Fw: new message
Hey! New message, please read <http://bootcampchennai.com/themselves.php?do> Bryan Irvine
Re: Facebook down?
I called 911, they didn't know anything about it. On Wed, Sep 3, 2014 at 12:45 PM, Marshall Eubanks marshall.euba...@gmail.com wrote: http://www.downforeveryoneorjustme.com/facebook.com It's not just you! *http://facebook.com* http://facebook.com/ looks down from here. Relevant because of the likely increase in productiviity Regards Marshall Eubanks
Re: iOS 7 update traffic
My iPhone4 was about 600MB IIRC. My iPad mini was about that. I have about 7 iDevices between everyone in my immediate family. FWIW not a single one has actually received the notification yet. I've only manually done my 2 devices. I'm waiting to see how long it takes before I get the 'official' notification of an update on the others. On Thu, Sep 19, 2013 at 11:12 AM, TR Shaw ts...@oitc.com wrote: Haven't updated my iPad yet but the iPhone update size was 1.12GB On Sep 19, 2013, at 2:05 PM, Mikael Abrahamsson wrote: On Thu, 19 Sep 2013, Paul Ferguson wrote: Can someone please explain to a non-Apple person what the hell happened that started generating so much traffic? Perhaps I missed it in this thread, but I would be curious to know what iOS 7 implemented that caused this... The IOS7 upgrade is ~750 megabyte download for the phones/pods, and ~950 megabytes for ipad. There are quite a few devices out there times these amounts to download... -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: iOS 7 update traffic
Apple actually tries to rate-limit the notifications to prevent this, but you can just manually go check and hit the upgrade button yourself. It's pretty well-known that Apple likes to release ~10am, so tens (hundreds?) of millions of users did just that. Since this update is available for all iThingies made in the last 4-ish years that means a lot of extra traffic. On Thu, Sep 19, 2013 at 7:13 AM, Justin M. Streiner strei...@cluebyfour.org wrote: On Thu, 19 Sep 2013, Paul Ferguson wrote: Can someone please explain to a non-Apple person what the hell happened that started generating so much traffic? Perhaps I missed it in this thread, but I would be curious to know what iOS 7 implemented that caused this... I think this was just the traffic to download iOS 7 to everyones' relevant Apple devices. I don't know how large the update was (maybe a few hundred MB per device?), but I guess everyone got the notification or their devices started automatically downloading around the same time. The vast majority of the traffic here (large .edu) happened between about 1 and 5 PM yesterday. jms
Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)
On Thu, Jun 20, 2013 at 2:49 PM, Randy Bush ra...@psg.com wrote: So it's okay to screw over nearly fifty thousand customer domains because there are 140M .com's? luckily, none of the rest of us make mistakes Ages ago I responded on a Cisco list where the topic was biggest screwup you've made. I posted that I once forgot the implicit deny in an ACL and accidentally blocked all traffic between 4 locations in 2 states for a company I was working for. Downtime was a very brutal 60 seconds. Someone very insightful responded with anyone who hasn't done similar is lying about the 10 years on their resume. So the real question would be, why wasn't there someone who has already done this in the past working on this zone? ;) -B
Re: NOC display software
On Wed, Feb 13, 2013 at 7:19 AM, JoeSox joe...@gmail.com wrote: Just wondering if anyone can recommend Windows software (it could be Linux too but I might need to create a separate host for that configuration) that enables rotating [on one monitor] several webpages (dashboards) or windows (application dashboards). It would be nice if it was freeware or open source but whatever works best is what I am looking for. For example, if I wanted one monitor to cycle thru my local SolarWinds Orion, Office 365 Health Status, and anyother webdashboards. Tab Mix Plus is the one that I use for that. https://addons.mozilla.org/en-us/firefox/addon/tab-mix-plus/
Re: job screening question
