[swinog] Re: How to destroy data effectively?
Hi Venti that could be done the magnetic way, a very secure way is let them spin up and expose then this way to a magnetic strenght >2 tesla, some models wil be a screeching noise heard until they come to a halt, this way not even the tracking is readable anymore ;) .. or let them spinn up and use an 1kg hammer with full strengt if the drives need to be available for other things, there are a lot of lowlevel formater resolving that issue but that will be timeconsuming. but take care, if you distroy data which should be archived for 5 years acording the law you could be sued, pointing to your boss gave the order doesn't work in this case. Just my 5 cent's Roger On 02.12.2022 11:51, Martin Ebnoether via swinog wrote: Hi all. As some of you know, I work at a money laund... financial company. Some time ago, the question arose, how to effectively destroy data safely and securely in an easy way? How does your company deal with hard disks (or any media) that needs to be decommissioned? Do you just dd a few times over it? Or rather let a professional company shred your media to little bits? CU, Venty ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
Well i only suspecting your try to use ipsec, wich is a crazy vpn solution. I would sugest to evaluate ssl based vpn in the future which naturally do not run into nat problems. Just my five cents Em 27 de outubro de 2017 03:00:18 AMT, WolfSec-Supportescreveu: >Hello, > > >could be someone from swisscom so kind and contact me offlist via email >please. > >our customer has a swisscom dsl connection and last week they changed >these >to v6. >he already tried 3 times via swisscom helpdesk without success. >the first level seems to have no idea about ds lite and v6... ;-/ > >we want to go back to v4 native. >in customer center we have deactivated v6 - but it is still online via >v6 >and ds-lite > >we did all what was explained: >- switchoff modem for an hour >- reboot 3 times router etc > >effectively now the vpn is for sure not working via ds lite and carrier >grade NAT > >thanks in advance > >Stephan > > >Besten Dank. > >Freundliche Grüsse, >WolfSec-Support > >WolfSec >Postanschrift: >Swiss Post Box: 104213 >Zürcherstrasse 161 >CH-8010 Zürich > >http://www.wolfsec.ch -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition
Maybe .. But i do not spend money nor time to do some "missionary work" for what reason ever there is when stuff doesn't work. I've done it for years with spammer friendly hoster which even see the abuse box is a Spam trap, and all the so called number one hoster which never take care about what there client do if they pay the rent. In short if a system start to apply some exploits they are blacklisted after second try without notice... If ipv6 starts to troubling and hits my reputation because of some quirks in transfer .. I stop supporting it when ever possible. Business goes before idealism .. Em 20 de setembro de 2016 15:52:18 AMT, Gregor Rieplescreveu: >> Unfortunately the people who misconfigure do not read RFCs, if they >did, >> they would not filter. >> >> They do not read this list either, let alone other resources that >they >> should be reading. Hence... not something one can solve. > >BUT: If you find such a person, you can strongly urge them to read this >RFC. ;) > > > >___ >swinog mailing list >swinog@lists.swinog.ch >http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition
Thats why i mentuoned to train techis and your argunent was its a management problem :) About mandatory how come then https://en.m.wikipedia.org/wiki/Path_MTU_Discovery .. Sorry to point to Wikipedia .. But been on cell only i dont have the proper doc at hand Em 20 de setembro de 2016 07:09:10 AMT, Jeroen Massar <jer...@massar.ch> escreveu: >On 2016-09-20 13:00, Roger Schmid wrote: >> Just one .. Dropping MTU handling and point to layer7 should handle >that >> doesnt let you feel strange ? So how could an app handle packet size >> thru L4 ? > >Both IPv4 and IPv6 have this little protocol called ICMP (+ICMPv6) it >is >very useful and for IPv6 it is mandatory. > >Even Google (who force MSS to magic values) and Cloudflare had issues >with that too: > >https://blog.cloudflare.com/path-mtu-discovery-in-practice/ > >That does not make IPv6 broken though, that makes people who think they >have to filter the wrong things broken. > >Misconfigurations is not something a protocol can solve. > >> My experience is soma pages ar crawling like a snake .. Some ar not >> loading complete at all, >> for me v6 is still not ready to deploy to the masses as at least the >> mentioned flaw is a show stopper > >I can find many many sites in IPv4 that are brokenly configured. That >does not make IPv4 broken. > >That you find weird excuses that are already solved for well over 15 >years of deployment (even 6bone as shut down 10 years ago) > >Maybe, as it is 2016, time to actually start deploying!? > >Greets, > Jeroen -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition
Just one .. Dropping MTU handling and point to layer7 should handle that doesnt let you feel strange ? So how could an app handle packet size thru L4 ? My experience is soma pages ar crawling like a snake .. Some ar not loading complete at all, for me v6 is still not ready to deploy to the masses as at least the mentioned flaw is a show stopper Em 20 de setembro de 2016 02:13:39 AMT, Jeroen Massar <jer...@massar.ch> escreveu: >On 2016-09-19 23:53, Roger Schmid wrote: >> |Come on folks, it is 2016! IPv6 is >> |*20 years* old... >> But still not matured enough to put on public usage > >According to Google 10% of their traffic is IPv6. >Apple requires it for IOS. > >How is it not 'mature'? > >> beside of some >> design flaw it is in some cases even bad implemented > >Need more details. > >> Maybe the isp/hoster/transit provider ned some teaching how to do it >the >> right way. > >Management of companies need to be convinced. Technical folks typically >know that they want it, but are not allowed to play with it... > >That is not a technical, but a political issue. > >Greets, > Jeroen -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition
|Come on folks, it is 2016! IPv6 is |*20 years* old... But still not matured enough to put on public usage, beside of some design flaw it is in some cases even bad implemented Maybe the isp/hoster/transit provider ned some teaching how to do it the right way. Em 15 de setembro de 2016 06:11:44 AMT, Jeroen Massarescreveu: >As there is an upcoming SwiNOG lets throw some people under the bus >before they arrive. Or at least allow them time to come up with more >excuses. > > >Some quotes from Swiss ISPs from the Call Your ISP page: > https://www.sixxs.net/wiki/Call_Your_ISP_for_IPv6 > >8< > >"Currently, as demand for IPv6 is very low, we have no plans to >introduce IPv6 native. > >"No plans to support IPv6 for our private and SoHo clients" > >"The plan is to move everyone on DSLite." > >"Provider info: IPv6 is "planned" and soon should get a priority >status. >When that "soon" will be is not yet known." > >"They know what IPV6 is, eventually they will provide it" > >>8 > >Come on folks, it is 2016! IPv6 is *20 years* old... > >Even Sky.uk was able to get it working[1]. > >Oh and note: Dual-stack IPv4 + IPv6, along with a /56 per user. > >It is not that hard to get right and yeah, you kinda had 20 years >already to 'plan' for this > >Greets, > Jeroen > > >[1] >https://corporate.sky.com/media-centre/news-page/2016/sky-completes-roll-out-of-ipv6-becoming-the-first-major-uk-internet-provider-to-future-proof-its-service-for-customers > > >___ >swinog mailing list >swinog@lists.swinog.ch >http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swiss VoIP providers
Am 28/08/2014 21:23, schrieb Michael Horn: On Thu, 28 Aug 2014 19:45:43 +0200 (CEST) Ralph Krämer ralph.krae...@vable.ch wrote: I suggest to run your own Asterisk (or Callmanager) ...or freeswitch, if you like reliability and predictable behaviour. I've managed quite a few freeswitch deployments until now and did some migrations from Asterisk to freeswitch due to issues with reliability or flexibility. As an office/corporate pbx I'd select freeswitch over asterisk any time. If something more specialized is needed, yate is worth a try. through a redundant SIP-Trunk to an VoIP Provider. Curious however about recommendations for VoIP providers in .ch there aren't that many around unfortunately. would love to hear some suggestions (backed by experiece). i can't confirm that i tested intensively freeswitch * the weakness of clustering * native database connection doesnt exist, but only via odbc and thirdparty tool * this xml configuration is the blown up version of asterisk .. with less flexibility there are some rumors about a native DB implementation in the Future, but lets see ... actually in a ISP environment freeswitch is no use, because of fundamental limit of scalability but a loadtest was promissing and was showing at least double capacity compared to Asterisk. lets wait for the next major version to see the housework is done the right way ;) my 5 cents Roger cheers, Michael ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] 3G Repeater
Am 31/07/2014 02:28, schrieb Miguel Elias: First, any usage of active signal repeater is forbidden in Switzerland. (Statement of Bakom). Any base station system or signal repeater has to be owned / managed by an official frequency licensee. Signal repeater used in the field, do have some sophisticated measurement and control abilities. very strange are there bakom aproved repeater on the market http://www.antx.ch/repeater.php they claim to be the only aproved one well i know the amplitec, they dont have a sufficient feedback control, i would question this advertisement and: a friend got from arp i believe, a repeater with an bakom bakom certification. but as a office repeater are not really usable except overcome metalized office windows there is no sense to use them in outdoor cases in an big swiss Bank are private repeater since more than 10 years in use so i wonder about your statement. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] 3G Repeater
Am 31/07/2014 04:36, schrieb Andreas Fink: On 31 Jul 2014, at 10:26, Roger Schmid ro...@mgz.ch wrote: Am 31/07/2014 02:28, schrieb Miguel Elias: First, any usage of active signal repeater is forbidden in Switzerland. (Statement of Bakom). Any base station system or signal repeater has to be owned / managed by an official frequency licensee. Signal repeater used in the field, do have some sophisticated measurement and control abilities. very strange are there bakom aproved repeater on the market http://www.antx.ch/repeater.php they claim to be the only aproved one well i know the amplitec, they dont have a sufficient feedback control, i would question this advertisement and: a friend got from arp i believe, a repeater with an bakom bakom certification. note: having a CERTIFICATION means the device operates within the bounds. This does not automatically mean it is LICENSED to use. For example if I buy a Radio for taxi operation, the vendor CERTIFIES it follows all the rules and doesnt make spurious emissions but that doesnt mean I can operate it as I want. I still need a license to operate it. The tricky thing here is that the repeater will start to