8, 2015 at 8:03 AM, Steven M. Bellovin <s...@cs.columbia.edu>
>> wrote:
>>> On 18 Dec 2015, at 11:52, Steven M. Bellovin wrote:
>>>
>>>> On 18 Dec 2015, at 7:28, Dave Taht wrote:
>>>>
>>>> I think "unauthorized code" is sti
On 18 Dec 2015, at 11:52, Steven M. Bellovin wrote:
> On 18 Dec 2015, at 7:28, Dave Taht wrote:
>
>> I think "unauthorized code" is still plausible newspeak for "bug".
>>
>> Why blame finger foo when you can blame terrorists?
>
>
On 18 Dec 2015, at 7:28, Dave Taht wrote:
> I think "unauthorized code" is still plausible newspeak for "bug".
>
> Why blame finger foo when you can blame terrorists?
It looks like two different holes, one a back door for unauthorized
console login and one to somehow leak VPN encryption keys.
Hey!
New message, please read <http://inovateusbusinesscenter.com/head.php?fhf02>
Steven M. Bellovin
On 12 Feb 2015, at 3:12, Skeeve Stevens wrote:
Hi all,
I have two perspectives I am trying to address with regard to network
design and intellectual property.
1) The business who does the design - what are their rights?
2) The customer who asked for the rights from a consultant
My personal
On Mon, 01 Mar 2010 11:04:19 -0600
Larry Sheldon larryshel...@cox.net wrote:
On 3/1/2010 9:55 AM, Adam Waite wrote:
Hm, I was under the impression that ARPANET was a government run
network...
Not since 1992..what you're looking for these days is NIPRnet
and SIPRnet, and
On Fri, 26 Feb 2010 10:43:11 -0800
David Conrad d...@virtualized.org wrote:
On Feb 26, 2010, at 10:22 AM, gordon b slater wrote:
I must admit to total confusion over why they need to grab IPs
from the v6 address space? Surely they don't need the equivalent of
band-plans for IP space? Or
On Fri, 11 Sep 2009 09:36:34 -0400
Jeff Kell jeff-k...@utc.edu wrote:
William Allen Simpson wrote:
http://newsvote.bbc.co.uk/mpapps/pagetools/print/news.bbc.co.uk/2/hi/africa/8248056.stm?ad=1
Update needed for RFC 1149 (1 April 1990),
A Standard for the Transmission of IP Datagrams
On Sun, 30 Aug 2009 19:46:19 -0400 (EDT)
Sean Donelan s...@donelan.com wrote:
On Sun, 30 Aug 2009, Jeff Young wrote:
The more troubling parts of this bill had to do with the President,
at his discretion, classifying parts of public networks as critical
infrastructure and so on.
Whatever
On Sun, 30 Aug 2009 22:20:55 -0400
Eric Brunner-Williams brun...@nic-naa.net wrote:
randy,
moveon is a maine-based org. it is an effective, fund raising,
partisan organization. it is much more than a click-and-opine
vehicle, it puts hundreds of thousands of dollars into competitive
races,
On that note, folks might want to see
http://www.nytimes.com/2009/08/10/business/global/10cable.html
On Thu, 06 Aug 2009 06:51:24 +
Paul Vixie vi...@isc.org wrote:
Christopher Morrow morrowc.li...@gmail.com writes:
how does SCTP ensure against spoofed or reflected attacks?
there is no server side protocol control block required in SCTP.
someone sends you a create association
On Wed, 5 Aug 2009 15:07:30 -0400 (EDT)
John R. Levine jo...@iecc.com wrote:
5 is 'edns ping', but it was effectively blocked because people
thought DNSSEC would be easier to do, or demanded that EDNS PING
(http://edns-ping.org) would offer everything that DNSSEC offered.
I'm
On Fri, 03 Jul 2009 12:21:36 +0900
Randy Bush ra...@psg.com wrote:
On Thu, Jul 2, 2009 at 11:06 AM, Mark Kostersma...@arin.net wrote:
ARIN is now signing the /8 zones that it is authoritative for (eg
192.in-addr.arpa, etc).
