Re: who attacks the weather channel?
The Weather **Channel** is now a separate entity, which is the cable channel only. The Weather **Company** is the entity now owned by IBM, and it provides the web content and apps such as Weather Underground and Weather.com. I live near their corporate HDQ and interview there for a job, so they explained all of this to me at the time. --Jonathan Rogers On Thu, Apr 18, 2019 at 11:52 AM Fred Baker wrote: > According to this, Weather Underground was purchased by the Weather > Channel and firmed “The Weather Company”, and that was in turn purchased by > IBM last year. > > > https://www.wunderground.com/blog/JeffMasters/weather-underground-bought-by-ibm.html > > Sent using a machine that autocorrects in interesting ways... > > On Apr 18, 2019, at 8:38 AM, Christopher Morrow > wrote: > > On Thu, Apr 18, 2019 at 11:27 AM Stephane Bortzmeyer > wrote: > > > On Thu, Apr 18, 2019 at 03:16:34PM +, > > Kain, Rebecca (.) wrote > > a message of 69 lines which said: > > > https://www.cnn.com/2019/04/18/media/weather-channel-hack/index.html > > > May be these people? > > > https://en.wikipedia.org/wiki/Weather_Underground > > > I think WU was actually bought by weatherunderground... > >
Re: CenturyLink Outage?
CenturyLink having an OUTAGE?!? Well, I never!! --JR @ Google-Atlanta On Tue, May 7, 2013 at 1:26 PM, George Herbert george.herb...@gmail.comwrote: Widely discussed on outa...@outages.org list (hint!) but for those not yet list members over there, 13 or more states in southeast US affected, reportedly routing / layer 3 issue, possibly BGP to outside but not clear. Some service restorations discussed. George William Herbert Sent from my iPhone On May 7, 2013, at 9:54 AM, Jason Lester jles...@wcs.k12.va.us wrote: Does anyone know what is going on with the nationwide CenturyLink outage? Their NOC recording says it is a BGP routing issue with their upstream peers affecting Internet traffic and traffic between regions. Our outside connectivity with them has basically been down since about 4:00AM (EDT) this morning. The prefixes we were receiving from them were fluctuating between a few hundred and a few thousand all morning. We are getting the full BGP table from them now (for about the last hour), but still not seeing any incoming traffic. Seems like a major issue since it has been almost 9 hours now. Thanks, Jason -- Jason Lester Administrator for Instructional Technology Washington County Public Schools Tel: 276-739-3060 Fax: 276-628-1893 http://www.wcs.k12.va.us
Re: Check this out T-Mobile Launches GoSmart Prepaid Service Nationally on Phone Scoop
An email from nobody? WHAT IS THIS SORCERY?!? --JR On Tue, Feb 19, 2013 at 8:50 PM, Grant Ridder shortdudey...@gmail.comwrote: haha i love the header: Received: (from nobody@localhost) On Tue, Feb 19, 2013 at 7:48 PM, Jay Ashworth j...@baylink.com wrote: Check this out: http://www.phonescoop.com/articles/article.php?a=11946 This email was sent via Phone Scoop (www.phonescoop.com). The sender thought you might be interested in the page linked above.
Re: Centurylink Contact
I'd say call the control center at 1.800.524.5249. And then wait. And wait. And wait. You're gonna need a Snickers. --JR On Fri, Oct 19, 2012 at 4:13 PM, Joel Maslak jmas...@antelope.net wrote: Does anyone have a good contact to report outside plant issues in the Denver, CO area? Some construction equipment in my neighborhood snagged and snapped a messenger cable between poles, and probably stretched some copper. I'd like to make sure that CL actually gets notified and gets it fixed. My line is fine, so their automated residential customer service line wasn't helping me at all.
