 The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.
List Archives
Latest Posts
Re: What hath god wrought?
Jay Farrell (May 21)
Are you certain it was a DoS attempt? They may have just been running
a surveillance software package such as URLy warning, which GETs the
pages of a site repeatedly and diffs them to watch for updates. In the
case of an (non-)organization like Occupy I can't imagine law
enforcement would neglect to do this. I've been on the receiving end
of this sort of thing myself (long story).
Re: What hath god wrought?
Charles Wyble (May 21)
Sorry. The occupy site was on a shared hosting plan at the company I worked for.
Source determined via Whois output for the attacking ip found via our analysis. It was a rather crude dos attack
(repeated get requests). At first we figured they were just mirroring the site for offline analysis or something, but
it soon became evident they were just hammering the site.
Yes we could of sued. However the inevitable stonewalling, endless resources...
Re: High throughput bgp links using gentoo + stipped kernel
joel jaeggli (May 20)
Putting your border router in scope for your pci environment is imho an
engineering/documentation mistake.
Re: High throughput bgp links using gentoo + stipped kernel
Phil Fagan (May 20)
Just curious and perhaps off topic a tad but; is the stateful filtering of
sessions on a router to replace a firewall? Or is there another reason to
do it? I could see a benefit of creating blacklists, however,
I'm struggling with what other benefits it would provide...service
aware load-balancing? I'm very interested to learn what other strategies
and or design considerations would be made with thinking of using filtering
on a router....
Re: Inventory and workflow management systems
Jimmy Hess (May 20)
[snip]
See, this is a problem.... standard spreadsheet programs are such a
great competitor.
How can you possibly justify the time and expense of developing
software, if spreadsheet programs always wins against your product,
because of its low price, so that there is no net income that is
feasible to be made in that venture?
Maybe the answer is, someone did make the program... it's just
Excel, and developing more detailed custom...
Re: High throughput bgp links using gentoo + stipped kernel
Matt Palmer (May 20)
There'd be very few PCI compliant sites if PCI required stateful firewalling
in core routers.
- Matt
Re: What hath god wrought?
Jason L. Sparks (May 20)
"No attempt to hide the source IP"
"I mean, they were using a shared hosting plan"
What makes you certain it was DHS?
Genuinely curious, because this is a hell of a claim.
Re: What hath god wrought?
Mike Hale (May 20)
Would it be futile though? I mean...DHS running a DOS against an
American organization is the kind of stuff that makes Constitutional
lawyers salivate.
I'm not trying to call you out, btw. I'm genuinely curious why the
hosting company itself didn't file suit. You've got a US Government
agency abusing your resources and acting in a blatantly illegal
manner. That's the kind of stuff that results in letters of...
Re: What hath god wrought?
Charles Wyble (May 20)
Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really
the only recourse.
I mean they were using a shared hosting plan. Not exactly deep pocketed.
My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to
hide.
Mike Hale <eyeronic.design () gmail com> wrote:
Re: What hath god wrought?
Mike Hale (May 20)
"Sue them?"
Uhm...yes? That's why we have courts that we can sue federal agencies in.
Re: What hath god wrought?
Charles Wyble (May 20)
No proxy needed. No need to hide.
While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to
hide the source ip or anything.
What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain
under the national security banner.
"<<"tei''>>>" <oscar.vives () gmail com> wrote:
Re: High throughput bgp links using gentoo + stipped kernel
Eduardo Schoedler (May 20)
2013/5/19 Andrew Jones <aj () jonesy com au>
Polling on FreeBSD in modern NICs is discouraged.
Re: Remote Hands Nation-Wide?
Christopher Morrow (May 20)
there's also a mailing-list Warren Kumari setup ... there are folk in
the DC area (myself and warren) who have on occasion helped out with
these sorts of things.
http://www.ne-where.com/cgi-bin/mailman/listinfo/ne-where
I think is the thing in question...
Re: Remote Hands Nation-Wide?
Brandon Galbraith (May 20)
http://nanog.cluepon.net/index.php/Hands
Re: Inventory and workflow management systems
Justin M. Streiner (May 20)
True, and would explain why the systems I've seen tend to be very
expensive.
I have taken a look at netdot from UOregon, and it looks like it has lots
of nice features and an active development community. The main thing
there is I need to really sit down and see how painful modifying the
default DB schema will be to capture some of the fiber plant data I need,
and preventing that all from getting blown away by the next cycle of...
More Lists
Dozens of other network security lists are archived at
SecLists.Org.
| 
Current Month
RSS Feed
About List
All Lists