, unless I'm missing
something, note that the Service Provider version doesn't have OSPFv3 for
IPv6.You have to go with the Advanced IP series for that.
Ray
--
Chris Gotstein
Sr Network Engineer
UP Logon/Computer Connection UP
500 N Stephenson Ave
Iron Mountain, MI 49801
Phone: 906-774-4847
-2+ range. So the demand is there, and so is the service in
some areas.
--Chris
Pen-testing for what?
-Original Message-
From: Scott Berkman [mailto:sc...@sberkman.net]
Sent: Wednesday, June 23, 2010 1:28 AM
To: 'Ken Gilmour'; 'George Bonser'
Cc: nanog@nanog.org
Subject: RE: Penetration Test Vendors
If I wanted someone to do this, I'd probably look at a security
You start with all of them once you have a good understanding of the underlying
protocols.
There is no cheat-sheet.
-Original Message-
From: Sean Donelan [mailto:s...@donelan.com]
Sent: Thursday, June 24, 2010 2:45 AM
To: nanog@nanog.org
Subject: Sources of network security templates
So let us commence the shipping of stupidly overpriced silicon...802.3ba is an
official IEEE standard.
http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_viewnewsId=20100621006382newsLang=en
-C
Metasploit / Rapid7 (open source)
BreakingPoint Systems (commercial)
Sent from my mobile device...
Chris
On Jun 22, 2010, at 4:28 PM, Scott Berkman sc...@sberkman.net wrote:
If I wanted someone to do this, I'd probably look at a security vendor
instead of a general purpose consulting firm
. :)
-C
On Jun 16, 2010, at 3:57 51PM, Chris Woodfield wrote:
OK, this sounds Really Wacky (or, Really Hacky if you're into puns) but
there's a reason for it, I swear...
Will typical OSS UNIX kernels (Linux, BSD, MacOS X, etc) reply to a crafted
ARP request that, instead of having
OK, this sounds Really Wacky (or, Really Hacky if you're into puns) but there's
a reason for it, I swear...
Will typical OSS UNIX kernels (Linux, BSD, MacOS X, etc) reply to a crafted ARP
request that, instead of having FF:FF:FF:FF:FF:FF as its destination MAC
address, is instead sent to the
/justification gets requested.
Chris
___
Nanog-futures mailing list
Nanog-futures@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-futures
the instructions to override it.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Once upon a time, Alexander Harrowell a.harrow...@gmail.com said:
No, but we can and do require cars to have functional brakes and minimum
tread depths, and to be tested periodically.
Not in this state.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet
requirement is a state-by-state thing. It was only added
here a few years ago, and I don't think it is universal.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
I like the personal title:
Daniel Karrenberg, IP address expert
From: Dorn Hetzel [dhet...@gmail.com]
Sent: 27 May 2010 12:10
To: nanog@nanog.org
Subject: thoughts?
http://www.cnn.com/2010/TECH/05/27/internet.crunch.2012/index.html?hpt=T2
If the mainstream can sell more papers/get more viewers then in all likelyhood,
yes.
From: Dorn Hetzel [dhet...@gmail.com]
Sent: 27 May 2010 14:06
To: nanog@nanog.org
Subject: thoughts?
Perhaps my brevity got the better of me. I should have said
stance on this would be helpful. If there is
someone from Verizon out there that can contact me about the technical
aspects of doing this, that would be much appreciated as well.
- Chris
, which is what I have for my home
service. I don't have many complaints about it at home, however it's
clear that it's not up to the task in the case of my client. They have
had the router replaced by Verizon 4 times in about as many months.
- Chris
To be honest, I'm not sure how they got the 100Mb service. The fastest
service I have seen on the FiOS website is the 50/20. I can only
assume that it varies by region.
- Chris
On Thu, May 27, 2010 at 3:22 PM, Robert Enger - NANOG na...@enger.us wrote:
Sadly, I have only the 50/20 FiOS service
for a string
(which is a real PITA for error handling).
If you are writing a program to make SSH connections, you are much
better off using a different SSH client that has a library, e.g.
libssh2, perl's Net::SSH::Perl or Net::SSH2 (which is a perl interface
to libssh2), etc.
--
Chris Adams cmad
apply the same configuration we used for
out generator.
The EMU has built-in alerting as well as the ability to send SNMP traps.
