Please allow me to change this:
I then would deaggregate (as little as possible) to be able to announce the
same more specific as the attacker.
to this:
Announce the same more specific as the attacker.
scott
--- [EMAIL PROTECTED] wrote:
From: Scott Weeks [EMAIL PROTECTED]
To: [EMAIL
--- [EMAIL PROTECTED] wrote: ---
From: Jason Fesler [EMAIL PROTECTED]
I am signed up for the Prefix Hijack Alert System
(phas.netsec.colostate.edu) and would be alerted in about 6 hours (or
less?) about a prefix announcement change.
Would the alerts go to a mail server behind said
hope
after exhausting all other avenues of resolution.
scott
protocol.
---
And the only one that'd really come into play would be shortest number of AS
hops, so topological closeness would be the deciding factor on whether the
traffic transits the attacker's network or properly comes directly to me.
scott
enough that it
disrupts the spammers. Perhaps I'm talking out of my ass and don't have
a clue.
In any case, I don't believe a blanket block of 25 is the answer.
-Justin Scott, GravityFree
smime.p7s
Description: S/MIME Cryptographic Signature
. I'm still not 100%
convinced that a blanket port block is the answer, but then again I'm
not an ISP so my opinion shouldn't be on the top of the list of
considerations either. I do have some things to think about for new
customers though g.
-Justin Scott, GravityFree
smime.p7s
or not.
-Justin Scott, GravityFree
smime.p7s
Description: S/MIME Cryptographic Signature
This reminds me of a story I was told a while back that there was a batch
of 3com NIC's that all went out with the same MAC from the factory. I
never found out if that was a rumor/urban legend or the truth. Anyone
know firsthand or have an article about that?
-Scott
-Original
!
Scott Morris
[EMAIL PROTECTED]
, but if you could contact me at [EMAIL PROTECTED]
that will be much easier! Any emails to the subscribed address here won't
work, which is the problem I'm attempting to solve with Windstream! :)
Thanks in advance!
Scott Morris
[EMAIL PROTECTED]
--- [EMAIL PROTECTED] wrote:
Well, perhaps you can share any information with us on a legitimate client
you have?
--
Now why do you have to go there? Just to fan the flames for fun and profit?
:-(
scott
--- [EMAIL PROTECTED] wrote:
On Mon, 8 Sep 2008, Scott Weeks wrote:
--- [EMAIL PROTECTED] wrote:
Well, perhaps you can share any information with us on a legitimate client
you have?
--
Now why do you have to go there? Just to fan the flames for fun
and error counters, signal parameters, alarm status,
etc.
--
You might try over on alcatel-nsp as well.
scott
http://it.slashdot.org/article.pl?sid=08/09/22/1253201from=rss
nice to see a wholesale DNSSEC rollout underway (I must confess to
being a little surprised at the source, too!). Granted, it's a much
more manageable problem set than, say, .com - but if one US-controlled
TLD can do it, hope
On Mon, Sep 22, 2008 at 8:49 AM, Keith Medcalf [EMAIL PROTECTED] wrote:
If even one delegation is unsigned or even one resolver does not
enforce DNSSEC, then, from an actual security perspective, you will
be far worse off than you are now.
Why?
If the local resolver does not perform
from ASN 8997, so refused the proper announcement from ASN 36149 (me) it
normally hears from ASN 174 (Cogent).
If the above two are correct, would it be correct to say only the downstream
customers of ASN 3267 were affected?
scott
--Scott Weeks [EMAIL PROTECTED] wrote: ---
I am hoping to confirm a short-duration prefix hijack
snip
-
--- [EMAIL PROTECTED] wrote: ---
From: Christian Koch [EMAIL PROTECTED]
I couldn't find any relevant data confirming the announcement
-of-the-water in preparation for future 'events' and I guess I was
starting to be trigger happy after all the talk about the new BGP attack.