Thanks!
indeed!
Wonderful!
--Steve
On Wed, 24 Jun 2009 17:48:58 -0400
Andrew D Kirch trel...@trelane.net wrote:
Richard A Steenbergen wrote:
On Wed, Jun 24, 2009 at 12:43:15PM -0700, Randy Bush wrote:
sadly, naively turning up tor to help folk who wish to be
anonymous in hard times gets one a lot of assertive email
On Tue, 16 Jun 2009 09:48:07 -0500
Jack Bates jba...@brightok.net wrote:
Erik Fichtner wrote:
And yet, all upgrades can be postponed with the right... motivation.
Hmmm, you do know that motivation may have strictly been, Your
maintenance corresponds with a major event, can you put
On Tue, 2 Jun 2009 16:44:47 -0400
Dave Knight dkni...@ca.afilias.info wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Colleagues,
On behalf of PIR Technical Support I would like to announce that as
of today, 2009-06-02, at 16:00 UTC .ORG is DNSSEC signed.
Wonderful!
On Sat, 18 Apr 2009 16:58:24 +
bmann...@vacation.karoshi.com wrote:
i make the claim that simple, clean design and execution is
best. even the security goofs will agree.
Even? *Especially* -- or they're not competent at doing security.
But I hadn't even thought about DELNIs in
On Mon, 13 Apr 2009 09:18:04 -0500
Stephen Sprunk step...@sprunk.org wrote:
Mike Lewinski wrote:
Joe Greco wrote:
Which brings me to a new point: if we accept that security by
obscurity is not security, then, what (practical thing) IS
security?
Obscurity as a principle works just
On Fri, 10 Apr 2009 10:20:35 + (GMT)
Leland E. Vandervort lel...@taranta.discpro.org wrote:
On Fri, 10 Apr 2009, Roland Dobbins wrote:
IANAL, but I suggest you check again with your legal department - I
doubt this is actually the case (your jurisdiction may vary, but in
most
On Thu, 9 Apr 2009 20:07:05 -0500
jamie rishaw j...@arpa.com wrote:
It's amusing to see the media's (misdirected) focus on the event.
Expected : MULTIPLE COORDINATED FIBER CUTS TAKE OUT 911, PHONE, CELL,
INTERNET TO TENS OF THOUSANDS
Google News: ATT uses Twitter ...
On Thu, 09 Apr 2009 11:12:57 -0400
Robert E. Seastrom r...@seastrom.com wrote:
I use a Verizon Wireless u727; before that, I used a PCMCIA card.
I've never had problems with drops on idle. *However* -- if there
was a packet from the wrong IP address, the older card would drop
the
http://www.darkreading.com/securityservices/services/data/showArticle.jhtml?articleID=216403220
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Wed, 08 Apr 2009 09:20:34 +1000
Karl Auer ka...@biplane.com.au wrote:
On Wed, 2009-04-08 at 10:46 +1200, Nathan Ward wrote:
I'd be interested to hear why people use firewalls.
End hosts are not always trustworthy.
If a host is compromised, should it be able to send anything and
On Fri, 3 Apr 2009 17:38:43 -0500
Jorge Amodio jmamo...@gmail.com wrote:
someone should write an rfc on that
why not read the one you wrote, it's just 12 years old
We don't read. Very few system developers are familiar with
work done outside of their own project.
On Wed, 1 Apr 2009 17:10:24 -0500
Erich Kolb ek...@kolbsoft.com wrote:
Looks like they are having some serious issues. It doesn't appear
that any of their domains are resolving. Hosted or otherwise.
Hmm -- UltraDNS was attacked; I wonder if there's a connection.
Also see
http://arstechnica.com/security/news/2009/03/new-method-for-detecting-conficker-discovered-debuted.ars
On Sun, 29 Mar 2009 23:43:47 -0400
Joe Blanchard jbfixu...@gmail.com wrote:
Not that I care one way or another, but since I've gotten 20+
complaints.
going to www.whitehouse.org yields something else. I know I know,
perhaps old news.
