Re: [swinog] Port 25 Blockade @ Swisscom (Bluewin)
Spam coming through Bluewin ADSL is not something new. Doing whatever action to stop spam in an early stage (aka years ago) would not had result in a shitload of support calls. But the guys at Swisscom waited long enough to implement this, so they don¹t deserve my empathy... I know enough ISPs which implemented the ³forced own SMTP² already on dial-in accesses (so you see which decade I¹m talking about). Finally I just wonder which alternative ISP will the swiss-spammers choose to continue to mess up the internet. Keep looking your spam-filter logs for a mass shift :-) Daniele On 3/8/10 2:26 PM, rai...@ultra-secure.de rai...@ultra-secure.de wrote: Blocking port 25 for *everybody* will just help to induce one shitstorm of a support-nightmare. It doesn't even make a difference if you have a grace-period or not (people ignore this stuff anyway). Steven can probably provide numbers about how many people are still using 25 vs. 587. It's probably millions. What happens if millions of people call the support-hotline? Yep, I hate the privacy implications. But with 100k abuse complaints/month - what would you do, besides going postal? The only thing that could be done is a government-mandate to cut-off people with zombies in their LANs from the net and have a state-licensed PC-techie come over and clean-out the PC(s). For 200 CHF per hour. Plus 37 CHF court costs and administrative fees. ;-) It works for cars, so it should work for PCs, too, right? ;-) Rainer ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.733 / Virus Database: 271.1.1/2717 - Release Date: 03/07/10 20:34:00 This e-mail, any associated files and the information contained in them are confidential and is intended for the addressee(s) only. If you have received this message in error please notify the originator and delete the email immediately. The unauthorised use, disclosure, copying or alteration of this message is strictly forbidden. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. Any opinions expressed are those of the individual and do not necessarily represent the views of the company. The company does not conclude contracts by email and all negotiations are subject to contract. We make every effort to maintain our network free from computer viruses but accept no responsibility for any viruses which might be transferred by this e-mail. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BGP over xDSL ... is evil? says who?
Lukas Beeler wrote: Now, even expensive FB-DIMM memory by vendors like HP and IBM only costs around 360 CHF for 4 GB. And even small two way x86 boxes max out at around 32 - 48 GB. Even if Cisco and Juniper charge 10x as much, that'd still be only 3600 CHF. I understand that routers use ASICs and probably faster memory than servers, but i can't really imagine it to be a problem to pop 4GB memory into a router that's connected directly to the internet. Now, where am i mistaken? There still a lot of hardware around which is at the memory expansion limit. And (talking about Cisco) the IOS images don't tend to get smaller... So finally you end up replacing the whole router or NM-engine for some kilo-$ instead of a relative cheap memory upgrade... I agree with Fredy's concerns about link stability and flapping, especially for residential services. BGP on DSL can although be deployed as backup solution or, if you're close enough to the BBCS owner, as main link. The major problem you face there is getting a skilled person when you're in trouble... The help-desk guy/girl you get at the phone does usually don't even know how to spell B-G-P and will ask you why you have 4 of them :-) Daniele -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] a NAZI in the vaud state police experimentatingBRAINWASHING
That's a personal opinion. Read the charter at http://www.swinog.ch/charter/index.asp Daniele Gaston Shepard wrote: Look one screen height above the .png, from january 2007, it's only about human networks in the computer network engineering field. And my goal is to say beware. Of the military sons around you. The right wing policeman. And banking pseudo-ethical freaks (mine masquerade herself has a psychiatrist lately to network other peoples and have more trust from them it seems). Le 19 décembre 2008 02:15, Steven Glogger ste...@glogger.ch a écrit : i just read this mail and take a short look at the website. i dont think swinog is the right platform for those topics..what do you think? -steven -- This message has been scanned for viruses and dangerous content by *MailGate* http://www.gcomm.ch/mailgate.html, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] a NAZI in the vaud state police experimentatingBRAINWASHING