- Chris
On Fri, May 14, 2010 at 1:59 PM, Tom Beecher tbeec...@localnet.com wrote:
I'm presently doing some research into a SNMP-enabled device to monitor a
set of aux
transfer switch. Works like a
champ.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Maxmind or Quova offer a commercial database if that’s what you need. Maxmind
also do a less frequently updated free version.
On 12/05/2010 17:09, Michael Holstein michael.holst...@csuohio.edu wrote:
I am aware of sites that list all the netblocks associated with China
(for example) .. is
most of the old equipment
in use in many places does.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
the time.
So the latency you see on an ADSL line is dependent on how the carrier set up
the DSLAM.
--Chris
of first person shooters,
it may be worthwhile to consider offering a low latency setup for them.
--Chris
service. It sure isn't a fiber
metro-E connection but it does let me run my various servers out of
the house. Perhaps something to look into.
$0.02
~Chris
Thanks,
Bill Bogstad
--
@ChrisGrundemann
weblog.chrisgrundemann.com
www.burningwiththebush.com
www.coisoc.org
We had a customer of ours call and ask the same thing this week. They
run their own Exchange server, and they were getting delivery failed or
delayed to Hotmail account. Issues started on Monday and I as far as i
know, the issue went away yesterday.
Chris Gotstein, Sr
will need to do a harsh/unclean reboot to cope with it.
Chris
-to-end networking and
abolish NAT, but I think most people agree that the average home user
will still need a basic statefull firewall for protection, which means
there has to be a protocol for some devices to temporarily open up ports
on the firewall (or there's still no end-to-end).
--
Chris Adams
gordon b slater [gordsla...@ieee.org] wrote:
On Mon, 2010-04-12 at 16:06 -0400, James Jones wrote:
kind ofrouterOS supports MPLS, linux does not
Likewise the FreeBSD MPLS effort, though this seems to be more like
familiar territory for BSD-heads, but, as ever, funding and equipment
are
mangling. You can do all the same
stateful firewall bits and drop the packet mangling quite easily (it is
certainly not more complex to not mangle packets).
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's
servers.
Network devices like that _can't_ just block all access.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Linux, which may be somewhat safer, but
Linux has had (and will have) bugs too.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
On 19 Apr 2010, at 03:52, joel jaeggli wrote:
On 4/18/2010 6:28 PM, Patrick Giagnocavo wrote:
Franck Martin wrote:
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not
have completed to dual stack the current IPv4 network. So what
We are getting multiple reports of packet loss in Sprint Network in Saint Louis
which appears to be affecting some of our VPNs. Anyone seeing similar issues?
Internet Health Report not showing recent issues.
Chris Patterson, CCNA
Support Manager
Rapid Systems
you are looking for.
You could use port mirroring or an optical tap with various open-source tools
running on a Unix host to do the kind of monitoring you are looking for.
Cheers,
-Chris
On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote:
People,
Good afternoon,
We have a curious
.
---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME
Don't forget WTF.
Chris
-
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita
There's a cut in SWM4
*SMW4 Segment 4.1 cable fault*
Cable shunt fault developed on SMW4 segment 4.1 (Egypt / Alexandria –
Branching Unit #4A onward France / Marseilles) at 07:15GMT on 14-Apr. 2010.
However the shunt fault has further deteriorated and the cable segment was
down at 10:03GMT.
.
Chris
--
Chris Costa
CENIC
cco...@cenic.org
On Apr 8, 2010, at 9:29 AM, Joe Abley wrote:
4) Do exchanges typically support the following address families?
IPv4 Multicast
IPv6 Unicast
IPv6 Multicast
...
Very good point and likely our saving grace in v6. The space is big
enough that we will get a sanity check after (possibly) burning
through the first /3 much faster than expected.
~Chris
[1] - How much IPv6 is there?
http://weblog.chrisgrundemann.com/index.php/2009/how-much-ipv6-is-there/
Greets
Internetworking to describe their stance on the issue.
For what it's worth, here is a good document recently published which
defines that stance:
http://www.isoc.org/pubpolpillar/usercentricity/20100222-Inter-Networking.pdf
~Chris
disclaimerI am the founding chair of the Colorado Chapter of the
Internet
preferences were - resoundingly audience
support was for /127's.
Chris.
Once upon a time, Michael Thomas m...@mtcc.com said:
All true, but I'd still say there's a special rung in hell for bad perl.
