(popping back to the top of the thread.. sorry)
On Tue, Sep 18, 2018 at 7:58 AM nusenu wrote:
> Dear NANOG,
>
> when I approached ARIN about how they feel about reaching out to their
> members about
> prefixes that are unreachable in a route origin validation (ROV)
> environment,
> John Curran (
On Tue, Sep 18, 2018 at 10:36 AM Job Snijders wrote:
> Owen,
>
> On Tue, Sep 18, 2018 at 10:23:42AM -0700, Owen DeLong wrote:
> > Personally, since all RPKI accomplishes is providing a
> > cryptographically signed notation of origin ASNs that hijackers should
> > prepend to their announcements in
a vote for (so far so good) the nodegrid ZPE devices.
On Tue, Sep 18, 2018 at 8:54 AM Sameer Khosla
wrote:
> My favorite are the lantronix SLC console servers. Fairly bullet-proof,
> they are one of those devices that just work. Can usually be picked up
> used ~$300 for 32 or 48 port varieties
On Mon, Sep 17, 2018 at 9:44 PM Hank Nussbacher
wrote:
> On 17/09/2018 23:26, Phil Lavin wrote:
> >> $350/mo seems to be standard. Our DCs are at $250.Seems more like
> they held onto out of date pricing for a long time then realized it.
> > For what it's worth, Telehouse London is around 30
On Tue, Sep 11, 2018 at 10:03 PM Owen DeLong wrote:
>
>
> On Sep 11, 2018, at 21:58 , Christopher Morrow
> wrote:
>
>
>
> On Tue, Sep 11, 2018 at 9:06 PM Jerry Cloe wrote:
>
>> OpenDNS, or anyone for that matter, should never see 100.64/10 ip's. If
>&g
On Tue, Sep 11, 2018 at 9:06 PM Jerry Cloe wrote:
> OpenDNS, or anyone for that matter, should never see 100.64/10 ip's. If
> they do, something is wrong at the source, and OpenDNS wouldn't be able to
> reply anyway (or at least have the reply route back to the user).
>
maybeopendns peers direct
job
On Mon, Jul 30, 2018 at 4:49 PM Michel Py wrote:
> Can someone from NTT US contact me off-list please ?
> Preferably someone with some RPKI clue.
>
> Thanks,
>
> Michel Py | Sr. Network Engineer
> TSI Semiconductors
> 7501 Foothills Blvd.
> Roseville, CA 95747
> T: (916) 789-4951 M: (916
On Tue, Jul 24, 2018 at 8:55 PM Dan Hollis wrote:
> I'm saying people who filter their abuse mailboxes need to stop doing so.
>
>
it's totally possible that the person who 'runs' the abuse@ is not the
person that 'runs' the mail system at the places in question.
the larger the organization the ce
I bet you can search the nanog list archive and find this very discussion
topic surface about ever 8-12 months...
folk always fall in this trap (or a form of it):
"Welp, we've had 1 too many people in $CORP get infected via email, spam
filter all the things!!!"
... wait...
"Oh, yea duh.. ou
I thought also there was a set of videos from nanog meetings...
I can't find a set, but here are some:
ISP Security 101 primer
https://www.youtube.com/watch?v=ueRminCpnMc
isp security real-world techniques - 2
https://www.youtube.com/watch?v=Ijd9A5wUS_0
https://www.youtube.com/watch?v=T6ZSxgVvjdA
On Fri, Jul 13, 2018 at 12:41 PM Grant Taylor via NANOG
wrote:
> On 07/13/2018 10:25 AM, Christopher Morrow wrote:
>
> > but given:
> > 192.168.0.0/16 - valid
> > 192.168.0.0/17 - unknown
> > 192.168.0.0/24 - invalid
> >
> > your ro
On Fri, Jul 13, 2018 at 11:19 AM Grant Taylor via NANOG
wrote:
>
> The reading I did on RPKI / OV yesterday made me think that it is
> possible to have validated routes preferred over unknown routes which
> are preferred over invalid routes. So I'd think that you could still
> have the routes th
On Thu, Jun 14, 2018 at 10:41 PM Oliver O'Boyle
wrote:
> There's no reason why it shouldn't work well. It's just a minor paradigm
> shift that requires some solid testing and knowhow on the ops team.