This has really nothing to do with Swinog. No comment. Daniele Steven Glogger wrote: i just read this mail and take a short look at the website. i dont think swinog is the right platform for those topics..what do you think? -steven *From:* swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] *On Behalf Of *Gaston Shepard *Sent:* Friday, December 19, 2008 12:15 AM *To:* swi...@swinog.ch *Subject:* [swinog] a NAZI in the vaud state police experimentatingBRAINWASHING Guys, here is an account of my life in this business, with a cop, used to be a friend of mine at school, became a real NAZI. It's a tale of service secret, and the worst you can imagine. It's happening in switzerland, not under a dictature. It's in french. Please feel free to translate it in german, it's worth it. --- Short synopsis --- Les services secrets: un gateau a la merde dont ont me sert une tranche par jour depuis 6 ans Mon premier emploi, chez un ISP, des droles de zozo nous tournent autour, lors de sorties en soiree dans les restaurant de la region, avec 3 collegues et amis. A cette epoque je ne me rend compte de rien, c'est plus tard que j'ouvrirai les yeux sur ces phenomenes. Printemps 2001, un type m'en parle, pas de la maniere la plus simple. J'oublie dans les minutes qui suivent notre conversation. Fin du printemps 2002, suite a des sortes de minis pieces de theatre dans des lieux pour moi habituels, je commence a devenir conscient. Pendant quelques jours c'est relativement marrant. Au bout de 3 a 4 semaines il me paraissent imbeciles et grossier au possible a de tres rares exceptions. S'enchaine tres rapidement un episode digne d'une insondable connerie humaine: en fin d'une journee de test pour la ville de Lausanne, mon amie me tend un joint petite feuille bien rempli de mix. Je le fume sans me douter de rien. Il a une amertume inhabituel mais je ne me doute pas de la suite des evenements. Une minute a peine apres avoir terminer le joint, la montee est particuliere: mon pouls monte tres rapidement a env. 160 - 170 pulsations minutes, sans aucune activite physique. S'ensuit une inquietude quant a mon poul, degenerant en un grave acces psychotique. Un empoisonement avec une substance genre stimulant cardiaque ou vasodilatateur puissant. Une vrai saloperie, un bad trip impossible a obtenir avec du cannabis. Hopital regional. Sa ne se calme guere. Hopital psychiatrique. Neuroleptique dosage maximal. Dehors, dans la rue, le plan des cretins organises en reseau continue a exister pour me montrer du pays, a quel point je suis petit face a l'immenste sociale de vieux patriotes d'arriere garde. Il va s'eterniser sur 3 (!) longues et penibles annees. Gravement soumis par la peur, je vais commettre ma seule erreur: ne pas oser en parler. Meler a la peur de tous les instant, je perd mes capacites de concentration et m'enfonce dans une depression severe, a trois reprise la tentation du suicide est forte a tres forte. Je vais perdre 2 jobs successifs, apres quoi je refais un sejour en hopital psychiatrique. La comme par enchentement, les imbeciles cessent leur demonstration de force, des ma sortie de l'hopital. La peur va enfin me quitter, laissant place a une emotivite vive, une sursensibilite au moindre alea de mon environnement, puis je vais m'enfoncer dans une melancolie tournant a la depression durant encore 2 ans. C'est seulement debut 2008 que je remonte a la surface, avec encore quelques trous d'airs en terme d'humeur et une ribambelle d'hurluberlu m'influencant pour me faire taire. Un systeme de conditionnement et controle de l'humain deguise en autre chose, a la guise, en fonction du soldat a integrer (les pretextes trop divers sont la seul raison du secret). Une ribambelle d'imbeciles convaincus d'etres des agents secrets, un laisser faire politique bien pratique pour maintenir une chape de plomb et continuer a etre une place de reglement d'affaires financieres a l'abri des critiques (je parlai a mon entourage de la taxe tobin et du risque systemique peu avant la decompensation). A titre personnel, 6 annees de vie perdue, a regresser professionellement pendant 3 ans, pour combler mon retard les 3 suivantes. 4 sous neuroleptique. 3 ans ou ma personnalite va se dissodre dans le bain acide de la peur. Suive 2.5 ans de lourds sequels de _DEPERSONNALISATION_, rien de moins. Un pote disait: la vie est un enorme gateau a la merde dont ont te fait
Re: [swinog] Netclean - news
I see this like another example of fighting evil at the wrong end. Of course it is important to fight such content but is filtering websites the right method ? I don't think so. Let be realistic, how many ISPs worldwide are gonna deploy a Whitebox ? Filtering locally simply means stopping end users to access illegal sites. Ok, but the sites are still there and everybody else will still have access ! What do we wanna fight ? The access to illegal content or the publishing of them ? Just because some ISPs will filter-out those sites will not reduce the amount of kids being abused. What is worser ? Someone looking at kids being abused or someone who abuse them ? I see already Netclean press releases claiming the big success as the list of sites will increase, as at the same time, the guys who manage those sites will not notice any decrease in hits... The Netclean solution is better than nothing but definitely this is not gonna make the difference. Daniele -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] I miss you spam...
