Re: Any ideas how long gmail cache DNS records ?

2024-08-10 Thread Suresh Ramasubramanian
Look at it this way, anywhere that has resolvers forwarding to other resolvers that forward to yet another set of resolvers before the query gets to the root servers (anywhere with a complex network and multiple layers of firewalling) will have a succession of caches that need to clear .. so mig

Re: Contact mail for Weekly Global Routing Table Report has ended up on Spamhaus HBL

2024-08-05 Thread Suresh Ramasubramanian
It has been fixed hours back, Philip. Continue as scheduled. From: NANOG on behalf of Philip Smith Date: Monday, 5 August 2024 at 2:44 PM To: Nanog Subject: Re: Contact mail for Weekly Global Routing Table Report has ended up on Spamhaus HBL Laura Smith wrote on 4/8/2024 19:42: > Just as an

Re: Contact mail for Weekly Global Routing Table Report has ended up on Spamhaus HBL

2024-08-04 Thread Suresh Ramasubramanian
I did just that a few minutes after the original email in this thread, it should have already been removed. —srs From: NANOG on behalf of John Levine Sent: Monday, August 5, 2024 9:00:01 AM To: nanog@nanog.org Subject: Re: Contact mail for Weekly Global Routin

Re: v4 and v6 BOGON list

2024-03-22 Thread Suresh Ramasubramanian
bogons.cymru.com has been around as a BGP feed for a long long time. https://www.team-cymru.com/bogon-networks From: NANOG on behalf of Gabriel Terry Date: Friday, 22 March 2024 at 3:56 PM To: nanog@nanog.org Subject: v4 and v6 BOGON list All, I was researching BOGON prefixes and found a ref

Re: So what do you think about the scuttlebutt of Musk interfering in Ukraine?

2023-09-14 Thread Suresh Ramasubramanian
I have a feeling he’s fired far too much of his legal and compliance team to realise --srs From: NANOG on behalf of Michael Thomas Sent: Thursday, September 14, 2023 6:17:17 AM To: nanog@nanog.org Subject: So what do you think about the scuttlebutt of Musk int

Re: Captive portal for suspended accounts

2023-09-11 Thread Suresh Ramasubramanian
Comcast walled garden is a good starting point to Google - there’s even an rfc This is to quarantine malicious customers rather than billing defaulters but well, much the same effect --srs From: NANOG on behalf of Steve Saner via NANOG Sent: Monday, September

Re: Historical info on how 'x.com' came to be registered

2023-07-27 Thread Suresh Ramasubramanian
December 99. Grandfathered --srs From: NANOG on behalf of Drew Weaver Sent: Thursday, July 27, 2023 6:12:43 PM To: 'nanog@nanog.org' Subject: Historical info on how 'x.com' came to be registered Does anyone have any historical information on how ‘x.com’ came

Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)

2023-04-03 Thread Suresh Ramasubramanian
It appears legit. BKA.DE is the German Bundeskriminalamt (Federal Police) And the PTR records, SPF etc check out for the domain. Might as well check the IP in question for malware if they’ve provided date / timestamps and such --srs From: NANOG on behalf of Glen A. Pearce Date: Monday, 3 A

Re: email spam

2022-08-23 Thread Suresh Ramasubramanian
, August 24, 2022 8:14:16 AM To: Suresh Ramasubramanian Cc: nanog@nanog.org Subject: Re: email spam Sorry about the bad examples, but I remember contacting both about issues with SPF multiple times. They both have seemed have to fixed things at least searching my logs for the last week. Most of

Re: email spam

2022-08-23 Thread Suresh Ramasubramanian
Without saying why the mail was blocked (dumb content filter looking for porn? a spamhaus listing because the police server was hacked? something else?) that’s not going to help too much. I’ve been spam filtering stuff at large providers since the late 90s and it never gets any easier to block

Re: Rogers Outage Canada

2022-07-09 Thread Suresh Ramasubramanian
Just leaving this (yes, satire site) link here https://www.thebeaverton.com/2022/07/rogers-proudly-announces-10-service-charge-for-unplug-and-relax-nationwide-outage/

Re: ASN in use, but no whois data?

2022-02-25 Thread Suresh Ramasubramanian
Legacy lookup here ASHandle: AS394183 OrgID: ORCL-2 ASName: OROCKLLC-USA-ASN ASNumber: 394183 RegDate:2015-07-01 Updated:2015-07-01 Source: ARIN OrgID: ORCL-2 OrgName:Orange Rock Consulting, LLC CanAllocate: Street: 3

Re: Russian aligned ASNs?

