Re: puck not responding

If it wasn’t for how clunky they are with email sites, I’d suggest moving to a cloud somewhere. But … -George Sent from my iPhone > On Feb 29, 2024, at 8:01 AM, Jared Mauch wrote: > >  > >> On Feb 29, 2024, at 10:56 AM, Jay Acuna wrote: >> >>> On Thu, Feb 29, 2024 at 9:22 AM Jared

Re: AWS WAF list

This is terrible advice, but you might need another netblock for the eyeballs. Possibly a small one with enterprise NAT, but something outside the AWS list ranges... -George On Mon, Feb 19, 2024 at 7:35 PM Justin H. wrote: > That matches my experience with these types of problems in the

Re: 365 Datacenters Tampa AC Failure

Oof. Get ready to replace all spinning media you may have there. -George Sent from my iPhone > On Jun 12, 2023, at 4:06 PM, Nick Olsen wrote: > >  > Just a heads up to anyone else colo'd at 365 TPA1/TAMSFLDE. Currently seeing > floor temps of ~105F as reported by equipment. Started

Re: China Telecom in Hunan office tower fire

I think “the whole building burned” is a bit hyperbolic. Building was covered in the now known to be spectacularly flammable exterior foam insulation panels. Those panels are now largely banned because of several fires. It had intact windows and fire sprinklers when the cladding ignited on

Re: "Permanent" DST

> > On Mar 15, 2022, at 2:06 PM, Jay Ashworth wrote: > > It violates the international rule determining what your time zone should be > based on what your longitude is. > > That is not trivial. It’s an informal convention, not “rule”, and it not vaguely consistent in practice now.

Retracted: Re: RU evidently hijacked UA netblock

I don’t know about Scott’s situation but the original hijack report was shown to have an innocent explanation. My apologies. -george Sent from my iPhone > On Mar 4, 2022, at 6:06 PM, Scott Weeks wrote: > >  > > --- george.herb...@gmail.com wrote: > > https://bgpstream.com/event/287556

RU evidently hijacked UA netblock

https://bgpstream.com/event/287556 Beware of further such activity… -george Sent from my iPhone

Re: Ukraine request yikes

I don’t hear anyone in the networks field supporting doing it. It was a yikes that the request was made, but not looking at all likely to happen IMHO. -george Sent from my iPhone > On Mar 1, 2022, at 2:12 PM, Brian R wrote: > >  > The problem with all this talk, especially with trusted

Ukraine request yikes

Posted by Bill Woodcock on Twitter… https://twitter.com/woodyatpch/status/1498472865301098500?s=21 https://pastebin.com/DLbmYahS Ukraine (I think I read as) want ICANN to turn root nameservers off, revoke address delegations, and turn off TLDs for Russia. Seems… instability creating… -george

Re: massive facebook outage presently

And WhatsApp and Instagram. Twitter users nationwide agree anecdotally. What I’m getting is DNS failure. -George Sent from my iPhone > On Oct 4, 2021, at 9:07 AM, Eric Kuhnke wrote: > >  > https://downdetector.com/status/facebook/ > > Normally not worth mentioning random $service having

Re: Rack rails on network equipment

(Crying, thinking about racks and racks and racks of AT 56k modems strapped to shelves above PM-2E-30s…) The early 90s were a dangerous place, man. -George Sent from my iPhone > On Sep 24, 2021, at 8:05 PM, Wayne Bouchard wrote: > > Didn't require any additional time at all when equipment

Re: Rack rails on network equipment

I’ve seen Dell rack equipment leap for safety (ultimately very very unsuccessfully…) in big earthquakes. Lots of rack screws for me. -George Sent from my iPhone > On Sep 24, 2021, at 9:41 AM, Andrey Khomyakov > wrote: > >  > Hi folks, > Happy Friday! > > Would you, please, share your

RIP Dan Kaminsky

Reported widely on Twitter by his personal friends, Dan Kaminsky passed away yesterday. The DNS community has lost an immense contributor. -George Sent from my iPhone