Should I just redirect or is our DNS corrupt?
On Fri, 27 Mar 2009 14:46:50 +0100
Daniel Verlouw dan...@bit.nl wrote:
On Fri, 2009-03-27 at 09:34 -0400, Steven M. Bellovin wrote:
It's working for me, too, though I noticed that tcptraceroute (at
least the version I have) doesn't do well with ipv6.google.com.
seems to work fine from
On Fri, 27 Mar 2009 18:27:59 +0100
Peter Dambier pe...@peter-dambier.de wrote:
Karl Auer wrote:
On Fri, 2009-03-27 at 13:35 +0100, Peter Dambier wrote:
I can use it but sometimes got trouble with teredo.
Retry half an hour later works :)
ipv6.google.com looks better to me than the
On Wed, 11 Mar 2009 10:28:33 -0400
Joe Abley jab...@hopcount.ca wrote:
On 11-Mar-2009, at 10:03, Jon Lewis wrote:
but what's the point in getting lawyers involved?
It might convince some pointy-haired person at covad to review the
policies and procedures on the abuse desk, maybe.
On Wed, 11 Mar 2009 12:42:40 -0300
Rubens Kuhl rube...@gmail.com wrote:
Covad telling you they don't keep logs is different from them not
really having the logs... but, if they really don't keep logs, they
are posing a risk that FBI or DHS might not be happy with. The feds
will probably be
On Mon, 02 Mar 2009 08:39:24 +0900
Randy Bush ra...@psg.com wrote:
The emphasis, is the need to open the envelope to decide how to
route them...
and more of my margin goes to the folk who make envelope openers. and
this is a good thing? and it helps get the packets to the customer
how?
On Sat, 21 Feb 2009 11:52:23 -0500
Steven King sk...@kingrst.com wrote:
I can't even get reliable home cable internet service from them. No
way I would ever consider using them for transit. I would only
consider a stub peer with them to help out the poor Comcast customers
who are also trying
On Thu, 19 Feb 2009 10:19:19 -0500
Leo Bicknell bickn...@ufp.org wrote:
In a message written on Thu, Feb 19, 2009 at 10:01:59AM -0500, Jared
Mauch wrote:
some-hat-on
Would it be insane to have an IETF back-to-back with a NANOG?
/some-hat-on
Probably, but it would be a good idea. :)
On Wed, 18 Feb 2009 17:40:02 -0500
Leo Bicknell bickn...@ufp.org wrote:
And let me ask you this question, why do the operators have to go to
the IETF? Many of us have, and tried. I can't think of a single
working group chair/co-chair that's ever presented at NANOG and asked
for feedback.
On Fri, 13 Feb 2009 16:41:41 + (WET)
Nuno Vieira - nfsi telecom nuno.vie...@nfsi.pt wrote:
Ok, however, what i am talking about is a competelly diferent thing,
and i think that my thoughts are alligned with Jens.
We want to have a Sink-BGP-BL, based on Destination.
Imagine, i as an
On Fri, 13 Feb 2009 21:08:12 -0600
Chris Adams cmad...@hiwaay.net wrote:
Once upon a time, Joe Greco jgr...@ns.sol.net said:
FreeBSD used a 64-bit time_t for the AMD64 port pretty much right
away. On the flip side, it used a 32-bit time_t for the Alpha
port. I guess someone predicted it
On Sun, 08 Feb 2009 22:45:51 +0100
Eliot Lear l...@cisco.com wrote:
On 2/8/09 5:32 PM, Leo Bicknell wrote:
Lastly, you've assumed that only a smart phone (not that the term
is well defined) needs an IP address. I believe this is wrong.
There are plenty of simpler phones (e.g. not a PDA,
http://online.wsj.com/article/SB123240330058595471.html -- no idea if
you have to be a subscriber or not.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
http://www.theregister.co.uk/2009/01/05/cisco_router_hijacking/
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Sat, 03 Jan 2009 09:35:06 -0500
William Warren hescomins...@emmanuelcomputerconsulting.com wrote:
Everyone seems to be stampeding to SHA-1..yet it was broken in 2005.
