Frankly, while I appreciate that MaxMind might behave a little more
customer friendly, I'd say the problem here is that people don't
understand what GeoIP is: A best guess. You should not send the police
to a property because the IP appears in MaxMinds DB.
That is true, but in many cases,
> the mailserver I use, does not support ACME setup. I can only do old
> style SSL certificate requests.
> for the webserver its not an issue though.
Why does the mail server need to support ACME?
Simply do periodic DNS verification and trigger a restart/reload of the
internet-facing mail server
> Since I moved away from VDSL2 area to Fiber to the home place, I can not
> really understand these issues anymore.
> Why go and abuse copper wires to the absolute limit when its not a
> solution long term any way. Its dead technology.
Simple: Because those making the decisions who does and
> Very sad day for our colleagues at OVH AS16276 as they lost their
> datacenter SBG-2 in Strasbourg completly („everything is destroyed“) in
> a fire and the neighboring SBG1/SBG3/SBG4 at least temporary.
A tragic event, it evokes some faint memories on what happened at
Fukushima No.1 NPP in
> I tried different ISPs to which I have access and I can't establish a
> IPv6 connection to port TCP/443 to neither 2a02:a90:c400:4001::2 nor
> 2a02:a90:c400:5001::2 which seems the two loadbalancers responsible for
> www.swisscom.ch except from a Swisscom Business DSL connection.
>
> Init7 ->
> 157.161.57.65 => blocked (main NAT ip)
> 157.161.57.66 => Ok (a static server ip not used anymore)
> 157.161.57.68 => Ok (a static client ip)
> 157.161.57.70 => blocked (alternate NAT ip seldom used)
> 157.161.5.199 => blocked (Gateway IP, not usually used as src, except
> local stuff on the
> I quickly got the reply, that they are not responsible for content
> hosted by their customer, therefore they relay complaints to the ISP in
> charge of the IP address in question.
>
> That is a bit weird isn't it?
I'm not sure if "getting impatient" will do them any good. A DMCA
complaint
Hi,
> The address(es) of the ePDG are discovered using DNS: the phone will try
> to resolve epdg.epc.mncXXX.mccYYY.pub.3gppnetwork.org, where XXX is your
> operator's Mobile Network Code (for instance Swisscom is 001), and YYY
> is your Mobile Country Code (228 for Switzerland).
>
> So I guess a
Here's another project that is looking for volunteers:
https://db.schoolofdata.ch/event/7
In particular, some of you may be able (and willing!) to contribute to
the "Daten zur Netzauslastung" topic?
-> https://db.schoolofdata.ch/project/67
___
swinog
> Is there an IOS/Apple app for IRC that acts like an messenger app? (eg
> persistant connection)?
There is, but it's probably not quite what you were expecting: ZNC
Pair that with a regular IRC client and you're good to go.
Suggestion: https://apps.apple.com/us/app/palaver-irc/id538073623
And
Addendum, a possible solution for better collaboration between privately
hosted Git platforms could be something like this:
https://github.com/forgefed/forgefed
(also based on https://github.com/go-gitea/gitea/issues/184 )
It doesn't solve the issue tracking part, however.
And in other news:
> Git repo is only part of that solution.
>
> The primary reason for difficulty switching to another 'git host' (gitlab,
> github, https://git.sr.ht/, or self hosted) is issue tracking...
That is true, but it's also not something that is essential or needs to live
on Github. I've seen projects
> Gregor, if I understand you correctly, you are implicitly saying "please
> put your stuff on one of the big sites like github/gitlab/bitbucket".
>
> I personally think that this is the wrong direction to move, as it
> makes the Internet more dependent on a few entities. That makes it less
>
> This is why I wrote DHCP Protect. DHCP Protect works with the userspace API
> of Netfilter (iptables/ip6tables) and will treat each DHCP(v4/v6) packet
> and decide if it should be forwarded or not.
>
> Don’t worry, iptables can be configured in a way that if the program is not
> working, it
...
> A: Die Behörden sind noch nicht so weit. Es gibt keine Liste von zu
>sperrenden Domains, welche am 1. Juli
>publiziert wird.
...
> A: Vorgesehen war der Versand per Email, dies ist aber auf wenig
>Akzeptanz bei den Providern gestossen, daher werden die .eml Dateien
>der
> And I have sniffed the traffic between my swisscom mobile Samsung
> Mobile and my Website, but can't find any of the additional headers
> disclosing my phone number.
TLS would effectively defeat any attempt at injecting headers into HTTPS
traffic - unless the network operator controls a
>> It seems like Salt is no longer supplying their own DNS servers when
>> establishing an LTE connection. Instead, the network responds with Google DNS
>> servers (8.8.8.8 8.8.4.4).
>
> They seem to use a mix of Google Public DNS and own resolvers.
You are right; the list of servers is somewhat
Hi,
It seems like Salt is no longer supplying their own DNS servers when
establishing an LTE connection. Instead, the network responds with Google DNS
servers (8.8.8.8 8.8.4.4).
Is there a particular reason for that?
I'd rather not send all my DNS requests to Google.
Perhaps it's time to switch
>> https://blog.benjojo.co.uk/post/bgp-battleships
>
> How about at work? ;-)
>
> Mind if I share this with other tech mailing lists?
Just don't break the internet, please! ;)
Might be a good tool to teach folks about BGP though, so go ahead.
I'm not the author anyway, just stumbled upon it on
Some good ol' fun with BGP:
https://blog.benjojo.co.uk/post/bgp-battleships
Please (don't?) try this at home!
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hey,
- Different format? Different locations? Different agenda?
May I suggest a bit more diversity? Zurich is nice, but there are probably
many SwiNOGgers who can't just take a "quick" trip to ZH on a regular working day.
How about Bern, Lausanne, Basel, St. Gallen, or somewhere else once
> Unfortunately the people who misconfigure do not read RFCs, if they did,
> they would not filter.
>
> They do not read this list either, let alone other resources that they
> should be reading. Hence... not something one can solve.
BUT: If you find such a person, you can strongly urge them to
> That does not make IPv6 broken though, that makes people who think they
> have to filter the wrong things broken.
>
> Misconfigurations is not something a protocol can solve.
There's an RFC for that: https://www.ietf.org/rfc/rfc4890.txt
Great document, even serves as a good primer for folks
A little reminder to everyone who has not cast their vote yet:
On September 25, the Swiss citizens will decide whether to accept or refuse
the new NDG/LRens/LAIn/LSI/ISA (Nachrichtendienstgesetz/Loi fédérale sur le
renseignement/Legge federale sulle attività informative/Lescha federala davart
> How to you solve this issue?
The easiest solution, if there is no fancy (i.e. software controlled) way to
reverse fan flow:
Just open the switch, unscrew the fans, turn them around and remount them.
Our network engineer did that countless times, and it always works.
No need to spend heaps of
Very interesting interview, also discusses possible reasons why IPv6 is not
picking up fast enough:
http://heise.de/-3276808
(German only, unfortunately)
___
swinog mailing list
swinog@lists.swinog.ch
> GovCERT hat heute Vormittag die IOCs öffentlich gemacht:
> http://www.govcert.admin.ch/blog/21/20min.ch-malvertising-incident
Adobe Flash... Again.
Why is that crap not banned in government/corporate IT infrastructure?
If anyone still needs it for certain applications, at least reduce
>> Ich bin nicht bereit, täglich mehrere hundert Complaints via Webform
>> mit Captcha einzureichen. Ich wüsste auch nicht, wie ich dies technisch
>> machen sollte.
>
> Amazon Mechanical Turk oder sonst irgendwie an eine Clickworker-Plattform
> outsourcen?
> ;-)
Oder ein Script basteln das das
> It is truly weird. Using the same sender and same path, one email
> to "some.u...@hotmail.com" is accepted, another
> to "postmas...@hotmail.com" is rejected.
They are probably ramping up rejection rates slowly, as suggested here:
https://dmarc.org/overview/
I am looking for a way to do a layer 2 connection via a routed network.
Arista is using VXLAN for that, but unfortunately my Aristas are not
supported.
The goal is to back up my direct fiber connection by this virtual
fiber. Unfortunately I can't get a second physical fiber here.
Any
30 matches
Mail list logo