Granted there is a lot more to IPv6 than increased address space but I beg to differ as to improved routing IPv6 does absolutly nothing to improve routing. It's still BGP it is still a big table of paths and AS numbers that dosent scale well. The only realy good thing IPv6 will do for the routing table is consolidate blcoks as it should be rare that a provider would ever need more than one block, if people insite of a large block advertisement from the get go we would cut the table down to a fifth of it's size (there are roughly 30+k AS numbers registered and the current IPv4 full routes is in the 130-150k routes depending on where you peer)
Now with all this you also have to remember routers will have to start supporting those flows and supporting multicast.
For printers it realy dosent matter to much all but a small segment of the users need realy high performace drivers (printing shops and the like) For networks cards workstations dont tax 100bt that often but ti's getting there with more 1000bt installations out there emulations at the API level would be a concern for perfromance and stability.
Allways remember the failure of OS/2 it ran winodws apps so well nobody bothered porting there apps over and it died. And this comes from somebody that still has a pile of floppies with the OS/2 Warp beta that ran win 3.1 apps faster than 3.1 on the same hardware.
Here Here an exchange clone is realy whats missing to fully replace the backend office server. We have databases fileservers etc but you need that intergrated email, address book and scedualing yes there are various packages out there that does bits and peices. Oh yea it needs to work with outlook.
Check out who controls ICANN it started by the US government. It's the closest thing to an owner the internet as a whole has. If you loose control over the IP addresses the internet breaks down pretty quickly. I would say having the power to decide who ges what IP addresses and over the DNS servers constitues contol and that equates to the closest thing to ownership the internet has. BTW they are alsot he people to blam eof rthe spineless ICANN and Verisign getting the power they have now.
The US government technicaly owns the internet they paid for the research and the network.
Lots of people could bring sections down. By design the internet was built to surive war it's fairly resilient but people dont like how it runs when bad things happen. In all fairness you cant realy take the whole thing down.
Not realy the internet as a collection of networks the closest that the rest of the world got non commercialy was fido net it worked. As to DNS yes it's trivial to get rid of the current DNS structure technicaly it's just getting everybody cowardinated to do it.
Yes as the internet lives inside countries you would have to follow laws barring setting up a pupet goverment and running everything from there you will have copyright issues etc. The internet does have copyright issues BTW it's just eople connecting to the internet.
Now on the main subject the root servers work they are well cared for and fed plenty of bandwith. They arent pillars of business bean counting mostly because a lot of big businesses donate gear to them for the PR.
yes because we should olny deal with one issue at a time? Want to stop terroist get rid of there incentives to attack. The reality of it iss our current ground forces are more and more reliant on satalite based communications part of our command and control infrastructure is in space so we need to protect that.
Granted I would love to see a few large PPC's in space to potentialy mitigate the ICBM hreat but thats technology that hasent matured yet.
BTW the whole point of terrorists is they cant be stoped militatiry while still having any freadoms. Fred your next door neighbor can becoem a terroists and there is little to nothing anybody can do about it without one half of the populations wathing the other half all the time and vice versa.
Ok this does assume the FCC has balls but think about it.
The FCC has allready mandated that over the air broadcaster have to give up there alalog broadcasting channels at some point in excahnge they get free new bandwith for there HDTV station.
CBS says they will stop broadcasting in HDTV if people can copy it.
FCC grows a backbone and says thats fine your not allowed to broadcast on your analog stations after point X and if you dont utilize your HDTV station we will take back that allotment as well.
End of story the FCC technicaly has the power to force HDTV with no encryption copy restrictions or anything else on the broadcast industry in this country. IF they get relay pushy they can affect the cable companies as well via signal leakage monitoring that is within there jursisdiction to shut down a cable company and make them spend piles of cash to get there plant up to spec.
Course this could all be a big fantasy on my part google has played nothing into this comment.
Well not to quibble but the audiophiles think CD's are of moderate quality. One of the reasons the apple iTunes sounds better is they arent ripped from CD's but rather higher quality sourced from the music studios like DAT etc. Better input generaly means better output or the ability to have better output. BTW there are good walkman headphones they cost about 300 bucks though.
Yes I'm a somewhat audiophile DVD-Audio sounds like a decent source to rip from to bad there is so little content avalible on it.
You may be an audiophile if your current sterio amp cost more than your first car:)
Yes I was going on old information they are still raking 10th overall down from first a few months ago. http://www.cidr-report.org/aggr.html but it looks like they have removed everything smalled than a/24 from there announcements. I wouldent call there act cleaned up but it's significantly improved.
Testra has been the worse offender routing table bloat in the world. Those guys are either clueless or trying to avoid having any backbone while appearing to be one. Telstra's CIRD report these guys are advertising just shy of 30k prefixes and a lot of those are/32 prefixes aka one IP address. Somebody needs to track down whoever calls themselves the network architect, engineer or admin and shoot them then show them how to advertise a prefix.
Oh yea BTW all those entra entries into the global routing table make it harder for every other router running BGP.
Well your big issue is going to be reliability. Assuming the drives MTBF are all the same two drives would fail twice as often assuming your using striping or linear append thats a bad thing as the lose of a single drives data destroyes the set (yes you can recover it but thats besides the point)
Yes ISDN and PRI's it's possible to send false called ID data. The telephone systems still has a lot of trust built into it even after the 80's phone phreaking. The reason ofr this is on a PRI you often have more DID's (thats phone numbers in laymens terms) assigned to you then virtual lines. This is what lets offices have a unique inbound number for every office phone. On the incomming the call is tagged with a destination DID so the PBX can route it to the correct extension(s). Outgoing it's supposed to tag the line with once of it's own DID's but thtere are generaly no measures in place to enforce that. Blocking caller ID is as simple as not sending a DID. The phone company's can override the DID they did it for the company I was at duing an area code change automaticaly changing the area code.
Ah but you miss the duplicity of it all. States get to do whatever they want in the name of fighting terrisim, rebels and sepratists including using there tactics. One persons rebel or terrorist is anothers freedom fighter. The problem with these sorts of orginizations is they have become a method to wage war without going to war as fas as there host states are concerned, welcome to the post UN world where you cant go to war unless your on the security council and can veto any reprisals.
Windows Key you mean the Control Escape Key? Sorry my keyboard dosent have one; but I hoard IBM keyclick keyboads in case one dies (laugh) or I get more machines and as general gifts to friends that want real keyboards.
Anybody feel like looking and seeing if the windows key actualy got it's own scancode?
Well as somebody that load tests hardware often enough a server class PCI based NIC can do close to 100Mbit a sec to a switch while running full duplex. It's the Gigabit nics that still for the most part dont come close to there rated speeds with many not even able halh of there rated speeds.
While I have never seen 100Mbps for more than a few seconds most decent cards can deliver 95+ Mbps sustained into proper networking hardware. Allways remember transfer rates are allways lower due to overhead there are MAC and IP headers that have to be tacked on. So as allways the old addage of increase the MTU if you want the file transfers to go faster still applies.
Try muliple Fiber Channels and lots of drives it puts Ultra 320 SCSI to shame. At 2gb a sec per channel it's not quite as fast as Ultra 320 SCSI but dual attached it definialy is this lets you spread out your IO to multiple independent PCI-X slots. Add a good FC switch and a pile of drives and it's night and day.
Actualy if I remember the NSA's job they can tap all overseas phone lines they just cant use it if it's an american talkign to an american. I would suspect that the same is true for data lines.
You mean somebody else saw through the veiled hatred of NAT in that RFC?
Lets look at the issues of NAT (PAT in cisco parlience as NAT is entrily different) as compared to a normal statefull non inspecting firewall with no administrative restrictions they each:
Dissallow incomming IP sessions unless specified.
Function as a single point of failure.
Require a singe point of state.
Persoanly I think EVERYTHING should be firewalled but that dosent fit with the academic modle. Now those three big ugly issues the only thing that NAT adds on is address and possibly port tranlation gee thats what it's supposed to do. The state and sinle point issues can be and are fixed by more advanced firewalls and NAT boxes that cross communicate.