>
>
and... XR or Junos are ... doing this under the covers for you anyway, so..
get used to the n
there's actually a not insignificant part of the 'network device' world
which is in fact just really a container and "quagga" (or similar).
James, do you care about being close to a 'cisco like' config world?
(quagga)
more programmatic? (exa-bgp, gobgp .. a few others)
something else?
On Thu, J
On Sun, May 20, 2018 at 12:33 PM Rubens Kuhl wrote:
>
> CenturyLink bought Level 3, which bought Global Crossing, which bought
> Impsat; this makes every market unique, for the good and bad of it.
>
> What I have as a customer feeling is that Global Crossing was the most
> quality-minded of the 4,
On Wed, Apr 25, 2018 at 11:28 AM, J. Oquendo wrote:
> Anyone else seeing DGA (1) like behavior for Comcast based
> customers? If so, is there any information on it? Seeing a
> lot of traffic to bogus domains all synonymous with their
> networks.
>
don't they have a anti-botnet-automagic-walled-ga
On Fri, Apr 13, 2018 at 10:35 PM, Randy Bush wrote:
> > I believe we've seen bogus low AS number announcements a few times
> > before, and they've usually been caused by attemts to configure
> > AS path prepending without understanding and/or reading the docs.
> >
> > Someone might have wrongly a
or perhaps with more words: "maybe your stats gathering system is not AS4
ready? or something along the path(s) is not AS4 ready?"
On Mon, Apr 9, 2018 at 10:52 AM, Michel 'ic' Luczak
wrote:
> % Information related to 'AS23456 - AS23456'
>
> as-block: AS23456 - AS23456
> descr: IAN
On Fri, Mar 30, 2018 at 11:22 AM, Ken Chase wrote:
> On Fri, Mar 30, 2018 at 09:30:00AM -0400, Christopher Morrow said:
> >I think there's ample evidence that everyone's enemy is 'the nsa' (or
> other
> >nation-state-actors) isn't there?
>
>
On Thu, Mar 29, 2018 at 10:32 AM, Stephane Bortzmeyer
wrote:
>
> Public DNS resolvers still help against "ordinary" adversaries. (If
> your ennemy is the NSA, you have other problems, anyway.)
>
I think there's ample evidence that everyone's enemy is 'the nsa' (or other
nation-state-actors) isn'
On Wed, Mar 28, 2018 at 9:13 PM, Michael Crapse wrote:
> Many providers filter out 1.1.1.1 because too many people use it in their
> examples/test code. I doubt that it's a usable IP/service.
>
>
having previously globally announce 1.1.1.1 ... and some other of it's
friends... not nearly enough p
On Thu, Mar 1, 2018 at 5:50 PM, Christopher Morrow
wrote:
> pre install of memcache on a (debianXXX)
>
$ cat /etc/debian_version
9.3
(cut/paste fail before click-submit)
> Abort.
> morrowc@build:~$ netstat -anA inet | grep LIST
> tcp0 0 192.110.255.61:5
pre install of memcache on a (debianXXX)
Abort.
morrowc@build:~$ netstat -anA inet | grep LIST
tcp0 0 192.110.255.61:53 0.0.0.0:* LISTEN
tcp0 0 127.0.0.1:530.0.0.0:* LISTEN
tcp0 0 0.0.0.0:22 0.0.0.0:
On Thu, Mar 1, 2018 at 3:18 PM, Owen DeLong wrote:
> I don’t agree that making RFC-1918 limitations a default in any daemon
> makes any
> sense whatsoever.
>
> First, there are plenty of LANs out there that don’t use RFC-1918.
>
> Second, RFC-1918 doesn’t apply to IPv6 at all, and (fortunately) h
On Tue, Jan 23, 2018 at 8:19 PM, Christopher Morrow wrote:
>
>
> On Tue, Jan 23, 2018 at 6:27 PM, Jimmy Hess wrote:
>
>>
>> since the number registry is an authority of limited power: not an
>> authority of complete power.