transmitt on frequencies allocated to base statiions which are licensed to the mobile operators. Hence Sunrise, Siwscom and Orange could use this device but you as an individual not. Its a bit of a grey zone in most countries as the legal question is who is transmitting. Is it the original base station or is it the repeater. maybe to clarify, an repeater is not an transmitter its technically an amplifier and if there is a Bakom document which allow the usage i believe it is not a fake. well over here i installed a lot of repeater, in some cases i got feedback from the operator how good my installation work not interfeering anything with clean signal, most depending how its installed. but i know in switzerland only aprooved repeater should be used of corse. just google for GSM REPEATER SCHWEIZ BAKOM and you will find various offers and even docs from bakom. to the original requestor of this thread: i would say use an GMS router with an wlan ap and carry the inet this way from an position where the 3G signal is clean and without reflection. My first post seems not arrived on the list i will send that in the next email. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Fwd: Re: 3G Repeater
Original-Nachricht Message-ID: 53d853bd.2000...@mgz.ch Date: Tue, 29 Jul 2014 22:09:01 -0400 From: Roger Schmid ro...@mgz.ch User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: swinog@lists.swinog.ch Subject:Re: [swinog] 3G Repeater References: f0f52ca6-489f-4fdc-b0cd-c3b7088fc...@init7.net In-Reply-To:f0f52ca6-489f-4fdc-b0cd-c3b7088fc...@init7.net Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Is anyone familiar with 3G repeater gear? I'm asking for a neighbor whose family owns a cottage in a Swiss mountain valley with poor 3G reception. well its not so easy to give you an definite advise, the signal is based on reflection i believe, that has to be resolved. you have to take into consideration is there a point with clear view for the next tower ? reception based on non sight will not give any satisfaction. 3g has even more bandwith need which degrade the signal more in case of non sight. there are a lot of 3g enabled repeater (basically 2 way amplifier) available from chinese dealer. price will be 200-300$ and deliver arround 60db gain up to 28dbm forgett about the cheap office repeater, those are only usable inside office in a small range and have tendency to oscillate which will call BAKOM on the Plan. And you need antennas at a high pole .. for 60db you need at least 15m between the both antennas, good cable (rg213 or better cellwave above 3/8 the antenna on top vertical yagi 16-20element.. and below horizontal panel or even yagi. due the different polarisation of the two antennas you win theoreticaly 20db more decoupling (real you will reach 16db) the antenna for the user could be up to 600m far away if used an high gain antenna. if an higher amplification needed you need an channelselective repeater, those are available up to 90db but they need to be tuned onsite on the specific channel and of corse need better cable to prevent feedback between in and out. channelselective repeater with 90db will cost up to 2000$. 5/8 cellwave will cost aprox 8-10$ per meter. and dont forgett the N-Plugs for those cable .. 12-15.- each i got only a usable system with 5/8 cellwave with up and downlink 25m seperated and the user antenna was below of a metal roof, the decoupling between the two antennas was 70db if you only need data would an 3g modem mounted near the antena with good reception and an wlan link the better idea, more stabil more reliable and will not reach your 1000.- limit an 3g modem doesnt cost much, and two ubiquity nano loco on 5.8ghz for 300.- will bridge 1-4km on sight if need more distance use airgrid 5m for the same price, they will go up to 8km. i hope i could help a bit to give you at least an idea Any recommendation for gear which is easily installable, more or less plug-n-play, not too expensive (less than CHF 1000) and last but not least legal to operate would be appreciated. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] 3G Repeater
Am 31/07/2014 05:04, schrieb Rene Luria: i believe in his case he need an complete outdoor solution, anytone have an tendency to feedback quickly and they dont have an detektor for such cases at all. you maybe not recognize that but maybe that thing creating signals nearby which interfere other channels or operator. on the point short before total oszilation will be a higher sideband noise which degrade the signal quality a bit and possible even creating some spurious emission. i changed some on existing installation to resolve such effects. We use one baught from those guys: http://www.myamplifiers.com/ Works great and not too expensive ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Lösung für eine SMS-Notfallalarmierung und Statuswebseite
Am 31/07/2014 09:42, schrieb Onlime Webhosting: Eine Lösung mit einem Handy und prepaid karte dürfte preislich bei dem kleinen volumen günstig sein und es funktioniert auch bei totem inet.. wenn das handy auch nicht mehr funktionieren sollte dann haben die empfänger ebenfalls ein problem. Hi all Ich würde dieses Thema gerne nochmals aufgreifen. Wir überlegen uns, in Zukunft doch einen SMS-Gateway-Anbieter via API zu verwenden (allenfalls in Kombination mit Pushover, https://pushover.net/). Hat jemand von euch Erfahrung mit einem der folgenden Anbietern gemacht?: websms - https://websms.ch + kommt professionell daher + diverse API-Möglichkeiten + tiefe Kosten pro SMS: CHF 0.08/SMS - Monatsgebühr: CHF 18.-/Mt sms-revolution - http://sms-revolution.ch/ - sehr rudimentär und peinlicher Webauftritt, schlechte Doku + tiefe Kosten pro SMS: CHF 0.06/SMS + keine Monatsgebühr SMSGlobal - http://smsglobal.com/ + kommt professionell daher + diverse API-Möglichkeiten + tiefe Kosten pro SMS: CHF 0.037-0.061/SMS (je nach CH-Mobilanbieter) + sehr komfortables Backend - sehr langsames Backend, generell sehr lahme Website Leider kommt für uns ecall.ch nicht in Frage, da sich die Monatsgebühr von CHF 50.-/Mt bei unserem Volumen (30-100 SMS/Mt) nicht auszahlt. Bisher wäre der Favorit also SMSGlobal - aufgrund des sehr hinkenden Backends traue ich diesem Anbieter aber noch nicht sonderlich. Danke für euer Feedback. Gruss, Philip ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] 3G Repeater
