Re: Carrier classification

> Putting aside the question of their importance, there is a small number > of ISPs that do no pay for transit. If you don't call them Tier 1, what > do you call them? Transit Free Providers (TFPs)? LFB, late for breakfast

Re: Carrier classification

On 5/15/17 10:01 PM, Ken Chase wrote: > so cogent has no routes to some amount of v6? ie no routes > to some prefixes? it's easy enough to test TestRouter Location Hostname / IP Address 2607:f8b0:4005:801::200e Go! Tue May 16 04:00:27.010 UTC % Network not in table

Re: Carrier classification

so cogent has no routes to some amount of v6? ie no routes to some prefixes? /kc On Mon, May 15, 2017 at 07:56:14PM -0700, Large Hadron Collider said: >My terminology of tiers are: > >Tier 1 - is in few or no major disputes, has no transit, and is able to >access over three nines percent

Re: Carrier classification

My terminology of tiers are: Tier 1 - is in few or no major disputes, has no transit, and is able to access over three nines percent of the internet Tier 2 - as Tier 1, but has transit. Cogent is neither on v6, and I have no clue about v4. HE is probably Tier 2 on v4, and is Tier 1 on v6. On

Re: Please run windows update now

Hi Scott As with any open forum you take the good with the bad. I've been on this list since 2001, you learn to dump the static and learn from the good advise. Too much information (whether good or bad) is better than none. -Joe On Mon, May 15, 2017 at 8:12 PM, Scott Weeks

Re: Please run windows update now

Hi Scott As with any open forum you take the good with the bad. I've been on this list since 2001, you learn to dump the static and learn from the good advise. Too much information (whether good or bad) is better than none. -Joe On Mon, May 15, 2017 at 8:12 PM, Scott Weeks

Re: Carrier classification

On Mon, May 15, 2017 at 6:44 PM Bradley Huffaker wrote: > On Sun, May 14, 2017 at 09:24:18AM +0200, Mark Tinka wrote: > > > > Nowadays, I'm hearing this less and less, but it's not completely gone. > > Putting aside the question of their importance, there is a small number >

Re: Please run windows update now

Microsoft aren't stupid. They have learned lessons from the days in the 90s and early 2000s when they were a laughing stock in terms of security, and since then Windows security has improved enormously. OK, so it's not perfect, but what software is? Dirty Cow, Shellshock and Heartbleed for example

Re: Carrier classification

On Sun, May 14, 2017 at 09:24:18AM +0200, Mark Tinka wrote: > > Nowadays, I'm hearing this less and less, but it's not completely gone. Putting aside the question of their importance, there is a small number of ISPs that do no pay for transit. If you don't call them Tier 1, what do you call them?

RE: Please run windows update now

--- na...@incomingmta.com wrote: From: "Phillip White" ...I have been on this list for many years...Today, though, I felt the need to create the mailbox just so I could reply since your posts have been the most irritating I have ever seen on this list.

Re: Please run windows update now

On Mon, May 15, 2017 at 2:48 PM, J. Oquendo wrote: > On Mon, 15 May 2017, b...@theworld.com wrote: >> You count the number of destructive opens in the kernel and if it >> exceeds a threshold (for example) you stop it and pop up a warning. That's basically what I did. I

Re: Please run windows update now

On Mon, 15 May 2017, b...@theworld.com wrote: > Oh great a design review! > > Hello Valdis, I am Barry Shein. I've done decades of internals and > kernel work. > > Ever use any Windows since about Vista? It throws up those warning > pop-ups when you're about to do something it decides needs >

Re: Please run windows update now

On Fri, May 12, 2017 at 10:30 AM, Royce Williams wrote: > My $0.02, for people doing internal/private triage: > > - If your use of IPv4 space is sparse by routes, dump your internal > routing table and convert to summarized CIDR. > > - Feed your CIDRs to masscan [1] to

