NANOG NYC Event
Eye Am
eyeam at optonline.net
Mon Jun 2 19:39:39 UTC 2008
Read http://www.forgotten-ny.com/ before setting any agendas and if you have
some time to spare, there is some awesome history to find. I lived there for
nearly 20 years and it's endless the amazing things you can find just a
short distance from anywhere.
One of my stops is *always* the Dakotah and Strawbberry Fields followed by a
walk through Central Park. Up on the Northwest side is the lake/castle
that's a must see too.
Right at 72nd and Columbus (close to the Dakotah) is the greatest pizzeria
in NY.
C. Genrich
----- Original Message -----
From: <nanog-request at nanog.org>
To: <nanog at nanog.org>
Sent: Monday, June 02, 2008 7:00 AM
Subject: NANOG Digest, Vol 5, Issue 2
> Send NANOG mailing list submissions to
> nanog at nanog.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.nanog.org/mailman/listinfo/nanog
> or, via email, send a message with subject or body 'help' to
> nanog-request at nanog.org
>
> You can reach the person managing the list at
> nanog-owner at nanog.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of NANOG digest..."
>
>
> Today's Topics:
>
> 1. Re: NANOG NYC Event (Brant I. Stevens)
> 2. Re: NANOG NYC Event (J. Oquendo)
> 3. Re: NANOG NYC Event (John Levine)
> 4. Re: NANOG NYC Event (Fisher, Shawn)
> 5. Re: NANOG NYC Event (Henry Yen)
> 6. Comcast - Stuck route in Chicago directing MN traffic via
> Denver (Eric Spaeth)
> 7. Emerg data recovery recommdnations? (david raistrick)
> 8. Re: IOS Rookit: the sky isn't falling (yet) (Christian)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 01 Jun 2008 11:39:43 -0400
> From: "Brant I. Stevens" <branto at branto.com>
> Subject: Re: NANOG NYC Event
> To: John Levine <johnl at iecc.com>, <nanog at nanog.org>
> Message-ID: <C4683AFF.14D1C1%branto at branto.com>
> Content-Type: text/plain; charset="US-ASCII"
>
>
>
>
> On 5/31/08 11:58 PM, "John Levine" <johnl at iecc.com> wrote:
>
>> In article <43661d390805312028u130046ddlc804e4615c83ba62 at mail.gmail.com>
>> you
>> write:
>>> I second the motion to recognize Dinosaur BBQ. All those in favor?
>>
>> Dinosaur is swell, but it's in Syracuse.
>>
>> Perhaps you could pick one that's reachable by subway instead.
>
> Dinosaur Barbecue
> www.dinosaurbarbque.com
>
> 646 W 131st St
> New York, NY 10027
>
> It's in Harlem. BOOOOOOO!!!!!
>
>>
>>
>>
>>
>
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Sun, 1 Jun 2008 10:54:40 -0500
> From: "J. Oquendo" <sil at infiltrated.net>
> Subject: Re: NANOG NYC Event
> To: nanog at nanog.org
> Message-ID: <20080601155440.GA47184 at infiltrated.net>
> Content-Type: text/plain; charset=us-ascii
>
> On Sun, 01 Jun 2008, Brant I. Stevens wrote:
>
>>
>> It's in Harlem. BOOOOOOO!!!!!
>>
>
> So is Columbia University!
>
> Harlem is in the process of going through a
> renaissance and has been over the past 10 or
> more so things have changed for the better.
> Just avoid going there after certain hours ;)
>
> As for the prior Brooklyn comment, Park Slope
> also has some great eats but the area/scene
> tends to be sort of artsy. If you want to spend
> some time sightseeing Brooklyn, the Brooklyn
> Public Library (main one) Grand Army Plaza is
> near the Brooklyn Botanic Gardens. Don't forget
> Coney Island which has also changed in the last
> decade. Again, watch those hours, NY is a Jeckyll
> and Hyde city. Nice sometimes, beautiful to visit
> but can be insanely ugly.
>
> The downtown Brooklyn area has some nice eats
> but I've always preferred the city. In the area
> of downtown Brooklyn, you'll typically find a
> bunch of people in local government and lawyers
> eating as the courts are downtown.
>
> For those looking for sweets, don't forget the
> ever famous (overhyped) Junior's Cheesecake.
> If you've travelled to Coney Island then one
> cannot forget Nathan's. There are some really
> good pubs in the Red Hook section, but alas
> again, going through certain neighborhoods is
> not for everyone. You can jump on a Water Taxi
> there for kicks though. Makes for nice pictures
> at night.
>
> Sightseeing: Jump on a boat at night (booze
> cruise) $25.00
> http://www.nywatertaxi.com/tours/happyhour/
>
> Or just hop on an "On and Off" cruise:
> http://www.nywatertaxi.com/hop/
>
> $20.00
>
> --
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1)
> CEH/CNDA, CHFI
>
> "Experience hath shewn, that even under the best
> forms (of government) those entrusted with power
> have, in time, and by slow operations, perverted
> it into tyranny." Thomas Jefferson
>
> wget -qO - www.infiltrated.net/sig|perl
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB
>
>
>
>
> ------------------------------
>
> Message: 3
> Date: 1 Jun 2008 16:09:56 -0000
> From: John Levine <johnl at iecc.com>
> Subject: Re: NANOG NYC Event
> To: nanog at nanog.org
> Message-ID: <20080601160956.22514.qmail at simone.iecc.com>
> Content-Type: text/plain; charset=iso-8859-1
>
>>Dinosaur is swell, but it's in Syracuse.
>>
>>Perhaps you could pick one that's reachable by subway instead.
>
> Oh, all right, as about 47 people have pointed out, they have a branch
> on 131st St. The barbeque is not bad. I eat it at the NY State Fair
> every year.
>
> On the other hand, I would think that in NYC, home of the most
> wonderful food on the continent,* you could do better than a branch of
> a yuppie ex biker joint from Syracuse. How about RUB at 23rd and 7th?
> Or Johnny Utah's at 51st and 5th? Or Oklahoma Smoke up at 145st St?
>
> R's,
> John
>
> * - with the possible exception of Montreal, an argument that can only
> be resolved by extensive research in both places
>
>
>
> ------------------------------
>
> Message: 4
> Date: Sun, 1 Jun 2008 12:57:31 -0400
> From: "Fisher, Shawn" <SFisher at Bresnan.com>
> Subject: Re: NANOG NYC Event
> To: <sil at infiltrated.net>, <nanog at nanog.org>
> Message-ID:
> <21352038E7719F43A6D65B2D90B5256CCBFA34 at fossil.bresnan.com>
> Content-Type: text/plain; charset="us-ascii"
>
> (Drifting further off topic). Another suggestion to add is the DUMBO area
> of brooklyn, down under mahattanville overpass, easy to reach from
> manhattan, take a nice stroll across the brooklyn bridge and your there,
> lots of cool restaurants. Another bit of history, walk to montague
> street, yes the montague street mr dylan sings about in tangled up in
> blue. (some controversy over this) best way to walk is on the promenade
> along the east river, great views of manhattan. Enjoy
> --------------------------
> Sent using BlackBerry
>
>
> -----Original Message-----
> From: J. Oquendo
> To: nanog at nanog.org
> Sent: Sun Jun 01 11:54:40 2008
> Subject: Re: NANOG NYC Event
>
> On Sun, 01 Jun 2008, Brant I. Stevens wrote:
>
>>
>> It's in Harlem. BOOOOOOO!!!!!
>>
>
> So is Columbia University!
>
> Harlem is in the process of going through a
> renaissance and has been over the past 10 or
> more so things have changed for the better.
> Just avoid going there after certain hours ;)
>
> As for the prior Brooklyn comment, Park Slope
> also has some great eats but the area/scene
> tends to be sort of artsy. If you want to spend
> some time sightseeing Brooklyn, the Brooklyn
> Public Library (main one) Grand Army Plaza is
> near the Brooklyn Botanic Gardens. Don't forget
> Coney Island which has also changed in the last
> decade. Again, watch those hours, NY is a Jeckyll
> and Hyde city. Nice sometimes, beautiful to visit
> but can be insanely ugly.
>
> The downtown Brooklyn area has some nice eats
> but I've always preferred the city. In the area
> of downtown Brooklyn, you'll typically find a
> bunch of people in local government and lawyers
> eating as the courts are downtown.
>
> For those looking for sweets, don't forget the
> ever famous (overhyped) Junior's Cheesecake.
> If you've travelled to Coney Island then one
> cannot forget Nathan's. There are some really
> good pubs in the Red Hook section, but alas
> again, going through certain neighborhoods is
> not for everyone. You can jump on a Water Taxi
> there for kicks though. Makes for nice pictures
> at night.
>
> Sightseeing: Jump on a boat at night (booze
> cruise) $25.00
> http://www.nywatertaxi.com/tours/happyhour/
>
> Or just hop on an "On and Off" cruise:
> http://www.nywatertaxi.com/hop/
>
> $20.00
>
> --
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1)
> CEH/CNDA, CHFI
>
> "Experience hath shewn, that even under the best
> forms (of government) those entrusted with power
> have, in time, and by slow operations, perverted
> it into tyranny." Thomas Jefferson
>
> wget -qO - www.infiltrated.net/sig|perl
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB
>
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Sun, 1 Jun 2008 17:27:10 -0400
> From: Henry Yen <henry at AegisInfoSys.com>
> Subject: Re: NANOG NYC Event
> To: nanog at nanog.org
>Message-ID: <20080601172710.R2829 at AegisInfoSys.com>
> Content-Type: text/plain; charset=us-ascii
>
> On Sun, Jun 01, 2008 at 10:54:40AM -0500, J. Oquendo wrote:
>> As for the prior Brooklyn comment, Park Slope
>> also has some great eats but the area/scene
>> tends to be sort of artsy.
>>
>> The downtown Brooklyn area has some nice eats
>> but I've always preferred the city. In the area
>> of downtown Brooklyn, you'll typically find a
>> bunch of people in local government and lawyers
>> eating as the courts are downtown.
>>
>> For those looking for sweets, don't forget the
>> ever famous (overhyped) Junior's Cheesecake.
>
> Disclaimer: I've worked in the immediate area of this conference on
> and off for over 30 years. (In fact, I'm staring longingly down at
> the Marriott Hotel from the office window right now...)
>
> First, you simply must take a walk across the Brooklyn Bridge to
> Manhattan (and back). Exhilarating views, an unforgettable
> experience, and you'd be participating in one of the more common
> things that "all" NYC people do. Just walk out the "front" door of
> the hotel and turn right. (Watch out for crazy bicyclists!)
>
> Second, Junior's Cheesecake, overhyped as it is, is still arguably
> among the best "domestic" cheesecakes, at least on the east coast.
> You really ought to try it. But, don't stop there -- the
> brisket/corned-beef/pastrami on twin rolls is highly recommended.
> (My personal favorite is their down-home matzoh-ball soup.)
>
> Third, the Brooklyn Heights area is admittedly "artsy", but there's
> lots of interesting and tasty variety. I've had great food at
> several Italian seafood-style places (although if that's your
> preference, I'd encourage you to go to Vincent's in Little Italy
> (lower Manhattan)).
>
> Finally, I didn't see a destination that seems like it might be very
> useful: Radio Shack (go out the "back" door of the hotel, turn right,
> half a block to Willoughby, turn right, and it's right across the street
> from the White Castle (which is its own "destination")).
>
> P.S. If you're into bicycling, the Hudson River Park bikeway (runs about
> 10 miles along the western Manhattan shoreline) is a paved, fantasitc,
> ride. I don't know if the bike rental season has started yet, though.
>
> --
> Henry Yen <henry at AegisInfoSys.com> Aegis Information Systems,
> Inc.
> Senior Systems Programmer Hicksville, New York
>
>
>
> ------------------------------
>
> Message: 6
> Date: Sun, 01 Jun 2008 23:57:06 -0500
> From: Eric Spaeth <eric at spaethco.com>
> Subject: Comcast - Stuck route in Chicago directing MN traffic via
> Denver
> To: nanog at merit.edu
> Message-ID: <48437DA2.9060100 at spaethco.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> For the last couple weeks there has been a route stuck in the Chicago
> wan/core that is directing some Minnesota-bound traffic through Denver,
> even though Chicago and the Roseville, MN aggregation remain up and
> directly connected. This has the dual benefit of unnecessarily
> increasing the load on Comcast's internal backbone as well as increasing
> latency for Minnesota subscribers connecting to "east of the
> Mississippi" destinations by ~20ms.
>
> I'm hoping Comcast engineers read this list, or someone in the carrier
> community can help poke one of their Comcast contacts to help get this
> resolved.
>
> Thanks in advance!
>
> "Wedged" route - 76.113.128.0/17
> Correct route - 69.180.128.0/18
>
> Example trace from Chicago source to 76.113.128.0/17:
> =========================================
> traceroute to 76.113.128.1 (76.113.128.1), 30 hops max, 40 byte packets
> 1 69.65.40.62 (69.65.40.62) 0.542 ms 0.511 ms 0.508 ms
> 2 so2-0-0-0.er1.Chi1.Servernap.net (69.39.239.169) 1.632 ms 1.642
> ms 2.121 ms
> 3 ge-6-20.car1.Chicago1.Level3.net (4.79.65.49) 1.605 ms 1.608 ms
> 1.619 ms
> 4 ae-2-54.edge1.Chicago2.Level3.net (4.68.101.115) 1.604 ms 1.602
> ms 1.600 ms
> 5 COMCAST-IP.edge1.Chicago2.Level3.net (4.71.248.26) 2.735 ms 2.741
> ms 2.739 ms
> 6 pos-0-8-0-0-cr01.denver.co.ibone.comcast.net (68.86.85.114) 27.284
> ms 27.398 ms 27.387 ms
> 7 te-9-4-ar02.roseville.mn.minn.comcast.net (68.86.91.154) 44.177 ms * *
> 8 te-0-2-0-5-ar03.roseville.mn.minn.comcast.net (68.87.174.73) 28.352
> ms 28.352 ms 28.349 ms
> 9 te-2-1-ur01.sims.mn.minn.comcast.net (68.87.174.74) 28.826 ms * *
> 10 te-8-3-ur02.sims.mn.minn.comcast.net (68.87.174.78) 28.959 ms * *
> 11 te-2-1-ur01.newport.mn.minn.comcast.net (68.87.174.82) 29.267 ms *
> te-2-1-ur01.newport.mn.minn.comcast.net (68.87.174.82) 28.700 ms
> 12 c-76-113-128-1.hsd1.mn.comcast.net (76.113.128.1) 28.638 ms 28.673
> ms 28.667 ms
> =========================================
>
> Example trace from Chicago source to working route 69.180.128.0/18
> =========================================
> traceroute to 69.180.130.1 (69.180.130.1), 30 hops max, 40 byte packets
> 1 69.65.40.62 (69.65.40.62) 0.482 ms 0.450 ms 0.446 ms
> 2 so2-0-0-0.er1.Chi1.Servernap.net (69.39.239.169) 1.595 ms 2.082
> ms 2.082 ms
> 3 ge-6-20.car1.Chicago1.Level3.net (4.79.65.49) 1.568 ms 1.569 ms
> 1.579 ms
> 4 ae-2-52.edge1.Chicago2.Level3.net (4.68.101.51) 1.562 ms 1.563 ms
> 1.560 ms
> 5 COMCAST-IP.edge1.Chicago2.Level3.net (4.71.248.22) 2.708 ms 2.713
> ms 2.711 ms
> 6 te-0-1-0-7-ar03.roseville.mn.minn.comcast.net (68.87.174.21) 13.144
> ms 11.919 ms 11.877 ms
> 7 68.87.174.22 (68.87.174.22) 11.824 ms * *
> 8 te-8-3-ur02.brooklynpark.mn.minn.comcast.net (68.87.174.26) 12.333
> ms * *
> 9 te-2-1-ur01.newhope.mn.minn.comcast.net (68.87.174.30) 12.012 ms * *
> 10 c-3-0-ubr02.newhope.mn.minn.comcast.net (69.180.130.1) 11.963 ms
> 12.018 ms 11.973 ms
> =========================================
>
> -Eric
>
>
>
> ------------------------------
>
> Message: 7
> Date: Mon, 2 Jun 2008 09:04:24 +0000 (UTC)
> From: david raistrick <drais at icantclick.org>
> Subject: Emerg data recovery recommdnations?
> To: nanog at nanog.org
> Message-ID: <alpine.BSF.0.999.0806020902510.16617 at murf.icantclick.org>
> Content-Type: TEXT/PLAIN; format=flowed; charset=us-ascii
>
>
> guys,
>
> wrong place, I know, but network down is network down no matter which side
> of the cable it falls on...
>
> Can anyone give any solid recommendations for a data recovery service who
> can fly to our site to extract data from a f'ed up RAID array?
>
> It's an absolute emergency (for us, of course).
>
> offlist please.
>
> .d
>
>
>
> ---
> david raistrick http://www.netmeister.org/news/learn2quote.html
> drais at icantclick.org http://www.expita.com/nomime.html
>
>
>
>
> ------------------------------
>
> Message: 8
> Date: Mon, 2 Jun 2008 07:47:56 -0400
> From: Christian <christian at visr.org>
> Subject: Re: IOS Rookit: the sky isn't falling (yet)
> To: "Fred Reimer" <freimer at ctiusa.com>
> Cc: nanog at nanog.org
> Message-ID:
> <9b62cf2f0806020447r10fc3ed0i6be793d6db694fb at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> here's the slides if anyone hasn't seen
>
> http://seclists.org/fulldisclosure/2008/May/att-0668/EuSecWest_presentation_ppt
>
> On Thu, May 29, 2008 at 11:27 AM, Fred Reimer <freimer at ctiusa.com> wrote:
>
>> New keys, to be stored on the crypto chip, would presumably be delivered
>> in
>> a separately signed package using a master key that would not change
>> (embedded within the chip). Maybe Cisco even doesn't have this key, and
>> would need to send a revocation or new public key to be stored on the
>> chip
>> to the chip manufacturer, who would sign it with the master private key
>> and
>> which then could be delivered in a software update to the system. There
>> are
>> many possibilities, and no crypto scheme is foolproof. That much has
>> been
>> proven. But no, you would not make the on-chip EEPROM of the crypto chip
>> "flashable" in the normal meaning of the word. You would send the chip a
>> pointer to a buffer that contains a signed update key, and the chip
>> itself
>> would verify that signature and only then program the updated key(s).
>>
>> My intention was not to turn nanog into a crypto forum. I'd be much more
>> interested in any unique methods that people use to harden their systems
>> that have not already been widely distributed through vendor or industry
>> best practices.
>>
>> Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
>> Senior Network Engineer
>> Coleman Technologies, Inc.
>> 954-298-1697
>>
>>
>> > -----Original Message-----
>> > From: Jim Wise [mailto:jwise at draga.com]
>> > Sent: Thursday, May 29, 2008 11:10 AM
>> > To: Fred Reimer
>> > Cc: Jared Mauch; nanog at nanog.org
>> > Subject: RE: IOS Rookit: the sky isn't falling (yet)
>> >
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > On Thu, 29 May 2008, Fred Reimer wrote:
>> >
>> > >The code would presumably be run upon boot from a non-flashable
>> > source,
>> > >which would run the boot ROM code through a check on the crypto chip
>> > and
>> > >only execute it if it passed. You would not put the code that checks
>> > the
>> > >boot ROM on the boot ROM. The new crypto chip would presumably have
>> > the
>> > >initial boot code, which would only be designed to check the boot ROM
>> > >signature and nothing else so presumably would never need to be
>> > replaced and
>> > >hence would be designed to be non-flashable.
>> >
>> > Doesn't this just push the chicken-and-egg problem up the chain one
>> > step?
>> > The ROMMON would be flashable (among other reasons) because the key
>> > used to
>> > sign IOS releases should change over the years -- gaining length as
>> > cycles
>> > get cheaper, being replaced periodically to prevent use of the same key
>> > for
>> > too long, and perhaps being revoked if it should ever be compromised.
>> >
>> > If the ROMMON is itself to be verified by a prior, non-flashable ROM,
>> > then
>> > all the same arguments would call for making its key-list updatable --
>> > and
>> > given the time-in-service seen by many such devices, any weakness in
>> > that
>> > key list would be around for quite some time.
>> >
>> > - --
>> > Jim Wise
>> > jwise at draga.com
>> > -----BEGIN PGP SIGNATURE-----
>> > Version: GnuPG v1.4.9 (NetBSD)
>> >
>> > iD8DBQFIPsdRq/KRbT0KwbwRAkcmAJ4xOBtANHOc+C/fzL+7PvgWnjp76ACfSGUw
>> > 43+1Pq3xWS4MagWzdetZ0ws=
>> > =62gJ
>> > -----END PGP SIGNATURE-----
>>
>
>
> ------------------------------
>
> _______________________________________________
> NANOG mailing list
> NANOG at nanog.org
> http://mailman.nanog.org/mailman/listinfo/nanog
>
>
> End of NANOG Digest, Vol 5, Issue 2
> ***********************************
>
More information about the NANOG
mailing list