So we trade MD5 for SHA-1? This makes no sense.
(a) SHA-1 was not broken as badly. The best attack is, as I recall,
2^63,
On Sat, 3 Jan 2009 12:31:53 -0500
Christopher Morrow morrowc.li...@gmail.com wrote:
On Sat, Jan 3, 2009 at 10:49 AM, Steven M. Bellovin
s...@cs.columbia.edu wrote:
On Sat, 03 Jan 2009 09:35:06 -0500
William Warren hescomins...@emmanuelcomputerconsulting.com wrote:
Everyone seems
On Fri, 2 Jan 2009 17:53:55 +0100
Terje Bless l...@pobox.com wrote:
On Fri, Jan 2, 2009 at 5:44 PM, valdis.kletni...@vt.edu wrote:
Hmm... so basically all deployed FireFox and IE either don't even
try to do a CRL, or they ask the dodgy certificate Who can I ask
if you're dodgy?
Hmm.
On Fri, 2 Jan 2009 15:49:24 -0500
Deepak Jain dee...@ai.net wrote:
Of course, this will just make the browsers pop up dialog boxes
which everyone will click OK on...
And brings us to an even more interesting question, since everything
is trusting their in-browser root CAs and such. How
On Fri, 2 Jan 2009 16:13:45 -0500
Deepak Jain dee...@ai.net wrote:
If done properly, that's actually an easier task: you build the
update key into the browser. When it pulls in an update, it
verifies that it was signed with the proper key.
If you build it into the browser, how do you
On Fri, 2 Jan 2009 16:51:53 -0600
Skywing skyw...@valhallalegends.com wrote:
Of course, md5 *used* to be good crypto.
See http://www.cs.columbia.edu/~smb/blog/2008-12/2008-12-30.html for
the links, but MD5 has been suspect for a very long time.
Dobbertin found problems with it in 1996. The
On Wed, 31 Dec 2008 16:53:57 -0800
Wil Schultz wschu...@bsdboy.com wrote:
At which point my Solaris 10 v490's reboot in unison, lovely.
Solaris? Or ZuneOS? (See
http://www.nytimes.com/2009/01/01/technology/personaltech/01zune.html)
--Steve Bellovin,
On Fri, 26 Dec 2008 20:37:41 -0800
Kevin Oberman ober...@es.net wrote:
The main reason I prefer ISIS is that it uses CLNS packets for
communications and we don't route CLNS. (I don't think ANYONE is
routing CLNS today.) That makes it pretty secure.
Unless, of course, someone one hop away -- a
On Fri, 26 Dec 2008 19:10:13 -0600 (CST)
Joe Greco jgr...@ns.sol.net wrote:
I did ask, and all the local people are, in fact, local. It's a
matter of training and technical knowledge. None of them was really
putting together the fact that the modem was sketchy for the service
class we had.
On Fri, 12 Dec 2008 16:33:51 -0800
Tomas L. Byrnes t...@byrneit.net wrote:
Because anyone with half a brain blocks proxies from their e-commerce
site.
What is a proxy? A garden-variety squid server, in the DMZ of a
corporate firewall? The nasty box in some hotels that helps guests
surf the
On Thu, 4 Dec 2008 10:13:14 -0600
Paul Bosworth [EMAIL PROTECTED] wrote:
In my experience with a fiber to the home deployment I feel that the
trend of moving away from the stability of POTS lines for emergency
service is acceptable for most people. Most battery backups allow for
around 36
On Thu, 04 Dec 2008 11:18:42 -0800
Michael Thomas [EMAIL PROTECTED] wrote:
Joe Abley wrote:
This is straying far from network operations, but I think 911
generally engenders an unnecessary degree of hysteria. As I
suggested before, the marketing of this fear from certain quarters
has
On Mon, 1 Dec 2008 16:03:39 -0500
Lamar Owen [EMAIL PROTECTED] wrote:
On Monday 01 December 2008 13:27:30 Danny McPherson wrote:
On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.
You mean
http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/
(No, I don't know if it's real or not.)
