Re: Iran cuts 95% of Internet traffic

2019-11-18 Thread Scott Fisher 
One would hope so, but I am I sure they will just threaten their
population on using it. Tyrannical regimes know no bounds.

Thanks,
Scott Fisher
Team Cymru

On 11/18/19 2:26 PM, Tony Wicks wrote:
>>Implementation specifics vary. Most rely on state control of consumer
> ISPs and implement a variety of systems at that layer. Many also have
> chokepoints for >international connectivity as well.
> 
>  
> 
> I guess all these governments who like to control access so tightly are
> going to be in a total tailspin over Starlink eh.
> 
>  
> 
>  
> 
>  
> 



signature.asc
Description: OpenPGP digital signature

Re: Target stores down

2019-06-17 Thread Scott Fisher 
Check the date on this:
https://amp.usatoday.com/amp/10563581?__twitter_impression=true

Could it be they had an expired cert?

Thanks,
Scott Fisher

On 6/15/19 7:49 PM, frnk...@iname.com wrote:
> According to the news, sales associates can complete transactions using
> their (very small) handheld units.
> 
> Frank
> 
> -Original Message-
> From: NANOG  On Behalf Of Jared Mauch
> Sent: Saturday, June 15, 2019 4:27 PM
> To: Andy Ringsmuth 
> Cc: NANOG 
> Subject: Re: Target stores down
> 
> I know what I was told and what I observed in store.
> 
> They said network issue but it looked more like application/database issue.
> 
> When they would Scan an item it would not stay scanned. It would delete
> itself and provide an error (likely when it was recording the inventory
> debit)
> 
> They would then manually enter the price and if it was taxable or not.
> 
> It impacted all their POS terminals. Sometimes it would scan and sometimes
> not.
> 
> There is a mini story here about workflow and software improvement for this
> exception path handling. Either way. Looked more like database and other
> software issue than actual network issue.
> 
> Expect inventory to be messed up for a few weeks as a result.
> 
> Sent from my iCar
> 
>> On Jun 15, 2019, at 4:04 PM, Andy Ringsmuth  wrote:
>>
>> Curious if anyone knows what happened (or is still happening) with the
> global outage of POS systems at Target stores.
>>
>> 
>> Andy Ringsmuth
>> 5609 Harding Drive
>> Lincoln, NE 68521-5831
>> (402) 304-0083
>> a...@andyring.com
> 
>

Re: Should Netflix and Hulu give you emergency alerts?

2019-03-11 Thread Scott Fisher 
It would be nice if someone from the E911 space could add their 2cents
on this. Anyone from Intrado/West-Corp on the list?

Thanks,
Scott

On 3/11/19 1:53 PM, Sean Donelan wrote:
> On Mon, 11 Mar 2019, William Herrin wrote:
>> My cell phone woke me up in the middle of the night during a recent
>> landline
>> outage because the county felt the need to let me know that I wouldn't be
>> able to call 911 if, you know, I happened to need to call 911. Thanks
>> guys.
>> Thanks a lot. And I can't block their messages. That's a problem.
> 
> 1. VOIP, telcos and network operators have recurring 9-1-1 issues. 
> There has been multiple, multi-state 9-1-1 outages in the last few
> years. VOIP, telcos and network operators don't seem to have coherent
> plans how to handle multi-state 9-1-1 outages.  Don't worry, the FCC has
> their "best people" looking into it, again.
> 
> 2. Because that was something "that will never happen," there was no
> plan how to alert cellular subscribers.  In fact, the "TOE," Telephone
> Outage Emergency code for 9-1-1 outages is blocked from WEA cell phones.
> 
> 3. Since there is no multi-state plan and the official emergency alert
> code, TOE, is blocked from WEA; county emergency managers overrode the
> emergency alert system and used the "extreme alert" message instead.
> 
> Can you spot the multiple planning and operating flaws?
> 
> ===
> 
> In the U.S., you can always block all state/local emergency alerts,
> including "extreme alerts," on your cell phone. The downside is that
> opts-out of *ALL* state, local, weather, etc. emergency alerts, except
> national/presidential emergencies.
> 
> Canada doesn't allow opting out of emergency alerts by cellular
> subscribers.
> 
> I proposed to the FCC a less severe alert settings for informational
> advisories, which wouldn't set off the WEA alarm on your cell phone. But
> the message would appear, semi-unobtrusively.
> 
> BTW, it would make more sense for VOIP and Telco 9-1-1 operators to have
> a plan to notify people at the time they dial 9-1-1 it isn't working.
> But since 9-1-1 "never fails," they don't seem to want to have a plan.
>

Re: Time to add 2002::/16 to bogon filters?