2022-02-24 Thread Suresh Ramasubramanian
There are reports of bgp hijacks and ddos targeted at Ukrainian asns watch for and mitigate those? --srs From: NANOG on behalf of Tony Wicks Sent: Friday, February 25, 2022 6:55:23 AM To: 'William Allen Simpson' Cc: 'North American Network Operators Group' Su

Re: S.Korea broadband firm sues Netflix after traffic surge

2021-10-01 Thread Suresh Ramasubramanian
Yet another peering dispute ending in litigation? From: NANOG on behalf of Sean Donelan Date: Friday, 1 October 2021 at 7:21 PM To: nanog@nanog.org Subject: S.Korea broadband firm sues Netflix after traffic surge South Korean Internet service provider SK Broadband has sued Netflix to pay for c

Re: Abuse Contact Handling

2021-08-06 Thread Suresh Ramasubramanian
actionable complaints. --srs From: Tom Beecher Sent: Friday, August 6, 2021 11:42:48 PM To: Suresh Ramasubramanian Cc: Mike Hammett ; Matt Corallo ; NANOG Subject: Re: Abuse Contact Handling If you’re complaining about having to maintain an abuse desk or

Re: Abuse Contact Handling

2021-08-06 Thread Suresh Ramasubramanian
If the way x is managing their network or (not) managing their customers means my network and my customers are affected .. route leaks? packet kiddies? phish sites? spammers? whatever. If what you’re doing or not doing affects someone else, expect complaints, possibly to your upstreams if you

Re: Spamhaus ASN-DROP list

2021-07-23 Thread Suresh Ramasubramanian
This is probably an ex afrinic stolen block? In which case it’s for afrinic to sort out and reclaim --srs From: NANOG on behalf of Siyuan Miao Sent: Friday, July 23, 2021 12:38:16 PM To: North American Network Operators' Group Subject: Spamhaus ASN-DROP list

Re: Anyone from Proof Point or Comcast on this list?

2021-04-19 Thread Suresh Ramasubramanian
comcast.com is their corporate mail domain comcast.net is their customer domain Both have entirely different mx hosts and won’t relay mail for each other. --srs From: NANOG on behalf of Matt Hoppes Sent: Monday, April 19, 2021 10:06:00 PM To: North American Ne

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

2021-02-26 Thread Suresh Ramasubramanian
OK. In your experience, which legacy system is going to misinterpret this record? The current RFC is from 2014-15 but the original idea from Mark Delany (then at Yahoo now at Apple) has been kicking around from 2006 or so. I remember contributing some text to the original draft RFC but can’t fi

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

2021-02-26 Thread Suresh Ramasubramanian
MTAs don’t care what online analysis tools tell you and setting a null MX for a domain that you don’t receive mail for will work just fine, for the reasons explained in the rfc Having no MX means the smtp connection will fall back to the A record for your domain if one exists --srs __

Re: Famous operational issues

2021-02-19 Thread Suresh Ramasubramanian
He is. He asked a perfectly relevant question based on what he saw of the physical setup in front of him. And he kept his cool when being talked down to. I’d hire him the next minute, personally speaking. From: Sabri Berisha Date: Friday, 19 February 2021 at 2:02 PM To: Suresh Ramasubramanian

Re: Famous operational issues

2021-02-18 Thread Suresh Ramasubramanian
Did you at least hire the janitor? From: NANOG on behalf of Mark Tinka Date: Friday, 19 February 2021 at 10:20 AM To: nanog@nanog.org Subject: Re: Famous operational issues On 2/19/21 00:37, Warren Kumari wrote: 5: Another one. In the early 2000s I was working for a dot-com boom company. We

Re: Vint Cerf & Interplanetary Internet

2020-10-22 Thread Suresh Ramasubramanian
; *From:* NANOG > mailto:gmail@nanog.org>> on > behalf of Rod Beck > mailto:rod.b...@unitedcablecompany.com>> >> https://www.quantamagazine.org/vint-cerfs-plan-for-building-an-internet-in-space-20201021/ > ---------

Re: Vint Cerf & Interplanetary Internet

2020-10-21 Thread Suresh Ramasubramanian
Right. This means we are going to catch a spaceship for a future nanog / have interplanetary governance federation debates with space aliens from Andromeda, and we will finally run out of v6 and ipv9 will rule the roost while there’s a substantial aftermarket + hijack scene going on for the last

Re: Consolidation of Email Platforms Bad for Email?