>>
>
> Oh, the RIR&#x
On Tue, Jan 23, 2018 at 6:27 PM, Jimmy Hess wrote:
>
> since the number registry is an authority of limited power: not an
> authority of complete power.
>
Oh, the RIR's went and got complete power? When did that happen?
Can they now stop hijacked ip space and announcements like in the case of
On Tue, Jan 23, 2018 at 1:40 PM, Mike Hammett wrote:
> These? :-)
>
> https://www.nanog.org/meetings/nanog40/presentations/BGPcommunities.pdf
>
>
you could also probably get some good examples cribbed from the collection:
https://onestep.net/communities/
On Sat, Jan 20, 2018 at 10:20 AM, Mike Hammett wrote:
> It's not really scraping the bottom of the barrel if your customers are
> using Hulu and they're complaining because Hulu isn't responsive to fixing
> their problems (geo-location, v6, etc.).
>
>
hulu is on akamai
akamai does provide ipv6 fr
On Fri, Jan 19, 2018 at 9:08 PM, John Levine wrote:
> In article mail.gmail.com> you write:
> >We're on the hunt yet again for an additional /22 to lease, and are
> >wondering what the best options are out there?
>
> It's been a long time since I've seen IP space for lease that wasn't
> either a
On Fri, Jan 12, 2018 at 5:20 PM, wrote:
> On Thu, 11 Jan 2018 15:28:19 -0500, William Herrin said:
> > On Thu, Jan 11, 2018 at 2:46 PM, Dale W. Carder wrote:
> > >
> > > Traceroute or any other path diagnostics comes to mind.
>
> > That's not obvious to me. Assuming the time-exceeded message was
On Tue, Jan 9, 2018 at 11:22 AM, William Herrin wrote:
> On Tue, Jan 9, 2018 at 1:07 AM, John R. Levine wrote:
>
> > How about validating whether a given AS is an acceptable origin for a set
> >> of prefixes?
> >
> >
> That's a job for ordinary PKI. Any time you have a trusted central
>
in part
(watching this thread and wondering..)
On Tue, Jan 9, 2018 at 2:39 AM, Peter Kristolaitis
wrote:
> On 2018-01-08 10:19 PM, John Levine wrote:
>
>> In article <0c45eee2-ffcb-2066-1456-eb2d38075...@alter3d.ca>,
>> Peter Kristolaitis wrote:
>>
>>> We can build all of the above in other ways today
On Tue, Jan 2, 2018 at 5:46 PM, James Breeden wrote:
>
> I'm amazed at the number of AS numbers that are assigned, but not actively
> being used.
'not actuvely being used' ... how would you (or anyone) know? what if they
were used only on some internal part of a large public network which never
)
> JM
>
> On Tue, Jan 2, 2018 at 9:30 PM, Christopher Morrow <
> morrowc.li...@gmail.com> wrote:
>
>> it looks like 203040 is a pure transit as (no originated prefixes) and
>> 1103 - surfnet could squish what is your view anyway.
>>
>> On Tue, Jan 2, 2018 a
it looks like 203040 is a pure transit as (no originated prefixes) and 1103
- surfnet could squish what is your view anyway.
On Tue, Jan 2, 2018 at 9:29 PM, Christopher Morrow
wrote:
>
>
> On Tue, Jan 2, 2018 at 8:50 PM, James Milko wrote:
>
>> Not sure if anyone from Spectr
On Tue, Jan 2, 2018 at 8:50 PM, James Milko wrote:
> Not sure if anyone from Spectrum is looking here at this hour, but someone
> is hijacking a few of your prefixes. It's causing problems in my area (NC)
> with reaching Google services. I'm sure there are other impacts, but
> that's what peopl
On Thu, Dec 21, 2017 at 3:21 PM, Mark Andrews wrote:
>
> > On 22 Dec 2017, at 3:48 am, Christopher Morrow
> wrote:
> >
> > 2) For the transition technology discussion I believe it centered around
> > attempting to get a /48 to each 'site' (home/
On Thu, Dec 21, 2017 at 11:20 AM, Lee Howard wrote:
>
>
> From: on behalf of Christopher Morrow <
> morrowc.li...@gmail.com>
> Date: Wednesday, December 20, 2017 at 6:07 PM
> To: Lee Howard
> Cc: Mike , nanog list
> Subject: Re: Waste will kill ipv6 too
>
>
On Thu, Dec 21, 2017 at 10:16 AM, Jason Iannone
wrote:
> M&A plays into this too. By my calculations, CenturyLink controls at
> least 17 million /48s. How many sites does CenturyLink provide
> service to? I'm gonna go out on a limb and say it's not 17 million.
>
there are less than 17m househ
On Wed, Dec 20, 2017 at 2:16 PM, Lee Howard wrote:
>
> I’ve tried several times to come up with a scenario that leads to
> depletion in less than 200 years, and I haven’t managed it. Can you do it?
>
during some ARIN discussions that revolved around Transition Technologies
and allocations to lar
this sounds like ripe-atlas... only less nodes?
Seems interesting, you should publish an API ... oh you do:
http://probeapi.speedchecker.xyz/
you might consider donating your data to the measurement-lab.org people ...
eh?
I wonder if/how the QOE tests could inform things like the FTC's efforts a
On Sun, Dec 10, 2017 at 10:36 AM, Richard
wrote:
> NANOG group, at a client site who was complaining of having their
> Active Directory passwords changed every week. Found a PPTP which had been
> put in place by a ex employee. Fixed that.
>
I think at the point you found a back door ... err,
On Fri, Dec 8, 2017 at 3:02 PM, Job Snijders wrote:
> Nothing wrong with using xxx.0 or xxx::0 in the context of a host route
> (/32 or /128).
>
note that in times past (perhaps even now marked historical) there were
platforms which got unhappy with network/broadcast addresses being used as
host
On Fri, Dec 1, 2017 at 1:45 PM, Rubens Kuhl wrote:
>
> .br also has such requirements. OpenSRS reference chart has a good hint of
> which ccTLDs have such requirements:
> http://bit.ly/OpenSRS_TLD_Reference_Chart
wow, 256 of 539 report "no" for DNSSEC.
On Thu, Nov 2, 2017 at 11:12 PM, Christopher Morrow wrote:
>
>
> On Thu, Nov 2, 2017 at 10:21 PM, Brent Jones
> wrote:
>
>> I've set a few people up with FS.com, and my $employer uses then for a lot
>> of DWDM without issue.
>>
>>
> as another f
On Thu, Nov 2, 2017 at 10:21 PM, Brent Jones wrote:
> I've set a few people up with FS.com, and my $employer uses then for a lot
> of DWDM without issue.
>
>
as another fs.com user of cwdm muxes... yes, in the limited sample I have
they work for me...
you ought to be able to pair the CWDM muxes l
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld
wrote:
> Hi Bill,
>
> > On Oct 26, 2017, at 2:37 PM, William Herrin wrote:
> >
> > BGP routing is based on "distance". Distance in BGP is primarily
> calculated as the number of ASNs in the AS Path. Prepends make a path more
> distance, encouraging
On Fri, Oct 20, 2017 at 1:10 AM, David Sotnick
wrote:
> Well well, it looks like a Direct Connect circuit to Google was leaking the
> route to this DMZ 153.7.233.0/24 back to Google via BGP.
>
> Return traffic from Google (for only some fraction of DNS queries) was
> passing back across this leak
n, AND it's also not going to really fix the problem if the
application is accessible via 'vpn' services (tor, real-vpns, etc).
it's just sort of dumb all the way around :(
>
> Em 19/10/2017 13:49, Lee Howard escreveu:
>
>>
>>
>> On 10/17/17, 5:33 PM
;
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> ----- Original Message -
>
> From: "Christopher Morrow"
> To: "Mike Hammett"
> Cc: "NANOG list&
what's the question?
On Wed, Oct 18, 2017 at 1:30 PM, Mike Hammett wrote:
> I am looking for someone that can speak authoritatively regarding
> AS36040's ability to change their own prefix limits, prefix filtering, etc.
>
> My current contact is advising the IX to do the filtering for them, whic
you know, the Sci-Hub folk could fix this themselves... with some
authentication requirements... and probably by just unplugging from the
intertubes?
On Tue, Oct 17, 2017 at 5:04 PM, Robert Mathews (OSIA)
wrote:
>
> Judge Recommends Ruling to Block Internet Access to Sci-Hub
> The American Chemi
On Wed, Oct 4, 2017 at 11:18 PM, Matt Peterman wrote:
> Got it! You’re the winner here. I just setup both of my zones the name way
> and obviously AT&T changed the way they did RDNS entries from when I got a
> /25 last November and this second /25 in June. Oh well!
>
> Now I am running into the c
7;old fashioned method' welcome to 1998
(apparently!) :)
> Matt
>
>
>
> On Oct 4, 2017, at 10:53 PM, Christopher Morrow
> wrote:
>
>
>
> On Wed, Oct 4, 2017 at 10:43 PM, Matt Peterman
> wrote:
>
>> The PTR record CNAMEs for my /25 allocated prefix are all
; Again that would should be 191.128.168.207.107in-addr.arpa.
>
> Somehow AT&T DNS got the “/25” prefix length in all of the DNS entries…
>
>
nope, they are just following the rfc provided path for this.
yes it looks screwy, yes it also works fine.
> Matt
>
>
>
> On Oct
On Wed, Oct 4, 2017 at 10:43 PM, Matt Peterman wrote:
> The PTR record CNAMEs for my /25 allocated prefix are all messed up. They
> are returning as
> $ dig +short CNAME 128.168.207.107.in-addr.arpa
> 128.128/25.168.207.107.in-addr.arpa.
>
> Which is obviously a completely invalid DNS entry. I ha
On Sat, Sep 30, 2017 at 12:47 PM, Ken Chase wrote:
> I dont see that as the solution. Someone else will offend again.
>
> However, I also don't see trusting major backbones as our filters (for many
> other reasons). Our software should be handling what's effectively a
> buffer overflow
> or equiv
ha! isn't the last picture (the 'thankyou' slide) in that pack using a
picture from:
http://networkstatic.net/google-data-center-pictures-year-in-review/
specifically:
http://networkstatic.net/wp-content/uploads/2012/12/google-datacenter2.jpg
it's a cool presentation though :)
On Thu, Sep 28
On Sun, Sep 17, 2017 at 11:05 PM, JASON BOTHE wrote:
> My best experience with Apple has been directly peering with them.
> Definitely handles the update issue without putting strain on transit
> links. Apple is very well connected.
>
> https://www.peeringdb.com/net/3554
>
>
apple is AS714 though
On Wed, Sep 13, 2017 at 8:47 PM, Van Dyk, Donovan via NANOG wrote:
> Hello,
>
> Has anyone else been seeing issues today from routes being learnt through
> the Verizon network, AS 701?
>
> Does anyone know if they have a looking glass? I can’t find one.
>
>
they peer with routeviews... so you mig
x27;s possible that if the load of updates was large enough for the ISP(s)
in question that things simply took a long while to process. In a recent
similar situation we'd observed updates/convergence taking upwards of 30
minutes to trickle through the global system :(
>
> From: on behalf
On Wed, Sep 13, 2017 at 5:30 AM, Matthew Huff wrote:
> This weekend our uninterruptible power supply became interruptible and we
> lost all circuits. While I was doing initial debugging of the problem while
> I waited on site power verification, I noticed that there was still paths
> being shown
On Wed, Sep 13, 2017 at 9:59 AM, Krunal Shah wrote:
> It might be spoofed source IPs
>
>
if you are seeing large fragmented udp packets.. it's almost always not
spoofed.
or historically speaking anyway it's not been spoofed.
There are cases with dns reflection that include spoofing, but by the t
(from earlier randy)
> you just assumed that the transitive closure of everybody's cones
> implement and propagate count. ain't gonna happen.
well, I was thinking that you can survey your customers to know their
approximate inbound number, you can implement a max-prefix in from them
with that (id
On Fri, Sep 1, 2017 at 7:56 AM, Patrick W. Gilmore
wrote:
> On Sep 1, 2017, at 5:26 AM, Randy Bush wrote:
> >
> > i have 142 largish bgp customers, a large enough number that the number
> > of prefixes i receive from them varies annoyingly. how do i reasonably
> > automate setting of my outboun
On Thu, Aug 31, 2017 at 1:23 PM, Steve Feldman
wrote:
> Interesting. We also got similar BGPMon alerts about disaggregated
> portions of couple of our prefixes. I didn't see any of the bad prefixes in
> route-views, though.
>
> The AS paths in the alerts started with "131477 38478 ..." and looke
On Thu, Aug 31, 2017 at 11:24 AM, Leo Bicknell wrote:
> In a message written on Thu, Aug 31, 2017 at 12:50:58PM +0200, J??rg Kost
> wrote:
> > What about adding an option to the BGP session that A & B do agree on a
> > fixed number of prefixes in both directions, so Bs prefix-in could be As
> > p
; --
> Joe Hamelin, W7COM, Tulalip, WA, +1 (360) 474-7474 <(360)%20474-7474>
>
> On Wed, Aug 23, 2017 at 5:10 PM, Christopher Morrow <
> morrowc.li...@gmail.com> wrote:
>
>> On Wed, Aug 23, 2017 at 4:37 PM, i mawsog via NANOG
>> wrote:
>>
>> >
&
On Wed, Aug 23, 2017 at 4:37 PM, i mawsog via NANOG wrote:
>
> This is great. Thanks for sharing .
>
> Sent from Yahoo Mail on Android
>
> On Wed, Aug 23, 2017 at 1:11 PM, Erik Sundberg
> wrote: I sent this out on the outage list, with a lots of good feedback
> sent to me. So I figured it wo
https://miketabor.com/tools/
mike seems to have them on his side..
On Fri, Aug 11, 2017 at 4:34 AM, Randy Bush wrote:
> anyone can send $ubject? specifically 1ru & 2ru.
>
> one needs a supermicro sales rep, and their email addy to get from
> supermicro site, and i buy from a reseller.
>
> than
On Wed, Aug 2, 2017 at 3:36 AM, Ronald F. Guilmette
wrote:
>
>
> P.S. Over on some of the RIPE mailing lists, they've recently been
> discussing
> whether or not to continue allowing Joe Random Criminal to create totally
> unauthorized and totally unchecked/unverified (and typically bogus) rout
there are a lot of options for techsavvy folk with an ip they control,
but... for the rest of the rubles, fixing the wifi to be sane really is the
only path forward.
On Fri, Jul 14, 2017 at 6:13 PM, Ken Chase wrote:
> port 53 seems to be the biggest hole available, no one figures that anyone
> w
y allow traffic to 80 and 443. This is exactly the
> reason why I have an OpenVPN server running in tcp mode (not udp) on 443.
>
>
> On Fri, Jul 14, 2017 at 1:33 PM, Christopher Morrow <
> morrowc.li...@gmail.com> wrote:
>
>> Was there a list of folks collecting to provid
Was there a list of folks collecting to provide fix actions for
hotel/airport/etc?
