Re: [AusNOG] Bouncing Cisco Equipment and "Smart Install"

2018-05-08 Thread Michael Junek
Hi Michael, When I recently deployed a few 9300's in our DC, this feature was disabled before bringing in external connectivity because one of our engineers here was aware of this vulnerability and removed it. It's enabled out of the box because the idea is that it's for zero-touch initial

Re: [AusNOG] Potential Optus outage

2018-06-25 Thread Michael Junek
I've noticed a private Optus WAN links between our Melbourne DC and one of our customers dropped to 0% utilisation, with the Sydney peer taking all the traffic. The client has had other connections of theirs on Optus also having issues. M. From: AusNOG

Re: [AusNOG] High number of inbound automated Chinese language calls on AAPT CTS

2017-10-26 Thread Michael Junek
I havent seen anything specific come through on our AAPT CTS service today, however I'll keep an eye out. I did just get a random call through on a new SfB hunt group that's being configured, however that appeared to be a Sydney CLI, rather than a random one. Michael

Re: [AusNOG] Vocus doody st power ?

2018-02-12 Thread Michael Junek
Our wholesale voice services seem quite intermittent. Very little inbound calls, outbounds are randomly getting rejecting with 503's relating to not enough licenses, and 403 forbidden/call rejected. From: AusNOG on behalf of

Re: [AusNOG] IP Phone System

2018-02-09 Thread Michael Junek
Hi Henry, For open source your best bet is Asterisk. If you use one of the derivitives such as FreePBX, you'll even get a nice Web based front end for management rather than messing with configuration files. From the paid solutions: Skype for Business if you're a Microsoft shop. Most other

Re: [AusNOG] Issues receiving from TPG Mail servers.

2018-07-22 Thread Michael Junek
2018 15:27 To: Michael Junek Cc: Bradley Silverman; Mark Newton; ausnog@lists.ausnog.net Subject: Re: [AusNOG] Issues receiving from TPG Mail servers. > But shouldn't your public mail server be out of scope for PCI? Here. ladies and gentleman, is a nerd that has never encountered the insan

Re: [AusNOG] Issues receiving from TPG Mail servers.

2018-07-22 Thread Michael Junek
Addressing the issue at hand, can you set your MTA not to offer STARTTLS command in the EHLO towards the TPG IP addresses, to force them to use the unencrypted channel? Surely others who have played with their TLS1.2 settings on their MTA's are having this issue as well with TPG; how would

Re: [AusNOG] Issues receiving from TPG Mail servers.

2018-07-23 Thread Michael Junek
, which means that they should covered under the full encrypted spec. It would also mean if that was considered, that 2.2.1 would apply, and seperation of function would be required. From: Bradley Silverman Sent: Monday, 23 July 2018 15:56 To: Michael Junek Cc: Mark

Re: [AusNOG] Issues receiving from TPG Mail servers.

2018-07-22 Thread Michael Junek
Given plenty of mail communication is still non-encrypted, having TLS1.0 is an improvement, granted 1.2 is the ultimate goal. But shouldn't your public mail server be out of scope for PCI? Surely it's not handling cardholder data, nor talking to a system that is, therefore should be excluded

Re: [AusNOG] Issues receiving from TPG Mail servers.

2018-07-22 Thread Michael Junek
On the PCI Audit side of things, however, I think the shared hosting such as CPanel servers will fail PCI based on requirement 2.2.1 regardless-- " Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server.

Re: [AusNOG] NTP Best Current Practices Internet Draft

2019-02-01 Thread Michael Junek
Thats correct. Windows only has a SNTP client implemented, and not an NTP client. As such, it can only query a single NTP server, and does not have the algorithms to determine the accuracy of the time sources. From: AusNOG on behalf of O'Connor,

Re: [AusNOG] NTP Best Current Practices Internet Draft

2019-02-01 Thread Michael Junek
, Daniel Sent: Saturday, 2 February 2019 12:37 To: Michael Junek Cc: Mark Smith; Subject: Re: [AusNOG] NTP Best Current Practices Internet Draft > On 2 Feb 2019, at 12:05, Michael Junek wrote: > Thats correct. Windows only has a SNTP client implemented, and not an NTP > client. As suc

Re: [AusNOG] (Probably a bit OT) IPv6 oddity

2019-10-15 Thread Michael Junek
2 from 2 of the Arcadyan modems supplied to other family by Telstra have exhibited the same issue. Whirlpool is full of complaints of similar things. Something to do with UPNP apparently. "Intermittent internet access" is the typical reported fault, however when debugging the issue I found the

Re: [AusNOG] FYI: Telstra carrier interconnects are full

2020-03-22 Thread Michael Junek
AAPT certainly were running SS7 over various SDH technologies when I was last working on their call centre platform a few years back. From: AusNOG on behalf of Mark Delany Sent: Monday, 23 March 2020 15:20 To: ausnog@lists.ausnog.net Subject: Re:

Re: [AusNOG] Lightning and FTTC - is it really this bad?

2021-01-20 Thread Michael Junek
Hi Troy, Lightning has always been an issue for the copper network – the old adage “don’t use the phone in a storm” comes to mind. Certainly where my mum is, in Springwood, the copper is above-ground-- you often see a 100-pair floating off the power poles, with the house pair coming from a

Re: [AusNOG] Banking outages.

2021-06-17 Thread Michael Junek
Commonality I have heard it’s to do with AWS Route 53. From: AusNOG On Behalf Of DaZZa Sent: Thursday, 17 June 2021 15:59 To: AusNOG Mailing List Subject: [AusNOG] Banking outages. Apparently, most of the big 4 (and a lot of other!) banks are having major issues with online sites. Anyone got