2020-09-07 Thread Suresh Ramasubramanian via NANOG
I don’t know. Do I miss the days of every person and their dog running a mail server on a Linux server in a basement cupboard? Huge crowds and high drama on nanae and spam-l type places You never know whether your mail is going to get through or not because of weird and wonderful notions about

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

2020-04-15 Thread Suresh Ramasubramanian
The first warning sign would be where they discuss your AUP and exceptions / corner cases to it --srs From: NANOG on behalf of Ross Tajvar Sent: Thursday, April 16, 2020 9:03:58 AM To: Rich Kulawiec Cc: North American Network Operators' Group Subject: Re: Cons

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

2020-04-13 Thread Suresh Ramasubramanian
or the other. Corporate contacts in this individual’s case, could be reports to various upstreams in some other case. --srs From: Matt Corallo Date: Tuesday, 14 April 2020 at 12:41 AM To: Suresh Ramasubramanian Cc: Tom Beecher , Kushal R. , Nanog , Rich Kulawiec Subject: Re: Constant Abuse

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

2020-04-13 Thread Suresh Ramasubramanian
RiskIQ reports phish URLs for large brands The life cycle of a typical phish campaign is in hours but I guess people can live with 24. If you handle the complaint only after two business days, that’s closing the barn door after the horse has bolted and crossed a state line. --srs __

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

2020-04-13 Thread Suresh Ramasubramanian
RiskIQ is a known good player. If there’s a stream of abuse reports maybe removing whatever customer it is might be a good idea? I am not sure why they are sending out mail to every contact they can find though. Are abuse tickets resolved in a timely manner? From: NANOG Date: Monday, 13 Apri

Re: Tell me about AS19111

2020-02-05 Thread Suresh Ramasubramanian
I do get some results from an online whois or two - https://ipinfo.io/AS19111 nbty.com is registered with Markmonitor so presumably they’re legit enough and large enough to afford brand protection. “Natures Bounty Inc” sounds like a reasonable name for a vendor of vitamins. ASNumber: 191

Re: Prominent horse racing identities (was Re: Elad Cohen)

2020-01-27 Thread Suresh Ramasubramanian
Jesus was crucified during the later years of the reign of Tiberius Hadrian on the other hand would have been loved by 45 for his dedication to building the wall --srs From: NANOG on behalf of Mark Seiden Sent: Monday, January 27, 2020 11:47 PM To: Large Hadro

Re: Anyone have contacts at Bharti Airtel?

2019-12-07 Thread Suresh Ramasubramanian
Post on sa...@sanog.org there should be some Airtel people there @anurag can you please forward to someone there --srs From: NANOG on behalf of Elmar K. Bins Sent: Saturday, December 7, 2019 3:40 PM To: Bottiger Cc: nanog@nanog.org Subject: Re: Anyone have cont

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

2019-09-06 Thread Suresh Ramasubramanian
The fact that the port authority building is also an office building with multiple other tenants? Whois contacts on a defunct domain belonging to an Australian government port authority agency that’s since been renamed don’t appear to support your hypothesis that this is another tenant of a gov

INNOG 2 cfp 7/1 to 7/4 New Delhi, India

2019-05-20 Thread Suresh Ramasubramanian
NANOG folks - I recognize that this is rather late notice for your travel schedules but if you happen to be in the region or have teams in India please do attend, or forward this. Thanks. INNOG 2: Call for papers The following is an open call for presentations for the conference and tutorial s

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread Suresh Ramasubramanian
Even among the network security community the number of people who track bgp hijacks and gather data is quite small yet such people do exist and have been active in speaking for this proposal when the same thing was discussed on the ripe anti abuse wg to an expected chorus of "we are not the int

Re: friday fun - geko outsge

2019-03-15 Thread Suresh Ramasubramanian
Was it trying to help them save on car insurance? On 16/03/19, 6:49 AM, "NANOG on behalf of Scott Weeks" wrote: I thought some here might enjoy this. -- Technician arrived onsite and found no issue with the fiber connecti

Re: FB?

2019-03-14 Thread Suresh Ramasubramanian
That's a 2010 outage that someone dug out and was doing the rounds as a new one --srs From: NANOG on behalf of cosmo Sent: Thursday, March 14, 2019 9:50 PM To: Bryan Holloway Cc: nanog@nanog.org Subject: Re: FB? Facebook pushed an update to their code that man

Re: A Zero Spam Mail System [Feedback Request]

2019-02-20 Thread Suresh Ramasubramanian
I've tried never to hand write a sendmail.cf, to be honest - I doubt even the sendmail authors recommended being that brave :). And I haven't done all that much with dmarc beyond using it. --srs From: NANOG on behalf of Brielle Bruns Sent: Thursday, February

Re: A Zero Spam Mail System [Feedback Request]

2019-02-17 Thread Suresh Ramasubramanian
... and of all those, once you solve v6 multihoming (possibly with ipv9) do come back to nanog where I'm sure it will be operational. On 18/02/19, 8:23 AM, "NANOG on behalf of Michel Py" wrote: > Viruthagiri Thirumavalavan wrote : > I solved the email spam problem. Oh, this is

Re: A Zero Spam Mail System [Feedback Request]

2019-02-17 Thread Suresh Ramasubramanian
gt; want to listen. They are like barking dogs. If one started to bark, everyone > else gets the courage to do the same thing. > > I'm tired of fighting these assholes in every mailing list. I'm on your side > morons. So how about you all knock it off? > > Six months bac

Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

2019-01-12 Thread Suresh Ramasubramanian
To the IP Other people try to sugar coat what they tell you John has never minced his words in the past two decades that I know him and that's good Yes, 50 words are more than enough to decide a bad idea is bad. You don't have to like that, or like any of us, but facts are facts --srs __

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

2019-01-11 Thread Suresh Ramasubramanian
anner? You already know from the dns. Concerned about the MTA version? You can configure postfix to claim it is exchange or avian carrier for that matter --srs From: Constantine A. Murenin Sent: Saturday, January 12, 2019 10:08 AM To: Suresh Ramasubramanian Cc:

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

2019-01-11 Thread Suresh Ramasubramanian
Most new MTA implementations over the past several years default to TLS with strong ciphers. So how much of a problem is low or no TLS right now? How much more of a problem will it be over the next year or two as older hardware is retired and new servers + software deployed, or as is more likel

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

2019-01-11 Thread Suresh Ramasubramanian
But why do you think creating an out of band verification channel and separate port is going to work for this? There is plenty of local policy available as well to mandate that tls be negotiated with a set of allowed ciphers and prohibit others —srs From: NAN

ARIN NS down?

2019-01-11 Thread Suresh Ramasubramanian
couldn't get address for 'ns1.arin.net': not found couldn't get address for 'ns2.arin.net': not found couldn't get address for 'u.arin.net': not found couldn't get address for 'ns3.arin.net': not found dig: couldn't get address for 'ns1.arin.net': no more srs@Sureshs-MacBook-Pro-2 19:56:18 <~> $ d

Re: Should ISP block child pornography?

2018-12-06 Thread Suresh Ramasubramanian
In the USA, you need to contact NCMEC - http://www.missingkids.com/home or the FBI. From: Mark Seiden Date: Friday, 7 December 2018 at 12:16 PM To: Suresh Ramasubramanian Cc: "Lotia, Pratik M" , "nanog@nanog.org" Subject: Re: Should ISP block child pornography? tha

Re: Should ISP block child pornography?

2018-12-06 Thread Suresh Ramasubramanian
https://www.interpol.int/Crime-areas/Crimes-against-children/Access-blocking From: NANOG on behalf of Mark Seiden Date: Friday, 7 December 2018 at 11:54 AM To: "Lotia, Pratik M" Cc: "nanog@nanog.org" Subject: Re: Should ISP block child pornography? where is this list of dirty domains?

Re: bloomberg on supermicro: sky is falling

2018-10-10 Thread Suresh Ramasubramanian
IVR credit card PIN entry is a thing For example - https://www.hdfcbank.com/personal/making-payments/security-measures/ivr-3d-secure On 10/10/18, 9:57 PM, "NANOG on behalf of Naslund, Steve" wrote: True and that should be mandatory but does not solve the telephone agent problem.

Re: bloomberg on supermicro: sky is falling

2018-10-10 Thread Suresh Ramasubramanian
This is common in India but then chip and pin has been mandatory for a good few years, as has 2fa (vbv / mastercard secure code) for online transactions. Waiters would earlier ask for people's pins so they could go back and enter it - back when a lot of the POS terminals were connected to POTS l

Re: SP security knowledge build up

2018-07-30 Thread Suresh Ramasubramanian
l 19: Incident Response and Management Critical Control 20: Penetration Tests and Red Team Exercises 2 Day On Campus Boot Camp at IIIT B Lab Session – General Threats Lab Session – Cryptography Boot Camp 1 Boot Camp 2 On Fri, Jul 27, 2018 at 5:39 PM Suresh Ramasubramanian wrote: > > Please star

Re: SP security knowledge build up

2018-07-27 Thread Suresh Ramasubramanian
the Limoncelli book will do very well indeed for a start. --srs From: Ramy Hashish Date: Friday, 27 July 2018 at 5:12 PM To: NANOG Mailing List , , , Suresh Ramasubramanian , Subject: Re: SP security knowledge build up Thank you guys for all your academic recommendation

Re: SP security knowledge build up

2018-07-24 Thread Suresh Ramasubramanian
mpton, Rich A" Cc: Christopher Morrow , Suresh Ramasubramanian , nanog list Subject: Re: SP security knowledge build up Thank you Christopher, Compton and Suresh, that was helpful. I am still looking for more. Does anyone want to recommend any MOOC? Thanks, Ramy On 23 Ju

Re: SP security knowledge build up

2018-07-23 Thread Suresh Ramasubramanian
The usual / canonical sysadmin book might work, there is a lot of security related material in there as well. https://www.amazon.com/Practice-System-Network-Administration-Second/dp/0321492668 And this updated for enterprise / devops and other such new fangled things https://www.amazon.com/Pr

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Suresh Ramasubramanian
? > > As I always ask, retorically, in cases like this: Where are the grownups? --- ops.li...@gmail.com wrote: From: Suresh Ramasubramanian "we are not the internet police" right? ( - So your ans

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-25 Thread Suresh Ramasubramanian
"we are not the internet police" right? ( On 26/06/18, 10:33 AM, "NANOG on behalf of Job Snijders" wrote: On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette wrote: > Without the generous support of Cogent, GTT, and Level3 this dumbass > lowlife IP address space thief would

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

2018-05-14 Thread Suresh Ramasubramanian
Seems to be a set of MUA bugs that are being overblown and hyped up. TL;DR = Don't use HTML email with some mail clients when sending pgp encrypted mail. https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html --srs On 14/05/18, 1:15 PM, "NANOG on behalf of George William Herbert"

Re: Is WHOIS going to go away?

2018-04-24 Thread Suresh Ramasubramanian
The fun problem here is that anonymity, encryption etc - everything that's good and recommended for privacy and security conscious people - gets heavily used, and early adopted, by criminals, the good ones among whom are paranoid about both these at least so they stay out of prison. If only all

Re: China Showdown Huawei vs ZTE

2018-04-20 Thread Suresh Ramasubramanian
Ah. ZTE is in a spot of trouble right about now. http://www.scmp.com/tech/article/2142557/zte-calls-us-government-ban-extremely-unfair-vows-fight-its-rights On 20/04/18, 5:58 PM, "NANOG on behalf of Colton Conor" wrote: Of the two large Chinese Vendors, which has the better network operat

Re: Courses/Trainings for NOC leaders

2018-01-09 Thread Suresh Ramasubramanian
These books. https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057 https://www.amazon.com/Practice-System-Network-Administration-Enterprise/dp/0321919165/ https://www.amazon.com/Practice-Cloud-System-Administration-Practices/dp/032194318X/ https://www.amazon.com/Time-Mana

Re: How can I obtain the abuse e-mail address for IPs from Japan?

2017-08-23 Thread Suresh Ramasubramanian
whois -h whois.nic.ad.jp IP /e --srs > On 23-Aug-2017, at 7:38 PM, Kurt Kraut wrote: > > Hello, > > > I'm having a hard time to figure out the abuse e-mail address for IPs from > Japan. Any query I perform at the WHOIS, for any IP, from any autonomoyus > system I get the same e-mail addresses

Re: AS29073, 196.16.0.0/14, Level3: Why does anyone peer with these schmucks?

2017-08-14 Thread Suresh Ramasubramanian
1. They aren’t the internet police either or so quite a few of them think 2. Hanlon’s razor --srs > On 15-Aug-2017, at 2:17 AM, Baldur Norddahl wrote: > > Why are domain registrars allowing some of those domains, which are clearly > advertising highly illegal content that will get you in jail

Re: Purchased IPv4 Woes

2017-03-19 Thread Suresh Ramasubramanian
Which one was it that demanded 2500? There's only one reasonably well known pay for whitelisting type of blocklist but I'd have thought they're a lot cheaper. --srs > On 20-Mar-2017, at 9:02 AM, Justin Wilson wrote: > > Then you have the lists which want money to be removed. I have an IP tha

Re: Someone's scraping NANOG for phishing purposes again

2017-02-10 Thread Suresh Ramasubramanian
Or a nanog member might be infected and the malware is scraping his mailbox for bogus froms. Got headers? On 10/02/17, 9:40 AM, "NANOG on behalf of Alexander Harrowell" wrote: I'm getting suspicious e-mail pretending to come from leading NANOGers. Not the first time this has happened,

Re: ticketmaster.com 403 Forbidden

2017-02-06 Thread Suresh Ramasubramanian
My guess is you have or had sometime in the long distant past a scalper operating on your network, using automated ticket purchase bots. If you still have that scalper around, you might want to turf him. If he’s ancient history, saying so might induce them to remove the block. --srs On 06/02/

Re: PlayStationNetwork blocking of CGNAT public addresses

2016-09-22 Thread Suresh Ramasubramanian
font. Personally I don’t trash abuse reports that are valid. --srs From: Tom Beecher Date: Thursday, 22 September 2016 at 7:35 PM To: Brian Rak Cc: Suresh Ramasubramanian , "nanog@nanog.org" Subject: Re: PlayStationNetwork blocking of CGNAT public addresses The for

Re: PlayStationNetwork blocking of CGNAT public addresses

2016-09-22 Thread Suresh Ramasubramanian
Considering that there are likely to be many such emails - just how much time is it going to take your abuse desk staffer to just parse out those IPs from whatever log that they send you? And how much time would processing say 50 individual emails take compared to 50 IPs in a single email? --s

One more thing to watch out for at data centers - fire drills

2016-09-17 Thread Suresh Ramasubramanian
http://motherboard.vice.com/read/a-loud-sound-just-shut-down-a-banks-data-center-for-10-hours?utm_source=bbcfb Releasing inert gas from fire suppression units that were over pressurized resulted in an extremely loud noise – causing cabinets full of hard drives to vibrate – which got transmitted

Re: Operations task management software?

2016-07-27 Thread Suresh Ramasubramanian
Been meaning to dig into this one https://www.upguard.com/blog/guardrail-tasks-a-lightweight-tracking-system-for-ops --srs > On 27-Jul-2016, at 11:46 PM, David Hubbard > wrote: > > Hi all, curious if anyone has recommendations on software that helps manage > routine duties assigned to operat

Re: Charter FYI - FW: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115)

2016-07-03 Thread Suresh Ramasubramanian
On 03/07/16, 9:05 PM, "NANOG on behalf of Suresh Ramasubramanian" wrote: > Is anyone from Jio network engineering team on this list? > I see AS55836 is originating 47.35.0.0/16 while the pool belongs to > Charter. There's even /18 slices of the pool being announced by

Charter FYI - FW: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115)

2016-07-03 Thread Suresh Ramasubramanian
From: sanog on behalf of Anurag Bhatia Date: Sunday, 3 July 2016 at 8:46 PM To: SANOG Subject: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115) Hello everyone! Is anyone from Jio network engineering team on this list? I see AS55836 is orig

Re: IPv4 Legacy assignment frustration

2016-06-21 Thread Suresh Ramasubramanian
There is absolutely no budgeting for idiots. Beyond a long hard process that is helped by internal escalations from affected people on a corporate network - ideally as senior as you can get - ot their IT staff. “Missouri isn’t in China, you nitwit. Fix it or I, the CFO, will go have a word wi

Re: Detecting Attacks

2016-06-11 Thread Suresh Ramasubramanian
Is your aim to generate attack traffic? Or rather a mix of normal and attack traffic. That's one part. Googling ddos simulator will get you lots of results you can evaluate Logging it appropriately and capturing the logs, storing them in a db is the next. --srs > On 11-Jun-2016, at 10:52 A

Re: [tld-admin-poc] Fwd: Re: .pro whois registry down?

2016-03-09 Thread Suresh Ramasubramanian
Worst comes to worst there's a python based whois client called pwhois that lets you dump whois data into json --srs > On 10-Mar-2016, at 6:50 AM, Royce Williams wrote: > > I'm not affiliated, but there are a couple of companies that normalize > whois data. It's a whackamole game, but it suc

Re: de-peering for security sake

2015-12-24 Thread Suresh Ramasubramanian
Well, at least she's here rather than sprinkling eggnog and brandy flavoured pixie dust on our gear over the Christmas break. --srs > On 25-Dec-2015, at 9:08 AM, Owen DeLong wrote: > > Yes… Isn’t it impressive just how persistent the bad idea fairy can be? > > Owen

Re: de-peering for security sake

2015-12-24 Thread Suresh Ramasubramanian
Hmm, has anyone at all kept count of the number of times such a discussion has started up in just the last year, and how many more times in the past 16 or so years? Mind you, back in say 2004, this discussion would have run to 50 or 60 emails at a bare minimum, in no time at all. --srs On 25-

Re: Google IMAP (with k9mail)

2015-10-23 Thread Suresh Ramasubramanian
Not protocols as much as less secure ssl ciphers is my guess --srs > On 23-Oct-2015, at 9:50 PM, Jay Ashworth wrote: > > - Original Message - >> From: "Christopher Morrow" > >> Incoming settings >> IMAP server: imap.gmail.com >> Port: 993 >> Security type: SSL (always) >> >> Outgoin

Re: Google IMAP

2015-10-20 Thread Suresh Ramasubramanian
Right now imap.gmail.com appears down for me from at least two local networks in India, just saying I guess that's what the original poster wanted to ask about. On Wednesday, October 21, 2015, Jason Hellenthal wrote: > $ dig @8.8.8.8 imap.gmail.com > > ; <<>> DiG 9.10.3 <<>> @8.8.8.8 imap.gmail

Re: /27 the new /24

2015-10-02 Thread Suresh Ramasubramanian
n wrote: > > On Fri, Oct 2, 2015 at 11:55 AM, Suresh Ramasubramanian > wrote: >> Besides which more than one provider filters by a minimum prefix length >> per /8 - wasn't Swisscom or someone similar doing that? So multi >> homing with even a /24 is somewhat

Re: /27 the new /24

2015-10-02 Thread Suresh Ramasubramanian
Besides which more than one provider filters by a minimum prefix length per /8 - wasn't Swisscom or someone similar doing that? So multi homing with even a /24 is somewhat patchy in terms of effectiveness --srs > On 02-Oct-2015, at 8:54 PM, William Herrin wrote: > >> On Fri, Oct 2, 2015 at

Re: Quick Update on the North American BCOP Efforts

2015-09-30 Thread Suresh Ramasubramanian
Late to the party but which best current practices were these and - as the board asked - how much of it reinvents the several other best practice wheels around? --srs > On 30-Sep-2015, at 8:47 PM, Mike Hammett wrote: > > If NANOG isn't developing and publishing BCOPs, what's the point of NANO

Re: free Tools to monitor website performance

2015-08-05 Thread Suresh Ramasubramanian
Nagios will do it at a pinch but only from one location. But if you want professional URL monitoring from across multiple locations worldwide, you need Gomez, Neustar Webmetrics etc. Not quite cheap. > On 05-Aug-2015, at 7:23 PM, sathish kumar Ippani > wrote: > > Hi All, > > Thanks to all

Re: Working with Spamhaus

2015-07-31 Thread Suresh Ramasubramanian
It's what they call a free country Those that don't use it don't use it, and those who do are free to do so --srs > On 31-Jul-2015, at 4:56 PM, Ricky Beam wrote: > >> On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer >> wrote: >> I work for Proofpoint -- we acquired SORBS back in 2011. >

Re: Working with Spamhaus

2015-07-29 Thread Suresh Ramasubramanian
Er - a couple of ways 1. If you run a farm of mail servers, something like splunk for your logs is kind of necessary. How difficult is it going to be to trigger a splunk alert on whatever looks like an administrative block? Either by a large provider, or by a DNS block list. 2. You can rsync

Re: Working with Spamhaus

2015-07-29 Thread Suresh Ramasubramanian
They come to M3AAWG on a regular basis and there’s the M3AAWG hosting SIG that you might want to participate in. NANOG doesn’t always have a mail abuse (and not very many network abuse) session on the agenda, plus just how many people doing routing or DNS seem to even care what their colleagu

Re: Route leak in Bangladesh

2015-06-30 Thread Suresh Ramasubramanian
I have sent this to a contact at another Bangladeshi ISP that should be able to reach the right person for this ASAP. > On 30-Jun-2015, at 1:57 pm, Grzegorz Janoszka wrote: > > We have just received alert from bgpmon that AS58587 Fiber @ Home Limited has > hijacked most of our (AS43996) prefix

Re: World's Fastest Internet™ in Canadaland

2015-06-26 Thread Suresh Ramasubramanian
Like Peter Lothberg's mother's home :) --srs > On 27-Jun-2015, at 12:22 am, Mikael Abrahamsson wrote: > > And yes, "fastest Internet in the world" is pure BS, gigabit ethernet access > to peoples homes have been around for years in other places

Re: World's Fastest Internet™ in Canadaland

2015-06-26 Thread Suresh Ramasubramanian
Parkinson's law of sorts? Use expanding to fill the bandwidth available One kid with a torrent downloading random stuff, streaming hd and music off the internet etc and a family of four can make decent inroads into gigabit or so I would have thought Don't even start counting say a gb here and

Re: vendor spam OTD

2015-04-27 Thread Suresh Ramasubramanian
Having seen my share of pesky vendors - though not this one .. Yeah idle speculation it is. Informed idle I hope. :) --srs > On 28-Apr-2015, at 9:00 am, Rob Seastrom wrote: > > Have you gotten a copy too, or are you just idly speculating here?

Re: vendor spam OTD

2015-04-27 Thread Suresh Ramasubramanian
Given we’re going down this “what is spam” rathole again, spam is generally defined as unsolicited BULK email As the email appears to be one to one, though a remarkably persistent one to one, I would suggest procmail, unless you know he’s harvested nanog and is sending the same offer mail merge

M3AAWG 34 in Dublin - public call for papers

2015-03-03 Thread Suresh Ramasubramanian
fyi > From: "Alec Peterson" > To: "techni...@mailman.m3aawg.org" > Date: Tue, Mar 3, 2015 11:32 PM > Subject: [Technical] M3AAWG 34 Call for Papers > > > The 34th General Meeting of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) will be held in Dublin, Ireland from June 8-11, 201

Large Ontario DC busted for hosting petabytes of child abuse material

2015-03-02 Thread Suresh Ramasubramanian
18 million dollars revenue in three months so certainly pretty large sized. Any idea which DC this is? http://motherboard.vice.com/en_ca/read/police-could-charge-a-data-center-in-the-largest-child-porn-bust-ever

Re: AOL Postmaster

2015-02-25 Thread Suresh Ramasubramanian
You think every accountant, realtor, coffee shop etc uses their own domain? On Feb 26, 2015 3:12 AM, "Bill Patterson" wrote: > That was my first response as well. But that response was frowned upon by > my customer service reps. > On Feb 25, 2015 8:56 AM, "Ken Chase" wrote: > > > Simple, one sim

Re: AOL Postmaster

2015-02-24 Thread Suresh Ramasubramanian
And how many users do you have, again? On Feb 24, 2015 6:29 PM, "Colin Johnston" wrote: > block aol like china blocks with no engagement of comms as justification > > colin > > Sent from my iPhone > > > On 24 Feb 2015, at 12:36, Rich Kulawiec wrote: > > > >> On Tue, Feb 24, 2015 at 03:19:06AM +0

Re: gmail spam help

2015-02-12 Thread Suresh Ramasubramanian
e vendors unless > they are running entirely self-contained. > > On 02/12/2015 07:04 PM, Suresh Ramasubramanian wrote: > >> >> Please. Gmail isn't ever likely to use long dead hobbyist block lists. >> >> On Feb 12, 2015 9:38 PM, "Daniel Taylor" > dtay

Re: gmail spam help

2015-02-12 Thread Suresh Ramasubramanian
Please. Gmail isn't ever likely to use long dead hobbyist block lists. On Feb 12, 2015 9:38 PM, "Daniel Taylor" wrote: > Possibly related: http://www.ahbl.org/content/changes-ahbl > > We had to manually remove it from spamassassin for our local installation, > and I am pretty sure that a lot of s

Re: Facebook outage?

2015-01-26 Thread Suresh Ramasubramanian
It is back now fwiw On Jan 27, 2015 12:18 PM, "Damien Burke" wrote: > Facebook outage? Everyone panic! > > https://twitter.com/search?q=facebook&src=typd > > -Damien >

Re: Transparent hijacking of SMTP submission...

2014-11-27 Thread Suresh Ramasubramanian
ax-...@mail.gmail.com> > , Suresh Ramasubramanian writes: > > > > Yes. Till that hotspots IP space gets blackholed by a major freemail > > because of all the nigerians and hijacked devices emitting bot traffic > > through stolen auth credentials. > > Why would it black

Re: Transparent hijacking of SMTP submission...

2014-11-27 Thread Suresh Ramasubramanian
No. He is a comcast customer. And some third party wifi access point blocked his smtp submission over TLS by setting up an asa device to inspect 587 as well. On Nov 28, 2014 6:16 AM, "William Herrin" wrote: > On Thu, Nov 27, 2014 at 2:54 PM, joel jaeggli wrote: > > I don't see this in my home ma

Re: Transparent hijacking of SMTP submission...

2014-11-27 Thread Suresh Ramasubramanian
Yes. Till that hotspots IP space gets blackholed by a major freemail because of all the nigerians and hijacked devices emitting bot traffic through stolen auth credentials. There's other ways to stop this but they take actual hard work and rather more gear than a rusted up old asa you pull out of

Re: Level3 rwhois broken

2014-11-20 Thread Suresh Ramasubramanian
f Of Jeff Walter > Sent: Thursday, November 20, 2014 2:50 PM > To: Suresh Ramasubramanian > Cc: nanog@nanog.org > Subject: Re: Level3 rwhois broken > > It's nice to see someone is using RWHOIS. Back when I wrote the RWHOIS > daemon for HE I spoke with Mark Kosters (one of t

  1   2   3   4   5   6   >