Is anyone familiar with 3G repeater gear? I'm asking for a neighbor whose family owns a cottage in a Swiss mountain valley with poor 3G reception. well its not so easy to give you an definite advise, the signal is based on reflection i believe, that has to be resolved. you have to take into consideration is there a point with clear view for the next tower ? reception based on non sight will not give any satisfaction. 3g has even more bandwith need which degrade the signal more in case of non sight. there are a lot of 3g enabled repeater (basically 2 way amplifier) available from chinese dealer. price will be 200-300$ and deliver arround 60db gain up to 28dbm forgett about the cheap office repeater, those are only usable inside office in a small range and have tendency to oscillate which will call BAKOM on the Plan. And you need antennas at a high pole .. for 60db you need at least 15m between the both antennas, good cable (rg213 or better cellwave above 3/8 the antenna on top vertical yagi 16-20element.. and below horizontal panel or even yagi. due the different polarisation of the two antennas you win theoreticaly 20db more decoupling (real you will reach 16db) the antenna for the user could be up to 600m far away if used an high gain antenna. if an higher amplification needed you need an channelselective repeater, those are available up to 90db but they need to be tuned onsite on the specific channel and of corse need better cable to prevent feedback between in and out. channelselective repeater with 90db will cost up to 2000$. 5/8 cellwave will cost aprox 8-10$ per meter. and dont forgett the N-Plugs for those cable .. 12-15.- each i got only a usable system with 5/8 cellwave with up and downlink 25m seperated and the user antenna was below of a metal roof, the decoupling between the two antennas was 70db if you only need data would an 3g modem mounted near the antena with good reception and an wlan link the better idea, more stabil more reliable and will not reach your 1000.- limit an 3g modem doesnt cost much, and two ubiquity nano loco on 5.8ghz for 300.- will bridge 1-4km on sight if need more distance use airgrid 5m for the same price, they will go up to 8km. i hope i could help a bit to give you at least an idea Any recommendation for gear which is easily installable, more or less plug-n-play, not too expensive (less than CHF 1000) and last but not least legal to operate would be appreciated. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] cisco's try of business challange
Need an medical of the future be a CCNE ? http://www.cisco.com/c/en/us/products/switches/catalyst-2950-series-switches/datasheet-listing.html ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Small VoIP PBX recommendations
i would recommend a out of the box solution from a company called Atcom its a complete small low power box, able to handle up to 8 simultanous calls. the box include one FXS and one FXO port. Asterisk based of course take a look on http://www.atcom.cn/products_ippbx.html they even offer good quality phones and ATA there are several dealer selling them. i installed allready 5 of those boxes called IP02, they work like a charm. my 5 cents of course Am 22/08/2013 13:56, schrieb Andre Oppermann: I'm looking for recommendations on small VoIP PBX systems with these properties: - works well with Snom, Aastra, and Soft-phones - 10-15 phones - basic admin (web gui) to configure accounts and assign numbers (DDI) - reliable and secure operation - support for uplink SIP trunking (no BRI ports) - log for CDRs to see who cost how much An opensource solution running on Linux/FreeBSD would be preferred, a small and good complete hardware solution for a couple of hundred bucks would acceptable as well. In either case it should be relatively straight forward and low hassle installation and operation. What would you recommend? Which packages would you rather avoid? Thanks ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Replacement Fan for C2950-T-24?
Am 25/06/2013 14:57, schrieb Fredy Kuenzler: Try Pusterla at Hohlstrasse. They used to have all kinds of electronic components a couple of years ago. Just walk in with the broken fan and ask for a spare part... the entrance is kernstrasse 55.. the one which is able to help there is mr. Loosli, the one with the blue jacket, avoid the one with the red jacket, he will propably mention to ask the manufacturer or buy a new router/switch :) my 5 cent's ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] DDOS DNS Attack by Netgear Products caused by CNAME instead of A record?
netgear tech support has confirmed there is a problem in one of the models and released a fixed firmware. Great! How do I tell the customers? Mit redirect the http traffic for those customer to an webpage which explain and offer a download link on that page maybe combine with a dns ratelimit for a while. my 5 cents ... ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Zensur / Kobik / Sperrungen ?