scott
--- [EMAIL PROTECTED] wrote:
From: Marshall Eubanks [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: prefix hijack by ASN 8997
On Mon, 22 Sep 2008, Scott Weeks wrote:
I am hoping to confirm a short-duration prefix hijack
snip
--- [EMAIL PROTECTED] wrote:
From: Hank Nussbacher [EMAIL PROTECTED]
I too spotted this via PHAS for a large number of prefixes, but have not
received alerts from IAR, Watchmy.Net nor does
privately) ASN 8997 leaked a
full table to ASN 3267 (who didn't filter!). The only upstream of ASN 3267 I
saw in bgplay was ASN 174 (Cogent) who seems to have filtered, but I can't
confirm. So I guess that the impact would've only been to the peers downstream
of ASN 3267.
scott
it to be ;)
Russell Mitchell - Russ[at]Atrivo.com
Atrivo Technologies
--
scott
that one of the two DNS servers is reporting
a lame delegation (204.61.216.4), and the other isn't responding at all
(204.42.254.5).
The two sites are not using the same DNS servers, so likely unrelated
issues.
-Justin Scott
smime.p7s
Description: S/MIME Cryptographic Signature
. That type of action makes your position less valid.
scott
Can someone from TW Telecom contact me offlist?
I have a customer having issues connecting to a TW Telecom hosted site.
Scott Wolfe
Cybera, Inc
615-301-2346
PGP.sig
Description: PGP signature
Anycast?
http://www.nanog.org/meetings/nanog29/abstracts.php?pt=NjcxJm5hbm9nMjk=nm=n
anog29
Might need to know a little more about the layout here for a better answer.
-Scott
-Original Message-
From: rodrick brown [mailto:rodrick.br...@gmail.com]
Sent: Friday, December 18, 2009
is going to be significantly more than 1%...
Scott
by this stage...
Scott.
against something I'm not thinking of? ;)
Scott
Glen Kent wrote:
Would encrypting multicast not fundamentally break the concept of multicast
itself, unless you're encrypting multicast traffic over a backbone?
No, i wasnt alluding to encrypting the multicast traffic. I was
thinking
But IGMP IS the control traffic with users. And PIM IS the control
traffic between multicast routers.
?
Scott
Glen Kent wrote:
On Wed, Dec 23, 2009 at 7:46 PM, Dobbins, Roland rdobb...@arbor.net wrote:
On Dec 23, 2009, at 6:41 PM, Glen Kent wrote:
Any idea if folks use AH or ESP
On Wed, Dec 23, 2009 at 3:01 PM, Scott Weeks sur...@mauigateway.com wrote:
It must be purchased:
Only if you want the dead-tree edition. The others are linked below the
text you've quoted.
Scott.
--- sc...@doc.net.au wrote: --
From: Scott Howard sc...@doc.net.au
On Wed, Dec 23, 2009 at 3:01 PM, Scott Weeks sur...@mauigateway.com wrote:
It must be purchased:
Only if you want the dead-tree edition. The others are linked below the
text you've quoted
fixed
while you slept.
scott
or /24.
I encourage anyone on this list who's interested in these topics to
browse the PPML archives, look over the full list of active draft
policies and policy proposals at https://www.arin.net/policy/proposals/,
and subscribe to PPML. We need all the input we can get.
Thanks,
Scott Leibrand
flameproof panties == ON :-)
:mops work.
It depends on who wrote it and the experience the person has (on the particular
network) who generated it..
scott
situation.
Scott.
been
thinking about setting up a load-balancing routing solution to give both
of us access to both lines.
---
Maybe www.xincom.com/products.php will work?
scott
staff? I personally was yanked out of bed by my network
--
Try no notice at all and 4 GigEs of upstream bandwidth down at 1:30am. :-(
scott
To be honest, when I figured a big BUNCH of d000 was going to hit the
Internet, I did not expect it to come from Italy.;)
Chuck Anderson wrote:
Anyone know why this ISP from Italy is advertising d000::/8 to the
IPv6 Internet?
show route d000::/8
inet6.0: 2446 destinations, 5143
and if we buy from them, they'll be encouraged to
spam more nanog folks.
