As NANOG has experienced during the last several meetings, in any network used by a large number of people, there will be a certain percentage of people which bring infected computers into the network. http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted... Wiring a Convention, Version 2004 By SETH SCHIESEL Published: July 29, 2004 [...] But data services have not been as solid. Many news organizations suffered intermittent breakdowns in Internet service, and on Tuesday evening the main press pavilion was offline for about 90 minutes. A spokesman for Verizon said the company deliberately caused the interruption as part of an effort to root out a more deep-seated network problem, which the company said appeared to have been caused by a virus carried by network devices provided by news organizations. In the interim, a handful of data lines provided by other companies, including AT&T, served as a backup.
On Thu, 29 Jul 2004, Sean Donelan wrote: : As NANOG has experienced during the last several meetings, in any network : used by a large number of people, there will be a certain percentage of : people which bring infected computers into the network. : : http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted... : Wiring a Convention, Version 2004 : By SETH SCHIESEL : Published: July 29, 2004 : [...] : But data services have not been as solid. Many news organizations : suffered intermittent breakdowns in Internet service, and on Tuesday : evening the main press pavilion was offline for about 90 minutes. A : spokesman for Verizon said the company deliberately caused the : interruption as part of an effort to root out a more deep-seated : network problem, which the company said appeared to have been caused by : a virus carried by network devices provided by news organizations. In : the interim, a handful of data lines provided by other companies, : including AT&T, served as a backup. A buncha technically clueless newsgeeks brought infected micro$loth computers into a convention? Shocking! What's this world coming to??? Sounds like Verizon hired low-end netgeeks if they had to bring the network down to find these infected computers. tisk-tisk-tisk Verizon. MCSE != good netgeek In fact, almost all the time, the two are mutually exclusive, disjoint sets of people... :-) scott
Scott Weeks wrote:
On Thu, 29 Jul 2004, Sean Donelan wrote:
: As NANOG has experienced during the last several meetings, in any network : used by a large number of people, there will be a certain percentage of : people which bring infected computers into the network. : : http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted... : Wiring a Convention, Version 2004 : By SETH SCHIESEL : Published: July 29, 2004 : [...] : But data services have not been as solid. Many news organizations : suffered intermittent breakdowns in Internet service, and on Tuesday : evening the main press pavilion was offline for about 90 minutes. A : spokesman for Verizon said the company deliberately caused the : interruption as part of an effort to root out a more deep-seated : network problem, which the company said appeared to have been caused by : a virus carried by network devices provided by news organizations. In : the interim, a handful of data lines provided by other companies, : including AT&T, served as a backup.
A buncha technically clueless newsgeeks brought infected micro$loth computers into a convention? Shocking! What's this world coming to??? Sounds like Verizon hired low-end netgeeks if they had to bring the network down to find these infected computers.
I must have dozed off. What did Verizon have to do with the NANOG meeting?
tisk-tisk-tisk Verizon. MCSE != good netgeek In fact, almost all the time, the two are mutually exclusive, disjoint sets of people...
And sometimes "orthogonal" comes to mind. And sometimes "congruent" does. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
On Thu, 29 Jul 2004, Laurence F. Sheldon, Jr. wrote: : > : As NANOG has experienced during the last several meetings, in any network : > : used by a large number of people, there will be a certain percentage of : > : people which bring infected computers into the network. : > : evening the main press pavilion was offline for about 90 minutes. A : > : spokesman for Verizon said the company deliberately caused the : > : interruption as part of an effort to root out a more deep-seated : > : network problem, which the company said appeared to have been caused by : > : a virus carried by network devices provided by news organizations. In : > A buncha technically clueless newsgeeks brought infected micro$loth : > computers into a convention? Shocking! What's this world coming to??? : > Sounds like Verizon hired low-end netgeeks if they had to bring the : > network down to find these infected computers. : : I must have dozed off. What did Verizon have to do with the NANOG : meeting? See section 2, above. Neither is what Sean was getting at, I believe. What he seemed to be saying is that a few infected folks can cause temp networks at conventions to suffer major problems. Doesn't matter if it's at a news org conference or a NANOG conference. To be sure, though, you don't have to take the whole network down to find them. : > tisk-tisk-tisk Verizon. MCSE != good netgeek In fact, almost all the : > time, the two are mutually exclusive, disjoint sets of people... : : And sometimes "orthogonal" comes to mind. yes, most always. : And sometimes "congruent" does. very, very rarely. Keep 'em if you find 'em. I've worked with a couple in the past... Just an opinion. I'm known to have a few... :-) scott
See section 2, above. Neither is what Sean was getting at, I believe. What he seemed to be saying is that a few infected folks can cause temp networks at conventions to suffer major problems. Doesn't matter if it's at a news org conference or a NANOG conference. To be sure, though, you don't have to take the whole network down to find them.