Re: Detection of Rogue Access Points
I like the idea of looking at the ARP table periodically, but this presents some possible issues for us. The edge routers at our remote sites are Cisco 1841 devices, typically with either an MPLS T1 or a Public T1 (connected via an IAD owned by Centurylink; router to router, so dumb). Aside from manually logging in to those individual routers (all 140 or so of them) and checking them on a schedule, can anyone think of a good way to capture that information automatically? If I had to I could probably come up with a script to log in to them and scrape the info then process it but...eww. Another possible option (although costly) is installing a Ruckus device at each location; we have a Ruckus infrastructure at our HDQ and it works great (almost too good, it's super sensitive) at picking up rogues. A Ruckus WAP could talk to our ZoneDirector appliance and do that for us at each site, I think, but it may be difficult to justify the cost. --JR On Thu, Oct 18, 2012 at 9:15 AM, Jason Antman ja...@jasonantman.com wrote: Some very good points were made in the thread. I've dealt with this problem a few times. I'll admit, the only perfect solution I've found is to install a Internet-only (its own router interface or VLAN, firewalled off from everything else) AP for people to use because, frankly, consumer-grade APs are just too easy to install. On the technical side, to reiterate what others have suggested: - Scan MACs from the router ARP table or DHCP logs, flag anything from a common wireless vendor - Script to pull new DHCP leases, check each with NMAP, alert on anything suspicious - Port security, if you can - Scanning the air The only *real* way to detect rogue APs is to actually scan the airwaves. There's a bunch of vendors who sell hardware/software solutions for this, and there are also a lot of APs that support it, especially if you can deal with something manual. Ubiquiti Networks sells some sub-$100 USD access points that do a nice site survey as well as a spectrum analyzer, and could be used to get this info. Of course that becomes more of a burden if there are multiple other wireless networks within range of you (should be fine if your branches are on their own property, could be a problem if they're in commercial/professional buildings). I don't know if the Ubiquiti products are easily scriptable, but they *do* offer a SDK and with some amount of effort, it would probably be possible to pull this data via a script. The times that I've done this, we've just grabbed a bunch of decommissioned corporate laptops with wireless wired ethernet interfaces, put Linux on them, and written a script that scans for visible wireless networks every 5-30 minutes, and emails any changes to us. Laptops were configured for DHCP, and just plugged in and nestled somewhere in the wiring closet. Net cost $0 (well maybe some patch cables), and worked fine for us. -Jason On 10/14/2012 04:59 PM, Jonathan Rogers wrote: Gentlemen, An issue has come up in my organization recently with rogue access points. So far it has manifested itself two ways: 1. A WAP that was set up specifically to be transparent and provided unprotected wireless access to our network. 2. A consumer-grade wireless router that was plugged in and just worked because it got an address from DHCP and then handed out addresses on its own little network. These are at remote sites that are on their own subnets (10.100.x.0/24; about 130 of them so far). Each site has a decent Cisco router at the demarc that we control. The edge is relatively low-quality managed layer 2 switches that we could turn off ports on if we needed to, but we have to know where to look, first. I'm looking for innovative ideas on how to find such a rogue device, ideally as soon as it is plugged in to the network. With situation #2 we may be able to detect NAT going on that should not be there. Situation #1 is much more difficult, although I've seen some research material on how frames that originate from 802.11 networks look different from regular ethernet frames. Installation of an advanced monitoring device at each site is not really practical, but we may be able to run some software on a Windows PC in each office. One idea put forth was checking for NTP traffic that was not going to our authorized NTP server, but NTP isn't necessarily turned on by default, especially on consumer-grade hardware. Any ideas? Thank you for your time, Jonathan Rogers
Re: Detection of Rogue Access Points
