Colo in UK and Austraila.

Rob,
i'd give a look at www.peeringdb.com as a start.   I
suspect that a
lot of it may depend upon your application and power
needs... I'm
thinking of personal experiences with DC power needs and
space that
required the housing of dwdm equipment etc, vs. someone who
needs
servers, etc...

I'm sure there will be no shortage of folks chiming in... I
also hear
some folks are using ireland instead of the bond area, as
well as
Manchester, etc...   Have you considered other nearby
countries as
well?   The dutch and germans do a good job and there are
some nice
sites in madrid, but to each his own/ ymmv!   good luck

Peter Cohen




On 5/1/06, Robert Sherrard <robrobsherrard.com> wrote:
>
> Can anyone recommend neutral facilities in both the UK
and Australia?
>
> Rob
>
>

UL is seeing a large DDOS coming towards a couple of
customers of ours.
 I know that other ISPs have been affected as well.  I will
let them
identify them selves.

Anyone have any scoop on this?

Tim
-- 
1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415
665 3790
 GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05  3F02 11E3 390F
8338 5B04
                Life is playful - Ben Olizar

On Tue, May 02, 2006 at 06:40:43PM -0700, Tim Pozar wrote:
> UL is seeing a large DDOS coming towards a couple of
customers of ours.
>  I know that other ISPs have been affected as well.  I
will let them
> identify them selves.
> 
> Anyone have any scoop on this?

A) I don't think anyone knows who UL is by that reference
alone (I assume 
   you mean united layer).

B) The DoS target is Livejournal.

C) As an upstream of an upstream of LJ I'm barely seeing
150Mbps or so of 
   it. No indications of exactly how big it is by the time
it hits them, 
   but at least from my perspective it doesn't seem like a
huge attack.

Hope it stops soon though, a sustained livejournal outage is
probably 
grounds for at least 4-5 suicides by distraught teenagers
who can't blog 
about their day. 

-- 
Richard A Steenbergen <rase-gerbil.net>       http://www.e-gerbil.net/r
as
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41
5ECA F8B1 2CBC)

Richard A Steenbergen wrote:
> On Tue, May 02, 2006 at 06:40:43PM -0700, Tim Pozar
wrote:
> 
>>UL is seeing a large DDOS coming towards a couple of
customers of ours.
>> I know that other ISPs have been affected as well. 
I will let them
>>identify them selves.
>>
>>Anyone have any scoop on this?
> 
> 
> A) I don't think anyone knows who UL is by that
reference alone (I assume 
>    you mean united layer).
> 
> B) The DoS target is Livejournal.
> 
> C) As an upstream of an upstream of LJ I'm barely
seeing 150Mbps or so of 
>    it. No indications of exactly how big it is by the
time it hits them, 
>    but at least from my perspective it doesn't seem
like a huge attack.
> 
> Hope it stops soon though, a sustained livejournal
outage is probably 
> grounds for at least 4-5 suicides by distraught
teenagers who can't blog 
> about their day. 
> 

Ya... I have been chatting with the folks at SixApart about
this.  This
is one of the folks attacked.  It looks like there may have
been others.

Tim
-- 
1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415
665 3790
 GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05  3F02 11E3 390F
8338 5B04
                Life is playful - Ben Olizar

At 10:11 PM 5/2/2006, Richard A Steenbergen wrote:

>On Tue, May 02, 2006 at 06:40:43PM -0700, Tim Pozar
wrote:
> > UL is seeing a large DDOS coming towards a couple
of customers of ours.
> >  I know that other ISPs have been affected as
well.  I will let them
> > identify them selves.
> >
> > Anyone have any scoop on this?
>
>A) I don't think anyone knows who UL is by that
reference alone (I assume
>    you mean united layer).
>
>B) The DoS target is Livejournal.
>
>C) As an upstream of an upstream of LJ I'm barely
seeing 150Mbps or so of
>    it. No indications of exactly how big it is by the
time it hits them,
>    but at least from my perspective it doesn't seem
like a huge attack.
>
>Hope it stops soon though, a sustained livejournal
outage is probably
>grounds for at least 4-5 suicides by distraught
teenagers who can't blog
>about their day. 


Add in the Blue Security DDOS. NSP-SEC must be busy
defending DDoS'ers tonight
keeping them from helping people defend LiveJournal.

Uh. Who let the Frog out?

http:
//www.wired.com/news/technology/internet/0,70798-0.html?
tw=rss.technology








--
Martin Hannigan                                (c)
617-388-2663
Renesys Corporation                            (w)
617-395-8574
Member of Technical Staff                      Network
Operations
                                                hanniganrenesys.com  

Martin Hannigan wrote:
> 
> At 10:11 PM 5/2/2006, Richard A Steenbergen wrote:
> 
>> On Tue, May 02, 2006 at 06:40:43PM -0700, Tim Pozar
wrote:
>> > UL is seeing a large DDOS coming towards a
couple of customers of ours.
>> >  I know that other ISPs have been affected as
well.  I will let them
>> > identify them selves.
>> >
>> > Anyone have any scoop on this?
>>
>> A) I don't think anyone knows who UL is by that
reference alone (I assume
>>    you mean united layer).
>>
>> B) The DoS target is Livejournal.
>>
>> C) As an upstream of an upstream of LJ I'm barely
seeing 150Mbps or so of
>>    it. No indications of exactly how big it is by
the time it hits them,
>>    but at least from my perspective it doesn't
seem like a huge attack.
>>
>> Hope it stops soon though, a sustained livejournal
outage is probably
>> grounds for at least 4-5 suicides by distraught
teenagers who can't blog
>> about their day. 
> 
> 
> Add in the Blue Security DDOS. NSP-SEC must be busy
defending DDoS'ers
> tonight
> keeping them from helping people defend LiveJournal.
> 
> Uh. Who let the Frog out?
> 
> http:
//www.wired.com/news/technology/internet/0,70798-0.html?
tw=rss.technology
> 

Blue Security's solution to their DOS was to point their
www to their
Typepad-hosted blog.

apogee:/home/pedro> host www.bluesecurity.com
www.bluesecurity.com is a nickname for
bluesecurity.blogs.com
bluesecurity.blogs.com has address 204.9.178.61
apogee:/home/pedro> whois -h whois.arin.net 204.9.178.61

OrgName:    SIX APART LTD
OrgID:      SAL-48
[...]

How's that for honorable comportment. We're getting
slammed so we're
gonna make it someone else's problem(and not give them a
heads up).

-- 
Peter Wohlers

At 11:52 AM 5/3/2006, Peter Wohlers wrote:

>Martin Hannigan wrote:
> >
> > At 10:11 PM 5/2/2006, Richard A Steenbergen wrote:
> >
> >> On Tue, May 02, 2006 at 06:40:43PM -0700, Tim
Pozar wrote:
> >> > UL is seeing a large DDOS coming towards
a couple of customers of ours.
> >> >  I know that other ISPs have been
affected as well.  I will let them
> >> > identify them selves.
> >> >
> >> > Anyone have any scoop on this?
> >>
> >> A) I don't think anyone knows who UL is by
that reference alone (I assume
> >>    you mean united layer).
> >>
> >> B) The DoS target is Livejournal.
> >>
> >> C) As an upstream of an upstream of LJ I'm
barely seeing 150Mbps or so of
> >>    it. No indications of exactly how big it is
by the time it hits them,
> >>    but at least from my perspective it
doesn't seem like a huge attack.
> >>
> >> Hope it stops soon though, a sustained
livejournal outage is probably
> >> grounds for at least 4-5 suicides by
distraught teenagers who can't blog
> >> about their day. 
> >
> >
> > Add in the Blue Security DDOS. NSP-SEC must be
busy defending DDoS'ers
> > tonight
> > keeping them from helping people defend
LiveJournal.
> >
> > Uh. Who let the Frog out?
> >
> > 
> http:
//www.wired.com/news/technology/internet/0,70798-0.html?
tw=rss.technology
> >
>
>Blue Security's solution to their DOS was to point
their www to their
>Typepad-hosted blog.
>
>apogee:/home/pedro> host www.bluesecurity.com
>www.bluesecurity.com is a nickname for
bluesecurity.blogs.com
>bluesecurity.blogs.com has address 204.9.178.61
>apogee:/home/pedro> whois -h whois.arin.net
204.9.178.61
>
>OrgName:    SIX APART LTD
>OrgID:      SAL-48
>[...]
>
>How's that for honorable comportment. We're getting
slammed so we're
>gonna make it someone else's problem(and not give them
a heads up).


Like Lycos MLNS, I predict we'll see random infrastructure
obfuscation,
route changes, hardware moves, etc. and ultimately the end
of BS. If
not today, perhaps soon.

It's interesting to watch the equivalent of the battle of
Omaha Beach between two sets of miscreants, one legitimized
by
some on nsp-sec, and one legitimized by a commercial DDoS
service.


-M<