I'm working on a requirements document for InternetNZ for a "Network Measurement Lab" attempting to specify useful testing and measurement facilities for NZ. It's one of

Auckland next month and this type of facility is firmly in the agenda.

There's a number of possibilities here:

1) The RIPE ATLAS project (https://atlas.ripe.net/ [1]) has a facility that allows RIPE members to request a traceroute from multiple probes to a destination. The current system will pass the work out to around 700 probes and return a traceroute result set some time later.

Perhaps we could seek to deploy something like the RIPE Atlas probes around the country or even better push something across

region.

There's already a dozen or so of these probes in NZ.

2) Gaurab posted something here the other day about NLNOG RING - that's another option.

Whatever we come up with let's find a way to make it possible for people to easily run such tests and make

I have one of their probes and the certainly work well. All you need is a USB and ethernet port to run one. Having never done it before I have put a traceroute request in, will post what results they give you once it finishes. Cheers, Bill On Thu, 21 Jun 2012 10:35:58 +1200, Andy Linton wrote: the items on the InTAC agenda in the APNIC the data and the results

public as a way to improve our network quality. _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz [2]

http://list.waikato.ac.nz/mailman/listinfo/nznog [3] Links: ------ [1] https://atlas.ripe.net/ [2] mailto:NZNOG(a)list.waikato.ac.nz [3] http://list.waikato.ac.nz/mailman/listinfo/nznog

Barry, I talked to John Butt about this months ago. Nothing came of it. http://about.me/jonbrewer On 21/06/2012, at 11:32, Barry Murphy wrote:

Truenet (http://www.truenet.co.nz/) have hundreds if not thousands of nodes out on the internet connected to multiple providers, why not see if they can add something to their probes? At the end of the day they are a measuring company and work with stats like this so it may be of interest to them for their public stats.

Cheers Barry

On Thu, 21 Jun 2012 10:35:58 +1200, Andy Linton wrote:

...

I'm working on a requirements document for InternetNZ for a "Network Measurement Lab" attempting to specify useful testing and measurement facilities for NZ. It's one of the items on the InTAC agenda in Auckland next month and this type of facility is firmly in the agenda.

There's a number of possibilities here:

1) The RIPE ATLAS project (https://atlas.ripe.net/) has a facility that allows RIPE members to request a traceroute from multiple probes to a destination. The current system will pass the work out to around 700 probes and return a traceroute result set some time later.

Perhaps we could seek to deploy something like the RIPE Atlas probes around the country or even better push something across the APNIC region.

There's already a dozen or so of these probes in NZ.

2) Gaurab posted something here the other day about NLNOG RING - that's another option.

Whatever we come up with let's find a way to make it possible for people to easily run such tests and make the data and the results public as a way to improve our network quality. _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Hi all Does anyone have a reasonably comprehensive list of domains used by credit card processors, such as 'Verified by Visa' etc., that I can add to the walled garden on a pay hotspot? My provider, Payment Express, aren't being very helpful and filling my list by asking clients to read the URLs from their 404 message is proving to be slow and annoying. So far I have: arcot.com securesuite.net onlineauthentication.com.au lloydstsb.com securesuite.co.uk Cheers Stan Rivett ------------------ Netspeed Data Ltd PO Box 5691 Dunedin P: +64 3 481 7245 C: +64 21 323 841 ------------------

Hi Stan, Honestly - good luck with this. We came to the conclusion that you essentially need to permit every bank in the world as they all have different authentication methods, all hosted on their own infrastructure. That is how Verified by Visa and Master Card Secure Code are able to guarantee the level of security. We used to log people in for a few minutes to complete this transaction but it's really quite cumbersome and generated more problems that what it was worth. As Nathan mentions referrer URL could be useful, you could use this to generate a white-list over time but that is likely still more trouble that what it is worth. In the end we managed to convince our provider that the low transaction value was worth the risk, signed a waver and opted out of the scheme. On 3 July 2012 04:42, Nathan Ward wrote:

Why not allow based on referrer for some limited period of time? I assume that the referrer is going to be your hotspot's URL or something. Or maybe allow based on referrer forever and do some monitoring to check and see if people are abusing it. No need to get a perfect solution on day 1, you're better off allowing all customers than blocking potential freeloaders.

On 3/07/2012, at 3:38 PM, Stan Rivett wrote:

...

Hi all

Does anyone have a reasonably comprehensive list of domains used by credit card processors, such as 'Verified by Visa' etc., that I can add to the walled garden on a pay hotspot?

My provider, Payment Express, aren't being very helpful and filling my list by asking clients to read the URLs from their 404 message is proving to be slow and annoying.

So far I have:

arcot.com securesuite.net onlineauthentication.com.au lloydstsb.com securesuite.co.uk

Cheers

Stan Rivett ------------------ Netspeed Data Ltd PO Box 5691 Dunedin P: +64 3 481 7245 C: +64 21 323 841 ------------------

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Hi Anand, On 4 July 2012 02:00, Anand Kumria wrote:

Neither Verified by Visa nor MasterCard SecureCode guarantee any security.

Probably bad wording on my part, nothing is guaranteed. As I understand it they are trying to reduce fraudulent translations by extensively verifying and frustrating the card holder.

Neither scheme is hosted by any issuing bank from what I have observed. What data do you have?

Yes the whole idea with these schemes is that the card issuing bank provides an extra level of authentication of the end user. For example, when I use my Lloyds TSB Visa card to purchase something on-line I am redirected to a page containing their logo and asking one or more questions relating to my bank account, ie my birth date, or internet banking password (freaked me out the first time). This page appears to be different for every bank and is entirely independent of MasterCard or Visa.

Most of the providers I've dealt with have specifically had you *opt*-*in* to making your customers transactions, and lives, more cumbersome.

We were forced into the scheme and it was very hard to opt out, at least with our merchant bank.

Note - that customers can opt-out at any time (and are able to opt-out every 3 transactions) so, again, neither scheme does anything but shift liability (subject to asterisks) to the customer and make it harder to complete the purchase.

That doesn't really help in a hotspot scenario as if it's the third transaction you're still going to have to get them to see the issuing banks verification page.