The guy knows it's wrong as he doesn't even use his own name on the email, so
we have to deny purchasing from anyone in the company to have an effect.
scott
--- Begin forwarded message:
From: broadc...@nstnetmail.com
occurring.
scott
--- myli...@battleop.com wrote:
From: Richey myli...@battleop.com
These guys don't get it. IF they call and pester me they miss out on a lot
of sales.
-Original Message-
From: Chris Adams [mailto:cmad...@hiwaay.net]
option). Way to make sure I never buy from you!
Jorge Amodio allegedly wrote on 01/21/2010 10:41 EST:
As an starting point you should read The Tao of the IETF RFC4677 (currently,
update draft in progress).
About your particular question read section 8.4.5.
Regards
Jorge
Right. And it's subtler than you think. Some network operators
a matter of time.
Scott.
-94.html
http://unbelievablyfair.com/
-Scott
-Original Message-
From: George Bonser [mailto:gbon...@seven.com]
Sent: Thursday, January 28, 2010 1:56 AM
To: Kevin Oberman
Cc: nanog@nanog.org
Subject: RE: Comcast IPv6 Trials
-Original Message-
From: Kevin Oberman
I think that good is all relative to what you are most likely to be
able to reach from wherever your location happens to be!
Google's... Level 3's. Root DNS servers (anycast) Pick something.
Scott
Curtis Maurand wrote:
I'd rather send him to something more open like kernel.org
I was about to suggest IPPlan, but it is lacking the V6 support. Here is
one I found doing some searching, but I haven't used it myself:
http://sourceforge.net/projects/haci/
-Scott
-Original Message-
From: Pavel Dimow [mailto:paveldi...@gmail.com]
Sent: Tuesday, February 02
Might be better off going to Philly, its only about an hour and a half away,
and you'll likely have better connectivity options. Most of the big data
centers in NJ are well within the 50 mile requirement (Bergen County,
Hoboken, Newark, Jersey City).
-Scott
-Original Message
own.
So the cut was likely construction on whatever the fiber was near. The other
option is that the fiber provider was actually doing maintenance (adding
capacity, fixing a troubled strand) and did the damage themselves.
-Scott
-Original Message-
From: Bret Clark [mailto:bcl
if you're using the free version of the
database.
Scott
expect. ;-)
scott
. I've seen it in telefant mgmt.
scott
--- isabeldi...@yahoo.com wrote:
From: isabel dias isabeldi...@yahoo.com
who's side are you on?
Just before answering think about the opportunities and threats before consider
having sex! You just need to know how to protect yourself. Not to everyone’s
the password wrong, so a user entering their
username/password even only once will get them blocked for X minutes.
Scott
. And wouldn't you know
it, ORD has direct flights...
They're good and they peer with HIX. Good surf on the North Shore in Feb, too:
http://www.prh.noaa.gov/hnl/pages/SRF.php ;-)
scott
Surf along north facing shores will be near 5 feet
. I doubt they'd consider Sunset Beach on the North Shore of Oahu Hawaii
anyway. That's kinda out there... ;-)
scott
depending on
region.
Scott.
-customers.
I'd also be interested in knowing where you consider the single
points of failure for their announcement of 4/8 is, but that's
probably for another thread...
Scott.
:
64.102.255.44
128.107.241.185
Scott.
server is no longer the
correct nameserver for a domain, but it's still configured to be
authoritative for that domain).
Scott.
On Sun, Feb 14, 2010 at 4:02 PM, Larry Sheldon larryshel...@cox.net wrote:
I thought I understood but from recent contexts here it is clear that I
do not.
I thought
domains you're serving are actually delegated to you - but simply
separating the functions is a far better solution.
Scott.
.
http://openvpn.net/index.php/open-source/documentation/howto.html
Scott
a big gamble. Buy extras. Lots of them... ;-)
scott
that participate in the iBGP
mesh. Filter them only allowing what they're supposed to advertise. They'll
mess it up a lot if they're like my customers by announcing everything under
the sun. Filter what you're announcing to them. You can fat finger just as
well as anyone else. ;-)
scott
. Collapsing functionality is doable
for smaller sizes. Please elaborate.
scott
Anyone got the ASN of Office des Postes et Télécommunications in French
Polynesia? I'm having a heck of a time looking for it in APNIC.
scott
/status/asn_expand.txt just after sending this: 9471
scott
, and can not integrate with
LDAP (and possibly others) for address validation. Of course, it's
still down to the admin to implement it...
