Re: Without further comment:
Why if they identify as a billy-goat? Thanks, Ameen Pishdadi Gigenet.com / am...@gigenet.com On Sat, Mar 30, 2024 at 8:36 PM Josh Luthman wrote: > Don't assume my gender. You'll offend me. > > That's a lot of manual work lol... > > On Sat, Mar 30, 2024, 11:22 AM William Herrin wrote: > >> On Sat, Mar 30, 2024 at 7:38 AM Josh Luthman >> wrote: >> > How do you know the poster's gender?? >> >> Howdy, >> >> As Josh is an uncommon female name, I'm going to play the odds and say >> that like Bill and I, you're male. Am I mistaken? >> >> Regards. >> Bill Herrin >> >> >> >> -- >> William Herrin >> b...@herrin.us >> https://bill.herrin.us/ >> >
Re: Starlink
Did anyone from starlink contact you? I would like someone to contact me also. On Mon, Feb 8, 2021 at 6:45 PM Robert DeVita wrote: > Can someone from Starlink please contact me off list? > > > > Thank you > > > > Rob > > > > > > [image: photo] > > Robert DeVita > CEO & Founder > > <http://www.linkedin.com/company/mejeticks> > > <http://twitter.com/mejeticks> > > 469-581-2160 > > 469-441-8864 > > radev...@mejeticks.com > > www.mejeticks.com <http://mejeticks.com/> > > 3100 Carlisle St > <https://www.google.com/maps/search/3100+Carlisle+St?entry=gmail=g>, > 16-113, Dallas TX 75204 > > > > > -- Thanks, Ameen Pishdadi Gigenet.com / am...@gigenet.com
Telia rep
Our rep for telia is mia. Can't seem to get anyone to assist us on our account, can someone from telia contact me off list with a contact? Thanks Ameen Pishdadi -- Thanks, Ameen Pishdadi Gigenet.com / am...@gigenet.com
EQUINIX contact
Is there an EQUINIX NOC contact on this list please reply offlist. Having serious logistical issues in an ashburn datacenter. Tickets are not being approved for access and shipments have been delayed weeks. This is vital infrastructure and im probably not the only one having issues with there support. Thanks , Ameen Pishdadi Gigenet AS32181
Power outage LA 600 W 7th - TELX
Greetings, We got an email last night after some alerts from monitoring system. Power on the B UPS feed has been offline till this second and going. Apparently they can not bypass UPS and put the load on the generator. Which is crazy in itself being that it's a data center.. Luckily we have everything on redundant power. Does anyone from DRT or Telx subscribe here that can look into this more for me? Message me off list if possible. Thanks AP
Re: COVID-19 vs. our Networks
I hear enough politics on social media and tv , please leave it off of this list. On Thu, Mar 12, 2020 at 10:37 PM Valdis Klētnieks wrote: > On Thu, 12 Mar 2020 18:08:05 -0600, "Keith Medcalf" said: > > > I don't know but we just issued travel restrictions to the United States > > as it is now a Hot Spot for the unrestricted spread of the coronavirus > > which causes COVID-19. > > Hopefully they're more sensible restrictions than the US policy that > prohibits > travel from most of Europe except the UK... but only for foreigners. If > you're > a US citizen, you're still perfectly welcome to go to Italy and come home > with > a few extra microbes to pass around a week after you return. > > The word for anybody who designs a network firewall with that sort of > logic is > "pwned". Just sayin'. > > (Fortunately, I'm in a position to hide in my apartment and only emerge for > grocery shopping at 2AM until things wind down... Hope everybody else has a > good contingency plan) > >
Re: CenturyLink/Level3 feedback
We have had the worst experience in 20 years dealing with century link and turning up new transit circuits , its been over 9 months since we ordered circuits in LA Chicago and Ashburn and we still do not have our sessions up with links. Level3 has been ruined... On Tue, Jul 23, 2019 at 7:14 PM Stephen Frost wrote: > Since there was a comment on this again, I figure I'll provide an update > ('just' the facts...)- it's now been two more weeks with no evidence of > any progress being made, the equipment's been just sitting there, with > CL going a week without providing any update until prodded and then it > was "let me get back to you"... > > So, no idea when/if this circuit is going to actually get turned up... > > * Ryan Gelobter (rya...@atwgpc.net) wrote: > > I wish CenturyLink would better manage both the legacy level3 portal and > > the current centurylink portal. The fact that I cant just go into 1 place > > and see all of my circuits now is annoying. > > > > On Wed, Jul 10, 2019 at 10:52 AM Cummings, Chris > > wrote: > > > > > I was always taught that “if you can't say anything nice, don't say > > > nothing at all”—That being said, my last CenturyLink turnup was worse > than > > > my last AT turnup. Take that for what it is worth. > > > > > > > > > > > > /chris > > > >
Re: Crooks on the Intrernet: Episode 6,427
We have noticed a huge influx of people requesting us to route blocks of ips they rent from IP brokers, we always make sure they show us an LOA and that radb records match the company name and proper registration is in place, I doubt some smaller providers do the same due diligence, but for me it’s concerning how easy it is to rent ip space these days , it just means that there is a coming storm. Nice investigative work, is this guy listed in rokso by chance ? I am traveling and have crappy connectivity on my phone so I don’t want to bother and check at the moment. On Wed, Nov 21, 2018 at 4:33 PM Ronald F. Guilmette wrote: > > I just thought that y'all might want to be aware of this. > > My attention was called recently to a RIPE-issued block of IPv4 addresses > assigned to a particular Polish firm (Marton Media: > https://martonmedia.pl/) > that appears to sell digital TV services. > > The block in question is 91.149.192.0/18 aka "PL-MARTON-20061120". > > It appears that perhaps this company didn't quite need all of that /18 that > it got from RIPE, so it looks like they parceled out some sub-parts of that > /18 to at least a couple of other parties, to wit: > > "Hostermatrix LLC" aka "ORG-HL183-RIPE": > 91.149.232.0/22 > 91.149.252.0/22 > > "Real Tone Hosting LLC" aka "ORG-RTHL1-RIPE" > 91.149.224.0/21 > 91.149.236.0/22 > 91.149.240.0/21 > 91.149.248.0/22 > > Ignoring, for the moment, the fact that neither of these companies actually > seem to exist anywhere... at least not on -this- planet... my attention was > further called to the pair of /22 blocks that have been sub-allocated by > Marton Media (Poland) to this thing they are calling "Hostermatrix LLC". > > The reverse DNS for those blocks looked like this, just a few short > days ago, on November 16th: > > https://pastebin.com/raw/hjWG5KxA > > But apparently, that all has been changed rather substantially, just in the > past few days, so now it all looks like this instead: > > https://pastebin.com/raw/58qCdPrc > > (You might call this the "Schrodinger Effect". When researching bad guys > on > the Internet, their stuff may change, even as you are looking at it, and > perhaps even -because- you are looking at it.) > > Anyway, the rDNS listing, as it was on the 16th, looked more than a little > fishy. Why would anyone need quite this many different outbound SMTP > servers? > > The one and only second-level domain name that appeared in the rDNS listing > as of the 16th was "sm-smtp.net". I did a bit of research on that domain > name and found that historical passive DNS associates that domain, quite > unambiguously, with another domain name, sendermatrix.net. > > It didn't take much more research for me to find out that a company called > Sender Matrix, LLC is in fact registered in the State of Florida to a Mr. > Jay Passerino. Mr. Passerino appears to have registered a number of > different > Florida companies: > > Haggle USA Corp. > Mahem Partners, Inc. > Sourcehire, LLC > Boat App, LLC, > All In Nutraceuticals, LLC > Miami Suppliments, LLC > Balladex Enterprises, LLC > Sender Matrix, LLC (http://sendermatrix.com/) > Gasher, Inc. > Digital Platinum, Inc. (http://digital-platinum.com/) > BB Ventures, Inc. > > Of course, there's nothing at all wrong with Mr. Passerino having prolific > and multiple business interests, however a fellow who also, coincidentally, > has the name Jay Passerino, and who also, coincidentally, hails from the > State of Florida seems to have gotten into what the Brits might call "a > spot > of bother" with respect to not one but -two- U.S. federal regulatory > agencies > of late, specifically the SEC and the CFTC, both of which appear to have > taken serious issue with this Mr. Jay Passerino's business practices, along > with those of several of his cohorts: > > CFTC Press Release: > https://www.cftc.gov/PressRoom/PressReleases/7807-18 > > SEC Press Release: > https://www.sec.gov/news/press-release/2018-216 > > As you can see, both the SEC and the CFTC elected to take issue... on the > exact same day, by the way... with this Mr. Jay Passerino's activities on > the Internet, and specifically relating to "pump and dump" email scams. > > Returning now to the subject of the two /22 sub-allocations that were made > by this Polish outfit, Marton Media, to this apparently non-existant > corporate > entity called "Hostermatrix LLC", i hope that it will not escape anoyone's > notice that whereas the IPv4 blocks in question have been provided... > seemingly > to an Internet crook named Jay Passerino... by a Polish company, the actual > -routing- of each of these blocks shows the participation of some other > actors within two more (different) European countries: > > 91.149.232.0/22 - > routed by AS51765 (Oy Creanova Hosting Solutions Ltd. - Finland) > > 91.149.252.0/22 - > routed by AS24768 (ALMOUROLTEC
Re: Dedicated Server and IP anycast provider recommendation
Gigenet.com can be done in two or three locations , La, Chicago, ashburn, and done with dedicated, colo or cloud. On Tue, Aug 7, 2018 at 8:50 AM John Kristoff wrote: > Friends, > > For those that may have used or know of a service like this. I know > some exist, but it doesn't seem to be that popular or widely advertised > as a standard service. > > I'm interested in pointers to a hosting/network provider that leases > dedicated servers and can provide an anycast IP address assignment to > two or more US-diversely connected POPs, but with reasonably consistent > routing (e.g. peering, transit). A customer-shared prefix is OK. I'm > interested in pointers to networks that would provide the prefix and > handle all the routing. > > If you represent a network and sales is part of your job, I don't mind > an off list pointer to a web page describing such a service, but please, > this is not an invitation for "call me to discuss needs and options" > replies nor an opportunity to get me on your customer prospect list. > You likely ensure I never do business with you if you do either of > those things. :-) > > Thank you, > > John >
Re: Rising sea levels are going to mess with the internet
How often does someone ask you for a breakfast sandwich? On Mon, Jul 23, 2018 at 3:19 PM Bob Evans wrote: > How much ocean water displacement is taking place in Hawaii as a result of > eruptions? How about volcanoes we don't know about deep in the ocean? > > In the last 5 years, California governments have played a negative roll in > the burning of well over a million acres. These carbon emissions are > rarely calculated and considered as a cause of global warming. How many > California miles driven in cars = one 250,000 acre fire? I don't know. > > Did you know there are adults in California that don't think burning trees > emit carbon emissions that count unless it happens in a man made fireplace > ? Yes, most of those people went to high school in California. > > But anyways - can we please drop the non-internet related discussions from > filling my nanog filtered technical email folders? > > Lots of smart people to have discussions with in nanog...maybe we create a > list called nanog-other-st...@nanog.org > > Thank You > Bob Evans > CTO > > > > > > On 23/07/2018 20:03, Owen DeLong wrote: > >> It shows China, the most heavy handed of the three economies in the > >> graphic as having an accelerating growth in carbon emissions. It does > >> show that the EU started a downward trend earlier than the US, but that > >> the downward trend in the EU appears to be leveling off and the US > >> downward trend looks to be steeper now and accelerating. > >> > >> In addition, if you drill down to the individual EU countries, several > >> of them are, in fact, headed up while the more market-based members of > >> the EU seem to be headed down or having leveled off after a sharp > >> decline earlier. > > > > The data is flawed. The carbon emissions per country don't include > > import, so you can just import the most carbon-heavy product from China > > and you will see your country emissions falling and China's growing. > > > > And the carbon emission of USA doesn't include Pentagon, while any other > > army is included in it's country numbers. > > > > So we can' really compare such flawed data - these are just numbers for > > politicians but they have nothing in common with reality. > > > > Regarding rising sea levels - I wonder why nobody mentioned submarine > > fiber landing stations. If something will be affected, it will be them. > > > > -- > > Grzegorz Janoszka > > > > >
Re: AutoTask as a ticketing system in a MNS NOC
Well what do u recommend Sent from my iPhone On Aug 7, 2014, at 3:08 PM, Chris Adams c...@cmadams.net wrote: Once upon a time, Chris Garrett ch...@aperturefiber.com said: Does anyone on list have any firsthand experience with this software as a primary ticketing platform in a high volume NOC? A small ISP I used to work for switched to Autotask a couple of years ago, and I was not impressed. The web UI was slow, the API was slower, and their standard mail gateway was broken. For example: they used AT for CRM as well, and the mail gateway tried to auto-associate tickets with contacts based on email address. That would be great, but we had some people that were contacts for multiple customers (using the same email address), and emails from them to the ticket system would just go into a black hole (no ticket, no bounce, no notification). There are various third-party tools available to handle the email gateway as well; I don't know how well they may work, but it seemed to me that a ticket system that needed third-party tools to handle email was broken. -- Chris Adams c...@cmadams.net
Re: DDoS mitigation Equinix?
Equinix doesn't provide Ddos protection , cloud flare is able to mitigate attacks by spreading out the traffic across 20-30 different pops which are mostly located at Equinix. Cloud flare is pretty much a cdn , people have been using cdns for years to mitigate Ddos like akaimi , wasn't really popular though because of how expensive cdns like Akamai were, btw they recently bought prolexic. Cloud flare as far as I know does not sell Ddos protection service by any other means then there web proxy/cache service. Also there core business isn't Ddos protection it's website optimization via cdn type setup. Our company also uses Equinix and other carrier hotels to provide Ddos protection, we provide a connection to our network by cross connects or peering exchanges , 1 gig or 10 gig and filter the Ddos before it leaves our network, this can be on full time or only when an attack is detected. Other methods of filtered traffic delivery are gre VPN tunnels and reverse proxy method. The difference between us , prolexic vs cloud flare is the different delivery methods allow protection against attacks towards other services and protocols besides http protocol/websites, and protection against entire networks versus an individual domain, it's just a different business model going after different market segments. Sent from my iPhone On Jul 19, 2014, at 2:44 AM, Abuse Contact stopabuseandrep...@gmail.com wrote: Hi, I've heard that using Equinix has it's DDoS protection benefits like large companies such as CloudFlare use them for DDoS mitigation, I don't get it, how do they help with DDoS protection? You still get a 1Gbit from them or whatever and also do you guys know around how much they'd cost? Thanks! Sent from my iPhone On Jul 19, 2014, at 2:44 AM, Abuse Contact stopabuseandrep...@gmail.com wrote: Hi, I've heard that using Equinix has it's DDoS protection benefits like large companies such as CloudFlare use them for DDoS mitigation, I don't get it, how do they help with DDoS protection? You still get a 1Gbit from them or whatever and also do you guys know around how much they'd cost? Thanks!
Re: DDoS mitigation Equinix?
It was none of the mentioned , didn't wanna come off as advertising .. Gigenet is the company Sent from my iPhone On Jul 20, 2014, at 1:51 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Sun, Jul 20, 2014 at 10:32 AM, Ameen Pishdadi apishd...@gmail.com wrote: Equinix doesn't provide Ddos protection , cloud flare is able to mitigate attacks by spreading out the traffic across 20-30 different pops which are mostly located at Equinix. Cloud flare is pretty much a cdn , people have been using cdns for years to mitigate Ddos like akaimi , wasn't really popular though because of how expensive cdns like Akamai were, btw they recently bought prolexic. Cloud flare as far as I know does not sell Ddos protection service by any other means then there web proxy/cache service. Also there core business isn't Ddos protection it's website optimization via cdn type setup. Our company also uses Equinix and other carrier hotels to provide Ddos protection, 'our company' .. since use used 3 different names of companies in the previous part of the message, which one is 'our' ? we provide a connection to our network by cross connects or peering exchanges , 1 gig or 10 gig and filter the Ddos before it leaves our network, this can be on full time or only when an attack is detected. Other methods of filtered traffic delivery are gre VPN tunnels and reverse proxy method. The difference between us , prolexic vs cloud flare is the different delivery methods allow protection against attacks towards other services and protocols besides http protocol/websites, and protection against entire networks versus an individual domain, it's just a different business model going after different market segments. Sent from my iPhone On Jul 19, 2014, at 2:44 AM, Abuse Contact stopabuseandrep...@gmail.com wrote: Hi, I've heard that using Equinix has it's DDoS protection benefits like large companies such as CloudFlare use them for DDoS mitigation, I don't get it, how do they help with DDoS protection? You still get a 1Gbit from them or whatever and also do you guys know around how much they'd cost? Thanks! Sent from my iPhone On Jul 19, 2014, at 2:44 AM, Abuse Contact stopabuseandrep...@gmail.com wrote: Hi, I've heard that using Equinix has it's DDoS protection benefits like large companies such as CloudFlare use them for DDoS mitigation, I don't get it, how do they help with DDoS protection? You still get a 1Gbit from them or whatever and also do you guys know around how much they'd cost? Thanks!
Re: Open Resolver Dataset Update
In the last 2 weeks we have seen double the amount of ddos attacks, and way bigger then normal. All of them being amplification attacks. I think the media whoring done during the spamhaus debacle motivated more people to invest time building up there openresolver list, since really no one has disclosed attacks of that size and gave the blueprints of how to do it. Now we know the attack has been around for awhile but no one really knew how big they could take it until a couple weeks ago.. Now I know your openresolver DB is meant to get them closed but it would take only a small amount of someones day to write a script to crawl your database.. You go to fixedorbit.com or something of the sort, look up the as's of the biggest hosting companies, plop there list of ip allocaitons in to a text file, run the script and boom i now have the biggest open resolver list to feed my botnet.. Maybe you should require some sort of CAPTCHA or registration to view that database. While im sure people have other ways of gathering up the open resolvers , you just took away all the work and handed it to them on a silver platter. While i am and others surely are greatful for the data, i think a little more thought should be put in how you are going to deliver the data to who should have it, and that would be the network / AS they are hanging off of. just my 2 cents.. P.S. I would like to get a list for our AS off list if you can reply back directly. On Tue, Apr 9, 2013 at 3:15 PM, Jared Mauch ja...@puck.nether.net wrote: Tom, The main criteria is the RCODE=0 vs RCODE=5 refused. I exposed the Recursion Available bit this last week to cover more of the use cases, but many servers provide a very large referral to root. You are correct in that your system doesn't provide that so should be less visible as a result. I haven't coded everything to pull out that level of data from the responses. Of the responding IPs, a fair percentage 89% respond with the RA bit set. I'm working to close the gap on exposing the direct data of those last 11% in a more detailed bit of information, including if it provides a root referral or otherwise. Hope this helps, - Jared On Apr 9, 2013, at 8:59 AM, Tom Laermans tom.laerm...@phyxia.net wrote: Jared, If you mean there can be a referral with RCODE=0 and Recursion Available = 0, you'll need a third column actually documenting if there is a referral. This server is listed in ORP: $ dig www.google.be @195.160.166.139 ; DiG 9.7.3 www.google.be @195.160.166.139 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 615 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.google.be. IN A ;; Query time: 6 msec ;; SERVER: 195.160.166.139#53(195.160.166.139) ;; WHEN: Tue Apr 9 14:58:21 2013 ;; MSG SIZE rcvd: 31 RCODE=0, Recursion available=0: http://openresolverproject.org/search.cgi?mode=search6search_for=195.160.166.0%2F24 Hence my question, what is it doing wrong? Tom On Mon, 2013-04-08 at 07:05 -0400, Jared Mauch wrote: The referral, including a referral to root can be quite large. Even larger than answering a normal query. I have broken the data out for the purpose of letting people identify the IPs that provide that. Jared Mauch On Apr 8, 2013, at 3:08 AM, Tom Laermans tom.laerm...@phyxia.net wrote: As far as I know, responding either NOERROR or REFUSED produces packets of the same size.
Re: Ddos mitigation service
Hi Matt , Are you still looking for ddos protection? Thanks, Ameen Pishdadi On Jan 31, 2013, at 12:13 PM, matt kelly mjke...@gmail.com wrote: Can anyone recommended ddos mitigation companies with US east coast presence that provide the services via bgp? We are not interested in an appliance but rather offloading the traffic. Thanks.
Device specifically made for high capacity GRE tunnels for dozens of sites
Hello, Can anyone recommend a device that will allow for multiple gigabit gre tunnels with ability to handle up to a million pps? I know it can be done on a bsd or nix box , or something running junos but Im looking for something specifically made and tailored for GRE tunnels. Thanks, Ameen
Re: Netflix transit preference?
Hurricane electric has a very open peering policy , can peer with them at any major Equinix with pretty much no push or pull requirements , which is why Netflix prefers them cause it costs them almost nothing , why pay hurricane for transit when most of there connectivity can be accessed by peer routes pretty much for free through Equinix exchange or any2... On Thursday, December 27, 2012, randal k wrote: Hey NANOG! I work at a datacenter in southern Colorado that is the upstream bandwidth provider for several regional ISPs. We have been investigating our ever-growing bandwidth usage and have found that out of transits (Level3,Cogent,HE) that Netflix always seems to come in via Hurricane Electric. (We move ~1.4gbps to Netflix, and are thus not a candidate for peering. And they have no POP close.) I tested this by advertising a /24 across all providers, then selectively removed the advertisement to certain carriers to see where the bandwidth goes. In order, it appears that if there is a HE route, Netflix uses it, period. If there isn't, it prefers Level3, and Cogent comes last. Since Netflix is a big hunk of our bandwidth (and obviously makes our customers happy), we are included to buy some more HE. However, if Netflix decides that they want to randomly switch to, say, Cogent, we may be under a year-long bandwidth contract that isn't particularly valuable anymore. With all of that, I am interested in finding out of any knowledge about Netflix transit preferences, be it inside information, anecdotal, or otherwise. I did email peering@ but haven't heard back, thus the public question. Thanks! Randal
Re: Solutions for DoS DDoS
Sounds like an advertisement to me Thanks, Ameen Pishdadi On Dec 10, 2012, at 7:22 AM, Vasile Borcan naitlu...@gmail.com wrote: Try the DDoS attacks detection and mitigation software named WANGUARD from http://www.andrisoft.com. It's not expensive and non-profit organisations like you are granted with a 30% discount. Install it on a Linux server and you'll have DDoS attacks detection in no time. Since you're not a carrier the DDoS scrubbing feature won't be useful to you, but the black hole routing probably will. You can also configure it to send alerts to your upstream carrier or to your attackers' ISPs. On Thu, Dec 6, 2012 at 7:51 PM, Mike Gatti ekim.it...@gmail.com wrote: Hello Everyone, I'm assisting a non-profit organization to research solutions to secure their network from DOS/DDOS attacks. So far we have gone the route of discussing with their ISP's to see what solutions they have to offer, believing that the carriers are better positioned to block the attack from the source. I wanted to get the lists thoughts on our approach going the carrier route and/or hear about successful implementation of other solutions. Thanks, -- Michael Gatti 949.371.5474 (UTC -8)
Re: Apple iMessage
not only issues, but getting messages that were either not directed to me or delivered weeks late, my girlfriend downstairs just got a text from me that i didnt sent, said it was sent at 10am this morning, but i never sent her a message at that time or a message ever in a sentence the way it was worded.. On Sun, Nov 18, 2012 at 4:39 PM, Andrey Khomyakov khomyakov.and...@gmail.com wrote: Still out for me in MA and a friend in IL --Andrey On Sun, Nov 18, 2012 at 4:56 PM, Steven Noble sno...@sonn.com wrote: It came back for me.. was doing txt messages between iPhones but now iMessage but delayed. On Nov 18, 2012, at 1:37 PM, Zaid Hammoudi zaid.hammo...@gmail.com wrote: Seeing the same thing here in Edmonton AB. Sent from my iPhone On 2012-11-18, at 1:13 PM, Grant Ridder shortdudey...@gmail.com wrote: Hi, Is anyone having trouble with apples iMessage service? A friend and I are in Wisconsin and Illinois respectfully and messages via iMessage are taking up to several minutes to send. I am using a 4s on iOS 5 and my friend is using a 3GS. Thanks Grant
Transport Fee's (Taxes and random telecom fee's)
Hello Everyone, We purchase 10Gig waves for transport out of our datacenter and are trying to figure out why the taxes on the circuits are so much. We are paying around 60% additional in taxes and fee's on top of the cost of the circuit. Ofcourse when we were negotiating pricing , it seemed like a great price until we got our first bill, they forgot to mention that we would be paying such fees. It seems like these taxes would be for companies who would be using transport services for voice, but we are all data. Is there any way to get a tax exempt status? How come the same fee's do not apply to dark fiber? We are in process of getting dark fiber to replace the transport circuits but its going to take quite some time as we have a few more years on some of the contracts. The dark fiber we do have there is no taxes at all. Can anyone shed any light on this?
Re: Transport Fee's (Taxes and random telecom fee's)
How do we get tax-exempt status though, with ITFA / ITNA Exemption like faisel said? On Fri, Sep 14, 2012 at 4:23 PM, Carlos Alcantar car...@race.com wrote: Typically you have to file once a year with the companies to let them know you are tax exempt. As your company status may change. Carlos Alcantar Race Communications / Race Team Member 1325 Howard Ave. #604, Burlingame, CA. 94010 Phone: +1 415 376 3314 / car...@race.com / http://www.race.com -Original Message- From: Mark Keymer m...@viviotech.net Date: Friday, September 14, 2012 9:53 AM To: nanog@nanog.org nanog@nanog.org Subject: Re: Transport Fee's (Taxes and random telecom fee's) I had to deal with this with an upstream once that was taxing me. Finally got it all worked out after sending in copies of the law and getting the CEO involved. However a year or two later I started to get taxed again when the company was bought out. Had to resend copies of the law (Fed and State) over to them again. I also had the full conversation with the previous CEO so I sent that over as well as he was now a VP under the new company. Do to how much of a hassle I had to go through, I am guessing they still keep charging tax on other clients that probably should not have been! Sincerely, Mark Keymer On 9/14/2012 8:15 AM, Faisal Imtiaz wrote: All Communication Circuits are subject to Communication Taxes, as per Tax laws of that State. Having said that... if this communication circuit is carrying Internet Traffic, you can contact the Carrier and Ask them to provide you the forms so that you can Claim ITFA / ITNA Exemption ...(if you are not in a grandfathered state) Google for Internet Tax Freedom Act and review the Wikipedia article for more details and history. In regards to Dark Fiber. Active Circuits = i.e. circuits where signaling is provided by the Carrier are considered to be Communication Circuits and are subject to Communication taxes, as per the State Laws. Dark Fiber is considered to be an asset purchase .. i.e. like leasing Office Space/ Automobile / or Machinery... and as such the Lease Payments are subject to Sales Taxes only (again, details may vary from State to State). Regards. Faisal Imtiaz Snappy Internet Telecom 7266 SW 48 Street Miami, Fl 33155 Tel: 305 663 5518 x 232 Helpdesk: 305 663 5518 option 2 Email: supp...@snappydsl.net On 9/14/2012 10:29 AM, A. Pishdadi wrote: Hello Everyone, We purchase 10Gig waves for transport out of our datacenter and are trying to figure out why the taxes on the circuits are so much. We are paying around 60% additional in taxes and fee's on top of the cost of the circuit. Ofcourse when we were negotiating pricing , it seemed like a great price until we got our first bill, they forgot to mention that we would be paying such fees. It seems like these taxes would be for companies who would be using transport services for voice, but we are all data. Is there any way to get a tax exempt status? How come the same fee's do not apply to dark fiber? We are in process of getting dark fiber to replace the transport circuits but its going to take quite some time as we have a few more years on some of the contracts. The dark fiber we do have there is no taxes at all. Can anyone shed any light on this?
Re: Dear Linkedin,
Don't know if someone already posted this but there forcing people the reset there passwords, but it let's you reset it to the same password as before... How many people are going to use the same pass? I'd say a good portion, LinkedIn needs some new isec employees On Jun 10, 2012, at 6:11 PM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Brett Frankenberger rbf+na...@panix.com But the same reasoning still applies. The card issuers don't want you have to show ID, becuase you might decide it's too much trouble, and just use some other method to pay. Except for Amex, who have always *stringently* required this; I've even seen customer-facing advertising pointing it out. They have to do something to get merchants to take their card with the higher discount rate. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: Recommendation for OOB management via IP
What's wrong with a dsl connection doesn't need to be anything fancy just reliable enough to be up when your other stuff is down Thanks, Ameen Pishdadi On Jun 4, 2012, at 3:45 PM, Hiten J. Thakkar hthak...@ucsc.edu wrote: Hello! My work place is looking for an OOB management over IP. We have Lantronix KVM in our Datacenter with nearly 100% uptime and Lantronix SLC-8/16/48 ports with 2 NICs deployed across various MDFs on campus and remote locations (5). On our main campus we have a parallel net, but for the remote locations we are looking to access Lantronix SLCs' via the second NIC card using IP based solution. Can you kindly make suggestions. I supremely appreciate your time and inputs in advance. -- Thanks and regards, Hiten J. Thakkar
Re: Comcast Paid Peer Pricing
Concast I love it!! Thanks, Ameen Pishdadi On Jun 2, 2012, at 6:57 PM, Justin M. Streiner strei...@cluebyfour.org wrote: On Sat, 2 Jun 2012, Nabil Sharma wrote: Dear NANOG: I seek pricing on Comcast AS7922 paid peer at following commit level: 1G 10G 100G Please reply in private and I will sum up on list. Perhaps these would be worth reviewing? http://www.concast.com/peering/ http://www.comcast.com/dedicatedinternet/?SCRedirect=true http://as7922.peeringdb.com/ Your best bet would be to hit up their sales contact if you want pricing on non-SFI peering. jms
Re: Need (to acquire or sell) IPv4? Come to SpaceMarket.
Lol Thanks, Ameen Pishdadi On May 30, 2012, at 10:07 PM, Nathan Eisenberg nat...@atlasnetworks.us wrote: None of these jokes are class-e. -Original Message- From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org] Sent: Wednesday, May 30, 2012 7:44 PM To: STARNES, CURTIS; 'lann...@lanning.cc'; nanog@nanog.org Subject: RE: Need (to acquire or sell) IPv4? Come to SpaceMarket. I guess I will just have to settle for selling my 224.0.0.0/24 :- -Original Message- From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org] Sent: Wednesday, May 30, 2012 9:41 PM To: 'lann...@lanning.cc'; nanog@nanog.org Subject: RE: Need (to acquire or sell) IPv4? Come to SpaceMarket. I thought the 10.0.0.0/8 was mine. I was going to sell some of it! Curtis -Original Message- From: Robert Hajime Lanning [mailto:lann...@lanning.cc] Sent: Wednesday, May 30, 2012 5:51 PM To: nanog@nanog.org Subject: Re: Need (to acquire or sell) IPv4? Come to SpaceMarket. Can I trade in my class A? (10/8) On 05/29/12 17:43, The SpaceMarket wrote: IPv4 is not going away as quickly as many would like. Most realistic observations show IPv4 will still be the numbering scheme most widely deployed and utilized for the next decade. This due mainly to peers and providers whom have not deployed IPv6 and ISP end-users, which continue to use, antiquated operating systems. SpaceMarket provides a platform for entities to acquire additional resources that find themselves deficient, and a platform for those with excess/unused resources to monetize their valuable resources. Our platform is safe, secure and confidential. Buyers and sellers can rest assured that their trades will be executed without a hitch (no hijacked network ranges or scammers) as each network allocation available has been thoroughly investigated and tested (we’re either announcing or have announced the networks available for an extended period of time), and upon request by either the buyer or seller, SpaceMarket will serve as an escrow agent for the transaction. Currently (as of this writing), there we have just over 150,000 addresses available for immediate use. This may seem like a low number, but allocations are listed and acquired daily using our automated system—we don’t have to be involved in your transaction. In order to provide our services without hassle and confidentially, we provide access to our trading platform via Tor (as a Tor Hidden Service). This allows our members to connect freely and without worry as to who may be monitoring your online activities or visitors to our site. Additionally, access to the site is restricted to active members of our trading community. For more information on our service, site URL or membership please e-mail us at spacemar...@tormail.org. We look forward to assisting you with your IPv4 needs! Please use our public key (below) when corresponding via E-mail. Don’t forget to send us yours! -- Mr. Flibble King of the Potato People
Re: Need (to acquire or sell) IPv4? Come to SpaceMarket.
Of all the people you pick to spam you picked NANOG, maybe you should hit up bugtraq next On May 29, 2012, at 7:16 PM, Timothy McGinnis mc...@isc.org wrote: Dear Unnamed person at The SpaceMarket, This list has an Acceptable Use Policy at: http://www.nanog.org/mailinglist/ Acceptable Use Policy 1. Discussion will focus on Internet operational and technical issues as described in the charter of NANOG. http://www.nanog.org/governance/charter/ 2. Postings of issues inconsistent with the charter are prohibited. 3. Cross posting is prohibited. 4. Postings that include foul language, character assassination, and lack of respect for other participants are prohibited. 5. Product marketing is prohibited. 6. Postings of political, philosophical, and legal nature are prohibited. 7. Using list as source for private marketing initiatives is prohibited. 8. Autoresponders sending mail either to the list or to the poster are prohibited. Individuals who violate these guidelines will be contacted and asked to adhere to the guidelines. Please take your Unsolicited Bulk Mail elsewhere. -- Cheers, McTim On 5/29/2012 8:43 PM, The SpaceMarket wrote: IPv4 is not going away as quickly as many would like. Most realistic observations show IPv4 will still be the numbering scheme most widely deployed and utilized for the next decade. This due mainly to peers and providers whom have not deployed IPv6 and ISP end-users, which continue to use, antiquated operating systems. SpaceMarket provides a platform for entities to acquire additional resources that find themselves deficient, and a platform for those with excess/unused resources to monetize their valuable resources. Our platform is safe, secure and confidential. Buyers and sellers can rest assured that their trades will be executed without a hitch (no hijacked network ranges or scammers) as each network allocation available has been thoroughly investigated and tested (we’re either announcing or have announced the networks available for an extended period of time), and upon request by either the buyer or seller, SpaceMarket will serve as an escrow agent for the transaction. Currently (as of this writing), there we have just over 150,000 addresses available for immediate use. This may seem like a low number, but allocations are listed and acquired daily using our automated system—we don’t have to be involved in your transaction. In order to provide our services without hassle and confidentially, we provide access to our trading platform via Tor (as a Tor Hidden Service). This allows our members to connect freely and without worry as to who may be monitoring your online activities or visitors to our site. Additionally, access to the site is restricted to active members of our trading community. For more information on our service, site URL or membership please e-mail us at spacemar...@tormail.org. We look forward to assisting you with your IPv4 needs! Please use our public key (below) when corresponding via E-mail. Don’t forget to send us yours! -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.10 (GNU/Linux) mQINBE/FaAgBEADT4VpYwIRnUj8R7tFAAWdcHBHR9SEpebBskq400kG50UA8o3Cq Ox5tBfY0It9AOaRE6yhOu7TcPbLrJyjjkl2UqqpMF/pIRasqXTbwHKT1vkpt22Oc CtHFmXSY4KgE51lfHq7ijRt+m9B3j78Jr6uklpca8IW41eXNyje4272DLv4L1wHR X00VXPr6pULn3bgm/KfnwmmY0ucpDlLJIZ1xsRFTstNKrA5d0K96RhhqDWcaZGyf 21nskMRwRahO+VcRVE4515AZ09L1CfSoUbNOVtSHIiANYSPbq9QQHNeBas5MJkuA 2aZ/TyCEJ501AtTKL735w1ile+3DMK/sRQhEOzTp/Y4AmIDJSKRDYnhJnE9T2x/C bud54hvoT+sx7xq3Fbo18xCAeBWDO/3k2G44z2ecyAzGCP8YUGAVp5sa+X7nHvZR Z2W+DQn/XuPXPSzsbPqh6wxnhrr5/0IdU06jjLK398n+r2eM8nDJnm8BFYICrBE4 UcG4Jd2KHejL+PeIB1IO4KHmmCJD3W1Ya1zi2wUjPX5PB3gf3p492+2iowu/k9kt FyTx+FoVZQDfqUGdBm7C8JvwNCXB2c92P58mV8ds0vmGPoMk7zioWMspInVFDXUB vbShwtK4eowfoT3u1PwtgRJdsKzDZ3TTIKqmGFF24OkP2c2s5DBi2W/PYwARAQAB tCVTcGFjZU1hcmtldCA8c3BhY2VtYXJrZXRAdG9ybWFpbC5vcmc+iQI3BBMBCAAh BQJPxWgIAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEOaJI/0SIsh9MpgP /R3uEtdnJWbTlI1uaJQ/50Xh7XtarY+qKSlK/YC059v4mJYgRx+la15pmryGyKDF 1qyPu+EI1r437EREr8uGy+LFqI2lD4oKXxvJRDJSqaiwYpAVM2t/prE9bYju5puS VZbeNEsUse9MthhoesOg+fGfsI6P5W1aAWQswKWDM/tegjW+NPXbv8yWnC7Vfe6b HUghDlUETihleohWxtoqGla6I7s8qxYMFa684mF84Xyrnj/5DIey8Z5ROwwqQv4y M2jVOPpa02S1tyLd4aNI2pP7IVsBMK9uvsN+VBKUtGlhap1RSAMQaFWoKR0L1M3o V3LkmezSKaMjlk2XhSzokJP9snV99KRMxMjlCQwEnS7dct6JLokU1cYNyHSSjDOC WN57FeBt4pnG1HA31Z2B81jz3oKzYN2lOqAvY5L657sIUWWoPfhGjkEIiFtlRGCl WvEg4xyXRUf2dsXFHsYqDsMzR3p67L2CwTNErqF5ZhwxchuNp6E1gIdYoZghcYuT myxbGF0uFTH7ymg3yzJxuE/78iqhbMGAnkwdCa2GaczmymQiWkNqVQjpZizUdN7w hTrm5vQ9OucrpHCFoLOZ3Kk29o7m586I3welE0Kz4cmDdcoqM798k3/BxKUTAHFv FNhjHfzllDy1QiLXbm9z+Uu/oIr/h/X8DNRHzFXNwqcUuQINBE/FaAgBEADBqS9r 49m5RmRUH/YTy6V2iAwdf6fTzr+hOT9FDhdKYfF9TEgT4ZZEIg1BLhCUlwfSO3Ex xCFt8Wdtnbs/z6pd5iFb+Gm11q/CPUMBq7lgiLrO9FNLg8geTlyHGgDQNm8w5At4 gvi5Y7r17UlVrmd71H9ZpmB1iN8uM2pjirD5WRYAyX3KdYhzEJmorA6HKn5OSM/8
Re: Cogent for ISP bandwidth
last time i checked .75 x 1000 = 750 On Tue, May 15, 2012 at 9:58 AM, Nicolai nicolai-na...@chocolatine.orgwrote: On Mon, May 14, 2012 at 09:38:34PM -0500, Ameen Pishdadi wrote: No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig That's $7.50 per 1000mbps. Sign me up! Nicolai
Re: Cogent for ISP bandwidth
dam, i think this got more replies then the original thread in 10 minutes. lol On Tue, May 15, 2012 at 5:22 PM, Robert Bonomi bon...@mail.r-bonomi.comwrote: From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Tue May 15 16:53:50 2012 From: A. Pishdadi apishd...@gmail.com Date: Tue, 15 May 2012 16:51:20 -0500 Subject: Re: Cogent for ISP bandwidth To: Nicolai nicolai-na...@chocolatine.org Cc: nanog@nanog.org last time i checked .75 x 1000 = 750 0.75 CENTS (as previously claimed) per meg is 750 CENTS per gig, or $7.50/gig. I suspect you 'meant '75 cents' (or '$0.75') per meg, but that is -not- what you said. :) On Tue, May 15, 2012 at 9:58 AM, Nicolai nicolai-na...@chocolatine.org wrote: On Mon, May 14, 2012 at 09:38:34PM -0500, Ameen Pishdadi wrote: No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig That's $7.50 per 1000mbps. Sign me up! Nicolai
Re: Cogent for ISP bandwidth
No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig Thanks, Ameen Pishdadi On May 14, 2012, at 5:03 PM, Jason Baugher ja...@thebaughers.com wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
Has nothing to do with whether or not they deal with all the major carriers , they are a budget provider , always have , always will be. Aside from that what matters the most is eye ball user connectivity and level3 , ATT, Verizon significantly have more eye balls connected directly to there network then cogent , we have cogent and level3 and 5 other providers on our Chicago network , with out any traffic engineering almost every thing will come in or go out level3, we use traffic optimizing equipment to automate our commit levels and also do performance based routing adjustments , I literally have to put a gun to its head to get a descent amount of traffic out to cogent , you may say it's a matter of opinion but statistics don't lie, even Telia out performs cogent according to stats , not just cause they have a massive eye ball network in Europe. Ask yourself , who are the majority customers of cogent? Not end user ISPs , hosting companies aka content providers, and when there selling bandwidth cheaper then it costs to peer then there going to keep there costs to the minimum ... Cheaper is cheaper , the saying is true , you get what you pay for. A Kia and Ferrari can both get me from point a to point b, but the Ferrari is capable of getting me there way quicker, and yes I'm going to pay a premium for it but if I'm going from NYC to San Fran I'd definitely feel safer in the Ferrari reliability wise and get there a hell of a lot quicker... But like I said and the other 10 replies nothing wrong with cogent in a nice blend of 3 or more other providers ... Thanks, Ameen Pishdadi On May 14, 2012, at 10:49 PM, Faisal Imtiaz fai...@snappydsl.net wrote: I often tell folks, Cogent is the 'Heidi Fleiss' of the industry .. pretty much everyone of the major carriers / providers deal with them.. but no one wants to admit it. I don't think there is any carrier out there that could be considered 'Premium' in terms of quality of service (yeah their are a lot of folks who are Premium based on what they charge)... One can only hedge one's bet for a quality connection by having multiple providers (you can mix and match) or go with some one like Internap or Tinet (folks who are taking traffic across multiple providers at their POP). Of course your mileage may vary as long as you have alternate connectivity, it makes dealing with issues more palatable, whether it is Cogent or Level3... Regards. Faisal Imtiaz Snappy Internet Telecom On 5/14/2012 10:38 PM, Ameen Pishdadi wrote: No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig Thanks, Ameen Pishdadi On May 14, 2012, at 5:03 PM, Jason Baugherja...@thebaughers.com wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: CDNs should pay eyeball networks, too.
Right on Thanks, Ameen Pishdadi On May 1, 2012, at 11:39 AM, Dominik Bay d...@rrbone.net wrote: Yesterday I received the following mail, from a CDN: 8 Greetings, Limelight Networks periodically reviews its interconnection strategy to ensure the quality and integrity of its interconnection between all its partners. We have recently updated our requirements for settlement-free peering which are posted at http://www.as22822.net/ This letter is to notify you that yyy no longer meets our minimum requirements. If yyy would like to maintain our current interconnectivity, there will be settlement associated with doing so. If you are interested in pursuing this option, please reply back to this email indicating such. Should your company decline this option, or if we do not have an agreement regarding the settlement in place prior to May 31st 2012, Limelight Networks will terminate the peering sessions on that day, with this letter serving as 30 day notice. Sincerely, 8 The same mail was sent out last year, about end of April 2011, to another ISP I'm working with. They got depeered, but the ISP which received the mail above yesterday didn't meet the requirements last year either. I totally understand that some companies might not be able to handle sub-5Mbps peering sessions, be it technical or organisational, but =100Mbps should be worth any effort, as long as it improves the network. In this particular case I'm talking about =600Mbps of traffic send out by Limelight to my eyeballs, not mentioning their fairly small footprint in Germany in comparison to other CDNs. These points aside, we are talking about a Content *Delivery* Network here. There are CDNs out there who burn to improve their customer experience (both the content creators and the content receiver) at high cost. Having a Tier1 attitude and telling eyeball networks with 1Gbps of traffic exchanged to bugger off or pay is not one of the ways to improve this. At the end of the day I'm going to charge CDNs who want to deliver their customers content to my eyeballs and make me pay (about 2USD per Mbps, with a minimum of 1Gbps). -dominik
Re: Operation Ghost Click
If the user is stupid enough to be infected for that long I think it's a good thing they get cut off from the net , should be a policy of all ISPs , If your infected then you lose privilege to get online and thus you can't scan and infect other idiots or become a ddos tool for the script kiddies. I for one say turn em off Thanks, Ameen Pishdadi On Apr 27, 2012, at 6:50 PM, Jeroen van Aart jer...@mompl.net wrote: O'Reirdan, Michael wrote: Please look at www.dcwg.org Thanks all for the information. It looks like the practical upshot is that computers that have been infected and not yet fixed may loose the ability to resolve names into IP addresses starting sometime after July 9, which is when the replacement nameservers are supposed to be stopped. That in and of itself is quite a nuisance for the individual as well as the ISP helldesks but it could have been worse. I would certainly not call it Internet doomsday. Greetings, Jeroen -- Earthquake Magnitude: 4.9 Date: Friday, April 27, 2012 21:51:23 UTC Location: Prince Edward Islands region Latitude: -41.1063; Longitude: 43.4278 Depth: 10.00 km
Re: Operation Ghost Click
Nope there dead unfortunately but if they were alive I'd clean up there machines maybe give them chrome books something idiot proof Thanks, Ameen Pishdadi On Apr 27, 2012, at 8:15 PM, ryanL ryan.lan...@gmail.com wrote: On Fri, Apr 27, 2012 at 5:35 PM, Ameen Pishdadi apishd...@gmail.com wrote: If the user is stupid enough to be infected for that long I think it's a good thing they get cut off from the net , should be a policy of all ISPs , If your infected then you lose privilege to get online and thus you can't scan and infect other idiots or become a ddos tool for the script kiddies. I for one say turn em off Thanks, Ameen Pishdadi you're obviously lucky, and don't have stupid grandparents.
Re: Operation Ghost Click
At some point in like 10 years when all the computer illiterate people are gone there will be no more excuses for not being educated on malware and viruses. While I understand the ISP doesn't want to possibly cut into there profit margins they could easily put in place monitoring tools that can detect network traffic that is malware bound and reach out to the customer by email, phone and if need be by person. How much of tax payer money is spent to pay these FEDERAL (F.B.I.) agents to sit here and baby sit these computer ignorant and illiterate people for 6 months? So for the big ISPs like comcast i should pay out of my tax money because they cannot properly enforce a network policy that would require them to actually give a crap what is coming out of there network? There is always going to be viruses and malware, they will find ways to get them through but for heavens sake why would we if identified leave millions of compromised machines online with an attempt to do a cleanup? YOU as a network operator have a responsiblity to the other 40,000 AUTONOMOUS network to make sure your not polluting our private network infrastructure with garbage coming from your users and network. Clean up your mess. Like we will not tolerate spammers being housed on 'hosting' networks why should tolerate malware and infections coming from ISP's??? How much money is spent cleaning up hacked word press servers and udp.pl scripts... This is much bigger issue then at any cost making sure a user can get on to facebook to upload a picture of there cat sleeping upside down. If we enforced a proper policy and held network activity to certain standards the ISP's would fix the issue of ignorant users themselves by #1 educating there users , #2 implementing network monitoring on there outbound traffic to identify sources of infected and compromised machines, #3 implementing a cleanup policy, #4 letting the end user know they have a responsibility to make sure the machines they access the network from are clean and to do checks and to do there antivirus updates and os updates. Oh yah, and if we got all these 'supporting' DNS servers up why not just direct ALL users of it, who are clearly infected to a temporary page that will enlighten the customer that they are infected and give them instructions on clean up and give them a deadline of when there service will stop. How hard is that? On Fri, Apr 27, 2012 at 10:55 PM, valdis.kletni...@vt.edu wrote: On Fri, 27 Apr 2012 21:39:20 -0500, you said: Is it not detected by the common anti-virus software vendors? If the This assumes that the computer hasn't been hit by something *else* that disables the user's AV software. Remember, multiple infections are *common*. internet stopped working on my computer i would reach out to someone who knew how to fix it, keeping these people online and spreading the malware helps how?? The point is that the internet *didn't* stop working, so they have no reason to reach out yet. And no, you can't just blindly cut the users off and make them call the ISP for several reasons: 1) At that point, the ISP incurs an expense to fix a problem they didn't cause. Remember that margins on most consumer-grade Internet accounts are pretty thin, and one long support call can wipe out the profit. So explain why the ISP wants to cut off a user who makes them $10/year profit, and spend $30 or more handling the support call, when they aren't in the business of providing security services to end users? 2) If the user has no POTS, cutting them off may have just cut off their 911 service. You want to take that risk? 3) Many times, there are multiple customer computers behind a NAT. Do you really want the hassle of an irate user calling in because you just broke the dad's VPN to work, because one of their kids has some cruft on their computer? (And no, don't try to tell them they should have bought business class service or similar crap, that *will* lose you a customer). So explain why the ISP wants to cut off the user, when it will cost them money, and possibly a customer?
Re: Operation Ghost Click
On Fri, Apr 27, 2012 at 10:55 PM, valdis.kletni...@vt.edu wrote: On Fri, 27 Apr 2012 21:39:20 -0500, you said: 3) Many times, there are multiple customer computers behind a NAT. Do you really want the hassle of an irate user calling in because you just broke the dad's VPN to work, because one of their kids has some cruft on their computer? (And no, don't try to tell them they should have bought business class service or similar crap, that *will* lose you a customer). The malware isn't infecting the end-uses router therefore if there is multiple users behind that NAT'd router as long as there not infected they won't be shut off when those DNS servers go dark. And if daddy is dumb enough to let his 8 year old son use his PC or laptop w/o proper monitoring and gets infected thats his fault. I know I dont let my 10 year old use my work computers , and he knows how to code , but he is still a child and clicks stupid things. Your basically telling me the ISPs should not take any responsibility, well then how can we get pissed off when a host lets a spammer spam for a week straight and is aware and doesn't shut them off, or notices a DDOS attack is stemming from there network, a customer has 5-6 servers he pays for with unmetered gigabit ports and is clearly blasting someone to hell and back with spoofed packets , but because there margins are so thin they shouldn't turn him off and cancel him so they do not have to cut into there 'margins'... In the network world your either on the content side or the eyeball side, and the eyeball networks seem to have double standards when it comes to network abuse. Until this ends and the double standards stop the amount of malware and attacks will never go decrease. I say to your 'it costs the isp money' to do cleanup, that it costs content providers money to do cleanup of constantly being scanned and probed and hacked by what is mostly hacked end-user machines who got owned browsing the internet because they went to a website that had a virus installed by another end-users machine who was compromised the same way, its a vicious circle and as an operator of a content provider im tired of the other half of the internet not taking there share of the responsibility. /End of rant..
Re: Attack on the DNS ?
Looks like your network has a user or two participating in this retarded attempt to drop the Internet. Thanks, Ameen Pishdadi On Mar 31, 2012, at 8:30 PM, Greg Ihnen os10ru...@gmail.com wrote: I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network. All of my users started complaining yesterday about lost connectivity except for Skype. I had no problems. I checked from the users' computers and could not resolve domain names (when Skype connects and nothing else does it's always been a DNS issue). After much troubleshooting I finally fired up Wireshark and saw that the DNS servers (or someone appearing to have their IP addresses) were replying to our queries with no such name. The reason I was having no problems is I'm using OpenDNS' DNSCrypt. With DNSCrypt on we have no problems. With good old fashioned unencrypted DNS (Googles, OpenDNS', our ISPs) we're barely able to communicate. Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique? Is anyone else seeing this? Greg Ihnen
Re: Switch designed for mirroring tap ports
No the issue isnt monitoring many ports at once, its having more then 1 set of monitoring or 2 sets in the 6500 case. So I am monitoring say port channel 1 to ports 1 2 3 4, and port channel 2 , ports 4 5 6 and 7. After that I cannot monitor anymore ports. On Thu, Mar 1, 2012 at 2:34 AM, gwoo...@gmail.com gwoo...@gmail.com wrote: Instead of monitoring the physical interface, monitor the vlan from a Cisco IOS perspective on a CAT6500. This will capture all physical interfaces associated with that vlan for mirroring/span. HTH Jonathan #22744 Sent from my HTC on the Now Network from Sprint! - Reply message - From: A. Pishdadi apishd...@gmail.com Date: Wed, Feb 29, 2012 11:12 pm Subject: Switch designed for mirroring tap ports To: NANOG nanog@nanog.org Hello All, We are looking for a switch or a device that we can use for mirroring tap ports. For example , take a mirror port off of a core router say a 6509, connect it to a port on said device, say port 1. I would like then to be able to mirror port 1 on said device to multiple ports, like port 2 , 3, 4. We have the need to analyze traffic from one port on multiple devices. Seems most switches are limited to mirroring to a max of 1 or 2 ports. Any suggestions would be great. Thanks, Ameen
Switch designed for mirroring tap ports
Hello All, We are looking for a switch or a device that we can use for mirroring tap ports. For example , take a mirror port off of a core router say a 6509, connect it to a port on said device, say port 1. I would like then to be able to mirror port 1 on said device to multiple ports, like port 2 , 3, 4. We have the need to analyze traffic from one port on multiple devices. Seems most switches are limited to mirroring to a max of 1 or 2 ports. Any suggestions would be great. Thanks, Ameen
Programmers with network engineering skills
Hello All, i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys. If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Re: LAw Enforcement Contact
Andrew , it does fail you. The 35+ employees that work for GigeNET would be really insulted by you insinuating that there job roles have no merit. The combination of all the things they do is what makes the company run. So no Paul does not run the company, put down the crack pipe. Why don't you find something else to troll beside a mailing list of industry professionals and a legitimate request for help. On Mon, Jan 23, 2012 at 3:21 PM, Andrew D Kirch trel...@trelane.net wrote: From memory Ameen Pishdadi is the owner of GIGENET, run by Paul Ashley (Aka XEROX), and comprised of the IP space and assets of FOONET. One would think that he has much contact with law enforcement. Or does my memory fail me? Andrew On 1/22/2012 8:16 PM, A. Pishdadi wrote: Hello, We recently tracked down a botnet that attacked our network. We found the CC server, it has approximately 40-50 servers, consisting of mostly *nix machines with high speed connections, for example AWS servers or dedicated, attack capacity is 4-5Gb/s or more. Is there any contacts with law enforcement here that I can send over the info too? .
LAw Enforcement Contact
Hello, We recently tracked down a botnet that attacked our network. We found the CC server, it has approximately 40-50 servers, consisting of mostly *nix machines with high speed connections, for example AWS servers or dedicated, attack capacity is 4-5Gb/s or more. Is there any contacts with law enforcement here that I can send over the info too? .
Re: LAw Enforcement Contact
The IP's are masked, you only see part of the IP/hostname, if there is someone from amazon here, feel free to contact me. The CC is hosted at theplanet/softlayer On Sun, Jan 22, 2012 at 7:26 PM, Suresh Ramasubramanian ops.li...@gmail.com wrote: FBI sure - but if you have AWS servers in the mix, contact Amazon security first. On Mon, Jan 23, 2012 at 6:46 AM, A. Pishdadi apishd...@gmail.com wrote: We recently tracked down a botnet that attacked our network. We found the CC server, it has approximately 40-50 servers, consisting of mostly *nix machines with high speed connections, for example AWS servers or dedicated, attack capacity is 4-5Gb/s or more. Is there any contacts with law enforcement here that I can send over the info too? -- Suresh Ramasubramanian (ops.li...@gmail.com)
Re: LAw Enforcement Contact
We've been contacted by the Secret Service before regarding customer servers that have been doing shady stuff. apparently they do alot of the cybercrime work for the federal government. from what I've seen we've been contacted more by them then the FBI. I did email a contact from the SS from a issue early in 2011, hopefully he responds. On Sun, Jan 22, 2012 at 7:32 PM, Darius Jahandarie djahanda...@gmail.comwrote: On Sun, Jan 22, 2012 at 20:26, Suresh Ramasubramanian ops.li...@gmail.com wrote: FBI I bet the FBI is going to be _particularly_ focused on dealing with botnets in the coming months. :o) But yes, the FBI is the place to go after contacting whatever abuse departments you can. (It's good to have a little courtesy before bringing out the sledge hammer). -- Darius Jahandarie