Re: Please run windows update now

On May 15, 2017 at 16:17 valdis.kletni...@vt.edu (valdis.kletni...@vt.edu) wrote: > On Mon, 15 May 2017 15:45:26 -0400, b...@theworld.com said: > > > So for example why does a client OS produced with that much money > > available even allow things like wholesale encryption of files without

vFlow :: IPFIX, sFlow and Netflow collector

Hi all, I just wanted to share the vFlow - IPFIX, sFlow and Netflow collector, it's scalable and reliable, written by pure Golang! It doesn't have any library dependency and works w/ Kafka and NSQ (you can write your own MQ plugin). https://github.com/VerizonDigital/vflow For more information

Re: Please run windows update now

> On May 15, 2017, at 21:17, valdis.kletni...@vt.edu wrote: > >> So for example why does[n’t] a client OS confirm that you really >> meant to run a program on $THRESHOLD files… > How does the operating system detect that and throw a pop-up > *before* that executes? > > It's a lot harder

Re: Please run windows update now

On Mon, 15 May 2017 15:45:26 -0400, b...@theworld.com said: > So for example why does a client OS produced with that much money > available even allow things like wholesale encryption of files without > at least popping up one of those warnings to confirm that you really > meant to run a program

Re: Please run windows update now

Since everyone else is bloviating I may as well also... The underlying problem is that Microsoft tried to produce basically one operating system for both servers and end-users and most anything in between. Putting some lipstick on them and names such as "server 2008" doesn't negate that. Ok so

RE: Please run windows update now

>> >> >> >> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ >> Look near the bottom under Further Resources. Those are the links appear to be

RE: Please run windows update now

Calling someone who uses Windows un-professional would be a "gossip" style phrase. This is a piece of software which can be tested and compared to others. Would Android be better then windows only because it is based on the Linux kernel or since it's based on the full engineering it was invested

Re: Question to Google

On Mon, May 15, 2017 at 1:25 PM, Damian Menscher via NANOG wrote: > On Mon, May 15, 2017 at 8:07 AM, Stephane Bortzmeyer > wrote: > > > On Mon, May 15, 2017 at 07:55:41AM -0700, > > Damian Menscher wrote > > a message of 82 lines which

RE: Please run windows update now

You, sir, are to be congratulated! I have been on this list for many years - mainly to keep in the loop. Up until today the list went to a catch-all account as I have never felt the need to post. Today, though, I felt the need to create the mailbox just so I could reply since your posts have

Re: Question to Google

On Mon, May 15, 2017 at 8:07 AM, Stephane Bortzmeyer wrote: > On Mon, May 15, 2017 at 07:55:41AM -0700, > Damian Menscher wrote > a message of 82 lines which said: > > > Can you point to published studies where the root and .com server > > operators

Re: Please run windows update now

On May 15, 2017, at 11:21 AM, J. Oquendo wrote: >> Not everyone licks their chops and thinks "fresh meat" when they see >> worldwide panic that results from a massive security hole like this. > > Jump in the security space, where we may gladly trade our > cats and dogs

Re: Please run windows update now

On Mon, 15 May 2017, Brad Knowles wrote: > If Microsoft didn't open the security hole in the first place, then there > wouldn't be a need to patch it afterwards. You are very correct. Microsoft opened the hole because they had nothing better to do. Or, could it be that these things happen, akin

Re: Please run windows update now

On May 15, 2017, at 10:08 AM, J. Oquendo wrote: > Spot on. Shame on Microsoft for releasing patches and not > forcing the installation versus letting security managers > open up ISC^, and other nonsensical frameworks to do things > like "change/patch management" tasks. I

Re: Please run windows update now

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ Look near the bottom under Further Resources. On May 15, 2017, at 10:44 AM, Keith Medcalf > wrote: I do not see any links to actually download the

RE: Charter engineer

Mr. Carman, Did someone already reach out to you off-list? Charles Manser | Principal Engineer I, Network Security | [c] 813-422-4281 14810 Grasslands Dr, Englewood, CO 80112 -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Samual Carman Sent: Sunday, May 14,