Re: OVH datacenter SBG2 in Strasbourg on fire 

Sent from my iPhone > On Mar 10, 2021, at 7:45 AM, Andy Ringsmuth wrote: > > Sad to see of course, but also a little surprising that fire suppression > systems didn’t, well, suppress the fire. > > Unless they didn’t exist? I am assuming you haven’t had a real datacenter fire before. I’ve

Re: Famous operational issues

Northridge quake. I was #2 and on call at CRL. That One Guy on dialup in Atlanta playing MUDs 23x7 pages that things are down. I wander out to my computer to dial in and see what’s up, turned on TV walking past it, sat down and turned computer on, as it was booting on comes a live helicopter

Re: Nice work Ron

> On Jan 21, 2021, at 12:59 PM, Eric Kuhnke wrote: > > > How many other Belize defuncts do they have? How many offshore countries > > like Belize are there in the region? > > Based on my cursory knowledge of offshore corporate registrations in Belize, > Panama and the Cayman Islands,

Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

I've already had to spike one widely announced WAN UDP protocol that someone had proposed without thinking through security and DDOS features. Please don't let's try that trick again. We have perfectly good approaches that don't involve insecure untraceable transport layers. This isn't 1985.

Re: {Disarmed} Re: Asus wifi AP re-writing DNS packets

This is annoying behavior, because unless you are doing something weird with actually signing DNS or TCP DNS, the router can just inject a fake response for their one DNS name they need into any UDP DNS stream with a tiny bit of inspection. Hijacking all of DNS is the DUMB way to do it. And

Re: att or sonic "residential" fiber service at a "nontraditional" residence.

Sonic both has their own FTTH and layers on top of ATT FTTH with Fusion IPBB I think it’s called. I don’t know the resale agreement details in place but it’s openly advertised as such on Sonic’s site. Waiting for the true deal to land in my neighborhood ... -George Sent from my iPhone >

Re: DHS letters for fuel and facility access

The SF Bay Area shelter in place rules specifically exempt news media, telecommunications and internet including infrastructure services thereof (presumably large internet companies, network and security vendors, etc), fuel deliveries. I could use infrastructure vendors excuse but

Re: south bay ops channel

Not that I specifically recall since late 90s. All the local problems became nationwide. If you want to start one, sign me up. On Mon, Nov 18, 2019 at 6:53 PM Randy Bush wrote: > > dear lazynet. is there a list, irc, slack, ... for ops in the > > southern bay area? need to find/discuss

Re: Asset management recommendations

Do you really want asset management tools, or configuration management tools with asset discovery / inventory capability? Juniper supports Chef configuration management pretty extensively, and is widely used for systems management and patch management on Linux. Scales to multisite well. There

Re: 240/4 (Re: 44/8)

Most importantly, if you're running out of 1918 space is a totally different problem than running out of global routable space. If you patch common OSes for 240/4 usability but a significant fraction of say unpatched OSes, IOT, consumer routers, old random net cruft necessary for infrastructure

Re: Multi-day GNSS Galileo outage -- Civilization survives

Worthwhile noting however that they’re not reliably pushing notifications to people on their notifications list. Worthwhile checking fundamentals you do depend on with your own low level monitoring. -George Sent from my iPhone > On Jul 18, 2019, at 10:30 PM, Mikael Abrahamsson wrote: > >>

Re: Escalation point at Google

If this is re os33.com where Alex emailed from, the front page is Lets Encrypt. Which is a strange choice for a financial SAAS?... Alex, if your internal app site certs are Symantec that could well explain it; check your cert locations. On Mon, Nov 12, 2018 at 12:30 PM Guillaume Tournat wrote:

Re: Impacts of Encryption Everywhere (any solution?)