Scott.
On Fri, Feb 19, 2010 at 9:28 PM, Scott Howard sc...@doc.net.au wrote:
They finally fixed this a few years ago, and can not integrate with
LDAP (and possibly others) for address validation. Of course, it's
still down to the admin to implement it...
... can NOW integrate... even.
Scott.
N. Yaakov Ziskind allegedly wrote on 02/23/2010 11:34 EST:
Larry Sheldon wrote (on Tue, Feb 23, 2010 at 10:28:03AM -0600):
On 2/23/2010 4:39 AM, D'Arcy J.M. Cain wrote:
Maybe politicians should just keep their nose out of things that they
can't understand. Email addresses aren't phone
finally see what you all look
like after reading your emails for so many years! ;-)
scott
, so no trouble AFAIK... ;-)
scott
ground with all their stuff, the only road was closed and one idiot in the
ocean waiting to surf it. Strange day here indeed...
scott
:550:1::cc01...
^C
sc...@zaphod:~$
(Yes, I know, the cake and all that, but even so...)
Scott.
on things like ASN.
scott
better as well.
scott
customers say do what?... ;-)
If you don't do BFD they'll have to wait for the BGP session to time out.
scott
)
-
Send the files to a *nix box and run it through strings.
scott
on the BFD pps and folks here are wanting to
change the BGP timers instead.
What're your experiences regarding this?
scott
--- jrh...@netconsonance.com wrote:
So my experience so far has been good product, good company, needs a real
attitude adjustment in the support department.
-
ditto that!
scott
of
these issues.
(I used to work for Cisco in the Security Technology Business Unit,
but I don't any more so I'm obviously not speaking on behalf of anyone
other than possibly myself!)
Scott.
It only supported IPv5. :)
Scott
[1]deles...@gmail.com wrote:
What happened to CRS-2? :)
--Original Message--
From: Robert Enger - NANOG
To: David Hubbard
Cc: [2]na...@nanog.org
Subject: Re: CRS-3
Sent: Mar 9, 2010 4:20 PM
Forget Linksys: Didn't Peter Lothberg's mom have
Isn't that just CYA? Thank the lawyers and corporate compliance
offices and professional whiners.
Scott
John Peach wrote:
On Tue, 9 Mar 2010 20:00:45 -0500
Tim Sanderson [1]t...@donet.com wrote:
[snip]
THIS MESSAGE IS INTENDED ONLY FOR PERSONAL
-knowledgeable seems to find their way there anyway.
Do these sites simply not have the downstream bandwidth to handle the upload
tests? If thats the case I'd really like to see the admins add a
disclaimer of some form directly to the site.
Thanks,
-Scott
-Original Message-
From
, no real address needed. Just use 123 elm street abbeville alabama
36310. That's the first zip code I found on a site... ;-)
At least they're using NDT:
Host: ndt.iupui.donar.measurement-lab.org:7123
scott
--- s...@cs.columbia.edu wrote:
From: Steven Bellovin s...@cs.columbia.edu
On Mar 12, 2010, at 1:57 PM, Scott Weeks wrote:
It requires giving your address.
---
Nah, no real address needed. Just use 123 elm street abbeville alabama
36310
4**
Sent from my Windows Mobile® phone.
-Original Message-
From: nanog-requ...@nanog.org nanog-requ...@nanog.org
Sent: Saturday, March 20, 2010 8:00 AM
To: nanog@nanog.org nanog@nanog.org
Subject: NANOG Digest, Vol 26, Issue 106
Send NANOG mailing list submissions to
.