Hat jemand dass von euch schon gelesen ? http://www.golem.de/news/filesharing-schweiz-will-internetsperren-auf-das-urheberrecht-ausweiten-1305-99390.html Bedenklich das solche quellen mehr wissen als die zukünftig betroffenen. wobei ich das kaum glauben kann, das liesst sich wie ein politiker ruf nach irgendwelchen sperren. Musik wird heute via torrent oder ares und konsorten transferiert, ich stell mir mal vor wenn alle die millionen von torrent benutzern sperren müssten wie brauchbar da das internet noch ist. torrent verkehr analysieren und die hashes mit einer blacklist vergleichen dürfte auch nicht einfach sein will man keine falsch positives in kaufnehmen. ausserdem geht das schon in richtung generelles abhören und auswerten von verbindungen, also eine aushöhlung der privatspähre. torrent tracker sperren hilft auch nicht wirklich, torrent generell sperren dürfte gegen ettliche punkte der verfassung verstossen .. und ich dachte ifpi und konsorten hätten ein einsehen gehabt um sich auf die wahre lösung zu konzentrieren. gruss ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] vdsl2 line gone bad - ideas ?
Hi Tobias, maybe a look into the DSL spectrum display in the fritzbox will show some hint to decide its DSL related or just on the Network level it need a bit experiences to interpret that display, but basically if there are gaps in the spectrum there is definitely something wrong. could be the splitter or even the cable passing a waterfilled tube. an simple u72 passing 4m water can cause strange effects, which you even will see in the spectrum. i experienced once at a client site someone drilled holes in the wall for mounting speakers, he cut a bit of insulation of the cable and the screw was making contact to one of the wires. Every switch off of the FL lamps in that office caused the link to retrain. Roger Am 25.04.2013 09:58, schrieb Tobias Oetiker: We have this VDSL2 line at one of our customer sites, which aquired high packet loss from one day to the other ... we are using a fritzbox 7390 at the site and according to its log there are no problems, also the DSL Information tab does no count a high number of errors ... Here are the smokeping observations of the link http://oss.oetiker.ch/smokeping-demo/?displaymode=n;start=2013-01-15%2013:50;end=now;target=Customers.HorYzon Any hints on getting this fixed. cheers tobi ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] ISP service management tool
i looking for such tool as well i didnt get the nocproject working. The VM image seems to have an strange format, at least vmware doesnt like it Roger Am 01/11/2012 04:59, schrieb Stanislav Sinyagin: so far, nobody has come up with something useful, so I guess I should start a new project from scratch. If some company wants to join the sponsors pool, you are particularly welcome :) *From:* Stanislav Sinyagin ssinya...@yahoo.com *To:* swi...@swinog.ch swi...@swinog.ch *Sent:* Sunday, October 28, 2012 4:34 PM *Subject:* [swinog] ISP service management tool hi all, I'm looking for an open-source tool for ISP service management. It should allow documenting of all the physical network (ideally, also the datacenter environment), and associate physical and logical network instances with customer services and their contracts. I looked at several tools, but they all are designed for Enterprise IT tasks, and none of them deals with subscribers and contracts: http://www.opendcim.org/ http://www.i-doit.org/ The NOC project seems to be promising, I should probably invest more time in learning it: http://kb.nocproject.org/display/SITE/NOC Your feedback will be appreciated. Commercial systems would also be OK, as long as they fit the requirements and have open API. thanks, stan ___ swinog mailing list swinog@lists.swinog.ch mailto:swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Old functional hardware - where does it best go?
if someone somthing like DSLAM with the apropriate Patchpanel has to throw away, i could use such things for at least 24 Ports. please drop me a note. Roger Am 07/09/2012 11:09, schrieb Martin Ebnoether: On the Fri, Sep 07, 2012 at 03:18:22PM +0200, Jeroen Massar blubbered: Hi Jeroen. As such, I am asking if somebody knows what the best way is to get effectively rid of various things like a full functioning (network,video,audio) p100 (DEC multia), a p200 (small tower), a dual p2-266 (tower), a dual p3-600 (qube case), nslu2's and then an assorted list of other things like cd drives etc. What is the best way to go with this kind of stuff? Trash is an option, but it is not like these things are small ;) Maybe the guys from Revamp-IT are interested? http://www.revamp-it.ch/ CU, Venty ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Could someone from Cablecom contact me off-list
Hi Could someone from Cablecom contact me off-list? Its about SMTP/MX. Thanks a lot raf Nine Internet Solutions AG Raffael Schmid Albisriederstrasse 243c 8047 Zuerich 044 637 40 00 raffael.sch...@nine.ch signature.asc Description: Digital signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Bluewin SMTP Policy
Dear Swinog members Until now, we provided an authenticated smtp-server for our customers and a separate open smtp-server for customers with email-adresses from other providers. We would like to shut down the relaying server and have the customers use the smtp-servers from their mail-provider (gmx, gmail, bluewin etc.). Now we found out that bluewin doesn't allow authenticated smtp-relay from users outside their ip-range, so all our customers with bluewin-mailadresses would have no smtp-server available. I am sure that some of you had the same issue and would be interested how other (small) isp's have resolved this problem. Thank you, Roger Schmid ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin SMTP Policy
