On 03 Aug 2015, at 15:50, Colton Conor colton.co...@gmail.com wrote:
How does DE-CIX work if you want to cross connect over the exchange to
another provider in a different on-net datacenter of the exchange in the
same metro market?
I’m not sure, but you may be looking for the GlobePEER
On 3 Aug 2015, at 21:19, Stephen Satchell wrote:
And any half-awake server operator would have turned on SYNCOOKIES a
long time ago.
I hate to tell you this, but a) SYN-cookies aren't a perfect response,
as servers don't have infinite resources, and b) stateful firewalls go
down *all the
I have Fiber / DOCSIS / EPON in some rural areas of LATA 138, Where
exactly are you looking? feel free to respond off list.
On Mon, Aug 3, 2015 at 6:52 PM, kb3ien+na...@databit7.com wrote:
I'm looking for a solution to provide one-weekend per year access in a
rural area 20 km outside
Revision 7 (8/3/2006)
That now explains why they were talking about ATM exchanges and DS3
international links...
Speaking of Frontier peering... does anyone have a contact over there? They
haven't responded to my e-mail. I didn't send more than one (I think) because I
didn't want to be
I'm looking for a solution to provide one-weekend per year access in a
rural area 20 km outside Binghamton NY, LATA 138
Can anyone provide any recomendations?
Robin
kb3ien
3. Aug 2015 21:38 by b...@debmi.com:
The WiFi jammers have an interesting MO. They don't throw up static on the
frequency, that would also block their own wifi. They spoof
de-authentication packets. I've been looking for a way to detect this kind
of jamming because my WiFi sucks and I live
Try the local WISP.
http://www.plexicomm.net/
Keefe
On 8/3/2015 5:52 PM, kb3ien+na...@databit7.com wrote:
I'm looking for a solution to provide one-weekend per year access in a
rural area 20 km outside Binghamton NY, LATA 138
Can anyone provide any recomendations?
Robin
kb3ien
On 4 Aug 2015, at 4:38, Mr Bugs wrote:
They don't throw up static on the frequency, that would also block
their own wifi. They spoof
de-authentication packets.
Sure - I'm saying, I don't see this anywhere, is it possible most of
this activity is on 2.4GHz and not 5GHz?
Very interesting. I still have in ~/ a 6509 config I did for an early
Quakecon (or some predecessor or similar event) as a favor for a friend in
~2003. The more things change...
BTW, ISTR there's some dark fiber between Anatole and INFOMART. I'm sure
there's somebody in the 'mart who could
hi mr bugs :-)
On 08/03/15 at 05:38pm, Mr Bugs wrote:
The WiFi jammers have an interesting MO. They don't throw up static on the
frequency, that would also block their own wifi. They spoof
de-authentication packets. I've been looking for a way to detect this kind
of jamming because my WiFi
The WiFi jammers have an interesting MO. They don't throw up static on the
frequency, that would also block their own wifi. They spoof
de-authentication packets. I've been looking for a way to detect this kind
of jamming because my WiFi sucks and I live next to three hotels, what you
get for
On 02.08.2015 23:36, Josh Hoppes wrote:
We haven't tackled IPv6 yet since it adds complexity that our primary
focus doesn't significantly benefit from yet since most games just
don't support it. Our current table switches don't have an RA guard,
and will probably require replacement to get ones
I help with an event that has a pretty decent sized lan party as well.
We're not just focused on the lan party, more of a rock concerts - huge
arcade - panels - lan party type event.
It was a few years ago that a mincraft griefing team came and attacked
the network internally. At the time
On 3 Aug 2015, at 21:58, Ethan wrote:
In the end, one of the griefers friends went and told on them, and
that's how they were discovered.
Pretty much how it works on the general Internet, too, it seems.
;
---
Roland Dobbins rdobb...@arbor.net
Venue Internet is the bane of events. Crazy expensive. Almost as expensive as a
laborer in Chicago to move your box from the truck to your booth. ;-)
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest Internet Exchange
http://www.midwest-ix.com
-
I ran a few Google searches and came across a trove of complaints against
Frontier. Seems they are far worse than GTE/Verizon. On the few occasions I
have called for FIOS support, always reached someone knowledgeable and helpful.
Not looking forward to the changeover, as the new owners have to
Thanks Mel.
The ISP got back to me and has asked me to build a Juniper block list ACL for
them so I am doing that now.
//Jason
From: Mel Beckman m...@beckman.orgmailto:m...@beckman.org
Date: Sunday, August 2, 2015 at 5:56 PM
To: Jason LeBlanc
On Mon, Aug 3, 2015 at 1:09 PM, Matthew Black matthew.bl...@csulb.edu wrote:
I ran a few Google searches and came across a trove of complaints against
Frontier. Seems they are far worse than GTE/Verizon. On the few occasions I
have called for FIOS support, always reached someone knowledgeable
John,
What would be the point of spoofing the source IPs to be identical? You're just
making the attack trivial to block. Plus you could never do any kind of TCP
session attack, since you can't complete a handshake. I would have to call this
sort of attack a LAAADDoS (Lame Attempt At A DDoS).
On 3 Aug 2015, at 19:40, Mel Beckman wrote:
What would be the point of spoofing the source IPs to be identical?
You're just making the attack trivial to block.
Attackers do strange things all the time.
