- Test - lists.nanog.org

Re: Alternative to BGP-4 for multihoming?
by Paul Vixie 13 Mar '00

13 Mar '00

tdp(a)discombobulated.net ("Travis Pugh") writes: > If the goal is to direct traffic from a client to the closest server farm, > why not just build a box to do a BGP lookup and respond to a name lookup > with the IP of that farm? No pings or zone transfers necessary. AS path length is a rotten predictor of performance. (Just ask Cisco's Distributed Director team whether they knew that not all of AS701 was equidistant from their early adopters here in the Bay Area.) -- Paul Vixie <vixie(a)mibh.net> SVP for Internet Services, MFNX M.I.B.H. Inc. is a subsidiary of Metromedia Fiber Network, Inc.

1 0

Network solutions does it again...
by Majdi Abbas 12 Mar '00

12 Mar '00

Hey folks....verify your domains. I've got one that looks perfect in whois, except whois claims a modification date of March 6th (which didn't happen, unless no real changes were made, and notifies weren't going out) -- and, of course, the SOA is now borked. Here we go again... --msa (VeriSign, are you sure you want to be associated with these people?)

1 0

Tours of MAE-East/West
by Timothy Brown 12 Mar '00

12 Mar '00

Does anyone know if tours of these two facilities (or AADS, or PacBell NAP, ...) are possible? Brgds, T.

2 1

inet-access off the air
by Adam Rothschild 12 Mar '00

12 Mar '00

Hi, Seems like the inet-access mailing list has been off the air since ~ 03:30 EST today. While the server it's hosted off is up, connections to TCP port 25 on it are being filtered: Interesting ports on inet-access.net (207.8.186.50): Port State Protocol Service 23 open TCP telnet 25 filtered TCP smtp I mailed the list admins, and am awaiting a response. Sorry if my post is considered inappropriate for this forum. I thought it would be of some use to this list, considering the NANOG and inet-access subscriber base does seem to overlap nicely, and people do rely upon inet-access as a source of operational information from time to time. Just a heads-up... -adam

2 1

I'm an idiot, but you know that already.
by Shawn Morris 12 Mar '00

12 Mar '00

As you can see my machine was hit be a virus today, caused by my own stupidity. I immediately disconnected my machine after clicking on the attachment, however as you can see that was not enough. Thank you to all the people who wrote to inform me of what had happened. No thanks however to the person who called to tell me "I can't believe you did that" and hung up. Real brave. If you have a beef with me and be a man and say who you are. Anyways send any deserved flames my way. Regards, Shawn Morris

5 4

Re: Hi, we're from the government and we're here to help
by Sean Donelan 11 Mar '00

11 Mar '00

On Fri, 10 March 2000, "Kelly J. Cooper" wrote: > THEN the next big thing comes along, people get scared, the > consortia suddenly get well-attended, NEW groups spring up, > the community starts complaining again and the cycle is > renewed. That is, until people get bored again, or budgets > change or the NEXT big thing that comes along has nothing > to do with security. > > This cycle is old. I know I'm bored with it. A very good summary of past cycles. There is no lack of groups. But I certainly don't have time or funding to attend meetings of all these groups, or even the groups that will have me as a member. And I definitely don't think the solution is creating yet another group. > So now what? > > How do you propose to cull the wheat from the chaff? Get all > the right information about what ISPs are trying to do, and > going into the lab to test, and researching into the right > ears (of other ISPs)? How are you going to get the right > people to speak and the wrong people to shut up for a few > minutes? > > Because if it was just as easy as kicking in a few bucks to > yet another consortium, I'd do it in a heartbeat. I think a paid professional secretariat is mandatory. But costs a lot of money. It can't be a stand-alone consortium, but must be part of a larger industry group to handle the inevitable cycles of interest. It must be composed of a critical mass of industry. Groups with less than a thirty or so members tend to stagnate. -- What I do on my days off http://www.irishparade.org/ or spot me on the webcam broadcast at http://www.iwannasee.com/

1 0

Re: Hi, we're from the government and we're here to help
by Kelly J. Cooper 11 Mar '00