And here we go with a new wave of spam coming from DSL and Cable bots... My spamfilter was getting bored... Benoit Panizzon wrote: Am Dienstag, 4. November 2008 08:54 schrieb Benoit Panizzon: Am Dienstag, 4. November 2008 08:46 schrieb Adrian Kägi: About 2 weeks we receive approx. 30% less Spam on our Firewall. someone knows the same phenomenon? Ok, I must correct my statement. Since mccolo etc. are down, spam has considerably dropped: http://spamkiller.scout.ch/index.php?view=_spamno_checkvirusmail_inskip_checksuserunknown_summary_line.png ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. inline: spamratio-week.png___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] I miss you spam...
I can confirm this behavior. Although I don't expect that the spammers gave finally up... Daniele Adrian Kägi wrote: About 2 weeks we receive approx. 30% less Spam on our Firewall. someone knows the same phenomenon? Is the Bot-Master in holidays? ;-) Best wishes Adrian -- This message has been scanned for viruses and dangerous content by *MailGate* http://www.gcomm.ch/mailgate.html, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. inline: spamratio-month.png___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin and Prestige 650ME
Ensure that the distance between splitter and modem is no more than 2m and it will work fine... Daniele Josh Geisser wrote: Hi Swinog is there an issue with those old Zyxel Prestive 650ME modem/routers? I have that 650 configured as modem and want to use PPPoE from a pfSense. works fine for 10minutes until the connection breaks and i do have to reboot either the pfSense, or restart the 650. then it works again for 10min. i wonder whether this is a bluewin issue, or a 650 problem? cheers Josh -- This message has been scanned for viruses and dangerous content by *MailGate* http://www.gcomm.ch/mailgate.html, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
...and beside that, is really strange that 90% of the professional spam cleaner (I'm talking about services not appliances) extensively use greylisting. I'm using greylisting (with some self made scripts to auto learn to withe and blacklist) since 2 1/2 years and I never missed a single mail. Someone said that greylisting is a religion. No, it's not. It's just a pretty effective method of keep the spam out. There are lot of tools, scripts and applications to do that but most of them are quite cpu intensive. 98% of the incoming spam is catched by the greylisting engine with almost zero cpu, only the remaining 2% need to be analyzed. And so fair as I am, I also put a notice in the 450 and 554 error code explaining why it is delayed or rejected. That's not true for notorious spammers which will hangs for hours in my tarpit (and thus saving some other people from being spammed). I know that spammers don't cares about logs but I expect a serious mail-admin does (at least the non M$ admins) and can react on it. As long as the internet community does not efficiently fight spam at the source I will put my efforts on fighting spam at the destination ! My personal opinion is that no consumer hoster or ISP (xDSL/Docsis) should allow their customers to send SMTP directly (beside some exceptions). Just a matter of keep the mess out of the net. We all know that most of the spam comes from bot pc which are on residential access. I guess that if every ISP would apply a mandatory SMTP-relay we would have at least 70% less spam ! And now I stop before we start another never ending flame-up discussion :-) Stanislav Sinyagin wrote: actually greylisting works pretty well, and the whitelist of exceptions is relatively small (not more than 300 entries as far as I remember). Also if you communicate the value of it to the customers, they tend to agree that having 90% of spam filtered before entering the system is worth waiting for half an hour for email from a new source. It's also a matter of resources: if you don't want or cannot enable greylisting, you have to invest more resources into a more sophisticated mail filtering software. Even if it's available for