I, uh...don't actually know how to do that. I've not done very much with SNMP other than working with power management devices. If someone could direct me to a good tutorial, that would be much appreciated. --JR On Thu, Oct 18, 2012 at 12:31 PM, Chris Boot bo...@bootc.net wrote: On 18/10/12 15:12, Joe Hamelin wrote: On Thu, Oct 18, 2012 at 7:00 AM, Jonathan Rogersquantumf...@gmail.com wrote: I like the idea of looking at the ARP table periodically, but this presents some possible issues for us. Is it just WAPs that you are worried about or any rouge device at the remote sites? If you're doing medical data then I would think that any non-company device would be suspect. If that is the case then ARP scraping is the better way. Basically you need an inventory of what is at the sites. This you should already have and if you don't, that is your first step. A bit of perl and expect scripting would get you a long way to your goal. Like I mentioned before, if you don't have the time/talent to script the task, call out for a coder-for-hire. You should be able to get the ARP table off a router using SNMP, which would be much cleaner than using expect to login to a router's management interface... HTH, Chris
Re: Detection of Rogue Access Points
Nevermind, it appears SNMP is turned off on our routers and I do not have control over that. I can at least present this as a possible option to the person that does. Thank you very much for your suggestions, everyone. I'm so glad I joined this list; I've learned so much and it's great to talk to people who like to share their knowledge and experience. --JR On Thu, Oct 18, 2012 at 4:21 PM, Phil Regnauld regna...@nsrc.org wrote: Raymond Burkholder (ray) writes: NetDisco knows how to scan networks for mac addresses, arp addresses, ip addresses, etc. It keeps track of deltas. It may have be able to email deltas or something similar.Or run a query against the database, as I seem to recall it seems to hold historical data. Yes, NetDisco will do this, and it has query interface for looking up MAC - associations, and where they were last seen. Netdot (netdot.uoregon.edu, just mentioned it in an earlier mail) also offers this functionality, and stores the information in the database for querying/searching. Jonathan Rogers (quantumfoam) writes: I, uh...don't actually know how to do that. I've not done very much with SNMP other than working with power management devices. If someone could direct me to a good tutorial, that would be much appreciated. It's probably easier to use one of the tools mentioned than to start writing your own. To do that, you'd have to retrieve the L2 forwarding table from switches, and the ARP tables from L3 devices. You have to query all active devices regularly and build/update your DB from that. There are tools such as SNMP::Info http://search.cpan.org/~maxb/SNMP-Info-2.01 that make this easier, but still some amount of coding would be required. It's then a matter of querying the DB, and looking for the MAC addresses of suspected rogue devices, if they keep on showing up (you will see many one-times that don't reappear, which also grows the DB significantly over time). Phil
Re: Detection of Rogue Access Points
Well, quite frankly they have the tools they need. Our remote sites do not have any devices that require wireless. They don't have company-issued laptops, and personal laptops are not allowed. The policy is on the books but it isn't my department to make sure people know about it and follow it. Our end users at these branch offices are typically not very technically inclined and have no idea what a security risk this is (especially considering that we have EPHI on our network, although I can't really say more in detail than that). The person who put in the WAP I discovered doesn't even work for us any more. Port-based security might work, but our edge switches are total garbage (don't get me started, not in my control). I didn't find this WAP via nmap...it didn't show up. I believe it probably didn't have a valid management interface IP for some reason. We saw suspicious entries in the router's ARP table and starting looking around the office from there. --JR On Mon, Oct 15, 2012 at 11:05 AM, valdis.kletni...@vt.edu wrote: On Mon, 15 Oct 2012 13:11:00 +1100, Karl Auer said: No-one has said this yet, so I will - why are people working around your normal network policies? This is often a sign of something lacking that people need in their daily work. You can often reduce this sort of innocent thievery down to a manageable minimum simply by making sure that people have the tools they need to work. Sometimes it's cheaper to give people what they want than to prevent them taking it. Maybe at least consider that as an option. Amen to that - detecting rogue access points is one thing, but in order to make the users stop doing it, you're going to need either a sufficiently large carrot or a sufficiently large stick. If you don't deploy at least one, the problem *will* keep recurring.
Detection of Rogue Access Points
Gentlemen, An issue has come up in my organization recently with rogue access points. So far it has manifested itself two ways: 1. A WAP that was set up specifically to be transparent and provided unprotected wireless access to our network. 2. A consumer-grade wireless router that was plugged in and just worked because it got an address from DHCP and then handed out addresses on its own little network. These are at remote sites that are on their own subnets (10.100.x.0/24; about 130 of them so far). Each site has a decent Cisco router at the demarc that we control. The edge is relatively low-quality managed layer 2 switches that we could turn off ports on if we needed to, but we have to know where to look, first. I'm looking for innovative ideas on how to find such a rogue device, ideally as soon as it is plugged in to the network. With situation #2 we may be able to detect NAT going on that should not be there. Situation #1 is much more difficult, although I've seen some research material on how frames that originate from 802.11 networks look different from regular ethernet frames. Installation of an advanced monitoring device at each site is not really practical, but we may be able to run some software on a Windows PC in each office. One idea put forth was checking for NTP traffic that was not going to our authorized NTP server, but NTP isn't necessarily turned on by default, especially on consumer-grade hardware. Any ideas? Thank you for your time, Jonathan Rogers
Re: Detection of Rogue Access Points
I should probably mention that we do not have any legitimate wireless devices at these locations. I realize that this complicates matters. The most recent one we found was found exactly like Joe suggested; we were looking at an ARP table for other reasons and found suspicious things (smartphones). --JR On Sun, Oct 14, 2012 at 5:30 PM, Tom Morris bluen...@gmail.com wrote: I have used the wigle app as a scanning and direction finding tool.. it works OK. Not automated really as you'd have to walk and watch the screen but it works. I once walked into a glass wall inside a building while searching for a rogue AP... FOMP On Oct 14, 2012 5:02 PM, Jonathan Rogers quantumf...@gmail.com wrote: Gentlemen, An issue has come up in my organization recently with rogue access points. So far it has manifested itself two ways: 1. A WAP that was set up specifically to be transparent and provided unprotected wireless access to our network. 2. A consumer-grade wireless router that was plugged in and just worked because it got an address from DHCP and then handed out addresses on its own little network. These are at remote sites that are on their own subnets (10.100.x.0/24; about 130 of them so far). Each site has a decent Cisco router at the demarc that we control. The edge is relatively low-quality managed layer 2 switches that we could turn off ports on if we needed to, but we have to know where to look, first. I'm looking for innovative ideas on how to find such a rogue device, ideally as soon as it is plugged in to the network. With situation #2 we may be able to detect NAT going on that should not be there. Situation #1 is much more difficult, although I've seen some research material on how frames that originate from 802.11 networks look different from regular ethernet frames. Installation of an advanced monitoring device at each site is not really practical, but we may be able to run some software on a Windows PC in each office. One idea put forth was checking for NTP traffic that was not going to our authorized NTP server, but NTP isn't necessarily turned on by default, especially on consumer-grade hardware. Any ideas? Thank you for your time, Jonathan Rogers
Re: need help about 40G
I've had good experience with Mellanox NICs for 40gbe. --J On Thu, Sep 27, 2012 at 3:27 PM, Deric Kwok deric.kwok2...@gmail.comwrote: Hi all Do you have experience in 40G equipments eg: switch and NIC? Any brand name is reliable Thank you so much
Re: CBT Nuggets streaming account
GNS3 is completely insufficient for CCNP-level training and labs. You will need actual equipment. Fortunately, it has gotten a lot cheaper over the past few years and you don't need the latest and greatest. Check out Wendell Odom's website for tips. Also we have a CBTNuggets account at my company and I was unimpressed with their Cisco coverage, but that may be a matter of taste. Just my $0.02...as a CCNA working towards MY CCNP. --jono On Mon, Jun 11, 2012 at 4:56 PM, Garrett Skjelstad garr...@skjelstad.orgwrote: Don't spam the list looking for black market copies of training material. Use GNS3 and design your own labs and google the test topics. Plzkthx. Sent from my iPhone On Jun 11, 2012, at 12:30, Ryan Burtch rburt...@gmail.com wrote: Could someone contact me off list if you have a CBT Nuggets streaming account and would be willing to help me in working towards my CCNP?
