nanog mailing list archives
Re:Re: NANOG NYC Event
From: "Eye Am" <eyeam () optonline net>
Date: Mon, 2 Jun 2008 14:39:39 -0500
Read http://www.forgotten-ny.com/ before setting any agendas and if you have some time to spare, there is some awesome history to find. I lived there for nearly 20 years and it's endless the amazing things you can find just a short distance from anywhere.
One of my stops is *always* the Dakotah and Strawbberry Fields followed by a walk through Central Park. Up on the Northwest side is the lake/castle that's a must see too.
Right at 72nd and Columbus (close to the Dakotah) is the greatest pizzeria in NY.
C. Genrich----- Original Message ----- From: <nanog-request () nanog org>
To: <nanog () nanog org> Sent: Monday, June 02, 2008 7:00 AM Subject: NANOG Digest, Vol 5, Issue 2
Send NANOG mailing list submissions to nanog () nanog org To subscribe or unsubscribe via the World Wide Web, visit http://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-request () nanog org You can reach the person managing the list at nanog-owner () nanog org When replying, please edit your Subject line so it is more specific than "Re: Contents of NANOG digest..." Today's Topics: 1. Re: NANOG NYC Event (Brant I. Stevens) 2. Re: NANOG NYC Event (J. Oquendo) 3. Re: NANOG NYC Event (John Levine) 4. Re: NANOG NYC Event (Fisher, Shawn) 5. Re: NANOG NYC Event (Henry Yen) 6. Comcast - Stuck route in Chicago directing MN traffic via Denver (Eric Spaeth) 7. Emerg data recovery recommdnations? (david raistrick) 8. Re: IOS Rookit: the sky isn't falling (yet) (Christian) ---------------------------------------------------------------------- Message: 1 Date: Sun, 01 Jun 2008 11:39:43 -0400 From: "Brant I. Stevens" <branto () branto com> Subject: Re: NANOG NYC Event To: John Levine <johnl () iecc com>, <nanog () nanog org> Message-ID: <C4683AFF.14D1C1%branto () branto com> Content-Type: text/plain; charset="US-ASCII" On 5/31/08 11:58 PM, "John Levine" <johnl () iecc com> wrote:In article <43661d390805312028u130046ddlc804e4615c83ba62 () mail gmail com> youwrite:I second the motion to recognize Dinosaur BBQ. All those in favor?Dinosaur is swell, but it's in Syracuse. Perhaps you could pick one that's reachable by subway instead.Dinosaur Barbecue www.dinosaurbarbque.com 646 W 131st St New York, NY 10027 It's in Harlem. BOOOOOOO!!!!!------------------------------ Message: 2 Date: Sun, 1 Jun 2008 10:54:40 -0500 From: "J. Oquendo" <sil () infiltrated net> Subject: Re: NANOG NYC Event To: nanog () nanog org Message-ID: <20080601155440.GA47184 () infiltrated net> Content-Type: text/plain; charset=us-ascii On Sun, 01 Jun 2008, Brant I. Stevens wrote:It's in Harlem. BOOOOOOO!!!!!So is Columbia University! Harlem is in the process of going through a renaissance and has been over the past 10 or more so things have changed for the better. Just avoid going there after certain hours ;) As for the prior Brooklyn comment, Park Slope also has some great eats but the area/scene tends to be sort of artsy. If you want to spend some time sightseeing Brooklyn, the Brooklyn Public Library (main one) Grand Army Plaza is near the Brooklyn Botanic Gardens. Don't forget Coney Island which has also changed in the last decade. Again, watch those hours, NY is a Jeckyll and Hyde city. Nice sometimes, beautiful to visit but can be insanely ugly. The downtown Brooklyn area has some nice eats but I've always preferred the city. In the area of downtown Brooklyn, you'll typically find a bunch of people in local government and lawyers eating as the courts are downtown. For those looking for sweets, don't forget the ever famous (overhyped) Junior's Cheesecake. If you've travelled to Coney Island then one cannot forget Nathan's. There are some really good pubs in the Red Hook section, but alas again, going through certain neighborhoods is not for everyone. You can jump on a Water Taxi there for kicks though. Makes for nice pictures at night. Sightseeing: Jump on a boat at night (booze cruise) $25.00 http://www.nywatertaxi.com/tours/happyhour/ Or just hop on an "On and Off" cruise: http://www.nywatertaxi.com/hop/ $20.00 -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) CEH/CNDA, CHFI "Experience hath shewn, that even under the best forms (of government) those entrusted with power have, in time, and by slow operations, perverted it into tyranny." Thomas Jefferson wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB ------------------------------ Message: 3 Date: 1 Jun 2008 16:09:56 -0000 From: John Levine <johnl () iecc com> Subject: Re: NANOG NYC Event To: nanog () nanog org Message-ID: <20080601160956.22514.qmail () simone iecc com> Content-Type: text/plain; charset=iso-8859-1Dinosaur is swell, but it's in Syracuse. Perhaps you could pick one that's reachable by subway instead.Oh, all right, as about 47 people have pointed out, they have a branch on 131st St. The barbeque is not bad. I eat it at the NY State Fair every year. On the other hand, I would think that in NYC, home of the most wonderful food on the continent,* you could do better than a branch of a yuppie ex biker joint from Syracuse. How about RUB at 23rd and 7th? Or Johnny Utah's at 51st and 5th? Or Oklahoma Smoke up at 145st St? R's, John * - with the possible exception of Montreal, an argument that can only be resolved by extensive research in both places ------------------------------ Message: 4 Date: Sun, 1 Jun 2008 12:57:31 -0400 From: "Fisher, Shawn" <SFisher () Bresnan com> Subject: Re: NANOG NYC Event To: <sil () infiltrated net>, <nanog () nanog org> Message-ID: <21352038E7719F43A6D65B2D90B5256CCBFA34 () fossil bresnan com> Content-Type: text/plain; charset="us-ascii"(Drifting further off topic). Another suggestion to add is the DUMBO area of brooklyn, down under mahattanville overpass, easy to reach from manhattan, take a nice stroll across the brooklyn bridge and your there, lots of cool restaurants. Another bit of history, walk to montague street, yes the montague street mr dylan sings about in tangled up in blue. (some controversy over this) best way to walk is on the promenade along the east river, great views of manhattan. Enjoy-------------------------- Sent using BlackBerry -----Original Message----- From: J. Oquendo To: nanog () nanog org Sent: Sun Jun 01 11:54:40 2008 Subject: Re: NANOG NYC Event On Sun, 01 Jun 2008, Brant I. Stevens wrote:It's in Harlem. BOOOOOOO!!!!!So is Columbia University! Harlem is in the process of going through a renaissance and has been over the past 10 or more so things have changed for the better. Just avoid going there after certain hours ;) As for the prior Brooklyn comment, Park Slope also has some great eats but the area/scene tends to be sort of artsy. If you want to spend some time sightseeing Brooklyn, the Brooklyn Public Library (main one) Grand Army Plaza is near the Brooklyn Botanic Gardens. Don't forget Coney Island which has also changed in the last decade. Again, watch those hours, NY is a Jeckyll and Hyde city. Nice sometimes, beautiful to visit but can be insanely ugly. The downtown Brooklyn area has some nice eats but I've always preferred the city. In the area of downtown Brooklyn, you'll typically find a bunch of people in local government and lawyers eating as the courts are downtown. For those looking for sweets, don't forget the ever famous (overhyped) Junior's Cheesecake. If you've travelled to Coney Island then one cannot forget Nathan's. There are some really good pubs in the Red Hook section, but alas again, going through certain neighborhoods is not for everyone. You can jump on a Water Taxi there for kicks though. Makes for nice pictures at night. Sightseeing: Jump on a boat at night (booze cruise) $25.00 http://www.nywatertaxi.com/tours/happyhour/ Or just hop on an "On and Off" cruise: http://www.nywatertaxi.com/hop/ $20.00 -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) CEH/CNDA, CHFI "Experience hath shewn, that even under the best forms (of government) those entrusted with power have, in time, and by slow operations, perverted it into tyranny." Thomas Jefferson wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB ------------------------------ Message: 5 Date: Sun, 1 Jun 2008 17:27:10 -0400 From: Henry Yen <henry () AegisInfoSys com> Subject: Re: NANOG NYC Event To: nanog () nanog org Message-ID: <20080601172710.R2829 () AegisInfoSys com> Content-Type: text/plain; charset=us-ascii On Sun, Jun 01, 2008 at 10:54:40AM -0500, J. Oquendo wrote:As for the prior Brooklyn comment, Park Slope also has some great eats but the area/scene tends to be sort of artsy. The downtown Brooklyn area has some nice eats but I've always preferred the city. In the area of downtown Brooklyn, you'll typically find a bunch of people in local government and lawyers eating as the courts are downtown. For those looking for sweets, don't forget the ever famous (overhyped) Junior's Cheesecake.Disclaimer: I've worked in the immediate area of this conference on and off for over 30 years. (In fact, I'm staring longingly down at the Marriott Hotel from the office window right now...) First, you simply must take a walk across the Brooklyn Bridge to Manhattan (and back). Exhilarating views, an unforgettable experience, and you'd be participating in one of the more common things that "all" NYC people do. Just walk out the "front" door of the hotel and turn right. (Watch out for crazy bicyclists!) Second, Junior's Cheesecake, overhyped as it is, is still arguably among the best "domestic" cheesecakes, at least on the east coast. You really ought to try it. But, don't stop there -- the brisket/corned-beef/pastrami on twin rolls is highly recommended. (My personal favorite is their down-home matzoh-ball soup.) Third, the Brooklyn Heights area is admittedly "artsy", but there's lots of interesting and tasty variety. I've had great food at several Italian seafood-style places (although if that's your preference, I'd encourage you to go to Vincent's in Little Italy (lower Manhattan)). Finally, I didn't see a destination that seems like it might be very useful: Radio Shack (go out the "back" door of the hotel, turn right, half a block to Willoughby, turn right, and it's right across the street from the White Castle (which is its own "destination")). P.S. If you're into bicycling, the Hudson River Park bikeway (runs about 10 miles along the western Manhattan shoreline) is a paved, fantasitc, ride. I don't know if the bike rental season has started yet, though. --Henry Yen <henry () AegisInfoSys com> Aegis Information Systems, Inc.Senior Systems Programmer Hicksville, New York ------------------------------ Message: 6 Date: Sun, 01 Jun 2008 23:57:06 -0500 From: Eric Spaeth <eric () spaethco com> Subject: Comcast - Stuck route in Chicago directing MN traffic via Denver To: nanog () merit edu Message-ID: <48437DA2.9060100 () spaethco com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed For the last couple weeks there has been a route stuck in the Chicago wan/core that is directing some Minnesota-bound traffic through Denver, even though Chicago and the Roseville, MN aggregation remain up and directly connected. This has the dual benefit of unnecessarily increasing the load on Comcast's internal backbone as well as increasing latency for Minnesota subscribers connecting to "east of the Mississippi" destinations by ~20ms. I'm hoping Comcast engineers read this list, or someone in the carrier community can help poke one of their Comcast contacts to help get this resolved. Thanks in advance! "Wedged" route - 76.113.128.0/17 Correct route - 69.180.128.0/18 Example trace from Chicago source to 76.113.128.0/17: ========================================= traceroute to 76.113.128.1 (76.113.128.1), 30 hops max, 40 byte packets 1 69.65.40.62 (69.65.40.62) 0.542 ms 0.511 ms 0.508 ms 2 so2-0-0-0.er1.Chi1.Servernap.net (69.39.239.169) 1.632 ms 1.642 ms 2.121 ms 3 ge-6-20.car1.Chicago1.Level3.net (4.79.65.49) 1.605 ms 1.608 ms 1.619 ms 4 ae-2-54.edge1.Chicago2.Level3.net (4.68.101.115) 1.604 ms 1.602 ms 1.600 ms 5 COMCAST-IP.edge1.Chicago2.Level3.net (4.71.248.26) 2.735 ms 2.741 ms 2.739 ms 6 pos-0-8-0-0-cr01.denver.co.ibone.comcast.net (68.86.85.114) 27.284 ms 27.398 ms 27.387 ms 7 te-9-4-ar02.roseville.mn.minn.comcast.net (68.86.91.154) 44.177 ms * * 8 te-0-2-0-5-ar03.roseville.mn.minn.comcast.net (68.87.174.73) 28.352 ms 28.352 ms 28.349 ms 9 te-2-1-ur01.sims.mn.minn.comcast.net (68.87.174.74) 28.826 ms * * 10 te-8-3-ur02.sims.mn.minn.comcast.net (68.87.174.78) 28.959 ms * * 11 te-2-1-ur01.newport.mn.minn.comcast.net (68.87.174.82) 29.267 ms * te-2-1-ur01.newport.mn.minn.comcast.net (68.87.174.82) 28.700 ms 12 c-76-113-128-1.hsd1.mn.comcast.net (76.113.128.1) 28.638 ms 28.673 ms 28.667 ms ========================================= Example trace from Chicago source to working route 69.180.128.0/18 ========================================= traceroute to 69.180.130.1 (69.180.130.1), 30 hops max, 40 byte packets 1 69.65.40.62 (69.65.40.62) 0.482 ms 0.450 ms 0.446 ms 2 so2-0-0-0.er1.Chi1.Servernap.net (69.39.239.169) 1.595 ms 2.082 ms 2.082 ms 3 ge-6-20.car1.Chicago1.Level3.net (4.79.65.49) 1.568 ms 1.569 ms 1.579 ms 4 ae-2-52.edge1.Chicago2.Level3.net (4.68.101.51) 1.562 ms 1.563 ms 1.560 ms 5 COMCAST-IP.edge1.Chicago2.Level3.net (4.71.248.22) 2.708 ms 2.713 ms 2.711 ms 6 te-0-1-0-7-ar03.roseville.mn.minn.comcast.net (68.87.174.21) 13.144 ms 11.919 ms 11.877 ms 7 68.87.174.22 (68.87.174.22) 11.824 ms * * 8 te-8-3-ur02.brooklynpark.mn.minn.comcast.net (68.87.174.26) 12.333 ms * * 9 te-2-1-ur01.newhope.mn.minn.comcast.net (68.87.174.30) 12.012 ms * * 10 c-3-0-ubr02.newhope.mn.minn.comcast.net (69.180.130.1) 11.963 ms 12.018 ms 11.973 ms ========================================= -Eric ------------------------------ Message: 7 Date: Mon, 2 Jun 2008 09:04:24 +0000 (UTC) From: david raistrick <drais () icantclick org> Subject: Emerg data recovery recommdnations? To: nanog () nanog org Message-ID: <alpine.BSF.0.999.0806020902510.16617 () murf icantclick org> Content-Type: TEXT/PLAIN; format=flowed; charset=us-ascii guys, wrong place, I know, but network down is network down no matter which side of the cable it falls on... Can anyone give any solid recommendations for a data recovery service who can fly to our site to extract data from a f'ed up RAID array? It's an absolute emergency (for us, of course). offlist please. .d --- david raistrick http://www.netmeister.org/news/learn2quote.html drais () icantclick org http://www.expita.com/nomime.html ------------------------------ Message: 8 Date: Mon, 2 Jun 2008 07:47:56 -0400 From: Christian <christian () visr org> Subject: Re: IOS Rookit: the sky isn't falling (yet) To: "Fred Reimer" <freimer () ctiusa com> Cc: nanog () nanog org Message-ID: <9b62cf2f0806020447r10fc3ed0i6be793d6db694fb () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 here's the slides if anyone hasn't seen http://seclists.org/fulldisclosure/2008/May/att-0668/EuSecWest_presentation_ppt On Thu, May 29, 2008 at 11:27 AM, Fred Reimer <freimer () ctiusa com> wrote:New keys, to be stored on the crypto chip, would presumably be delivered ina separately signed package using a master key that would not change (embedded within the chip). Maybe Cisco even doesn't have this key, andwould need to send a revocation or new public key to be stored on the chip to the chip manufacturer, who would sign it with the master private key andwhich then could be delivered in a software update to the system. There aremany possibilities, and no crypto scheme is foolproof. That much has beenproven. But no, you would not make the on-chip EEPROM of the crypto chip "flashable" in the normal meaning of the word. You would send the chip apointer to a buffer that contains a signed update key, and the chip itselfwould verify that signature and only then program the updated key(s). My intention was not to turn nanog into a crypto forum. I'd be much more interested in any unique methods that people use to harden their systems that have not already been widely distributed through vendor or industry best practices. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 > -----Original Message----- > From: Jim Wise [mailto:jwise () draga com] > Sent: Thursday, May 29, 2008 11:10 AM > To: Fred Reimer > Cc: Jared Mauch; nanog () nanog org > Subject: RE: IOS Rookit: the sky isn't falling (yet) > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 29 May 2008, Fred Reimer wrote: > > >The code would presumably be run upon boot from a non-flashable > source, > >which would run the boot ROM code through a check on the crypto chip > and > >only execute it if it passed. You would not put the code that checks > the > >boot ROM on the boot ROM. The new crypto chip would presumably have > the > >initial boot code, which would only be designed to check the boot ROM > >signature and nothing else so presumably would never need to be > replaced and > >hence would be designed to be non-flashable. > > Doesn't this just push the chicken-and-egg problem up the chain one > step? > The ROMMON would be flashable (among other reasons) because the key > used to > sign IOS releases should change over the years -- gaining length as > cycles > get cheaper, being replaced periodically to prevent use of the same key > for > too long, and perhaps being revoked if it should ever be compromised. > > If the ROMMON is itself to be verified by a prior, non-flashable ROM, > then > all the same arguments would call for making its key-list updatable -- > and > given the time-in-service seen by many such devices, any weakness in > that > key list would be around for quite some time. > > - -- > Jim Wise > jwise () draga com > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (NetBSD) > > iD8DBQFIPsdRq/KRbT0KwbwRAkcmAJ4xOBtANHOc+C/fzL+7PvgWnjp76ACfSGUw > 43+1Pq3xWS4MagWzdetZ0ws= > =62gJ > -----END PGP SIGNATURE----------------------------------- _______________________________________________ NANOG mailing list NANOG () nanog org http://mailman.nanog.org/mailman/listinfo/nanog End of NANOG Digest, Vol 5, Issue 2 ***********************************
Current thread:
- Re: NANOG NYC Event, (continued)
- Re: NANOG NYC Event Valdis . Kletnieks (Jun 02)
- Re: NANOG NYC Event Christian (Jun 02)
- Re: NANOG NYC Event John Levine (Jun 02)
- RE: NANOG NYC Event Howard C. Berkowitz (Jun 02)
- Re: [OFFTOPIC] NANOG NYC Event Greg Skinner (Jun 02)
- Re: NANOG NYC Event Fisher, Shawn (Jun 01)
- Re: NANOG NYC Event andrew young (Jun 03)
- Re: NANOG NYC Event Valdis . Kletnieks (Jun 03)
- Re: NANOG NYC Event Steve Feldman (Jun 03)
- RE: NANOG NYC Event Tomas L. Byrnes (Jun 03)
- Re: NANOG NYC Event andrew young (Jun 03)