On Sun, 07 Apr 2013 12:25:30 -0700, Owen DeLong said:
> > Presumably nothing, as long as you guaranteed that your IP address, netmask,
> > and routes actually match the reality of your network configuration.
> They also cover the case where there are two (or more) routers on the
> network and you
I didn't see any mention of this Tony Hain paper:
http://tndh.net/~tony/ietf/ARIN-runout-projection.pdf
tl;dr: ARIN predicted to run out of IP space to allocate in August this year.
Are you ready?
pgpUxW4V78URP.pgp
Description: PGP signature
On Tue, 23 Apr 2013 20:13:20 -0400, Chris McDonald said:
> Does anyone have a creative (read - fast) way of getting from the mmr there
> to 60 Hudson ?
Taxi? :)
Would help if you told us what exactly you were trying to get from
point A to point B, and in what quantities. What will work well for
On Thu, 02 May 2013 15:48:08 -0700, "Constantine A. Murenin" said:
> On 2 May 2013 15:41, Cameron Daniel wrote:
> > dig -t txt o-o.myaddr.l.google.com
>
> That's cool, but still no IPv6.
> o-o.myaddr.l.google.com. 60 IN TXT "216.66.80.30"
You're complaining that there's no IPv6 dat
On Thu, 02 May 2013 17:05:36 -0700, Paul Ferguson said:
> In the original message, he said 23666
But 'whois as23666' points at Indonesia, not Louisiana, so I suspect
some transcription errors have crept into the process...
pgpru6LP5k5hK.pgp
Description: PGP signature
On Mon, 06 May 2013 15:27:35 -, Warren Bailey said:
> Illegal or undesired?
This sort of stuff comes in two flavors: "typo" and "intentionally done
in furtherance of criminal activities".
The fact that an AS number and matching IP range are involved tends to say it's
not a typo.
pgpiI_flFE
On Wed, 15 May 2013 11:46:36 -0400, Jean-Francois Mezei said:
> Not all ISPs are fortunate enough to be in a town where there is an
> active exchange with Netflix/Akamai/Google presence.
>
> For instance, Montréal just recently oopened a peering exchange. While
> this will eventually allow local
On Thu, 16 May 2013 15:16:22 -0700, "Scott Weeks" said:
> You haven't been here long have you...
>
> He DOES NOT need a 260 word signature (see below!) to make sure he does
> not get UCE from posting to NANOG.
Actually, I think Thomas Cannon was making the opposite point - that if
he's going to s
On Fri, 17 May 2013 10:02:53 -0700, John Starta said:
> Do you believe that Brent wrote the disclaimer attached to his message?
> Despite y/our opinions of such disclaimers, legal counsel in some companies
> still mandate their automatic attachment on all outbound messages. The only
> means of avoi
On Sun, 19 May 2013 16:42:23 -0700, Seth Mattinen said:
> On 5/19/13 4:27 PM, Ben wrote:
> > Do you actually need stateful filtering? A lot of people seem to think
> > that it's important, when really they're accomplishing little from it,
> > you can block ports etc without it.
>
>
> I believe PCI
On Thu, 30 May 2013 09:10:21 -, Joe said:
> a question obsessed me for a long time. "why my pppoe connection to
> internet has a max session time, even if every thing goes ok? "
>From a provider's point of view, forcing a connection to re-establish itself
every few days means that if you
On Fri, 31 May 2013 09:04:17 +0800, Patrick said:
> Probably better to watch stats for each NPA-NXX calling each DID. You
> can fit a distribution to the data for the length of time before another
> call arrives, and automatically throw a ticket at your carrier support
> group when the time betwee
On Mon, 03 Jun 2013 14:52:26 -0500, Kenny Kant said:
> Can anyone from Centurylink confirm any large outage in Dubuque, Iowa area?
It's Dubuque, Iowa. How large can an outage there *be*? :)
(Sorry, couldn't resist. :)
pgphBxIWrDsSw.pgp
Description: PGP signature
On Thu, 06 Jun 2013 01:41:46 -0500, Jimmy Hess said:
> On 6/6/13, Roy wrote:
> > US laws apply where ever the US says they apply.
> > The question is how enforceable the US law is your country. There is
>
> Copyrights owned by people in the US are recognized in Canada, due to
> Canada having sig
On Thu, 06 Jun 2013 12:21:11 -0700, Owen DeLong said:
> As an example, I'm quite certain that if the US Congress passed a law stating
> that we would tax all Spanish citizens residing on Spanish soil $100 per year
> in perpetuity, that law would have the following problems:
Skip the hypotheticals
On Thu, 06 Jun 2013 17:04:43 -0700, Matthew Petach said:
> I've always just assumed that if it's in electronic form,
> someone else is either reading it now, has already read
> it, or will read it as soon as I walk away from the screen.
Things like PGP, TrueCrypt, and Tor help a lot in leveling t
On Thu, 06 Jun 2013 21:12:35 -0400, "Robert Mathews (OSIA)" said:
> On 6/6/2013 7:35 PM, Jay Ashworth wrote:
> > [ . ] Happily, none of the companies listed are transport networks:
> Could you be certain that TWC, Comcast, Qwest/CenturyLink could not be
> involved?
Pay attention. None of t
On Tue, 06 Dec 2011 17:07:47 EST, Dan Collins said:
> On Tue, Dec 6, 2011 at 4:45 PM, wrote:
> > On Tue, 06 Dec 2011 10:30:20 PST, "andrew.wallace" said:
> >> It could be argued that Nmap is malware, and such software has already
> >> been called to be made illegal.
> >
> > Called by whom, other
On Tue, 06 Dec 2011 15:49:29 PST, "andrew.wallace" said:
> A trojan can be used for good if in the right hands as a remote access tool
> for business use.
Best troll line since n3td3v got banned from full-disclosure. Well played,
I've been
outclassed, I'm outta here.
pgpISZBNqu43g.pgp
Descri
On Tue, 06 Dec 2011 17:09:54 PST, Michael Thomas said:
> On 12/06/2011 05:03 PM, valdis.kletni...@vt.edu wrote:
> > On Tue, 06 Dec 2011 15:49:29 PST, "andrew.wallace" said:
> >> A trojan can be used for good if in the right hands as a remote access
> >> tool for business use.
> I had assumed that
On Tue, 06 Dec 2011 18:10:14 PST, Owen DeLong said:
> No, a Trojan is malware. Any software which operates without the
> knowledge or consent of the user to engage in operations the user would
> not reasonably expect is not being used for good, no matter how well
> intentioned.
Strictly speaking,
On Tue, 06 Dec 2011 23:35:06 PST, Owen DeLong said:
> Software which operates with the knowledge and consent of the owner, but, not
> the
> knowledge or consent of the end-user is still, IMHO, nefarious at best.
Yeah well... that horse left the barn once this company in Redmon released
an operati
On Fri, 09 Dec 2011 14:47:06 CST, Benson Schliesser said:
> +1 to Fred's comments. Hopefully, the existence of an open IPv4 address
> market will help avoid some of the worst. (At least for a while, until
> the rising prices get too high for a competitive environment. And maybe
> by then the pr
On Sat, 10 Dec 2011 20:48:45 EST, Barry Shein said:
> >> I just had a personal email from a brand new ISP in the Asia-Pacific
> >> area desperately looking for enough IPv4 to be able to run their
> >> business the way they would like?
>
> This sniping elicited by the above seems inappropriate and
>
On Sun, 11 Dec 2011 19:21:49 PST, Joel Jaeggli said:
> Netflix uses CDNs for content delivery and the platform runs in EC2. What
> would peering with them achieve?
I suspect Faisal's *real* question is "Who at Netflix do I talk to in order to
discuss
mutually beneficial traffic engineering?"
pg
On Tue, 13 Dec 2011 23:56:19 EST, "Justin M. Streiner" said:
> As far as I'm concerned, they can have as much of 10/8 as they want. My
> rate per /24 is very reasonable.
Oh, I don't think they'll fall for that, everbody knows 10/8 and 192.168/16 are
private networks. However, I bet I can underb
On Thu, 15 Dec 2011 07:42:40 PST, Matthew Kaufman said:
> Here's a simple one involving "squat" space: You have a network that
> internally is using *all* of 10.0.0.0/8 *and* 5.0.0.0/8 (because you
> have enough customers to fill two /8s).
>
> Now that 5.0.0.0/8 is being allocated, you need to mov
On Thu, 15 Dec 2011 14:32:17 PST, Leo Bicknell said:
> 80% effiency that would require ~2.5 /8's worth of space. It would only
> take a couple of these sorts of requests and the free pool is gone.
