Re: BGP over TLS

2019-10-22 Thread Christopher Morrow
On Tue, Oct 22, 2019 at 2:21 PM Bjørn Mork wrote: > > Christopher Morrow writes: > > > The x.509 system, to be effective here would require a TrustAnchor / > > Root-of-Trust that both parties agreed was acceptable... > > As in a shared TrustAnchor? No. Both e

Re: BGP over TLS

2019-10-22 Thread Christopher Morrow
On Tue, Oct 22, 2019 at 6:35 AM Julien Goodwin wrote: > > > > On 22/10/19 4:04 am, Jared Mauch wrote: > > > > > >> On Oct 21, 2019, at 12:30 PM, Joe Abley wrote: > >> > >> On 21 Oct 2019, at 12:05, Keith Medcalf wrote: > >> > >>> On Monday, 21 October, 2019 09:44, Robert McKay wrote: > >>> >

Re: "Using Cloud Resources to Dramatically Improve Internet Routing"

2019-10-20 Thread Christopher Morrow
On Sun, Oct 20, 2019 at 6:10 AM Bjørn Mork wrote: > > Julien Goodwin writes: > > On 20/10/19 11:08 pm, Bjørn Mork wrote: > >> Hank Nussbacher writes: > >>> On 07/10/2019 17:42, Stephane Bortzmeyer wrote: > On Fri, Oct 04, 2019 at 03:52:26PM -0400, > Phil Pishioneri wrote > a

Re: Friendly contact at Comcast about possible RF leaks

2019-10-18 Thread Christopher Morrow
In the general case, I think, the FCC's enforcement branch actually takes care of being a clearinghouse for this sort of problem... according to my friend who used to do this for the FCC anyway. On Fri, Oct 18, 2019 at 1:32 AM Brandon Martin wrote: > > On 9/30/19 10:38 PM, Brandon Martin wrote:

Re: AWS issues with 172.0.0.0/12

2019-10-01 Thread Christopher Morrow
possible that this is various AWS customers making iptables/firewall mistakes? "block that pesky rfc1918 172/12 space!!" On Tue, Oct 1, 2019 at 8:51 AM Stephane Bortzmeyer wrote: > > On Mon, Sep 30, 2019 at 11:38:25PM -0700, > Mehmet Akcin wrote > a message of 131 lines which said: > > >

Re: [nanog] BGP routes by country

2019-09-26 Thread Christopher Morrow
On Thu, Sep 26, 2019 at 4:48 PM Chris Knipe wrote: > > On Thu, Sep 26, 2019 at 9:53 PM Christopher Morrow > wrote: >> >> Maybe asking from the get-go: >> "What are you trying to do?" >> >> because the question asked is fraught with peril an

Re: [nanog] BGP routes by country

2019-09-26 Thread Christopher Morrow
Maybe asking from the get-go: "What are you trying to do?" because the question asked is fraught with peril and disaster... On Thu, Sep 26, 2019 at 3:32 PM Michel Py wrote: > > > Chris Phillips wrote : > > Is anyone offering a service providing BGP routes by country? I'm not > > looking to

Re: Elad Cohen (was: Re: Cogent sales reps who actually respond)

2019-09-19 Thread Christopher Morrow
On Thu, Sep 19, 2019 at 11:43 AM William Herrin wrote: > > > > On Thu, Sep 19, 2019 at 7:58 AM Christopher Morrow > wrote: >> >> What I'm asking is: "there is already repair for the harmed parties, >> if they are not taking advantage of this then I don

Re: Elad Cohen (was: Re: Cogent sales reps who actually respond)

2019-09-19 Thread Christopher Morrow
On Thu, Sep 19, 2019 at 4:05 AM Ronald F. Guilmette wrote: > > In message > > Christopher Morrow wrote: > > >"who cares about the sale?" > > My apologies. I see that I have failed to be adequately clear. > I was misunderstood I think. What

Re: Elad Cohen (was: Re: Cogent sales reps who actually respond)

2019-09-18 Thread Christopher Morrow
en Cannon > CEO 6x7 Networks & 6x7 Telecom, LLC > b...@6by7.net > > > > On Sep 18, 2019, at 6:57 PM, Christopher Morrow > wrote: > > I tried to ask this earlier, I think, but... > > "who cares about the sale?" > > I ask this because I think getting

Re: Elad Cohen (was: Re: Cogent sales reps who actually respond)

2019-09-18 Thread Christopher Morrow
I tried to ask this earlier, I think, but... "who cares about the sale?" I ask this because I think getting wrapped around that axle is the wrong place to spend resources. If the outcome of 'someone' controlling IP space is that there is abusive activity coming from that space and either no