Ehh, bad perl is still more readable than good APL. At least I can
reformat the perl! :-)
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY
On Fri, Apr 2, 2010 at 15:01, Jeroen van Aart jer...@mompl.net wrote:
I am curious. Once we're nearing exhausting all IPv4 space will there ever
come a time to ask/demand/force returning all these legacy /8 allocations?
snip
Legacy vs RIR allocated/assigned space is not a proper distinction,
Hi,
I'll toss in that I2 and GEANT have been developing the PerfSONAR toolset.
http://www.perfsonar.net/
Regards,
Chris
On Sun, 28 Mar 2010, Mikael Abrahamsson wrote:
I've been pondering what aspects of a residential broadband connection that
would be worthwhile in testing, which would
Haven't gotten a message through the NANOG mailing list for a week or so
now. Seeing if this works.
--
Chris Gotstein, Sr Network Engineer, UP Logon/Computer Connection UP
http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com
To pile on in the spirit of if people don't complain, nothing will
change - is VZB still insisting on filtering /32 at their peers?
While ARIN is allocating /40s and /48s directly?
-C
On Mar 10, 2010, at 2:18 PM, Seth Mattinen wrote:
On 3/10/10 11:00 AM, Charles Mills wrote:
Does anyone
, tw telecom, offers IPv6
everywhere on 4323 - you have to ask for it, but it is available./plug
~Chris
On Wed, Mar 10, 2010 at 12:00, Charles Mills w3y...@gmail.com wrote:
Does anyone have a list of carriers who are IPv6 capable today?
I would assume this would be rolled out in larger cities
We are getting native IPv6 from HE and Qwest at this time. Qwest was
doing a beta of IPv6 that we were (are) a part of. Not sure of they
have ended the beta and rolled out to production.
Chris Gotstein, Sr Network Engineer, UP Logon/Computer Connection UP
http://uplogon.com
The Juniper SA is by far and away the market leader and in my opinion the best
end user experience.
On 5 Mar 2010, at 15:57, Dawood Iqbal wrote:
Hello All,
Is it possible to get your ideas on what VPN appliances are good to have in
enterprise network?
Requirements are;
SSL
? In other
words, should I _never_ allow customers to announce smaller blocks of my
IPv6 ARIN block?
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
if you are within the spec given in the transceiver datasheet.
Cheers,
-Chris
On Mar 5, 2010, at 3:36 PM, Justin M. Streiner wrote:
A dark fiber path was recently ordered to a remote location on our network,
and to my surprise, the engineering report on the path is coming back at
around 130 km
not their net.
Attempts to get Comcast to look into it seem to end with them pinging their
customer's IP address from the Comcast support center and terminating the call
since they can reach them.
--Chris
of a request), and the admin is left
scratching his head to figure out where the problem is.
IIRC PHP holds an open file descriptor on active scripts, so you can use
lsof to look for things like this (look for deleted or path inode
entries).
--
Chris Adams cmad...@hiwaay.net
Systems and Network
the street from SBUX
downtown also has free access. There's also a city sponsored network available
in several of the downtown parks.
--Chris
downtown.
Manuel's.
http://www.manuels.com/
Guiness fans should stop in at BD Riley's downtown.
http://www.bdrileys.com/
Most coffee shops, bars and restaurants have wifi hotspots since there's an
active group of volunteers that helps install and maintain them.
--Chris
On Feb 17, 2010, at 2:04 PM, Will Clayton wrote:
Maudi's on Lake Austin and Taco Deli are always on my menu. We just got some
Buffalo Wild Wings in town if you are in to that. If you make it to NXNW get
the Calimari. If you wind up ordering pizza, shop local and get the best
pizza for the
-Original Message-
From: Jay Ess [mailto:li...@netrogenic.com]
Sent: 10 February 2010 15:29
To: nanog@nanog.org
Subject: Re: The Internet Revealed - A film about IXPs v2.0: now available
So, for example, if i don't like how a car works i must be able to build
a car to be allowed to
I know that cisco either are or have integrated the IronPort
reputation service into their IPS devices, maybe a check on www.senderbase.org
could help.
Chris Campbell
-
On 9 Feb 2010, at 19:36, Andrey Gordon andrey.gor...@gmail.com
wrote:
Hi list
I have a problem
That's not surprising behaviour on a PaloAlto unit, they are still
very young in the market and my colleagues have had issues with NAT
and proxy arp in the recent past.
Chris Campbell
-
On 9 Feb 2010, at 22:31, Andrey Gordon andrey.gor...@gmail.com
wrote:
By changing
On 05/02/2010 17:33, Drew Weaver wrote:
Has anyone done any research or have any anecdotal numbers related to how common
it is to have a SIP gateway sitting out on the Internet with no ACL or authentication?
Recently we have noticed a couple of instances where we get abuse complaints
. Thanks.
--
Chris Gotstein, Sr Network Engineer, UP Logon/Computer Connection UP
http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com
.
Chris Gotstein, Sr Network Engineer, UP Logon/Computer Connection UP
http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com
On 1/28/2010 7:44 AM, Joakim Aronius wrote:
* Paul Stewart (pstew...@nexicomgroup.net) wrote:
That really makes sense - on an incredibly smaller scale (and I mean
We recently did a backbone router upgrade and the vendor surprisingly
didn't support /31's. We had to renumber all those interconnects and
peering sessions to /30's. That wasn't fun!
On Jan 22, 2010, at 4:53 PM, Seth Mattinen wrote:
Joe Provo wrote:
On Fri, Jan 22, 2010 at 04:08:28PM
. I've
also been recently added to some Internap newsletter list (without even
an opt-out option). Way to make sure I never buy from you!
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
genRtrConfig) that can auto-generate configs for you. The only downside
to Cricket is that development has stagnated (I think it is a case of
it works for me for most everybody using it).
There's also Cacti, which is newer and more current.
--
Chris Adams cmad...@hiwaay.net
Systems and Network
It's a phish people.
I've received several of these for zimmy.co.uk, they lasted about a
week, then they stopped. I would suggest waiting this out, if after a
week or two they haven't ceased then I would suggest contacting the ISP
from where these EMails are originating.
As for the blacklisting
I'm having a strange issue with my traffic to google, could somebody from
Google can contact me off-list.
Thanks!
- Chris
--
Chris Murray
Stargate Connections Inc.
cmur...@stargate.ca
604-606-8988
addressed here.
I got 3 notices about the outage related to our 1 Qwest OC-3.
As for the Juniper security issues, see juniper-nsp archives.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Mike wrote:
We just had a qwest outage of about 2 mins at 1:41am pst. When I called
to report it I was told it was a 200+ emergency software upgrade due to
a security concern, and that we will get a notice later after the fact.
Hmm - I got notice in advance. I'll have to go search for the
It might be associated with some backbone problems that internap
reported starting this morning. I got the all is fixed email about an
hour ago.
CL
-Original Message-
From: Christopher Rogers [mailto:phi...@phiber.org]
Sent: Wednesday, December 16, 2009 1:43 PM
To: nanog@nanog.org
.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
hardware vs. software makes a real firewall. A NAT
gateway has to have all the basic functionality of a stateful firewall,
plus packet mangling. Typical home NAT gateways don't have all the
configurability of an SSG or such, but the same basic functionality is
there.
--
Chris Adams cmad...@hiwaay.net
the proprietary traffic-shaping route. What's good
for really cheap gigabit, redundant, high throughput (including during
64-byte UDP attacks) shapers ? Suggestions appreciated.
Chris
2009/12/9 Nickola Kolev ni...@mnet.bg
На Wed, 09 Dec 2009 06:38:31 +
gordon b slater gordsla...@ieee.org написа
On Wed, 9 Dec 2009, Michael Holstein wrote:
| Their initial email said :
|
| [snip]
| Trend Micro Notification: 137.148.0.0/16 added to DUL
| [snip]
Oh dear. I can see why many sites that once used MAPS now don't :-(
with no NAT, and I
can't play some on-line games unless I open up the Xbox IP in the SSG.
You can debate whether UPnP is the correct solution, but some solution
is needed (even with IPv6) as long as stateful firewalls exist.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY
if there's a Cogent NOC admin here, can you please contact me
privately, off the list. thanks.
-c
. I've isolated it to the egress HTB qdisc.
Any TC experts out there have a spare minute please ? Any thoughts on the
RED qdisc ?
Thanks very much,
Chris
, 10Mbps the ideal values I can translate them into higher
classes, TC seems to work them out as 1600b/8 mpu by default and the timing
resolution confuses me.)