/me makes some popcorn. This could be fun.
pgpCZOCgqbO2T.pgp
Description: PGP signature
On Tue, 20 Dec 2011 13:37:23 -0300, "Eduardo A. =?iso-8859-1?b?U3XhcmV6?=" said:
> what if evil guys hack my mom ISP DNS servers and use RPZ to redirect
> traffic from mom_bank.com to evil.com?
>
> How can she detect this?
The snarky answer is "If your mom has to ask how she can detect this, she's
On Tue, 20 Dec 2011 17:16:06 GMT, bmann...@vacation.karoshi.com said:
> the one difference is that ISC will be shipping RPZ enabled code v.
> the blackhat having to hack the machine and modify the configuration.
EIther way, the blackhat still has to hack the machine and modify the con
On Wed, 21 Dec 2011 15:18:05 PST, Owen DeLong said:
> Perhaps you have not, but, others have. I have seen environments where
> SLAAC is much more useful than DHCPv6. I've seen environments where
> DHCPv6 is needed.
OK, I'll name names. If you have end users still running WinXP, getting them
at le
On Thu, 22 Dec 2011 21:04:42 +0100, Tomas Podermanski said:
> Well, then how many devices do you have in the network that uses IPv6?
1,300+ wireless access points, 1,100+ switches, 30k+ users, around 55%
doing at least some IPv6 traffic (mostly when they hit Google).
> Do you have implemented fi
On Fri, 23 Dec 2011 12:16:38 MST, Joel Maslak said:
> However, they are susceptible to things like wireless network issues,
> TCP limitations (one stream vs. many streams), and misconfiguration of
> devices at the customer location. And the speed test box isn't
> necessarily configured/speced cor
On Fri, 23 Dec 2011 21:19:25 +0100, Tomas Podermanski said:
> It sounds good, but according to RFC 6434 ( IPv6 Node Requirements)
> SLAAC is required, but DHCPv6 is only optional. So any manufacturer of
> operating systems or devices do not have to support DHCPv6.
Strictly speaking, they don't *
On Fri, 23 Dec 2011 21:06:26 +0100, Tomas Podermanski said:
> On 12/23/11 4:33 AM, Owen DeLong wrote:
> > If there is actual real world demand for it, it will get implemented.
> > Reality is that today, DHCPv4 has been running just as insecure for many
> > years
> > and nobody cares. I don't know
On Mon, 26 Dec 2011 12:32:46 EST, Ray Soucy said:
> 2011/12/26 Masataka Ohta :
> > And, if RA is obsoleted, which is a point of discussion, there
> > is no reason to keep so bloated ND only for address resolution.
> By who? Sources please.
> A few people on NANOG complaining about RA is pretty fa
On Tue, 27 Dec 2011 22:23:48 +0100, Tomas Podermanski said:
> I agree with you. Deploying IPv6 is really not easy and not cheep as
> some IPv6 enthusiasts claims.
It's probably as easy and as cheap as IPv4 is. You've just forgotten
how expensive and painful it was to solve all the exact same pro
On Wed, 28 Dec 2011 07:49:21 +0900, Masataka Ohta said:
> valdis.kletni...@vt.edu wrote:
> > Especially when some of the biggest IPv6 networks out there are still using
> > it pretty heavily.
> That's not a valid counter argument against people who
> found problems in certain environment.
>
> IPv6
On Wed, 28 Dec 2011 04:58:19 +0530, Glen Kent said:
> I had assumed that nodes derive their link local address from the
> Route Advertisements. They derive their least significant 64 bytes
> from their MACs and the most significant 64 from the prefix announced
> in the RAs.
No, on Ethernet-ish ne
On Wed, 28 Dec 2011 21:56:19 +0900, Masataka Ohta said:
> According to the end to end argument, the only possible solution
> to the problem, with no complete or correct alternatives, is to
> let hosts directly participate in IGP activities.
That's only for hosts that are actively trying to commun
On Thu, 29 Dec 2011 11:51:00 +0900, Masataka Ohta said:
> valdis.kletni...@vt.edu wrote:
> > Quick sanity check on the hypothesis: Does Windows ship with an IGP enabled
> > by
> > default?
> Sanity check with Windows? Are you sure?
It's a quick sanity check to this statment:
>> According to the
On Thu, 29 Dec 2011 21:53:29 +0900, Masataka Ohta said:
> IGP snooping is not necessary if the host have only one next
> hop router.
You don't need an IGP either at that point, no matter what some paper from
years ago tries to assert. :)
pgpOVkl5pWSgU.pgp
Description: PGP signature
On Thu, 29 Dec 2011 09:14:20 GMT, Florian Weimer said:
> Because there's a CPE which acts as a mediator, or the host uses some
> dial-up-type protocol which takes care of the IGP interaction.
So what percent of the *CPE* in the average cable-internet or DSL farm *actually
uses* an IGP, and how muc
On Fri, 30 Dec 2011 07:30:16 +0900, Masataka Ohta said:
> IGP is the way for routers advertise their existence,
> though, in this simplest case, an incomplete proxy of
> relying on a default router works correctly.
Which is sufficient for 99.8% of hosts out there.
> Beyond that, if there are mult
On Fri, 30 Dec 2011 12:12:43 +1100, Mark Andrews said:
> Well I'd like to be able to plug in the cable router and the DSL
> router at home and have it all just work. Just because it is 0.2%
> today doesn't mean that it will be 0.2% in the future. As home
> users get more and more dependent on th
On Fri, 30 Dec 2011 11:40:35 PST, Vadim Antonov said:
> faster than the speed of light. (The reality of FTL neutrino thingie is still
> too early to tell).
Especially if you actually *read* the actual journal article rather than the
pop-sci interpretation of it, it basically says "our experiment h
On Tue, 03 Jan 2012 15:19:08 PST, Owen DeLong said:
> The implementation of IPv6 in a host MUST support SLAAC. That does not mean
> that the host must use that support in any particular environment.
The odd part is that the above paragraph is equally true if you replace SLAAC
with IPSec - but in
On Thu, 05 Jan 2012 08:29:05 PST, Leo Bicknell said:
> But let's take a specific (famous) example. Kevin Mitnick. From
> his wikipedia page:
>
> "During his supervised release, which ended on January 21, 2003, he was
> initially forbidden to use any communications technology other than a
>
On Thu, 05 Jan 2012 11:09:59 EST, Jay Ashworth said:
> Didn't *say* broadband. Didn't even say "Internet service". Said "Internet
> *access*", in the non-techspeak meaning of those words.
There are those who would say "Free Internet access is available at the
Public Library and the Community Ce
On Thu, 05 Jan 2012 12:34:32 EST, Jon Schipp said:
> I think the idea that food, shelter etc. are human rights is absurd.
> Doesn't that imply that someone must provide those things for me? What
> if they don't want to? Does that mean they are forced to? Which would
> be a violation of their human
On Thu, 05 Jan 2012 13:42:50 EST, William Herrin said:
> The really odd thing is that the act also says:
>
> `(2) Access to a record or information required to be retained under
> this subsection may not be compelled by any person or other entity
> that is not a governmental entity.'
>
> What does
On Fri, 06 Jan 2012 09:11:30 +0530, Suresh Ramasubramanian said:
> I would love to ask the EFF just what you do when you don't log stuff,
> and then need to troubleshoot someone causing a DDoS or something from
> your network in a hurry.
What John actually said:
> OSPs cannot be forced to provide
On Fri, 06 Jan 2012 10:12:37 EST, Alan Clegg said:
> I've been under attack for about the last 12 hours.
>
> Other pointers to resources to trace the miscreants responsible would
> also be appreciated.
To tie this in to another thread - Alan is somebody who understands you
probably have operation
On Wed, 11 Jan 2012 17:41:15 EST, Jay Ashworth said:
> Is 'The Internet' ready to deliver live 1080p HD with very close to zero
> dropouts to 25-30 million viewers for 4 hours straight every week, yet?
Depends how much compression you use. :)
pgprMJ4o8lC7c.pgp
Description: PGP signature
On Thu, 12 Jan 2012 01:19:57 GMT, George Fitzpatrick said:
> Smart tv's should help, no?
Only so much.
No matter what they show on CSI about enhancing video, if that stream got
compressed so the football Tim Tebow just threw is just a brown ellipse,
there;s no legitimate way to put the seams back
On Thu, 12 Jan 2012 11:53:24 PST, Leo Bicknell said:
> In a message written on Thu, Jan 12, 2012 at 11:45:58AM -0800, Network IP Dog
> wrote:
> > Isn't this Internet censorship?
>
> It's not censorship when you pay someone to stuff a sock in your
> own mouth.
Collorary: It is, however, censorsh
On Thu, 12 Jan 2012 16:02:49 EST, Paul Stewart said:
> Today, we manually do YUM updates to all the CentOS servers . just an
> example but a good one. I have heard there are some open source solutions
> similar to that of Red Hat Network?
You can configure yum-updatesd to download and/or apply n
On Mon, 16 Jan 2012 09:55:29 PST, Jon Sevier said:
> be considered 'enterprise ready'. It's at best coffee shop ready based on
"coffee shop ready". I'll have to remember that one, thanks. ;)
pgpXrRFUaRX4v.pgp
Description: PGP signature
On Tue, 17 Jan 2012 21:24:18 EST, "Jason 'XenoPhage' Frisvold" said:
> On Jan 17, 2012, at 8:17 PM, Seth Mattinen wrote:
> > I kind of feel left out with all the fanfare now, having launched IPv6
> > many years ago.
>
> You can always do the Grand Re-Opening thing.. :P
Can we have a "What took you
On Thu, 19 Jan 2012 21:52:52 +0900, Randy Bush said:
> uselessness, with more crap welded on to it than envisioned in mad max.
oooh... steampunk BGP. ;)
pgp6oLFEo2OEt.pgp
Description: PGP signature
On Fri, 20 Jan 2012 12:00:15 +0100, Tei said:
> What sould fileshares must do, is to store files in these services in
> a encrypted way, and anonimized name. So these services have
> absolutelly no way to tell what are hosting.
http://freenetproject.org/
pgpQ1myO3UNxN.pgp
Description: PGP signat
On Fri, 20 Jan 2012 12:46:51 CST, Robert Bonomi said:
> Sorry, but the last sentence is simply _not_ true. If the making of the
> copy was a violation of 17 USC 106 (1) or (2), it's existance is proscribed
> by law.
Nice try, but reading 17 USC 503 (b) we see:
"As part of a final judgment or de
On Mon, 23 Jan 2012 13:28:49 GMT, Don Bowman said:
> Given that filesonic cut off sharing, but still allows users to fetch
> links they themself posted, one could make the assumption from the below
> that there was negligible traffic due to people re-fetching their
> own content.
Note that the fil
On Thu, 26 Jan 2012 12:07:19 EST, Lamar Owen said:
> What's interesting here is that this is the third book I've seen on Amazon
> where the used price is higher than the new;
Off-topic, but this usually happens when the book has a "new" price listed, but
is in fact unavailable/out-of-print. So it
On Thu, 26 Jan 2012 19:47:15 PST, Owen DeLong said:
> Where the definition of (efficient) is highly flexible and almost
> certainly does not refer to bit conservation.
There's a reason we put 128 bits in there. :)
pgpZa0WH9QExQ.pgp
Description: PGP signature
On Fri, 27 Jan 2012 11:35:49 +0100, Tei said:
> Theres also a rumour that these new consoles will require internet to
> download games.
Apply some logic here - is it in the vendor's best interests to *require*
internet to download games? As somebody else pointed out, there's an awful lot
of curr
On Fri, 27 Jan 2012 13:16:27 EST, Bryan Horstmann-Allen said:
> Bit odd, if it's a phish. Even more odd if it's actually from the Fed.
What if it's a phish from a compromised Fed box? :)
pgpIlK6iR0Hh4.pgp
Description: PGP signature
On Wed, 01 Feb 2012 12:52:57 +1100, Mark Andrews said:
> > - A largish (national telco of a small country) ISP started announcing
national telco. oooh ka...
> And if I have a contract to commit murder that doesn't mean that
> it is right nor legal. A contract can't get you out of dealing
> w
On Mon, 06 Feb 2012 06:50:54 +0530, Glen Kent said:
> Most routers today are basically IPv4 routers, with IPv6 thrown in.
Not sure if this statement is troll bait or flame bate. Probably both. ;)
I see Joel has already confirmed my memory that vendors had ASICs
doing IPv6 forwarding last century.
On Fri, 10 Feb 2012 09:37:01 PST, Leo Bicknell said:
> We know how to sign and encrypt web sites.
>
> We know how to sign and encrypt e-mail.
>
> We even know how to compare keys between the web site and e-mail via a
> variety of mechanisms.
>
> We know how to sign DNS.
>
> Remind me again why we
On Fri, 10 Feb 2012 14:44:29 EST, Jay Ashworth said:
> a picture of an abandoned factory, with the doors flapping in the wind,
> bceause the company went out of business because someone got spearphished.
Has this ever been spotted in the wild? Serious question - most of the
well-publicized
spea
On Fri, 10 Feb 2012 16:24:11 PST, Landon Stewart said:
> I don't click it. Not sure how long it's going to take, probably a
> generation, for people to use some sense before mindlessly clicking on
> stuff.
Only if you find a way to keep more idiots from being born. :)
I don't think anybody wants
On Sat, 11 Feb 2012 09:09:25 PST, Randy Bush said:
> My $0.02 on this issue is if the message is rich text I hover over the
> link
> and see where it actually sends me.
> >>> idn has made this unsafe
> > Techniques to deal with this sort of spoofing already exist: see
> > http://www
On Sun, 12 Feb 2012 03:47:24 GMT, Sven Olaf Kamphuis said:
> (and that despite the fact that it's perfectly well possible to write -any
> language out there- in the first 7 bits of ascii)
And it's *equally* possible to write "any language out there" using a
7-bit encoding of the Cyrillic characte
On Sun, 12 Feb 2012 10:25:53 +0900, Masataka Ohta said:
> valdis.kletni...@vt.edu wrote:
>
> > (The actual policy for the .UA registrar is more subtle. They *do* in fact
> > allow "U+0441 Cyrillic Small Letter ES" which is visually a C to us
> > Latin-glyph
> > users. However, they require at lea
On Sun, 12 Feb 2012 16:59:36 +0900, Masataka Ohta said:
> The problem is greekbank.gr is spoofable as greekbank.gr.
That would be the .gr registry's problem then. They could take the same
solution as the .ua registry -force lowercase and allow all-latin or all-greek
names.
Oh, what do you know..
On Wed, 15 Feb 2012 10:44:38 +0100, Stephane Bortzmeyer said:
> Challenge taken.
>
> RFC 2277, "IETF Policy on Character Sets and Languages", section 3.1,
> "Protocols MUST be able to use the UTF-8 charset [...] Protocols MAY
> specify, in addition, how to use other charsets [something DNS does
>
On Thu, 16 Feb 2012 21:45:49 GMT, "Dixon, Justin" said:
> Only issue with that approach is that if the colo facility moves your
> hardware at some point you need to ensure that they let you know that so you
> can update your documentation to coincide with (hopefully) their documentation
> of where
On Thu, 16 Feb 2012 19:41:42 EST, Steve Bertrand said:
> I am in the last-moment phase of moving from Canada to the U.S. for a
> one-year contract. Tomorrow I will be crossing at the Peace Bridge at
> Niagara to apply for my TN visa.
And here I thought it was just West Virginia and Alabama that re
On Fri, 17 Feb 2012 10:11:22 +0900, Masataka Ohta said:
> While NAT breaks the end to end connectivity, it can be
> restored by end systems by reversing translations by NAT,
> if proper information on the translations are obtained
> through some protocol such as UPnP.
You got a front end NAT. Yo
On Fri, 17 Feb 2012 11:07:59 +0900, Masataka Ohta said:
> valdis.kletni...@vt.edu wrote:
>
> >> While NAT breaks the end to end connectivity, it can be
> >> restored by end systems by reversing translations by NAT,
> >> if proper information on the translations are obtained
> >> through some protoc
On Fri, 17 Feb 2012 13:01:36 EST, Rodrick Brown said:
> Trades today in the equity markets must be within the national best bid, best
> offer price range or companies can be fined by the SEC which is why latency
> an jitter can be problematic in financial networks.
Am I the only one who thinks tha
On Fri, 17 Feb 2012 10:49:13 PST, Owen DeLong said:
> Now, come on... If you're in the 40-50 range, you should have put octal
> before hex. :p
IBM S/360 definitely preferred hex. And EBCDIC.
pgpJXJPC98gau.pgp
Description: PGP signature
On Sun, 19 Feb 2012 13:02:01 +0100, Jeroen Massar said:
> Per default most webservers (Apache, nginx, etc) won't log POST
> variables, GET variables will be logged (as they are part of the query)
> but those should not contain any PII.
Right. They shouldn't. But the security mailing lists have l
On Sun, 19 Feb 2012 16:24:49 PST, Owen DeLong said:
> No, I think you do not understand...
>
> I have a NAT gateway with a single public address.
>
> I have 15 FTP servers and 22 web servers behind it.
>
> I want people to be able to go to ftp:// and/or =
> http:// for each of them.
>
> Please exp
On Mon, 20 Feb 2012 15:42:56 +0900, Masataka Ohta said:
> George Bonser wrote:
>
> >> It is seemingly working well means there is not much PMTU changes,
> >> which means we had better assumes some PMTU (1280B, for example) and
> >> use it without PMTUD.
>
> > It depends on the OS and the method bei
On Mon, 20 Feb 2012 16:38:00 +0100, Tei said:
> The right solution is to capture the request to these DNS servers, and
> send to a custom server with a static message "warning.html".
Not all DNS lookups are for websites. The lookup could be for NTP, or SMTP,
or ssh, or a World of Warcraft server
On Tue, 21 Feb 2012 16:29:04 CST, Jimmy Hess said:
> Once your user has shared "confidential" information unsolicited with
> an unknown third party, and the general public, the information's
> confidentiality was spoiled by the act of posting, regardless of the
> content of the information
I see
On Fri, 24 Feb 2012 21:39:37 EST, Christopher Morrow said:
> The knobs available are sort of harsh all the way around though today :(
So what would be a good knob if it was available? I've seen about forty-leven
people say the current knobs suck, but no real proposals of "what would really
rock
On Mon, 27 Feb 2012 14:02:04 EST, William Herrin said:
> The net result is that when you switch the IP address of your server,
> a percentage of your users (declining over time) will be unable to
> access it for hours, days, weeks or even years regardless of the DNS
> TTL setting.
Amen brother.
On Tue, 28 Feb 2012 09:02:00 EST, Jared Mauch said:
> Sometimes you have to break the service worse for people to repair it.
I broke it a decade ago, I think I can pretty much give up on expecting people
to
repair it. :)
pgpBAyxDj9y8X.pgp
Description: PGP signature
On Wed, 29 Feb 2012 08:37:40 EST, Rodrick Brown said:
> There's about 1/2 a dozen or so known private and government research
> facilities on Antarctica and I'm surprised to see no fiber end points on that
> continent? This can't be true.
Cost-benefit. A dozen sites, each with only 100-200 people
On Sat, 03 Mar 2012 07:04:52 PST, JoeSox said:
> Go with 'Technical Support' unless you want to take all sorts of calls
> with end users wanting help on operational training issues.
> THIS DOES HAPPEN!
Which is OK, if that's your business model. I know a few small ISPs that
are making a comfortab
On Sat, 03 Mar 2012 13:34:20 CST, Guru NANOG said:
> http://NANOG.GURU
I knew the ICANN expansion of TLDs would lead to no good...
pgpVMBmMlxMkf.pgp
Description: PGP signature
On Sun, 04 Mar 2012 09:41:58 +0300, Daniel Rohan said:
> Is your organization adopting any governance frameworks?
I certainly hope not - any organization that needs that many buzzwords in a
seven word sentence has probably jumped the shark so far that it needs more
than a governance framework to
On Wed, 07 Mar 2012 10:22:56 CST, Jack Bates said:
> ]undo ssh server compatible-ssh1x enable
Ouch. That's brutal. Is it true that setting isn't listed under 'display ssh
server status'?
pgpMgrleE80ON.pgp
Description: PGP signature
On Tue, 13 Mar 2012 20:13:41 PDT, Owen DeLong said:
> I expect within my lifetime that multi-gigabit ethernet will become
> commonplace in the household LAN environment and that when that
> becomes reality, localized IP Multicast over multi-gigabit ethernet
> will eventually supplant HDMI as the pr
On Thu, 15 Mar 2012 13:31:42 EDT, William Herrin said:
> 2012/3/15 Masataka Ohta :
> > OK. You are bell headed.
>
> If you want to be snippy in English, you should first gain a better
> command of the language. Neither of your previous statements has a
> meaning recognized beyond the confines of yo
On Thu, 15 Mar 2012 21:52:54 +0900, Masataka Ohta said:
> > Get real. Even EAPS takes 0.05 seconds to recover from an unexpected
> > link failure
>
> If you keep two or more links, keep them alive, and let them
> know their IP addresses each other, which can be coordinated
> by mobile hosts as the
On Thu, 15 Mar 2012 13:35:13 PDT, George Herbert said:
> What, senior network people testing out new test/transitional space at
> home before they test it at work is bad?
Either that, or Randy was being snarky about how long the promise to *only* use
the address space for numbering CGN interfaces
601 - 700 of 1688 matches
Mail list logo