free, still developing and maintaining your solution might become too expensive. so, basically as we discussed it already last week in regards to Skype: use the right tools for the right task :-) - Original Message From: Tonnerre Lombard [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: swinog@lists.swinog.ch; [EMAIL PROTECTED] Sent: Friday, October 17, 2008 5:27:10 PM Subject: Re: [swinog] RBL's (again) (Was: Anyone from Green here?) Salut, Per, On Fri, 17 Oct 2008 12:47:48 +0200, Per Jessen wrote: Another option is to disable greylisting just for that one mailserver. This implies that either you know all servers hosting broken scripts (NP-complete I think) or your customers will always communicate problems. Usually they encounter them and rant about it on their Stammtisch and then change provider to someone with one hell of a lot of SPAM. Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Firewall recommendation for a rack of webservers?
pfSense HAS commercial support ! It is provided by BSD Perimeter and Centipede Networks Take a look at www.pfsense.org under support. Open-source and unsupported are two different words. Daniele Manuel Krummenacher wrote: Hello! On Wed, June 18, 2008 2:06 pm, Olivier Mueller wrote: Is there anything you can recommend in this case? It if was only me, I would take something there: http://pfsense.org/index.php?option=com_contenttask=viewid=44Itemid=50 and start with that. But the customer would also like to see some non open-source-based solutions... : I would go with pfSense, but a Zyxel Zywall could also be an option if it should be a commercial solution. Reasonable price, many features, rackmount kit available and very good support. Regards, Manuel ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Firewall recommendation for a rack of webservers?
Beat Siegenthaler wrote: In this case You will be forced to deploy M$-ISA ;-) Please... He's talking about firewalls... :-) Oliver, I have pfSense in use and you can also have commercial support from them. It's stable and you can run inline-snort with autoblacklist or simple log. I guess for your purpose it's not a bad solutions. If you want to impress your customers go for Secure Computing Sidewinder G2... ...but get a sponsor before ! Daniele -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Switzerlandwide Internet problem
Well, as I called the helpdesk on thursday they told me that they got a swiss-wide outage. We have a dual DSL link with BGP and both link never went down and the remote /30 was all the time reachable. Simply over 30 min we got no prefixes being announced and also the default route was not present. I guess they messed up some routing, at least in the ZH big area. Anyway, I don't expect any (plausible) RFO from them. Daniele Tonnerre Lombard wrote: Salut, Michele, On Fri, 6 Jun 2008 15:00:11 +0200, Michele Capobianco wrote: A friend just told me that Cybernet told him there is a Switzerlandwide Internet Problem. Does anybody know something? I did notice two short interruptions, but other than that, I didn't see any major outage expect on Cybernet's side. So I think this is a typical case of Oh look, the entire rest of the internet is down! Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] New cisco dealer ?
Do I get Coop SuperPoints by buying ? :-) Or will they organize a Catalyst Trophy ? :-) Daniele [EMAIL PROTECTED] wrote: i was speakless .. _http://www.microspot.ch/microspot/__HYBRIS__/category/Microspot.ch/JJ_Bridges_Routermanid=Z00087/detail.jsf_ http://www.microspot.ch/microspot/__HYBRIS__/category/Microspot.ch/JJ_Bridges_Routermanid=Z00087/detail.jsf Roger -- This message has been scanned for viruses and dangerous content by *MailGate* http://www.gcomm.ch/mailgate.html, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- regards - Daniele Guazzoni Senior Network Engineer, CCNP, CCNA Linux and AMD-x86_64 or do you still with Windows and Intel ? -- This message has been scanned for viruses and dangerous content by MailGate, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BGP problems at Cablecom?
