"Live and learn around Traumschule"

September 19, 2018

NANOG

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

Actually, I don’t buy that at all.

Without going into too much detail, I know of at least one former employer who is quite
well peered, distributes a great deal of traffic and sends a tremendous amount of it
via multiple ASNs.

OK, poor examples crafted at random. Point is there are plenty of valid AS Paths
out there that you can’t actually validate.

Point being that there are very very few ASNs using peer lock. Peer lock
alone AIUI pretty...

September 19, 2018 01:22 AM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

That depends. If you ONLY allow the maintainer of NET-192.159.10.0/24 to
update the route objects for it, then the word ONLY is effectively present by
the lack of any other route objects.

You chopped out my example, which had equal AS Path lengths.

Sure, I might not be able to announce something to you for an AS that you’re directly
peered with, but I can still spoof pretty much anything that’s more than one hop away
as long as I can get...

September 19, 2018 01:18 AM

Re: Piter-IX and GOOGLE (AS15169)

Posted by Christopher Morrow on Sep 18

sorry, looks like peeringdb needs an update, I will ask the 15169 folk to
update.

September 19, 2018 12:20 AM

Re: Piter-IX and GOOGLE (AS15169)

Posted by Christopher Morrow on Sep 18

send me an as-path you see please?

September 19, 2018 12:17 AM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

cool, sounds like you are all done in just ~20 USD of stamps.

September 19, 2018 12:04 AM

September 18, 2018

NANOG

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by nusenu on Sep 18

correction: in the ARIN region there are just about 30 organizations to contact
(~80 was for APNIC)

September 18, 2018 11:54 PM

bpkp.me

7 Years of Backpack ME

7 Years of Backpack ME
Our blog turns seven today. When Zara and I started this site, we never imagined that we would make it to seven years. Our plan was to travel for up to one year and write about our adventures during that year. This was the dumb post that started it all. ... more »

by Ashray at September 18, 2018 11:49 PM

Hambach Forest Occupation

Important Pages

Important information News Tickers: from September 18th on | September 14-17 | September 1-13 | How to become active more…

by hambacherforst at September 18, 2018 11:15 PM

NANOG

Piter-IX and GOOGLE (AS15169)

Posted by A.T on Sep 18

Hello,

I see AS15169 announcements from Piter-IX
(https://www.peeringdb.com/ix/2149), but Google PeeringDB entry don&apost seem
include Piter-IX.
Any idea, is PeeringDB out of date here or should I be worried?

Best regards
A.T

September 18, 2018 10:34 PM

Re: Console Servers

Posted by Jun Tanaka on Sep 18

How about SMART CS series by Seiko solutions?
https://www.seiko-sol.co.jp/en/products/console-server/

September 18, 2018 10:31 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Job Snijders on Sep 18

This conversation cannot be had without acknowledging there are multiple
layers of defense in securing BGP. We should also acknowledge that the
majority of Internet traffic passes over AS_PATHs that are only one hop.
Networks that exchange significant amounts of traffic, tend to peer
directly with each other.

Both path 1 and 2 are invalid, because of peerlock we&aposd never accept
1239 behind 6939, or 174 behind 6939. AS_PATH filtering combined...

September 18, 2018 10:08 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by nusenu on Sep 18

Christopher Morrow:

we can also send snail mail :)
after all ~80 or so entities is a manageable amount of organizations to
notify in the ARIN region.

September 18, 2018 10:05 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Job Snijders on Sep 18

I&aposd phrase slightly different (assuming there is only one ROA): the ROA
says ONLY AS1734 (or anyone willing to impersonate AS1734) can originate
192.159.10.0/24.

With IRR, the crucial addition of the word "ONLY" in the above sentence
is not possible.

In the common scenario you can distinguish those with today&aposs
technology. As mentioned before - dense peering (having the shortest
AS_PATH) or the peerlock approach for all...

September 18, 2018 09:58 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

Right… Hence my call for IRRs with stronger authentication and validation.
(i.e. IRRs run by RIRs that have the same level of maintenance authentication and
authorization requirements as current RPKI implementations).

Yes, but, what you don’t know is whether any BGP UPDATE that contains the valid
origin ASN as origin came from the origin ASN it claims.

Instead, you provided a cryptographically signed recipe for believable spoofing....

September 18, 2018 09:49 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

I think I can manage my employer&aposs RPKI data, and I&aposm not on the
tech/admin/etc handles...
I think I can also ask the person(s) who are to do it and they may have no
idea what I&aposm asking beyond: "click these 5 things, type that thing,
thanks!"

probably, but ... eventually if your internet gets very small you&aposll look
at why.

perhaps this is really my point: "I have no confidence that ARIN doing this
(or anyone...

September 18, 2018 09:47 PM

Brovade/Foundry VLAN translation

Posted by Mike Hammett on Sep 18

I&aposm not thinking so, but I figured I&aposd ask here.

Is there any way to do VLAN translation on the Brocade VDX-6720 or the Foundry FESX424?

Worst case, I&aposll burn a couple ports looping out and then back in.

We are looking to replace the Foundrys with Arista 7050s at some point.

-----Mike HammettIntelligent Computing SolutionsMidwest Internet ExchangeThe Brothers WISP

September 18, 2018 09:44 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

Nope… ROA says (e.g.) AS1734 (or anyone willing to impersonate AS1734) can originate 192.159.10.0/24.

I would agree if you had some way to distinguish AS1734 originating FOO from AS174 originating FOO with a prepend of
AS1734.

Owen

September 18, 2018 09:42 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Job Snijders on Sep 18

You may be overlooking the fact that the semantics of an IRR route
object are subtly different than those of a RPKI ROA. The Prefix-to-AS
Mapping Database concept as introduced Section 2 of RFC 6811 is a huge
step forward compared to the (somewhat loosely defined) semantics of IRR
route objects.

RPKI ROAs are more than "IRR with crypto": IRR objects are basically a
list of unverifiable attestations with no proof of termination. Whereas...

September 18, 2018 09:39 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

it&aposs not worked out so far.
there&aposs no real authorization/authentication of note on the data set via
the irr.
you have no real way of knowing that &aposas12 should be announcing
157.130.0.0/16&apos ... except by chasing the arin/ripe/etc records today,
something that those orgs stamp and which machines could validate without
people using eyeballs would sure be nice... Oh, that&aposs what RPKI is
supposed to provide.

and has for...

September 18, 2018 09:35 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

It sort of has to be, as managing your RPKI data (at least in the ARIN region) involves doing it through your ARIN
On-Line account which must be associated with the ORG associated with the resources in question.

You overestimate some things here.

Agreed.

I love a good tautology.

Optimist!

Owen

September 18, 2018 09:33 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

What does RPKI offer other than a way to know what to spoof in a prepend for your forged announcement?

Owen

September 18, 2018 09:19 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

i don&apost know that the contacts the RIR has for the entity is necessarily
the one that controls/deals-with the RPKI data though.
I also think that generally if folk set all that up they probably know (or
will soon enough) that they have a mistake.

Generally speaking, I think "folk should fix themselves, and
maintain/monitor their configuration", that ARIN (or anyone else sending
&aposunsolicited email&apos) here is going to end...

September 18, 2018 09:16 PM

Viacampesina

Peasants of the world urge states to adopt declaration on their rights

Press Release

(Geneva, September 18, 2018) La Via Campesina and allies CETIM, FIAN and other organisations are in Geneva to engage, confirm commitments of and persuade member states of the Human Rights Council to support an international legal instrument to enable the effective protection the rights of peasants and other people working in rural areas. Since the 17th of September, the delegates will hold meetings with the country representatives here in Geneva until the 21st. All this is happening during the 39th Session of the United Nation Human Rights Council.

The report on the 5th OEIWG, the revised declaration and the resolution, formally regarding the ‘Rights of Peasants and Other People Working in Rural Areas’ will be presented by Bolivia this week, on 19 September, within the UN Human Rights Council. Thereafter, the declaration will be submitted to the United Nations’ Human Rights Council member states for the adoption of the final text.

According to Elizabeth Mpofu, La Via Campesina General Coordinator, engaging states is critical.  She said, “After seventeen years of hard work, effort and dedication by peasants, we have to make sure that this process is completed without further delay.”

The final text accommodates the suggestions of all participating countries. La Via Campesina appreciates the transparency and inclusiveness of the process that concludes 6 years of negotiation in the council. Delegates are therefore optimistic for a positive outcome for the declaration. According to Ramona Duminicioiu, a leader of La Via Campesina in Europe, “we expect a vote in favour from all European countries. Europe has been very active in the process.”

The 39th session coincides with a historic moment in Switzerland as its citizens will vote on September 23rd in a referendum to include food sovereignty in their constitution. Uniterre (hosting the peasant rights delegation during this 39th Session), a member of La Via Campesina in Switzerland, has been campaigning for this for years.

“Better protection of the rights of peasants and other people working in rural areas will make great contributions to building food sovereignty and a better society based on equity and equality”, says Zainal Arifin Fuat, La Via Campesina leader and peasant from Asia.

The Bolivian Mission, together with other core support countries, is sponsoring this process and has always been instrumental to the success of the negotiations.

#PeasantRightsNow

Globalise the Struggle! Globalise Hope!

The post Peasants of the world urge states to adopt declaration on their rights appeared first on Via Campesina English.

by Ndabezinhle at September 18, 2018 08:54 PM

NANOG

RE: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Michel Py on Sep 18

Support, although I doubt it would achieve the desired result. I support it for the following reason : when someone
starts to block invalid prefixes, they would not have the excuse to say "we did not know about it".

Michel.

TSI Disclaimer: This message and any files or text attached to it are intended only for the recipients named above and
contain information that may be confidential or privileged. If you are not the intended...

September 18, 2018 08:52 PM

RE: [proj-bgp] adding graphs for actually unreachable RPKI INVALID prefixes to RPKI Monitor?

Posted by Michel Py on Sep 18

Doug,

I&aposm looking at adoption numbers, especially in the ARIN region. RPKI is practically inexistant, and some respected
members are already saying it&aposs a rathole.

At 2% deployment, we are far away from the critical mass it needs. If the deployment strategy does not change, I don&apost
see how that critical mass will happen. Until someone actually starts to discard invalid RPKI prefixes and assesses
the actual inconvenience, this...

September 18, 2018 08:46 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by nusenu on Sep 18

Christopher Morrow wrote:

Thanks for this question, I believe this is an important one.

I reasoned about why I think RIRs are in a good position to send these emails here: [1]
but I will quote from it for convenience:

[...]

[1] https://medium.com/@nusenu/towards-cleaning-up-rpki-invalids-d69b03ab8a8c

There are companies offering BGP monitoring including RPKI ROAs, but
the affected IP holders are unlikely customers of those monitoring...

September 18, 2018 08:34 PM

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

Posted by Scott Weeks on Sep 18

--- bhm () ufl edu wrote:
From: Bruce H McIntosh <bhm () ufl edu>

I can remember a conversation like this at a Joint Techs meeting
many years back. Several of us were outgassing about how expensive
it was to get 100mbps connections off our campuses, until the guy
from the University of Hawaii told us how much he was paying per
month for a *T1* to the mainland. :D
-------------------------------------------

That was many, many...

September 18, 2018 07:56 PM

Snort

Re: Demande d'aide

Posted by Joel Esler (jesler) via Snort-users on Sep 18

I took four years of it. I know enough to survive.

September 18, 2018 07:42 PM

Re: Demande d'aide

Posted by DFIRob via Snort-users on Sep 18

I didn&apost know you spoke French Joel, or maybe it&aposs just Google
translate. Just in case the OP didn&apost get it, however.

Bonjour, la langue de cette liste est l&aposanglais. Si vous avez besoin
d&aposaide pour traduire, je peux vous aider. Mais plus généralement,
c&aposest une question très ouverte. Pouvez vous (en anglais) nous
partager plus d&aposinformations: d&aposoù lancez vous vos attaques, êtes vous
sur que des...

September 18, 2018 07:30 PM

NANOG

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

Posted by Owen DeLong on Sep 18

Sure, but in this case, we’re not comparing transaoceanic circuits to local loops, we’re comparing single pair fiber
cross connects between two points in the same datacenter or datacenter campus.

I’d argue that the difference between reasonable (≤$500 one-time and ≤$50 MRC) and $300 MRC is within range of
argument, but I cannot see any way in which an argument can be made that $5840 MRC is not a distortion in that same
circumstance....

September 18, 2018 07:27 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Jared Mauch on Sep 18

Judging a global ecosystem just by what ARIN does is perhaps some of the issue. ARIN seems to be the outlier here as
has been measured. An ARIN prefix ROA is less valuable than the other regions and this is IMO deliberate on the part
of ARIN.

Disagree, but that’s ok. I know at $dayJob I’m preparing the way, but it’s much harder than it should be due to the
nature of our business.

- Jared

September 18, 2018 07:13 PM

sub.media

Trouble #15: And You Don’t Stop [Trailer]

In this month's episode of Trouble, subMedia explores hip hop as a potent site of revolutionary politics, drawing on the first-hand knowledge and experiences of some of Turtle Island’s baddest grassroots emcees.

by eighty6 at September 18, 2018 07:12 PM

Channel Zero

Trouble #15: And You Don’t Stop [Trailer]

This post was originally published on this site

In this month’s episode of Trouble, subMedia explores hip hop as a potent site of revolutionary politics, drawing on the first-hand knowledge and experiences of some of Turtle Island’s baddest grassroots emcees.

by Sub Media at September 18, 2018 07:12 PM

Snort

Re: Demande d'aide

Posted by Joel Esler (jesler) via Snort-users on Sep 18

Generally speaking, English is the primary language. However, your question is very open. Can you tell us the
problem? Perhaps a screenshot?

September 18, 2018 07:10 PM

NANOG

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

While this may be true for a handful of well peered ASNs, it’s certainly not common
around the wider internet.

Single hop is relatively easy. It’s 2+ hop where things get far more interesting.

It’s convenient to reduce the problem set to the one you can easily solve, but ignoring
the rest of the problem set smacks of hand-waving and “insert magic here”.

OK, but IIRC, it’s rather orthogonal to RPKI.

I think you overestimate it....

September 18, 2018 07:09 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

In theory, that’s what IRRs are for.

In practice, while they offer better theoretical capabilities if stronger authentication were added, the current
implementation and acceptance leaves much to be desired.

However, even in theory, RPKI offers nothing of particular benefit even in its best case of widespread implementation.

Owen

September 18, 2018 07:06 PM

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

Posted by Bruce H McIntosh on Sep 18

It&aposs not necessarily distorted, it&aposs just a different frame of reference. I can remember a conversation like this at a
Joint Techs meeting many years back. Several of us were outgassing about how expensive it was to get 100mbps
connections off our campuses, until the guy from the University of Hawaii told us how much he was paying per month for
a *T1* to the mainland. :D

September 18, 2018 07:03 PM

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

Posted by Owen DeLong on Sep 18

So, you’re arguing that because the prices in Israel are 15*ridiculous, we should stop complaining about 1*ridiculous?

You have no idea how distorted your perspective is.

Owen

September 18, 2018 06:37 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

(popping back to the top of the thread.. sorry)

Perhaps this was answered elsewhere, but:
"Why is this something ARIN (the org) should take on?"

Why can&apost (or why isn&apost) this something that &aposmany&apos monitoring/alerting
companies/orgs are offering?
it&aposs unclear, to me, why ARIN is in any better position than any other
party to perform this sort of activity?
I would expect that, at the base level, "I just...

September 18, 2018 06:17 PM

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Christopher Morrow on Sep 18

Perhaps said another way:

"How would you figure out what prefixes your bgp peer(s) should be sending
you?"
(in an automatable, and verifiable manner)

-chris

September 18, 2018 06:07 PM

resilience.org

What a Society Designed for Well-Being Looks Like

alone

Instead of focusing only on piecemeal solutions for various forms of social ills, we must consider that the real and lasting solution is a new economy designed for all people, not only for the ruling corporate elite.

by Tabita Green at September 18, 2018 06:00 PM

Snort

Demande d'aide

Posted by SYLMIGUA ABOUBACAR OUEDRAOGO via Snort-users on Sep 18

Bonjour, jai fini l&aposinstallation de snort mais lorsque je lance des
attaques, BASE ne les affiches pas. Merci d&aposavance !

September 18, 2018 05:41 PM

NANOG

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Job Snijders on Sep 18

Owen,

1/ You may be overlooking the fact that many networks peer directly with
what (for them) are the important sources/destinations. The semantics of
RPKI ROAs help block illegitimate more-specifics, and the short AS_PATH
between players prevents a hijacker from inserting themself. In other
words - the most important AS_PATHs are 1 hop. The Internet&aposs dense
interconnectedness is saving its bacon.

2/ Another approach to achieve path...

September 18, 2018 05:36 PM

Snort

Re: snort_dynamicpreprocessor

Posted by Sam Johnson on Sep 18

James was able to help me figure out the issue.
Had to symlink daq-modules-config to /bin since I was running under root. Cleared the issue right up and was able to
make Snort.

Sam Johnson

-----Original Message-----
From: James Lay <jlay () slave-tothe-box net>
Sent: Tuesday, September 18, 2018 1:22 PM
To: Sam Johnson <Sam.Johnson () flagshipcredit com>
Subject: Re: [Snort-users] snort_dynamicpreprocessor

Excellent...might wanna...

September 18, 2018 05:26 PM

NANOG

Re: Reaching out to ARIN members about their RPKI INVALID prefixes

Posted by Owen DeLong on Sep 18

Personally, since all RPKI accomplishes is providing a cryptographically signed notation of origin ASNs that hijackers
should prepend to their announcements in order to create an aura of credibility, I think we should stop throwing
resources down this rathole.

Owen

September 18, 2018 05:24 PM

Full Disclosure

DSA-2018-101: Dell EMC Unity Family Multiple Vulnerabilities

Posted by secure on Sep 18

DSA-2018-101: Dell EMC Unity Family Multiple Vulnerabilities

Dell EMC Identifier: DSA-2018-101

CVE Identifier: CVE-2018-1246, CVE-2018-1250, CVE-2018-1251

Severity Rating: CVSS v3 Base Score: See below for individual CVEs

Affected products:
Dell EMC Unity Operating Environment (OE) versions prior to 4.3.1.1525703027
Dell EMC UnityVSA Operating Environment (OE) versions prior to 4.3.1.1525703027

Summary:
Dell EMC Unity requires an...

September 18, 2018 05:12 PM

Hambach Forest Occupation

Ticker from september 18

deutsch | español | français See also the twitter accounts: @HambiBleibt @HambiEA #HambacherForst #HambiBleibt Videostreams: @anettselle Videos von gestern: @MKreutzfeldt September 18 21:00 Correction: There are still people in the lock-on in Whydah! 20:50 Whydah and Nonames are completely evicted: the last people were taken away with the prisoner transporter. 20:44 There are no more works in Cozytown or Beechtown. However, the spotlight is aimed at Beechtown. Police standing next… more…

by hambacherforst at September 18, 2018 05:06 PM

Snort

Re: snort_dynamicpreprocessor

Posted by James Lay via Snort-users on Sep 18

Symlink the command:

/usr/local/bin/daq-modules-config

James

September 18, 2018 04:38 PM

Re: MISC UPnp malformed advertisement

Posted by Dorian ROSSE on Sep 18

Read this URL I advice 😉

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html

This URL explain how to use the sniffer mode 😃

Regards.

Dorian ROSSE.

________________________________
De : Snort-users <snort-users-bounces () lists snort org> de la part de ThyNgon Tran via Snort-users <snort-users ()
lists snort org>
Envoyé : Tuesday, September 18, 2018 5:29:03 PM
À : snort-users () lists snort org
Objet :...

September 18, 2018 04:26 PM

Wireshark

Re: tools/check[hf|APIs|filtername].pl need updating?

Posted by Alexis La Goutte on Sep 18

Thanks Jakub for historic

I think a good idea is revert to use "standard" API
or write a tools for convert old dissector to new API...

Cheers

On Tue, Sep 18, 2018 at 6:05 PM Jakub Zawadzki <darkjames-ws () darkjames pl>
wrote:

September 18, 2018 04:23 PM

NANOG

RE: Console Servers

Posted by Ryan Hamel on Sep 18

I just use a Raspberry Pi with USB to Serial adapters or old servers with PCI(-E) 8 port serial cards. They make it so
easy to adapt to any environment, and it phones home to my conserver (https://www.conserver.com/) gateway. The total
cost for hardware is less than $150.

Ryan

From: NANOG <nanog-bounces () nanog org> On Behalf Of Christopher Morrow
Sent: Tuesday, September 18, 2018 9:04 AM
To: Sameer Khosla <skhosla () neutraldata...

September 18, 2018 04:19 PM

RE: Console Servers

Posted by Matthew Huff on Sep 18

If anyone is looking for a product that is reasonably priced and is still being produced/update, the ADVA Optical (aka
MRV, aka Xyplex) console servers still work great

https://www.advaoptical.com/en/products/network-infrastructure-assurance/lx-series

From their specs:
4, 8, 16, 32 and 48 serial ports
V.92 modem option
Single or dual power
120-240VAC, 50/60Hz: 0.5A per system
36-72VDC dual feed: 0.75A per system
2 x Ethernet
NEBS Level 3...

September 18, 2018 04:14 PM

Full Disclosure

Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges

Posted by Securify B.V. via Fulldisclosure on Sep 18

------------------------------------------------------------------------
Authentication bypass vulnerability in Western Digital My Cloud allows
escalation to admin privileges
------------------------------------------------------------------------
Remco Vermeulen, September 2018

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was...

September 18, 2018 04:14 PM

NANOG

Re: Console Servers

Posted by Christopher Morrow on Sep 18

a vote for (so far so good) the nodegrid ZPE devices.

On Tue, Sep 18, 2018 at 8:54 AM Sameer Khosla <skhosla () neutraldata com>
wrote:

September 18, 2018 04:05 PM

Wireshark

Re: tools/check[hf|APIs|filtername].pl need updating?

Posted by Jakub Zawadzki on Sep 18

Hi,

W dniu 2018-09-18 16:56, Maynard, Chris napisał(a):

These changes are quite old. For udp I did it in Aug 2013
(88eaebaedf2e19c493ea696f633463e4f2a9a757).

some wireshark-dev threads:
- https://www.wireshark.org/lists/wireshark-dev/201307/msg00222.html
- thread continuation:
https://www.wireshark.org/lists/wireshark-dev/201308/msg00035.html

Nobody stopped me that time.

To sum up:

Restructuring idea was to remove usage of int...

September 18, 2018 04:05 PM

Snort

Re: snort_dynamicpreprocessor

Posted by Sam Johnson on Sep 18

Okay so weirdly enough… I just went installed on a second machine (have about 4 or so to do altogether), and I’m now
getting the same exact error:

./configure: line 16264: daq-modules-config: command not found
checking for daq_load_modules in -ldaq_static... no

ERROR! daq_static library not found, go get it from
http://www.snort.org/.

I added in the –with-daq-libraries and –with-daq-includes but it still doesn’t want to find...

September 18, 2018 04:00 PM

NANOG

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

Posted by Brandon Butterworth on Sep 18

It&aposs more like a loose cartel with some leading to see
how far they can push it and the rest following in step. As long
as they don&apost go too fast nobody will see a large enough difference
to be worth changing location.

Equinix were a leader in bringing this to the UK, they have said they
want to get the UK charges to US levels (so >10x increase still to
come). US pricing already matches metro waves so we face paying
twice the cost...

September 18, 2018 04:00 PM

RE: Console Servers

Posted by Sameer Khosla on Sep 18

My favorite are the lantronix SLC console servers. Fairly bullet-proof, they are one of those devices that just work.
Can usually be picked up used ~$300 for 32 or 48 port varieties in good condition if you aren’t in the biggest hurry.

Sk.

From: NANOG <nanog-bounces () nanog org> On Behalf Of Alan Hannan
Sent: Tuesday, September 18, 2018 9:37 AM
To: NANOG <nanog () nanog org>
Subject: Console Servers

I&aposd like your input...

September 18, 2018 03:54 PM

Re: Console Servers

Posted by Tim Pozar on Sep 18

I have been deploying Cyclades TS3000 boxes that I can sometimes find
for about $75 each on eBay. The down side is the firmware is a bit old
so the SSH daemon doesn&apost really support current ciphers. The other
downside is the CLI ia a bit cumbersome.

Tim

September 18, 2018 03:49 PM

Snort

Re: MISC UPnp malformed advertisement

Posted by Joel Esler (jesler) via Snort-users on Sep 18

Wow. I have no idea what ruleset you are using, but you should definitely update to the most current on
Snort.org/downloads<http://Snort.org/downloads>

Sent from my iPad

Hello there,

I am new to IDS in general. Just installed snort on my home network and found out tons of UPnP broadcasting traffics
from an EPSON Artisan 837 printer and a Verizon top box. About 5 broadcast messages from each device showed like every
sec. Are these...

September 18, 2018 03:44 PM