Thanks again,
Chris
2009/12/8 sth...@nethelp.no
Won't say I'm an expert with TC, but anytime I see packet loss on an
interface I
On 08/12/09 23:19, Tony Finch wrote:
On Sat, 5 Dec 2009, Chris Hills wrote:
I maintain a list here [1], many of which are reachable with IPv6.
[1] http://www.chaz6.com/files/resolv.conf
Not all of those are open resolvers, so I wonder what the cirteria for
listing are. I'm especially
On 04/12/09 19:25, Christopher Morrow wrote:
one note: OpenDNS is not the only 'competitor' here just one of
the better obviously known ones.
ie:
4.2.2.2 L(3)
198.6.1.1/2/3/4/5/122/142/146/195 ex-UU
Neustar (can't recall ips, sorry)
I maintain a list here [1], many of which are
On 12/3/09 12:10 PM, Chris Stebner chris.steb...@gmail.com wrote:
For over a month now I've been fighting with Comcast Customer Security
Assurance regarding a simple BlackList issue. Apparently there is some
disconnect between internal applications and their ability to report
BlackList status
my domain name if
the host receiving it is checking SPF?
Chris
-
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita (316) 858-3000 -A stupidity tax
Hubris Communications
up an IPv6 tunnel to SIXXS. Very stable platform. Only drawback
is the lack of support for IPv6 over PPP.
--
Chris Gotstein
Sr Network Engineer
UP Logon/Computer Connection UP
Iron Mountain, MI 49801
Wade Peacock wrote:
We had a discussion today about IPv6 today. During our open thinking
for the SSG5.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
record is if you tell people not to
enforce it.
Chris
-
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita (316) 858-3000 -A stupidity tax
Hubris Communications Inc
. I'm the one
making the decision to ask them to bounce such mail. Seems to me they are
only being responsible in actually enforcing a policy that I set for the domain.
Chris
-
Chris Owen - Garden City (620) 275
times the pixels than 1080i, but is
typically going to be compressed with better algorithms (MPEG4 is
roughly half the size of MPEG2), which would mean 4k video (at TV
quality) would be around 100 megabits per second.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY
On 01/12/09 20:06, Byron Hicks wrote:
These were the numbers presented at an Internet2 meeting about the 4k
testing happening between UCSD and UW. I'm not sure what compression
algorithm they were using for the test.
http://www.bbc.co.uk/blogs/bbcinternet/2008/09/super_hi_vision.html
The
Command+0 for the activity viewer - then click on the stop sign
Sent from my iPhone. Please execute spelling errors.
On 18.11.2009, at 17:43, Steven Bellovin s...@cs.columbia.edu wrote:
Does anyone know an easy way to do kill thread in MacOS's
Mail.App? It's getting increasingly hard to
.
Chris
you looked at the MX series?
+1
~Chris
Dale
--
@ChrisGrundemann
weblog.chrisgrundemann.com
www.burningwiththebush.com
www.coisoc.org
have more info on ESPN360? Thanks.
--
Chris Gotstein, Sr Network Engineer, UP Logon/Computer Connection UP
http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com
On 28/10/09 00:57, Leslie wrote:
How have you dealt with this issue? Does anyone publish a more granular
listing of unallocated space? Does arin have this information somewhere
other than just probing any given ip via whois?
You can at least get a list of all the allocated blocks. Presumably
don't see why IPv6 addresses would be any different.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
..
Cheers,
Chris
-Original Message-
From: Brandon Galbraith [mailto:brandon.galbra...@gmail.com]
Sent: 26 October 2009 20:59
To: nanog@nanog.org
Subject: Power Analysis/Management Tools
Not to go too off-topic, but if there is a more preferred location for me to
ask, please let me know
Once upon a time, Owen DeLong o...@delong.com said:
Please remember that IPv6 DNS is OFTEN not stateless as the replies
are commonly too large for UDP.
Anything that supports IPv6 _should_ also support EDNS0.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet
their email just works in most places.
--Chris
it. Never saw an outright block. A call to the support group
actually got if fixed in about 45 minutes. Call and complain if it's
broken. You are the customer at that point.
--Chris
On Wed, 21 Oct 2009, Alex Balashov wrote:
| I was not aware that tools or techniques to do this are widespread or highly
| functional in a way that would get them adopted in an Internet access control
| application of a national scope.
Doesn't necessarily have to be hugely accurate. The
of configuration management?
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
901 - 1000 of 1215 matches
Mail list logo