Of course you don't, but if you notice they shut down a segment of the network only. Probably some arse running a DHCP server that conflicted with the real one. Chances are the bigwigs shut it off while some lackey had to find the geeks at whatever booth they were snagging swag at :) Rob Nelson ronelson@vt.edu
A buncha technically clueless newsgeeks brought infected micro$loth computers into a convention? Shocking! What's this world coming to??? Sounds like Verizon hired low-end netgeeks if they had to bring the network down to find these infected computers.
Maybe they could have benifited from attending Nanog in Miami: ** Airborne Contagion: Effects of a Worm on Wireless Networking http://www.nanog.org/mtg-0402/chin.html ** Life on a University Network: An Architecture for Automatically Detecting, Isolating, and Cleaning Infected Hosts http://www.nanog.org/mtg-0402/gauthier.html I mean, when the Universities deal with this stuff better than you do, you have to start to wonder ;) Eric :)
Good Afternoon! I'd like to apologize for the inconsiderate statement I made this morning. It was unecessary and uncalled for. I should've said it like Eric Gauthier and Petri Helenius did. Nicely. I deal with these things everyday on my network and was just shocked that any part of a network would be purposely shutdown for an hour and a half to solve an issue that simple operational (rate-limiting, MRTG, etc, etc) practices would've prevented. That is, if the article was even accurate. It was uncalled for and I apologize to the list members. scott On Thu, 29 Jul 2004, Scott Weeks wrote: : On Thu, 29 Jul 2004, Sean Donelan wrote: : : : As NANOG has experienced during the last several meetings, in any network : : used by a large number of people, there will be a certain percentage of : : people which bring infected computers into the network. : : : : http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted... : : Wiring a Convention, Version 2004 : : By SETH SCHIESEL : : Published: July 29, 2004 : : [...] : : But data services have not been as solid. Many news organizations : : suffered intermittent breakdowns in Internet service, and on Tuesday : : evening the main press pavilion was offline for about 90 minutes. A : : spokesman for Verizon said the company deliberately caused the : : interruption as part of an effort to root out a more deep-seated : : network problem, which the company said appeared to have been caused by : : a virus carried by network devices provided by news organizations. In : : the interim, a handful of data lines provided by other companies, : : including AT&T, served as a backup. : : : : A buncha technically clueless newsgeeks brought infected micro$loth : computers into a convention? Shocking! What's this world coming to??? : Sounds like Verizon hired low-end netgeeks if they had to bring the : network down to find these infected computers. : : tisk-tisk-tisk Verizon. MCSE != good netgeek In fact, almost all the : time, the two are mutually exclusive, disjoint sets of people... : : :-) : scott : :
Sean Donelan wrote:
As NANOG has experienced during the last several meetings, in any network used by a large number of people, there will be a certain percentage of people which bring infected computers into the network.
And it would be stupid not to be prepared for it. For wired networks, it's fairly straightforward, unfortunately many WLAN AP's require reboots to change access lists to kick parties out. The cycle from measurement and detection to removal can be automated and be very swift. We would be happy to assist clueful or less skilled parties in the processes. Level of automata should be tuned based on application, for example in conventions the guilty party is within reach while in large consumer networks incident-by-incident manual intervention is usually not an option. Pete
http://www.nytimes.com/2004/07/29/technology/circuits/29bost.html?pagewanted... Wiring a Convention, Version 2004 By SETH SCHIESEL Published: July 29, 2004 [...] But data services have not been as solid. Many news organizations suffered intermittent breakdowns in Internet service, and on Tuesday evening the main press pavilion was offline for about 90 minutes. A spokesman for Verizon said the company deliberately caused the interruption as part of an effort to root out a more deep-seated network problem, which the company said appeared to have been caused by a virus carried by network devices provided by news organizations. In the interim, a handful of data lines provided by other companies, including AT&T, served as a backup.
participants (6)
-
Eric Gauthier
-
Laurence F. Sheldon, Jr.
-
Petri Helenius
-
Rob Nelson
-
Scott Weeks
-
Sean Donelan