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Tue, 04 Nov 2008 01:52:05 -0500
[EMAIL PROTECTED] wrote:
On Mon, 03 Nov 2008 22:23:07 PST, Paul Ferguson said:
I'm just wondering -- in globak scheme of security issue, is NTP
security a major issue?
The biggest problem is that you pretty much have to spoof a server
that the client
On Wed, 29 Oct 2008 16:29:40 -0700
David W. Hankins [EMAIL PROTECTED] wrote:
On Wed, Oct 29, 2008 at 06:32:31PM -0400, Steven King wrote:
Does anyone see any benefits to beginning a small deployment of
IPv6 now even if its just for internal usage?
It is almost lunacy to deploy IPv6 in a
According to
http://www.nytimes.com/external/idg/2008/10/28/28idg-10-best-feature.html
Windows 7 will have a cool feature called DirectAccess that requires
deploying IPv6 and IPsec. I know nothing more of this feature than is
in the article, but if accurate it may create a client-centric demand
On Thu, 9 Oct 2008 11:48:14 -0700
Scott Francis [EMAIL PROTECTED] wrote:
http://www.ntia.doc.gov/DNS/DNSSEC.html
vote early, vote often.
And note that you have to use the procedure in the Federal Register
notice for you comment to count.
--Steve Bellovin,
Just no self-styled hockey moms, please...
On Tue, 7 Oct 2008 14:07:04 -0400 (EDT)
Sean Donelan [EMAIL PROTECTED] wrote:
On Tue, 7 Oct 2008, [EMAIL PROTECTED] wrote:
On Tue, 07 Oct 2008 11:30:11 CDT, J. Oquendo said:
What about exceeding the minimum requirements for a change.
(I think you'll find that if somebody is actually
http://downforeveryoneorjustme.com can't resolve it, either.
On Wed, 3 Sep 2008 08:02:09 -0500 (CDT)
Joe Greco [EMAIL PROTECTED] wrote:
Steve, it is intriguing that you would make such a statement, since
you clearly believe that your own signature is sufficiently
worthwhile that you do not separate it from the main message with a
signature separator,
On Tue, 2 Sep 2008 21:40:38 -0400
Patrick W. Gilmore [EMAIL PROTECTED] wrote:
[SNIP]
Just so that I am clear on your issue here: You believe it is okay
for you to put your linkedin URL in your .sig, but Gadi must not be
allowed to put it at the top of a post?
Yes, I think that's
On Mon, 01 Sep 2008 11:08:20 -0400
[EMAIL PROTECTED] wrote:
a) There exist providers that are willing to take money from scum.
b) We won't get rid of the scum until we admit (a) is true.
I mostly agree with you -- but I get very worried about who defines
scum. Consider the following cases,
On Thu, 28 Aug 2008 10:16:16 -0500
Anton Kapela [EMAIL PROTECTED] wrote:
I thought I'd toss in a few comments, considering it's my fault that
few people are understanding this thing yet.
On Thu, Aug 28, 2008 at 2:28 PM, Gadi Evron [EMAIL PROTECTED]
wrote:
People (especially spammers)
On Wed, 27 Aug 2008 09:53:26 -0700
Kevin Oberman [EMAIL PROTECTED] wrote:
So the question I have is... will operators (ISP, etc) turn on
DNSsec checking? Or a more basic question of whether you even
_could_ turn on checking if you were so inclined?
As far as I can see, at least with
On Fri, 15 Aug 2008 09:49:38 -0400 (EDT)
Sean Donelan [EMAIL PROTECTED] wrote:
On Fri, 15 Aug 2008, Randy Bush wrote:
my read is that the 60% was an alleged 60% of attacks came from
*all* bogon space. this now seems in the low single digit
percentge. of that, the majority is from 1918
On Fri, 15 Aug 2008 08:56:27 -0700
Randy Bush [EMAIL PROTECTED] wrote:
Not sure what you mean by this, but the painful reality is that most
stuff, once deployed, gets promptly forgotten about, much the same
as you might ignore a wall wart power supply under your desk until
it started
On Thu, 14 Aug 2008 22:42:04 -0400
Jean-Fran__ois Mezei [EMAIL PROTECTED] wrote:
Pardon my ignorance here, but wouldn't it be much simpler if the so
called tier 1 networks were to do the filtering work so that none of
downstream BGP peers would see the bad announcements ?
If some network in
On Tue, 5 Aug 2008 11:48:51 -0400
Jay R. Ashworth [EMAIL PROTECTED] wrote:
On an unrelated topic: I may have discovered the
nanog@nanog.org,[EMAIL PROTECTED] problem's source:
I think it's the list.
I sent this message manually, typing in nanog@nanog.org by hand as the
To address.
The
On Tue, 29 Jul 2008 13:06:40 +0100
Stephane Bortzmeyer [EMAIL PROTECTED] wrote:
On Fri, Jul 25, 2008 at 12:36:57PM -0400,
Steven M. Bellovin [EMAIL PROTECTED] wrote
a message of 29 lines which said:
I've been talking to US Gov't folks, too. They really want DNSSEC
(and secure BGP
On Tue, 29 Jul 2008 15:56:19 +0200
Colin Alston [EMAIL PROTECTED] wrote:
DNS uses UDP.
Ahh yes of course..
Why does it use UDP? :P
In this situation, UDP uses one query packet and one reply. TCP uses 3
to set up the connection, a query, a reply, and three to tear down the
connection.
On Fri, 25 Jul 2008 12:07:40 -0400
Jared Mauch [EMAIL PROTECTED] wrote:
On Fri, Jul 25, 2008 at 11:04:59AM -0500, Jorge Amodio wrote:
So, you say that(sarcasm). I just got off a 45 minute
call where the US
Federal government is interested in how to effectively
communicate
On Thu, 24 Jul 2008 09:51:40 +0200
Robert Kisteleki [EMAIL PROTECTED] wrote:
Patrick W. Gilmore wrote:
Anyone have a foolproof way to get grandma to always put https://;
in front of www?
I understand this is a huge can of worms, but maybe it's time to
change the default behavior of
On Thu, 24 Jul 2008 09:10:13 -0500
Jorge Amodio [EMAIL PROTECTED] wrote:
Sure, I can empathize, to a certain extent. But this issue has
been known for 2+ weeks now.
Well we knew about the DNS issues since long time ago (20+yrs
perhaps?), so the issue is not new, just the exploit is
On Thu, 24 Jul 2008 15:50:15 -
Martin Hannigan [EMAIL PROTECTED] wrote:
I don't know that a failure to act immediately is indicative of
ignoring the problem. Not to defend ATT or any other provider, but
it's not as simple as rolling out a patch.
Right. What scares me is all of the
On Tue, 22 Jul 2008 08:00:51 -0500
Jorge Amodio [EMAIL PROTECTED] wrote:
It has been public for a while now. Even on the print media, there
are some articles about it on the latest Computerworld mag without
giving too much detail about how to exploit it.
ie PATCH NOW !!!
Kaminsky's blog
On Tue, 8 Jul 2008 13:48:57 -0700
Buhrmaster, Gary [EMAIL PROTECTED] wrote:
Multiple DNS implementations vulnerable to cache poisoning:
http://www.kb.cert.org/vuls/id/800113
(A widely coordinated vendor announcement. As always,
check with your vendor(s) for patch status.)
It's worth
On Tue, 01 Jul 2008 00:02:33 -0400
Jean-François Mezei [EMAIL PROTECTED] wrote:
To get a button to easily enable and disable javascript:
http://prefbar.mozdev.org/
While I do use prefbar, for dealing with Javascript I much prefer
NoScript, since that gives me per-site control.
On Tue, 17 Jun 2008 11:19:19 -0700
Joel Jaeggli [EMAIL PROTECTED] wrote:
that said the p2p client does rule out needing to select a mirror
that has free slots during a flash crowd.
As Mozilla is learning today:
On Mon, 16 Jun 2008 17:09:42 -0700
Peter Wohlers [EMAIL PROTECTED] wrote:
About 7% of the male population in the US has red-green
colorblindness, so keep that in mind.