On Fri, Jun 13, 2008 at 10:13 AM, Adrian Ulrich [EMAIL PROTECTED] wrote: Hi Roger, Now we found out that bluewin doesn't allow authenticated smtp-relay from users outside their ip-range, so all our customers with bluewin-mailadresses would have no smtp-server available. That's not entirely correct: smtpauth.bluewin.ch will relay mails from non-bluewin-ip-ranges IF the mailaccount belongs to a non-free Bluewin/Swisscom 'Abo'. +---+ | Pay account (= Mailaccount| - Can use mail.bluewin.ch from bluewin-range | | is 'attached' to an ADSL abo | - Can use smtpauth.bluewin.ch from EVERYWHERE | +---+---+ | Free account | - Can use mail.bluewin.ch from bluewin-range (of course..)| | | - Can use smtpauth.bluewin.ch from bluewin-range | | | - Can NOT use smtpauth.bluewin.ch from non-bluewin IPs| +---+---+ Thank you for clearing this up. So we have to give bluewin-users with free bluewin mail-accounts an smtp-account on our servers I think. Otherwise spammers would open 100th's of free accounts and use them to send spam from non-bluewin IPs :-/ I see the problem, but perhaps something like a captcha would also be sufficient to prevent this. Regards, Adrian ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin SMTP Policy
On Fri, Jun 13, 2008 at 10:52 AM, Jeroen Massar [EMAIL PROTECTED] wrote: Roger Schmid wrote: [..] Otherwise spammers would open 100th's of free accounts and use them to send spam from non-bluewin IPs :-/ I see the problem, but perhaps something like a captcha would also be sufficient to prevent this. SMTP-Captcha's? :) ;-) www-captcha's, on account-signup. How do you envision that? Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin SMTP Policy
On Fri, Jun 13, 2008 at 10:58 AM, Jeroen Massar [EMAIL PROTECTED] wrote: Roger Schmid wrote: On Fri, Jun 13, 2008 at 10:52 AM, Jeroen Massar [EMAIL PROTECTED] wrote: Just display the captcha from the signup on $pornsite, a person will fill it in for you, captcha bypassed. If it is interesting and cheap for then to abuse it, they will. nice idea, didn't think occur to me :) ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] mx.freesurf.ch harddisk
Hello swinog! Since about two days we get this message in our logs. I hope that someone of sunrise/freesurf reads this list, because maybe they should check their harddisk? postfix/smtp[18192]: 63E4860005: host mx.freesurf.ch[194.158.229.68] said: 421 4.3.0 collect: Cannot write q1/df/dfm1S7B29K019747 (bfcommit, uid=10230, gid=1004): Read-only file system (in reply to end of DATA command) Looks like there is a errors=remount-ro in their fstab ;) Greetings raf ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] vtx ADSL /30 subnet practice
nearly same story as sdsl before, VTX used 2 IP out of the customer /29 range for the wan link. Traceroute looked funny, not to mention how that improved icmp Trouble Cheers ... Am 8 Jun 2007 um 1:09 hat Daniel Roethlisberger geschrieben: Date sent: Fri, 8 Jun 2007 01:09:56 +0200 From: Daniel Roethlisberger [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject:Re: [swinog] vtx ADSL /30 subnet practice Send reply to: [EMAIL PROTECTED] mailto:swinog- [EMAIL PROTECTED] mailto:swinog- [EMAIL PROTECTED] Pascal Gloor [EMAIL PROTECTED] 2007-06-07: [snip] This is the normal routed case. I think this is what Daniel was looking for. Not quite, but oh never mind. The point I was trying to make is the fact that vtx engineers explained to a customer that he would not be able to assign *any* address of his /30 subnet to a server behind his ADSL router because all of the subnet would be consumed by the link from the LNS to the ADSL router (I guess this hasn't come across too well from my message). It seems nobody can imagine how this is supposed to be the case, so I guess that confirms that it's probably bogus information. Thanks anyway for all responses! Cheers Dan -- Daniel Roethlisberger [EMAIL PROTECTED] ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog csdatabrasil Ltda. Roger Schmid Rua Arquiteto Luiz Nunes 186 Imbiribeira CEP: 51170-430 Recife/ PE BR +55 81 3422 1714 US: +1 360 515 33 80 CH:+41 32 5110858 UK: +44 8444845331 VOIP: [EMAIL PROTECTED] attachment: linha.jpg ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
isn't the most spam comming via compromized Computers ? adsl Dynamic or dialup user you should never trust them if the say the dont spam. they have to send mail the way smtp is thought for, that means send email to the smtp relay next to you. prevent him to send email via any other relay. if this would be consequent done by all ISP most of the spam would dissapear, and we could concentrate to prevent abusing other system for doing their harmfull work. Funny thing is one ISP is switching off his SMTP relay telling the client to use other smtp relay in the wild and call that a first action according to the stop spam campaign. another one is blocking port25 und force the user to use the ISP?s SMTP Relay and even explain this is done due to the stop spam campaign how to believe anything ? confused but still voting to block mail from dialup and adsl ranges ;-) -- Original Message -- From: Scott Weeks [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Thu, 12 Apr 2007 11:19:56 -0700 Hello, : So if a customer proofs that he is able from a technical : Point of view to operate an mail server in a secure manner : and assures not to abuse