Re: CBT Nuggets streaming account
I would say part of the argument is old-fashioned (if you ain't touching it, you're not really learning), but there are other issues as well...such as where you get a legitimate copy of IOS to load into GNS3. Ultimately my personal feeling is that it is not an accurate representation of the real world. Cisco's official academy sim is much easier to use if you need a sim. Unfortunately, it is not easily acquired. --jono On Mon, Jun 11, 2012 at 5:46 PM, Garrett Skjelstad garr...@skjelstad.orgwrote: Many CCIE training providers also offer alternative workbooks for CCIE Routing and Switching based solely on GNS3. If the argument is there is no 15.x, then I would argue that the *current* exams offer minimal differences between releases at this time. (IOS-wise) I can understand the switch aspect though... Sent from my iPhone On Jun 11, 2012, at 14:38, Brandon Ewing nicot...@warningg.com wrote: On Mon, Jun 11, 2012 at 05:05:59PM -0400, Jonathan Rogers wrote: GNS3 is completely insufficient for CCNP-level training and labs. You will need actual equipment. Fortunately, it has gotten a lot cheaper over the past few years and you don't need the latest and greatest. Check out Wendell Odom's website for tips. What topics are missing on GNS3 for CCNP? Is there that much switching covered in the exam? I was able to use dynamips/dynagen to study for CCIP (yay EOL'd certs) without issue last year. -- Brandon Ewing( nicot...@warningg.com)
Re: ATT DSL bypass first line
I can vouch for Uverse being excellent service, at least in my area (Atlanta). It's fast, it hasn't gone down once in over a year since I got it, and I went ahead and got the Uverse TV service as well which has proven to be a better deal than cable offerings in my area (satellite isn't an option due to the arrangement of my property). The 2WIRE gateway they provide is surprisingly capable. Port forwarding, the ability to scan the wifi spectrum to see what channels are occupied, and a lot more. I haven't found the need to replace it although it doesn't support 802.11n so I'm going to add an AP at some point. Jonathan On Tue, Apr 10, 2012 at 8:38 AM, Faisal Imtiaz fai...@snappydsl.net wrote: Yes, you can ask them to change the 'profile', which can make things more stable. Or you can dump you switch your DSL out for Uverse (Internet Only)... Which is sold online (only) without any bundle. In most cases you can end up with more bandwidth at the same or lower cost. http://www.att.com/u-verse/**shop/index.jsp?shopFilterId=** 51#fbid=y_8VIHP6LWJhttp://www.att.com/u-verse/shop/index.jsp?shopFilterId=51#fbid=y_8VIHP6LWJ Faisal Imtiaz Snappy Internet Telecom 7266 SW 48 Street Miami, Fl 33155 Tel: 305 663 5518 x 232 Helpdesk: 305 663 5518 option 2 Email: supp...@snappydsl.net On 4/10/2012 1:45 AM, Seth Mattinen wrote: On 4/9/12 8:21 PM, Brandon Ewing wrote: I've been an ATT DSL customer for 3+ years, with no issues until they started sending people into my neighborhood to start retrofitting for UVerse. Since they've visited, my PPPoE has dropped once an hour, many times requiring me to restart my router (Cisco 877) to get my virtual interface to come back up. Speaking with the front line on the phone has given me nothing but problems (in their defense, I do have a non-standard modem) -- could someone with knowledge provide me with a way to bypass the CSRs and speak to someone with clue to work out debug logs and figure out why I am suddenly an unhappy ATT customer? The same thing happened to me. You can try asking them to simply change the line from fastpath to interleaved or lower the sync rate. I was transferred to someone who made the changes live on the phone. After they retrofitted my neighborhood for Uverse, fastpath would no longer hold sync. I ultimately had to give up ADSL via my 877W because ATT coincidentally no longer offered anything better than 2Mbps ADSL after the Uverse changes rolled through. ~Seth