Most endpoint organizations don't have any way to detect/classify DDoS
traffic, so
Hi,
What would be the point of spoofing the source IPs to be identical? You're
just making the attack trivial to block. Plus you could never do any kind of
TCP session attack, since you can't complete a handshake. I would have to
call this sort of attack a LAAADDoS (Lame Attempt At A
Children!
Regards,
Dovid
-Original Message-
From: valdis.kletni...@vt.edu
Sender: NANOG nanog-boun...@nanog.orgDate: Mon, 03 Aug 2015 00:20:23
To: tqr2813d376cjozqa...@tutanota.com
Cc: nanog@nanog.org
Subject: Re: GoDaddy : DDoS :: Contact
On Mon, 03 Aug 2015 03:58:31 -,
On 08/03/2015 05:40 AM, Mel Beckman wrote:
What would be the point of spoofing the source IPs to be identical?
You're just making the attack trivial to block. Plus you could never
do any kind of TCP session attack, since you can't complete a
handshake. I would have to call this sort of attack a
Source based black holing would work in this case providing it was done at
GoDaddy's edge.
On 3 Aug 2015 01:58, Mel Beckman m...@beckman.org wrote:
Blackholing isn't what you want. That will still permit his source IP into
your network, and only blackhole replies from your network, so the
On 3 Aug 2015, at 20:28, Mel Beckman wrote:
Blackholing works on destination address — it’s a route to null0.
https://tools.ietf.org/html/rfc5635
---
Roland Dobbins rdobb...@arbor.net
On 3 Aug 2015, at 21:00, Roland Dobbins wrote:
due to DDoS exhaustion
That should read 'state exhaustion', apologies.
---
Roland Dobbins rdobb...@arbor.net
I don’t see how. Blackholing works on destination address — it’s a route to
null0. The source address isn’t considered and thus the traffic will still
leave GoDaddy. GoDaddy could, I suppose, implement a policy route based on
source address, but that’s really no different than an ACL. And it’s
But SYN floods are easily detected and deflected by all modern firewalls. If a
handshake doesn’t complete within a certain time interval, the SYN is
discarded.
Many DDOS attacks are full-fledged TCP sessions. The zombies are used to
simulate legitimate users, and because they’re coming from
Charles,
You mentioned to not use DE-CIX NYC pricing as a benchmark for Dallas,
but it looks like DE-CIX has priced their Dallas ports, according to their
website, at the same prices at NYC:
https://www.de-cix.net/products-services/pricing/#c2374
PortSpeed/GbpsMRC1GE1US$ 57510GE10US$
On 3 Aug 2015, at 20:46, Mel Beckman wrote:
1. From the RFC itself, you by definition sacrifice the victims
address:
3.1. ...While this does complete the attack in that the target
address(es)
are made unreachable, collateral damage is minimized. It may also be
possible to move the host or
Usually on a distributed exchange, everyone on the same fabric is available at
the same standard price. Local datacenter or the furthest datacenter, same
price.
Look at what happened in NYC. I'd expect something similar in Dallas, though I
have no inside information behind that.
On 08/03/2015 07:04 AM, Roland Dobbins wrote:
On 3 Aug 2015, at 21:00, Roland Dobbins wrote:
due to DDoS exhaustion
That should read '[TCP] state exhaustion', apologies.
And any half-awake server operator would have turned on SYNCOOKIES a
long time ago.
On 3 Aug 2015, at 7:56, Mel Beckman wrote:
BGP is no help in these situations, unless you use a BGP-based DDoS
protection service.
Anyone can set up S/RTBH on their transit-/peering-edge routers, even if
they aren't using BGP for routing.
Likewise flowspec, on routers which support it.
I'd expect that eventually DE-CIX will build into every Dallas datacenter as
they have done in New York and Germany whereas Equinix is only available... in
Equinix.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest Internet Exchange
There are two problems with Source-Based Remote Triggered Black Hole (S/RTBH):
1. From the RFC itself, you by definition sacrifice the victims address:
3.1. ...While this does complete the attack in that the target address(es)
are made unreachable, collateral damage is minimized. It may
Does DE-CIX usually go to market with at least some of the big content
providers already on board? For example, will guys like Netflix, Google,
and other CDN's more than likely be on the exchange starting day 1?
How does DE-CIX work if you want to cross connect over the exchange to
another
On 3 Aug 2015, at 20:35, Mel Beckman wrote:
But SYN floods are easily detected and deflected by all modern
firewalls. If a handshake doesn’t complete within a certain time
interval, the SYN is discarded.
This is incorrect. I've seen a 20gb/sec stateful firewall taken down by
a 3mb/sec
hi ethan
On 08/03/15 at 10:58am, Ethan wrote:
Getting bandwidth into the events is a pain. Huge venues are meant for large
corporate events not lower budget cons and festivals. Venue pricing I
believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One
year I rememeber
On Mon, Aug 03, 2015 at 01:52:17PM -0700, alvin nanog wrote:
hi ethan
On 08/03/15 at 10:58am, Ethan wrote:
Getting bandwidth into the events is a pain. Huge venues are meant for large
corporate events not lower budget cons and festivals. Venue pricing I
believe is 750-1500$ per
On 4 Aug 2015, at 4:03, mikea wrote:
In the US, the FCC has ruled that wifi jammers violate one or more
parts of the FCC Rules and Regs.
I travel quite a bit worldwide, and I've never run into this. I run my
portable AP on 5GHz, FWIW.
---
Roland Dobbins
40 matches
Mail list logo