At least in my son's case, bright colors -- like the typical red and
green cables -- are easily distinguishable. Pastels are
On Mon, 16 Jun 2008 20:32:15 -0500 (CDT)
Gadi Evron [EMAIL PROTECTED] wrote:
In one organization red was for the sensitive private network, and in
another red meant danger Will Robinson, public unsafe network. In
yet another red was for grounded power.
Right. The universal convention in
On Thu, 12 Jun 2008 22:01:03 -0400
[EMAIL PROTECTED] wrote:
On Fri, 13 Jun 2008, Randy Bush wrote:
Does anybody heard if comcast is having problems today?
lucy was having problems in eugene orygun. she diagnosed
and then gave
up and went to dinner.
randy
I have
On Thu, 29 May 2008 09:18:07 -0400
Fred Reimer [EMAIL PROTECTED] wrote:
So the only easy way to attack this is the MD5 hash. We have a know
plaintext (the IOS code) and the hash. It is not trivial to be able
to make changes in the code and maintain the same hash value, but
there has been
On Thu, 15 May 2008 13:30:52 -0400
Christopher Morrow [EMAIL PROTECTED] wrote:
Oh, how do you know you can trust the VPN folks anymore than the
cable-modem folks though? eventually the same cost issues are going to
arise for the VPN folks as did for cable-modem/dsl folks (downward
pressure
On 05 May 2008 16:07:03 +
Paul Vixie [EMAIL PROTECTED] wrote:
But yes, Joe's ISC TechNote is an excellent document, and was a big
help in figuring out how to set this up a few years ago.
and now for something completely different -- where in the interpipes
could a document like that
On Tue, 6 May 2008 01:19:36 +0700
Roland Dobbins [EMAIL PROTECTED] wrote:
On May 6, 2008, at 12:59 AM, Steven M. Bellovin wrote:
If not, what should the criteria be for an official note of the
paper?
Perhaps it's an oversimplification, but can't those who wish to
publish
On Tue, 29 Apr 2008 23:43:46 -0500
mack [EMAIL PROTECTED] wrote:
Has anyone else noticed a significant increase in latency within
Comcast's network?
On one quick test, it looks normal to me from my house.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
http://www.nytimes.com/aponline/technology/AP-Comcast-Data-Discrimination.html
http://www.nytimes.com/aponline/technology/AP-Comcast-Data-Discrimination-Tests.html
Not a lot more I can say, other than argghhh!
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Thu, 27 Sep 2007 13:59:53 -1000
Randy Bush [EMAIL PROTECTED] wrote:
The REAL problems are not going anywhere for a long time, if ever.
indeed, many will be with us for a long time. but there are a bunch
we could knock off in a few years
o dual stack backbones (and it's as much the
The subject line is amazing...
Begin forwarded message:
Date: Tue, 25 Sep 2007 14:30:02 -0400
From: IESG Secretary [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: Robert Hinden [EMAIL PROTECTED],Brian Haberman
[EMAIL PROTECTED], [EMAIL PROTECTED] Subject: WG Action:
Conclusion of IP
On Fri, 10 Aug 2007 18:42:23 +
Paul Vixie [EMAIL PROTECTED] wrote:
... is that system level (combinatorial) effects would limit
Internet routing long before moore's law could do so.
It is an easy derivative/proxy for the system level effect is all.
Bandwidth for updates (inter
On Sun, 8 Jul 2007 15:29:10 -0400
Marcus H. Sachs [EMAIL PROTECTED] wrote:
I put up a diary at the Storm Center
(http://isc.sans.org/diary.html?storyid=3112) that summarizes what we
know about the Yahoo outage on Friday. If anybody has any additional
info they want to share or comments
On Sat, 26 May 2007 00:39:19 -0400
Randy Bush [EMAIL PROTECTED] wrote:
you have something new and interesting about ipv6? if so, did you
submit?
Given the ARIN statement, I think it's time for more discussion of v6
migration, transition, and operations issues. No, I'm not volunteering;
95 matches
Mail list logo