I’m confused. People are using last hop (wireless) arguments against HTTPS Everywhere; that’s the part that requires full bandwidth either way (as your non-HTTPS cache is upstream somewhere). The fiber links that are physically fixed and can handle in many cases better lasers, are the ongoing

Re: Craigslist Blocks

...Anne's contact is better placed for abuse incidents but if they fail I have an alternate contact who has also indirectly helped before. He's a programmer not abuse ops guy but does know the other teams well and has helped. George William Herbert Sent from my iPhone > On Feb 26, 2018, at

Re: Level 3 issues?

Yes; you should subscribe to outa...@outages.org for better reports. (Short summary - yes, no root cause/TTR yet). George William Herbert Sent from my iPhone > On May 16, 2016, at 12:49 PM, David Hubbard > wrote: > > Anyone seeing issues with Level 3

Re: NIST NTP servers

> On May 11, 2016, at 6:31 AM, Leo Bicknell wrote: > ... > You're replacing one single point of failure with another. > > Personally, my network gets NTP from 14 stratum 1 sources right now. > You, and the hacker, do not know which ones. You have to guess at least > 8 to

Re: Why the US Government has so many data centers

from my iPhone > On Mar 22, 2016, at 11:36 AM, Sean Donelan <s...@donelan.com> wrote: > >> On Tue, 22 Mar 2016, George Herbert wrote: >> Come on, the audit requirements should have diversity/redundancy concerns in >> them. >> >> That's standard in

Re: Why the US Government has so many data centers

Come on, the audit requirements should have diversity/redundancy concerns in them. That's standard in all the audits I have done or participated in. If these ones don't I have a marketing opportunity to teach a HA seminar and followon consulting to the IG. George William Herbert Sent from my

Re: Craiglist blocked

My guy (who is coder team not ops) confirmed he got the forwarded email and is passing it to the right ops folks, but those ops folks will have to reach back out again to Chris. You might try Michael's contacts if you don't hear anything in a few hours at most. George William Herbert Sent

Re: Craiglist blocked

> On Mar 16, 2016, at 2:51 PM, "Michael J Wise" wrote: > > Let's try that again, once more with feeling. Put that tablet away I'm asking you, please, no It isn't right, it isn't fair! There were firewalls everywhere I think that exploit wasn't there... George William

Re: Why the US Government has so many data centers

So... Before I go on, I have not been in Todd's shoes, either serving nor directly supporting an org like that. However, I have indirectly supported orgs like that and consulted at or supported literally hundreds of commercial and a few educational and nonprofit orgs over the last 30 years.

Re: Craiglist blocked

I know someone (not ops but ha can forward internally); forwarding to him. George William Herbert Sent from my iPhone > On Mar 16, 2016, at 2:18 PM, Christopher Tyler > wrote: > > Does anyone have a contact at Craigslist? > Some of our IP addresses got blocked and

Re: Why the US Government has so many data centers

> On Mar 14, 2016, at 12:19 PM, George Metz wrote: > > Based on the "standard" (per the Windows admins) file storage space of 700 > meg, that sounds like 3TB for user storage. Even if it were 30TB, I still > can't see a proper setup costing more than the OC-12 after a

Re: Why the US Government has so many data centers

At enterprise storage costs, that much storage will cost more than the OC-12, and then add datacenter and backups. Total could be 2-3x OC-12 annual costs. If your org can afford to buy non-top-line storage then it would probably be cheaper to go local. However, you should check how much of

Re: Why the US Government has so many data centers

. George William Herbert Sent from my iPhone > On Mar 13, 2016, at 2:15 PM, Sean Donelan <s...@donelan.com> wrote: > >> On Sun, 13 Mar 2016, Roland Dobbins wrote: >>> On 13 Mar 2016, at 3:03, George Herbert wrote: >>> >>> It's a symptom of trying to save a fe

Re: Why the US Government has so many data centers

> On Mar 11, 2016, at 11:57 AM, "Mark T. Ganzer" wrote: > > but I will instead ask this for your consideration: Do servers in "test, > stage, development, or any other environment" really need to have the same > environmental, power and connectivity requirements

Re: AWS Direct Connect - Peering VPCs to Tier 1's and MPLS

If you're asking if one can get a provider's router to handle the outside physical part of a DC connection... As an ISP service so you don't need your own router hardware... I was working on this for a recent ex client and asked Level 3 exactly that question. I believe I had the right

Sonatel?

https://bgpstream.com/event/19524 Second Sonatel hijack in last half hour-ish. Anyone on NANOG?... George William Herbert Sent from my iPhone

Re: IP-Echelon Compliance

You guys aren't devious enough. These guys are in violation of CAN-SPAM. To the tune of exceeding the statutory maximum $1,000,000 per ISP last *month* for some of you, much less in the statute of limitations period. You could probably point to refusal to remove as justifying the triple

Re: Cloud backups versus lightning strikes

My read on the situation is Yet Another Intermediate Cacheing Fail in storage, a well known problem. Yes, do a pull the power test on your storage so you KNOW what's committed... George William Herbert Sent from my iPhone On Aug 19, 2015, at 5:44 PM, Sean Donelan s...@donelan.com wrote:

Re: Cisco Routers Vulnerability

A whole pile of new vulnerabilities including remote code exploit were revealed against specific models about 3 weeks ago; I had not heard of any exploits, but, ... Which is why the models and IOS versions would be very useful. On Mon, Apr 13, 2015 at 2:59 PM, Rashed Alwarrag

Re: Cisco Nexus

Brandon Ewing nicot...@warningg.com wrote: David Bass wrote: The n2k ToR is not a great design for user or storage interfaces if most of your traffic is east/west. It is great as a low cost ilo/drac/choose your oob port, or if most of your traffic is north/south. Biggest thing to

Re: Cisco Nexus

I wasn't the implementing engineer but I've been at two places that did that, a larger game company and a network gear manufacturer in their engineering support computational hubs. I was there during planning and rollout at the game company, very early in the Nexus lifespan. Both sites

Re: gamer lag dashboard

Cruel, cruel man. George William Herbert Sent from my iPhone On Jan 19, 2015, at 6:56 PM, Charles N Wyble char...@thefnf.org wrote: SSL is no problem. We just had a whole thread about breaking it. :-) On January 19, 2015 5:16:43 PM CST, George Herbert george.herb...@gmail.com wrote

Re: gamer lag dashboard

Emulating game traffic... Good luck with that. You'll probably have to figure it out and build your own models per service, though a lot is encapsulated in https. In terms of showing it to the public, look at Zabbix and Zenoss; both do dashboards and managing multiple realtime monitoring /

Re: Craigslist hacked?

He didn't hack the registry, he hijacked its records. And this is far from the first time a registry account was hacked. But, yeah, *still* not secure enough. George William Herbert Sent from my iPhone On Nov 24, 2014, at 2:17 PM, Randy Epstein na...@hostleasing.net wrote: On 11/24/14,

Re: Craigslist hacked?

And that was July 1997 not 96, though that does nothing to make me feel younger ... George William Herbert Sent from my iPhone On Nov 24, 2014, at 4:16 PM, George Herbert george.herb...@gmail.com wrote: He didn't hack the registry, he hijacked its records. And this is far from

Re: Craigslist hacked?

On Nov 24, 2014, at 4:18 PM, Randy Epstein na...@hostleasing.net wrote: Actually, he didn’t hack its records either. He exploited a bug in BIND. ...returned a legit response plus a tacked-on glue record for www.internic.net anytime you queried his nameserver, which he tricked people

Re: cheap laptop with 32G or 64G recommendations

Nobody will ever need more than 64K...M...G... George William Herbert Sent from my iPhone On Nov 10, 2014, at 4:24 PM, Izaac iz...@setec.org wrote: On November 10, 2014 4:49:08 PM EST, lobna gouda lobna_go...@hotmail.com wrote: Hello, Any recommendation, not looking for anything fantasy,

Re: Linux: concerns over systemd [OT]

