 still hasn't picked up the updates and its been 9 days. Sigh - Original Message - From: "Courtney Smith" To: Sent: Thursday, January 14, 2010 12

RE: Anyone having issues updating RADB tonight?

My update completed eventually. Not sure if the delay had any relation to the URL issues. Sorry for top post. Haven't figured how to put inline when using my Droid. Joe Blanchard wrote: > > >Looks like someone messed up permissions on the directories and/or files. >Even the images for

Re: I don't need no stinking firewall!

On Jan 14, 2010, at 12:37 PM, Warren Kumari wrote: > I can now place a checkbox in the "Is there a firewall?" column of the > audit. mod_security is your friend. ;> --- Roland Dobbins //

Re: I don't need no stinking firewall!

On Jan 10, 2010, at 1:32 AM, Dobbins, Roland wrote: On Jan 10, 2010, at 1:22 PM, harbor235 wrote: Again, a firewall has it's place just like any other device in the network, defense in >>> depth is a prudent philosophy to reduce the chances of compromise, it does not >>>eliminate it nor d

RE: Anyone having issues updating RADB tonight?

Looks like someone messed up permissions on the directories and/or files. Even the images for the buttons don't appear to work.. http://www.radb.net/images/navbar_bottom_off_02.jpg 403 permission denied... Game over. :o -Joe > -Original Message- > From: courtneysm...@comcast.net

Anyone having issues updating RADB tonight?

Anyone having issues updating RADB tonight? I am getting 403 message from URL to web form. No response from two updates I submitted this evening via email. I noticed a few other URL's are also giving a 403 message. http://www.radb.net/cgi-bin/radb/irr-web.cgi http://www.radb.net/faq.html ht

Re: more news from Google

> On Jan 13, 2010, at 5:26 PM, mshel...@cox.net wrote: > > > From a single detection of one hostile email you can often expand the > > picture to many mail recipients. A little open source research identifies > > the common community the recipients belong to. It's pretty straight > > forward.

RE: more news from Google

> -Original Message- > From: Ken Chase [mailto:m...@sizone.org] > Sent: Wednesday, January 13, 2010 12:24 AM > To: nanog@nanog.org > Subject: more news from Google > > I must say I'll have to take a step back from my previous > position/postings > having read this article. > > I just can'

Re: I don't need no stinking firewall!

Tim Durack wrote: > Replace all the routers on the Internet with stateful firewalls. What happens? the same thing that happened with flow-cached routers, they melt, you go out of business, the end.

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Wed, Jan 13, 2010 at 12:55:00PM -0500, Matt Simmons wrote: > That would be excellent for both the administrator, and anyone walking > down the row with a wand in their pocket. So... someone has a list of the "barcodes" on all my equipment. ONOES! Without access to the asset database that back

Re: more news from Google

On Jan 13, 2010, at 5:26 PM, mshel...@cox.net wrote: > From a single detection of one hostile email you can often expand the picture > to many mail recipients. A little open source research identifies the common > community the recipients belong to. It's pretty straight forward. > The magic

Re: more news from Google

From a single detection of one hostile email you can often expand the picture to many mail recipients. A little open source research identifies the common community the recipients belong to. It's pretty straight forward. Mike --Original Message-- From: Nathan Eisenberg To: nanog@nano

Re: more news from Google

valdis.kletni...@vt.edu wrote: > On Wed, 13 Jan 2010 17:31:44 +0100, Anthony Uk said: > >> "Second, we have evidence to suggest that a primary goal of the >> attackers was accessing the Gmail accounts of Chinese human rights >> activists. " > >> I have orders of magnitude fewer users than gma

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Wed, 13 Jan 2010 12:50:03 PST, Nathan Eisenberg said: > I think the impulse to challenge and question assertions probably tends to > be a common personality feature in (good) network admins. Something to keep in mind is that this list is, by and large, comprised of people who are paid large sum

Re: more news from Google

Joe Abley wrote: > On 2010-01-13, at 11:31, Anthony Uk wrote: > > >> The ability to automatically discern users' political positions from their >> inbox is not one that any email provider reasonably needs. >> > > It's arguably something that gmail users consent to when they give Google >

RE: more news from Google

> -Original Message- > From: Leo Bicknell [mailto:bickn...@ufp.org] > Sent: Wednesday, January 13, 2010 12:49 PM > To: nanog@nanog.org > Subject: Re: more news from Google > > It's not clear to me you have to read any e-mail to figure out that > "help_us_free_ti...@gmail.com" might be some

RE: Default Passwords for World Wide Packets/Lightning Edge Equipment

> From: Graeme Fowler [mailto:gra...@graemef.net] > And somewhere in the dim and distant past (Jan 6th), Nathan announced > that he'd sorted out his original problem and now had the defaults. > > What a peculiar bunch we are. And this from the group lauded as > anonymously and peacefully co-existi

Re: more news from Google

In a message written on Wed, Jan 13, 2010 at 05:31:44PM +0100, Anthony Uk wrote: > I have orders of magnitude fewer users than gmail does, and often look > at their mailboxes (with their consent, of course), but I still couldn't > tell you the political position of any of them (apart from the pol

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Wed, 2010-01-13 at 15:12 -0500, Steven Bellovin wrote: > Lots of gear has a button/jumper/pop_the_CMOS > battery/other_physical_presence_magic to reset things to factory state, > including the default pw. The threat went on to why default passwords are > bad, to passwords on the bottom of th

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Jan 13, 2010, at 2:47 PM, Nathan Eisenberg wrote: > Not if you change the default password like any sane admin does... This is from the OP: I have recently inherited the management of an undocumented network (failed FTTH provider) which utilizes World Wide Packets' LightningEdge 42

Re: more news from Google

On Wed, 13 Jan 2010 17:31:44 +0100, Anthony Uk said: > "Second, we have evidence to suggest that a primary goal of the > attackers was accessing the Gmail accounts of Chinese human rights > activists. " > I have orders of magnitude fewer users than gmail does, and often look > at their mailbox

Re: cable provider problems yesterday around 1pm EST?

On 1/13/2010 7:44 AM, Rich Casto wrote: Is anyone aware of any routing problems with any cable providers yesterday around 1pm EST? Thanks! -- Rich I experienced significant packet loss and dropped connections (possibly caused by that) at about that time yesterday. My ISP is Charter Cable. -

Re: more news from Google

It was to others :) But in the process of troubleshooting, an admin may come across something say by looking at a bounce message or other statistics such as which domains the user sends to on a regular basis. cPanel even comes with Eximstats which does some of that for you. On Wed, Jan 13, 2010

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Wed, 13 Jan 2010 11:23:59 MST, "Lyndon Nerenberg (VE6BBM/VE7TFX)" said: > > Barry's right, for at least some scenarios. If I have an unauthorized > > somebody > > walking down the row with a wand in their pocket, the fact they have a wand > > in > > their pocket is the least of my problems. >

Re: more news from Google

On 2010-01-13, at 14:51, Ronald Cotoni wrote: > You should most likely read their terms of service and that would > actually answer this instead of guessing. I've read the terms of service. I may be interpreting them incorrectly, sure, but I'm not guessing. If your comment was not directed at

Re: more news from Google

You should most likely read their terms of service and that would actually answer this instead of guessing. Also, if your reading your own employee's email, that is most likely perfectly legal. On Wed, Jan 13, 2010 at 2:22 PM, Joe Abley wrote: > > On 2010-01-13, at 11:31, Anthony Uk wrote: > >>

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

Steven Bellovin wrote: > On Jan 13, 2010, at 1:45 PM, Barry Shein wrote: > >> There seem to be a lot of misconceptions about RFID tags. I'm hardly >> an expert but I do know this much: >> >> RFID tags are generic, you don't put data into them unique to your >> application. Not true, the simples

RE: Default Passwords for World Wide Packets/Lightning Edge Equipment

Not if you change the default password like any sane admin does... -Original Message- From: Steven Bellovin [mailto:s...@cs.columbia.edu] Sent: Wednesday, January 13, 2010 11:26 AM To: Barry Shein Cc: nanog@nanog.org; nonobvi...@gmail.com Subject: Re: Default Passwords for World Wide Pack

Re: RFID in datacenter (was Re: Default Passwords for World Wide Packets/Lightning Edge Equipment)

On Wed, Jan 13, 2010 at 12:51 PM, George Imburgia wrote: > > On Wed, 13 Jan 2010, Barry Shein wrote: > > The big advantage of RFIDs is that you don't need line of sight access >> like you do with bar codes, they use RF, radio frequency. >> > > Which is also a big disadvantage in a datacenter. Eve

RE: RFID in datacenter (was Re: Default Passwords for World WidePackets/Lightning Edge Equipment)

I have something akin to experience in this arena at least as it applies to the ambient RF environment and the security of the data transferred. As a matter of fact the two usually go hand in hand. The issue that I usually see is how to protect your new drivers license / passport / ID badge (with e

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Jan 13, 2010, at 1:45 PM, Barry Shein wrote: > > There seem to be a lot of misconceptions about RFID tags. I'm hardly > an expert but I do know this much: > > RFID tags are generic, you don't put data into them unique to your > application. > Part of the original (or at least early) context

Re: RFID in datacenter (was Re: Default Passwords for World Wide Packets/Lightning Edge Equipment)

On Wed, Jan 13, 2010 at 01:51:41PM -0500, George Imburgia wrote: > > On Wed, 13 Jan 2010, Barry Shein wrote: > >> The big advantage of RFIDs is that you don't need line of sight access >> like you do with bar codes, they use RF, radio frequency. > > Which is also a big disadvantage in a datacenter.

Re: more news from Google

On 2010-01-13, at 11:31, Anthony Uk wrote: > The ability to automatically discern users' political positions from their > inbox is not one that any email provider reasonably needs. It's arguably something that gmail users consent to when they give Google rights to index and process their mail,

RFID in datacenter (was Re: Default Passwords for World Wide Packets/Lightning Edge Equipment)

On Wed, 13 Jan 2010, Barry Shein wrote: The big advantage of RFIDs is that you don't need line of sight access like you do with bar codes, they use RF, radio frequency. Which is also a big disadvantage in a datacenter. Ever tried to use a radio in one? The RF noise generated by digital equ

Re: more news from Google

On 13.01.2010 06:24, Ken Chase wrote: I must say I'll have to take a step back from my previous position/postings having read this article. I just can't figure out their /ANGLE/. :) http://googleblog.blogspot.com/2010/01/new-approach-to-china.html Well played, google? /kc From the artic

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

> RFID tags are generic, you don't put data into them unique to your > application. Field programmable RFID-like tags do exist. They aren't common, but they're out there.

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

There seem to be a lot of misconceptions about RFID tags. I'm hardly an expert but I do know this much: RFID tags are generic, you don't put data into them unique to your application. All they are is a range of long serial numbers guaranteed to be globally unique, like ethernet macs more or less

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

> Barry's right, for at least some scenarios. If I have an unauthorized somebody > walking down the row with a wand in their pocket, the fact they have a wand in > their pocket is the least of my problems. Encrypt the data?

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On January 13, 2010 at 12:55 standalone.sysad...@gmail.com (Matt Simmons) wrote: > That would be excellent for both the administrator, and anyone walking > down the row with a wand in their pocket. All an RFID wand would give you is a unique id number for each tag in range which someone with a

RE: Default Passwords for World Wide Packets/Lightning Edge Equipment

> -Original Message- > From: Matt Simmons [mailto:standalone.sysad...@gmail.com] > Sent: Wednesday, January 13, 2010 9:55 AM > To: Barry Shein > Cc: nanog@nanog.org; Bill Stewart > Subject: Re: Default Passwords for World Wide Packets/Lightning Edge > Equipment > > That would be excellent

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

We have an internally written app that allows us to either find where in the data center a server is, or pull up a rack and see what's in it. It wouldn't be a very big leap to assign each rack a bar code and have an app (you could even write it as a smartphone app) that scans the bar code and

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On Wed, 13 Jan 2010 12:55:00 EST, Matt Simmons said: > That would be excellent for both the administrator, and anyone walking > down the row with a wand in their pocket. Barry's right, for at least some scenarios. If I have an unauthorized somebody walking down the row with a wand in their pocket,

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

That would be excellent for both the administrator, and anyone walking down the row with a wand in their pocket. On Wed, Jan 13, 2010 at 12:21 PM, Barry Shein wrote: > > On January 12, 2010 at 23:03 valdis.kletni...@vt.edu > (valdis.kletni...@vt.edu) wrote: >  > On Tue, 12 Jan 2010 17:50:37 PST,

Re: Default Passwords for World Wide Packets/Lightning Edge Equipment

On January 12, 2010 at 23:03 valdis.kletni...@vt.edu (valdis.kletni...@vt.edu) wrote: > On Tue, 12 Jan 2010 17:50:37 PST, Bill Stewart said: > > A password recovery method I've found very frustrating is to use the > > serial number or similar value that's on a label on the bottom of the > > e

Re: SORBS on autopilot?

On Jan 12, 2010, at 1:09 PM, Rich Kulawiec wrote: > On Tue, Jan 12, 2010 at 10:48:31AM -0800, Brian Keefer wrote: >> I wouldn't say that necessarily accurate. I could be considered >> part of the "anti-spam crowd", seeing as that's my line of work. > >> I think DULs are a really dumb way to blo

RE: more news from Google

>>> You don't like the law, don't do biz in that country. But blatantly breaking a law is bad joo-joo. Is it? http://images.google.cn/images?hl=zh-CN&um=1&sa=1&q=civil+disobedience -- TTFN, patrick >> -Original Message- >> From: Ken Chase [mailto:m...@sizone.org] >> Sent: Wednesd

Re: more news from Google

On Jan 13, 2010, at 12:01 PM, Jorge Amodio wrote: >> You don't like the law, don't do biz in that country. But blatantly >> breaking a law is bad joo-joo. > > OT. > Please don't say "joo-joo" every time the TechCrunch folks see that > they get diarrhea That is a horrible name for a product. J

Re: more news from Google

> You don't like the law, don't do biz in that country.  But blatantly breaking > a law is bad joo-joo. OT. Please don't say "joo-joo" every time the TechCrunch folks see that they get diarrhea Cheers Jorge PS what about all the property and copyright laws being supposedly broken over there ?

Re: more news from Google

Jérôme Fleury wrote: On Wed, Jan 13, 2010 at 17:14, Patrick W. Gilmore wrote: On Jan 13, 2010, at 2:05 AM, Stefan Fouant wrote: I for one would be really happy to see them follow through with this. I was very disappointed when they agreed to censor search results, although I can unde

Re: more news from Google

On Wed, Jan 13, 2010 at 17:14, Patrick W. Gilmore wrote: > On Jan 13, 2010, at 2:05 AM, Stefan Fouant wrote: > >> I for one would be really happy to see them follow through with this.  I was >> very disappointed when they agreed to censor search results, although I can >> understand why they did s

Re: cable provider problems yesterday around 1pm EST?

We experienced connectivity loss from both our Level 3 and AT&T connections to our telecommuter population who primarily use the following cable providers: Time-Warner (RoadRunner), Cox, and Comcast. Our AT&T circuits go into NYC and our Level 3 goes into Newark, NJ. -- Rich On Wed, Jan 13, 201

Re: SORBS on autopilot?

On Wed, 13 Jan 2010 09:07:28 +0100, Martin Hotze said: > ... without need of providing any services "back" to the 'net. At > least with IPv6 one has to rethink this position as there finally is > end-to-end communication "as we finally *return to* end-to-end communication". An important distinc

Re: more news from Google

On Jan 13, 2010, at 11:14 AM, Patrick W. Gilmore wrote: On Jan 13, 2010, at 2:05 AM, Stefan Fouant wrote: I for one would be really happy to see them follow through with this. I was very disappointed when they agreed to censor search results, although I can understand why they did so from

Re: BGP testbed tools

2010/1/12 Łukasz Bromirski : > On 2010-01-12 21:27, Ben Jencks wrote: >> This is obviously a rookie question, but I haven't found anything by >> searching. I'm looking to set up a small testbed to simulate our >> internal network topology, and I want to have a realistic BGP table >> from the fake "

Re: cable provider problems yesterday around 1pm EST?

Were there any problems on the internet at 1 PM EST yesterday :) But honestly which provider and in what area? On Wed, Jan 13, 2010 at 11:23 AM, Steve Meuse wrote: > Rich Casto expunged (richca...@gmail.com): > >> Is anyone aware of any routing problems with any cable providers yesterday >> arou

Re: cable provider problems yesterday around 1pm EST?

On Wed, Jan 13, 2010 at 8:23 AM, Steve Meuse wrote: > Rich Casto expunged (richca...@gmail.com): > >> Is anyone aware of any routing problems with any cable providers yesterday >> around 1pm EST?  Thanks! > > I dare you to be more vague > > -Steve Has anyone had any problems this past week.

Re: cable provider problems yesterday around 1pm EST?

Rich Casto expunged (richca...@gmail.com): > Is anyone aware of any routing problems with any cable providers yesterday > around 1pm EST? Thanks! I dare you to be more vague -Steve

Re: more news from Google

* Patrick W. Gilmore: > You don't like the law, don't do biz in that country. But blatantly > breaking a law is bad joo-joo. I think we all consider their approach to copyright law refreshing and useful, so there are certainly laws worth breaking. 8-)

Re: more news from Google

On Jan 13, 2010, at 2:05 AM, Stefan Fouant wrote: > I for one would be really happy to see them follow through with this. I was > very disappointed when they agreed to censor search results, although I can > understand why they did so from a business standpoint... it seemed to go > against the go

Re: more news from Google

On Jan 13, 2010, at 2:18 AM, Benjamin Billon wrote: > Seems logical, after all. > > Considering the (bad) performances of Google search engine in China compared > to Chinese competitors, and considering the fact that wouldn't change a bit > in the future, closing offices wouldn't be a bad thing

cable provider problems yesterday around 1pm EST?

Is anyone aware of any routing problems with any cable providers yesterday around 1pm EST? Thanks! -- Rich

ICSI Netalyzr launch #2

Folks, you may recall that last June we released a beta version of Netalyzr, a Java applet you can run by surfing to netalyzr.icsi.berkeley.edu (or to netalyzr.com). It measures a bunch of the properties of an end user's network access, particularly looking for transparent modifications (e.g., hid

Re: I don't need no stinking firewall!

Lots of interesting technical information in this thread. Mixed with a healthy dose of religion/politics :-) I suspect that most people are going to keep doing what they are doing. In our environment, at the transport level, we have moved from stateful towards stateless, as it has proved to be op

RE: I don't need no stinking firewall!

> -Original Message- > From: Bruce Curtis [mailto:bruce.cur...@ndsu.edu] > Sent: Tuesday, January 12, 2010 5:14 PM > To: NANOG list > Subject: Re: I don't need no stinking firewall! > >> > >> IMO you're better off making sure only the services you intend to > >> provide are listening, an

Re: SORBS on autopilot?

On Tue, Jan 12, 2010 at 11:11:13AM -0800, Michael Thomas wrote: >> Blocking generic and residential addresses is the single most effective >> thing we've ever done to reduce spam. > > Really? You mean that if you stopped doing this you'd have trillions, > or quadrillions of spams per day instead no

SORBS contact

Hello, I did try to reach someone at SORBS using their contact forms on the website. Somehow no action was taken and I also didn't get a response. Could someone from SORBS contact me? I need an issue to be resolved. With kind regards, Mark Scholten SinnerG BV

Re: Senderbase contact

I will forward your email to the admin them of senderbase. -Dennis On Jan 12, 2010, at 10:36 AM, Drew Weaver wrote: > Any Senderbase contacts on list? I am having problems getting some questions > answered through normal channels. > > thanks, > -Drew >

RE: Re: SORBS on autopilot?

Oh well, there's an approach where one splits users into "residential" and "business", meaning that "residential" is only downloading, surfing, ... without need of providing any services "back" to the 'net. At least with IPv6 one has to rethink this position as there finally is end-to-end communic