11 Mar '00

On Mar 10, 9:57am, Patrick Greenwell wrote: > Subject: Re: Hi, we're from the government and we're here to help * *On 9 Mar 2000, Sean Donelan wrote: * *> The US Government as been amazingly pro-active in this area, or at least *> some small groups have been. They've also consistently said the government *> can't protect the Internet. The infrastructure is owned by private companies *> and individuals; and industry has to work together to protect it. *> *> The question is does industry think its worthwhile to work together? * *Funny you should ask that. There was a lot of discussion on Bugtraq *recently about the attacks and from those discussions another list was *started to discuss formation of an "Assocation of Responsible Internet *Providers" (ARIP(a)SECURITYFOCUS.COM) Discussion ensued regarding what the *organization should be doing. There seemed to be general agreement *on the idea of first creating a NOC<->NOC communication *protocol/procedures(this is at the people layer, not the technical *layer.) I suggested that the group develop a charter, form a 501(c)(6), *elect officers, obtain D&O insurance and then proceed. I also stated that *any such venture was going to require very real money to accomplish, and *asked if there was anyone willing to put their money where there mouth is, *and monetarily contribute to such a venture(I offered to put up a few *hundred dollars.) * *Suddenly, the list got very, very quiet. In fact, since I posted that *message, there hasn't been a single post to the list. Emperically, this *suggests to me that while everyone is quick to spend countless *hours expressing an opinion on mailing lists, there is nobody willing to *invest in making this happen. People who coordinate these kinds of consortia do so on a practically full-time basis if they want to get anything done. Asking someone who already has a full-time job (and if it has anything to do with security, several full-time jobs and a bad case of paranoia) to take on that level of additional involvement could be considered prohibitive. If a specific ISP sponsors the group, what's to stop the rest of the world from accusing that ISP of bias? Same issue with a vendor. The problems of anti-trust are very serious in this arena. If you have an elected board doing volunteer work and meeting on a periodic basis to discuss security, you suffer from the same problem of resources without someone more dedicated to sheparding the process along. Everybody wants a NDA (Non-Disclosure Agreement), but their NDA has to look like THIS while the other ISPs want the NDA to look like THAT. If the government sponsors the group, they can circumvent the anti-trust issue, but the gov't doesn't ever seem to be happy about just letting things be. Everything has a tendency to become a political pawn. There's a very real possibility that gov't sponsorship of a group trying to set standards for work and incident response could evolve into the basis for regulation. The "r" word frightens everyone in the ISP industry, so no one's taking a proposal to D/ARPA (whichever they are this week) to convince them that this is a good idea. The "r" word frightens a lot of people in gov't as well - many don't want the added overhead of another regulated industry. The gov't has created a bunch of crisis centers (like NIPC) who won't/can't sponsor an ISP Consortium, but want to be invited to one if it happens. You have CERT, keeping things close the vest unless you establish a long-term relationship with them. You have SANS, trying to be an industry leader but maybe getting lost in all the noise created by BUGTRAQ and NT BUGTRAQ and the CVE and the Abuse newsgroups and the Abuse mailing lists and ALL the OS security warnings and ALL the Firewall security warnings and the MAPS RBL and the ORBS list and NANOG and the IETF (particularly the GRIP working group) and the FBI's INFRAGARD every freakin' person who stands up and claims to be a security expert who wants things done HIS way or his university's way or his consortia's way and ON AND ON. So you have places like CNRI (a non-profit organization which sponsors the XIWT, aka the Cross-Industry Working group, which spawned IOPS, the Internet Operators Consortium) and ICSA (a for-profit organization which sponsors a bunch of consortia, but most relevant here they sponsor ISPSEC, the ISP Security Consortium). Both charge a certain amount of money for membership & they try and get things done, but their efforts are often met with jeers from the community (in fora like, OH I DUNNO, NANOG?) because their consortia cost money, so they aren't open to everyone, so they couldn't possibly provide an accurate representation of the community. But they aren't the only groups out there. There are others. However, there are only so many of us who go to these things - and we can't spend all of our time going to meetings or we become useless, not having time to do our jobs and stay in the loop and able to contribute. All the groups suffer from the same problems - they slack off, lose funding, re-invent themselves, start some new subgroup, try to drum up interest, etc. Because sustained volunteer work is HARD. If you don't think it's hard, then you don't have enough to do. THEN the next big thing comes along, people get scared, the consortia suddenly get well-attended, NEW groups spring up, the community starts complaining again and the cycle is renewed. That is, until people get bored again, or budgets change or the NEXT big thing that comes along has nothing to do with security. This cycle is old. I know I'm bored with it. So now what? How do you propose to cull the wheat from the chaff? Get all the right information about what ISPs are trying to do, and going into the lab to test, and researching into the right ears (of other ISPs)? How are you going to get the right people to speak and the wrong people to shut up for a few minutes? Because if it was just as easy as kicking in a few bucks to yet another consortium, I'd do it in a heartbeat. Kelly J. -- Kelly J. Cooper - Internet Security Officer GTE Internetworking - Powered by BBN - 800-632-7638 3 Van de Graaff Drive Fax - 781-262-2819 Burlington, MA 01803 http://www.bbn.com

