Re: Large Infrastructure question

Sounds perfect for anycast. Many small packets, no sessions or contracts, etc. However one cluster in LA, Seattle, Dallas, Ashburn, and Chicago will provide exquisite northern American coverage. You don't put them where the people are you put them where the network is. On Aug 7, 2014 11:24 PM, "Dav

Re: Large Infrastructure question

I appreciate all of the comments. Some made sense and some were a bit over my head. I’ve only ever had to deal with a single server that required a pair of nameserver names, so most of this is relatively new to me. (All of my sites today are on a shared reseller hosting account.) A few more det

Re: Large Infrastructure question

I'm not sure if its what you are looking for, but I read this on Hacker News the other day: http://www.scalescale.com/rolling-your-own-cdn-build-a-3-continent-cdn-for-25-in-1-hour/ Eric On Thu, Aug 7, 2014 at 8:38 PM, Joseph Sinclair wrote: > In reference to your final sentence, you're looking

Re: Large Infrastructure question

In reference to your final sentence, you're looking for the kind of services a CDN provides. (e.g. geographic routing, and rapid scale). Something like one of the following combinations may offer what you need (using the technologies others have mentioned already): AWS with Amazon CloudFront (

Re: Large Infrastructure question

I too think anycast is the correct answer. If you can not do that, and there are reasons, then GSS comes to mind. On Aug 6, 2014 11:17 PM, "David Schwartz" wrote: > Here’s something interesting for the infrastructure geeks on the list ... > > How would you approach setting up a service that had t

Re: crypto lock

"Please provide your email address [1] and an encrypted file [2] that has been encrypted by CryptoLocker. This portal will then email you a master decryption key along with a download link to our recovery program that can be used together wit

Re: crypto lock

Ahh, so it's a self-extracting sort of thing with said key. I was expecting some kind of archive image of your data to be piped to them with unsaid consequences. I feel like I'm missing out on the fun. Maybe I should install an xp vm with sp2 and crawl the tubes with IE6 in a sandbox to get

Re: crypto lock

You only have to send one file. They are able to retrieve the decryption key from just that file. On Aug 7, 2014 12:54 PM, "Michael Butash" wrote: > Maybe they'll only keep a copy of it as their price. > > I would have figured someone would release an app to unlock it for poor > bastards, but yo

Re: crypto lock

Maybe they'll only keep a copy of it as their price. I would have figured someone would release an app to unlock it for poor bastards, but you have to send them the data? Ugh, yeah no. Side note, their sister company is now huge in marketing data and porn, with some ties to wikileaks and nsa

Re: crypto lock

On Thu, Aug 07, 2014 at 04:19:55AM +, Michael Havens wrote: > Someone said a friend got ransomware on their computer? > > Through a partnership that included researchers from FOX-IT and FireEye, > researchers managed to recover the private encryption keys that > CryptoLocker uses to lock victi

Re: Large Infrastructure question

Reading through this my first gut instinct is that using a DNS service (I've used Dynect in the past) could work, but you didn't include enough information to confirm if that's good/bad advice. What you probably should do is think about your workload and decide your tolerance for errors. Consider

Re: crypto lock

Cool. That's a site worth it's weight in gold. (If it works) Brian Cluff On 08/06/2014 09:19 PM, Michael Havens wrote: Someone said a friend got ransomware on their computer? Through a partnership that included researchers from FOX-IT and FireEye, researchers managed to recover the private en

Re: Large Infrastructure question

Best bet is anycast routing. BGP peers distributed among the world, all advertising the same block of addresses brings natual geographical proximity as long as bgp as-path hops are somewhat valid. Done in a /24 or larger (2+ for disparity), that becomes your "anycast" subnet, advertising to a