On Sat, Jul 07, 2012 at 02:06:58PM +1000, Matthew Palmer wrote: On Sat, Jul 07, 2012 at 12:51:55PM +1200, Ben Aitchison wrote: On Fri, Jul 06, 2012 at 04:18:21PM +1000, Matthew Palmer wrote: On Thu, Jul 05, 2012 at 05:01:39PM -0700, Scott Weeks wrote: --- ja...@thebaughers.com wrote: From: Jason Baugher ja...@thebaughers.com Geez, I'd be happy to find someone with a good attitude, a solid work ethic, and the desire and aptitude to learn. :) --- Yeah, that. But how do you get those folks through the HR process to you, so you can decipher their skill/work ethic level? What can the HR person ask to find out if someone has these qualities? OSPF LSA type questions will not help. Don't get HR to do that sort of screening. They suck mightily at it. I lack any sort of HR department to get in the way, and I'm glad of it -- I don't see the value in having someone who doesn't know anything about the job get in the way of finding the right person for it. Sure, get 'em to do the scutwork of posting job ads, collating resumes, scheduling things and sending the lolz no! responses, but actually filtering? Nah, I'll do that bit thanks. If you have to have HR do a filter call, make it *really* simple, like What does TCP stand for? -- sadly, you'll still probably filter out half the applicants for a senior position... I've noticed a strong correlation between people who don't know what acronyms stand for, and competence. People who don't know anything try and figure out what the acronym stands for - people who want to understand things see it as just a place holder. [...] Maybe it's more significant to ask what the difference between TCP and UDP is. Yes, the difference between TCP and UDP is a much better question to ask, but having HR assess and act on the answer to the question is a whole hell of a lot harder. In many ways, *that's* the tough bit of finding a good screening question. snip Indeed. I was once filtered out of a sysadmin job at a big search engine company. They asked questions like: What system call does the ls command make? I didn't know, but said you could read the source or strace to find out. They asked me to describe what ARP is. I basically talked about what an ARP table is and went into detail about who-has requests for building the table etc... and more questions like that. They seemed lost and didn't seem to know what I was talking about. It was at this point I realized that I was talking to an HR screener. The conversation was awkward from this point on as I struggled to attempt to guess what might be on the piece of paper as The Right Answer. Needless to say I didn't hear back. Was I what they were looking for? Maybe, maybe not. But I was screened out before either of us could find out. Just as well, I'm much happier where I am now. :-) Finding good interview questions *in general* isn't all that hard. With a good senior candidate my interview questions could just be bringing up problems I've recently solved or am currently wrestling with, and having a 30 minute conversation on the problem. I'll get a very good idea of someone's domain knowledge and problem-solving skills by doing that. But there's no way I can ask HR to do that, because they don't know how to assess the answer, and as previously demonstrated (fragmented disks, indeed), you can't have HR act as scribe and relay the answer to you, because they'll get it wrong, and the interesting bit is the *conversation*, not the canned single-shot answer. Definitely. I like the describe difference between UDP/TCP question. Another fave of mine is Give me a list of various acronyms and its associated port and give them HTTP/80 as an example. Many interviews end shortly after this one. That's my motivation for asking a question as inane as What does TCP stand for? -- it has an overwhelmingly obvious answer that can be verified in a second or two by someone who really doesn't know anything about what they're asking. Give a candidate 10 of those sorts of questions over the phone from an HR drone, if they score 8-or-better (for instance) they pass and you get to see their resume. That is, of course, assuming your organisation is so screwed up that they won't let you at candidates directly (which is still my preferred option -- leave HR to do the paperwork). +1
Re: DNS poisoning at Google?
The fun part will be figuring out how it got there. :) Sent from my iPhone On Jun 27, 2012, at 12:06 AM, Matthew Black matthew.bl...@csulb.edu wrote: We found the aberrant .htaccess file and have removed it. What a mess! matthew black information technology services california state university, long beach From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: Tuesday, June 26, 2012 11:02 PM To: Matthew Black; nanog@nanog.org Cc: Jeremy Hanmer Subject: Re: DNS poisoning at Google? It also redirects with facebook, youtube, and ebay but NOT amazon. -Grant On Wed, Jun 27, 2012 at 12:57 AM, Matthew Black matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edu wrote: Our web lead was able to run curl. Thanks. matthew black information technology services california state university, long beach From: Grant Ridder [mailto:shortdudey...@gmail.commailto:shortdudey...@gmail.com] Sent: Tuesday, June 26, 2012 10:53 PM To: Matthew Black Cc: Landon Stewart; nanog@nanog.orgmailto:nanog@nanog.org; Jeremy Hanmer Subject: Re: DNS poisoning at Google? Matt, what happens you get on a subnet that can access the webservers directly and bypass the load balancer. Try curl then and see if its something w/ the webserver or load balancer. -Grant On Wed, Jun 27, 2012 at 12:40 AM, Matthew Black matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edu wrote: Thanks again to everyone who helped. I didn't know what to enter with curl, because Outlook clobbered the line breaks in Jeremy's original message. Also, curl failed on our primary webserver because of firewall and load balancer magic settings. The Telnet method worked better! Our team is now scouring for that hidden redirect to couchtarts. matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.netmailto:lstew...@superb.net] Sent: Tuesday, June 26, 2012 10:37 PM To: Matthew Black Cc: Jeremy Hanmer; nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? There is definitely a 301 redirect. $ curl -I --referer http://www.google.com/ http://www.csulb.edu/ HTTP/1.1http://www.csulb.edu/%0d%0aHTTP/1.1 301 Moved Permanently Date: Wed, 27 Jun 2012 05:36:31 GMT Server: Apache/2.0.63 Location: http://www.couchtarts.com/media.php Connection: close Content-Type: text/html; charset=iso-8859-1 On 26 June 2012 22:05, Matthew Black matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edu wrote: Google Webtools reports a problem with our HOMEPAGE /. That page is not redirecting anywhere. They also report problems with some 48 other primary sites, none of which redirect to the offending couchtarts. matthew black information technology services california state university, long beach -Original Message- From: Jeremy Hanmer [mailto:jeremy.han...@dreamhost.commailto:jeremy.han...@dreamhost.commailto:jeremy.han...@dreamhost.commailto:jeremy.han...@dreamhost.com] Sent: Tuesday, June 26, 2012 9:58 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? It's not DNS. If you're sure there's no htaccess files in place, check your content (even that stored in a database) for anything that might be altering data based on referrer. This simple test shows what I mean: Airy:~ user$ curl -e 'http://google.com' csulb.eduhttp://csulb.eduhttp://csulb.edu !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title301 Moved Permanently/title /headbody h1Moved Permanently/h1 pThe document has moved a href=http://www.couchtarts.com/media.php;here/a./p /body/html Running curl without the -e argument gives the proper site contents. On Jun 26, 2012, at 9:24 PM, Matthew Black matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edumailto:matthew.bl...@csulb.edu wrote: Running Apache on three Solaris webservers behind a load balancer. No MS Windows! Not sure how malicious software could get between our load balancer and Unix servers. Thanks for the tip! matthew black information technology services california state university, long beach From: Landon Stewart [mailto:lstew...@superb.netmailto:lstew...@superb.netmailto:lstew...@superb.netmailto:lstew...@superb.net] Sent: Tuesday, June 26, 2012 9:07 PM To: Matthew Black Cc: nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: DNS poisoning at Google? Is it possible that some malicious software is listening and injecting a redirect on the wire? We've seen this before with a Windows machine being infected. On 26 June 2012 20:53, Matthew Black
Re: DNS poisoning at Google?
On Wed, Jun 27, 2012 at 9:48 AM, Matthew Black matthew.bl...@csulb.edu wrote: Yes, we did that and also noted the username and IP address from where the FTP upload originated. It came from an FTP upload? Why I outta ... ;-)
Re: EBAY and AMAZON
Yup. They hope that the message contents are a coincidence and scare you into seeing (i.e. clicking on..) what's it's about. This happened to me a few years ago where I changed my ebay password, and about 30 minutes later got a phishing email that my password change failed. So I clicked the link and re-did it. As soon as I clicked on the submit button I noticed that the URl I was forwarded to was to some server in Russia. /facepalm. I went and sheepishly changed my ebay password AGAIN that very moment, with a bit of awe towards the clever con I had fallen into. Luckily I noticed. But how many others didn't? -B On Mon, Jun 11, 2012 at 11:07 AM, Scott Brim scott.b...@gmail.com wrote: I think it's a troll, trying to shock you into clicking on something. On Mon, Jun 11, 2012 at 2:05 PM, Nick Olsen n...@flhsi.com wrote: I think it might just be coincidence. I've gotten about 10 of them and haven't been to ebay or amazon in months. Most of them have been for 60 dollar books. Nick Olsen Network Operations (855) FLSPEED x106 From: Brandt, Ralph ralph.bra...@pateam.com Sent: Monday, June 11, 2012 1:28 PM To: nanog@nanog.org Subject: EBAY and AMAZON I have received bogus emails from both of the above on Friday. These look like I bought something that in both cases I did not buy. The EBAY was a golf club for $887 and the Amazon was a novel for $82, far more than I would have spent on either. I think I looked at the novel on Amazon and I remember the golf club came up on a search with something else on Ebay. How this information could get to someone spoofing is a little disconcerting. I have changed EBAY and Paypal Passwords as instructed. Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email ralph.bra...@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
Re: ipv6 book recommendations?
On Tue, Jun 5, 2012 at 7:29 AM, David Hubbard dhubb...@dino.hostasaurus.com wrote: Does anyone have suggestions on good books to really get a thorough understanding of v6, subnetting, security practices, etc. Or a few books. Just turned up dual stack with our peers and a test network but I'd like to be a lot more comfortable with it before looking at our customer network. Network Warrior. Sounds a bit silly since it's a bit of an overview of lots of different things, however it's chapters on IPV6 get right to the point and helped clear up a lot of things for me. -B
Re: test-ipv6.com / omgipv6day.com down
's/net/com' On Mon, Jun 4, 2012 at 5:15 PM, Mark Andrews ma...@isc.org wrote: In message c8343920-c2bc-4e2d-bd1f-df1268486...@delong.com, Owen DeLong writes: http://ipv6chicken.net Owen doesn't exist. ; DiG 9.9.1 ipv6chicken.net ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 5059 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ipv6chicken.net. IN A ;; AUTHORITY SECTION: net. 879 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1338855235 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Jun 5 10:14:40 2012 ;; MSG SIZE rcvd: 117 On Jun 4, 2012, at 4:54 PM, Mark Andrews wrote: What's really needed is a service that looks up a given web page over IPv6 from behind a 1280 byte MTU link and reports if all the elements load or not. It dumps a list of elements with success/fail. This would be useful to send the idiots that block ICMPv6 PTB yet send packets bigger than 1280 bytes out too. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: fiber cut in California?
Yes. There was a fiber cut. Apparently a construction crew was doing some boring and went through some cables. Sent from my iPhone On Apr 19, 2012, at 2:58 PM, Brandon Applegate bran...@burn.net wrote: On Thu, 19 Apr 2012, Greg Olson wrote: Anyone hear of a fiber cut in California today? I have a customer complaint about degraded performance to a site in China and the path appears to exit Qwest to China Netcom in the LA area. Also this thread on outages: https://puck.nether.net/pipermail/outages/2012-April/003844.html I tried calling Qwest (sorry, Centurylink) NOC/support and there was a preemptive recording basically saying there was a huge outage and that hold times may be long. I had to hang up before they came on to deal with some other things though. -- Brandon Applegate - CCIE 10273 PGP Key fingerprint: 8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739 SH1-0151. This is the serial number, of our orbital gun.
Re: WW: Colo Vending Machine
On Fri, Feb 17, 2012 at 10:40 AM, Jonathan Lassoff j...@thejof.com wrote: On Fri, Feb 17, 2012 at 10:35 AM, Jay Ashworth j...@baylink.com wrote: Please post your top 3 favorite components/parts you'd like to see in a vending machine at your colo; please be as specific as possible; don't let vendor specificity scare you off. This is a riot! I'd love to have something like this at facilities I'm in. Some useful stuff that comes to mind: - Rack screws of various common sizes and threadings - SFPs, GBICs, etc. - Rollover cable / DE-9-8P8P adapter - Screwdrivers - Cross-over Ethernet, patch cables - zip ties, velcro tape, etc. - Label tape HAHA! Great list. Add to this Cable Tester Thumb Drive RJ45s RJ45 crimper Box knife LED flashlights Blank CDs/DVDs
Re: WW: Colo Vending Machine
On Fri, Feb 17, 2012 at 10:55 AM, Leo Bicknell bickn...@ufp.org wrote: In a message written on Fri, Feb 17, 2012 at 01:35:15PM -0500, Jay Ashworth wrote: Please post your top 3 favorite components/parts you'd like to see in a vending machine at your colo; please be as specific as possible; don't let vendor specificity scare you off. USB-Serial adapters. Preferably selected so they are driverless on both OSX and Windows. :) The trick is to look for one that works on OpenBSD. If it works there, it will work on Windows, Mac, and Linux. YMMV. :-)
Re: time sink 42
On Thu, Feb 16, 2012 at 1:30 PM, Ricky Beam jfb...@gmail.com wrote: On Thu, 16 Feb 2012 16:18:42 -0500, Mike Lyon mike.l...@gmail.com wrote: If they are Dell servers, you could always name each host in their BIOS so it shows up on the display of the host. I did that with a batch of sun v20z's... when they got to the colo, no one knew which was which until they're powered and the service processor is fully booted. (a process that takes several minutes) By then, they've been racked in the wrong racks and in the wrong order. :-( Of course, I've done that to myself as well... pull a stack of machines and forget what order they were in :-) And watch for the removable faceplates. We've been bitten before after a server move by rebooting a server that had the correct label but the wrong faceplate. Now we label the faceplate as well as underneath of it too. :-) -B
Re: How long is your rack?
On Sun, Aug 14, 2011 at 1:49 PM, Lyndon Nerenberg (VE6BBM/VE7TFX) lyn...@orthanc.ca wrote: I hope someone will explain the operational relevance of this ... Sun V100 FreeBSD firewall/border gateway Sun V100 Plan 9 kernel porting test bed Sun V100 OpenBSD build/test/port box Intel 8-core Solaris fileserver and zones host AMDx4 Random OS workstation crash box Epia-EK Plan 9 terminal MacBook x Snow Leopard build/test host Intel-mumble-ITX Win2K8.2 development host Supermicro XLS7A Plan 9 File server Supermicro XLS7A Plan 9 CPU/Auth server Sun V100 Oracle (blech) new-Solaris test/porting box Sun V100 crashbox for *BSD firewall failover tests Sun V100 *BSD ham radio stuff, plus Plan9 terminal kernal testing. OK, you've piqued my interest. What use have you found for Plan 9? -B
Re: Barracuda Networks is at it again: Any Suggestions as to an Alternative?
As do some states with automotive registration. It's a quite normal practice. -B On Apr 9, 2011, at 12:19 AM, Jeffrey Lyon jeffrey.l...@blacklotus.net wrote: Juniper does this also. Jeff On Fri, Apr 8, 2011 at 11:51 PM, John Palmer (NANOG Acct) nan...@adns.net wrote: OK, its been a year since my Barracuda subscription expired. The unit still stops some spam. I figured that I would go and see what they would do if I tried to renew my subscription EXACTLY one year after it expired. Would their renewal website say Oh, you are at your anniversary date, and renew me for a year? No such luck: They want me to PAY FOR AN ENTIRE YEAR for which I did NOT receive service and then for the current (upcoming year). Sorry - I don't allow myself to be ripped off like that. Sorry Barracuda - you get no money from me and I'll tell everyone I know about this policy of yours. I posted an article about this unscrupulous practice on my blog last year at http://www.john-palmer.net/wordpress/?p=46 My question is - does anyone have any suggestions for another e-mail appliance like the Barracuda Spam Firewall that doesn't try to charge their customers for time not used. I should be able to shut off the unit for a year or whatever and simply renew from the point that I re-activate the unit instead of having to pay for back-years that I didn't use. Thanks -- Jeffrey Lyon, Leadership Team jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Re: IPv4 Address Exhaustion Effects on the Earth
On Fri, Apr 1, 2011 at 8:30 PM, Robert Bonomi bon...@mail.r-bonomi.com wrote: Date: Sat, 02 Apr 2011 04:18:00 +0200 From: Alexander Maassen outsi...@scarynet.org Subject: Re: IPv4 Address Exhaustion Effects on the Earth wil, maybe after all this time you got the router, it gained 7lbs of all the dust in it ? Consider what happens if the carrier encounters a route reflector -- flipping the bird?? Also how port mirrors will cause a collision and the bird will die.
Re: so big earthquake in JP
On Thu, Mar 10, 2011 at 10:19 PM, Tomoya Yoshida yosh...@nttv6.jp wrote: Japan had so big terrible earthquake How big? I see reports of Tokyo, was Kyoto affected?
Re: Alleged backdoor in OpenBSD's IPSEC implementation.
On Wed, Dec 15, 2010 at 10:20 AM, Mike. the.li...@mgm51.com wrote: On 12/15/2010 at 9:17 AM Ben wrote: |On Wed, Dec 15, 2010 at 9:00 AM, Stefan Fouant |sfou...@shortestpathfirst.net wrote: | | -Original Message- | From: mikea [mailto:mi...@mikea.ath.cx] | Sent: Wednesday, December 15, 2010 8:28 AM | To: nanog@nanog.org | Subject: Re: Alleged backdoor in OpenBSD's IPSEC implementation. [snip] = Another relevant comment from the OpenBSD tech mailing list: http://www.marc.info/?l=openbsd-techm=129237675106730w=2 Also, the original sender of the email confirms he sent it. Also mentions PF as a target in the follow-up. http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd Anyone know the trustworthy-ness of 'csoonline'? -Bryan
Re: Only 5x IPv4 ... WRONG! :)
In the IPv4 world, people had to deal with the results of their own mistakes. In the IPv6 world, it will be your grandchildren and great-grandchildren who will have to deal with your mistakes and they will thank you for leaving them some real challenges and not trying to engineer away their choices. Nah, they'll be routing their packets over facebook. http://tools.ietf.org/html/rfc5514 -B
Re: Netflow Tool
If you want yours to come with rap videos look at scrutinizer (no I've not ever used it) http://www.youtube.com/watch?v=uUPkGvdXDIM http://www.youtube.com/watch?v=ilxknbKJ0Pc On Fri, Sep 17, 2010 at 12:45 PM, Scott Berkman sc...@sberkman.net wrote: If you want something scalable and commercial (read: with support) check out these guys, I have been using it for a while and it has tons of features and very flexible reporting (including exports to PDF, CSV, etc): http://www.netflowauditor.com/ They have a free version as well with limits. -Scott -Original Message- From: Mike Gatti [mailto:ekim.it...@gmail.com] Sent: Friday, September 17, 2010 2:50 PM To: nanog@nanog.org Subject: Netflow Tool Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome. Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.it...@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
Re: Monitoring Tools
On Thu, Aug 19, 2010 at 7:37 AM, Scott Berkman sc...@sberkman.net wrote: I'd recommend ZenOSS. -Scott +1 -B
Re: Monitoring Tool
On Mon, Jun 14, 2010 at 9:49 AM, Thorsten Dahm t.d...@resolution.de wrote: Joshua William Klubi wrote: I have been tasked to develop a good network for a Bank and i have also been tasked to get a good monitoring tool for the Bank's local network and Service providers network. i would like to ask the community to help recommend the best tool out there that can help me do this As others pointed out, without additional information it is hard to give you any recommendation. The usual suspects in the open source world would be nagios, cacti, mrtg, netflow, ... in case you want to have something to check it out. I like Zenoss. It's like nagios and cacti. It also does syslog, and the enterprise version does netflows as well.
Re: XO Communications rDNS
Call their tech support line. You can either just give them the name you want the rDNS to have or have them delegate the range to you. I've done both with them in the past and tech support was able to handle it. -Bryan On Wed, Apr 7, 2010 at 11:50 AM, Jeroen van Aart jer...@mompl.net wrote: I manage some IP space that's provided by an ISP but is owned by XO. I am trying to have rDNS configured but their contact email (ipad...@eng.xo.com) in the whois does not grace me with a response (yet). Does anyone know if there is a way to get this done or should I just not bother and live with it? Thanks, Jeroen
Re: Books for the NOC guys...
On Fri, Apr 2, 2010 at 6:02 AM, Express Web Systems mailingli...@expresswebsystems.com wrote: So, what are you having your up-and-coming NOC staff read? While not specifically a NOC book, we find that it lays a great foundation to build from (if, perhaps, a bit basic in certain areas): Network Warrior by Gary A. Donahue http://www.amazon.com/Network-Warrior-Everything-need-wasnt/dp/0596101511/ This is a great book with an easy to read style. +1 Network Warrior. -B
Re: Books for the NOC guys...
