Peace,
Following up on the today's massive partial network outage, here's the
analysis of what actually happened with the AS203's hijack, which is
the first one for the newly founded Lumen Technologies.
https://blog.qrator.net/en/lumen-aka-centurylink-generating-routing-incidents_101/
--
Töma
Peace,
On Thu, Oct 22, 2020 at 4:11 AM Töma Gavrichenkov wrote:
> Following up on the today's massive partial network outage, here's the
> analysis of what actually happened with the AS203's hijack, which is
> the first one for the newly founded Lumen Technologies.
>
&
Peace,
On Wed, Dec 16, 2020, 11:50 PM Eric Kuhnke wrote:
> In the traditional sense, by "showpiece NOC" I mean a room designed for
> the purpose of having large situational awareness displays on a wall,
> network weathermaps and charts, alerting systems, composed of four or more
> big flat panel
Peace,
On Thu, Dec 17, 2020, 12:21 AM Lady Benjamin PD Cannon wrote:
> We are still operating ours - 27 1080P projectors - but with a skeleton
> crew of just 3. Given the air volume, it’s almost like outside.
>
A devil advocate here,
First of all, COVID-19 is really serious.
With that in min
Peace,
On Thu, Dec 17, 2020, 1:50 AM Matt Erculiani wrote:
> I'm sure when the automation is perfect and widespread to the point that
> it catches and alerts on every network event, the monitoring rooms will
> disappear.
>
Which is never, but:
With a proper RCA after each incident, not blaming
Peace,
On Fri, Jan 8, 2021 at 3:28 AM Yang Yu wrote:
> How often does your hosted CDN cache get DDoS'ed? I am curious how
> these get handled (especially when it would cause upstream/backbone
> congestion). Is this treated differently than DDoS to customers?
I'm assuming you're speaking about IP
Peace,
On Sun, Jan 10, 2021 at 8:38 PM William Herrin wrote:
> providers like Amazon tend to make it inconvenient approaching
> impossible to build cross-platform services. I kinda wonder what a
> cloud services product would look like that was actively trying to
> facilitate cross-platform const
Peace,
On Sun, Jan 10, 2021 at 9:09 PM Michael Thomas wrote:
> Yes, it's been obvious to anybody who's only paying even a little
> attention that AWS is trying to be build a walled garden.
In my experience, moving off Amazon services isn't that much of a
trouble, especially if compared to moving
Peace,
On Sun, Jan 10, 2021 at 9:18 PM Michael Thomas wrote:
> At my previous job, I built a tool which could spin up a server farm
> given a platform agnostic design spec from a list of vendors as well as
> pricing it out. It was really more of a prototype since it only
> supported Chef on the s
Peace,
On Sun, Jan 10, 2021 at 9:22 PM William Herrin wrote:
> Are you sure about that? Consider your database. Suppose you want to
> run your primary database in AWS with a standby replica in Azure. As
> long as you install your own database software in both, you can do
> that. But if you want t
Peace,
On Thu, Jan 21, 2021, 8:17 PM Jean St-Laurent via NANOG
wrote:
>
> https://krebsonsecurity.com/2021/01/ddos-guard-to-forfeit-internet-space-occupied-by-parler/
>
A disclaimer:
- Standing for the sanity of the Internet routing;
- Assuming (quite reliably) actual policy violation;
- Assumi
Peace,
On Thu, Jan 21, 2021, 9:29 PM Tom Beecher wrote:
> am I the only one to believe that (given that LACNIC had allocated an IP
>> block to a company that doesn't conform to the LACNIC policies) what we
>> urgently need to see next is the complete audit of the LACNIC operations,
>> so that t
Peace,
On Thu, Jan 21, 2021, 9:57 PM Tom Beecher wrote:
> fraudulent business records are used all over the world for things like
> this all the time. Calling for a complete audit of LACNIC feels quite
> extreme absent a pattern of issues, which doesn't seem to have been
> presented.
>
Listen,
Peace,
On Thu, Jan 21, 2021, 10:20 PM Fredrik Holmqvist / I2B
wrote:
> Just a question "this one hosted a Web site for a terrorist
> organization", which terrorist organizations web site did they host ?
>
"Hamas", until November. That was discussed before on the mailing list.
--
Töma
>
Peace,
On Fri, Jan 22, 2021, 12:27 PM JORDI PALET MARTINEZ via NANOG:
> The numbering resources under the stewardship of LACNIC must be
> distributed among organizations legally constituted within its service
> region [COBERTURA] and mainly *serving networks and services operating in
> this regio
Peace,
On Fri, Jan 22, 2021, 3:24 PM Masataka Ohta <
mo...@necom830.hpcl.titech.ac.jp> wrote:
> JORDI PALET MARTINEZ via NANOG wrote:
> My proposal added the clarification that "majority" is understood as
> "over 50%".
>
> And the proposal is denied to be unreasonable by Toma and, more
> aggress
Peace,
On Mon, Feb 8, 2021 at 2:48 PM Mike Hammett wrote:
> I got an e-mail explaining why I was getting DDoSed. Is that aspect common?
Not quite. But it happens sometimes.
> Is it safe to assume that they completely anonymized the email they sent to
> me?
Likely, but not necessarily. Look
Peace
On Fri, Feb 26, 2021, 3:06 PM Rod Beck
wrote:
> My understanding is that there are three London Interxion data centers (I
> thought Equinix was the Borg and had assimilated pretty everything at this
> point).
>
> Trying to get the address where the facility where the London Metal
> Exchang
Peace,
On Fri, Feb 26, 2021, 10:05 PM Matthew Petach wrote:
> Aren't they (LME) in Savvis, though?
>>
> That was certainly true in 2003, at least
>
Maybe it's still true today.
tax.select.prd.lmexgw.com.
*A*213.86.73.66
inetnum: 213.86.73.0 - 213.86.73.255
netname: NET-GB-LME
descr: LME Sa
Peace,
On Thu, Mar 11, 2021 at 1:10 AM Sabri Berisha wrote:
> And because, for once, the French were not on strike, I donated $10 to the
> American Red Cross.
I believe the American Red Cross has long given up even trying to
figure out who donates them how much and why.
--
Töma
Peace,
On Thu, Apr 1, 2021, 6:09 PM wrote:
> That was a lot of traffic coming out of akamai aanp clusters the last
> couple nights! What was it?
>
"Call of Duty" update again, obviously.
https://www.eurogamer.net/articles/2021-03-29-this-weeks-call-of-duty-warzone-update-is-over-50gb
--
Töma
Peace,
On Thu, Apr 1, 2021, 11:16 PM Tom Beecher wrote:
> Akamai, and other CDNs, do not **generate** traffic ; they serve the
> requests generated by users.
>
L3/4-wise, this is true. Application-wise, this is quite the other way
around.
--
Töma
>
Peace,
Is there anyone around from the Cloudflare peering team, or anyone who
knows the right people? We've got a peering request that seems to be
stalled.
--
Töma
Peace,
On Fri, May 28, 2021, 7:33 PM Jun Tanaka wrote:
> you can find a contact at this site.
> https://www.cloudflare.com/peering-policy/
Yeah, that was my initial point of contact... half a year ago...
--
Töma
Peace,
On Mon, Jan 6, 2020, 9:27 PM Octolus Development wrote:
> We're facing some reflected DDoS attacks, where the source address is
> spoofed to appear to be our IPs, and as a result getting blacklisted.
> Sony's support has told us to "change IPs"
>
Wait, are they blacklisting spoofed IP(v4
Peace,
On Tue, Jan 7, 2020, 9:10 PM Hugo Slabbert wrote:
> And you're sure that you are the reflection target not the reflection
> vector?
>
Well, in almost any* case blacklisting reflection vectors by IP is an
insanely bad practice.
* — I can *think* of a use case when this could be an approp
Peace,
On Tue, Jan 7, 2020 at 9:10 PM Hugo Slabbert wrote:
> And you're sure that you are the reflection target not the reflection vector?
NB: I have just checked the IP addresses the OP has provided me with
(offlist) against our database of known reflection sources, and I
confirm that none of t
Peace,
Hey, your website says you're the developer of OctoVPN which is a VPN
solution.
*This* might be effectively the reason of blocking, not a DDoS. Gaming and
streaming services typically discourage VPN traffic because a) VPNs help to
circumvent regional restrictions, b) miscreants use VPNs t
This is the deadliest IPv6 packet structure infographics I've ever seen in
my life.
https://noia.network/assets/concept-basics.jpg
On Thu, Jan 9, 2020, 7:29 PM Aistis Zenkevičius wrote:
> So, a bit like this then: https://noia.network/technology
>
> -Aistis
>
>
> -Original Message-
> Fr
;-- here
>
> ^_^
>
>
> On Thu, Jan 9, 2020 at 12:07 PM Töma Gavrichenkov
> wrote:
>
>> This is the deadliest IPv6 packet structure infographics I've ever seen
>> in my life.
>>
>> https://noia.network/assets/concept-basics.jpg
>>
>>
I'm attaching the original pic in case they will replace it.
The true knowledge would then be preserved!
On Thu, Jan 9, 2020, 11:05 PM Töma Gavrichenkov wrote:
> This is the deadliest IPv6 packet structure infographics I've ever seen in
> my life.
>
> https://noia.
Peace,
On Tue, Jan 14, 2020, 10:22 PM Lumin Shi wrote:
> With our preliminary survey so far, DDoS mitigation approaches in the real
> world include 1) DDoS mitigation service providers (e.g., Akamai,
> Cloudflare), 2) Remotely-Triggered Black Hole (RTBH), 3) BGP FlowSpec, and
> 4) direct contact
Peace,
On Wed, Jan 15, 2020, 2:35 AM Lumin Shi wrote:
> Thank you for the feedback (that is a good point)!
>
> In our study, we lump both cloud/anycast-based and customer-premise
> mitigation solutions together as solutions from DDoS mitigation service
> providers.
> And we believe if you are we
Peace,
On Thu, Jan 23, 2020 at 8:58 PM Kevin McCormick wrote:
> Just found the size of the updates, 48 GB on PC, 13 GB on PS4, and 18 GB
> on Xbox One.
>
Whoa.
We used to rack our brains with P2P protocols in the past in order to
server just 1/20th of that. It's been a long decade indeed.
--
On Fri, Jan 24, 2020, 1:45 PM Simon Leinen wrote:
> For your amusement, this latest e-bloodbath, erm -sports update, at 48GB
> ("PC" version), would take about 463 days (~15 months) to complete at
> 9600 bps (not counting overhead like packet headers etc.)
>
And now for our amusement Akamai can
Peace,
On Tue, Jan 28, 2020, 3:43 AM Ben Cannon wrote:
> Transit carriers could work the flows backwards.
>
And if the stars align, some of them might even do that for you once even
though you are not their direct customer.
Next you're going to convince them to talk to the (probably abuse
resi
Peace,
On Tue, Jan 28, 2020, 4:02 AM Damian Menscher via NANOG
wrote:
> The victim already posted the signature to this thread:
> - source IP: 51.81.119.7
> - protocol: 6 (tcp)
> - tcp_flags: 2 (syn)
>
> That alone is sufficient for Level3/CenturyLink/etc to identify the source
> of this a
Peace,
On Tue, Jan 28, 2020, 4:32 AM Damian Menscher wrote:
> On Mon, Jan 27, 2020 at 5:10 PM Töma Gavrichenkov
> wrote:
>
>> If this endpoint doesn't connect to anything outside of their network,
>> then yes.
>> If it does though, the design of the filt
Peace,
On Tue, Jan 28, 2020, 4:42 AM Töma Gavrichenkov wrote:
> As for the detection of the real source, everything is technically
> possible but you need certain bargaining power which a medium-sized (at
> best) VPN service probably doesn't have.
>
...because if they *did
Peace,
On Tue, Jan 28, 2020, 4:49 AM Damian Menscher wrote:
> They don't need to filter by destination. Once a problem customer has
> been identified, they can apply an ACL restricting them to only originate
> IPs they own.
>
> [..]
>
there are ways around that, including public shaming (here)
FYI
https://nvd.nist.gov/vuln/detail/CVE-2020-2100
A nice description: https://mobile.twitter.com/Foone/status/1223063275996213248
May you live in interesting times.
Do not postpone a software update if Jenkins is deployed somewhere in
your network.
--
Töma
Peace,
On Wed, Feb 19, 2020 at 7:49 AM Daniel Sterling
wrote:
> May I naively ask if Google staff have considered scrapping using UDP
> and instead proposing a new, first-class transport protocol that OSes
> can implement on top of IP?
The IETF WG did, at some point. The opinion overall I thin
Peace,
nanog-ow...@nanog.org
On Wed, Feb 19, 2020 at 12:51 PM Dave Bell wrote:
> Is anyone else receiving this spam?
Yes
> Is there a better way to report this?
nanog-ow...@nanog.org (CC'd) helped me in the past.
--
Töma
Peace,
On Fri, Feb 21, 2020, 1:18 AM Octolus Development wrote:
> OVH are threatening to kick us off their network, because we are victims
> of this attack.
>
Most of the hosting companies will do that to you because you're causing
degradation of service quality for other customers. Especially
Help saving precious resources by unsubscribing from the NANOG mailing
list, or I will have to report the abuse.
On Fri, Feb 21, 2020, 1:39 AM Electric Forest Festival <
i...@electricforestfestival.com> wrote:
>
> *Electric Forest 2020 will take place on June 25-28, 2020.*
>
> Forest HQ has recei
Peace,
On Fri, Feb 21, 2020, 1:57 AM Filip Hruska wrote:
> [..] OVH has been offering DDOS protection capable of soaking up hundreds
> of gigabits+ per second as a standard with all their services for a long
> time
>
They only do it for common trivial vectors like UDP-based amplification —
and o
Peace,
On Thu, Sep 19, 2019 at 12:54 AM Ronald F. Guilmette
wrote:
> Those were all helpfully routed, until quite recently, to Mr. Cohen
The person with exactly the same name now runs for the RIPE NCC
Executive Board membership.
https://www.ripe.net/participate/meetings/gm/meetings/may-2020/con
Peace,
On Tue, Apr 21, 2020 at 3:57 PM Hank Nussbacher wrote:
> Did anyone notice a huge jump in traffic today between 11:30-11:40 (GMT)
> directed at Google and Akamai caches coming from Amazon and Google?
> Gaming updates?
There's sort of a reason these days to subscribe to the Steam and
Activ
Peace,
On Wed, Apr 22, 2020, 12:45 AM Randy Bush wrote:
> sad. http://nanog.org used to be the brilliant example of a fully
> featured web site sans javascript, flash, ...
>
That was long ago now. It was using Cvent for everything meeting-related
for 3 years already, and Cvent doesn't feel go
Peace,
On Wed, May 13, 2020, 8:33 PM Elad Cohen wrote:
> You clearly didn't understand how IPv4+ works.
>
That's because it doesn't work!
Just like the rest of your "solutions", as a matter of fact.
--
Töma
>
Peace,
On Wed, May 13, 2020, 10:07 PM Elad Cohen wrote:
> "As a matter of fact" - if you created an implementation please send me
> the sourcecode.
>
Wait, so you're coming up publicly with a proposal you don't even have a
reference implementation for?!
Oh, my.
--
Töma
>
Peace,
On Wed, May 13, 2020, 10:27 PM Elad Cohen wrote:
> So you didn't even test the implementation and didn't create it - so why
> you are writing "As a matter of fact". Which fact ? any evidence ?
>
No, Elad. It is *you* who needs to prove that your concept works. Unless
you do it, it is
Peace,
On Wed, May 13, 2020 at 10:43 PM Elad Cohen wrote:
> For you nothing will work.
Is it a personal attack?
IPv6 is working good for me so far ;-)
--
Töma
Peace,
On Thu, May 14, 2020 at 12:18 AM Denys Fedoryshchenko
wrote:
> On 2020-05-13 22:53, Töma Gavrichenkov wrote:
> > On Wed, May 13, 2020 at 10:43 PM Elad Cohen wrote:
> > > For you nothing will work.
> >
> > IPv6 is working good for me so far ;-)
>
>
Peace,
> On Wed, May 13, 2020 at 11:01 PM Shane Ronan wrote:
>> On Wed, May 13, 2020, 3:48 PM Elad Cohen wrote:
>>> From: Töma Gavrichenkov
>>> No, Elad. It is *you* who needs to prove that your concept works.
>>
>> For you nothing will work.
>
>
Peace,
On Thu, May 14, 2020 at 12:48 AM Elad Cohen wrote:
> "forgive and forget."
> Thank you for your vote.
Well, when I forget anything that doesn't make sense about your
proposals, there's nothing left to think of!
Ergo, not at all, because I'm clearly not voting for you :-)
--
Töma
Peace,
On Thu, May 14, 2020 at 12:53 AM Elad Cohen wrote:
> Who you are voting?
Who me what?.. Alright,
At this point, given that I've reviewed all of your proposals — some
of those lengthy reviews were sent to members-discuss at ripe dot net
before (though it has never been the right place ei
Peace,
On Thu, May 14, 2020 at 2:04 AM Elad Cohen wrote:
> [..] for example if spoofed DDoS amplification attacks are
> causing yearly damages of $100M per year in the world
> and these EOL equipment cost $50M in the world, it
> might be worth to replace them)
What's your degree in economics? I
Peace,
On Thu, May 14, 2020 at 2:14 AM Elad Cohen wrote:
> A degree in economics is not needed [..]
Which is the common thing to say by the ones who don't have it.
I think, dixi.
--
Töma
Peace,
On Fri, May 15, 2020, 12:25 PM Terrence Koeman via NANOG
wrote:
> FYI, the voting results for the three positions on the RIPE exec board
> were just announced and Elad was NOT elected.
>
A funny moment: Raymond Jetten was elected to the board, and he's the RIPE
IPv6 working group chair.
Thank you Roland for letting us know,
I have no words. I must say I honestly can't believe these news but I
should.
Throughout all those virtual meetings I was hoping one day we'll talk about
things important for both of us once again. He was a leader. An
inspiration.
Wish his family stays st
Peace,
On Thu, Jul 30, 2020, 5:48 AM Clinton Work wrote:
> We saw a bunch of our IP blocks hijacked by AS10990 from 19:15 MDT until
> 20:23 MDT. Anybody else have problems with that.
>
Here's what we discovered about the incident. Hope that brings some
clarity.
https://radar.qrator.net/blog
Peace,
On Thu, Jul 30, 2020, 8:09 PM Patrick Schultz
wrote:
> so, bgp optimizers... again?
>
Looks so. Upstream filters are also to blame, though, but BGP optimization
is the root of all evil.
--
Töma
>
Peace,
On Tue, Aug 25, 2020, 2:14 PM Douglas Fischer
> I can think of a genuine use of it.
>
I'm curious which one.
With Berkeley sockets there's technically no way to bind(2) to this port
without some amount of kernel patching applied, and the system cannot
allocate it by itself, either.
--
T
Peace,
On Tue, Aug 25, 2020, 3:14 PM Jon Lewis wrote:
> When an application sends more data via UDP than can be fit in a single
> packet, only the first packet has a UDP header [where the port info is
> stored]. The rest of the fragments have no UDP header, which most things
> will report as UD
Peace,
On Tue, Aug 25, 2020, 3:43 PM Pim van Stam wrote:
> I think in general you can say that problems with UDP port 0 are in fact
> fragments. Ohter opinions on this?
>
Either that, or dumb DDoS packet generators.
--
Töma
>
Peace,
On Sun, Aug 30, 2020, 6:02 PM Ross Tajvar wrote:
> Other than lack of options, why would anyone use them?
>
Connectivity and latency (of Level3 which was acquired).
--
Töma
>
Peace,
On Mon, Aug 31, 2020, 4:42 PM Mike Bolitho wrote:
> Maybe we should start an "Uptime mailing list" ha!
>
We already have outages@ which is a Boolean negation of what you're
proposing but works just the same :-)
--
Töma
>
Peacez
On Tue, Sep 15, 2020, 12:26 AM Andrey Khomyakov
wrote:
> TL;DR I suspect there are middle boxes that don't like IPs ending in .255.
> Anyone seen that?
>
Also .0 and .1.
Yes, there was some kind of a strange behavior with those addresses
before. We excluded those from rotation back in
Peace,
An undisclosed (or, even, yet undiscovered by the vendor)
vulnerability in SOHO Mikrotik routers seems to be exploited by
someone.
Approx. 328 thousand devices already joined the botnet, with each
having unrestricted access to the uplink (up to 1 Gbps). 42,6% of
exploited devices reside in
Peace,
On Thu, Sep 9, 2021 at 7:57 PM Brandon Svec via NANOG wrote:
> Oof. I wonder if there is any connection to their DDNS service outage a
> couple days ago?
> https://forum.mikrotik.com/viewtopic.php?t=178256
No, hardly any. That one seems to be just a DNS abuse
reporting/delegation issue
Peace,
On Mon, Oct 4, 2021, 10:17 PM Jean St-Laurent via NANOG
wrote:
> Maybe the key to solve this issue is in an email sent to
> some_very_important_t...@facebook.com
Yeah except MX records on facebook dot com aren't working either
--
Töma
Peace,
On Fri, Jan 7, 2022 at 8:42 PM Mike Hale wrote:
> The abuse email sends an auto-responder that tells you to use the web form.
> The web form is centered around their web hosting business; I figured
> I'd try general, but you can't submit it without punching in a URL
> that is hosted by Clo
Peace,
On Thu, Jan 27, 2022, 4:38 PM Smahena Amakran
wrote:
> For my studies, I am researching IPv6 adoption.
>
For your consideration, there's one thing that's always overlooked.
E.g. I've been talking once to a big employee of a large content provider,
and that person told me they don't enab
Peace,
On Mon, Jan 31, 2022, 11:01 PM Jay Hennigan wrote:
> On 1/30/22 17:06, Töma Gavrichenkov wrote:
> > IPv6 is now cheap as chips. It's very dirty therefore. All kinds of
> > bots, spammers, password brute force programs live in there, and it's
> > signif
Hi NANOG,
Here's an issue raised today:
https://security.stackexchange.com/questions/207895/how-does-comcast-know-my-wifi-password
Apparently there's a concern with customers that their seemingly
private passphrases, entered in their own boxes, are being shared with
the upstream ISP without an ex
On Wed, Apr 24, 2019 at 3:07 AM Seth Mattinen wrote:
> Don't use the built in wifi AP on a cable modem combo would be my first
> reaction.
Totally correct, but that's what s/he claims to have already taken care of!
--
Töma
On Wed, Apr 24, 2019 at 3:27 PM Matt Hoppes
wrote:
> If you’re really running something that requires that kind
> of security you may want to get your own wireless access point.
Like I said: the OP claims that's what s/he did.
--
Töma
On Thu, Apr 25, 2019, 3:06 AM William Herrin wrote:
> Risk is threat times vulnerability times impact. No impact, no risk. For
> example, if the credentials for my grocery store loyalty card are
> compromised, I do not actually care. It has no impact.
>
A fun fact: my employer has a product whic
On Thu, Apr 25, 2019, 3:57 PM Mike Bolitho wrote:
> Grandma Smith calls in because she changed her WPA2 password two years
> ago. Her grandson just bought her a new iPad and she can't connect. Tier I
> support says "I have your 'WiFi password' right here. It's hunter22." The
> call take 45 second
On Thu, Apr 25, 2019, 9:51 PM Valdis Klētnieks
wrote:
> This assumes that the customer has a spare CAT-5 cable and knows how to
> use it.
>
This is assuming that no customer's device has an access to the same
network, in which case you just happily reset the password or even the
device as a whol
Peace,
On Thu, Apr 25, 2019, 4:53 PM Stephen Satchell wrote:
> > not only does someone have to 'hack' the database,
> > they also need to drive up to your house and sit in your driveway to get
> > free Internet.
>
> Sounds like you live in a single-family home, in a low-density
> neighborhood.
On Fri, Apr 26, 2019, 9:31 PM Rich Kulawiec wrote:
> Also, given that this is a public mailing list, lots of people who didn't
> know the target existed last week could certainly know it now.
>
Yup, the dependency on an obscurity was inadvertently broken here. Sorry
for that.
Hope no one was re
On Sat, May 4, 2019, 3:37 PM Randy Bush wrote:
> to do it, i have to start ffox. and 100 tabs will open and
> javascript will flood in.
>
Disconnect from the network, start Firefox while offline, then KILL IT WITH
FIRE^W SIGKILL.
After that, Firefox will start with a "Restore tabs" page which
em to drop me a
message off-list.
Have a good day.
| Töma Gavrichenkov
| gpg: 2deb 97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191
| mailto: xima...@gmail.com
| fb: ximaera
| telegram: xima_era
| skype: xima_era
| tel. no: +7 916 515 49 58
Our records show this happened yesterday and lasted before 2019-06-11
20:24:00, for 2.5 hours total. Maybe that was just by accident.
I'm sort of confused why you're speaking of some ISPs in India. The
incident was more or less local to Finland, wasn't it?
--
Töma
On Sun, Jun 16, 2019, 4:57 AM TJ Trout wrote:
> Any simple and easy bgpmon alternatives you guys could recommend?
>
https://radar.qrator.net/
(this is not an advertisement!)
--
Töma
>
Please DO NOT reply to digests. It makes it way harder to follow
discussions on the list this way.
--
Töma
On Fri, Jul 12, 2019, 1:42 AM Brandon Svec
wrote:
> Having a somewhat bell shaped head, this sums it up pretty well, “.. Maybe
> they don't actually care about this problem until they are
On Tue, Jul 16, 2019, 4:11 PM Dimeji Fayomi
wrote:
> I'm doing a research on BGP route optimisation and the performance metrics
> used by commercial route optimizer appliances to select better path to a
> prefix.
>
You may have discovered that already during your research, but just in
case: basi
On Tue, Jul 16, 2019, 5:49 PM Mike Hammett wrote:
> Most of which are bunk if you and your upstream have appropriate filters.
>
True, and, while we're at it, it's okay to drink and drive a car if the
manufacturer has built enough driver assistance systems in it.
--
Töma
On Tue, Jul 16, 2019, 6:29 PM Mike Hammett wrote:
> assuming appropriate ingress\egress filters
>
This assumption itself is a good start for the aforementioned "security
considerations" chapter, b/c this is the assumption most of us make but
only few routinely check.
--
Töma
Peace,
On Tue, Jul 16, 2019, 9:24 PM Mike Hammett wrote:
> BGP optimizers only harm the global Internet when route filters don't do
> their job. (Un)Fortunately, many other things also harm the global Internet
> when route filters don't do their job.
>
That is correct; however, there are potent
On Wed, Jul 17, 2019, 9:52 PM Jared Geiger wrote:
> Similar to how DNSSEC led many ISPs to remove their DNS redirecting
> "search services".
>
Not that significant, but DNSSec, at the 4% adoption rate, didn't do that,
HTTPS and HSTS did.
--
Töma
>
On Thu, Jul 18, 2019 at 3:16 AM TJ Trout wrote:
> Anyone know of a hosted alternative to bgpmon? I'm testing
> Qrator but I can't determine if it will notify in real-time of a
> prefix hijack?
Qrator guy there.
Real-time notifications are there but are only available on a
commercial basis, becaus
On Thu, Jul 18, 2019 at 12:44 PM Hank Nussbacher wrote:
> On 18/07/2019 08:44, Töma Gavrichenkov wrote:
> > Qrator guy there.
> > Real-time notifications are there but are only available on a
> > commercial basis, because basically real time is expensive to compute.
> >
On Tue, Jul 30, 2019 at 2:15 AM Mel Beckman wrote:
> So why not just say so?
Because at the times of USENIX the very next reply to such a message
would've been "what are the steps to reproduce your problem".
--
Töma
On Tue, Jul 30, 2019 at 1:20 PM Christoffer Hansen
wrote:
> Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
> policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
> in the ARIN database.
Just to be precise, such a policy (2019-04) is still in a discussion
p
On Wed, Jul 31, 2019 at 3:35 PM Valdis Klētnieks
wrote:
>
> On Tue, 30 Jul 2019 16:02:58 +0300, Töma Gavrichenkov said:
> > such a policy (2019-04) is still in a discussion
> > phase in RIPE and has already seen significant resistance.
>
> OK, I'll bite. What reas
On Wed, Jul 31, 2019 at 4:04 PM Töma Gavrichenkov wrote:
> > OK, I'll bite. What reasons are they giving for their resistance?
>
> Here's a good place to start: https://ripe78.ripe.net/archives/steno/37/
> ^F, "You're done", enjoy!
P.S. Suddenly there&
On Thu, Aug 1, 2019, 1:25 AM Joe Provo wrote:
> On Tue, Jul 30, 2019 at 04:02:58PM +0300, T??ma Gavrichenkov wrote:
> I think they will be planning to reach out to ARIN with the same text
> > right after the RIPE process ends this way or another.
>
> Uh, ARIN-2019-5 has been in the ARIN PDP sinc
1 - 100 of 162 matches
Mail list logo