RE: Please run windows update now

I do not see any links to actually download the actual patches. Just a bunch of text drivel. -- ˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of > timrutherf...@c4.net > Sent: Monday, 15 May, 2017

RE: Please run windows update now

I should clarify, the link in my email below is only for windows versions that are considered unsupported. This one has links for the currently supported versions of windows https://support.microsoft.com/en-us/help/4013389/title -Original Message- From:

RE: Please run windows update now

They even released updates for XP & 2003 http://www.catalog.update.microsoft.com/search.aspx?q=4012598 -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Josh Luthman Sent: Monday, May 15, 2017 10:45 AM To: Nathan Fink Cc: nanog@nanog.org

Re: Please run windows update now

On Mon, 15 May 2017, Brad Knowles wrote: > As much as I hate, loathe, and despise Microsoft, there's always going to be > someone/something out there that is "the worst". Eliminate the current > "worst", and there will be another one right behind them. > > I do believe that Microsoft is

Re: Question to Google

On Mon, May 15, 2017 at 07:55:41AM -0700, Damian Menscher wrote a message of 82 lines which said: > Can you point to published studies where the root and .com server > operators analyzed Todd's questions? For the root, the most comprehensive one is probably SAC 18 A good

Re: Please run windows update now

On May 15, 2017, at 5:37 AM, Rich Kulawiec wrote: > [1] There may be no such thing as a secure system, period. But it > would be better to deploy things that may have a fighting chance > instead of things that have long since proven to have none at all. As much as I hate, loathe,

Re: Question to Google

On Mon, May 15, 2017 at 7:06 AM, Stephane Bortzmeyer wrote: > On Mon, May 15, 2017 at 09:20:17AM -0400, > Todd Underwood wrote > a message of 66 lines which said: > > > so implications that this is somehow related to Google dragging > > their feet are

Re: Please run windows update now

Link? I only posted it as reference to the vulnerability. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Sat, May 13, 2017 at 2:07 AM, Nathan Fink wrote: > I show MS17-010 as already superseded in SCCM > > On Fri, May 12,

Re: Question to Google

One badly configured mid sized ISP might blow search's entire failure budget. (Read the SRE book.) I have been trying for years to get somebody to do a measurement to show that properly configured dual stack generally has better user QoE than either protocol alone, largely because CGN doesn't

Re: Please run windows update now

I show MS17-010 as already superseded in SCCM On Fri, May 12, 2017 at 1:44 PM, Josh Luthman wrote: > MS17-010 > https://technet.microsoft.com/en-us/library/security/ms17-010.aspx > > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St >

Re: Please run windows update now

With that kind of attitude and disconnect from reality I wonder who is the unprofessional moron... - Jorge (mobile) > On May 15, 2017, at 1:12 AM, Rich Kulawiec wrote: > >> On Sat, May 13, 2017 at 12:07:39AM -0500, Joe wrote: >> One word. Linux. > > Or BSD, or anything but

Re: Please run windows update now

Just a note folks that while this particular ransomware is using the MS17-010 exploit to help spread, it does not rely on it. This is still a regular piece of ransomware that if someone opens the malicious file, will encrypt files. SANS has some IoCs and more information:

Re: Question to Google

On Mon, May 15, 2017 at 10:06 AM, Stephane Bortzmeyer wrote: > On Mon, May 15, 2017 at 09:20:17AM -0400, > Todd Underwood wrote > a message of 66 lines which said: > > > so implications that this is somehow related to Google dragging > > their feet are

Re: Question to Google

On Mon, May 15, 2017 at 09:20:17AM -0400, Todd Underwood wrote a message of 66 lines which said: > so implications that this is somehow related to Google dragging > their feet are silly. Implying that the root name server operators, or Verisign (manager of the .com name

Re: Question to Google

Todd Underwood writes: > On Mon, May 15, 2017 at 8:43 AM, Stephane Bortzmeyer > wrote: > >> >> There are many zones (including your isc.org) that have several name >> servers dual-stacked, and they didn't notice a problem. Furthermore, >> since the DNS is

Re: Question to Google

On Mon, May 15, 2017 at 9:33 AM, Randy Bush wrote: > > it's a whacky world. as geoff said long ago, if there ever is real > money counting on v6 transport, these messes will straighten out. > totally agree. and i'd like someone else to volunteer the "real money" traffic, please.