2018-07-06 Thread Scott Fisher 
Youssef & all,

My team will investigate this and get back to the list on what we are
going to do.

Thanks,
Scott Fisher
Systems Engineer
Team Cymru


On 6/28/18 3:11 PM, Youssef Bengelloun-Zahr wrote:
> Hello Job,
> 
> Thank you for this feedback. I guess that NTT adopting this as a best 
> practice will ring some bells around.
> 
> Do you know if Team Cymru has updated their filters accordingly ?
> 
> Best regards.
> 
> 
> 
>> Le 28 juin 2018 à 20:58, Job Snijders  a écrit :
>>
>> Dear alll,
>>
>> Thank you all for your input. Just a heads-up - we deployed a few days ago.
>>
>> NTT / AS 2914 now considers “2002::/16 le 128” and “192.88.99.0/24 le 32”
>> to be bogon prefixes, and no longer accepts announcements for these
>> destinations from any EBGP neighbor.
>>
>> Kind regards,
>>
>> Job



signature.asc
Description: OpenPGP digital signature

Re: Spiffy Netflow tools?

2018-03-13 Thread Scott Fisher 
Mike,

All of the architecture's listed are pretty good. Nfsen is great if you
have multiple routers exporting various netflow versions with a single
daemon, but its a bit older and not as pretty/quick as something using
elastic.

Team Cymru has a netflow analyzer that matches your netflow data to
known 'bad IPs'. http://www.team-cymru.org/Flow-Sonar.html


Thanks,
Scott

Thanks,
Scott

On 3/12/18 7:24 PM, mike.l...@gmail.com wrote:
> Howdy!
> 
> Checking out various Netflow tools and wanted to see what others are using? 
> 
> Kentik is cool. Are they the only SaaS based flow digester? I don’t seem to 
> see any others.
> 
> Also curious about on-prem solutions as well.
> 
> Thanks!
> Mike
>

Re: Email to text - vtext.com blacklisting ip

2016-08-17 Thread Scott Fisher 
This subject pops up every 6 months and it's a problem that can be solved
100 ways. One way we did it at Team Cymru was install a foxbox sms gateway
in our datacenter. It was a pain to get working, (mainly due to some
miscommunication with the Italian support team), but one we got past a few
problems it works flawlessly for all alerts. If alerts are unack'd for a
specific amount of time, escalation alerts go out via email-to-sms AND SMS
to a broader group to ensure someone gets the message.

Thanks,
Scott

On Wed, Aug 17, 2016 at 5:31 AM, Dovid Bender  wrote:

> We use Zang.io and are very happy. Be careful when using long codes (10
> digit numbers) as if you send too many messages out in a day (500+) the
> larger carriers such as Verizon will start blocking you. As Jeff mentioned
> if your monitoring tool is onsite and the internet goes down then it's
> worthless. In our case it's in another DC so if everything goes down we
> still get alerts. You can also try twilio and telnyx.
>
>
> On Tue, Aug 16, 2016 at 7:33 PM, Sam Norris 
> wrote:
>
> > Same boat...  We are sending messages to phonenum...@vtext.com and
> getting
> > bouncebacks or lost items.  I assume its because some limits are now
> being
> > put
> > into place.  We are a Verizon subscriber so I am paying, it is not a free
> > service.  But  I am totally up for paid services if you can recommend
> > some
> > that will reliably get us texts to our verizon phones.
> >
> > Sam
> >
> >
> > > -Original Message-
> > > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ryan,
> Spencer
> > > Sent: Tuesday, August 16, 2016 4:17 PM
> > > To: Josh Luthman; Mike
> > > Cc: NANOG list
> > > Subject: RE: Email to text - vtext.com blacklisting ip
> > >
> > > I agree. Pay Pager duty or a SMS gateway with a SLA. Relying on  the
> free
> > service
> > > for anything critical is asking for trouble.
> > >
> > >
> > >
> > > Sent from my Verizon, Samsung Galaxy smartphone
> > >
> > >
> > >  Original message 
> > > From: Josh Luthman 
> > > Date: 8/16/16 6:09 PM (GMT-05:00)
> > > To: Mike 
> > > Cc: NANOG list 
> > > Subject: Re: Email to text - vtext.com blacklisting ip
> > >
> > > If it's critical I'd suggest a service than can depended on...
> > >
> > > Josh Luthman
> > > Office: 937-552-2340
> > > Direct: 937-552-2343
> > > 1100 Wayne St
> > > Suite 1337
> > > Troy, OH 45373
> > >
> > > On Aug 16, 2016 5:45 PM, "Mike"  wrote:
> > >
> > > > Hi,
> > > >
> > > >
> > > > I have a server that monitors my network and issues text messages
> > if
> > > > there are events of note that require human intervention. There is
> some
> > > > process filtering that ensures it also is not able to issue more
> than 1
> > > > alert maximum per 5 minutes, to ensure it doesn't flood pagers with
> > > > messages all screaming the sky is falling when things are not going
> > well.
> > > > Recently however, this server is no longer able to deliver messages
> to
> > > > vtext.com - it gets nothing but 554 errors:
> > > >
> > > >
> > > > telnet 69.78.67.53 25
> > > > Trying 69.78.67.53...
> > > > Connected to 69.78.67.53.
> > > > Escape character is '^]'.
> > > > 554 txslspamp10.vtext.com
> > > > Connection closed by foreign host.
> > > >
> > > > Granted on some days during challenging times it can send 30 or 40
> > > > messages before we get to it and get it squelched / silenced, but
> it's
> > > > otherwise reasonably well behaved IMHO and I don't think we are any
> > heavy
> > > > volume sender. So I am trying to figure out why it's blacklisted then
> > and
> > > > am rolling snake eyes.  If anyone who is an admin for verizon or who
> > has
> > > > any insight to share I'd certainly appreciate it. Email to text is a
> > > > critical function we depend on.
> > > >
> > > >
> > > > Thank you.
> > > >
> > > >
> > > >
> >
> >
>



-- 
Scott

Re: Citrix Sales Reps?

2016-03-23 Thread Scott Fisher 
I have gotten hit up by multiple people at Citrix and have a call scheduled
with the correct Rep. Thanks for all the replies.

On Wed, Mar 23, 2016 at 8:51 AM, Rafael Possamai <raf...@e2wsolutions.com>
wrote:

> I wonder if the actual support service will be the same later on.
>
> *Rafael Possamai*
> Founder & CEO at E2W Solutions
> *office:* (414) 269-6000
> *e-mail:* raf...@e2wsolutions.com
>
>
> On Wed, Mar 23, 2016 at 3:25 AM, Paul Stewart <p...@paulstewart.org>
> wrote:
>
>> You too ?  I gave up ... after calling their local offices, their toll
>> free number, emails, phone calls, etc.
>>
>> -Original Message-
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Scott Fisher
>> Sent: Tuesday, March 22, 2016 1:34 PM
>> To: NANOG list <nanog@nanog.org>
>> Subject: Citrix Sales Reps?
>>
>> I have sent 4 requests to Citrix for pricing questions on XenServer
>> support options and have gotten not a single call back. (Requested via
>> email, form, and calls).
>>
>> Can someone from Citrix please hit me up offlist or can someone direct me
>> to an actual person I can hit up?
>>
>> --
>> Scott
>>
>>
>


-- 
Scott

Citrix Sales Reps?

2016-03-22 Thread Scott Fisher 
I have sent 4 requests to Citrix for pricing questions on XenServer support
options and have gotten not a single call back. (Requested via email, form,
and calls).

Can someone from Citrix please hit me up offlist or can someone direct me
to an actual person I can hit up?

-- 
Scott

Re: Team Cymru BGP bogon status ???

2016-01-31 Thread Scott Fisher 
Hey guys, I am the the Team Lead of the Ops team at Team Cymru.

It looks like we are having issues in one of our datacenters. I am getting
the team involved and hitting up our network engineers as we speak. Stay
tuned.

Thanks,
Scott

On Sun, Jan 31, 2016 at 12:20 PM, Royce Williams 
wrote:

> No direct knowledge, but from comments on another list, it may be
> intermittent.
>
> Jason Fesler of test-ipv6.com reported on Jan 30 2016 at 2:08 PM PST
> that his Team Cymru API connections for ISP ASN and Name checks broke,
> and pushed a workaround to all test nodes.  He then reported at 7:30
> PM PST that they were back up.
>
> Royce
>
> On Sun, Jan 31, 2016 at 7:44 AM, Matthew Huff  wrote:
> > Starting around 7:17 am EST, we lost our IPv4 & IPv6  BGP connections to
> Cymru. We have two connections in both IPv4 and IPv6 on both of our two
> routers. On each router one connection is stuck in active, the other
> providing 0 prefixes. I can’t get to http://www.team-cymru.org from
> either work or home. Anyone know what’s up?
>



-- 
Scott

Re: Team Cymru BGP bogon status ???

2016-01-31 Thread Scott Fisher 
Everyone,

Our site totalhash.cymru.com experienced a DDOS hit and caused our main
route to be null routed by our upstream provider. Things are coming online
but the IP that is being attacked will remain down for the time being.
Reply to this thread with any questions.

Thanks,
Scott

On Sunday, January 31, 2016, Matthew Huff  wrote:

> Traceroute from Verizon Fios
>
>
> macpro:~ mhuff$ traceroute 38.229.66.20
>
> traceroute to 38.229.66.20 (38.229.66.20), 64 hops max, 52 byte packets
>
>  1  firewall (10.1.1.1)  0.444 ms  0.191 ms  0.234 ms
>
>  2  lo0-100.nycmny-vfttp-369.verizon-gni.net<
> http://lo0-100.nycmny-vfttp-369.verizon-gni.net> (96.246.46.1)  58.317
> ms  48.413 ms  67.140 ms
>
>  3  t0-8-0-0.nycmny-lcr-21.verizon-gni.net<
> http://t0-8-0-0.nycmny-lcr-21.verizon-gni.net> (130.81.16.100)  62.175
> ms  63.223 ms
>
> t0-8-0-0.nycmny-lcr-22.verizon-gni.net<
> http://t0-8-0-0.nycmny-lcr-22.verizon-gni.net> (130.81.16.102)  37.320 ms
>
>  4  * * *
>
>  5  0.ae2.br2.nyc4.alter.net
> (140.222.229.93)  18.697 ms
>
> 0.ae3.br2.nyc4.alter.net
> (140.222.231.133)  3.791 ms
>
> 0.ae1.br2.nyc4.alter.net
> (140.222.229.91)  2.985 ms
>
>  6  204.255.168.110 (204.255.168.110)  12.558 ms  14.904 ms  17.009 ms
>
>  7  be2060.ccr41.jfk02.atlas.cogentco.com<
> http://ccr41.jfk02.atlas.cogentco.com> (154.54.31.9)  17.248 ms  21.324
> ms  16.526 ms
>
>  8  * * *
>
>  9  * * *
>
> 10  * * *
>
> 11  * * *
>
> 12  * * *
>
> 13  * * *
>
> 14  * * *
>
> 15  * * *
>
> 16  * * *
>
> 17  * * *
>
> 18  * * *
>
> 19  * * *
>
>
> Traceroute via Lightpath
>
>
> [root@burr ~]# traceroute -I 38.229.66.20
>
> traceroute to 38.229.66.20 (38.229.66.20), 30 hops max, 60 byte packets
>
>  1  switch-core1.ox.com (129.77.108.252)
> 0.376 ms  0.385 ms  0.432 ms
>
>  2  switch-user2.ox.com (129.77.154.249)
> 0.424 ms  0.539 ms  0.571 ms
>
>  3  rtr-inet1.ox.com (129.77.1.253)  0.480 ms
> 0.484 ms  0.488 ms
>
>  4  189d20f9.cst.lightpath.net
> (24.157.32.249)  4.875 ms  4.952 ms  4.956 ms
>
>  5  18267502.cst.lightpath.net
> (24.38.117.2)  4.951 ms  4.962 ms  4.963 ms
>
>  6  hunt183-146.optonline.net
> (167.206.183.146)  5.843 ms  5.625 ms  5.613 ms
>
>  7  * * *
>
>  8  be3030.ccr21.jfk04.atlas.cogentco.com<
> http://ccr21.jfk04.atlas.cogentco.com> (154.54.11.249)  8.945 ms  9.234
> ms  9.816 ms
>
>  9  be2324.ccr41.jfk02.atlas.cogentco.com<
> http://ccr41.jfk02.atlas.cogentco.com> (154.54.47.17)  6.456 ms  6.534
> ms  6.533 ms
>
> 10  * * *
>
> 11  * * *
>
> 12  * * *
>
> 13  * * *
>
> 14  * * *
>
> 15  * * *
>
> 16  * * *
>
> 17  * * *
>
> 18  * * *
>
> 19  * * *
>
> 20  * * *
>
> 21  * * *
>
> 22  * * *
>
> 23  * * *
>
> 24  * * *
>
> 25  * * *
>
> 26  * * *
>
> 27  * * *
>
> 28  * * *
>
> 29  * * *
>
> 30  * * *
>
> IPv6 vial Lightpath
>
> [root@burr ~]# traceroute -I 2620:0:6b0::26e5:4207
>
> traceroute to 2620:0:6b0::26e5:4207 (2620:0:6b0::26e5:4207), 30 hops max,
> 80 byte packets
>
>  1  switch-core1.ox.com
> (2620:0:2810:16c::fffd)  0.429 ms  0.534 ms  0.612 ms
>
>  2  switch-user2.ox.com
> (2620:0:2810:e002::253)  0.429 ms  0.532 ms  0.643 ms
>
>  3  rtr-inet1.ox.com (2620:0:2810:101::fffd)
> 0.510 ms  0.515 ms  0.518 ms
>
>  4  2607:fda8:8::2 (2607:fda8:8::2)  4.882 ms  4.889 ms  4.892 ms
>
>  5  2607:fda8:2::2c (2607:fda8:2::2c)  71.000 ms  71.011 ms  71.014 ms
>
>  6  2607:fda8:2::85 (2607:fda8:2::85)  5.868 ms  5.837 ms  5.823 ms
>
>  7  * * *
>
>  8  * * *
>
>  9  * * *
>
> 10  * * *
>
> 11  * * *
>
> 12  * * *
>
> 13  * * *
>
> 14  * * *
>
> 15  * * *
>
> 16  * * *
>
> 17  * * *
>
> 18  * * *
>
> 19  * * *
>
> 20  * * *
>
> 21  * * *
>
> 22  * * *
>
> 23  * * *
>
> 24  * * *
>
> 25  * * *
>
> 26  * * *
>
> 27  * * *
>
> 28  * * *
>
> 29  * * *
>
> 30  * * *
>
>
> On Jan 31, 2016, at 11:44 AM, Matthew Huff 
> >> wrote:
>
> Starting around 7:17 am EST, we lost our IPv4 & IPv6  BGP connections to
> Cymru. We have two connections in both IPv4 and IPv6 on both of our two
> routers. On each router one connection is stuck in active, the other
> providing 0 prefixes. I can’t get to http://www.team-cymru.org from
> either work or home. Anyone know what’s up?
>
>

-- 
Scott

Re: Anonymous Threats

2016-01-10 Thread Scott Fisher 
Report it to the authorities and trust that they can handle it,..no matter
how difficult that is. Remember your place that you are just the
admin/operator and not the hero. If they need your help, law enforcement
will ask for it.

Sucks but what would you do if you found his IP address? Go to his house?
No matter what, law enforcement needs to own the problem.

Thanks,
Scott

On Sunday, January 10, 2016, Notmatt Pleaseignore 
wrote:

> I think if the FBI wants your help, they'll let you know.
>
> In the meantime, I would probably avoid anything that looked like you are
> spying on your customers, especially if you are explicitly targeting
> customers who are attempting to anonymize their traffic (for whatever
> reason). No matter how well intentioned. I can see a number of downsides...
>
> But in simple terms, if its Facebook, its HTTPS, and seems you are
> basically done there. Regardless what anonymous transport they use, you
> wouldn't be able to see what they are up to...
> On Jan 10, 2016 6:14 PM, "Josh Reynolds"  > wrote:
>
> > Even if you find somebody running TOR, you can't see inside it. They also
> > could simply be running an exit node, or $reason.
> > On Jan 10, 2016 5:02 PM, "Eric Rogers"  > wrote:
> >
> > > Our local community has recently had threats where the user has a
> > > FaceBook profile and is threatening the schools, and several
> surrounding
> > > schools, saying he is going to shoot everyone and blow them up... This
> > > is an investigation, but it is getting out of hand.  Several police/FBI
> > > raids, but yielded no results, and/or did not catch the right person.
> > > He/she is taunting them, local and federal.
> > >
> > >
> > >
> > > I would ASSUME he is using some sort of proxy/anonymizer such as TOR or
> > > something similar.  Is there any way to sniff for that type of traffic
> > > on my network?  I want to make sure that they are not using us as the
> > > source.
> > >
> > >
> > >
> > > Any thoughts on how to catch this person?  Even if it isn't us, and it
> > > is somewhere else I would like to put a stop to it.  Preferably
> off-list
> > > if you do respond...
> > >
> > >
> > >
> > > Thanks in advance.
> > >
> > >
> > >
> > > Eric Rogers
> > >
> > >
> > >
> > >
> > >
> > > www.pdsconnect.me
> > >
> > > (317) 831-3000 x200
> > >
> > >
> > >
> > >
> >
>


-- 
Scott

Re: SMS gateways

2016-01-07 Thread Scott Fisher 
Does anyone having experience getting this to work on US networks?

http://www.smsfoxbox.it/en/foxbox-lx800-gateway-100.html/

I am interested on getting this working with our Nagios notifications.

On Wed, Jan 6, 2016 at 9:40 PM, John Levine  wrote:
>>Thanks for those pointers. The "mega bill" problem is one I have to avoid. We 
>>used to use ISDN as backup to T1 circuits,
>>but had to abandon that after some wayward fail-overs resulted in $5000 phone 
>>bills. I'll check the plan overage terms
>>carefully!
>
> Sounds like an excellent application for a $10/mo prepaid plan on
> something like Tracfone.  If disaster strikes and you need a lot of
> data one month, you can add extra credit directly from the phone.
>



-- 
Scott

Re: SMS gateways

2016-01-07 Thread Scott Fisher 
I am well aware of email-to-sms, but that is dependant on
links/infrastructure that you are monitoring. (Think of it like having your
Nagios system running on the same hypervisor as your other production gear.
What happens if the hypervisor drops? How would you know?)

The hardware sms gateway allows for true oob notifications.

On Thursday, January 7, 2016, Faisal Imtiaz <fai...@snappytelecom.net>
wrote:

> There are multiple ways to skin this cat !.
>
> No, not familiar with this product...
>
> However..
>
> 1) You know that you can send sms messages via email to pretty much any
> cell phone.
>
> 2) Personal Preference, if I was doing so, I would do it with a small
> mikrotik router + usb cell modem, very inexpensive, especially when
> combined with a M2M plan.
>
> Regards.
>
> Faisal Imtiaz
> Snappy Internet & Telecom
> 7266 SW 48 Street
> Miami, FL 33155
> Tel: 305 663 5518 x 232
>
> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net
>
> - Original Message -
> > From: "Scott Fisher" <littlefish...@gmail.com <javascript:;>>
> > To: "John Levine" <jo...@iecc.com <javascript:;>>
> > Cc: "nanog list" <nanog@nanog.org <javascript:;>>
> > Sent: Thursday, January 7, 2016 3:34:42 PM
> > Subject: Re: SMS gateways
>
> > Does anyone having experience getting this to work on US networks?
> >
> > http://www.smsfoxbox.it/en/foxbox-lx800-gateway-100.html/
> >
> > I am interested on getting this working with our Nagios notifications.
> >
> > On Wed, Jan 6, 2016 at 9:40 PM, John Levine <jo...@iecc.com
> <javascript:;>> wrote:
> >>>Thanks for those pointers. The "mega bill" problem is one I have to
> avoid. We
> >>>used to use ISDN as backup to T1 circuits,
> >>>but had to abandon that after some wayward fail-overs resulted in $5000
> phone
> >>>bills. I'll check the plan overage terms
> >>>carefully!
> >>
> >> Sounds like an excellent application for a $10/mo prepaid plan on
> >> something like Tracfone.  If disaster strikes and you need a lot of
> >> data one month, you can add extra credit directly from the phone.
> >>
> >
> >
> >
> > --
> > Scott
>


-- 
Scott

Re: SMS gateways

2016-01-07 Thread Scott Fisher 
I emailed smsfoxbox support asking about US network support. I am
hoping to hear back soon and I will let you all know the answer.

Thanks,
Scott

On Thu, Jan 7, 2016 at 4:40 PM, David Hubbard
<dhubb...@dino.hostasaurus.com> wrote:
> Scott, I was interested in that as well, it was in my original post.  I’m 
> considering that and the SMSEagle; both are from Europe.  I can’t find too 
> much on them from a real world war stories perspective, but there has been 
> mention of the FoxBox on nanog in years past, so there are some users out 
> there.
>
> I am not going the Microtik+cell modem route that Faisal mentioned in his 
> reply post because the intent is to tie the SMS alerting into other systems 
> using some form of API, and both FoxBox and SMSEagle make that incredibly 
> easy by having a simple http interface for sending texts, or a full API if 
> you need to do two way.  The nagios plugin (and Zabbix too) are super simple 
> since it’s just HTTP POST to send the alerts.
>
> FoxBox claims it will work on Verizon networks because of the 3G support, but 
> that doesn’t leave me with a comfortable feeling, so if we buy in, we’d 
> probably get accounts from a GSM carrier for it, although I can’t find 
> whether or not AT, etc. offer machine accounts, and I would not want to pay 
> $50/mo per device just to send random texts.
>
> I did get an off list reply from someone who let me know that our existing 
> OpenGear devices (cell+ethernet console servers that run linux) have the 
> ability to send SMS using a utility already present in the OS install.  Since 
> we already have those in every location we’d also be putting an SMS gateway, 
> I’m going to investigate if we could put a cgi script or something similar on 
> them to accomplish the same goal with no additional equipment.
>
> David
>
>
>
>
> On 1/7/16, 3:34 PM, "NANOG on behalf of Scott Fisher" 
> <nanog-boun...@nanog.org on behalf of littlefish...@gmail.com> wrote:
>
>>Does anyone having experience getting this to work on US networks?
>>
>>http://www.smsfoxbox.it/en/foxbox-lx800-gateway-100.html/
>>
>>I am interested on getting this working with our Nagios notifications.
>>
>>On Wed, Jan 6, 2016 at 9:40 PM, John Levine <jo...@iecc.com> wrote:
>>>>Thanks for those pointers. The "mega bill" problem is one I have to avoid. 
>>>>We used to use ISDN as backup to T1 circuits,
>>>>but had to abandon that after some wayward fail-overs resulted in $5000 
>>>>phone bills. I'll check the plan overage terms
>>>>carefully!
>>>
>>> Sounds like an excellent application for a $10/mo prepaid plan on
>>> something like Tracfone.  If disaster strikes and you need a lot of
>>> data one month, you can add extra credit directly from the phone.
>>>
>>
>>
>>
>>--
>>Scott



-- 
Scott

Re: Mozilla Cert expired today :P

2015-12-07 Thread Scott Fisher 
Looks fine to me.

On Mon, Dec 7, 2015 at 9:50 AM, Alexander Maassen  wrote:
> Kinda funny and perhaps offtopic, but I noticed the cert for mozilla.org
> expired right before my eyes when checking my plugins.
>



-- 
Scott

Re: Verizon Policy Statement on Net Neutrality

2015-02-27 Thread Scott Fisher 
Funny, but in my honest opinion, unprofessional. Poor PR.

On Fri, Feb 27, 2015 at 9:10 AM, Scott Fisher littlefish...@gmail.com wrote:
 Funny, but in my honest opinion, unprofessional. Poor PR.

 On Fri, Feb 27, 2015 at 9:05 AM, Larry Sheldon larryshel...@cox.net wrote:
 http://publicpolicy.verizon.com/blog/entry/fccs-throwback-thursday-move-imposes-1930s-rules-on-the-internet
 --
 The unique Characteristics of System Administrators:

 The fact that they are infallible; and,

 The fact that they learn from their mistakes.


 Quis custodiet ipsos custodes



 --
 Scott



-- 
Scott

Re: Verizon Policy Statement on Net Neutrality

2015-02-27 Thread Scott Fisher 
I am not arguing that they have a valid complaint. I just think their
method of doing so is a bit childish. It does get the point across,
just not in the method I respect. Just my opinion though.

On Fri, Feb 27, 2015 at 9:50 AM, Rob McEwen r...@invaluement.com wrote:
 Scott Fisher,

 I think Verizon's statement was brilliant, and entirely appropriate. Some
 people are going to have a hard time discovering that being in favor of
 Obama's version of net neutrality... will soon be just about as cool as
 having supported SOPA.

 btw - does anyone know if that thick book of regulations, you know... those
 hundreds of pages we weren't allowed to see before the vote... anyone know
 if that is available to the public now? If so, where?

 Rob McEwen



 On Fri, Feb 27, 2015 at 9:10 AM, Scott Fisher littlefish...@gmail.com
 wrote:

 Funny, but in my honest opinion, unprofessional. Poor PR.

 On Fri, Feb 27, 2015 at 9:05 AM, Larry Sheldon larryshel...@cox.net
 wrote:


 http://publicpolicy.verizon.com/blog/entry/fccs-throwback-thursday-move-imposes-1930s-rules-on-the-internet





-- 
Scott

Re: DDOS solution recommendation

2015-01-12 Thread Scott Fisher 
In looking at this thread, it's apparent that some are trying to
over-simplify a not-so-simple problem. As someone brought out earlier,
there is no silver bullet to fix for several reasons. Some reasons
that I can come up with at the top of my head are:

1) DDOS types vary.
2) Not every network is the same (shocker I know)
3) Time/Money - not every company has the same budget (again, shocker)
4) Staff/Resources - Not every company have admin/engineers at
different technical levels. So someone may decide on blocking an
attack at different levels because that's what they know. EG:
wordpress guy blocks attacks at the webserver level, an admin blocks
it at the system, network admin at the edge.


The questions should be much more narrow. How should I mitigate an
NTP reflection or what are common mistakes people make when
mitigating attacks are questions that more specific that all can
glean from.

Thanks,
Scott

On Mon, Jan 12, 2015 at 4:35 PM, Mike Hammett na...@ics-il.net wrote:
 So the preferred alternative is to simply do nothing at all? That seems fair.




 -
 Mike Hammett
 Intelligent Computing Solutions
 http://www.ics-il.com



 - Original Message -

 From: Christopher Morrow morrowc.li...@gmail.com
 To: Brandon Ross br...@pobox.com
 Cc: Mike Hammett na...@ics-il.net, NANOG list nanog@nanog.org
 Sent: Monday, January 12, 2015 3:05:14 PM
 Subject: Re: DDOS solution recommendation

 On Mon, Jan 12, 2015 at 3:17 PM, Brandon Ross br...@pobox.com wrote:
 On Sun, 11 Jan 2015, Mike Hammett wrote:

 I know that UDP can be spoofed, but it's not likely that the SSH, mail,
 etc. login attempts, web page hits, etc. would be spoofed as they'd have to
 know the response to be of any good.


 Okay, so I'm curious. Are you saying that you do not automatically block
 attackers until you can confirm a 3-way TCP handshake has been completed,
 and therefore you aren't blocking sources that were spoofed? If so, how are
 you protecting yourself against SYN attacks? If not, then you've made it
 quite easy for attackers to deny any source they want.

 this all seems like a fabulous conversation we're watching, but really
 .. if someone wants to block large swaths of the intertubes on their
 systems it's totally up to them, right? They can choose to not be
 functional all they want, as near as I can tell... and arguing with
 someone with this mentality isn't productive, especially after several
 (10+? folk) have tried to show and tell some experience that would
 lead to more cautious approaches.

 If mike wants less packets, that's all cool... I'm not sure it's
 actually solving anything, but sure, go right ahead, have fun.

 -chris




-- 
Scott