Seems that IAD / Washington Dulles don't like "random" tcp/443 sites on the
internet? 173.194.205.129
for instance, ping, traceroute, http but no https :(
https works just fine from lots of other places on the tub
On Tue, Jun 6, 2017 at 9:13 PM, Mark Andrews wrote:
>
> In message gmail.com>, Christopher Morrow writes:
> >
> > On Tue, Jun 6, 2017 at 8:26 PM, Mark Andrews wrote:
> >
> > > Now we could continue discussing how easy it is to hijack addresses
> > &
On Tue, Jun 6, 2017 at 8:26 PM, Mark Andrews wrote:
> Now we could continue discussing how easy it is to hijack addresses
> of we could spend the time addressing the problem. All it takes is
> a couple of transit providers to no longer accept word-of-mouth and
> the world will transition overnig
https://youtu.be/ltqXgtLWXFo
and the assocaited pdf
https://www.nanog.org/meetings/nanog44/presentations/Monday/Gill_programatic_N44.pdf
On Tue, Jun 6, 2017 at 10:09 AM, Nick Hilliard wrote:
> Graham Johnston wrote:
> > Short of complete SDN, for those of you that have some degree of
> > config
On Tue, Jun 6, 2017 at 2:25 AM, Hank Nussbacher
wrote:
(I think this is really Ron and Bill chatting, but some of the linkage got
lost on the tubes)
> >
> > I've read article after article after article bemoanging the fact that
> >> "BGP isn't secure",
> >
> > They're talking about a different p
l need an
> ASN. I was only
>
most times i've seen isp DIA links bgp was 'free' or had been..
> talking about the cost of adding an upstream BGP session.
>
ok. so either free or some up-charge by the isp.
>
> -mel
>
>
> On Jun 5, 2017, at 9:03 AM, Chri
On Mon, Jun 5, 2017 at 7:05 AM, Mel Beckman wrote:
> One way is for the hijacker to simply peer with himself. The hijacker has
> an existing peering arrangement with, say, AT&T. He then tells AT&T that he
> will be transit for AS advertising XYZ routes, by dint of a cheerfully
> forged LOA. O
On Fri, Jun 2, 2017 at 12:46 PM, wrote:
> On Fri, 02 Jun 2017 15:11:36 -, Rod Beck said:
>
> > Landing stations can be 10 to 30 kilometers from the beach manhole. I
> don't
> > think it is big concern. Hibernia Atlantic dublin landing station is a
> good
> > example.
>
> So 100% of those beac
On Fri, Jun 2, 2017 at 12:49 AM, Joe Hamelin wrote:
> Christopher asks: 'nro tap room' ... what's the expansion of NRO here?
>
> https://en.wikipedia.org/wiki/National_Reconnaissance_Office
>
>
I'm unsure why the NRO would have a room doing tap things in anyone's
network.
that is not their remit.
On Thu, Jun 1, 2017 at 10:15 PM, Joe Hamelin wrote:
>
> the fiber meet-me-room and five floors above the NRO tap room. They use to
>
'nro tap room' ... what's the expansion of NRO here?
On Tue, May 23, 2017 at 3:02 PM, Nick Hilliard wrote:
> Pedro de Botelho Marcos wrote:
> > The current approach for establishing
> > agreements is cumbersome, typically requiring lengthy discussions.
>
> i'm not sure the available data supports this conclusion:
>
> > http://berec.europa.eu/eng/do
On Mon, May 15, 2017 at 1:25 PM, Damian Menscher via NANOG
wrote:
> On Mon, May 15, 2017 at 8:07 AM, Stephane Bortzmeyer
> wrote:
>
> > On Mon, May 15, 2017 at 07:55:41AM -0700,
> > Damian Menscher wrote
> > a message of 82 lines which said:
> >
> > > Can you point to published studies where
On Mon, May 15, 2017 at 10:06 AM, Stephane Bortzmeyer
wrote:
> On Mon, May 15, 2017 at 09:20:17AM -0400,
> Todd Underwood wrote
> a message of 66 lines which said:
>
> > so implications that this is somehow related to Google dragging
> > their feet are silly.
>
> Implying that the root name se
On Wed, May 3, 2017 at 1:39 PM, Compton, Rich A
wrote:
> The servers where the RPKI data is published (the Trust Anchor and the
> CAs) are referred to using a single URI, meaning that any
>
sure, but even with rrdp there's just one URI you'd follow, which
translates to some hostname + path.