Re: Question to Google

> It wouldn't suprise me if the dispute between Google and Cogent was > not part of the issue. Pure speculation on my part. I could be > completely off base. here in japan, if you are using ntt bflets layer two, your layer three provider is likely to present you with a dns server which does not

Re: Question to Google

On Mon, May 15, 2017 at 8:43 AM, Stephane Bortzmeyer wrote: > > There are many zones (including your isc.org) that have several name > servers dual-stacked, and they didn't notice a problem. Furthermore, > since the DNS is a tree, resolution of google.com requires a proper >

Re: Question to Google

In message <20170515124359.a3o7evaostrvm...@nic.fr>, Stephane Bortzmeyer writes : > > Unfortunately, every time we've looked at the data, the > > conclusion has been that it would cause unwarranted user > > impact. IIRC the most recent blocker was a major US ISP whose > > clients

Re: Question to Google

> Unfortunately, every time we've looked at the data, the > conclusion has been that it would cause unwarranted user > impact. IIRC the most recent blocker was a major US ISP whose > clients would experience breakage if even just one NS record > was dual-stacked.

Re: Question to Google

In message , "Marco Davids (Pr ivate)" writes: > > Hi, > > Anyone knows why coogle.com only have IPv4-adresses on their > authoritative DNS? > > https://ip6.nl/#!google.com > > Are there any plans to fix this? > > -- > Marco Lorenzo's reply to

Re: Please run windows update now

fyi, current opinion in the security community seems to be that win10 is better secured than linuxes, bsds, ... see http://cyber-itl.org/; still pretty sparse, but getting flushed out. randy

Question to Google

Hi, Anyone knows why coogle.com only have IPv4-adresses on their authoritative DNS? https://ip6.nl/#!google.com Are there any plans to fix this? -- Marco smime.p7s Description: S/MIME Cryptographic Signature

Re: BCP for securing IPv6 Linux end node in AWS

Just make sure that nothing breaks PTB as it happens if you don’t pay attention to ECMP. RFC7690 1&1 in Germany has this issue since at least 18-24 months ago, so all their customers with IPv6 enabled are *broken* for anyone having a smaller MTU because tunnels or the ISP technology, etc.

Re: BCP for securing IPv6 Linux end node in AWS

On Sun, May 14, 2017 at 09:29:45AM -0400, Eric Germann wrote: > I???ve reviewed some of the stuff out there, but apparently I???m > catching too many of the ICMP types in the rejection as routing eventually > breaks. My guess is router discovery gets broken by too tight of filters. That's a good

Re: Please run windows update now

You make some excellent points: but I grow very, very tired of having to spend my time and my energy -- note timestamp on my message -- dealing with the fallout. It should be painfully clear to everyone that there is no such thing as a secure Windows system. [1] It should have been painfully

Re: Please run windows update now

> Or BSD, or anything but Windows. Anyone running Microsoft products > is quite clearly an unprofessional, unethical moron and fully deserves > all the pain they get -- including being sued into oblivion by their > customers and clients for their obvious incompetence and negligence. aside from

Re: Please run windows update now

On Mon, 15 May 2017 02:12:27 -0400, Rich Kulawiec said: > Or BSD, or anything but Windows. Anyone running Microsoft products > is quite clearly an unprofessional, unethical moron and fully deserves > all the pain they get Tell you what. Go over to http://line6.com/software/ - You convince them

Re: Please run windows update now

On Sat, May 13, 2017 at 12:07:39AM -0500, Joe wrote: > One word. Linux. Or BSD, or anything but Windows. Anyone running Microsoft products is quite clearly an unprofessional, unethical moron and fully deserves all the pain they get -- including being sued into oblivion by their customers and