On Fri, Apr 2, 2010 at 10:53 AM, Chris Adams cmad...@hiwaay.net wrote: Once upon a time, Michael Thomas m...@mtcc.com said: All true, but I'd still say there's a special rung in hell for bad perl. Ehh, bad perl is still more readable than good APL. At least I can reformat the perl! :-) In my experience bad perl usually consists of using system() a lot to run shell commands and read the input. Creative well-written perl, now there's something unreadable and unmaintainable! :-) -B
Re: YouTube AS36561 began announcing 1.0.0.0/8
On Fri, Mar 12, 2010 at 1:34 PM, Kevin Loch kl...@kl.net wrote: Axel Morawietz wrote: Am 12.03.2010 17:03, schrieb Nathan: [...] Its amazing how prolific 1.x traffic is. one reason might also be, that at least T-Mobile Germany uses 1.2.3.* for their proxies that deliver the content to mobile phones. And I'm not sure what they are doing when they are going to receive this route from external. ;) If 1.0.0.0/8 has been widely used as de-facto rfc1918 for many years, perhaps it is time to update rfc1918 to reflect this? Cisco has an interesting write-up on this: http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_10-3/103_awkward.html
Re: Need advise for a linux firewall
On Thu, Mar 11, 2010 at 11:26 AM, Abdul Nazeer voipu...@optonline.net wrote: On 03/11/2010 11:22 AM, gordon b slater wrote: On Thu, 2010-03-11 at 11:00 -0500, Abdul Nazeer wrote: iptables, but if anyone has any other suggestion, I'd love to hear it. PFsense, (being freeBSD-based, comes under your other category) It uses the OpenBSD-based pf firewall, with a web-based GUI for almost everything (except maybe console resets). works for me in several locations, some `heavy and high`. Looks interesting. Will give it a shot, thanks! Great new book on pfsense as well. http://www.reedmedia.net/books/pfsense/
Re: Problem from Comcast Network to The Planet
On Fri, Mar 5, 2010 at 1:33 PM, Zachary Frederick zcfreder...@gmail.com wrote: We have been having a problem emailing to a customer whose server is hosted by The Planet (http://www.theplanet.com/). Our mail server is hosted in-house on a comcast business connection. IP address of our server is: 173.13.45.23 Customers mail server is: 69.93.203.243 I cannot telnet to port 25 on their server, and they cannot telnet to port 25 on ours. If I try to connect to their mail server from a different network such as my home internet connection, I can connect. We do not do any firewalling that would block this in anyway. We were able to send and receive email to them when we used Qwest for our connection, before we switched to Comcast. Comcast has said the problem is not on their end because it times out at The Planet. The Planet doesn't have much interest in speaking with me, because I'm not their customer. Not sure what to do at this point. Can you hit the submission port? (587) -Bryan
Re: My email recived in incorrect date by hotmail
On Wed, Mar 3, 2010 at 11:37 AM, Jorge Amodio jmamo...@gmail.com wrote: By the virtue of CCITT X.666 Hyperspace Transport Protocol your messages have been transported within different space-time coordinates, best guess check your PC Real Time Clock. When working with timezones I always find it best to refer to RFC 2324 3 or 4 times, before reaching any conclusion. -Bryan
Re: lt2p/pptp vpn concentrators
On Wed, Mar 3, 2010 at 11:52 AM, Leslie les...@craigslist.org wrote: Hey - We're currently looking for a small lt2p/pptp concentrator, mainly so people can connect via their iphones/androids with some vpn client to get email on the go. Does anyone have any boxes that they love/hate? Soekris with a copy of pfsense on it. -B
Re: lt2p/pptp vpn concentrators
I know someone who's run an OS X server VPN for years without issue. On Wed, Mar 3, 2010 at 11:58 AM, Leslie les...@craigslist.org wrote: I didn't realize that os x server can run this - and pretty much anyone can set up os x in 5 seconds -- anyone have any horror stories? Bryan Irvine wrote: On Wed, Mar 3, 2010 at 11:52 AM, Leslie les...@craigslist.org wrote: Hey - We're currently looking for a small lt2p/pptp concentrator, mainly so people can connect via their iphones/androids with some vpn client to get email on the go. Does anyone have any boxes that they love/hate? Soekris with a copy of pfsense on it. -B
Re: Linux Router distro's with dual stack capability
would pfsense work for you? On Wed, Feb 10, 2010 at 4:12 PM, Blake Pfankuch bpfank...@cpgreeley.com wrote: Anyone have some insight on a good dual stack Linux (or BSD) router distro? Currently using IPCop but it lacks ipv6 support. I've used SmoothWall Express but not in some time and not sure how well it works with IPv6. Not looking for something huge, just something for the equivalent of a small branch office. Site to Site VPN support and NAT translation capability for a few public IP addresses to private addresses are the only requirements. Public or private responses are welcome! Thanks! Blake Pfankuch Network Engineer
