Re: OT: BdNOG announces website blocks

I think that means they'd like to use deep packet inspection equipment for the whole country. But they don't have the budget for equipment with such capabilities so they want to limit bandwidth usage by cutting off access to some popular services. Maybe I got it all wrong; That article is

Re: Gmail spam filtering

You might need to setup/change a SPF record for that domain. I always had Google marking my email as spam when I tried to send emails with no SPF record. On 11/22/2015 06:03 PM, Jay Ashworth wrote: Bout a month ago, I had someone crack a POP password on my private mail server, and got a

Re: craigslist.com admin

Would be really stupid if they were blocking all users behind NATs. BTW if I enter craigslist.com, it redirects me to "prague.craigslist.cz" (makes sense, I'm from CZ and close to Prague), but it uses an invalid SSL certificate. --- Filip On 06/02/2016 10:45 PM, Darin Steffl wrote: Have

Re: Stop IPv6 Google traffic

Why do you want to prevent IPv6 access to Google? What's the point? On 04/10/2016 04:07 PM, Max Tulyev wrote: Customers see timeouts if I blackhole Google network. I looking for alternatives (other than stop providing IPv6 to customers at all). On 10.04.16 16:50, valdis.kletni...@vt.edu wrote:

Re: Stop IPv6 Google traffic

If I'm not mistaken, when there is some "abuse", Google typically shows captcha for the single IPs, not for whole provider, so only the customers who actually do something nefarious should get flagged. Also, if you see captcha while using IPv6, switching to IPv4-only won't solve the problem

Re: 10G-capable customer router recommendations?

Hi, I would also vote for Mikrotik products; IMHO this looks perfect for this situation. http://routerboard.com/CCR1009-8G-1S-1SplusPC On 04/16/2016 12:01 AM, mike.l...@gmail.com wrote: Check out the Mikrotik Cloud Core routers, they make them with SFP+ support now. I have one of them

Re: DNS Services for a registrar

Hi, If you are going the IaaS route, definitely checkout KnotDNS project. According to their benchmarks [1], it does much better than other DNS servers in about every workload. Best Regards, Filip [1] https://www.knot-dns.cz/benchmark/ On 12.8.2016 07:56, Ryan Finnesey wrote: We need to

Re: DNS Services for a registrar

Even for registrars? Because OP's question was > We need to provide DNS services for domains we offer as a registrar. Best Regards, Filip On 12.8.2016 22:11, Justin Paine via NANOG wrote: I won't push further than this -- but it seems a bit silly not to mention that CloudFlare provides free

Re: Gmail down

Hi, It's UP for me. Location: Czech Republic, IPv6 access via TunnelBroker. Regards, Filip On 07/05/2016 04:56 PM, Martin Hepworth wrote: Ok from here in the UK

Re: IPv6 deployment excuses

Without firewalls, internet is not very secure, regardless of protocol used. On 07/04/2016 11:41 AM, Masataka Ohta wrote: > Jared Mauch wrote: > >> Actually they are not that great. Look at the DDoS mess that UPnP has >> created and problems for IoT (I call it Internet of trash, as most >>

Re: comcast and msoft ports

If you really need them, you'll need to use some sort of tunneling mechanism, ie PPTP. Regards, Filip On 11.9.2016 21:21, Ryan, Spencer wrote: Having those ports exposed to the Internet is scary. Comcast is right in blocking them. Sent from my Verizon, Samsung Galaxy smartphone

Re: bogon identified? how to track down bogus IPs/ASN's

According to HE's BGP tool, the IP range is actually 103.206.16.0/22 and it looks like it's a bogon. http://bgp.he.net/net/103.206.16.0/22#_bogon Regards, Filip On 29.9.2016 21:46, Ken Chase wrote: My turn for the newb question: I've got a traceroute with this IP in it thats close to the

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

While we are on topic of DDOS, it looks like it's quite a storm now. According to this WHT post [1], some large server providers were recently attacked, and many are still being attacked with quite a large bandwidth, ie 1Tbps attacks against OVH. [2], [3] Regards, Filip [1]

Re: Handling of Abuse Complaints

Google, Level 3 and the like's open DNS resolvers are strictly rate-limited. They can't be used as DDOS amplifiers. On the other hand, there are tons of open resolvers on the internet without any sort of limiting. These are very effective amplifiers. Regards, Filip On 29.8.2016 19:04,

Re: Drop cable

- Best Regards, Filip Hruska Linux System Administrator

Re: Has Level3 done away with traceroute??