Actualy NAT does little to nothing to reduce the IP space needed on most modern installations where most computers are participating on the internet. NAT just remapes IP's on a 1 to 1 basis. Just like it's name nates Network Address Translation.
PAT reduced used IP addresses by mapping ports rather than IP's.
NAT especialy is no substitute of good security as incomming connections are allowed by default. This method breaks less protcals than PAT.
Now as far as NAT beign a good or bad thing I'm all for NAT and PAT. IPv6 fixes the perceived address space issue (there isn't an address space issue there is an address cost issue IMHO) While fixing space issues it makes address near imposible to remember and not everything participates in DNS nor should it. It also required multicast to work thats an administrative nightmare along with a plethera of secuirty and billing issues. Think of Bittorrent when a single DSL user can send 128 kb a sec out to every peer of there ISP on a statement ISP thats a lot of traffic. IPv6 also does not address routing table complexity and thus memory requirements.
Now your 50 buck a pop little DSL AP generaly has the settings correct by default with an easy way to make a DMZ host thats entirly unprotected.
Ipv6 may be the furture but if we realy want to make things work better look at replacing BGPv4 while your at it. Something that allows link redundancy along with carrier redundancy while perserving state is needed. You should be able to have a cable modem and a DSL line and combine the bandwith. Right now you have to do that through NAT and proxies and it works well for outgoing sessions allthough it's failover is stateless so a single line going down drops a portion of your connections.
Great so you make a law to protect a business. Remeber artist the music industry have no inalaible right to copyright. They are supposed to have a limited right to exclusive copy's for a time to encurage putting things into the public commons. Having things tied up by copyright is not in the public interest because it stifle inovention to an extent. For a case in point rap and techno use a lot of samples and to get the rights to those samples they at times have to pay hefty use fee's, this is a hinderance to smaller artists that want to use samples but can afford liscencing but still want to put out and CD.
As an asside my persoanl feelings that if any law is not accepted by the general population it should be repealed. Domocracy is for the people by the people not for the special interests. Granted I relize that this would have ment the african american rights would have taken much longer to get into place.
Here Here somebody that understands that Liux may be good but it missing a pile of features to make it realy work in single box no downtime for even scedualed maitnence production the nitch currently filled by Sun and IBM's AIX for the most part.
Breaking into systems to show people that they are broken sounds like a nice thing. If you realy want to do that go get a gig with a security outfit and get PAID to do it along with enough legal paperwork to keep you posterier covered. I've seen the disclosures NDA etc etc pile it will take you an afternoon to initial each page and sign at the end.
So here is the todo list to be a whitehat:
A Leave your parents place they love you but you can do your own laundry.
B Get hooked up with or form your own security sonsulting business.
C Sick the legal people on enough agreements etc that the only place they can take you to court is is in a nice comfertable tropic island thats happens to have great fiber connections.
D Do what you want to do and general make a good living doing it.
Now the donts would be:
Stay with your parents.
Break into systems just because they should be more secure and you can help them.
Dont get paid ofr any of it.
Got o jail when the FBI shows up with a list of charges after you admited to commiting a crime by telling your victims whats wrong with there network.
As somebody that has used spews before I think they made it clear enough technicaly that they would ban/32 then decrease the mask as more incidents were reported. I think they should have used arin etc to get there blocks from but they never claimed to do it in that maner. Spews did what they stated they would do technicaly, while there PR spun it to be less damaging that it was. If you can sue over spin I think the politicians will fix that one quick.
lets leave bandwith and storage out of it and fixate on time lets say it takes you half a minute to delete each spam. If you make $120 an hour then thats a buck to delete the email. Yes I relize thats roughly a quarter of a million dollar sallery but it's not unreasonable people make that mucha nd more. Actualy I think the damages are supposed to be punitive not compensitory. With punitive damages it's a fine that they person that files suit gets to collect sort of a prize for actualy spening all that time on the suit. Compensiory damages are for actual costs incured.
Slashdot Mirror
Granted there is a lot more to IPv6 than increased address space but I beg to differ as to improved routing IPv6 does absolutly nothing to improve routing. It's still BGP it is still a big table of paths and AS numbers that dosent scale well. The only realy good thing IPv6 will do for the routing table is consolidate blcoks as it should be rare that a provider would ever need more than one block, if people insite of a large block advertisement from the get go we would cut the table down to a fifth of it's size (there are roughly 30+k AS numbers registered and the current IPv4 full routes is in the 130-150k routes depending on where you peer)
Now with all this you also have to remember routers will have to start supporting those flows and supporting multicast.
For printers it realy dosent matter to much all but a small segment of the users need realy high performace drivers (printing shops and the like) For networks cards workstations dont tax 100bt that often but ti's getting there with more 1000bt installations out there emulations at the API level would be a concern for perfromance and stability.
Allways remember the failure of OS/2 it ran winodws apps so well nobody bothered porting there apps over and it died. And this comes from somebody that still has a pile of floppies with the OS/2 Warp beta that ran win 3.1 apps faster than 3.1 on the same hardware.
Here Here an exchange clone is realy whats missing to fully replace the backend office server. We have databases fileservers etc but you need that intergrated email, address book and scedualing yes there are various packages out there that does bits and peices. Oh yea it needs to work with outlook.
Check out who controls ICANN it started by the US government. It's the closest thing to an owner the internet as a whole has. If you loose control over the IP addresses the internet breaks down pretty quickly. I would say having the power to decide who ges what IP addresses and over the DNS servers constitues contol and that equates to the closest thing to ownership the internet has. BTW they are alsot he people to blam eof rthe spineless ICANN and Verisign getting the power they have now.
The US government technicaly owns the internet they paid for the research and the network.
Lots of people could bring sections down. By design the internet was built to surive war it's fairly resilient but people dont like how it runs when bad things happen. In all fairness you cant realy take the whole thing down.
Not realy the internet as a collection of networks the closest that the rest of the world got non commercialy was fido net it worked. As to DNS yes it's trivial to get rid of the current DNS structure technicaly it's just getting everybody cowardinated to do it.
Yes as the internet lives inside countries you would have to follow laws barring setting up a pupet goverment and running everything from there you will have copyright issues etc. The internet does have copyright issues BTW it's just eople connecting to the internet.
Now on the main subject the root servers work they are well cared for and fed plenty of bandwith. They arent pillars of business bean counting mostly because a lot of big businesses donate gear to them for the PR.
yes because we should olny deal with one issue at a time? Want to stop terroist get rid of there incentives to attack. The reality of it iss our current ground forces are more and more reliant on satalite based communications part of our command and control infrastructure is in space so we need to protect that.
Granted I would love to see a few large PPC's in space to potentialy mitigate the ICBM hreat but thats technology that hasent matured yet.
BTW the whole point of terrorists is they cant be stoped militatiry while still having any freadoms. Fred your next door neighbor can becoem a terroists and there is little to nothing anybody can do about it without one half of the populations wathing the other half all the time and vice versa.
Ok this does assume the FCC has balls but think about it.
The FCC has allready mandated that over the air broadcaster have to give up there alalog broadcasting channels at some point in excahnge they get free new bandwith for there HDTV station.
CBS says they will stop broadcasting in HDTV if people can copy it.
FCC grows a backbone and says thats fine your not allowed to broadcast on your analog stations after point X and if you dont utilize your HDTV station we will take back that allotment as well.
End of story the FCC technicaly has the power to force HDTV with no encryption copy restrictions or anything else on the broadcast industry in this country. IF they get relay pushy they can affect the cable companies as well via signal leakage monitoring that is within there jursisdiction to shut down a cable company and make them spend piles of cash to get there plant up to spec.
Course this could all be a big fantasy on my part google has played nothing into this comment.
Well not to quibble but the audiophiles think CD's are of moderate quality. One of the reasons the apple iTunes sounds better is they arent ripped from CD's but rather higher quality sourced from the music studios like DAT etc. Better input generaly means better output or the ability to have better output. BTW there are good walkman headphones they cost about 300 bucks though.
:)
Yes I'm a somewhat audiophile DVD-Audio sounds like a decent source to rip from to bad there is so little content avalible on it.
You may be an audiophile if your current sterio amp cost more than your first car
Yes I was going on old information they are still raking 10th overall down from first a few months ago. http://www.cidr-report.org/aggr.html but it looks like they have removed everything smalled than a /24 from there announcements. I wouldent call there act cleaned up but it's significantly improved.
Testra has been the worse offender routing table bloat in the world. Those guys are either clueless or trying to avoid having any backbone while appearing to be one. Telstra's CIRD report these guys are advertising just shy of 30k prefixes and a lot of those are /32 prefixes aka one IP address. Somebody needs to track down whoever calls themselves the network architect, engineer or admin and shoot them then show them how to advertise a prefix.
Oh yea BTW all those entra entries into the global routing table make it harder for every other router running BGP.
Well your big issue is going to be reliability. Assuming the drives MTBF are all the same two drives would fail twice as often assuming your using striping or linear append thats a bad thing as the lose of a single drives data destroyes the set (yes you can recover it but thats besides the point)
Yes ISDN and PRI's it's possible to send false called ID data. The telephone systems still has a lot of trust built into it even after the 80's phone phreaking. The reason ofr this is on a PRI you often have more DID's (thats phone numbers in laymens terms) assigned to you then virtual lines. This is what lets offices have a unique inbound number for every office phone. On the incomming the call is tagged with a destination DID so the PBX can route it to the correct extension(s). Outgoing it's supposed to tag the line with once of it's own DID's but thtere are generaly no measures in place to enforce that. Blocking caller ID is as simple as not sending a DID. The phone company's can override the DID they did it for the company I was at duing an area code change automaticaly changing the area code.
Ah but you miss the duplicity of it all. States get to do whatever they want in the name of fighting terrisim, rebels and sepratists including using there tactics. One persons rebel or terrorist is anothers freedom fighter. The problem with these sorts of orginizations is they have become a method to wage war without going to war as fas as there host states are concerned, welcome to the post UN world where you cant go to war unless your on the security council and can veto any reprisals.
Windows Key you mean the Control Escape Key? Sorry my keyboard dosent have one; but I hoard IBM keyclick keyboads in case one dies (laugh) or I get more machines and as general gifts to friends that want real keyboards.
Anybody feel like looking and seeing if the windows key actualy got it's own scancode?
Well as somebody that load tests hardware often enough a server class PCI based NIC can do close to 100Mbit a sec to a switch while running full duplex. It's the Gigabit nics that still for the most part dont come close to there rated speeds with many not even able halh of there rated speeds.
3 99.html
Here is an old test showing 93megabits a sec sustained 5 years ago on server class hardware. http://www.3com.com/corpinfo/en_US/technology/200
While I have never seen 100Mbps for more than a few seconds most decent cards can deliver 95+ Mbps sustained into proper networking hardware. Allways remember transfer rates are allways lower due to overhead there are MAC and IP headers that have to be tacked on. So as allways the old addage of increase the MTU if you want the file transfers to go faster still applies.
Try muliple Fiber Channels and lots of drives it puts Ultra 320 SCSI to shame. At 2gb a sec per channel it's not quite as fast as Ultra 320 SCSI but dual attached it definialy is this lets you spread out your IO to multiple independent PCI-X slots. Add a good FC switch and a pile of drives and it's night and day.
Actualy if I remember the NSA's job they can tap all overseas phone lines they just cant use it if it's an american talkign to an american. I would suspect that the same is true for data lines.
You mean somebody else saw through the veiled hatred of NAT in that RFC?
Lets look at the issues of NAT (PAT in cisco parlience as NAT is entrily different) as compared to a normal statefull non inspecting firewall with no administrative restrictions they each:
Dissallow incomming IP sessions unless specified.
Function as a single point of failure.
Require a singe point of state.
Persoanly I think EVERYTHING should be firewalled but that dosent fit with the academic modle. Now those three big ugly issues the only thing that NAT adds on is address and possibly port tranlation gee thats what it's supposed to do. The state and sinle point issues can be and are fixed by more advanced firewalls and NAT boxes that cross communicate.
Actualy NAT does little to nothing to reduce the IP space needed on most modern installations where most computers are participating on the internet. NAT just remapes IP's on a 1 to 1 basis. Just like it's name nates Network Address Translation.
PAT reduced used IP addresses by mapping ports rather than IP's.
NAT especialy is no substitute of good security as incomming connections are allowed by default. This method breaks less protcals than PAT.
Now as far as NAT beign a good or bad thing I'm all for NAT and PAT. IPv6 fixes the perceived address space issue (there isn't an address space issue there is an address cost issue IMHO) While fixing space issues it makes address near imposible to remember and not everything participates in DNS nor should it. It also required multicast to work thats an administrative nightmare along with a plethera of secuirty and billing issues. Think of Bittorrent when a single DSL user can send 128 kb a sec out to every peer of there ISP on a statement ISP thats a lot of traffic. IPv6 also does not address routing table complexity and thus memory requirements.
Now your 50 buck a pop little DSL AP generaly has the settings correct by default with an easy way to make a DMZ host thats entirly unprotected.
Ipv6 may be the furture but if we realy want to make things work better look at replacing BGPv4 while your at it. Something that allows link redundancy along with carrier redundancy while perserving state is needed. You should be able to have a cable modem and a DSL line and combine the bandwith. Right now you have to do that through NAT and proxies and it works well for outgoing sessions allthough it's failover is stateless so a single line going down drops a portion of your connections.
Great so you make a law to protect a business. Remeber artist the music industry have no inalaible right to copyright. They are supposed to have a limited right to exclusive copy's for a time to encurage putting things into the public commons. Having things tied up by copyright is not in the public interest because it stifle inovention to an extent. For a case in point rap and techno use a lot of samples and to get the rights to those samples they at times have to pay hefty use fee's, this is a hinderance to smaller artists that want to use samples but can afford liscencing but still want to put out and CD.
As an asside my persoanl feelings that if any law is not accepted by the general population it should be repealed. Domocracy is for the people by the people not for the special interests. Granted I relize that this would have ment the african american rights would have taken much longer to get into place.
Here Here somebody that understands that Liux may be good but it missing a pile of features to make it realy work in single box no downtime for even scedualed maitnence production the nitch currently filled by Sun and IBM's AIX for the most part.
Breaking into systems to show people that they are broken sounds like a nice thing. If you realy want to do that go get a gig with a security outfit and get PAID to do it along with enough legal paperwork to keep you posterier covered. I've seen the disclosures NDA etc etc pile it will take you an afternoon to initial each page and sign at the end.
So here is the todo list to be a whitehat:
A Leave your parents place they love you but you can do your own laundry.
B Get hooked up with or form your own security sonsulting business.
C Sick the legal people on enough agreements etc that the only place they can take you to court is is in a nice comfertable tropic island thats happens to have great fiber connections.
D Do what you want to do and general make a good living doing it.
Now the donts would be:
Stay with your parents.
Break into systems just because they should be more secure and you can help them.
Dont get paid ofr any of it.
Got o jail when the FBI shows up with a list of charges after you admited to commiting a crime by telling your victims whats wrong with there network.
As somebody that has used spews before I think they made it clear enough technicaly that they would ban /32 then decrease the mask as more incidents were reported. I think they should have used arin etc to get there blocks from but they never claimed to do it in that maner. Spews did what they stated they would do technicaly, while there PR spun it to be less damaging that it was. If you can sue over spin I think the politicians will fix that one quick.
lets leave bandwith and storage out of it and fixate on time lets say it takes you half a minute to delete each spam. If you make $120 an hour then thats a buck to delete the email. Yes I relize thats roughly a quarter of a million dollar sallery but it's not unreasonable people make that mucha nd more. Actualy I think the damages are supposed to be punitive not compensitory. With punitive damages it's a fine that they person that files suit gets to collect sort of a prize for actualy spening all that time on the suit. Compensiory damages are for actual costs incured.