-Scott
-Original Message-
From: Charles N Wyble [mailto:char...@knownelement.com]
Sent: Wednesday, March 31, 2010 8:46 PM
To: nanog@nanog.org
Subject: Re: Home CPE choice
On 03/31/2010 04:07 PM, William Warren wrote:
I run Astaro on a p-4 celey i had lying around. Get far more than any
Adding to the recent debate over raised v's solid floor, seem there's
another option that wasn't discussed...
http://www.iphouse.com/
Scott.
I just show them this:
http://warriorsofthe.net/
-Scott
-Original Message-
From: Larry Sheldon [mailto:larryshel...@cox.net]
Sent: Friday, April 02, 2010 9:46 AM
To: nanog@nanog.org
Subject: Re: Books for the NOC guys...
On 4/2/2010 08:39, valdis.kletni...@vt.edu wrote
are
assignable to/by vendors, with the other 3/4 being assigned to multicast and
local addresses (the MAC equivalent of RFC1918)
Scott.
don't think we're quite at the state yet
where we need to start recycling the MAC addresses from thrown out CPE
routers. Plus I'm sure the CA government will be more than happy to add a
$4/device recycling fee for anything sold with a MAC address if they find
out about it.
Scott
(PS, I've run
:
https://www.arin.net/participate/meetings/ARIN-XXV/remote.html
Also, don't forget that if you want to pay less (i.e. nothing) for your
IPv6 assignment, you can get a /48 for free from just about any ISP that
does IPv6.
-Scott
http://mailman.apnic.net/mailing-lists/apnic-talk/archive/2010/04/msg2.html
(There's also a PDF version with easier to enlarge images at
http://www.potaroo.net/studies/1slash8/1slash8.pdf )
Scott.
as you can normally rely on higher-level protocols to
detect/correct the errors, but if you're not using ECC in your servers then
you're asking for (silent) trouble...
Scott.
No problems here on the western side of 101 with our ATT Opt-e-man.
That said, the majority of fiber in the Sunnyvale area is on the other side
of 101.
Scott
On Thu, Apr 15, 2010 at 2:29 PM, Shon Elliott s...@unwiredbb.com wrote:
I heard there is a fiber outage in Sunnyvale that has taken
that _didn't_ return something relevant as it's first hit
(such as ARIN's whois, or one of several guides on how to use dig/etc for
reverse DNS).
Of course, they don't teach google in any certification I've come across
either, but...
Scott
Noisy in the beginning and then settles down after a while. Surprising,
though, in what is tracked, so it's worth doing for a while just to observe.
Oh, yeah, also manage your Flash cookies:
http://macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
scott
of
yelling in email WHAT PART OF NO DO YOU NOT UNDERSTAND! before they finally
stop. My apologies for yelling, but I want to get the point across that if we
encourage them the list value is decreased by orders (plural) of magnitude.
scott
and expect accuracy?
-Scott
-Original Message-
From: Bret Clark [mailto:bcl...@spectraaccess.com]
Sent: Thursday, April 29, 2010 12:05 PM
To: nanog@nanog.org
Subject: Re: Edu versus Speakeasy Speedtest
All the new OS's (IE Windows7) automatically adjust TCP window size
Internap do not have an external Looking Glass (not sure about Route Server,
but I suspect it's the same).
If you're a customer their helpdesk will run traceroutes/etc from a specific
location if you ask, within reason of course...
Scott.
On Sat, May 1, 2010 at 12:07 PM, Max Clark max.cl
it. That takes the latency from ~25msec to ~3-4msec. So use both
when doing your modeling. I don't know how to model the error rate, though, as
that would be dependent on the quality of the OSP you're modeling...
scott
ps. if you're so fast in gaming that a difference of 1/5 of a second makes
--- swm...@swm.pp.se wrote:
From: Mikael Abrahamsson swm...@swm.pp.se
On Tue, 4 May 2010, Scott Weeks wrote:
Interleaved turned on to correct errors. This adds ~25msec between
the CPE and the nearest router. Sometimes folks ask for it to be
changed to Fast. We explain that errors may
601 - 700 of 1665 matches
Mail list logo