this communication. If you have received this communication in error, please notify the sender immediately and destroy all electronic, paper or other versions. -- Best Regards, Filip Hruska Linux System Administrator

Re: Question about Customer Population by ASN for Canada

s a server provider. I think it's all under the same ASN (might be wrong though) * There are some scrapers on the OVH network - definitely not half a million though Best Regards, Filip Hruska Dne 10/2/17 v 22:05 Stephen Fulton napsal(a): Hi Jack, As OVH is a data centre, I find that ext

Re: Suggestions for a more privacy conscious email provider

Regards -- Filip Hruska Linux System Administrator Dne 12/4/17 v 12:19 Edwin Pers napsal(a): As an anecdotal aside, approx. 70% of incoming portscanners/rdp bots/ssh bots/etc that hit the firewalls at my sites are coming from AWS. I used to send abuse emails but eventually gave up after

Re: Novice sysadmins

I disagree that nobody cares about abuse. I actually received an abuse report from SES as someone thought it would be funny to flag my previous email I sent to this discussion as spam. https://i.imgur.com/RgQa2fN.png -- Filip Hruska Linux System Administrator Dne 12/6/17 v 11:52 Rich

Re: Suggestions for a more privacy conscious email provider

SES can't hit your firewall with bots, it's just an email service. Maybe you meant EC2? And as I said earlier, if you have correctly setup firewall and servers, port scanning or bots can't hurt you in any way. -- Filip Hruska Linux System Administrator Dne 12/6/17 v 18:31 Edwin Pers napsal

Re: Suggestions for a more privacy conscious email provider

of managing outgoing reputation. -- Filip Hruska Linux System Administrator Dne 12/3/17 v 16:12 Jean | ddostest.me via NANOG napsal(a): If you plan to use it for a small group of people, you should consider hosting it yourself. You could set it up with SPF, dkim, dmarc, ipv6. It could be seen

Re: Impacts of Encryption Everywhere (any solution?)

Dne 28. 5. 2018 v 17:00 Rich Kulawiec napsal(a): On Mon, May 28, 2018 at 09:23:09AM -0500, Mike Hammett wrote: Some things certainly do need to be encrypted, but encrypting everything means people with limited Internet access get worse performance OR mechanisms have to be out in place to break

Re: Google DNS intermittent ServFail for Disney subdomain

Would be great if makers of home routers would implement full recursive DNS resolvers instead of just forwards in their gear. -- Filip Hruska Linux System Administrator Dne 10/20/17 v 15:23 Mike Hammett napsal(a): I know it doesn't help your problem, but friends don't let friends use public

Re: Google DNS intermittent ServFail for Disney subdomain

IPv4 smaller than /24 leasing?

[1] http://www.forked.net/ip-address-leasing/ Thanks -- Filip Hruska Linux System Administrator

Re: IPv4 smaller than /24 leasing?

Thanks for all the responses! Seems like I was right about doubting this. Regards -- Filip Hruska Linux System Administrator Dne 1/4/18 v 20:20 Matt Harris napsal(a): They're probably using GRE or other sorts of tunnels, I'd imagine?  It would likely involve increased latency, as any

Re: Any experience with Broadcom ICOS out there?

same lighting conditions, just shot from different angles. Also, there is a dent in the table, which is visible in 2 of the photos. I wonder, why would they do this? Doesn't instill a lot of confidence in me. Regards -- Filip Hruska Linux System Administrator Dne 1/6/18 v 06:15 Chuck Church

Re: Blockchain and Networking

) they can't do any kind of hashing, much less Bitcoin-specific stuff. Trying to mine Bitcoin on switch ASICs would be like trying to transfer water through a 2.4GHz WiFi connection - both are absolutely preposterous ideas. Regards -- Filip Hruska Linux System Administrator Dne 1/9/18 v 17:02

Re: Re: Attacks from poneytelecom.eu

Quite a lot actually. Those servers are fine seedboxes. People also use them for media storage, i.e. online galleries and smaller video streaming sites. Filip > > On 4 Jan 2018 at 6:46 am,wrote: > > > AS12876 is online.net... home of the €2.99

Re: Is WHOIS going to go away?

EURID (.eu) WHOIS already works on a basis that no information about the registrant is available via standard WHOIS. In order to get any useful information you have to go to https://whois.eurid.eu and make a request there. Seems like a reasonable solution. -- Filip Hruska Linux System

Re: Is WHOIS going to go away?

most TLDs has not been the sort of accountability measure that ICANN seems to think it is for a very long time, at least in practice. I'd be much more concerned about RIPE's whois data for AS and IP address An individual can also own an ASN and IP space. You don't have to be a company. -- Filip Hruska Linux System Administrator

Re: Is WHOIS going to go away?

On 04/14/2018 07:29 PM, Florian Weimer wrote: * Filip Hruska: EURID (.eu) WHOIS already works on a basis that no information about the registrant is available via standard WHOIS. In order to get any useful information you have to go to https://whois.eurid.eu and make a request there. Seems

Re: IPv6 addressing plan spreadsheet issue

Well played. How did you actually create the .txt file? Is the filesize spoofed in some way? 8191PB is a lot of storage. -- Filip Hruska Linux System Administrator Dne 4/1/18 v 13:09 Job Snijders napsal(a): Hi all, I made a list of the IPv6 addresses in my home LAN, but have trouble copy

Re: IPv6 addressing plan spreadsheet issue

Hi, I actually got that value from curl (on Mac) so who knows. It's certainly possible that it's generated on-the-fly and curl just shows garbage info. Regards, -- Filip Hruska Linux System Administrator Dne 4/2/18 v 18:59 Tarko Tikan napsal(a): hey, How did you actually create the .txt

Re: Re: Yet another Quadruple DNS?

Is it just me, or is there a problem with the website? I get a nginx 403 Forbidden error when trying to access it. Regards, Filip > > On 29 Mar 2018 at 2:41 pm,wrote: > > > Cloudflare’s website provides some more information: https://1.1.1.1/

Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

This is just stupid. OVH is one of the largest server providers in the world - of course they will be at the top of that list. What exactly should they do, according to you? Why should people de-peer them? Regards, Filip Hruska

Re: BGP Experiment

This experiment should be continued. It's the only way to get people to patch stuff. And if all it takes to break things is a single announcement, than that's something that should be definitely fixed. Blacklisting an ASN is not a solution, that's ignorance. Regards, Filip Hruska On 23

Re: Help on setting up a new block

directly. Regards, Filip Hruska On 20 March 2019 3:02:13 pm GMT+01:00, John Alcock wrote: >Odd Issues > >We recently went through an IP Broker and bought a /18 worth of IP's > >I am listing all my information below. Should be public record. > >AS Number/Range 395437 >AS

Re: CenturyLink/Level 3 combined AS

Cogent and "great" don't belong in one sentence in my opinion. It's usable though and their pricing is (if you push hard enough) simply unbeatable. I would pick L3 any day over Cogent if the pricing was the same. Kind Regards, Filip Hruska On 8 June 2019 3:36:26 pm GMT+02:00, Dav

Re: someone is using my AS number

I don't think the number of networks with disabled loop prevention is that small. For example, let's say you're a hosting provider who has 3 locations... no reason to do cold potato routing and you don't have dedicated links between sites, yet you still want ranges announced at DC A to be

Re: someone is using my AS number

I would contact upstreams of the upstream then. This is quite a serious offence and they should help you. Regards, Filip On 12 June 2019 6:20:42 pm GMT+02:00, Philip Lavine wrote: > yeah I did they are some MSP in India. No help. > >On Wednesday, June 12, 2019, 9:15:51 AM PDT, Fil

Re: someone is using my AS number

Contact the offending upstreams. Filip On 12 June 2019 6:05:58 pm GMT+02:00, Philip Lavine via NANOG wrote: >What is the procedure to have another party to cease and desist in >using my AS number? >Thx -- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: someone is using my AS number

t; > >On Wednesday, June 12, 2019, 9:34:16 AM PDT, Job Snijders >wrote: > >Can you share more details? Perhaps we can put the human social network >to good use. >Other than that this is annoying - are right now operationally >impacted? >Kind regards, >Job

Re: someone is using my AS number

HE doesn't provide any community based TE and I would say they're a pretty major network. Filip On 14 June 2019 2:17:43 am GMT+02:00, Joe Provo wrote: >On Thu, Jun 13, 2019 at 09:58:20AM -0400, Joe Abley wrote: >> Hey Joe, >> >> On 12 Jun 2019, at 12:37, Joe Provo >wrote: >> >> > On Wed,

Re: Russian Anal Probing + Malware

hat anybody can really blame them for THAT.) What does that have to do with the vulnerability scanner? Also: You know it doesn't make any sense, right? -- Filip Hruska Linux System Administrator

Re: CloudFlare issues?

On 6/24/19 4:28 PM, Max Tulyev wrote: Why almost all carriers did not filter the leak on their side, but waited for "a better weather on Mars" for several hours? -- Filip Hruska Linux System Administrator

Re: someone is using my AS number

On 15 June 2019 2:32:21 pm GMT+02:00, Owen DeLong wrote: > > >> On Jun 13, 2019, at 7:06 AM, Job Snijders wrote: >> >> Hi Joe, >> >> On Thu, Jun 13, 2019 at 9:59 Joe Abley > wrote: >> Hey Joe, >> >> On 12 Jun 2019, at 12:37, Joe Provo

Re: Google weird routing?

Google maintains their own GeoIP database. If you peer with them and have access to the peering portal, you can correct the location yourself. Otherwise they have a public form somewhere. --- Filip On 23 May 2019 10:11:30 pm GMT+02:00, Matt Harris wrote: >On Thu, May 23, 2019 at 2:55 PM Jared

Re: DDoS attack

the use of RTBH (null routing / blackholing) Kind Regards, Filip Hruska On 9 December 2019 9:07:35 pm GMT+01:00, "ahmed.dala...@hrins.net" wrote: >Dear All, > >My network is being flooded with UDP packets, Denial of Service attack, >soucing from Cloud flare and Google

Re: Short-circuited traceroutes on FIOS

2 ms 2 ms a23-51-172-254.deploy.static.akamaitechnologies.com [23.51.172.254] Trace complete. -- Filip Hruska Linux System Administrator

Re: RIPE our of IPv4

You can announce your own IPv6 subnets through TunnelBroker. Filip On 30 November 2019 8:37:33 pm GMT+01:00, Matthew Kaufman wrote: >On Sat, Nov 30, 2019 at 9:21 AM Justin Streiner >wrote: > >> >> >> While a tunnel from HE works perfectly well, it would be nice to have >> native v6 from VZ.

Re: Hi-Rise Building Fiber Suggestions

It really depends on what you're interconnecting. Some NICs don't support SM optics, so even if you would like to run SM everywhere, it's not necessarily possible depending on the equipment. For example, I had issues with some SolarFlare cards which happily take 10G-SR MM but won't take 10G-LR

Re: akamai yesterday - what in the world was that

Game updates are generally compressed chunks and the client does live decompression on the data. As such, insufficient CPU or IO performance will result in lower overall speeds, since it can't keep up with the incoming stream of data. Regards, Filip On 1/23/20 9:11 PM, Tom Deligiannis

Re: TCP-AMP DDoS Attack - Fake abuse reports problem

Hello, Since OVH has been offering DDOS protection capable of soaking up hundreds of gigabits+ per second as a standard with all their services for a long time, I'm assuming this is a miscommunication / standard support response. I would try to get in touch with the network team and include

Re: Looking for transit with full table bgp cloud options

Hi, I would recommend taking a look at a spreadsheet available at https://bgp.services Filip On 12 March 2020 10:30:50 pm GMT+01:00, Joe Maimon wrote: >Hey all, > >I am looking for some cloud services, that would support Transit and >full table BGP to the cloud provided vm(s). > >I am

Re: Best way to get foreign ISPs to shut down DDoS reflectors?

Sounds like you'll need to talk to your upstreams if they can provide DDOS protection, alternatively look for remote DDOS protection options. Regards, Filip On 23 April 2020 11:30:36 pm GMT+02:00, Bottiger wrote: >We are unable to upgrade our bandwidth in those areas. There are no >providers

Re: Mystery CDN

evel3 node at random (192.67.191.173) and doing an rDNS lookup reveals the following: 173.191.67.192.in-addr.arpa. 3600 IN    PTR LEVEL3-CDN-192-67-191-173.de.kpn-eurorings.net. There's your answer. "Level 3 CDN". Kind Regards, Filip Hruska On 6/17/20 6:09 PM, Justin Oeder wrote: Former

Re: Global Peer Exchange

To expand on that a bit: The pricing differs per geographical region, I was offered 0.1 EUR/Mbps, someone I know in Australia got a price several times higher. No fixed port costs, no commit, no distance-based fees. No discounts for larger ports. Both sites have to be separate companies, not

Re: 10g residential CPE

I wouldn't rely on these numbers too much, your testing methodology is flawed. People don't expect RING nodes to be used as speedtest servers and so they are usually not connected to high speed networks. Using a classical speedtest.net (Web or CLI) application would make much more sense, given

Re: DOD prefixes and AS8003 / GRSCORP

Contacted HE NOC earlier regarding these announcements, they are "legitimate". Filip On 11/03/2021 14:56, Javier Henderson wrote: On Mar 11, 2021, at 8:43 AM, Eric Dugas via NANOG wrote: I would be really curious to see the LOA presented to AS6939 to announce 54 million IPs out of