email for spam then it's not : acceptable that an ISP block anything to him. This is what I was saying to the guys here at my work. We just need a small proof that the customer isn't a spammer and we open it up. However, most of our customers are less-technical savy home folks. Did you have to prove to your ISP that you weren't spamming? If so, how did they have you do that? Thanks, scott --- [EMAIL PROTECTED] wrote: From: Peter Bickel [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Thu, 12 Apr 2007 12:03:28 +0200 Scott Weeks schrieb: : You'd be amazed how many companies operate their own : mail servers, even behind dynamic addresses I'm speaking with guys in my company on an issue and part of the discussion has to do with me saying no one runs a mail server from behind a dynamic IP addresses. Other than just your experiences, does anyone have pointers to data on folks that do this? scott Hi Scott we do exactly this for IDV Network Consulting. We operate our own Mailserver (Solaris with sendmail and iamp) in our internal Network which is connected to Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting environment which have of corse fixed IP addresses which we use to relay to the outside. All hosts use Solaris and sendmail and are protected with IPFilter with very restrictive Rules. Incomming email is going through the external hosts and an IPIP Tunnel directly to the internal mail server. We really don't want to be dependend on an ISPs email SETUP. DNS is the same which helped me in the past a lot where several customers weren't able to use the net everything worked for us. So if a customer proofs that he is able from a technical Point of view to operate an mail server in a secure manner and assures not to abuse email for spam then it's not acceptable that an ISP block anything to him. --- [EMAIL PROTECTED] wrote: From: Markus Wild [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Wed, 11 Apr 2007 19:26:39 +0200 Jonathan, Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it. If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address. You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP. Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it. But by killing the payload, not the messenger, please... Cheers, Markus ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Gruss Pitsch __ Peter Bickele-mail: [EMAIL PROTECTED] IDV Network ConsultingTelefon: +41 1 853 24 16 Gumpenwiesenstrasse 38 Fax: +41 1 853 27 04 CH-8157 Dielsdorf Mobile: +41 79 666 15 50 __
Re: [swinog] RE: swinog Digest, Vol 26, Issue 2
empfangt ihr denn die email via handy ? dann währs klar *g* just a joke ;-) -- Original Message -- From: Krucker, Louis [EMAIL PROTECTED] Reply-To: swinog@swinog.ch Date: Tue, 6 Mar 2007 12:55:46 +0100 hallo, Ich bekomme keine Mails, läuft derueiz nichts oder werden die Mails vielleicht bei uns geblockt? Louis Krucker Engineer Network sunrise TDC Switzerland AG Network P.O. Box 8050 Zurich Phone: +41 58 777 67 37 Mobile: +41 76 777 67 37 Fax:+41 58 777 66 99 [EMAIL PROTECTED] www.sunrise.ch Privileged/confidential information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to any such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply e-mail. Please advise immediately if you or your employer does not consent to the receipt of Internet e-mail for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of the company shall be understood as neither given nor endorsed by it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, March 06, 2007 12:00 PM To: swinog@lists.swinog.ch Subject: swinog Digest, Vol 26, Issue 2 Send swinog mailing list submissions to swinog@lists.swinog.ch To subscribe or unsubscribe via the World Wide Web, visit http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than Re: Contents of swinog digest... Today's Topics: 1. SwiNOG #14 - save the date (Fredy Kuenzler) 2. stuff to give away ([EMAIL PROTECTED]) 3. RE: stuff to give away ([EMAIL PROTECTED]) 4. sFlow (Daniel Lorch) -- Message: 1 Date: Mon, 05 Mar 2007 16:38:58 +0100 From: Fredy Kuenzler [EMAIL PROTECTED] Subject: [swinog] SwiNOG #14 - save the date To: swinog@swinog.ch Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=ISO-8859-1; format=flowed SwiNOG #14 is approching ... please save the date: Wednesday May 23, 2007, again in Bern Altes Tramdepot. http://www.altestramdepot.ch/ Hopefully it's gonna be nice and we can enjoy the beer in the garden. If you have a presentation to share, please let us know at swinog-core at swinog dot ch, thanks. F. -- Message: 2 Date: Mon, 5 Mar 2007 18:00:42 +0100 From: [EMAIL PROTECTED] Subject: [swinog] stuff to give away To: swinog@swinog.ch Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii hi all after our office relocation to altstetten we have a lot of technical stuff, we don't need anymore. we would like to give this stuff away to people who can use this. i dont know, if verythink is fully functional working or complete, but the most should be: - a lot of schmid watson 3 modems (x.21 interface) incl. cables - a lot of schmid watson 4 modems (x.21 interface) incl. cables - 1x skynet laser link pair - 5x 19 targa professional 1996A SL monitor (sorry, no TFT) - 1x blackbox microNTU G.703 converter - 3x ISDN Zyxel 2864i modem (some without power adapter) - 2x ascend TNT access server - some cisco V.35 cables - 2x lucent portmaster 3 (1- and 2-pri version; with k56flex modules) - IMC power chassis + ipMux TP/5 card (10mbit) - some very old cisco routers (805, 877, 1600, ...) - some small video cameras for CCTV - skycache stuff (for sat. ip feed) - some