Re: Cogent sales reps who actually respond

2019-09-18 Thread Christopher Morrow
On Wed, Sep 18, 2019 at 11:54 AM Elad Cohen wrote: > > Please see the following link: > > https://afrinic.net/resource-certification > > As you can see, a MyAFRINIC account is required. > seems like you should do this step, then do the rpki step. > Yes, route objects for legacy AFRINIC

Re: Cogent sales reps who actually respond

2019-09-17 Thread Christopher Morrow
On Tue, Sep 17, 2019 at 10:56 PM Patrick W. Gilmore wrote: > > On Sep 17, 2019, at 9:46 PM, Christopher Morrow > wrote: > > On Tue, Sep 17, 2019 at 6:46 PM Martijn Schmidt via NANOG > > wrote: > >> > >> Hi Elad, > >> > >> Is this policy

Re: Cogent sales reps who actually respond

2019-09-17 Thread Christopher Morrow
On Tue, Sep 17, 2019 at 6:46 PM Martijn Schmidt via NANOG wrote: > > Hi Elad, > > Is this policy officially documented by AFRINIC somewhere? Can you make route > objects for legacy AFRINIC resources in their RIR operated IRRDB as a > fallback for RPKI? > > Best regards, > Martijn

Re: RPKI (was: Re: Cogent sales reps who actually respond)

2019-09-17 Thread Christopher Morrow
On Tue, Sep 17, 2019 at 5:49 PM Ronald F. Guilmette wrote: > > In message > , > Martijn Schmidt wrote: > > >Hi Elad, > > > >If you were to create RPKI ROAs for the IPs in question... > > Thanks Martijn, for reminding me of a follow-up point that I had intended > to make regarding my recent post

Re: diversity in the RIPE Route Collectors

2019-09-17 Thread Christopher Morrow
On Tue, Sep 17, 2019 at 6:24 AM Emile Aben wrote: > > Hi NANOG, > > in light of a recent discussion on RIS-live, and a question on where > best have RIS peers, this might be of interest to the NANOG crowd: > https://labs.ripe.net/Members/emileaben/how-diverse-is-ris > thanks for taking a look at

Re: Cogent sales reps who actually respond

2019-09-16 Thread Christopher Morrow
On Mon, Sep 16, 2019 at 9:45 PM Ben Cannon wrote: > > “They also run their links hot which create latency for anything flowing > through it.” > > Mike, I’d have agreed with you - 15 years ago. Is this current at all? My > views on Cogent have evolved dramatically over the years. How recent is

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

2019-09-06 Thread Christopher Morrow
On Fri, Sep 6, 2019 at 8:13 AM Neo Soon Keat wrote: > Sorry, re-sending to include the list. > > Looking at the history of the prefix, it does look like it did belong to > the now-defunct Port of Melbourne Authority, with the matching e-mail > address. That particular organization, however, no

Re: new BGP hijack & visibility tool “BGPalerter”

2019-08-16 Thread Christopher Morrow
On Fri, Aug 16, 2019 at 5:02 AM Robert Kisteleki wrote: > > Hi, > > On 2019-08-15 17:38, Christopher Morrow wrote: > > This looks like fun! > > (a few questions for the RIPE folk, I think though below) > > > > What is the expected load of streaming client

Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17

2019-08-15 Thread Christopher Morrow
(I hate to step into the pond, but...) On Thu, Aug 15, 2019 at 8:02 AM John Curran wrote: > > On 14 Aug 2019, at 11:16 PM, Ronald F. Guilmette > wrote: > > > > Report it on some webpage and call it "Internet > Resources stolen", document every incident as you do via email, send a > copy to the

Re: new BGP hijack & visibility tool “BGPalerter”

2019-08-15 Thread Christopher Morrow
This looks like fun! (a few questions for the RIPE folk, I think though below) What is the expected load of streaming clients on the RIPE service? (I wonder because I was/am messing about with something similar, though less node and js... not that that's relevant here). I hadn't seen the ripe

Re: OT: Tech bag

2019-08-02 Thread Christopher Morrow
On Fri, Aug 2, 2019 at 5:01 PM Valdis Klētnieks wrote: > > On Fri, 02 Aug 2019 14:54:49 -0400, Christopher Morrow said: > > 'server has no ip address' . > > $ ping www.tombin.com > > PING www.tombin.com (127.0.0.1) > > > > good try to get us all infecte

Re: OT: Tech bag

2019-08-02 Thread Christopher Morrow
On Fri, Aug 2, 2019 at 2:50 PM John Covici wrote: > > https://www.tombin.com has some great bags for laptops, etc. Not 'server has no ip address' . $ ping www.tombin.com PING www.tombin.com (127.0.0.1) good try to get us all infected by malware... On a less funny note, try out some of the

Re: Removing defunct IRR records from LEVEL3 rr

2019-08-02 Thread Christopher Morrow
agree with michael, they were super helpful to me over the last few months. On Fri, Aug 2, 2019 at 2:18 PM Michael Davis wrote: > > I recently did this with an email to rout...@level3.net > > Took all of a few hours, no issues.. > > thanks > mike > > On 8/2/19 12:24 PM, Tim Howe wrote: > > Has

Re: email delays from Google

2019-07-31 Thread Christopher Morrow
Trey, the bees behind the hive say: "Please open an issue in this system: https://issuetracker.google.com/issues/new?component=191885; >From what I can tell there are other folk with similar problems so some triangulation on 'what is actually wrong here?' is in order. On Wed, Jul 31, 2019

Re: 44/8

2019-07-19 Thread Christopher Morrow
On Fri, Jul 19, 2019 at 10:58 AM Matt Harris wrote: >Hence it's no longer "legacy" space that isn't covered by an RIR RSA but is >instead now covered by an ARIN RSA. > 'RIR RSA" is not a thing. Legacy blocks are basically drifting in the winds... there's no requirement on the holders to do

Re: 44/8

2019-07-18 Thread Christopher Morrow
On Fri, Jul 19, 2019 at 12:28 AM Bryan Fields wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > > On 7/18/19 11:56 PM, Christopher Morrow wrote: > > Sure,but... that space has been an internet telescope supporting > > numerous research folk for a

Re: 44/8

2019-07-18 Thread Christopher Morrow
On Thu, Jul 18, 2019 at 11:50 PM Majdi S. Abbas wrote: > > On Thu, Jul 18, 2019 at 11:47:21PM -0400, Christopher Morrow wrote: > > Also, who's this 'we'.. I don't live in california... I presume UC is > > getting funding from california, not virginia. (mostly) > > I

Re: 44/8

2019-07-18 Thread Christopher Morrow
On Thu, Jul 18, 2019 at 11:40 PM Majdi S. Abbas wrote: > > On Thu, Jul 18, 2019 at 11:21:58PM -0400, Christopher Morrow wrote: > > who knows? probably? not really my personal concern I guess. > > If they're using taxpayer supported networks to provide transit > to

Re: 44/8

2019-07-18 Thread Christopher Morrow
On Thu, Jul 18, 2019 at 11:13 PM Majdi S. Abbas wrote: > > On Thu, Jul 18, 2019 at 11:02:40PM -0400, Christopher Morrow wrote: > > So.. this is/was a legacy allocation, right? with some 'not great' > > contact/etc info... > > It's been announced by UCSD as a /8

Re: 44/8

2019-07-18 Thread Christopher Morrow
On Thu, Jul 18, 2019 at 10:59 PM Majdi S. Abbas wrote: > > > What's interesting about this is it was not an ARIN allocation, So.. this is/was a legacy allocation, right? with some 'not great' contact/etc info... the ARIN folk could have said: "Well sure! if the current folk who

Re: Performance metrics used in commercial BGP route optimizers

2019-07-16 Thread Christopher Morrow
On Tue, Jul 16, 2019 at 5:22 PM Nick Hilliard wrote: > > Oh I don't know about that. There's been a pile of high profile > incidents which have been associated with "BGP optimisers", affecting > connectivity to huge chunks of the internet, world-wide. How many, exactly and with a

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-16 Thread Christopher Morrow
On Tue, Jul 16, 2019 at 6:28 PM Dan Hollis wrote: > > On Tue, 16 Jul 2019, Michael Thomas wrote: > > But right you are, it's ultimately the carrier who needs to care about this > > problem at or nothing gets better. > > either the carrier starts dealing with it or legislation will come down to >

Re: Colo in Africa

2019-07-16 Thread Christopher Morrow
Isn't the OP really asking here (not to have their selection of platform wrangled..): "Where should I target my search: ZA only? is there anywhere else worth dropping my request?" and: "Are there likely providers of solid colo aside from seacom/tinka-net or workonline/ben-net ?" On Tue, Jul

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-11 Thread Christopher Morrow
umbers, then they should absorb the social costs of what's going on. > > > > Let's not get this confused - this isn't about customer PBXen outpulsing > > forwarded calls when they do it, it's about people shooting millions of > > calls > > a month, the carrier

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-11 Thread Christopher Morrow
of services which callees could subscribe to in order to report reputation and have that be used to influence call completions over time... if only there were such systems in existence already... if only some form of proof of concept existed? > Mike > > > On 7/11/19 10:18 AM, Christ

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-11 Thread Christopher Morrow
On Thu, Jul 11, 2019 at 2:31 PM Keith Medcalf wrote: > > > On Thursday, 11 July, 2019 11:18, Christopher Morrow > wrote: > > >On Thu, Jul 11, 2019 at 12:00 PM Paul Timmins wrote: > > >> Chris it would be trivial for this to be fixed, nearly overnight

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-11 Thread Christopher Morrow
sort of solution has actually got proven track record though? -chris > On 7/11/19 12:09 AM, Christopher Morrow wrote: > > There seem like a bunch of pretty simple 'correlations' one could > > make, that actually look a heck of a lot like 'netflow/log analysis > > for ddos det

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-10 Thread Christopher Morrow
On Wed, Jul 10, 2019 at 11:56 PM Sean Donelan wrote: > > On Tue, 9 Jul 2019, Sean Donelan wrote: > > The agenda looks like lots of happy, happy talk from industry > > representatives. > > In advance of the SHAKEN/STIR robocall summit, AT has issued a press > release announcing plans to

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-08 Thread Christopher Morrow
when do we get back to stir/shaken? On Mon, Jul 8, 2019 at 9:47 PM Keith Medcalf wrote: > > > On Monday, 8 July, 2019 19:28, Michael Thomas wrote: > > >On 7/8/19 6:24 PM, Keith Medcalf wrote: > > >> You are the only person who has mentioned reverse DNS lookups. > > >I'm only trying to guess

Re: FCC workshop: Security vulnerabilities within our communications networks

2019-06-26 Thread Christopher Morrow
On Wed, Jun 26, 2019 at 1:17 PM Sean Donelan wrote: > > On Tue, 25 Jun 2019, Christopher Morrow wrote: > > looks like our best and brightest have the problem resolved, phew! > > we're all safe now. > > The success rate of most groups has been low in this area, so I' will

Re: FCC workshop: Security vulnerabilities within our communications networks

2019-06-25 Thread Christopher Morrow
looks like our best and brightest have the problem resolved, phew! we're all safe now. On Tue, Jun 25, 2019 at 5:26 PM Sean Donelan wrote: > > On Fri, 21 Jun 2019, Sean Donelan wrote: > > Federal Communications Commissioner Geoffrey Starks is holding a workshop > > next week, June 27, 2019, to

Re: Are network operators morons? [was: CloudFlare issues?]

2019-06-25 Thread Christopher Morrow
(thanks, btw, again) On Tue, Jun 25, 2019 at 8:33 AM Patrick W. Gilmore wrote: > It is not like 701 is causing problems every week, or even ever year. If you > think this one incident proves they are ‘morons’, you are only showing you > are neither experienced nor mature enough to make that

Re: CloudFlare issues?

2019-06-24 Thread Christopher Morrow
On Tue, Jun 25, 2019 at 12:49 AM Hank Nussbacher wrote: > > On 25/06/2019 03:03, Tom Beecher wrote: > > Disclaimer : I am a Verizon employee via the Yahoo acquisition. I do > > not work on 701. My comments are my own opinions only. > > > > Respectfully, I believe Cloudflare’s public comments

Re: CloudFlare issues?

2019-06-24 Thread Christopher Morrow
On Mon, Jun 24, 2019 at 10:41 AM Filip Hruska wrote: > > Verizon is the one who should've noticed something was amiss and dropped > their customer's BGP session. > They also should have had filters and prefix count limits in place, > which would have prevented this whole disaster. > oddly VZ

Re: someone is using my AS number

2019-06-16 Thread Christopher Morrow
On Thu, Jun 13, 2019 at 5:18 PM Joe Provo wrote: > The last "major" provider who failed to provide BGP community-based > TE was 3549, and with their absorbtion into 3356 no one should have > any tolerance for this garbage, IMNSHO. as near as I can tell, you can't get per-neighbor or other TE

Re: someone is using my AS number

2019-06-12 Thread Christopher Morrow
details help here, and perhaps folk who peer with the upstreams can just reject routes with your as in them... if, you know, we knew what that was :) On Wed, Jun 12, 2019 at 9:21 AM Philip Lavine via NANOG wrote: > > yeah I did they are some MSP in India. No help. > > On Wednesday, June 12,

Re: Google weird routing?

2019-05-23 Thread Christopher Morrow
On Thu, May 23, 2019 at 4:11 PM Matt Harris wrote: > On Thu, May 23, 2019 at 3:06 PM Christopher Morrow > wrote: >> >> not sure where you are starting from (really) .. can you provide a: >> dig www.google.com >> >> for me? My guess is that as Jared noted

Re: Google weird routing?

2019-05-23 Thread Christopher Morrow
not sure where you are starting from (really) .. can you provide a: dig www.google.com for me? My guess is that as Jared noted you got somehow looking like you are in india to whatever does that magic :) On Thu, May 23, 2019 at 3:48 PM Matt Harris wrote: > > Hey folks, > Looking at an mtr

Re: BGP prefix filter list / BGP hijacks, different type

2019-05-17 Thread Christopher Morrow
Did this get resolved? if not please email me directly. On Fri, May 17, 2019 at 9:46 AM Denys Fedoryshchenko wrote: > > I wanted to mention one additional important point in all these > monitoring discussion. > Right now, for one of my subnets Google services stopped working. > Why? Because it

Re: Ownership of Routers on Both Ends of Transnational Links

2019-05-13 Thread Christopher Morrow
Best, > Pengxiong Zhu > Department of Computer Science and Engineering > University of California, Riverside > > > On Mon, May 13, 2019 at 8:52 AM Christopher Morrow > wrote: >> >> On Mon, May 13, 2019 at 11:38 AM Pengxiong Zhu wrote: >> > >> > Thanks ag

Re: Ownership of Routers on Both Ends of Transnational Links

2019-05-13 Thread Christopher Morrow
On Mon, May 13, 2019 at 11:38 AM Pengxiong Zhu wrote: > > Thanks again for your insightful responses! > > The case we discuss above is Chinese ISPs renting routers located outside > China and the IPs belong to other ISPs. > I think you are using all of the wrong verbs here... 'renting' does not

Re: NTP for ASBRs?

2019-05-10 Thread Christopher Morrow
igent Computing Solutions > http://www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > > From: "Christopher Morrow" > To: "nanog list" > Sent: Thursday, May 9, 2019 2:16:59 PM > Subject: Re: NTP for ASBRs

Re: NTP for ASBRs?

2019-05-09 Thread Christopher Morrow
On Thu, May 9, 2019 at 3:12 PM Andy Smith wrote: > > Hello, > > On Wed, May 08, 2019 at 10:27:30PM -0400, Christopher Morrow wrote: > > UTC is nice > > EST is nice > > PDT is nice.. > > > > pick one, deal with the eccentricities of that decision with

Re: NTP for ASBRs?

2019-05-08 Thread Christopher Morrow
On Wed, May 8, 2019 at 9:42 PM Valdis Klētnieks wrote: > > > Newfoundland time, anybody? :) > isn't the point: "Pick one for all of your things, stick to that one thing" it's find if you pick central indiana time, if you are setting the same everywhere and keeping it update properly...AND you

Re: NTP for ASBRs?

2019-05-08 Thread Christopher Morrow
On Wed, May 8, 2019 at 8:38 AM Job Snijders wrote: > > Dear Lars, > > On Wed, May 08, 2019 at 09:56:33AM +0200, Lars Prehn wrote: > > do you NTP sync your AS boundary routers? > > yes > > > If so, what are incentives for doing so? Are there incentives, e.g. > > security considerations, not to do

Re: is dnswl dead?

2019-05-03 Thread Christopher Morrow
/subscribe On Fri, May 3, 2019 at 11:28 AM Jose Manuel Vazquez Castro wrote: > > And check first connectivity ping and telnet tcp ports 22 , 873 to ips > destination's from your linuxbox: > > Record A rsync2.dnswl.org > 139.162.192.198 > 142.44.243.216 > > Or use in the command directly the ip.

Re: Comcast storing WiFi passwords in cleartext?

2019-04-23 Thread Christopher Morrow
On Tue, Apr 23, 2019 at 10:35 PM Peter Beckman wrote: > ... such that the access of the Wifi Password which is likely stored in > plain text on the router is accessed by Comcast in a secure manner and not you've seen TR-069 right? :(

Re: who attacks the weather channel?

2019-04-18 Thread Christopher Morrow
On Thu, Apr 18, 2019 at 2:18 PM Lee wrote: > > On 4/18/19, John Sage wrote: > > On 4/18/19 8:26 AM, Stephane Bortzmeyer wrote: > >> On Thu, Apr 18, 2019 at 03:16:34PM +, > >> Kain, Rebecca (.) wrote > >> a message of 69 lines which said: > >> > >>>

Re: who attacks the weather channel?

2019-04-18 Thread Christopher Morrow
On Thu, Apr 18, 2019 at 11:27 AM Stephane Bortzmeyer wrote: > > On Thu, Apr 18, 2019 at 03:16:34PM +, > Kain, Rebecca (.) wrote > a message of 69 lines which said: > > > https://www.cnn.com/2019/04/18/media/weather-channel-hack/index.html > > May be these people? > >

Re: Ownership of Routers on Both Ends of Transnational Links

2019-04-16 Thread Christopher Morrow
On Tue, Apr 16, 2019 at 5:19 PM Nimrod Levy wrote: > > > > On Tue, Apr 16, 2019, 16:52 Ross Tajvar wrote: >> >> I think it's clear that the IPs belong to Telia, but I understood James's >> point to be that the router using the IP in question may belong to China >> Unicom. (I agree with that, I

Re: Ownership of Routers on Both Ends of Transnational Links

2019-04-16 Thread Christopher Morrow
On Tue, Apr 16, 2019 at 10:59 AM James Jun wrote: > More likely, thease routers are China Unicom's routers in their US POP, not > managed by VZ/Telia. > The /30s in this case are unmanaged IP transit hand-offs, coming in as Nx10G > or 100G. When your > IP transit provider assigns the /30,

Re: AS4134/AS4847 - Appear to be hijacking some ip space.

2019-04-06 Thread Christopher Morrow
On Sat, Apr 6, 2019 at 2:40 AM Pierfrancesco Caci wrote: > > > Looks like they stopped already, I'm not seeing this on 3491 nor on > routeviews anymore. > About ~10 or so hours back Louie's request to CT got some action, yes. Thanks! -chris

Re: AS4134/AS4847 - Appear to be hijacking some ip space.

2019-04-05 Thread Christopher Morrow
added a temporary whitelist (slurm) entry into > our RPKI caches, causing the AS7018 network to disregard the > more-specific /24s under 136.32.0.0/11. thanks! > Good luck. > Jay B. > > > Christopher Morrow writes: > >

AS4134/AS4847 - Appear to be hijacking some ip space.

2019-04-05 Thread Christopher Morrow
Howdy gentle folks: It looks like AS4847 - "China Networks Inter-Exchange" Is taking some time to announce reachability for at least: 136.38.33.0/24 which they ought not, given that this /24 is part of a /11 assigned to AS16591 (google fiber)... Looking at routeviews data, I see the following

Re: request for help: 192.139.135.0/24

2019-04-01 Thread Christopher Morrow
(from offline chat and pokery) It looks like 701/1239/3356 are permitting 4837 to announce this prefix because: $ whois -h whois.radb.net 192.139.135.0 route: 192.139.135.0/24 descr: managedway company origin: AS53292 mnt-by: MAINT-AS53292 changed:rsand...@managedway.com

Re: Did IPv6 between HE and Google ever get resolved?

2019-03-31 Thread Christopher Morrow
On Sun, Mar 31, 2019 at 6:07 PM Christopher Morrow wrote: > > thread subject still says 'google and he', I don't think there's ever > been problems between google/he for v6. > I think there are some issues from cogent - > he over v6 :( > > Looking at a sample AS693

Re: Did IPv6 between HE and Google ever get resolved?

2019-03-31 Thread Christopher Morrow
On Sat, Mar 30, 2019 at 4:37 AM Matthew Petach wrote: > > > > On Sat, Mar 30, 2019 at 4:33 AM Matthew Petach wrote: >> >> >> >> On Thu, Mar 28, 2019 at 12:40 PM David Hubbard >> wrote: >>> >>> Hey all, I’ve been having bad luck searching around, but did IPv6 transit >>> between HE and google

Re: criterio

2019-03-27 Thread Christopher Morrow
criterio ASN == ? (I'm sure folk may be able to find more useful into with ASN) On Wed, Mar 27, 2019 at 6:33 AM Randy Bush wrote: > > a bit of research has led us to wonder about some (non-hostile or > worrisome) net activity of criterio autonomous systems. do any friends > of the family know

Re: Webzilla

2019-03-18 Thread Christopher Morrow
isn't i the case that 35415 peers with 174/3356/2914 directly and shouldn't you just be asking those folk: "Hey, err... are you getting these complaints? do you care about the harm?" On Mon, Mar 18, 2019 at 12:37 AM Eric Kuhnke wrote: > Looking at the AS adjacencies for Webzilla, what would

Re: Looking for a AS15169 Google contact to update their PeeringDB records

2019-03-13 Thread Christopher Morrow
I'm sure someone else already contacted you, but in the off chance that didn't happen :) maybe find me privately and we can chat? :) On Wed, Mar 13, 2019 at 8:43 PM Siyuan Miao wrote: > Hi, > > We're noticed that PeeringDB records of AS15169 in IX.br (PTT.br) São > Paulo is outdated. > > I've

Re: AS701/Verizon

2019-03-12 Thread Christopher Morrow
On Tue, Mar 12, 2019 at 1:01 AM Phil Lavin wrote: > > or something else helpful :) > > Here's traceroutes, for those interested. Times are UTC. The issue is > present to Verizon customers in both Pittsburgh and BlueBell. I don't have > any other PA Verizon customers to reference against, though

Re: AS701/Verizon

2019-03-12 Thread Christopher Morrow
pennsylvania is largeish, maybe: "To philadelphia customers behind deviceX, Y, Z" or "Pittsburghers behind devices M, N, O" or something else helpful :) On Tue, Mar 12, 2019 at 12:30 AM Phil Lavin wrote: > We’re seeing consistent +100ms latency increases to Verizon customers in > Pennsylvania,

Re: Best practices for BGP Communities

2019-03-06 Thread Christopher Morrow
On Wed, Mar 6, 2019 at 7:53 PM Randy Bush wrote: > > How does one distinguish "informational" and "action" of unknown > > communities? > > "if the community is unknown why would you take any action except to strip it?" > the action ones are divisible by 3 > > > > you are in a twisty maze

Re: skype attack

2019-02-13 Thread Christopher Morrow
On Wed, Feb 13, 2019 at 4:20 PM Randy Bush wrote: > > Y U USE SKYPE? > > yep. some researchers are still stuck there for con calls. i hate it. > > welp, at least the nsa can keep trac in real-time. they have that going for them.

Re: skype attack

2019-02-13 Thread Christopher Morrow
Y U USE SKYPE? On Wed, Feb 13, 2019 at 3:11 PM Randy Bush wrote: > an update to skype will pop up and ask you > > > deny. you will have to deny repeatedly. there is no reason in the > world skype should have access to your icloud, contacts, ... > > randy

Route Filtering Update

2019-02-12 Thread Christopher Morrow
Howdy! At Nanog74 in Vancouver I mentioned (along with some other folk in the security track) that we are planning on filtering peerings to AS15169 'by chrismas 2018', roughly speaking. A few folk(bcc'd, hi!) noticed that I'm late on that work item... yes I am, sorry. I'm hopeful I'll get the

Re: Verizon having a bad routing day today?

2019-02-11 Thread Christopher Morrow
On Sat, Feb 9, 2019 at 9:09 PM Christopher Morrow wrote: > I wonder if there's a lurking verizon/701 engineer on-list who may have a > few moments to reach me out of band? :) I've got what looks like busted > routing (or > howdy! actually 3 different vz folk found me, explained wha

Verizon having a bad routing day today?

2019-02-09 Thread Christopher Morrow
howdy! I wonder if there's a lurking verizon/701 engineer on-list who may have a few moments to reach me out of band? :) I've got what looks like busted routing (or changes to peering/etc) causing me some headaches this last day or so. I'd like to chat/email and see if there's a good reason for

Re: Google you have a problem.

2019-01-31 Thread Christopher Morrow
On Thu, Jan 31, 2019 at 8:23 PM Mark Andrews wrote: > It was 9:29 AM Feb 1 AEST when I reported this so yes it was FRIDAY. > > :) it's very easy to rile you up.

Re: Google you have a problem.

2019-01-31 Thread Christopher Morrow
a friday! w00t! > > On 1 Feb 2019, at 11:31 am, Christopher Morrow > wrote: > > > > just in case.. .this appears to be working now. > > -chris > > > > On Thu, Jan 31, 2019 at 2:30 PM Mark Andrews wrote: > > [beetle:~/git/bind9] marka% fetch -

Re: Google you have a problem.

2019-01-31 Thread Christopher Morrow
just in case.. .this appears to be working now. -chris On Thu, Jan 31, 2019 at 2:30 PM Mark Andrews wrote: > [beetle:~/git/bind9] marka% fetch -v https://www.google.com/jsapi > looking up www.google.com > connecting to www.google.com:443 > SSL connection established using

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-30 Thread Christopher Morrow
On Wed, Jan 30, 2019 at 8:10 PM Keith Medcalf wrote: > > The best time is usually a Wednesday at Noon or 11:00 in the impacted > timezone. Of course, if the impact is worldwide then that would probably > be UT1 :) that still sounds like: "not friday" right? >

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-30 Thread Christopher Morrow
be available Feb 1 > but you can use the development version 9.13 which has had the code for a > while now. > > Individual operators of resolvers will make their own decisions about when > to deploy. > -- > Mark Andrews > > On 31 Jan 2019, at 12:55, Christopher Morrow > wr

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-30 Thread Christopher Morrow
On Wed, Jan 30, 2019 at 5:41 PM Jim Popovitch via NANOG wrote: > On Wed, 2019-01-30 at 17:22 -0800, Matthew Petach wrote: > > Any chance this could wait until say the Tuesday > > *after* the Superbowl, when we aren't cutting an > > entire religion's worth of potential workers out of > > the

Re: Effects of Cold Front on Internet Infrastructure - U.S. Midwest

2019-01-30 Thread Christopher Morrow
And here I always figured it was bespoke knit caps for all the packets in cold-weather climes? learn something new every day! (also, now I wonder what the people who told me they were too busy knitting caps are ACTUALLY doing??) On Wed, Jan 30, 2019 at 8:55 AM Bryan Holloway wrote: >

Since today is a day ending in "Y" it's route hijack day? (Excelcom - as24203 please call)

2019-01-28 Thread Christopher Morrow
Howdy! ExcelCom, you are being difficult to reach today AND you are originating prefixes which are not yours to originate: * 176.119.0.0/24 me 24203 I * 176.119.1.0/24 me 24203 I * 176.119.2.0/24 me

Re: Verizon(AS701) announcing Comcast(AS7922) subnet 68.80.240.0/24

2019-01-28 Thread Christopher Morrow
Guessing there's an awesome LOA in someone's file folder for this event. On Mon, Jan 28, 2019 at 10:48 AM Smith, Courtney wrote: > Verizon (AS701) is currently originating 68.80.240.0/24. This is part of > 68.80.0.0/13 allocated to Comcast (AS7922). We have reached out to > Verizon to stop

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-24 Thread Christopher Morrow
you are seriously cracking me up... but. On Thu, Jan 24, 2019 at 6:05 AM Niels Bakker wrote: > * morrowc.li...@gmail.com (Christopher Morrow) [Thu 24 Jan 2019, 06:46 > CET]: > >So, we're asking 'everyone' to do 'something' on behalf of their > >domains, their users and the re

Re: Any way to collect network usage data for dial-up subscriber

2019-01-24 Thread Christopher Morrow
radius On Thu, Jan 24, 2019 at 10:37 AM aun Joe wrote: > NANOGers , > > > is there anyway for AAA to get special online subscriber usage > information without enable interim accouting on BRAS? > > Reading through RADIUS protocol , it seems that if we want to get > online subscriber

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-23 Thread Christopher Morrow
gt; day > > fixes. > > > > https://support.f5.com/csp/article/K07808381?sf206085287=1 > > > >> On 24 Jan 2019, at 3:51 pm, Christopher Morrow > wrote: > >> > >> > >> > >> On Wed, Jan 23, 2019 at 11:45 PM Mark Andrews

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-23 Thread Christopher Morrow
t hey you did do proper acceptance testing when you installed your DNS > servers > and firewalls to ensure that they implemented the DNS protocol correctly > and they > your firewalls don’t block well formed DNS queries (lots of them do by > default). > > I did, yes.

Re: DNS Flag Day, Friday, Feb 1st, 2019

2019-01-23 Thread Christopher Morrow
On Wed, Jan 23, 2019 at 7:11 PM Brian Kantor wrote: > Quoting from the web site at https://dnsflagday.net/ > > huh, from the 'dns illuminati' eh" DNS hosted by gandi.net? resolves to 3 /32's on 3 adjacent /24's.. in github's ip space, routed by fastly.com ... I'm sure glad the whois data for

Re: plaintext email?

2019-01-15 Thread Christopher Morrow
On Tue, Jan 15, 2019 at 5:07 PM Aled Morris via NANOG wrote: > You can hide your secret message by writing: > > dash dash space return > > Followed by your message. > > It’ll be hidden from all but the Internet illuminati > > -- is that true? > Aled > > > On Tue, 15 Jan 2019 at 22:00, cosmo

Re: plaintext email?

2019-01-14 Thread Christopher Morrow
On Mon, Jan 14, 2019 at 3:52 PM John Levine wrote: > In article fa0eo8znihuta1m9ac...@mail.gmail.com> you write: > > > >Isn't the underlying assumption with non-plaintext that: "I know what will > >work better for you than you do" ... > > No, it's that every MUA in the world has handled html

Re: plaintext email?

2019-01-14 Thread Christopher Morrow
On Mon, Jan 14, 2019 at 11:58 AM Randy Bush wrote: > >> People use plain-text e-mail on purpose? > > Yes. > > only if you want other people to be able to read it > Isn't the underlying assumption with non-plaintext that: "I know what will work better for you than you do" (comic-sans, colors,

Re: Network Atlas End of Year 2018 Update

2018-12-05 Thread Christopher Morrow
On Wed, Dec 5, 2018 at 4:37 PM Mehmet Akcin wrote: > Hi Majdi, > > On Wed, Dec 5, 2018 at 3:12 PM Majdi S. Abbas wrote: > >> >> > https://www.networkatlas.org/blog/eoy2018 >> >> >> Hey Mehmet, >> >> Thanks for putting together this resource for the community. >> >> Can

Re: China ’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’ s BGP Hijacking

2018-12-01 Thread Christopher Morrow
On Sat, Dec 1, 2018 at 4:07 PM Randy Bush wrote: > >>> They forgot to mention that it's technically possible to filter > >>> advertisements from their customer. Which apparently they were/are > >>> not really doing. > >> > >> luckily, CT is the only isp not doing good filtering, or we would be >

Re: China ’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’ s BGP Hijacking

2018-12-01 Thread Christopher Morrow
On Sat, Dec 1, 2018 at 1:11 PM Randy Bush wrote: > >> China Telecom's response: > > They forgot to mention that it's technically possible to filter > > advertisements from their customer. Which apparently they were/are not > > really doing. > > luckily, CT is the only isp not doing good

Re: Internet diameter?

2018-11-25 Thread Christopher Morrow
On Sat, Nov 24, 2018 at 8:48 PM Hal Murray < hgm+na...@ip-64-139-1-69.sjc.megapath.net> wrote: > > Keith Medcalf said: > > "just static content" would be more accurate ... > > and using http rather than https > > > There were many attempts at this by Johhny-cum-lately ISPs back in the > 90's >

  1   2   3   4   5   6   7   8   9   10   >