(source flickr, no it is not me)

In a recent post I joked about willy (this site) former hardware being the oldest server on the net. Well, it turned out that it might have been one of the slowest, but not the oldest. At least, there is actually a C=64 serving webpages with this ethernet board and it can be found on http://www.c64web.com/.

And yes, it seems it is actually running on a C=64:

krokodil-boerland-home:~ bert$ telnet www.c64web.com 80
Trying 58.6.118.18...
Connected to c64web.com.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.0 200 OK
Server: Contiki/2.2.2 http://www.sics.se/contiki/
Connection: close
Content-type: text/html

So do not be surprised when I move this webserver over to my old C=64 running Contiki. :-)

Over at the "Internet protocol Jornal (issue 10.4) you can find a good read on the dangers of IP spoofing. This problems is very old and very wide known. Even when I was in networking (1997-2002) this was wideley known and there was an easy cure. So I dont understand why Cisco decided to publish this now, a decade ago it would have been yesterdays news.

Everyone who ever read the TCP/IP bible (TCP/IP illustrated) knows this. All you have to configure on a router is IP UNICAST REVERSE PATH, in combination with cisco CEF. Then all packets that are routed are inspected. If the sender address (the From IP address) is in the routing table, it is checked to see if the router would route it the packet would have been send over the same interface the packet orginated from. If so, the sender is valid and the packet is routed, if not, it is proabbly a forged packet and it is dropped. That simple, one command and there is no IP spoofing anymore. In 1998 cisco released this feature I think, a decade ago!

All ISP's (at least in the Netherlands) have this kind of ingress filtering acitvated on their routers since a decade, it is impossible to spoof and route a packet in the Netherlands and most parts of the world for that matter.

I remember though that Casema (which I used as a cable modem provider between 1996-2001) didnt have this feature for some time. You could route a packet towards 1.1.1.1 with the sender address 10.255.255.255. 1.1.1.1 would give an "ICMP unreachable message" from the border routers of casema and it would be send towards the complete internal network -all systems- of Casema creating a kind of internal DoS.

But to publish this article one decade after a decade seems like rerunning old stories. 10 years is on the net a lifetime.

Via Steven Peck, via 21764, the corporate site of AOL is using... Drupal! Note that their developer site has been using Drupal since nearly a year.

I think it is great to see that the big corporations use Drupal, the showcases make it easier to sell Drupal to other corporations, there is more critical mass, more good things will come to and get out of "the community".

Note that there is (or might be) also a dark side. I will blog about the downside soon, but what do you think -apart from the brand AOL- is the downside of corps like AOL using Drupal?

Back in the old days... I did some netmastering for AS1136 (now AS286). And while I am not in to routing anymore, I still like this song performed at the RIPE 55

So bye bye, folks at RIPE 55
Be persuaded to upgrade it or your network will die
IPv6 just makes me let out a sigh
But I spose we'd better give it a try
I suppose we'd better give it a try

See also the grow of the internet and a report from cisco on IPv4 and v6

Other funny quotes:
* ...and all my traceroutes showing stars
* Saw a man with whom I used to peer
* My Cisco shares completely worthless

Do you know that feeling when you have more expertise than those helpdesk employees you're trying to explain your problem? But you need them to set your call through to someone who does know shit? And they are trying their best to help you but have absolutely no idea what you're talking about or what to do with it?

That feeling, I wonder if there's a name for it...

Now excuse me while I'm going to kill someone
throw my phone against the wall
punch someone in the face
shout
cry.