RE: EBAY and AMAZON

> Windows security sucks. The real problem with Windows is that there exist folks who believe that it is, or can be, secured. They believe the six-colour glossy, the Gartner Reports, and other (manufacturers') propaganda. As a consequence they do not act in a fashion which will keep them saf

RE: EBAY and AMAZON

[Snip good collection of security setting suggestions. Does anybody have others or a URL?] > I could never quite understand how anyone could get "phished" by e-mail > since I have never ever seen a "phishing" or other malicious message that > was not obviously so, even when I don't have me spect

Re: Google SDN slides @NANOG55

On Mon, Jun 11, 2012 at 9:48 PM, Chris Boyd wrote: > On Jun 11, 2012, at 8:04 PM, Ray Qiu wrote: > >> Hi, >> >> Could someone please share the SDN slides that Google presented at >> NANOG55?  It is still not on the web.  Thanks! > > > Please post a link to the list.  Thanks! won't these just show

Re: Google SDN slides @NANOG55

On Jun 11, 2012, at 8:04 PM, Ray Qiu wrote: > Hi, > > Could someone please share the SDN slides that Google presented at > NANOG55? It is still not on the web. Thanks! Please post a link to the list. Thanks! +1 --Chris

Google SDN slides @NANOG55

Hi, Could someone please share the SDN slides that Google presented at NANOG55? It is still not on the web. Thanks! Regards, Ray Sent from my iPhone 4S

RE: EBAY and AMAZON

Security Settings in the Trust Center: "Read as Plain Text" "Even Signed Messages as Plain Text" "Never Download Images" "Require Confirmation when Forwarding or Replying will Download Anything at all" Disable the AutoInfect options: "Turn off the Preview"

Re: Configuration Systems

Rob McEwen wrote: Personally, I prefer paying a little extra for my own dedicated and/or co-located servers... where I'm in total control of ALL aspects of hardware/software. You are resisting the lure back to the mainframe paradime [sic], let go of your resistance and let yourself be gently w

Re: EBAY and AMAZON

These are exploit kit teasers. Black hole exploit kit specifically. I wouldn't click on any of the links in there. Anyone who would like to send me copies of these, I'll take. -- Joel Esler On Jun 11, 2012, at 4:51 PM, Blake Pfankuch wrote: > I have a spam pit email address which I monit

Re: CBT Nuggets streaming account

On 11/06/12 22:15, STARNES, CURTIS wrote: There is a reason Cisco certs are not considered "Paper Mill Certs" and that you have to recertify every few years to keep up with new equipment and technologies. That is what our community DOESN'T need, Cisco certs that are looked upon like lot of the ot

Re: CBT Nuggets streaming account

You can rent CCIE-topology racks for $1.50/hr. Even though that's overkill for CCNP, you probably don't need that many hours. It sure beats dealing with buying then selling the stuff on ebay. On Mon, Jun 11, 2012 at 4:01 PM, Jonathan Rogers wrote: > I would say part of the argument is old-fashi

Re: EBAY and AMAZON

I'm still trying to figure out how to put golf clubs or even spam into my router configuration. Perhaps you intended this for a different list? On Jun 11, 2012, at 10:27 AM, Brandt, Ralph wrote: > I have received bogus emails from both of the above on Friday. > > These look like I bought somet

Re: CBT Nuggets streaming account

I would say part of the argument is old-fashioned (if you ain't touching it, you're not really learning), but there are other issues as well...such as where you get a legitimate copy of IOS to load into GNS3. Ultimately my personal feeling is that it is not an accurate representation of the real w

Re: CBT Nuggets streaming account

Many CCIE training providers also offer alternative workbooks for CCIE Routing and Switching based solely on GNS3. If the argument is there is no 15.x, then I would argue that the *current* exams offer minimal differences between releases at this time. (IOS-wise) I can understand the switch asp

Re: CBT Nuggets streaming account

On Mon, Jun 11, 2012 at 05:05:59PM -0400, Jonathan Rogers wrote: > GNS3 is completely insufficient for CCNP-level training and labs. You will > need actual equipment. Fortunately, it has gotten a lot cheaper over the > past few years and you don't need the latest and greatest. Check out > Wendell O

RE: CBT Nuggets streaming account

There is a reason Cisco certs are not considered "Paper Mill Certs" and that you have to recertify every few years to keep up with new equipment and technologies. That is what our community DOESN'T need, Cisco certs that are looked upon like lot of the other manufacturer certification courses.

Re: EBAY and AMAZON

On Mon, Jun 11, 2012 at 13:27:58PM -0400, Brandt, Ralph wrote: > I have received bogus emails from both of the above on Friday. > > These look like I bought something that in both cases I did not buy. > The EBAY was a golf club for $887 and the Amazon was a novel for $82, > far more than I would

Re: CBT Nuggets streaming account

GNS3 is completely insufficient for CCNP-level training and labs. You will need actual equipment. Fortunately, it has gotten a lot cheaper over the past few years and you don't need the latest and greatest. Check out Wendell Odom's website for tips. Also we have a CBTNuggets account at my company

Re: CBT Nuggets streaming account

Don't spam the list looking for black market copies of training material. Use GNS3 and design your own labs and google the test topics. Plzkthx. Sent from my iPhone On Jun 11, 2012, at 12:30, Ryan Burtch wrote: > Could someone contact me off list if you have a CBT Nuggets streaming > account a

RE: EBAY and AMAZON

I have a spam pit email address which I monitor for trends to have a little bit of jump on the possible things users might touch at work. I started seeing the amazon, ebay and paypal ones a few weeks back. The other one I have started to see a lot of is the "Free or cheaper home phone service

Re: Arbor Peakflow competitor?

Re: Dear Linkedin,

--- g...@teksavvy.ca wrote: From: Gabriel Blanchard How the heck did this conversation go from Linkedin to a Quebec drivers license? I'm not sure how relevant this is to NANOG. Both subject matters that is. -- New to nanog, eh? ;-) scott

Re: EBAY and AMAZON

Sometimes I wonder how many nanog'ers would fall for a phishing email sent to this DL. I suspect the number is more than 0. -Dan On Mon, 11 Jun 2012, Bryan Irvine wrote: Yup. They hope that the message contents are a coincidence and scare you into seeing (i.e. clicking on..) what's it's about

Re: Dear Linkedin,

On Jun 11, 2012, at 3:14 PM, Simon Perreault wrote: > On 2012-06-11 15:05, Owen DeLong wrote: >>> OK, someone shows you a Quebec driver's license. You ask for a >>> passport, she says, I don't have one, and points at the blue word Plus >>> after the words Permis de Conduire at the top of the lice

Re: Dear Linkedin,

On 11-Jun-12 14:05, Owen DeLong wrote: > On Jun 11, 2012, at 11:35 AM, "John Levine" wrote: >> OK, someone shows you a Quebec driver's license. You ask for a passport, >> she says, I don't have one, and points at the blue word Plus after the words >> Permis de Conduire at the top of the license

Re: Dear Linkedin,

On 12-06-11 03:14 PM, Simon Perreault wrote: On 2012-06-11 15:05, Owen DeLong wrote: OK, someone shows you a Quebec driver's license. You ask for a passport, she says, I don't have one, and points at the blue word Plus after the words Permis de Conduire at the top of the license. Now what? T

Re: Dear Linkedin,

On 2012-06-11 15:05, Owen DeLong wrote: OK, someone shows you a Quebec driver's license. You ask for a passport, she says, I don't have one, and points at the blue word Plus after the words Permis de Conduire at the top of the license. Now what? To the best of my knowledge, ICE stopped accept

Re: Dear Linkedin,

Sent from my iPad On Jun 11, 2012, at 11:35 AM, "John Levine" wrote: >> From someone who supplies an out-of-country drivers license, I'd request to >> see their passport. From someone who supplies an out-of-state drivers >> license, I'd probably accept it, but the risks there are somewhat redu

Re: Dear Linkedin,

- Original Message - > From: "John Levine" > Although banks have different tradeoffs in risk management than you > might like, they're not dumb. I expect they figured that the increased > volume from not slowing down transactions and demanding more than makes > up for whatever the increas

Re: Dear Linkedin,

On Jun 11, 2012, at 2:35 PM, John Levine wrote: > OK, someone shows you a Quebec driver's license. You ask for a > passport, she says, I don't have one, and points at the blue word Plus > after the words Permis de Conduire at the top of the license. Now > what? Banks and most retailers actuall

RE: EBAY and AMAZON

I have gotten them from "amazon" stating "order number X was cancelled and please click on the below file for more information". Because I order so much on amazon, I almost thought it was real and clicked on it but then went to the amazon site and looked at "my open orders". It always pays to

Re: EBAY and AMAZON

Yup. They hope that the message contents are a coincidence and scare you into seeing (i.e. clicking on..) what's it's about. This happened to me a few years ago where I changed my ebay password, and about 30 minutes later got a phishing email that my password change failed. So I clicked the link

Re: Dear Linkedin,

>From someone who supplies an out-of-country drivers license, I'd request to >see their passport. From someone who supplies an out-of-state drivers >license, I'd probably accept it, but the risks there are somewhat reduced at >least. OK, someone shows you a Quebec driver's license. You ask for a

Re: EBAY and AMAZON

Examination of the raw messages confirms phishing messages. Visible URLS do not match effective URLs. On Jun 11, 2012, at 2:07 PM, Scott Brim wrote: > I think it's a troll, trying to shock you into clicking on something. James R. Cutler james.cut...@consultant.com -top posted by OS X Mail

Re: EBAY and AMAZON

I think it's a troll, trying to shock you into clicking on something. On Mon, Jun 11, 2012 at 2:05 PM, Nick Olsen wrote: > I think it might just be coincidence. I've gotten about 10 of them and > haven't been to ebay or amazon in months. > Most of them have been for >60 dollar books. > > Nick Ol

re: EBAY and AMAZON

I think it might just be coincidence. I've gotten about 10 of them and haven't been to ebay or amazon in months. Most of them have been for >60 dollar books. Nick Olsen Network Operations (855) FLSPEED x106 From: "Brandt, Ralph" Sent: Monday, June 11,

EBAY and AMAZON

I have received bogus emails from both of the above on Friday. These look like I bought something that in both cases I did not buy. The EBAY was a golf club for $887 and the Amazon was a novel for $82, far more than I would have spent on either. I think I looked at the novel on Amazon and I reme

RE: Whither Cometh BCP38?

There are plenty of 'knobs', but I doubt any read this list Ken Matlock Network Engineer 303-467-4671 matlo...@exempla.org -Original Message- From: Dobbins, Roland [mailto:rdobb...@arbor.net] Sent: Monday, June 11, 2012 10:32 AM To: NANOG Gripes List Subject: Re: Whither Cometh B

Re: Whither Cometh BCP38?

On Jun 11, 2012, at 11:09 PM, Jay Ashworth wrote: > So, are the knobs actually on? (I'm guessing "clearly, not") In many cases, no, or we wouldn't be seeing many spoofed packets, would we? ;> --- Roland Dobbins //

Re: Whither Cometh BCP38?

- Original Message - > From: "Roland Dobbins" > On Jun 11, 2012, at 10:13 PM, Jay Ashworth wrote: > > Or are spoofed-source-address attacks not, as Vix suggests, > > significant and trending upwards? > > They're enjoying a renaissance because of attackers leveraging > spoofing in order t

Re: Arbor Peakflow competitor?

We do use GenieNRM product for ISP(GenieATM 6k),one for collector and one for controller. We use it for traffic analysis like TOP 10 usage, ASN analysis, and interface matrix usage. It can use customize report fit your needs. cheers, Ethern == Ethern Lin Net

Re: My view of the arin db boarked?

On Sat, Jun 9, 2012 at 11:13 AM, Joe Provo wrote: > On Fri, Jun 08, 2012 at 04:27:29PM -0400, Christopher Morrow wrote: >> err, last 3 times I asked this I was shown the error of my ways, but >> here goes... >> >> 209.250.228.241 - seems to not have any records in ARIN's WHOIS >> database, everyth

RE: Whither Cometh BCP38?

> -Original Message- > From: Jay Ashworth [mailto:j...@baylink.com] > Sent: Monday, June 11, 2012 11:13 AM > To: NANOG > Subject: Whither Cometh BCP38? > > Off a comment Vix made in another thread this weekend, what is the > current status, to the degree to which anyone knows and is perm

Re: Whither Cometh BCP38?

On Mon, 11 Jun 2012, Jay Ashworth wrote: Is that still true (or not, as I expect), and if common edge concentrators do now support easy filtering to drop packets with improper or invalid source addresses, is this being utilized in the wide area... I'd say most supports it, and if anyone buys o

Re: Whither Cometh BCP38?

On Jun 11, 2012, at 10:13 PM, Jay Ashworth wrote: > Or are spoofed-source-address attacks not, as Vix suggests, significant and > trending upwards? They're enjoying a renaissance because of attackers leveraging spoofing in order to enable DNS, SNMP, and ntp reflection/amplification DDoS attack

Whither Cometh BCP38?

Off a comment Vix made in another thread this weekend, what is the current status, to the degree to which anyone knows and is permitted to say, of the deployment of RFC 3704, BCP 38, to block IP address spoofing at the ingress edge of large consumer eyeball networks? When the BCP was first releas

Problems connecting to Web-sites hosted by XO/Concentric

Hi, Some of our customers (BKK Fiber is an ISP) are having problems connecting to Web-services (TCP port 80) hosted by XO/Concentric. tcpdump shows that no packets are returned. Ping and connection to the SMTP-service (TCP port 25) on the Webserver hosts are fine. The problem seem to be limit

Re: ROVER routing security - its not enumeration

On 6/10/12 5:53 PM, "Paul Vixie" wrote: >Doug Montgomery writes: > >> > ... >> >> I think we debate the superficial here, and without sufficient >>imagination. >> The enumerations vs query issue is a NOOP as far as I am concerned. >>With >> a little imagination, one could envision building a b

Arbor Peakflow competitor?

Hi All, Has anyone worked with GenieATM? http://www.genienrm.com/index.php/products/9-genieatm/genieatm-6000/21-genieatm-6000-isp-series It looks as it has the same functionality as Peakflow. I'm curious if anyone has tested or deployed the solution. And if so, what are your experiences? Thanks

Re: Dear Linkedin,

The Cambridge University Computer Lab has had a crack at this question in their Technical Report 817 on Web authentication: http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-817.html Their conclusion is to use the Mozilla password manager (or close analogue, but they like it because it's open sou