2 1

The CIDR Report
by Bandy Rush 11 Mar '00

11 Mar '00

I generally follow my habits of not leaving my office until I receive my weekly copy of the CIDR report. I havent received one in a few weeks, and I need to go home to change clothes. With that being said, I have generated the below CIDR report. -BR This is a MANUALLY-generated mail on Fri Mar 10 19:25:00 PST 2000 It is not checked before it leaves my Commodore64. However, hopefully you will find this report interesting and will take the time to look through this to see if you can improve the amount of deaggregation you perform. The report is split into sections: 0) General Status List the route table history for the last week, list any possibly bogus routes seen and give some status on ASes. 1) Losses by deaggregating at the origin AS level This lists the "Top 30" players who if they decided to deaggregate their announced classful prefixes at the origin AS level could make a significant difference in the expansion of the current size of the Internet routing table. This calculation does not take into account the exclusion of holes when deaggregating so it is possible even larger routing tables should be possible. 2) Weekly Delta A summary of the last weeks changes in terms of withdrawn and added routes. Please note that this is only a snapshot but does give some indication of ASes participating in CIDR. Clearly, it is generally a good thing to see a large amont of additions. 3) Interesting deaggregates Interesting here means a deaggregate made as a set of funkadelic routes. Thanks to yahoo.com for giving me access to their services once aday. Please send any comments about this report directly to me. Check http://www.employees.org/~tbates/cidr-report.html for a daily update of the REAL CIDR report. ------------------------------------------------------------------------------ CIDR REPORT for 10Mar000) General StatusTable History -------------Date Prefixes180200 72321190200 72203200200 72346210200 72296 220200 72419230200 72364240200 72455250200 72608 of the table history.Possible Bogus Routes--------------------- *** Bogus 0.0.0.0 from AS701*** *** Bogus 10.0.0.0/8 from AS31337*** AS Summary----------Number of ASes in routing system: 6762 Number of ASes announcing only one prefix: 3701 (2011 cidr, 1690 classful) Largest number of cidr routes: 198774 announced by AS701 Largest number of classful routes: 8891009 announced by AS701 1) Gains by aggregating at the origin AS level --- 10Mar00 --- ASnum NetsNow NetsCIDR NetGain % Gain Description AS4200 167 104 63 37.7% AGIS (Apex Global Information Ser **Dont worry, their address space will be returned in a few weeks...** _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com

1 0

Whereis the CIDR report?
by Jeffry Roberts 11 Mar '00

11 Mar '00

Anyone know? Two weeks in a row now. How else am I supposed to know when it's friday? J/K, I really do like to browse through it though. Jeff

2 1

Fiber Cut?
by John Fraizer 11 Mar '00

11 Mar '00

Anyone know anything about a fiber cut between Chi<->SF/San Jose? John Fraizer EnterZone, Inc

1 0