Re: Software for network modelling / documentation / GIS

Hi, If you want to go the full stack, start open source and to have the support and com.ext. option you can check iDoIT. Good thing is, it has also a nice API for further automation and you can use it as generall CMDB. https://www.i-doit.org/ Rgds, SJ

Re: Software for network modelling / documentation / GIS

On Fri 2017-Feb-24 10:36:58 +0700, Roland Dobbins wrote: On 24 Feb 2017, at 10:31, Israel G. Lugo wrote: Does anyone know of something similar to this exist in commodity software, outside of custom solutions developed for a specific network? FWIW, I'm pretty sure Visio

Re: Software for network modelling / documentation / GIS

This tool is not cheap, but I believe it can handle all the physical plant inventory and provisioning objectives you listed: http://synchronoss.com/wp-content/uploads/spatialNET.pdf -mel beckman > On Feb 23, 2017, at 7:38 PM, Roland Dobbins wrote: > >> On 24 Feb 2017, at

Re: Software for network modelling / documentation / GIS

On 24 Feb 2017, at 10:31, Israel G. Lugo wrote: Does anyone know of something similar to this exist in commodity software, outside of custom solutions developed for a specific network? FWIW, I'm pretty sure Visio has been able to snmpwalk for many years. Some NMSes have this sort of

Software for network modelling / documentation / GIS

Hello, Does anyone have any recommendations for software to do network modelling / documentation / GIS, for a campus network? Mid-scale, a few campuses with the largest being around 25 buildings. Free/open source would be excellent, but commercial is also an option. This is a live network, with

RE: SHA1 collisions proven possisble

Especially if that "document" is a component of a ciphersuite exchange. --Dave -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of valdis.kletni...@vt.edu Sent: Thursday, February 23, 2017 9:22 PM To: Ricky Beam Cc: nanog@nanog.org Subject: Re:

Re: SHA1 collisions proven possisble

> On Feb 23, 2017, at 6:10 PM, Ricky Beam wrote: > > When you can do that in the timespan of weeks or days, get back to me. Stop thinking in the context of bits of fake news on your phone. Start thinking in the context of trans-national agreements that will soon be signed

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 21:10:42 -0500, "Ricky Beam" said: > When you can do that in the timespan of weeks or days, get back to me. > Today, it takes years to calculate a collision, and you have to start with > a document specifically engineered to be modified. (such documents are > easily spotted

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 9:08 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 20:56:28 -0500, "Patrick W. Gilmore" said: > >> According to the blog post, you can create two documents which have the same >> hash, but you do not know what that hash is until the algorithm finishes. You >> cannot

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 18:21:19 -0500, wrote: We negotiate a contract with terms favorable to you. You sign it (or more correctly, sign the SHA-1 hash of the document). ... When you can do that in the timespan of weeks or days, get back to me. Today, it takes years

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 20:56:28 -0500, "Patrick W. Gilmore" said: > According to the blog post, you can create two documents which have the same > hash, but you do not know what that hash is until the algorithm finishes. You > cannot create a document which matches a pre-existing hash, i.e. the one

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 6:21 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said: > >> cost! However this in no way invalidates SHA-1 or documents signed by >> SHA-1. > > We negotiate a contract with terms favorable to you. You sign it (or more > correctly,

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 19:28:44 -0500, Jon Lewis said: > Doing it with an ASCII document, source code, or even something like a > Word document (containing only text and formatting), and having it not be > obvious upon inspection of the documents that the "imposter" document > contains some

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017, valdis.kletni...@vt.edu wrote: On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said: cost! However this in no way invalidates SHA-1 or documents signed by SHA-1. We negotiate a contract with terms favorable to you. You sign it (or more correctly, sign the SHA-1 hash

Re: SHA1 collisions proven possisble

We just need to keep the likely timeline in mind. As I saw someone say on Twitter today ... "don't panic, just deprecate". Valeria Aurora's hash-lifecycle table is very informative (emphasis mine): http://valerieaurora.org/hash.html Reactions to stages in the life cycle of cryptographic hash

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said: > cost! However this in no way invalidates SHA-1 or documents signed by > SHA-1. We negotiate a contract with terms favorable to you. You sign it (or more correctly, sign the SHA-1 hash of the document). I then take your signed copy, take

Re: SHA1 collisions proven possisble

It's actually pretty serious in Git and the banking markets where there is high usage of sha1. Considering the wide adoption of Git, this is a pretty serious issue that will only become worse ten-fold over the years. Visible abuse will not be near as widely seen as the initial shattering but

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 15:03:34 -0500, Patrick W. Gilmore wrote: More seriously: The attack (or at least as much as we can glean from the blog post) cannot find a collision (file with same hash) from an arbitrary file. The attack creates two files which have the same hash,

Re: SHA1 collisions proven possisble

On Thu, 23 Feb 2017 15:03:34 -0500, "Patrick W. Gilmore" said: > For instance, someone cannot take Verisign’s root cert and create a cert > which collides on SHA-1. Or at least we do not think they can. We’ll know > in 90 > days when Google releases the code. >From the announce: "It is now

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 2:59 PM, Ca By wrote: > On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder wrote: > >> Coworker passed this on to me. >> >> Looks like SHA1 hash collisions are now achievable in a reasonable time >> period >> https://shattered.io/ >>

Re: SHA1 collisions proven possisble

On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder wrote: > Coworker passed this on to me. > > Looks like SHA1 hash collisions are now achievable in a reasonable time > period > https://shattered.io/ > > -Grant Good thing we "secure" our routing protocols with MD5 :) >

SHA1 collisions proven possisble

Coworker passed this on to me. Looks like SHA1 hash collisions are now achievable in a reasonable time period https://shattered.io/ -Grant

OSS Netflow that can use EngineID

Colleagues, Before I go down a source code path, I wanted to get your input. I have some Linux routers I’ve built that use lots of GRE tunnels. I use ipt-netflow to export flow traffic to a collector. The issue is it seems to randomly pick an interface address and export from that. If we

Re: Juniper QFX port VLAN statistics via SNMP - is it possible?

I'll just leave the solution here in case that anybody else needs it: Firewall rule: firewall { family ethernet-switching { filter vlan-counters { interface-specific; term vlan-14 { from { dot1q-tag 14; }