On 10/21/16 at 03:21pm, David Birdsong wrote:
> On Fri, Oct 21, 2016 at 2:58 PM, Randy Bush wrote:
> > anyone who relies on a single dns provider is just asking for stuff such
> > as this.
:-)
> I'd love to hear how others are handling the overhead of managing two dns
> providers.
in my view o
hi nikolai
- oops.. this got long based on my experiences/opinions :-)
On 07/10/16 at 09:53pm, Nikolai Petrov wrote:
> We are moving to our new offices in two months and I have access to the
> building already.
> My task is to set up the entire network for the company.
> The previous administra
hi su..
On 06/10/16 at 10:39pm, subashini hariharan wrote:
> I am Subashini, a graduate student. I am interested in doing my project in
> Network Security. I have a doubt related to it.
duh... too broad of a subject ... you'd need to be more specific about which
of the hundred's of sub categorie
hi yta
On 06/08/16 at 06:43pm, Eric Kuhnke wrote:
> openwebmail hasn't been updated since 2006...
yup.. a minor/major issue
> squirrelmail is ancient and barely maintained.
last update ( svn ) was Jun 09, 2016 ( today )
http://squirrelmail.org/download.php
if you like the "latest/greatest" sw
hi ya
On 06/08/16 at 06:06pm, Eric Kuhnke wrote:
> If you had to put up a public facing webmail interface for people to use,
> and maintain it for the foreseeable future (5-6 years), what would you use?
>
> Roundcube?
> https://roundcube.net/
- good
> Rainloop?
> http://www.rainloop.net/
- neve
hi ya chris
On 05/31/16 at 08:53pm, Ca By wrote:
> On Tuesday, May 31, 2016, Chris Costa wrote:
>
> > Looking to develop a technical library for about 15 staff members all under
> > the same roof. Subject matter would focus around Juniper/Junos, TCP/IP,
> > dwdm, python, java, and expand from
hi
On 05/12/16 at 01:21pm, Ragnar SigurĂ°sson Joensen wrote:
> Quick question. Is there anyone on this list using Corero for DDoS
> protection? If so I'd much appreciate an off-list review of it. Thanks in
> advance.
hummm ... just some generic comments when comparing "DDoS protection"
one DD
hi nanog'ers
On 03/31/16 at 10:20am, valdis.kletni...@vt.edu wrote:
> On Thu, 31 Mar 2016 10:02:05 +0200, "marcel.duregards--- via NANOG" said:
>
> > We consider port scan and brute force on ssh port as an attack, and even
...
> (For the record, our border routers drop inbound SYN on port 22 o
hi ya colin
On 12/30/15 at 09:04am, Colin Johnston wrote:
> Where does it say we need to contact home cert instead on your website ?
because cnc...@cert.org.cn asked ?
> verification of what ?
i'd want to see if it's a simple port scan by a script kidddie vs
a more serious upcoming DOS attack
hi folkx
On 12/17/15 at 10:28am, Mark Andrews wrote:
> We need to make IPv4 painful to use.
already is too crowded
> Adding delay between SYN and SYN/ACK would be one way to achieve this.
change tcp windoow size to 1 byte per packet or decrease from 1500 byte
packets, more traffic they use,
hi
On 12/10/15 at 11:07am, Joe Morgan wrote:
> These are the three e-mail addresses they have contacted me on so far.
> armada.collect...@bk.ru
> melvin.webst...@gmail.com
> luciennemcglyn...@gmail.com
Ian> messages came from a various bitmessage.ch addresses
# i wonder if they all have the sam
hi joe
On 12/08/15 at 01:24am, Joe Morgan wrote:
> We received a similar ransom e-mail yesterday
:-)
dont pay real $$$ ... pretend that it was paid and watch for
them to come get the ransom ... never give your real banking info
ask them, where do you send the "$xx,000" mastercard gift card
by
hi jean-f
On 12/08/15 at 11:46pm, Jean-Francois Mezei wrote:
> Since the OP mentioned a "ransom" demand (aka: extortion), should law
> enforcement be contacted in such cases ?
simply saying "these bozo's are attempting to extort $100 from me"
with their email demands probably will not get the la
hi erik
On 12/07/15 at 10:15pm, Erik Sundberg wrote:
> We have one of these nice new and fancy Cisco ASR920-24SZ, just realized it
> doesn't have an RJ45 Console port only USB. When we deploy devices at our pop
> we wire the console port to a terminal\console server, well that doesn't work
> f
hi ya roland
On 12/04/15 at 11:09am, Roland Dobbins wrote:
> On 4 Dec 2015, at 9:34, alvin nanog wrote:
> >all that tcpdump jibberish
>
> Is entirely unnecessary, as well as being completely impractical on a
> network of any size.
up to a point, probing around at the
hi lyndon
On 12/03/15 at 05:54pm, Lyndon Nerenberg wrote:
> On Dec 3, 2015, at 5:00 PM, alvin nanog
> wrote:
> > run tcpdump and/or etherreal to capture the DDoS attacks
>
> Of course! If we had only thought of this sooner!
> :-)
yupperz.. the problem is, capturing
hi "need help"
On 12/03/15 at 03:15am, halp us wrote:
> A company that shall remain anonymous has received a ransom DDoS note from
> a very well known group that has been in the news lately.
use an email reader that allows you to see all the received email headers
to see which STMP routers they
hi
On 11/25/15 at 05:19pm, Bob Evans wrote:
> For an ISP type service - it's almost impossible the make it up in volume
> - all you need is one phone call to cost you $10 in support on a $3.50
> service. With that many customers you can imagine how many call to just
> ask what happened or vent af
On 11/09/15 at 05:35pm, Josh Luthman wrote:
> You can't get SFP+ PCI cards anyways. I don't think you can very easily
> get boards with PCI on them, either.
lots of vendors w/ PCIe 10gigE cards w/ copper or SFP+ interface ..
very few ( almost none ) for explicitly PCI w/ 10gigE and more import
hi lorell
On 11/09/15 at 03:27pm, Lorell Hathcock wrote:
> Esteemed Legions of NANOG:
> ...
> Here is the link to their recommendations.
> http://www.ookla.com/support/a26461638/
...
> In the mean time I will just test 1 Gbps speeds off a copper GE port, but
> want the SFP+ capability so I don't
hi eric
On 11/05/15 at 04:48pm, Eric Dugas wrote:
...
> Linux test machine in customer's VRF <-> SRX100 <-> Carrier CPE (Cisco
> 2960G) <-> Carrier's MPLS network <-> NNI - MX80 <-> Our MPLS network <->
> Terminating edge - MX80 <-> Distribution switch - EX3300 <-> Linux test
> machine in custome
hi matthias
On 10/01/15 at 03:41pm, Matthias Flittner wrote:
> Dear colleagues,
>
> Currently we are looking for a magic tool with which it is possible to
> generate specific (realistic) traffic patterns between client and server
> to analyze (monitor) traffic characteristics (jitter, delay, int
On 09/28/15 at 12:56am, Larry Sheldon wrote:
> On 9/28/2015 00:24, Christopher Morrow wrote:
> >On Mon, Sep 28, 2015 at 12:42 AM, wrote:
...
> >Are telling me Eric Estrada won't have a loadbalancer deployed for
> >this super critical resource?
both eric and his buddy was distracted by the blond
On 09/27/15 at 09:21pm, Joe Hamelin wrote:
> It is late Sunday night. When would you do maintenance?
even if one was doing maintenance, there is no reason not
to have at least 1 el-cheapo server replying that it's
under maintenance vs being suspect of other reasons of it
being down
there's got
hi martin
On 09/23/15 at 07:07pm, Martin T wrote:
> volume-based DDoS attacks should often result with following bandwidth graphs:
>
> http://s12.postimg.org/gy3eps10t/volume_based_DDo_S_graph.png
>
>
> This is a fabricated bps graph for 100GigE port facing an uplink
when you say "fabricated"
On 09/19/15 at 02:54pm, Frank Bulk wrote:
> Could the community share some DDoS auto-mitigation best practices for
> eyeball networks, where the target is a residential broadband subscriber?
o kie dough kie
> I'm not asking so much about the customer communication as much as
> configuration of an
hi andrei
On 09/18/15 at 11:50am, Florin Andrei wrote:
> I'm seeing 250 ms between California and Oregon. Not just AWS, but also
> between, say, Comcast and AWS.
>
> Latency from other locations, such as between N. Virginia and Oregon, is
> much lower, about 72 ms in my tests.
>
> Anyone else e
hi
On 09/17/15 at 12:33am, Joe Abley wrote:
...
> I'm particularly interested in zone data that describes the build out of the
> original root zone NS set to nine servers in mid-1994, the renaming under
> the ROOT-SERVERS.NET domain and the subsequent assignment of J, K, L and M.
wouldn't that i
Sun, Sep 6, 2015 at 6:22 AM, alvin nanog
> wrote:
> >
> > hi aluisio
> >
> > On 09/06/15 at 02:01am, Aluisio da Silva wrote:
> >> Hello,
> >>
> >> Does anyone here have a suggestion for a tool to replace Peakflow CP from
> >> Arbor Netw
hi aluisio
On 09/06/15 at 02:01am, Aluisio da Silva wrote:
> Hello,
>
> Does anyone here have a suggestion for a tool to replace Peakflow CP from
> Arbor Networks?
# for reference
http://www.arbornetworks.com/products
> Please if possible you would like hear some suggestions.
- sflow based
h
hi valdis
On 09/04/15 at 06:59pm, valdis.kletni...@vt.edu wrote:
>
> Does anybody have a citation that legal disclaimers attached to
> publicly posted mail aren't null and void? Seems to me that
> what they're trying to say is "Sorry, we're too lame to use
> PGP or similar on actually sensitive
have your own mitigation SW? If
> so I would like to know more about it.
you can download the free version for testing ..
http://DDoS-Mitigator.net/Download
> On Wed, Aug 26, 2015 at 8:53 PM, alvin nanog
> wrote:
...
> for your "reviewing" or collecing info fr
hi ramy
On 08/26/15 at 12:54pm, Aftab Siddiqui wrote:
>
> > Anybody here has experienced a PoC for any anti DDoS appliance, or already
> > using a anti DDoS appliance in production and able to share his user
> > experience/review?
> >
>
> only interested in appliance? why not scrubbing services
hi
> On Mon, Aug 17, 2015 at 10:16 AM, Ramy Hashish
> wrote:
>
> We are planning to implement a multi-tenant FW/UTM and start providing
> security as a service, I would like to hear if anybody had experience on
that'd be a good thing ... but ...
> this, and if there are any recommendations f
hi ya martin
On 08/16/15 at 07:57pm, Martin Hannigan wrote:
> On Sun, Aug 16, 2015 at 3:22 PM, Chris Boyd wrote:
>
> > There seems to be some traction, with 268 members on the NADCOG list so
> > far.
good
> Great! It's a little more complicated than list member count. Consider a
> social medi
hi ramy
On 08/12/15 at 05:28pm, Ramy Hashish wrote:
>
> Anybody here compared Wanguard's performance with the DDoS vendors in the
> market (Arbor, Radware, NSFocus, A10, RioRey, Staminus, F5 ..)?
wouldn't the above "comparison" be kinda funky comparing software solutions
with hardware appli
hi nanog
On 08/11/15 at 04:46pm, Alex Brooks wrote:
> With the lack of interest compared to NANOG (especially seeing how the
> old list simply dried up) it might be best making the list global
> rather than North America only to get the traffic levels up a bit.
there used to be an active "isp-xx
hi ya
> >> On Tue, Aug 4, 2015 at 11:29 AM, Scott Helms wrote:
> >> > With the (large) caveat that heterogenous networks are more subject to
> >> > human error in many cases.
> >>
> >> automate!
> >>
...
On 08/04/15 at 12:21pm, Christopher Morrow wrote:
> On Tue, Aug 4, 2015 at 11:46 AM, Scott
hi mr bugs :-)
On 08/03/15 at 05:38pm, Mr Bugs wrote:
> The WiFi jammers have an interesting MO. They don't throw up static on the
> frequency, that would also block their own wifi. They spoof
> de-authentication packets. I've been looking for a way to detect this kind
> of jamming because my WiF
hi ethan
On 08/03/15 at 10:58am, Ethan wrote:
>
> Getting bandwidth into the events is a pain. Huge venues are meant for large
> corporate events not lower budget cons and festivals. Venue pricing I
> believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One
> year I rememeber
ps
come knocking, the ddos attackers are in deeep kah kah, thus requiring
prior legal paperwork of all those directly and indirectly involved
have fun
alvin
On 07/30/15 at 03:05am, Roland Dobbins wrote:
> On 30 Jul 2015, at 2:38, alvin nanog wrote:
>
> >there is no need to pay people
hi roland
On 07/29/15 at 05:47am, Roland Dobbins wrote:
>
> On 29 Jul 2015, at 5:19, alvin nanog wrote:
>
> >as previously noted by others, legit corp will ask you for lots of
> >legal paperwork for their "get out of jail card" for DDoS'ing your
> >
hi
On 07/29/15 at 10:59am, Curtis Maurand wrote:
> Seriously nice solutions...both of them.
..
> >-Original Message-
> >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Colton Conor
> >Sent: Wednesday, July 29, 2015 8:27 AM
> >To: NANOG ; Scott Helms
> >Subject: DOCSIS CMTS Sy
hi dovid
On 07/28/15 at 02:31pm, Dovid Bender wrote:
> We are looking for a company that can launch a DDOS attack against the
> solutions we are testing. I don't want a proof of concept from the company
> that will be offering DDOS protection since they can simulate an easy
> attack and then miti
hi pavel
On 07/28/15 at 12:02am, Pavel Odintsov wrote:
> It's poor man's traffic generator :)
that's the best kind :-)
as long as it gets the job done and you get to control what it does
> My test lab is i7 2600 with 2 port Intel X520 10GE and Intel Xeon E5
> 2604 witj 2 port Intel X520 10GE.
hi dovid
On 07/27/15 at 11:32am, Dovid Bender wrote:
> We are looking into a few different DDOS solutions for a client. We need a
> LEGITIMATE company that can simulate some DDOS attacks (the generic +
> specific to the clients business). Anyone have any recommendations?
i've compiled a fairly c
46 matches
Mail list logo