On Oct 21, 2014, at 6:03 PM, Jay Ashworth j...@baylink.com wrote: GNOME is probably the linchpin. But it's not just RH. It's Debian, and by extension *buntu, and SuSE, and at least one other major independent parent distro that I can't think of just now... And as far as I know,

Re: Linux: concerns over systemd adoption and Debian's decision to switch

On Oct 22, 2014, at 9:30 AM, Jeffrey Ollie j...@ocjtech.us wrote: The people that like systemd (like myself) have wisely learned that the people that hate systemd, hate it mostly because it's different from what came before and don't want to change. There's no way to argue rationally

Re: Linux: concerns over systemd [OT]

Ok. As a highly on- list-topic example of why distrust is called for... Without referring to the systemd source code*, does anyone know what systemd uses to select between networking subsystems (i.e. NetworkManager, the new standard as of RHEL 7, vs /etc/ sysconfig/network-scripts/, etc.).

Re: Major California Faults Ready To Rupture | IFLScience

wrote: How widespread were the effects on backbone communication circuits from those quakes? On October 18, 2014 3:22:58 PM EDT, Bill Woodcock wo...@pch.net wrote: On Oct 19, 2014, at 2:20 AM, George Herbert george.herb...@gmail.com wrote: You should restate the predates; I

Re: Major California Faults Ready To Rupture | IFLScience

You should restate the predates; I was on console on earthquake.berkeley.edu at the time Loma Prieta let go, using among other things (then) Forumnet (now) ICB in a chat, and one of the immediate damage indications was that everyone at UC Santa Cruz dropped offline. Topic important, though, I

Re: EFF gets into the CPE router software business..

Any idea how well CeroWRT stands up to nation-state level intrusion efforts? George William Herbert Sent from my iPhone On Jul 24, 2014, at 10:24 AM, char...@thefnf.org wrote: On 2014-07-24 12:04, Valdis Kletnieks wrote: So the EFF is pushing development of an open CPU router

Re: Inevitable death, was Re: Verizon Public Policy on Netflix

On Jul 17, 2014, at 5:19 AM, Jared Mauch ja...@puck.nether.net wrote: The problem is partly a technological one. If you have a fiber span from east- west it doesn't make sense to OEO when you can just plop in a bidi amplifier. Almost certainly, most of the fiber going through the

Re: Inevitable death, was Re: Verizon Public Policy on Netflix

On Jul 15, 2014, at 8:03 AM, Brett Glass na...@brettglass.com wrote: At 06:49 AM 7/15/2014, Baldur Norddahl wrote: Ah but they are charging you for it. You are paying approximately 40x as much for your bandwidth as you should be (you said you paid 20 USD/Mbps - an outrageous rate).

Re: Inevitable death, was Re: Verizon Public Policy on Netflix

On Jul 15, 2014, at 5:02 PM, Brett Glass na...@brettglass.com wrote: At 05:10 PM 7/15/2014, George Herbert wrote: Layer3 runs right through Laramie. With a redundant run slightly south. What conversations have you had with them?... At first, Level3 completely refused us

Re: Verizon Public Policy on Netflix

On Jul 14, 2014, at 6:03 AM, Jared Mauch ja...@puck.nether.net wrote: In my experience the bandwidth is typically the lowest part of the cost equation. Why transcode on 1k nodes when you can do it once and distribute it at lower cost, including in electricity to run the host CPU.

Re: Inevitable death, was Re: Verizon Public Policy on Netflix

On Jul 14, 2014, at 10:41 AM, Matthew Petach mpet...@netflight.com wrote: Brett's concerns seem to center around his ability to be cost-competitive with the big guys in his area...which implies there *are* big guys in his area to have to compete with. He 's running wireless links, from

Re: Verizon Public Policy on Netflix

On Jul 11, 2014, at 10:31 PM, Owen DeLong o...@delong.com wrote: On Jul 11, 2014, at 8:18 PM, Randy Bush ra...@psg.com wrote: And, for the record, it's pretty widely acknowledge that The World (Barry Shein) was the world's first commercial ISP - offering shell access in 1989, and at

Re: Verizon Public Policy on Netflix

On Jul 11, 2014, at 9:44 AM, Owen DeLong o...@delong.com wrote: Would it really be plausible for a small ISP to host caching clusters for every streaming content supplier out there? No, but if you have typical internet user streaming uptake, Netflix and Akamai and then... Short list,

Re: Requirements for IPv6 Firewalls

As long as the various stateful firewalls and IDS systems offer hostile action detection and blocking capabilities that raw webservers lack, there are certainly counterarguments to the port filter only approach being advocated here. Focusing only on DDOS prevention from one narrow range of attack

Re: Requirements for IPv6 Firewalls

On Mon, Apr 21, 2014 at 9:32 AM, Lee Howard l...@asgard.org wrote: You're describing best practice. Yes, of course, you should have well documented technical and business needs for what's open and what's closed in firewalls, and should have traceability from the rules in place to the

Re: Requirements for IPv6 Firewalls

18, 2014 at 3:36 PM, Lee Howard l...@asgard.org wrote: On 4/17/14 4:45 PM, George Herbert george.herb...@gmail.com wrote: There's a fair argument to be made which says that kind of NAT is unhealthy. If its proponents are correct, they'll win that argument later on with NAT-incompatible

Re: Requirements for IPv6 Firewalls

On Thu, Apr 17, 2014 at 11:32 AM, Eugeniu Patrascu eu...@imacandi.netwrote: ... It's a bigger risk to think that NAT somehow magically protects you against stuff on the Internet. Also, if your problem is that someone can screw up firewalls rules, then you have bigger issue in your

Re: Recommendation on NTP appliances/devices

On Thu, Apr 3, 2014 at 8:46 PM, Rob Seastrom r...@seastrom.com wrote: Chris Adams c...@cmadams.net writes: Once upon a time, Rob Seastrom r...@seastrom.com said: Along the same lines I'm troubled by the lack of divergent sources these days - everything seems slaved to GPS either directly

Re: misunderstanding scale

On Mon, Mar 24, 2014 at 8:02 PM, Owen DeLong o...@delong.com wrote: On Mar 24, 2014, at 9:21 AM, William Herrin b...@herrin.us wrote: On Sun, Mar 23, 2014 at 11:07 PM, Naslund, Steve snasl...@medline.com wrote: I am not sure I agree with the basic premise here. NAT or Private

Re: L6-20P - L6-30R

https://www.21cii.com/ITStudio/Content/Resources/Images/Appendix/Plug%20%20Power/SB%202P-3W_505x447.png I think the 250 v 15 amp plugs fit in the 20 amp sockets, but the 20s don't fit in the 30 sockets. This sort of thing is usually an adapter, a little cylinder with a L6-20R on one end and a

Re: L6-20P - L6-30R

Crap, was looking at the non-locking ones. Ignore that. On Tue, Mar 18, 2014 at 3:54 PM, George Herbert george.herb...@gmail.comwrote: https://www.21cii.com/ITStudio/Content/Resources/Images/Appendix/Plug%20%20Power/SB%202P-3W_505x447.png I think the 250 v 15 amp plugs fit in the 20 amp

Re: random dns queries with random sources

Right. Nonzero chances that you (Joe's site) are the target... Also, check if you have egress filtering of spoofed addresses below these DNS resources, between them and any user objects. You could be sourcing the spoofing if not... On Tue, Feb 18, 2014 at 7:44 PM, Dobbins, Roland

Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic

On Fri, Nov 1, 2013 at 3:26 PM, Niels Bakker niels=na...@bakker.net wrote: * mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]: Its about the CPU cost of the crypto. I was once told the number of CPUs required to do SSL on web search (which I have now forgotten) and it was a

Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic

On Fri, Nov 1, 2013 at 4:01 PM, Masataka Ohta mo...@necom830.hpcl.titech.ac.jp wrote: Anthony Junk wrote: It seems as if both Yahoo and Google assumed that since they were private circuits that they didn't have to encrypt. According to Snowden, there are government agents at key

Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic

On Fri, Nov 1, 2013 at 4:37 PM, Randy Bush ra...@psg.com wrote: Anyone familiar with secure organizations there are such things? we should be more cautious with absolutes, usually :) Nothing is absolute, but there are certainly white organizations which have no attempt to be secure, and

Re: Sudan disconnected from the Internet

http://abcnews.go.com/International/wireStory/sudan-security-clashes-subsidy-protesters-20360418 On Wed, Sep 25, 2013 at 5:34 PM, Tammy Firefly tammy-li...@wiztech.bizwrote: On 9/25/13 18:29:58, Jeff Kell wrote: On 9/25/2013 8:25 PM, Tammy Firefly wrote: with the old fashioned pair of

Re: What to expect after a cooling failure

Numbers from memory and filed off a bit for anonymity, but A site I was consulting with had statistically large numbers of x86 servers (say, 3000), SPARC enterprise gear (100), NetApp units (60) and NetApp drives (5000+) go through a roughly 42C excursion. It was much hotter at ceiling

Re: Fwd: [Filtering of NTP-access to swisstime.ethz.ch as of July 1st, 2013]

On Tue, Jun 25, 2013 at 4:38 PM, Larry Sheldon larryshel...@cox.net wrote: What is it about people that makes them free-load on services like NTP chimes and DNSBLS but refuse to stay in contact with(or at least contactable by) the providers when important stuff is pending? Several

Re: Need help in flushing DNS

The indications and claim are that the root cause was registrar internal goof, not hostile action against name servers. The story is not yet detailed enough to add up; getting from point A to point B requires steps that so far don't really make sense. A more detailed explanation is hopefully to

Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)

I know how we got here, but perhaps we can take corporate parentage and how big .com is now to -discuss? What happened with the registry data that caused the outage and what can / should be done about it / to prevent it happening again still seem to me to be operational topics. George

Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)

Poisoning a domain's NS records with localhost will most certainly DOS the domain, yes. I have not yet seen the source of this; if anyone has a clue where the updates are coming from please post the info. Is there anything about ztomy.com that has been seen that's supicious as in they might be

Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)

At the DNS Servers or service provider level, one can (and I often do) have redundant providers. At the registrar level? ... Not with our current infrastructure, as far as I know how. The Internet: Discovering new SPOF since 1969! George William Herbert Sent from my iPhone On Jun 20,

Re: If you thought you had wire management issues in your facilities...

That's nothing. I was in a business office colo facility in San Jose in the 2001 timeframe, that had a (as I recall) 12-rack long patch panel setup for the 2 or 3 floors they occupied. All the phones and LANs used the same panels. They'd used red cable for everything. There was no - zero -

Re: 10gig coast to coast

Also, what are reliability and redundancy requirements. 10 gigs of bare naked fiber is one thing, but if you need extra paths redundancy, figure that out now and specify. Is this latency, bandwidth, both? Mission critical, business critical, less priority? 24x7x365, or subset of that, or

Re: Cat-5 cables near 200 Paul, SF

+1 ; go Graybar. On Fri, May 31, 2013 at 11:49 AM, Majdi S. Abbas m...@latt.net wrote: On Fri, May 31, 2013 at 06:25:54PM +, Warren Bailey wrote: We walked up the counter all the time, however that was in Alaska so the rules may be different down here. You can walk up with a

Re: Data Center Installations

Central Computers is ok on no-name server components, but not at all for rack / cabling / power / management / etc. Micro Center was right next to places I go to eat over there, but all gone. I can almost see Frys off Lawrence/Scott from here, and there's a Graybar 3 miles the other direction.

Re: CenturyLink Outage?

Widely discussed on outa...@outages.org list (hint!) but for those not yet list members over there, 13 or more states in southeast US affected, reportedly routing / layer 3 issue, possibly BGP to outside but not clear. Some service restorations discussed. George William Herbert Sent from my

Re: Data Center Installations

Seconded Graybar. If necessary, in the absence of Graybar or for tiny stuff, a Frys or Home Depot or Lowes. On Wed, May 1, 2013 at 12:32 PM, Joe Hamelin j...@nethead.com wrote: Graybar. -- Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474 On Wed, May 1, 2013 at 12:23 PM, Warren Bailey

Re: RFC 1149

In europe? He probably was thinking of a Volvo 245... On Wed, Apr 3, 2013 at 4:40 AM, Jamie Bowden ja...@photon.com wrote: From: Jay Ashworth [mailto:j...@baylink.com] - Original Message - From: TJ trej...@gmail.com On Tue, Apr 2, 2013 at 3:41 PM, Owen DeLong o...@delong.com

Re: RFC 1149

Packets, shmackets. I'm just upset that my BGP over Semaphore Towers routing protocol extension hasn't been experimentally validated yet. Whoever you are who keeps flying pigeons between my test towers, you can't deliver packets without proper routing updates! Knock it off long enough for me to

Re: glass fiber @ 0.997 c

On Tue, Mar 26, 2013 at 9:36 AM, Eugen Leitl eu...@leitl.org wrote: http://www.newscientist.com/article/dn23309-information-superhighway-approaches-light-speed.html Information superhighway approaches light speed 18:00 24 March 2013 by Jacob Aron Nothing moves faster than light in a vacuum,

Re: Is multihoming hard? [was: DNS amplification]

On Mar 23, 2013, at 7:47 PM, Kyle Creyts kyle.cre...@gmail.com wrote: Will they really demand ubiquitous, unabridged connectivity? Let's back up. End users do not as a rule* have persistent inbound connections. If they have DSL and a Cable Modem they can switch manually (or with a

Re: Class E addresses in the wild

It is (or was) fairly commonly in use among internal nets which overflowed RFC 1918 or have to internetwork with other heavy users of RFC 1918 space. I know of at least two service providers and one cell network who were using it for that 3 years ago. Someone leaking internal routes for such?

Re: Class E addresses in the wild

On Thu, Mar 21, 2013 at 5:10 PM, cb.list6 cb.li...@gmail.com wrote: I am pretty sure Class E is completely defunct and not used anywhere since Cisco and Juniper routers do not forward the packets (circa 2008 testing) and no known host accept it as a valid address, AFAIK. Both the net and host

Re: What Should an Engineer Address when 'Selling' IPv6 to Executives?

On Wed, Mar 6, 2013 at 9:20 AM, Cameron Byrne cb.li...@gmail.com wrote: So, your position, which is substantiated my Microsoft's / Windows Phone's / Skype's lack of IPv6 support , is that nobody cares until we run out of IPv4. That is clearly reducto ad absurdum and does not resemble

Re: What Should an Engineer Address when 'Selling' IPv6 to Executives?

On Tue, Mar 5, 2013 at 8:20 PM, Owen DeLong o...@delong.com wrote: Matthew wrote: [...] 1. Decreased application complexity: Yeah. After IPv4 goes entirely away. Which is a long, long, LONG time from now. Until then… I don't think so. I think IPv4's demise as a supported internet

Re: What Should an Engineer Address when 'Selling' IPv6 to Executives?

On Wed, Mar 6, 2013 at 12:30 PM, david raistrick dr...@icantclick.org wrote: On Wed, 6 Mar 2013, George Herbert wrote: The mindshare shift is happening, but the change won't snowball until IT admins - in bulk - really get it. and keeping in mind that the bulk still don't get ipv4, either

Re: Cloudflare is down

On Mon, Mar 4, 2013 at 10:40 AM, Saku Ytti s...@ytti.fi wrote: On (2013-03-04 13:23 -0500), Jeff Wheeler wrote: We have lots of stupid people in our industry because so few understand The Way Things Work. We have tendency to view mistakes we do as unavoidable human errors and mistakes other

  1   2   3   >