Use ORSN (Open Root Server Network) public nameservers: NS1.DE.EU.ORSN.NET IP 217.146.139.5 RESOLVER.DATA-UNION.NET IP 62.157.101.211 Daniele Stanislav Sinyagin wrote: as a home user of Cablecom, I can't reach many American sites since about 11am this Sunday. These are not reachable: mail.yahoo.com gmail.com www.cnn.com Most of Swiss (and surprisingly Russian :) sites are reachable. cheers, stan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] smtp attacks
Uhm, my private detected spam count is still average: 150 spam/24h which means 87% of total mails received. Also nothing special here. This is not spam. To unsubscribe to this mail please reply with the words shut up in the subject, directly to me :-) Daniele Matthias Hertzog wrote: Yes, same here. We had to blacklist several domains to keep our inbound clean. Matthias Hertzog _ mhs @ internet AG Zürcherstrasse 204, CH - 9014 St. Gallen Phone +41 71 274 93 93, Fax +41 71 274 93 94 http://www.mhs.ch _ - Original Message - From: Rene Luria [EMAIL PROTECTED] To: swinog@swinog.ch; [EMAIL PROTECTED] Sent: Monday, November 27, 2006 5:58 PM Subject: [swinog] smtp attacks Hi folks, We are currently experiencing a heavy load on all our smtp inbound servers since saturday. It is due to bounces coming from everywhere. Spamers using fake email addresses from domains for which we are the MX. The amount of such emails (which we almost all reject, user unknown, etc.. because of the fake email addresses) is enormous compared to normal traffic (like 10 times what we have in general). Do any of you experience the same problem ? -- Rene Luria ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] CCNP
Zoran is really a matter of self discipline and motivation. I did CCNA and CCNP almost on my own (2 courses at Getronics), the main effort using Cisco press and related books, CCO and of course hands-on on some real hardware... Personally I use the kick in the ass method: 1) set the exam date 2) study / try / repeat 3) pass the exam (are there alternatives ?...) This way I have the kick and a real target to focus on. Until now I used to success with them, I will see next monday if I also get the CCIE qualification that way... My suggestion to you (I don't know your actual knowledge level): get some Boson tests (real test simulation) and walk through. That way you can find out where are your weak points and you can get specific self-study books and/or get training. Save the 16k for the CCIE track... Daniele Zoran Brakus wrote: Hello I'm looking for a best way to upgrade my CCNA and become a CCNP. At the moment, I have the following options on my mind: a) CCNP academy - it costs around 16k CHF; a lot of money, isn't it? - is CCNP course organized somewhere in Zürich or Zug (preferably on weekends)? - can I expect to have academy lessons in English language or only German? b) to make my own lab (ebay), buy all books and try to become a home made CCNP? :-) c) ? I would appreciate any info and/or suggestions. Thanx -- best regards -- Daniele Guazzoni Senior Network Engineer, CCNA, CCNP Ackersteinstrasse 203 CH-8049 Zurich -- Destiny is not a matter of chance, it is a matter of choice; it is not a thing to be waited for, it is a thing to be achieved. William Jennings Bryan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] subscribed e-mail change
Could the list admin contact directly Tan at [EMAIL PROTECTED] ? He would like to change his existing subscribed e-mail and therefore solve the out-of-office reply. Thanks -- best regards - Daniele Guazzoni Network System Engineer Cisco Certified Network Professional Audatex Systems GmbH An ADP Company Zollstrasse 62 CH-8021 Zürich Phone: +41 44 278 87 54 Fax:+41 44 278 85 15 E-Mail: [EMAIL PROTECTED] Web:http://www.audatex.com - I still don't know what the window keys on my keyboard are for. Neither Linux, openBSD, freeBSD nor Solaris reacts on it... ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog