My IRC server is at irc.citynetwireless.net. It runs dancer-ircd 1.0.35 along with its own services (Nick/ChanServ/etc) and stays up as long as my DS3 does :). On Sun, Jun 20, 2004 at 08:29:40PM -0700, ken@calpop.com wrote:
Hey,
Let me know if the IRC server has been setup... I do know there is already a #nanog channel on EFNet..
Regards, Ken Network Engineer CalPOP.com, Inc.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Bubba Parker Sent: Saturday, June 19, 2004 9:01 PM To: nanog@merit.edu Subject: Re: real-time DDoS help?
I could host and/or setup the irc server if anyone is interested.
On Sun, Jun 20, 2004 at 03:23:06AM +0000, Christopher L. Morrow wrote:
On Sat, 19 Jun 2004, Charles Sprickman wrote:
On Sun, 20 Jun 2004, Suresh Ramasubramanian wrote:
On Sat, 19 Jun 2004, Jonathan Slivko wrote:
Maybe if NANOG had irc.nanog.org, maybe that might be something
to
consider - a real-time network of communication for network operators to deal with issues, etc.
There's always http://puck.nether.net/mailman/listinfo/nsp-security
I can tell you right off AS8059 doesn't meet the requirements. I'd gladly respond to any reports of attacks from them, but I don't think you'd ever see any.
which of your 2 upstreams isn't helping out? I'm fairly certain both providers have security groups, and do mitigate attacks for customers on a regular basis. Perhaps you are not getting in touch with the correct customer service folks? We often have this issue ;(
Basement multihomers unite.
hurray!
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
i thought there was nanog @efnet with a lot of these people on it... i'm sure there are plenty of chat networks out tehre without having to start a new one. On Sun, 20 Jun 2004 22:47:52 -0500, Bubba Parker <sysadmin@citynetwireless.net> wrote:
My IRC server is at irc.citynetwireless.net. It runs dancer-ircd 1.0.35 along with its own services (Nick/ChanServ/etc) and stays up as long as my DS3 does :).
On Sun, Jun 20, 2004 at 08:29:40PM -0700, ken@calpop.com wrote:
Hey,
Let me know if the IRC server has been setup... I do know there is already a #nanog channel on EFNet..
Regards, Ken Network Engineer CalPOP.com, Inc.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Bubba Parker Sent: Saturday, June 19, 2004 9:01 PM To: nanog@merit.edu Subject: Re: real-time DDoS help?
I could host and/or setup the irc server if anyone is interested.
On Sun, Jun 20, 2004 at 03:23:06AM +0000, Christopher L. Morrow wrote:
On Sat, 19 Jun 2004, Charles Sprickman wrote:
On Sun, 20 Jun 2004, Suresh Ramasubramanian wrote:
On Sat, 19 Jun 2004, Jonathan Slivko wrote:
Maybe if NANOG had irc.nanog.org, maybe that might be something
to
consider - a real-time network of communication for network operators to deal with issues, etc.
There's always http://puck.nether.net/mailman/listinfo/nsp-security
I can tell you right off AS8059 doesn't meet the requirements. I'd gladly respond to any reports of attacks from them, but I don't think you'd ever see any.
which of your 2 upstreams isn't helping out? I'm fairly certain both providers have security groups, and do mitigate attacks for customers on a regular basis. Perhaps you are not getting in touch with the correct customer service folks? We often have this issue ;(
Basement multihomers unite.
hurray!
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
noname - 1K
Well if people use this IRC server, there's definately going to be more control over the channel and server itself. And if needed, other members could gain more control server-wide. Let me know if you have any questions. On Mon, Jun 21, 2004 at 11:06:32PM -0700, andrew matthews wrote:
i thought there was nanog @efnet with a lot of these people on it... i'm sure there are plenty of chat networks out tehre without having to start a new one.
On Sun, 20 Jun 2004 22:47:52 -0500, Bubba Parker <sysadmin@citynetwireless.net> wrote:
My IRC server is at irc.citynetwireless.net. It runs dancer-ircd 1.0.35 along with its own services (Nick/ChanServ/etc) and stays up as long as my DS3 does :).
On Sun, Jun 20, 2004 at 08:29:40PM -0700, ken@calpop.com wrote:
Hey,
Let me know if the IRC server has been setup... I do know there is already a #nanog channel on EFNet..
Regards, Ken Network Engineer CalPOP.com, Inc.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Bubba Parker Sent: Saturday, June 19, 2004 9:01 PM To: nanog@merit.edu Subject: Re: real-time DDoS help?
I could host and/or setup the irc server if anyone is interested.
On Sun, Jun 20, 2004 at 03:23:06AM +0000, Christopher L. Morrow wrote:
On Sat, 19 Jun 2004, Charles Sprickman wrote:
On Sun, 20 Jun 2004, Suresh Ramasubramanian wrote:
On Sat, 19 Jun 2004, Jonathan Slivko wrote:
> Maybe if NANOG had irc.nanog.org, maybe that might be something
to
> consider - a real-time network of communication for network operators > to deal with issues, etc.
There's always http://puck.nether.net/mailman/listinfo/nsp-security
I can tell you right off AS8059 doesn't meet the requirements. I'd gladly respond to any reports of attacks from them, but I don't think you'd ever see any.
which of your 2 upstreams isn't helping out? I'm fairly certain both providers have security groups, and do mitigate attacks for customers on a regular basis. Perhaps you are not getting in touch with the correct customer service folks? We often have this issue ;(
Basement multihomers unite.
hurray!
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
noname - 1K
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
On 2004-06-22T08:27-0500, Bubba Parker wrote: ) Well if people use this IRC server, there's definately going to be more ) control over the channel and server itself. And if needed, other members ) could gain more control server-wide. Let me know if you have any ) questions. You may find that an IRC server used for the purposes of discussing DoS attacks, to the point of being used for real time mitigation of same, will ultimately be targeted as part of those attacks. A dedicated DS3 probably does not provide enough bandwidth to run a modern DoS-resistent IRC server. As a point of reference, during an attack, some EFnet IRC servers may take in multiple hundreds of Mb/s before upstream action is initiated. -- Daniel Reed <n@ml.org> http://people.redhat.com/djr/ irc.efnet.us There are people who do things and people who take the credit, and the trick is to be in the first group; there is a lot less competition. -- Dwight Morrow, American Diplomat
Why a NANOG IRC server would be targeted, I have no clue. But if that's the case, count me out. On Tue, Jun 22, 2004 at 09:41:51AM -0400, Daniel Reed wrote:
On 2004-06-22T08:27-0500, Bubba Parker wrote: ) Well if people use this IRC server, there's definately going to be more ) control over the channel and server itself. And if needed, other members ) could gain more control server-wide. Let me know if you have any ) questions.
You may find that an IRC server used for the purposes of discussing DoS attacks, to the point of being used for real time mitigation of same, will ultimately be targeted as part of those attacks.
A dedicated DS3 probably does not provide enough bandwidth to run a modern DoS-resistent IRC server. As a point of reference, during an attack, some EFnet IRC servers may take in multiple hundreds of Mb/s before upstream action is initiated.
-- Daniel Reed <n@ml.org> http://people.redhat.com/djr/ irc.efnet.us There are people who do things and people who take the credit, and the trick is to be in the first group; there is a lot less competition. -- Dwight Morrow, American Diplomat
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine. On Tue, Jun 22, 2004 at 09:41:51AM -0400, Daniel Reed wrote:
On 2004-06-22T08:27-0500, Bubba Parker wrote: ) Well if people use this IRC server, there's definately going to be more ) control over the channel and server itself. And if needed, other members ) could gain more control server-wide. Let me know if you have any ) questions.
You may find that an IRC server used for the purposes of discussing DoS attacks, to the point of being used for real time mitigation of same, will ultimately be targeted as part of those attacks.
A dedicated DS3 probably does not provide enough bandwidth to run a modern DoS-resistent IRC server. As a point of reference, during an attack, some EFnet IRC servers may take in multiple hundreds of Mb/s before upstream action is initiated.
-- Daniel Reed <n@ml.org> http://people.redhat.com/djr/ irc.efnet.us There are people who do things and people who take the credit, and the trick is to be in the first group; there is a lot less competition. -- Dwight Morrow, American Diplomat
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
Why would you need to re-invent the wheel? There are multiple EFNET servers run by Nanog members including: irc.servercentral.net irc.nac.net irc.easynews.com irc.he.net To name a few. #nanog -- Matthew ----- Original Message ----- From: "Bubba Parker" <sysadmin@citynetwireless.net> To: "Daniel Reed" <n@ml.org> Cc: <nanog@merit.edu> Sent: Tuesday, June 22, 2004 10:00 AM Subject: Re: real-time DDoS help?
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine.
Maybe because efnet sucks? :) *runs* On Tue, Jun 22, 2004 at 11:07:40AM -0400, Matthew McGehrin wrote:
Why would you need to re-invent the wheel?
There are multiple EFNET servers run by Nanog members including: irc.servercentral.net irc.nac.net irc.easynews.com irc.he.net
To name a few.
#nanog
-- Matthew
----- Original Message ----- From: "Bubba Parker" <sysadmin@citynetwireless.net> To: "Daniel Reed" <n@ml.org> Cc: <nanog@merit.edu> Sent: Tuesday, June 22, 2004 10:00 AM Subject: Re: real-time DDoS help?
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine.
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
probably not as much as shittynetwireless.net -chris On Tue, 22 Jun 2004, Bubba Parker wrote:
Maybe because efnet sucks? :) *runs*
On Tue, Jun 22, 2004 at 11:07:40AM -0400, Matthew McGehrin wrote:
Why would you need to re-invent the wheel?
There are multiple EFNET servers run by Nanog members including: irc.servercentral.net irc.nac.net irc.easynews.com irc.he.net
To name a few.
#nanog
-- Matthew
----- Original Message ----- From: "Bubba Parker" <sysadmin@citynetwireless.net> To: "Daniel Reed" <n@ml.org> Cc: <nanog@merit.edu> Sent: Tuesday, June 22, 2004 10:00 AM Subject: Re: real-time DDoS help?
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine.
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
Heh, at least I don't have daily splits, and other people besides assholes are allowed to be opers. On Tue, Jun 22, 2004 at 11:35:37AM -0400, Christian Malo wrote:
probably not as much as shittynetwireless.net
-chris
On Tue, 22 Jun 2004, Bubba Parker wrote:
Maybe because efnet sucks? :) *runs*
On Tue, Jun 22, 2004 at 11:07:40AM -0400, Matthew McGehrin wrote:
Why would you need to re-invent the wheel?
There are multiple EFNET servers run by Nanog members including: irc.servercentral.net irc.nac.net irc.easynews.com irc.he.net
To name a few.
#nanog
-- Matthew
----- Original Message ----- From: "Bubba Parker" <sysadmin@citynetwireless.net> To: "Daniel Reed" <n@ml.org> Cc: <nanog@merit.edu> Sent: Tuesday, June 22, 2004 10:00 AM Subject: Re: real-time DDoS help?
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine.
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
"Matthew" == Matthew McGehrin <mcgehrin@reverse.net> writes:
Matthew> Why would you need to re-invent the wheel? Matthew> There are multiple EFNET servers run by Nanog members Matthew> including: irc.servercentral.net irc.nac.net Matthew> irc.easynews.com irc.he.net Matthew> To name a few. Matthew> #nanog It is important to emphasize a couple of things, now that the topic has come up. First and foremost, the #nanog IRC channel has absolutely nothing to do with the nanog mailing list, other than it shares some common personalities. Operational discussion is rarely experienced, the most often-experienced relevant question is "how do I configure BGP", and you can guess how that makes engineers who are on the channel feel about answering questions. I recommend that those who see this channel mentioned on the mailing list ignore it as if it does not exist - because it does not for purposes of operational talk (although it may be useful for the occasional drop-in "does anyone here work for X?"). Secondly and perhaps most notably, IRC is in no way, shape, or form a protocol or communications method one would describe as resilient or operationally relevant. Neither are the instant messaging networks or Jabber servers. IRC does not meet the "needs" of operators. Describing these needs is a separate topic and probably not appropriate for this mailing list, even though you could describe the topic as operationally relevant. The operations community is, unfortunately, not conveniently segregated into backbone operators, regional/tier operators, and small operators. What this means is that, with the lack of hierarchy, an operations staff member at UUNET/MCI, for instance, may not view it as high on his/her list of priorities to handle a complaint from your local engineer at an apartment complex that provides broadband access. My point here is that the needs are different in each individual "operational sphere", and there is no real shared survival instinct instilled among operations houses, although I like to think that generally operators are nice folks and will do what they can. I (for one) tend to think that the operations community needs a little more structure attached to it. There are efforts (as Jared mentions) to help with the interchange of information among providers, and others (myself included) are working on additional operational problems at length. Until these issues are identified, rationalized, and discussed, the idea of a solid operational communications framework is a long way off, though I tend to think that INOC-DBA, INCH, and the other efforts out there probably serve the intermediate need without handling future requirements. Technical matters aside, a code of conduct among operators (speaking in the corporate sense) would go a long way, but as we have seen evidenced in the past couple of years (and to some degree rightfully so), corporations will abdicate from your view of morality when confronted with their view of the bottom fiscal line. To summarize, I'd have to say that the best recommendation for the interim operational communications are SILC servers run by major backbone players with dedicated personnel responsible for communicating between providers. That being said, nsp-sec already fulfills this goal, and as Tim Battles once mentioned to me at Chicago NOG, the real challenge of operational security and communication is already handled by the address book and the cellular telephone. Tim
I never stated that #nanog was the official channel on efnet. I just suggested that were servers run by Nanog Folks already existing. Funny you should mention Jared. Did nether.net at one point and time host an Undernet Server? -- Matthew ----- Original Message ----- From: "Tim Brown" <tim@tux.org> To: "Matthew McGehrin" <mcgehrin@reverse.net> Cc: <nanog@merit.edu> Sent: Tuesday, June 22, 2004 12:17 PM Subject: Re: real-time DDoS help?
First and foremost, the #nanog IRC channel has absolutely nothing to do with the nanog mailing list, other than it shares some common personalities. Operational discussion is rarely experienced, the most often-experienced relevant question is "how do I configure BGP", and Secondly and perhaps most notably, IRC is in no way, shape, or form a protocol or communications method one would describe as resilient or operationally relevant. Neither are the instant messaging networks or Jabber servers. IRC does not meet the "needs" of operators. Describing these needs is a separate topic and probably not appropriate for this mailing list, even though you could describe the topic as operationally relevant.
okay people, this is ridiculous. if you want real-time DoS mitigation, cooperation between ASN's, may I introduce you all to: http://www.pch.net/inoc-dba/ enough with the irc.nanog.org. given that NANOG group is somewhat of higher profile, and also given that number of EFNet servers struggle with their GigE transit connections in regards to larger DDoS attacks, irc.nanog.org is a joke right? -J On Tue, Jun 22, 2004 at 09:00:16AM -0500, Bubba Parker wrote:
If need be, if someone were to actually provide a shell or something that did have enough bandwidth, I could setup the IRC server there and it would be fine.
On Tue, Jun 22, 2004 at 09:41:51AM -0400, Daniel Reed wrote:
On 2004-06-22T08:27-0500, Bubba Parker wrote: ) Well if people use this IRC server, there's definately going to be more ) control over the channel and server itself. And if needed, other members ) could gain more control server-wide. Let me know if you have any ) questions.
You may find that an IRC server used for the purposes of discussing DoS attacks, to the point of being used for real time mitigation of same, will ultimately be targeted as part of those attacks.
A dedicated DS3 probably does not provide enough bandwidth to run a modern DoS-resistent IRC server. As a point of reference, during an attack, some EFnet IRC servers may take in multiple hundreds of Mb/s before upstream action is initiated.
-- Daniel Reed <n@ml.org> http://people.redhat.com/djr/ irc.efnet.us There are people who do things and people who take the credit, and the trick is to be in the first group; there is a lot less competition. -- Dwight Morrow, American Diplomat
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- James Jun TowardEX Technologies, Inc. Technical Lead Network Design, Consulting, IT Outsourcing james@towardex.com Boston-based Colocation & Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
On Tue, 22 Jun 2004, James wrote:
okay people, this is ridiculous.
if you want real-time DOS mitigation, cooperation between ASNs, may I introduce you all to:
As in most other situations, there's value to having multiple tools. Different tools are more useful in different situations, and any single tool may break when you need it most. There are really three issues here: point to point communication, point to multi-point communication, and what you can do yourself when you don't have time to wait for the rest of the world. Point to point communication: For contacting NOCs that participate in INOC-DBA, INOC-DBA is a nice intuitive way to contact them. For NOCs that don't, regular phone numbers may be more useful. The NOC list on puck.nether.net can help you track those down. Collecting your own contact information is also good. Know who your peers and upstreams are, and how to contact them. Keep track of who you meet at conferences (but remember that individuals may not want to answer your phone calls 24 hours a day). Keep track of who your peers' peers and your friends' friends are, in case you need an introduction. Getting yourself taken seriously may be an issue, so figuring out in advance of an actual problem who will be available to help you is quite useful. If you know somebody at the other network, contacting them directly may help, but keep in mind that dealing with your particular problem may not be their job, and that even if it is they're presumably entitled to a private life outside of work. Otherwise, following the contractual path between your network and theirs (probably similar to the AS path) may get you taken more seriously. Rather than just being some random person calling and demanding that the other network do something, you get a situation where organizations are calling other organizations that they already have agreements with, and contact information for. Point to multi-point communication: Contacting an individual network isn't all that useful if you are on the receiving end of a truly distributed attack. Any one network might be able to disconnect a few of the hosts involved, but it's likely that hosts on other networks would pick up the slack and you wouldn't notice the difference. This is the case where putting out some sort of broadcast message for help probably makes sense. The NSP-SEC people have a closed mailing list for handling this sort of thing. I'm not on it, so I don't know exactly how it works, but my impression is that it's somewhat effective. If you don't qualify for membership, perhaps your upstream does, and could help you get the word out when needed. Any broadcast medium for requesting network help will have a problem with keeping the signal to noise ratio high enough that it will be considered worth listening to. The NANOG list, for example, is not particularly useful, both because there's so much non-real-time-operational content, and because most of the broadcast messages for help are things that should not be broadcast. A lot of people read NANOG in their spare time, but don't expect any networks to do real time monitoring of it. I suspect an open and publicized IRC channel would have this problem to an even greater extent. You'd not only be requiring all the networks of the world to sift through the drivel that didn't apply to them, but you'd be requiring them to do so constantly. In general, I suspect the people with the skills and power to help you are too busy for that, so communications channels that are closed, or at least not publicized beyond their intended audience, are likely to be a lot more useful. What you can do yourself: No communications channel will be all that useful if the other networks involved don't want to help. Sometimes the other networks don't join in the communications channels you would like them to, or don't answer their phones. Sometimes they don't understand the problem. Sometimes they're busy (or sleepy), and what's a big problem for you isn't causing any problems for them. Even in the best case scenarios, it's often easiest to put in a short term fix for your problem yourself, and then go ask for help with the long term solution. DDOS attacks tend to do one of three things, depending on where your weakest link is: overwhelm the hosts they're pointed at, overwhelm your routers, or saturate your network links. All of these problems can be mitigated by increasing capacity -- bigger pipes, bigger routers, more hosts. If you can beef up capacity at your borders, devices such as those made by Riverhead (now part of Cisco) will in many cases be able to do a nice job of protecting the insides of your network. Failing that, it may be best to blackhole the target IP address (or have your upstreams do so, depending on what's getting saturated), for the sake of saving the rest of your network. If you choose the right upstream providers, they will likely be a lot more responsive to that sort of request than some other network who isn't depending getting your money. -Steve
Ah....., but, then how can we keep the lamers (i.e. wannabes/non nanoggers) out effectively? :P -- Jonathan andrew matthews wrote:
i thought there was nanog @efnet with a lot of these people on it... i'm sure there are plenty of chat networks out tehre without having to start a new one.
On Sun, 20 Jun 2004 22:47:52 -0500, Bubba Parker <sysadmin@citynetwireless.net> wrote:
My IRC server is at irc.citynetwireless.net. It runs dancer-ircd 1.0.35 along with its own services (Nick/ChanServ/etc) and stays up as long as my DS3 does :).
On Sun, Jun 20, 2004 at 08:29:40PM -0700, ken@calpop.com wrote:
Hey,
Let me know if the IRC server has been setup... I do know there is already a #nanog channel on EFNet..
Regards, Ken Network Engineer CalPOP.com, Inc.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Bubba Parker Sent: Saturday, June 19, 2004 9:01 PM To: nanog@merit.edu Subject: Re: real-time DDoS help?
I could host and/or setup the irc server if anyone is interested.
On Sun, Jun 20, 2004 at 03:23:06AM +0000, Christopher L. Morrow wrote:
On Sat, 19 Jun 2004, Charles Sprickman wrote:
On Sun, 20 Jun 2004, Suresh Ramasubramanian wrote:
On Sat, 19 Jun 2004, Jonathan Slivko wrote:
>Maybe if NANOG had irc.nanog.org, maybe that might be something
to
>consider - a real-time network of communication for network
operators
>to deal with issues, etc.
There's always
http://puck.nether.net/mailman/listinfo/nsp-security
I can tell you right off AS8059 doesn't meet the requirements. I'd
gladly
respond to any reports of attacks from them, but I don't think you'd
ever
see any.
which of your 2 upstreams isn't helping out? I'm fairly certain both providers have security groups, and do mitigate attacks for customers
on a
regular basis. Perhaps you are not getting in touch with the correct customer service folks? We often have this issue ;(
Basement multihomers unite.
hurray!
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
noname - 1K
-- Jonathan M. Slivko - jslivko@gis.net "Linux: The Choice for the GNU Generation" - http://www.linux.org/ - Don't fear the penguin. .^. /V\ /( )\ ^^-^^ He's here to help.
On Tue, 22 Jun 2004, Jonathan M. Slivko wrote:
Ah....., but, then how can we keep the lamers (i.e. wannabes/non nanoggers) out effectively? :P
Let me guess, DDoS them away? IRC is simply the most evil thing ever invented. BTW, I've actually got two sites that were part of the DDoS to find then remove servers that were taking part in the attack. I am pleasantly surprised. And kudos to Comcast Business Services for having an intelligent and effective abuse desk. Charles
-- Jonathan
andrew matthews wrote:
i thought there was nanog @efnet with a lot of these people on it... i'm sure there are plenty of chat networks out tehre without having to start a new one.
On Sun, 20 Jun 2004 22:47:52 -0500, Bubba Parker <sysadmin@citynetwireless.net> wrote:
My IRC server is at irc.citynetwireless.net. It runs dancer-ircd 1.0.35 along with its own services (Nick/ChanServ/etc) and stays up as long as my DS3 does :).
On Sun, Jun 20, 2004 at 08:29:40PM -0700, ken@calpop.com wrote:
Hey,
Let me know if the IRC server has been setup... I do know there is already a #nanog channel on EFNet..
Regards, Ken Network Engineer CalPOP.com, Inc.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Bubba Parker Sent: Saturday, June 19, 2004 9:01 PM To: nanog@merit.edu Subject: Re: real-time DDoS help?
I could host and/or setup the irc server if anyone is interested.
On Sun, Jun 20, 2004 at 03:23:06AM +0000, Christopher L. Morrow wrote:
On Sat, 19 Jun 2004, Charles Sprickman wrote:
On Sun, 20 Jun 2004, Suresh Ramasubramanian wrote:
>On Sat, 19 Jun 2004, Jonathan Slivko wrote: > > >>Maybe if NANOG had irc.nanog.org, maybe that might be something
to
>>consider - a real-time network of communication for network
operators
>>to deal with issues, etc. > >There's always
http://puck.nether.net/mailman/listinfo/nsp-security
I can tell you right off AS8059 doesn't meet the requirements. I'd
gladly
respond to any reports of attacks from them, but I don't think you'd
ever
see any.
which of your 2 upstreams isn't helping out? I'm fairly certain both providers have security groups, and do mitigate attacks for customers
on a
regular basis. Perhaps you are not getting in touch with the correct customer service folks? We often have this issue ;(
Basement multihomers unite.
hurray!
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
-- Bubba Parker sysadmin@citynetwireless.net CityNet LLC http://www.citynetinfo.com/
noname - 1K
-- Jonathan M. Slivko - jslivko@gis.net "Linux: The Choice for the GNU Generation" - http://www.linux.org/ -
Don't fear the penguin. .^. /V\ /( )\ ^^-^^ He's here to help.
participants (10)
-
andrew matthews -
Bubba Parker -
Charles Sprickman -
Christian Malo -
Daniel Reed -
James -
Jonathan M. Slivko -
Matthew McGehrin -
Steve Gibbard -
Tim Brown