>
On Tue, May 2, 2017 at 11:21 AM, Compton, Rich A
wrote:
> That¹s the million dollar question. I think that there will be more
> adoption from the Internet at large when some big players adopt it. Right
> now the use of rsync in RPKI is preventing a lot of large ISPs from
> implementing it (too
alternately, just tweet @verizonsupport
On Thu, Apr 6, 2017 at 8:57 AM, Ken O'Driscoll via NANOG
wrote:
> On Wed, 2017-04-05 at 18:08 +, Josh Niec wrote:
> > If there is a Verizon Email Admin around, would you be able to contact me
> > off-list about whitelisting a /24 network we have?
gt; Kurt Kraut
>
> 2017-04-04 21:58 GMT-03:00 Christopher Morrow :
>
>>
>>
>> On Tue, Apr 4, 2017 at 6:47 PM, Kurt Kraut wrote:
>>
>>>
>>> I perform some PCAPs I many IP addresses belonged to Facebook. At first I
>>> thought: - 'Clever a
On Tue, Apr 4, 2017 at 6:47 PM, Kurt Kraut wrote:
>
> I perform some PCAPs I many IP addresses belonged to Facebook. At first I
> thought: - 'Clever attacker. He guesses I could not be as severe as I am to
> regular UDP traffic if the origin was Facebook and he deliberately spoofed
> their IP add
On Tue, Mar 28, 2017 at 4:51 PM, Seth Mattinen wrote:
> Has there ever been a real survey that asks people where they think Google
> gets the money to support things like Gmail for "free"?
doesn't their 10k say: "ads" ?
don't most of the oceanic cable systems operate basically like:
1) some consortium pays/builds the stations and link(s)
2) that consortium (cabal?) is the only set of providers able to sell on
the link(s)
3) sale on links and provisioning to the links happens away from the
station, and back at 'ne
On Wed, Mar 8, 2017 at 10:58 PM, wrote:
> On Wed, 08 Mar 2017 22:08:59 -0500, Christopher Morrow said:
> > > previous employer - who built CAD systems for transit buses.
> > on the bright side they can just get fios or dsl (depending on location)
> ..
> > you know you
On Wed, Mar 8, 2017 at 9:27 PM, Miles Fidelman
wrote:
> Seems to me that the only people who get static, wireless, IP addresses
> are people who put sensors on vehicles and IoT applications. Who gets a
> static IP for a phone? This might cause some serious heartburn for my
> previous employer -
On Thu, Mar 2, 2017 at 9:52 AM, Alarig Le Lay wrote:
> On sam. 25 févr. 09:49:56 2017, Aaron wrote:Hi,
>
> Cogent is not able to receive traffic from Google since February 2016,
> the case is the same with HE since 2010.
>
>
I think maybe that wording isn't quite correct:
"is not able to recei
On Tue, Feb 28, 2017 at 1:17 AM, Nagarjun Govindraj <
nagarjun.govind...@imaginea.com> wrote:
>
>
> I am just trying to distinguish between a legitimate advertisement against
> hijack event.
>
>
that's what everyone's trying to do... if you aren't trying to fix things,
why do you care about them a
or operating a part of the
global internet now... right?"
-chris
>
> Regards,
> Nagarjun
>
> On Mon, Feb 27, 2017 at 10:59 PM Nick Hilliard wrote:
>
>> Christopher Morrow wrote:
>> > Also: "How reliable are the alerts being sent?"
>>
>> also: do the smtp servers which handle mail for the domain of the
>> alerting email address use the IP address space as they're notifying
>> about?
>>
>> Nick
>>
>>
Also: "How reliable are the alerts being sent?"
On Mon, Feb 27, 2017 at 12:19 PM, Christopher Morrow <
morrowc.li...@gmail.com> wrote:
> you probably want to ask the people that make these systems, yes?
>
> On Sun, Feb 26, 2017 at 7:12 AM, Nagarjun Govindraj via NANOG &
you probably want to ask the people that make these systems, yes?
On Sun, Feb 26, 2017 at 7:12 AM, Nagarjun Govindraj via NANOG <
nanog@nanog.org> wrote:
> Hi Nanog,
>
> what are the detection times for BGP IP prefix hijack detection systems
> adopted by community members/operators (if any) ?
>
>
401 - 500 of 1986 matches
Mail list logo
