advice dealing with clean-mx
hello I've lurked on this list for a while - I have an issue that I need help with. I work for a company that does fraud detection we host our servers on physica hardware in managed hosting datacenters (softlayer, hertzer, coresites, etc). Recently we were flagged for malware buy clean-mx. It was the IP of an haproxy loadbalancer. I followed up by following the link to clean-mx. It looked as if the score was based upon information from the following sites: http://www.malwaredomainlist.com https://www.virustotal.com http://urlquery.net When I checked the ip in question against these sites all the checks passed exceptfor one - fortinet. And fortinet indicated that it was an unknown signature - not specifically malware. So it appeared clean. I am hesitant to deal directly with clean-mx as we do not have any existing relationship and frankly a google search turns up many horror stories. I am mindful that these may be the 'stories' of frustrated fraudsters. I honestly do not know how to evaluate this situation. If clean-mx is legit then it would make sense to have a relationship with them . If they are not then how does one deal with them? thank you Michael -- Michael Bubb +1.646.783.8769 | KD2DTY Resume - http://mbubb.devio.us/res/resume.html *noli timere*
Re: OT - Small DNS appliances for remote offices.
What is your desired cost per unit? Reminds me of needing small pfsense based boxes a few years back. Used this company's hardware: http://www.logicsupply.com/computers/solutions/firewall-networking/ I bet you could get something fairly rugged and low maintenance for $400 or so. On Wed, Feb 18, 2015 at 9:28 AM, Ray Van Dolson rvandol...@esri.com wrote: Hopefully not too far off topic for this list. Am looking for options to deploy DNS caching resolvers at remote locations where there may only be minimal infrastructure (FW and Cisco equipment) and limited options for installing a noisier, more power hugnry servers or appliances from a vendor. Stuff like Infoblox is too expensive. We're BIND-based and leaning to stick that way, but open to other options if they present themselves. Am considering the Soekris net6501-50. I can dump a Linux image on there with our DNS config, indudstrial grade design, and OK performance. If the thing fails, clients will hopefully not notice due to anycast which will just hit another DNS server somewhere else on the network albeit with additional latency. We ship out a replacement device rather than mucking with trying to repair. There's also stuff like this[1] which probably gives me more horsepower on my CPU, but maybe not as reliable. Maybe I'm overengineering this. What do others do at smaller remote sites? Also considering putting resolvers only at hub locations in our MPLS network based on some latency-based radius. Ray [1] http://www.newegg.com/Mini-Booksize-Barebone-PCs/SubCategory/ID-309 -- Michael Bubb +1.646.783.8769 | KD2DTY Resume - http://mbubb.devio.us/res/resume.html *noli timere*
RE: Cogent outage?
We got a notice from Internap a few hours ago: At approximately 12:10 EST Internap shut down the BGP session with Cogent as we were widespread packet loss issues through their network out of our New York (NYM) PNAP. We are contacting Cogent to see if they are aware of what the issue is. They have not as yet updated this yrs Michael -- Michael Bubb +1.646.783.8769 https://www.google.com/profiles/michael.bubb The first principle is that you must not fool yourself--and you are the easiest person to fool. - Richard Feynman All things are a flowing, Sage Heraclitus says; But a tawdry cheapness Shall reign throughout our days. - Pound
Re: Cogent outage?
Internap just updated: Cogent has said that the issue they were having has been resolved. Internap's BGP session was turned back up at approximately 15:45 EST and traffic has been stable since that time. On Thu, Dec 6, 2012 at 4:36 PM, Blair Trosper blair.tros...@gmail.comwrote: We've seen BGP resets on our servers in Tampa...with Cogent no longer being the preferred route for outgoing traffic. The preferred path from out DC is now through Hurricane (AS6939). Blair Trosper Updraft Networks LEARN (North Texas GigaPOP) On Thu, Dec 6, 2012 at 3:09 PM, Michael Bubb michael.b...@gmail.comwrote: We got a notice from Internap a few hours ago: At approximately 12:10 EST Internap shut down the BGP session with Cogent as we were widespread packet loss issues through their network out of our New York (NYM) PNAP. We are contacting Cogent to see if they are aware of what the issue is. They have not as yet updated this yrs Michael -- Michael Bubb +1.646.783.8769 https://www.google.com/profiles/michael.bubb The first principle is that you must not fool yourself--and you are the easiest person to fool. - Richard Feynman All things are a flowing, Sage Heraclitus says; But a tawdry cheapness Shall reign throughout our days. - Pound -- Michael Bubb +1.646.783.8769 https://www.google.com/profiles/michael.bubb The first principle is that you must not fool yourself--and you are the easiest person to fool. - Richard Feynman All things are a flowing, Sage Heraclitus says; But a tawdry cheapness Shall reign throughout our days. - Pound