colt modems - a lot of zyxel prestige 600series and 780series - at lot of differnt cables (dont ask me what kind of ... ,- )) - some keyboards (non-US) - a console switch (with db-25 ports, but i've not found yet the cables) - 2x cisco 500 cache engines maybe there are some furnitures or so someone can use (desks, etc.). we're asking nothing for this equipment, but i think it would be fair if you sponsor something for our team (can be money, beer, cakes, presents, etc...) please drop me an email, if you're interested in. if so, i will be in the old office thursay (8. march) from 16:00 to 18:30 o'clock. address: Schaffhauserstrasse 560, CH-8052 Zurich (Zurich-Seebach) greetings -steven -- Message: 3 Date: Mon, 5 Mar 2007 18:08:29 +0100 From: [EMAIL PROTECTED] Subject: RE: [swinog] stuff to give away To: swinog@swinog.ch Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii wow, never got so many mails soo fast. something additional to say: i'm not doing any reservation. it's first come, first serve. you have to pick it up yourselves ,-) -steven -Original Message- From
Re: [swinog] to SPF or not to SPF
Well to use other SMTP relay than the one from the used ISP is not allways possible, and should be prevented anyway. nearly 100% of the spam is caused by direct senders, very seldom they use the ISP's Relay. so lets close that big spamfriendly hole. My opinion of corse -- Original Message -- From: Bernard Dugas [EMAIL PROTECTED] Reply-To: swinog@swinog.ch Date: Fri, 16 Feb 2007 08:47:44 +0100 Hi, Jean-Pierre Schwickerath wrote: If you consider SPF to be the solution against all kinds of SPAMs then you will indeed be disapointed. SPF is meant to prevent the abuse of your domain as mail envelope from address. There are still worms out there that use harvested e-mail addresses as sender. And when the people receiving this kind of spam come back to you, you can at least tell them: hey, we published spf records to show you which IPs are allowed to send mail with this envelope address. if you don't check it and accept the obvious forgery, then it's your problem. And in complement to that, if we give to our customers some outgoing smtp servers with authentification they can use from any hotel/wifi in the world, there is no more reason that any email with your domain-names are sent from other smtp servers than ours, published with SPF in DNS. And the customer is happy because he doesn't have to change smtp server each time he travels :-) Best regards, -- __ Bernard DUGAS | | | Technoparc Pays de Gex mailto:[EMAIL PROTECTED] | | 30 Rue Auguste Piccard Tel.: +33 615 333 770 | | FR 01630 St Genis Pouilly Fax : +33 450 205 106 | |_| ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Sent via the WebMail system at mgz.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] to SPF or not to SPF
-- Original Message -- From: Bernard Dugas [EMAIL PROTECTED] Date: Fri, 16 Feb 2007 10:22:25 +0100 Schmid wrote: Well to use other SMTP relay than the one from the used ISP is not allways possible, and should be prevented anyway. Why ? there is no risk if encryotion/authentication is used. Where do you enforce authentication is there a directsender ? i was not send direct email from an ogo device as well, somewhere port 25 getting lost between my ogo and the relay. i'm just able to use bluewin's relay .. init7 prevent even port 25 out of dialup range a lot more do the same .. nearly 100% of the spam is caused by direct senders, very seldom they use the ISP's Relay. so lets close that big spamfriendly hole. This is why SPF + authentication on outgoing smtp should avoid this direct senders spam origin. authentication is no security as most email client use chaching passwords to authenticate, at least outlook have a interface to use this mechanissm to send email from third party programm. anyway .. blackholing outbound port 25 will let all the complicated be obsolete .. and cost's nothing. and blacklisting of Dynamic ranges is very effective, but some ISP do not follow RFC in namingconvention of PTR's and will be detected as Dynamic. even they dont care after getting noted about the reason why some servers are not able to send email because of listesd as dynamic IP. Sad as high prized Admins just ignoring the real world and dreaming about some expensive and timeconsuming construction about analyzing the content.. and doing some strange other things to prevent spamer's Best regards, -- __ Bernard DUGAS | | | Technoparc Pays de Gex mailto:[EMAIL PROTECTED] | | 30 Rue Auguste Piccard Tel.: +33 615 333 770 | | FR 01630 St Genis Pouilly Fax : +33 450 205 106 | |_| Sent via the WebMail system at mgz.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Cablecom Internet Port 25
jawohl.. den smtp von CC verwenden, alles andere soll eh nicht sein ;-) schoene weihnachten Roger -- Original Message -- From: Xaver Aerni [EMAIL PROTECTED] Reply-To: swinog@swinog.ch Date: Fri, 23 Dec 2005 14:00:54 +0100 Hallo, Ich stell die Frage schnell auf Deutsch. Hat die Cablecom den Ausgang auf für SMTP raus neu gesperrt. Wir haben diverse Hispeed Kunden, die Mails nicht mehr per SMTP über unsere Server senden können. Zur Zeit sind es 3 Reklamationen alles CC Kunden (Cabelmodem). Andere Kunden ADSL haben keine Probleme. Sollte dies der Fall sein, gibt es irgendwelche Work Orrounds??? Gruss Xaver Xaver Aerni Xariffusion Informatik Telecom Zürichstrasse 10a 8340 Hinwil Tel. 043 843 78 78 Fax 043 843 78 70 ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog __ __ __ __ Sent via the WebMail system at mgz.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog