- Test - lists.nanog.org

CERT Advisory - SATAN
by CERT Advisory 03 Apr '95

03 Apr '95

============================================================================= CA-95:06 CERT Advisory April 3, 1995 Security Administrator Tool for Analyzing Networks (SATAN) ----------------------------------------------------------------------------- The CERT Coordination Center staff has examined beta version 0.51 of the Security Administrator Tool for Analyzing Networks (SATAN). This advisory contains information based on our review of this pre-release version. When the official release is available, we will distribute an updated advisory. SATAN is scheduled for release on April 5, 1995, at 14:00 GMT. 1. What is SATAN? ------------------ SATAN is a testing and reporting tool that collects a variety of information about networked hosts. The currently available documentation can be found at ftp://ftp.win.tue.nl/pub/security/satan_doc.tar.Z SATAN gathers information about specified hosts and networks by examining network services (for example, finger, NFS, NIS, ftp, and rexd). It can then report this data in a summary format or, with a simple rule-based system, investigate potential security problems. Problems are described briefly and pointers provided to patches or workarounds. In addition to reporting vulnerabilities, SATAN gathers general network information (network topology, network services run, types of hardware and software being used on the network). As described in the SATAN documentation, SATAN has an exploratory mode that allows it to probe hosts that have not been explicitly specified. Thus, SATAN could probe not only targeted hosts, but also hosts outside your administrative domain. Section 4 below lists the vulnerabilities currently probed by SATAN. 2. Potential Impact of SATAN ---------------------------- SATAN was designed as a security tool for system and network administrators. However, given its wide distribution, ease of use, and ability to scan remote networks, SATAN is also likely to be used to locate vulnerable hosts for malicious reasons. It is also possible that sites running SATAN for a legitimate purpose will accidentally scan your system via SATAN's exploratory mode. Although the vulnerabilities SATAN identifies are not new, the ability to locate them with a widely available, easy-to-use tool increases the level of threat to sites that have not taken steps to address those vulnerabilities. In addition, SATAN is easily extensible. After it is released, modified versions might scan for other vulnerabilities as well and might include code to compromise systems. 3. How to Prepare for the Release of SATAN ------------------------------------------ * Examine your systems for the vulnerabilities described below and implement security fixes accordingly. * In addition to reading the advisories cited for specific vulnerabilities below, consult the following documents for guidance on improving the security of your systems: ftp://info.cert.org/tech_tips/security_info ftp://info.cert.org/tech_tips/anonymous_ftp ftp://info.cert.org/tech_tips/packet_filtering * Contact your vendor for information on available security patches, and ensure that all patches have been installed at your site. * Use the tools listed in Section 5 to assist you in assessing and improving the security of your systems. 4. Vulnerabilities Probed by SATAN ---------------------------------- Listed below are vulnerabilities that beta version 0.51 of SATAN tests for, along with references to CERT advisories and other documents where applicable. Administrators should verify the state of their systems and perform corrective actions as necessary. We cannot stress enough the importance of good network configuration and the need to install all available patches. 1. NFS export to unprivileged programs 2. NFS export via portmapper 3. Unrestricted NFS export See CERT advisory CA-94:15 and CA-94:15.README for security measures you can take to address NFS vulnerabilities. The following advisories also address problems related to NFS: CA-94:02.REVISED.SunOS.rpc.mountd.vulnerability CA-94:02.README CA-93:15.SunOS.and.Solaris.vulnerabilities CA-92:15.Multiple.SunOS.vulnerabilities.patches CA-92:12.REVISED.SunOS.rpc.mountd.vulnerability CA-91:21.SunOS.NFS.Jumbo.and.fsirand 4. NIS password file access See CERT advisory CA-92:13 for information about SunOS 4.x machines using NIS, and CA-93:01 for information about HP machines. 5. rexd access We recommend filtering the rexd service at your firewall and commenting out rexd in the file /etc/inetd.conf. See CERT advisory CA-92:05 for more information about IBM AIX machines using rexd, and CA-91:06 for information about NeXT. 6. Sendmail vulnerabilities See CERT advisory CA-95:05 and CA-95:05.README for the latest information we have published about sendmail. 7. TFTP file access See CERT advisory CA-91:18 for security measures that address TFTP access problems. In addition, CA-91:19 contains information for IBM AIX users. 8. Remote shell access We recommend that you comment out rshd in the file /etc/inetd.conf or protect it with a TCP wrapper. 9. Unrestricted X server access We recommend filtering X at your firewall. Additional advice about packet filtering is available by anonymous FTP from ftp://info.cert.org:/pub/tech_tips/anonymous_ftp 10. Writable FTP home directory See CERT advisory CA-93:10. Guidance on anonymous FTP configuration is also available from ftp://info.cert.org:/pub/tech_tips/anonymous_ftp 11. wu-ftpd vulnerability See CA-93:06, CA-94:07, and CA-94:07.README for more information about ftpd. Note: In addition to our FTP archive at info.cert.org, CERT documents are available from the following sites, and others which you can locate by using archie: ftp://coast.cs.purdue.edu:/pub/mirrors/cert.org/cert_advisories ftp://unix.hensa.ac.uk:/pub/uunet/doc/security/cert_advisories ftp://ftp.luth.se:/pub/misc/cert/cert_advisories ftp://ftp.switch.ch:/network/security/cert_advisories ftp://corton.inria.fr:/CERT/cert_advisories ftp://ftp.inria.fr:/network/cert_advisories ftp://nic.nordu.net:/networking/security/cert_advisories 5. Currently Available Tools ----------------------------- The following tools are freely available now and can help you improve your site's security before SATAN is released. COPS and ISS can be used to check for vulnerabilities and configuration weaknesses. COPS is available from ftp://info.cert.org:/pub/tools/cops/* ISS is available from ftp://ftp.uu.net:/usenet/comp.sources.misc/volume39/iss CERT advisory CA-93:14 and CA-93:14.README contain information about ISS. TCP wrappers can provide access control and flexible logging to most network services. These features can help you prevent and detect network attacks. This software is available by anonymous FTP from ftp://info.cert.org:/pub/tools/tcp_wrappers/* The TAMU security package includes tools to check for vulnerabilities and system configuration weaknesses, and it provides logging and filtering of network services. This software is available by anonymous FTP from ftp://net.tamu.edu:/pub/security/TAMU/* The Swatch log file monitor allows you to identify patterns in log file entries and associate them with actions. This tool is available from ftp://ee.stanford.edu:/pub/sources/swatch.tar.Z 6. Detecting Probes ------------------- One indication of attacks by SATAN, and other tools, is evidence of a heavy scan of a range of ports and services in a relatively short time. Many UNIX network daemons do not provide sufficient logging to determine if SATAN is probing the system. TCP wrappers, the TAMU tools, and Swatch can provide the logging you need. 7. Using SATAN --------------- Running SATAN on your systems will provide you with the same information an attacker would obtain, allowing you to correct vulnerabilities. If you choose to run SATAN, we urge you to read the documentation carefully. Also, note the following: * It is easy to accidentally probe systems you did not intend to. If this occurs, the probed site may view the probe(s) as an attack on their system(s). * Take special care in setting up your configuration file, and in selecting the probe level when you run SATAN. * Explicitly bound the scope of your probes when you run SATAN. Under "SATAN Configuration Management," explicitly limit probes to specific hosts and exclude specific hosts. * When you run SATAN, ensure that other users do not have read access to your SATAN directory. * In some cases, SATAN points to CERT advisories. If the link does not work for you, try getting the advisories by anonymous FTP. 8. Getting more information about SATAN --------------------------------------- As noted above, SATAN documentation is available from ftp://ftp.win.tue.nl/pub/security/satan_doc.tar.Z Additional documents are available through a mail server set up by one of the authors. Send mail to majordomo(a)wzv.win.tue.nl Put the following text in the body (not subject): get satan mirror-sites get satan release-plan get satan description get satan admin-guide-to-cracking.101 The last document contains "Improving the Security of Your Site by Breaking Into It," a 1993 paper in which the authors give their rationale for creating SATAN. --------------------------------------------------------------------------- The CERT Coordination Center staff thanks Dan Farmer and Wieste Venema for the the opportunity to examine pre-release versions of SATAN. We also appreciate the interaction with the response teams at AUSCERT, CIAC, and DFN-CERT, and feedback from Eric Allman. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in the Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise that the e-mail be encrypted. The CERT Coordination Center can support a shared DES key, PGP (public key available via anonymous FTP on info.cert.org) or PEM (contact CERT staff for details). Internet E-mail: cert(a)cert.org Telephone: +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 USA CERT advisories and bulletins are posted on the USENET newsgroup comp.security.announce. If you would like to have future advisories and bulletins mailed to you or to a mail exploder at your site, please send mail to cert-advisory-request(a)cert.org. Past advisories, CERT bulletins, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from info.cert.org. Copyright 1995 Carnegie Mellon University This material may be reproduced and distributed without permission provided it is used for noncommercial purposes and the copyright statement is included. CERT is a service mark of Carnegie Mellon University.

1 0

RE: FYI
by sjr＠twain.merit.edu 02 Apr '95

02 Apr '95

E144's configuration file has been corrected and WILL be updated this morning. Steve Richardson/Merit

2 1

FYI
by sjr＠twain.merit.edu 02 Apr '95

02 Apr '95

ENSS 144's configuration file is not being updated today due to a problem with the new file for that node. ENSS 145 and the other configuration files are being updated as is normally the case. Steve Richardson/Merit

2 1

Additions to the NSFNET policy-based routing database
by smm＠twain.merit.edu 02 Apr '95

02 Apr '95

------------------------------------------------------------------------------ The PRDB and this "NWG report" will be retired very soon. Details below. ------------------------------------------------------------------------------ The following changes have been made to the NSFNET policy-based routing database and will be installed on the backbone by 08:00 EST : Total = As + Bs + Cs + Aggs Registered Networks 50344 = 30 5359 41662 3293 Configured Networks 47431 = 30 5302 38870 3229 Added Networks 426 = 0 8 367 51 Deleted Networks 39 = 0 1 3 35 IP address Net name Country Priority:AS ---------- -------- ------- ----------- 150.30/16 TOEPCO C:JP 1:2149 2:174 154.5/16 NET-PSINET-B2-5 C:US 1:2149 2:174 156.75/16 FDOT C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 159.113.200/24 PLAN-SERVICES C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 165.86/16 NET-QLDHEALTH C:AU 1:297(144) 2:297(145) 168.213/16 PCS-FLA C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 169.128/16 EVEREADY C:US 1:701(147) 2:701(134) 169.139/16 BROW-K12-FL C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 170.48/16 HLTHSRC C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 192.6.70/24 HP208 C:US 1:3561(11) 2:3561(218) 3:200(128) 4:200(144) 5:560 192.6.93/24 HP208A C:US 1:3561(11) 2:3561(218) 3:200(128) 4:200(144) 5:560 192.54.39/24 MARCO C:DE 1:1800 2:1239(144) 3:1133 192.58.41/24 DATANET-1 C:FI 1:701 192.58.42/23 DATANET-1 C:FI 1:701 192.58.44/22 DATANET-1 C:FI 1:701 192.58.48/20 DATANET-1 C:FI 1:701 192.58.64/20 DATANET-1 C:FI 1:701 192.58.82/23 DATANET-1 C:FI 1:701 192.58.84/22 DATANET-1 C:FI 1:701 192.58.88/24 DATANET-1 C:FI 1:701 192.58.89/24 DATANET-1 C:FI 1:701 192.68.207/24 DANCINGBEAR.COM C:US 1:3381 192.70.212/24 BCS C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 192.83.0/18 DATANET-2 C:FI 1:701 192.83.64/18 DATANET-2 C:FI 1:701 192.83.94/23 DATANET-2 C:FI 1:701 192.83.96/23 DATANET-2 C:FI 1:701 192.83.98/23 DATANET-2 C:FI 1:701 192.83.100/24 DATANET-2 C:FI 1:701 192.84.219/24 NET-RADLOGIC C:AU 1:297(144) 2:297(145) 192.86.250/23 REDSTONENET C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 192.89/16 DATANET-3 C:FI 1:701 192.107.130/24 APS1 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 192.115.136/24 MEMCO-NET C:IL 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 192.115.137/24 SIVAN-NET C:IL 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 192.130/16 DATANET-4 C:FI 1:701 192.135.235/24 CRCORP C:US 1:1800 2:1240 3:1239 192.136.12/24 GSA-R7 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 192.150.244/24 THEPORCH C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 192.151.39/24 HP-TOR-NET C:US 1:3561(218) 2:3561(11) 3:560 4:200(128) 5:200(144) 6:174 7:2149 192.189.53/24 COLEMAN C:US 1:1800 2:1240 3:1239 192.194/16 DATANET-5 C:FI 1:701 192.197.68/24 GTIS-C2-1 C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 192.197.69/24 GTIS-C2-3 C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 192.197.74/24 GTIS-C2-7 C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 192.197.76/24 GTIS-C2-9 C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 192.219.141/24 NET-WELDWOOD C:CA 1:1240 2:1800 3:1239 192.251.232/24 CRC-HUNT C:US 1:1800 2:1240 3:1239 192.251.233/24 CRC-FAIR C:US 1:1800 2:1240 3:1239 192.251.234/24 CRC-SPRING C:US 1:1800 2:1240 3:1239 192.251.236/24 CRC-CO C:US 1:1800 2:1240 3:1239 193.22.176/22 RUECKER-GMBH C:DE 1:1800 2:1239(144) 3:1133 193.43.102/23 VATICAN-LIBRARY-NET C:IT 1:293(144) 2:293(145) 3:1133 4:1674 5:1800 193.104.173/24 MATRA-MHS-F2 C:FR 1:701(147) 2:701(134) 3:1800 193.172.8/21 EMPB-AGGREGATE C:NL 1:1128 2:1800 3:1133 4:1674 5:1239(144) 193.208/14 DATANET-6-9 C:FI 1:701 194.62.44/22 NETKONECT C:GB 1:1239(218) 2:1239(144) 3:1800 194.89/16 DATANET-10 C:FI 1:701 194.111/16 DATANET-11 C:FI 1:701 194.142/16 DATANET-12 C:FI 1:701 198.22.217/24 NET-PHSP-1 C:US 1:1324(35) 2:1324(32) 3:3577 198.22.218/23 PHSP-CIDR1 C:US 1:1324(35) 2:1324(32) 3:3577 198.22.220/23 PHSP-CIDR2 C:US 1:1324(35) 2:1324(32) 3:3577 198.22.222/24 NET-PHSP-6 C:US 1:1324(35) 2:1324(32) 3:3577 198.51.194/24 TWINTREESUS C:US 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 5:3830 198.53.48/24 NETBLK-FONOROLA C:CA 1:2493(35) 2:2493(91) 198.53.49/24 NETBLK-FONOROLA C:CA 1:2493(35) 2:2493(91) 198.53.50/24 NETBLK-FONOROLA C:CA 1:2493(35) 2:2493(91) 198.53.68/24 NETBLK-FONOROLA C:CA 1:2493(35) 2:2493(91) 198.69.140/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 198.73.212/24 DIS-NET2 C:CA 1:2493(35) 2:2493(91) 198.73.213/24 DIS-NET2 C:CA 1:2493(35) 2:2493(91) 198.73.214/24 DIS-NET2 C:CA 1:2493(35) 2:2493(91) 198.73.215/24 DIS-NET2 C:CA 1:2493(35) 2:2493(91) 198.76.83/24 SCASSN-ORG C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 198.76.86/23 NETBLK-NDU C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 198.76.88/21 NETBLK-NDU C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 198.76.96/22 NETBLK-NDU C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 198.83.19/24 PRODIGY-NETS C:US 1:2685 2:1324(32) 3:1324(35) 198.83.51/24 BANKERS-NET C:US 1:1324(32) 2:1324(35) 198.112.128/24 IAC-128 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.129/24 IAC-129 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.130/24 IAC-130 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.131/24 IAC-131 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.132/24 IAC-132 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.133/24 IAC-133 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.134/24 IAC-134 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.135/24 IAC-135 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.136/24 IAC-136 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.137/24 IAC-137 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.138/24 IAC-138 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.139/24 IAC-139 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.140/24 IAC-140 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.141/24 IAC-141 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.142/24 IAC-142 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.143/24 IAC-143 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.144/24 IAC-144 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.145/24 IAC-145 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.146/24 IAC-146 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.147/24 IAC-147 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.148/24 IAC-148 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.149/24 IAC-149 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.150/24 IAC-150 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.151/24 IAC-151 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.152/24 IAC-152 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.153/24 IAC-153 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.154/24 IAC-154 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.155/24 IAC-155 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.156/24 IAC-156 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.157/24 IAC-157 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.158/24 IAC-158 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.159/24 IAC-159 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.164/24 IAC-164 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.165/24 IAC-165 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.166/24 IAC-166 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.167/24 IAC-167 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.168/24 IAC-168 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.169/24 IAC-169 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.170/24 IAC-170 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.171/24 IAC-171 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.172/24 IAC-172 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.173/24 IAC-173 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.174/24 IAC-174 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.175/24 IAC-175 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.176/24 IAC-176 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.177/24 IAC-177 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.178/24 IAC-178 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.179/24 IAC-179 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.180/24 IAC-180 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.181/24 IAC-181 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.182/24 IAC-182 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.183/24 IAC-183 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.184/24 IAC-184 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.185/24 IAC-185 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.186/24 IAC-186 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.187/24 IAC-187 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.188/24 IAC-188 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.189/24 IAC-189 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.190/24 IAC-190 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.112.191/24 IAC-191 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.240/24 RIDE-240 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.241/24 RIDE-241 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.242/24 RIDE-242 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.243/24 RIDE-243 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.244/24 RIDE-244 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.245/24 RIDE-245 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.246/24 RIDE-246 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.247/24 RIDE-247 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.248/24 RIDE-248 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.249/24 RIDE-249 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.250/24 RIDE-250 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.251/24 RIDE-251 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.252/24 RIDE-252 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.253/24 RIDE-253 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.254/24 RIDE-254 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.115.255/24 RIDE-255 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 198.150.30/24 NET-PROMEGA-2 C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 198.162.93/24 GLENNET18 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 198.175.145/24 CRCMACS C:US 1:1800 2:1240 3:1239 199.4.216/23 NETBLK-SJMC C:US 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 5:3561(218) 6:93 199.5.191/24 WHAM C:US 1:3830 2:4388 199.75.216/23 NORTHERN-K12-MD-US C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.75.218/23 SMITHSBURG-WA-K12-MD C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.75.224/22 BELLATLANTIC-COM C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.75.240/20 ARUNDEL-K12-MD-US-2 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.77.50/24 MSM-50 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.77.51/24 MSM-51 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.77.86/24 JOBSOFT-NET_86 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.77.87/24 JOBSOFT-NET_87 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 199.93.254/24 DFCI-254 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 199.97.16/24 CRC6 C:US 1:1800 2:1240 3:1239 199.97.17/24 CRC6 C:US 1:1800 2:1240 3:1239 199.97.18/24 CRC6 C:US 1:1800 2:1240 3:1239 199.97.19/24 CRC6 C:US 1:1800 2:1240 3:1239 199.97.20/24 CRC6 C:US 1:1800 2:1240 3:1239 199.97.21/24 CRC6 C:US 1:1800 2:1240 3:1239 199.126.157/24 LEARNQUEST C:CA 1:577(137) 2:577(133) 3:577(143) 4:3561(218) 5:3561(11) 199.126.164/24 CITY-DART-CA C:CA 1:577(137) 2:577(133) 3:577(143) 4:3561(218) 5:3561(11) 199.126.165/24 BOYNE-CLARKE C:CA 1:577(137) 2:577(133) 3:577(143) 4:3561(218) 5:3561(11) 199.126.166/24 ATDATA-NS-CA C:CA 1:577(137) 2:577(133) 3:577(143) 4:3561(218) 5:3561(11) 199.233.163/24 FXS C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 199.247.22/24 GOV-NT2 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.23/24 GOV-NT3 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.25/24 GOV-NT3 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.26/24 GOV-NT4 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.33/24 MICROAGE-NT-CA C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.34/24 AVERY-NT-CA C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 199.247.35/24 AAL-NT-CA C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 200.11.36/24 DESCO C:PE 1:1800 2:1239(218) 3:1239(144) 200.11.37/24 UNICEF-PE C:PE 1:1800 2:1239(218) 3:1239(144) 200.14.65/24 RIMPEX C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 200.14.66/24 CAMARADIP C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 200.14.67/24 SENADO C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 200.14.80/24 INFOBANH-NET C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 200.14.84/22 DPORTALES C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 200.14.108/23 MINEDUC-NET C:CL 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 202.0.87/24 NET-SNI-AUS C:AU 1:297(144) 2:297(145) 202.14.104/24 NET-TOSHIBAOZ1 C:AU 1:297(144) 2:297(145) 202.14.105/24 NET-TOSHIBAOZ2 C:AU 1:297(144) 2:297(145) 202.20.100/24 TWICS C:JP 1:2149 2:174 3:1239(147) 4:1239(218) 5:1239(144) 6:1800 202.33.85/24 IMSNET C:JP 1:2149 2:174 202.33.89/24 MARUBUN C:JP 1:2149 2:174 202.42.221/24 BREL-SG C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.42.222/24 TELIF-SG C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.80.0/21 NET-HUGE.NET C:HK 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 202.160.0/24 BRUNEI8-SG-C-160-0 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.1/24 BRUNEI8-SG-C-160-1 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.2/24 BRUNEI8-SG-C-160-2 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.3/24 BRUNEI8-SG-C-160-3 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.4/24 BRUNEI8-SG-C-160-4 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.5/24 BRUNEI8-SG-C-160-5 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.6/24 BRUNEI8-SG-C-160-6 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.160.7/24 BRUNEI8-SG-C-160-7 C:SG 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 202.241.192/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.193/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.194/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.195/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.196/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.197/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.198/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.199/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.200/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.201/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.202/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.203/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.204/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.205/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.206/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.207/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.208/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.209/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.210/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.211/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.212/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.213/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.214/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.215/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.216/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.217/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.218/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.219/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.220/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.221/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.222/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.223/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.224/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.225/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.226/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.227/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.228/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.229/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.230/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.231/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.232/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.233/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.234/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.235/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.236/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.237/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.238/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.239/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.240/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.241/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.242/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.243/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.244/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.245/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.246/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.247/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.248/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.249/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.250/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.251/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.252/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.253/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.254/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.241.255/24 APNIC-CIDR-BLK-C-241- C:JP 1:2149 2:174 202.242.18/24 UNCLE-C-242-18 C:JP 1:2149 2:174 202.242.19/24 UNCLE-C-242-19 C:JP 1:2149 2:174 202.243.171/24 AMITANET C:JP 1:2149 2:174 202.244.236/22 MUTOHNET C:JP 1:701(147) 2:701(134) 3:1800 4:1239 5:1240 202.245.225/24 FIX-NET C:JP 1:2149 2:174 202.248.67/24 MMC-NET C:JP 1:2149 2:174 202.248.68/24 INTAP-NET C:JP 1:2149 2:174 202.248.70/24 CSJ-NET C:JP 1:2149 2:174 202.248.73/24 DSINET C:JP 1:2149 2:174 202.248.74/24 TAISEI-NET C:JP 1:2149 2:174 202.248.77/24 HUINET C:JP 1:2149 2:174 202.255.72/24 JTSSNET-C-255-72 C:JP 1:2149 2:174 202.255.73/24 JTSSNET-C-255-73 C:JP 1:2149 2:174 202.255.74/24 JTSSNET-C-255-74 C:JP 1:2149 2:174 202.255.75/24 JTSSNET-C-255-75 C:JP 1:2149 2:174 204.19.20/24 MKSINFO-NET C:CA 1:1324(36) 2:1324(32) 3:2493(35) 4:2493(91) 204.19.108/24 COLLEGELEBOEUF-CA C:CA 1:577(137) 2:577(133) 3:577(143) 4:3561(218) 5:3561(11) 204.19.121/24 NATNET-COM C:CA 1:1324(36) 2:1324(32) 3:2493(35) 4:2493(91) 204.29.75/24 MONTEVALLO-NET C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.29.81/24 AIDB-NET2 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.29.82/24 AIDB-NET2 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.41.124/24 TIMISKBOE C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 204.58.127/24 DHHLA-1 C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.62.189/24 DOMINCASYS C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 204.74.69/24 NLSINC C:US 1:1240 2:1800 3:1239 4:210 5:209 6:1957 204.74.76/24 RESNOVA C:US 1:1240 2:1800 3:1239 4:210 5:209 6:1957 204.74.77/24 PACIFICA2 C:US 1:1240 2:1800 3:1239 4:210 5:209 6:1957 204.80.243/24 UNIKOMPTX C:US 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.92.94/24 ONYXCOM1 C:CA 1:2493(35) 2:2493(91) 204.96.111/24 NET-OUTER C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 204.96.134/24 NET-SWSPECTRUM3 C:US 1:1240 2:1800 3:1239 204.96.135/24 NET-SWSPECTRUM4 C:US 1:1240 2:1800 3:1239 204.101.55/24 CYCOR C:CA 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.101.56/21 CYCOR C:CA 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.101.75/24 TECHRES C:CA 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.101.76/24 BARRIE-NET C:CA 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.138.180/23 FOXNET.NET C:CA 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.142.103/24 DEVEDGE-C-142-103 C:US 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 204.142.104/24 DEVEDGE-C-142-104 C:US 1:3561(218) 2:3561(147) 3:3561(27) 4:3561(11) 5:3561(144) 6:97 204.147.0/20 MADISON2 C:US 1:3561(218) 2:3561(11) 3:1225(130) 4:1225(131) 5:1225(129) 204.157.119/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.164.197/24 VETMEMCT-197 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.216/24 MECN-216 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.217/24 MECN-217 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.218/24 MECN-218 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.219/24 MECN-219 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.220/24 MECN-220 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.221/24 MECN-221 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.222/24 MECN-222 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.223/24 MECN-223 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.224/24 MECN-224 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.225/24 MECN-225 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.165.226/24 MECN-226 C:US 1:3561(218) 2:3561(11) 3:560 4:701(147) 5:701(134) 204.180.120/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.174/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.175/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.176/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.177/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.178/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.179/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.180/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.181/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.182/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.183/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.184/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.185/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.186/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.187/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.188/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.190/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.180.191/24 NETBLK-SPRINTBLK-ANS- C:US 1:1327 204.191.44/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.45/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.46/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.47/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.112/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.113/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.114/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.115/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.116/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.117/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.118/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.119/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.120/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.121/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.122/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.123/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.124/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.125/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.126/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.191.127/24 FONOROLA2 C:CA 1:2493(35) 2:2493(91) 204.198.240/24 3WAVE C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.199.155/24 RANKIN-TUPELO-K12-MS- C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.199.168/24 STARKVILLE.PVT.K12.MS C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.199.169/24 SHS.STARKVILLE.K12.MS C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.199.170/24 ALCORN-EDU C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.199.171/24 GATESARROW-GREENVILLE C:US 1:3561(147) 2:3561(218) 3:3561(27) 4:3561(11) 5:3561(144) 204.209.20/24 COMCEPT-1 C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 204.214.88/21 NET-BIHS C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 204.214.128/24 CNWEB.COM C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 204.215.240/24 NSAN C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 204.215.241/24 TECNET C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 204.225.6/24 CMEC-CA C:CA 1:577(133) 2:577(137) 3:577(143) 4:3561(218) 5:3561(11) 204.228.128/18 WESTNET-W4 C:US 1:1239(144) 2:1800 3:1239(218) 4:210 5:209 204.233.128/17 NETBLK-MIDNET-CBLK3 C:US 1:3561(218) 2:3561(11) 3:1239(218) 4:93 204.239.26/24 CONCORDPACIFIC C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 204.239.27/24 CONCORDPACIFIC C:CA 1:577(143) 2:577(133) 3:577(137) 4:3561(11) 5:3561(218) 204.239.210/24 NETBLK-GDTSOFT C:CA 1:2493(91) 2:2493(35) 204.248.128/24 AUGUSTA-NET C:US 1:1239(218) 2:1239(147) 3:1239(144) 4:1800 204.251.224/23 NET-ENVISION C:US 1:1239(147) 2:1239(144) 3:1239(218) 4:1800 205.117.23/24 CAIS-CIDR1-117-23 C:US 1:3830 2:1800 3:1240 205.120/13 NETBLK-WESTNETUT C:US 1:1239(144) 2:1800 3:1239(218) 4:210 5:209 205.149.32/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.33/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.34/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.35/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.36/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.37/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.38/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.39/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.40/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.41/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.42/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.43/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.44/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.45/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.46/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.47/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.48/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.49/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.50/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.51/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.52/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.53/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.54/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.55/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.56/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.57/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.58/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.59/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.60/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.61/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.62/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.149.63/24 CRCNET2 C:US 1:1800 2:1240 3:1239 205.160.42/23 NET-SSD C:US 1:1239(147) 2:1239(218) 3:1239(144) 4:1800 205.168/16 CSN-BLOCK-7 C:US 1:1239(144) 2:1800 3:1239(218) 4:209 5:210 205.169/16 CSN-BLOCK-7 C:US 1:1239(144) 2:1800 3:1239(218) 4:209 5:210 205.170/16 CSN-BLOCK-7 C:US 1:1239(144) 2:1800 3:1239(218) 4:209 5:210 205.171/16 CSN-BLOCK-7 C:US 1:1239(144) 2:1800 3:1239(218) 4:209 5:210 Deletions: --150.49/16 CTINET C:JP 1:2149 2:174 --151.142.10/24 TWC-NET C:US 1:1322 --151.142.32/24 TWC-NET C:US 1:1322 --157.166.1/24 TECHWOOD C:US 1:1333 --157.166.2/24 TECHWOOD C:US 1:1333 --157.166.3/24 TECHWOOD C:US 1:1333 --157.166.22/24 TECHWOOD C:US 1:1333 --157.166.25/24 TECHWOOD C:US 1:1333 --157.166.27/24 TECHWOOD C:US 1:1333 --157.166.28/24 TECHWOOD C:US 1:1333 --157.166.40/24 TECHWOOD C:US 1:1333 --157.166.46/24 TECHWOOD C:US 1:1327 --157.166.47/24 TECHWOOD C:US 1:1327 --157.166.143/24 TECHWOOD C:US 1:1322 --157.166.144/24 TECHWOOD C:US 1:1322 --157.166.145/24 TECHWOOD C:US 1:1324(32) 2:1324(35) --157.166.153/24 TECHWOOD C:US 1:1322 --157.166.159/24 TECHWOOD C:US 1:1322 --157.166.161/24 TECHWOOD C:US 1:1322 --157.166.162/24 TECHWOOD C:US 1:1322 --157.166.165/24 TECHWOOD C:US 1:1322 --157.166.167/24 TECHWOOD C:US 1:1322 --157.166.170/24 TECHWOOD C:US 1:1322 --157.166.204/24 TECHWOOD C:US 1:1322 --157.166.207/24 TECHWOOD C:US 1:1333 --157.166.220/24 TECHWOOD C:US 1:1333 --157.166.221/24 TECHWOOD C:US 1:1333 --157.166.228/24 TECHWOOD C:US 1:1324(32) 2:1324(35) --157.166.229/24 TECHWOOD C:US 1:1324 --157.166.230/24 TECHWOOD C:US 1:1324 --157.166.235/24 TECHWOOD C:US 1:1324 --157.166.238/24 TECHWOOD C:US 1:1324 --157.166.240/24 TECHWOOD C:US 1:1325 --157.166.242/24 TECHWOOD C:US 1:1321 --157.166.245/24 TECHWOOD C:US 1:1323 --157.166.254/24 TECHWOOD C:US 1:1333 --194.10.193/24 RIPE-CBLK2 C:NL 1:2685 2:701(147) 3:701(134) 4:3561(218) 5:3561(11) --202.18.248/24 STAFFNET1 C:JP 1:297(144) 2:372 3:297(145) --202.18.249/24 STAFFNET2 C:JP 1:297(144) 2:372 3:297(145) Expanded listing, sorted by country, then by organization: ========================================================== The "Expanded Listings" section of this NWG report has been retired since it is sorted by countries and network organization addresses. The replacement configuration generation system is based on the Internet Routing Registry (briefly called the "Global Routing Registry"). See the file ftp.ra.net:pub/radb/OVERVIEW for more information. The remainder of this report will also be retired shortly. AS690 CIDR Squeezings Report: 11402 Nets, 186 ASs, 3291 Aggregates ------------------------------------------------------------------- 11402 (84%) of the ever-announced more-specific routes within aggregates have been withdrawn. 120 of those were withdrawn within the last week. 264 the week before that. 1256 the week before that. 186 ASs have registered aggregates in the PRDB. 169 of those are announcing aggregates. 90 have withdrawn at least one more specific route. 3291 Aggregates are configured. 2195 of these were Top-Level Aggregates (not nested in another aggregate). 1697 of these are being announced to AS690. 1058 of those have at least one subnet configured (the other 639 may be saving the Internet future subnet announcements). 912 have stopped announcing at least one configured more specific route. 886 have stopped announcing half of their configured more specific routes. 845 have stopped announcing most (80%) of their more specific routes. See home.merit.edu:pub/nsfnet/cidr/cidr_savings for more detail. ----------------------------------------------------------- ========================================================== The configuration reports which reflect today's update will be available for anonymous ftp on nic.merit.edu by 08:00 EST : configuration reports -- nic.merit.edu:nsfnet/announced.networks: as-as.now as-gw.now ans_core.now country.now net-comp.now nets.doc nets.non-classful nets.tag.now nets.unl.now NSS routing software configuration files -- nic.merit.edu:nsfnet/backbone.configuration: gated.nss<NSS number>.t3p Information is also avaiable through the PRDB whois server. Type "whois -h prdb.merit.edu help" for details. -------------------------------------------------------------------------- PRDB CHANGES: (Updated January 19, 1994) As of 1/19/95, ACKs and NAKs will no loger be required (or even read) in the processing of NACRs. In early 1995, as part of the transition to the new Internet Routing Registry (IRR), the Policy Routing Database (PRDB) will be retired. Many of the functions of the PRDB (including generation of router configurations for NSFNET) will be produced based on data from the Global Routing Registry. This change to the NSFNET Backbone service will involve the following changes: - The method for submitting new nets to be routed over AS690 will change. Instead of submitting a NACR to nsfnet-admin(a)merit.edu, you will need to submit a "route template" to auto-dbm(a)ra.net . - Additions and entries to the new registry will be made by the Home AS which creates the route for each net, rather than being submitted by a AS690 peer AS. - Most of the PRDB reports (listed above) will no longer be produced. Equivalent information for most of these reports is available from the global Routing Registry. These are major changes to the system. These changes are being made in order to migrate NSFNET customers and the global user community to a global Internet Routing Registry system, which will be more capable of supporting user needs after the termination of the NSFNET Backbone services in April 1995. For more information, set your web browser to http://www.ra.net/rrinfo.html , or use anonymous ftp to obtain the files "OVERVIEW" and from the directory "ftp.ra.net:pub/radb". Merit would like to minimize the number of problems that this transition may cause you. In order to help us help you through the transition, please send your concerns, your needs, and suggestions on how we can make this happen smoothly to merit-ie(a)merit.edu. The archived discussion list "db-disc(a)merit.edu" also exists for discussion of PRDB and RADB issues. Send a message to "db-disc-request(a)merit.edu" to subscribe. --Dale Johnson (dsj(a)merit.edu) -------------------------------------------------------------------------- Please send all requests for configuration changes to nsfnet-admin(a)merit.edu using the NSFNET configuration forms. The forms are available on-line from the nic.merit.edu machine. Use ftp and the anonymous login to get on the machine. Do a "cd nsfnet/announced.networks" and get the files template.net, template.net.README, template.gate, and template.as. *** Note: As of March 1, 1994, NSFNET AUP NACRs must use the template.net *** (NACR) version 7.1, or the NACR will be returned unprocessed. ******************************* --Stephen McNutt Merit/NSFNET smm(a)merit.edu --Steven J. Richardson Merit/NSFNET sjr(a)merit.edu

2 1

Regarding FBOI
by pharp＠aol.com 01 Apr '95

01 Apr '95

I trust a stunt like that. I have some swampland in FL too. Some one check these bozos out. I'll forward a copy to the Treasury Dept. FBOI, GET LOST!!!!

1 0

Registering in the RADB
by Elise Gerich 31 Mar '95

31 Mar '95

Many folks have been asking what is necessary to start registering information in the Routing Arbiter Database. Andy Adams from Merit has documented the three step procedure for registering in the RADB. This document, "Registering in the RADB", is available from: http://www.ra.net/rrinfo.html All registration information should be sent to db-admin(a)ra.net. Comments and suggestions concerning the documentation should be sent to merit-ie(a)merit.edu. WARNING: The RADB is not used to configure AS 690 (NSFNET Backbone Service and ANSnet) yet. It is used to configure the Route Servers at the NAPs. To have routes accepted by AS 690 (NSFNET Backbone Service and ANSnet), please continue to submit NACRs. Happy reading. --Elise

1 0

NOC Status Reports
by kwe＠6SigmaNets.com 31 Mar '95

31 Mar '95

At 4:42 PM 3/30/95, Hans-Werner Braun wrote: >I wonder by how much the problem could be reduced as such, if service >providers (including campus service providers) would have accessible >servers about network status information, being kept current by some >local NOC. At 4:56 PM 3/30/95, Chris Dorsey (510)422-4474 wrote: > .... Of course there will >always be some NSP's that would never implement such a server >for business purposes. H-W, Chris, et al; Some service providers already post system-wide planned outages and even system-wide unplanned outages (like NSFnet backbone outages) on public mailing lists. We don't need another protocol to support this -- it would be a simple matter for everyone to gateway system-wide trouble ticket reports to a Web page. As Chris points out, even if today we could do this, in future it will become more difficult as competitive pressures mount. In the past I have managed NOCs where there were pressures on the NOC to sugar-coat the public trouble tickets. A certain amount of this is appropriate, since it is possible for NOC controllers, network engineers and other technical support people to become frustrated with their peers and I have some vivid memories of particular frustrations coming out in system-wide trouble tickets. It doesn't help either party for shouting and name-calling to show up in trouble tickets, but it can easily happen, as we all know. So when the pressure inevitably mounts on everyone to treat their system-wide trouble tickets like press releases, the information content that we seek will tend toward zero. Therefore I feel that if such a public system were created it would inevitably devolve to minimize useful information, such as who is really screwing up or where the difference of opinion actually lies. We need a new pressure point, like traceroute became for routing or throughput became for router benchmarks. If you all kept incident notes and someone sent out a survey every quarter, would you be interested in a Consumer Reports style of NOC performance metric? :-) This might be worth thinking about in the IP Perf Metric BOF next week. I just don't see any other pressure point. There has to be an outside evaluation tool and a general understanding of how to interpret it. --Kent

1 0

Re: ENSS 133 retired
by phuston＠nsf.gov 31 Mar '95

31 Mar '95

Thanks to all of you and Merit for helping everyone confirm that the transition is solid before May 1. You have been among the leaders in stepping out front and assuring a smooth the transition . Priscilla. At 10:59 PM 3/30/95, epg(a)merit.edu wrote: >As of March 31, 1995, the NSFNET Backbone Service to >NYSERnet, Cornell Theory Center, and PSI at Ithaca, NY >(ENSS 133) will be retired. > >This termination of service means that there are two regional >networks, SURAnet and NYSERnet, which are totally dependent >on their new service providers, internetMCI and Sprintlink. >In addition, the Cornell Theory Center is the first super- >computer center to terminate its dependence on the NSFNET >Backbone Service. > >Merit thanks NYSERnet, Cornell Theory Center, and PSI for >their cooperation since 1988 and during the transition. > > --Elise Priscilla Jane Huston Program Director of the NSFNET Program National Science Foundation Voice: (703)306-1949 or (713)527-4007 4201 Wilson Blvd Fax: (703) 306-0621 Arlington, VA 22230 Internet: phuston(a)nsf.gov or pjh(a)rice.edu

1 0

IP Provider Metrics (IPPM) WG/BOF
by Matt Mathis 31 Mar '95

31 Mar '95

A number of people missed this the first time. To: nanog(a)merit.edu Subject: INCOMING: IP Provider Metrics Date: Wed, 15 Mar 1995 11:53:01 -0500 From: "Matt Mathis" <mathis> [... out of date adminstrivia deleted ...] Even though I am going to work hard to prevent it, this is likely to become quite political. My intent is to provide tools and methods (standard procedures) which will enable the market to reward providers who are true to their mission, what ever that may be. Although my historical point of view has always been in the operations community, I have clearly become "just a customer". Furthermore, there is a large pool of "experts" who think that they can do the job better than you. Therefor, it is crucial that current providers take an active role in this effort, if nothing else to offset the "experts". Comments are welcome. Thanks, - --MM-- Draft agenda of the "IP Provider Metrics" BOF 6:00 - 11:30 Wednesday, April 5, 1995 ============================================= Consider a possible WG. (15 minutes at opening) * - Is a new WG needed? * - Relationship to BMWG/GISD/others - Inventory of possible tasks - Requirements for IP Provider Metrics * - Define scope and priorities * - Chair issues, Editor/secretary * - Charter (* introduce at the open, but postpone detailed discussion until the close) General Requirements for IP provider metrics (15 min) IP bulk data transfer performance (technical issues, 30 min) IP routing stability and robustness (technical issues, 30 min) Consider a possible WG...., part 2 (30 min) - ---------------- Rough Draft Charter IP Provider Metrics (IPPM) The IPPM WG will develop a set of standard metrics that can be applied to the the quality, performance and reliability of an IP datagram service. These metrics will be designed such that they can be performed by the providers themselves, customers, potential customers or independent testing groups. The areas covered will include: I) Path Performance A) Bulk data transfer performance (ftp, etc) B) Interactive performance (Telnet, X11, etc) C) Real-time and multicast performance (delay statistics) II) Routing stability and robustness A) End to end availability B) Time to recover (e.g. switch to backup paths) C) Route stability (Spurious route transitions, etc) III) others TBD The IPPM WG will select or adapt existing tools and develop standard procedures for performing and documenting the measurements. - ---------------- Notes on the Charter o Services peripheral to basic IP, such as NOC/NIS services, DNS, etc. are expressly excluded because there is vehement anti-consensus among Internet providers. Prior efforts to standardize these areas have failed because they impinge on the different business models held by the providers. For example some providers include full, high quality DNS service bundled with their IP service. Others provide inexpensive DNS "starter" services, but expect most customers to eventually run their own servers. o It is also important that the language not be pejorative, to permit providers to strategicly balance their price and performance. We want to encourage all market positions including "Inexpensive, good enough service" as well as "The best possible service". o The milestones will be weighted to address I.A. (bulk performance) and possibly parts of II first. The other goals will be addressed as an ongoing effort. The scope will start very narrow, and will be extended only as we have assured closure on the initial tasks. o I have a prototype bulk transfer diagnostic that can safely and accurately measure IP bulk performance. It is a combination of traceroute and Reno TCP, and can provide traceroute like path information under exactly the conditions induced by TCP. See the discussion below. o The difficulty with routing stability metrics, is that the best ones require collusion with the Internet providers themselves. This clashes with the provider-to-provider trust model that is a necessary for healthy operation of the Internet as a whole. BGP can easily be used to collect engineering, business and other data on competitors. I believe that there exists a good technological solution based on the global collection and archiving of sanitized BGP logs. Clearly, there is a substantial piece of this technology that belongs with the RA and other global routing agents. However, there are also parts that belong to the community in the form of a working group. There needs to be a discussion of the possible role for IPPM in this process. o The IETF is not "poised" to address "standard measurement procedures". Is this a problem? o The final draft of the charter should be completed after the WG is convened. o IPPM should have an editor other than the chair. - ---------------- Comments on the bulk performance tool: I am working on a prototype diagnostic tool ("treno") designed to address bulk performance issues. It is derived from Windowed ping (Matt Mathis, INET'94, See ftp://ftp.psc.edu/pub/net_tools/WPing.ps) but designed to be safe for typical network administrators at user sites. It uses traceroute to emulate Reno TCP over any IP infrastructure. This approach has a number of strong advantages: - - Its bandwidth consumption is bound by the same congestion mechanism as TCP. (Although this is more than might be tolerated for ongoing monitoring). - - It measures the network under the same queue dynamics as inflicted by TCP. - - Differences in the end systems need not affect the results. - - Today it can identify the lowest performance provider in a long path if there is a suitable unix box near each interconnect. - - Someday it will be able to diagnose (to a specific hop) any path across the Internet. Treno is not yet completed. There are some open issues which can best be addressed as part of an IETF WG, with open and public input from all interested parties. In the end this will make it a stronger tool for supporting the growth of the Internet. Incomplete Tasks: - - Certify that treno emulates Idealized Reno TCP. Understand and evaluate the implications of differences between treno and Reno as it appears in the field. (IPPM and end2end research community) - - Develop testing methodology for "data sheet" measurements: How to select and specify endpoints, sampling schedule, etc for measuremets to be used on a "data sheet" or service level language in a contract. (IPPM and the network operators community) - - Document the need and utility for all router vendors to support full rate ICMP TTL exceeded messages. (IPPM and RREQ?) ------- End of Forwarded Message

1 0

ENSS 133 retired
by epg＠merit.edu 30 Mar '95

30 Mar '95

As of March 31, 1995, the NSFNET Backbone Service to NYSERnet, Cornell Theory Center, and PSI at Ithaca, NY (ENSS 133) will be retired. This termination of service means that there are two regional networks, SURAnet and NYSERnet, which are totally dependent on their new service providers, internetMCI and Sprintlink. In addition, the Cornell Theory Center is the first super- computer center to terminate its dependence on the NSFNET Backbone Service. Merit thanks NYSERnet, Cornell Theory Center, and PSI for their cooperation since 1988 and during the transition. --Elise

1 0