Re: [swinog] BGP Battleships

[Scott Weeks]

--- onit...@gmail.com wrote:
From: Gregor Riepl 

Some good ol' fun with BGP:

https://blog.benjojo.co.uk/post/bgp-battleships

Please (don't?) try this at home!
-


How about at work?  ;-)

Mind if I share this with other tech mailing lists?

scott









___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] OSS/BSS

[Scott Weeks]

--- m.hert...@mhs.ch wrote:
From: Matthias Hertzog 

Not really network related, but provisioning-related, which 
is somehow network related as well... :-)

What kind of OSS/BSS systems are you using in your companies? 
Self-developed? Purchased?
---


What size of network are you talking about?  Is it an ISP 
network?  Some tools are fine for smaller and nearly 
non-changing networks, but are terrible for scaling to larger
and quickly changing networks.

scott




























___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Scott Weeks]

--- g...@space.net wrote:
From: Gert Doering <g...@space.net>
To: Scott Weeks <sur...@mauigateway.com>
On Sun, Oct 29, 2017 at 02:53:41PM -0700, Scott Weeks wrote:

> I was not around for those discussions (and not being a computer 
> science person, nor wanting to go on this for too long as has been 
> endlessly done on other lists), but it seems TLV would have allowed
> 4 to be a subset of the new space.  I never heard that discussed 
> much and that's what I meant by my comment.

The point is: if you introduce a change to the packet format (and TLV
would be), you are no longer compatible with IPv4.  Which makes the
whole "I want this to be compatible so I do not have to change infra
or end points" totally moot.

Worse, then you have "old IPv4" and "new IPv4" machines who might or
might not be able to talk to each other, depending on which IPv4 address
the "new IPv4" got (a long one or a short one) - while with IPv6, you have
unmodified old IPv4 to ensure compatibility during the transition, and
then you turn it off (in 10 years or so).
---



I guess all ways IETF participants thought of a new 
address space would not have allowed backwards 
compatibility with IPv4?

Thanks for the explanation.  I appreciate it.  
Hopefully, others here find it interesting, too.

scott


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Scott Weeks]

--- g...@space.net wrote:
From: Gert Doering <g...@space.net>
On Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote:
> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, 
> barely 15 years after people were told to move towards IPv6.
> ---
> 
> 
> Especially after IETF made it backwards compatible and made
> it so easy to switch from 4 to 6...  ;-)

There's no way to make "something with longer addresses" compatible 
without IPv4 without changing everything (routers, endpoints) - so,
that argument is usually one brought forward as one of a long list of
standard excuses to avoid deploying IPv6, while at the same time 
blaming everyone else for the problems with IPv4.
---


Note the smiley face above.  This one, too...  :)

I was not around for those discussions (and not being a computer 
science person, nor wanting to go on this for too long as has been 
endlessly done on other lists), but it seems TLV would have allowed
4 to be a subset of the new space.  I never heard that discussed 
much and that's what I meant by my comment.

scott









___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Scott Weeks]

--- g...@space.net wrote:
From: Gert Doering 

Yeah, it's quite unfortunate that IPv4 ran out so suddenly, 
barely 15 years after people were told to move towards IPv6.
---


Especially after IETF made it backwards compatible and made
it so easy to switch from 4 to 6...  ;-)

scott






















___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Brocade MLXe: Random Linecard Reboot - anyone else?

[Scott Weeks]

--- rai...@ultra-secure.de wrote:
From: Rainer Duffner 
> Am 18.09.2016 um 08:11 schrieb Fredy Kuenzler :


> Friday night we observed several Brocade MLXe linecards rebooting 
> (several locations, i.e. Amsterdam, Frankfurt, Geneva), which 
> caused network instability due to flapping iBGP etc.



: Coincidence?
:
: https://twitter.com/schneierblog/status/775783898366160896
---



"Take Down the Internet"
"it feels like a large nation state...China or Russia"
"I am unable to give details"
"It feels like a nation's military cybercommand"

etc.

Seems like FUD to get viewers.  'The sky's going to fall and I can't 
tell you why or when, but I know it is.  Trust me.'  Where's the 
technical details so we  can make an informed decision, rather than 
"it feels like..."

scott































___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] The Internet 40 years on

[Scott Weeks]

--- jer...@massar.ch wrote:
From: Jeroen Massar 

http://m.sfgate.com/business/article/40-years-on-the-Internet-transmits-every-aspect-9187484.php

For the people who like 'our history' ;)
---


Hmmm, not so sure about sfgate.com's historical data.  
The internet first said "lo" like in 'lo and belold, 
I exist', but in reality it was the first three 
letters of "log".  the whole system crashed when they 
typed the "g".  That was 1969:

http://www.lk.cs.ucla.edu/personal_history.html



As far as packet radio (I'm from Hawaii, so I really 
like this one) Professor Norman Abramson developed
ALOHAnet (packet radio) in 1970 at the University of 
Hawaii, which became the core idea for Robert 
Metcalfe's CSMA and, thus, Ethernet:

https://en.wikipedia.org/wiki/Packet_radio#Aloha_and_PRNET



One of my favorites is the letter from R.Z. Bachrach:

http://b2b.cbsimg.net/blogs/19740305-xerox-ethernet-memo1.jpg

Which he clarifies as not what everyone thinks it 
said:

https://www.reddit.com/r/reddit.com/comments/1xz13/in_1974_xerox_parc_engineers_invented_ethernet/


All of which was before 1974.

scott



















___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IPv6 Buddy Keypad

[Scott Weeks]

--- opperm...@networx.ch wrote:
From: Andre Oppermann opperm...@networx.ch

This special USB IPv6 number keypad doesn't seem to be a joke:
  http://www.ipv6buddy.com

Even includes dedicated : and :: buttons.

Somebody should buy a 10-pack and sell them at next Swinog meeting. ;-)
---


It's weird, but it's not a joke.  The guys over at AusNOG were checking it out 
a while back:

http://lists.ausnog.net/pipermail/ausnog/2012-January/011962.html

scott
















































--
--



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IPv6 Buddy Keypad

[Scott Weeks]

On 3/30/12 7:35 PM, Scott Weeks wrote:
 --- opperm...@networx.ch wrote:
 From: Andre Oppermannopperm...@networx.ch

 This special USB IPv6 number keypad doesn't seem to be a joke:
http://www.ipv6buddy.com

 Even includes dedicated : and :: buttons.

 Somebody should buy a 10-pack and sell them at next Swinog meeting. ;-)
 ---


 It's weird, but it's not a joke.  The guys over at AusNOG were checking it 
 out a while back:

 http://lists.ausnog.net/pipermail/ausnog/2012-January/011962.html
--


-- mailing-por...@porcus.ch wrote: --
From: Will van Gulik mailing-por...@porcus.ch

Hmm, we even got something older :

http://www.faqs.org/patents/app/20080267683
--



I wonder if it's the same guy?  I couldn't find out who owns the company in web 
search engines.

scott






































-
-



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Fwd: AW: Hackerparagraph

[Scott Weeks]

On Tue, 17 Mar 2009 12:18:28 +0100, Andreas Fink wrote:
 Now what does that mean? It is basically what the germans have done  
 under the Hackerparagraph. It disallows software which could  
 potentially be used for hacking to be distributed. The result of
 this was for example that in germany the WiFi tools to verify your
 WiFi security dissapeared. Why? because someone COULD use it for
 hacking.




Hmmm, that's funny.  I could use TCP, UDP or ICMP for hacking.  I guess we 
better shut down the internet...  ;-)

scott





























===


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IRC Server dead ?

[Scott Weeks]

--- [EMAIL PROTECTED] wrote:

at least it prooved the ML is still alive, and not so slow as some mentioned ;-)

we got  3 days nanog feeling, who cares ?
if someone like an idling list.. we maybe could create [EMAIL PROTECTED], and 
to make shure there is no accidentaly traffic setting this list to moderated
this would be even helpfull for all the autoresponder fan's
-



I enjoyed reading it all.  It put a smile on my face several times.  

One day, I want to do a beer event with you guys, but since it's 12,277 
kilometers (7628 miles) there:

http://www.timeanddate.com/worldclock/distanceresult.html?p1=103p2=268

It'll probably be a very long time until that happens...  ;-)

scott

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IRC Server dead ?

[Scott Weeks]

I can't resist.

...if it collects any marketing stats, so what, everyone is doing that...

Only from the unknowledgeable that don't control Javascript (NoScript), flash 
(etc.), cookies or 'stuff'.  Therefore, you have skewed stats.

...There's nothing bad about companies knowing better what I might buy from 
them...

Yes, there is.


scott

































---
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Content delivery system like Akamai?

[Scott Weeks]

There're a lot of players in that space.  I used to work for a company called 
Digital Island that bought Sandpiper to get their Footprint CDN.  This was then 
sold to CW who then sold it to blah, blah and it finally ended up at Savvis.  
There were several lawsuits with Akamai (a Hawaiian word for smart, clever or 
intelligent BTW) in the US about who invented what first.  Akamai came out on 
top from what I heard after leaving the company.

http://www.savvis.net/corp/Products+Services/Content+Delivery+Network/default

You should be sure to do the market research before doing anything more than a 
fun and interesting project.

scott


--- [EMAIL PROTECTED] wrote:

From: Marco Fretz [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [swinog] Content delivery system like Akamai?
Date: Tue, 02 Sep 2008 10:38:08 +0200

Hi everyone,

I think most of you now Akamai and how they deliver 20% of total
internet content traffic...

This looks like a good explanation:
http://research.microsoft.com/~ratul/akamai.html

Has anyone tried to build a system similar to Akamai? I should be
possible to build it, in a smaller way of course. Some modified named
(bind) servers, Squid, etc.

From my point of view, Akamai does the right thing: Why try to have lots
of peerings, good transit connnections, etc. when you can serve the
content directly out of the most popular ISP networks. They don't need
their own network infrastructure for content delivery services (hosting).

Is here anyone interested in this topic? Anyone has time and interest to
build, research and test a small Akamai hosting system?

My idea is in general:
- 2-3 providers (one of you?)
- each ISP donates 2-3 servers for the project (physical or virtual)
- find a modified bind and squid or rebuild it to do this Akamai-like
DNS and url magic
- write a lot of shell scripts for monitoring, etc.
- test the bunch of magic with our company sites :P

... but maybe I'm just crazy and you might simply ignore this post :-)


thanks, have a nice day
best regards
 Marco

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Colocation and Internet Access in Europe and Middle East

[Scott Weeks]

--- [EMAIL PROTECTED] wrote: ---
From: Marc Eggenberger [EMAIL PROTECTED]

A friend of mine is looking for colocation and internet services in Zürich, 
London and Manama Bahrain. Do you know any providers especially Bahrain? Are 
there any that have the possibilities to provide managed MPLS connectivity in 
those areas?
-



For Bahrain you might ask over on MENOG.

scott

















































---
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] BIG FAT WARNING Watch your Looking Glass

[Scott Weeks]

--- [EMAIL PROTECTED] wrote:

here's the cisco advisory:

http://www.cisco.com/warp/public/707/cisco-sr-20070912-regexp.shtml
--


Sounds like the same thing as the late 1990s.  sho ip bgp regexp stuff 
caused a reboot.

scott









































___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Please Help Stop = remember swinog 14 - project DNS Blockade

[Scott Weeks]

Help!  I've received ~10 of these so far!

scott



--- [EMAIL PROTECTED] wrote:

From: Nik Hug [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [swinog] remember swinog 14 - project DNS Blockade
Date: Wed, 11 Jul 2007 01:17:28 +0200

Good Morning

For me it was always just a question of time until they try to use (or 
abuse) the list to block other unwanted content (please note the 
double quote)

http://thepiratebay.org/blog

I don't care about a torrent tracker - but I care now even more about 
free speech and the risks such tools bring with them. Especially if 
they are operating without proper legal an democratic legitimation - 
compiled by some policemen sharing information only with services from 
other free nations ...

let's bet how long it will take untill we have a similiar case here in 
Switzerland? Madame la juge where are you?

Nik
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: AW: AW: [swinog] Route of the day

[Scott Weeks]

: /me also wonders when ISP's start to drop those 
: silly ICMP filters which are really far from helpful 
: when trying to debug issues.


Use tcptraceroute instead.

scott








--- [EMAIL PROTECTED] wrote:

From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: AW: AW: [swinog] Route of the day
Date: Fri, 6 Jul 2007 17:04:35 +0200

Jeroen

I still don't see the problem.
Where and when can you have such a round-trip for free?
Go at the Zuerifaescht and you will have to pay quite a lot for a much
shorter ride.
;-))

PS: As Stanislav wrote, it's still below 30 hops.

Happy weekend,
Günti
 

-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Jeroen Massar
Gesendet: Freitag, 6. Juli 2007 16:58
An: [EMAIL PROTECTED]
Betreff: Re: AW: [swinog] Route of the day

[EMAIL PROTECTED] wrote:
 Where's the problem?
 Your traffic reaches with Hop 3 already Zurich...

Maybe the part where it takes another 600ms+ to actually reach the final
destination in Switzerland again? :)

 22  i79zhb-005-pos4-0.bb.ip-plus.net (138.187.159.5)  654.770 ms *
 i00nye-005-pos5-2.bb.ip-plus.net (138.187.159.9)  657.152 ms
 23  * * *
 24  tge3-3.bwrt1inb.bluewin.ch (195.186.0.113)  661.318 ms * *
 25  * * *
 26  * * *

Instead of the 8ms to reach that same host from the other trace.

/me also wonders when ISP's start to drop those silly ICMP filters
which are really far from helpful when trying to debug issues.

Greets,
 Jeroen


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Re: blocking ports?

[Scott Weeks]

: but still voting to block mail from dialup and adsl ranges

On DHCP DSL ranges.  I see some businesses that have a legitimate email server 
on statically assigned DSL ranges...

scott



--- [EMAIL PROTECTED] wrote:

From: Schmid [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [swinog] Re: blocking ports?
Date: Fri, 13 Apr 2007 10:32:28 +0200


isn't the most spam comming via compromized Computers ? 
adsl Dynamic or  dialup user you should never trust them if the say the dont 
spam.
they have to send mail the way smtp is thought for, that means send email to 
the smtp relay next to you. prevent him to send email via any other relay.
if this would be consequent done by all ISP most of the spam would dissapear, 
and we could concentrate to prevent abusing other system for doing their 
harmfull work. 

Funny thing is one ISP is switching off his SMTP relay telling the client to 
use other smtp relay in the wild and call that a first action according to the 
stop spam campaign. 
another one is blocking port25 und force the user to use the ISP?s SMTP Relay 
and even explain this is done due to the stop spam campaign 

how to believe anything ?


confused  but still voting to block mail from dialup and adsl ranges ;-)




-- Original Message --
From: Scott Weeks [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Date:  Thu, 12 Apr 2007 11:19:56 -0700



Hello,

: So if a customer proofs that he is able from a technical 
: Point of view to operate an mail server in a secure manner 
: and assures not to abuse email for spam then it's not 
: acceptable that an ISP block anything to him.

This is what I was saying to the guys here at my work.  We just need a small 
proof that the customer isn't a spammer and we open it up.  However, most of 
our customers are less-technical savy home folks.  Did you have to prove to 
your ISP that you weren't spamming?  If so, how did they have you do that?

Thanks,
scott


--- [EMAIL PROTECTED] wrote:

From: Peter Bickel [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [swinog] Re: blocking ports?
Date: Thu, 12 Apr 2007 12:03:28 +0200

Scott Weeks schrieb:


 : You'd be amazed how many companies operate their own 
 : mail servers, even behind dynamic addresses

 I'm speaking with guys in my company on an issue and part of the discussion 
 has to do with me saying no one runs a mail server from behind a dynamic IP 
 addresses.  Other than just your experiences, does anyone have pointers to 
 data on folks that do this?

 scott

Hi Scott

we do exactly this for IDV  Network Consulting. We operate our own 
Mailserver
(Solaris with sendmail and iamp) in our internal Network which is 
connected to
Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting 
environment
which have of corse fixed IP addresses which we use to relay to the outside.
All hosts use Solaris and sendmail and are protected with IPFilter with very
restrictive Rules. Incomming email is going through the external hosts and
an IPIP Tunnel directly to the internal mail server.

We really don't want to be dependend on an ISPs email SETUP. DNS is the
same which helped me in the past a lot where several customers weren't able
to use the net everything worked for us. So if a customer proofs that he
is able from a technical Point of view to operate an mail server in a
secure manner and assures not to abuse email for spam then it's not 
acceptable
that an ISP block anything to him.




 --- [EMAIL PROTECTED] wrote:

 From: Markus Wild [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: Re: [swinog] Re: blocking ports?
 Date: Wed, 11 Apr 2007 19:26:39 +0200

 Jonathan,

 Sorry but I disagree with Per.  ISPs have a duty to prevent email
 Spam which is a terrible curse for us all.  If they decide that
 blocking port 25 outbound will help then they should do it.

 If you are a user, why can't you use the ISPs relay server? If you
 are a provider you ought to have your own mail server on a fixed IP
 address.

 You'd be amazed how many companies operate their own mail servers, even
 behind dynamic addresses (in which case they usually use some mailbox
 polling mechanism to feed their server from mail from the outside), but
 send outgoing mail directly with SMTP.

 Of course, one day we need a better protocol than SMTP (*Simple* Mail 
 Transfer Protocol) which was never meant as a global email solution.  
 But until then we have to do something to stop people abusing it.

 But by killing the payload, not the messenger, please... 

 Cheers,
 Markus
 ___
 swinog mailing list
 [EMAIL PROTECTED]
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


 ___
 swinog mailing list
 [EMAIL PROTECTED]
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


-- 


Gruss
Pitsch

Re: [swinog] Re: blocking ports?

[Scott Weeks]

: You'd be amazed how many companies operate their own 
: mail servers, even behind dynamic addresses

I'm speaking with guys in my company on an issue and part of the discussion has 
to do with me saying no one runs a mail server from behind a dynamic IP 
addresses.  Other than just your experiences, does anyone have pointers to data 
on folks that do this?

scott




--- [EMAIL PROTECTED] wrote:

From: Markus Wild [EMAIL PROTECTED]
To: swinog@swinog.ch
Subject: Re: [swinog] Re: blocking ports?
Date: Wed, 11 Apr 2007 19:26:39 +0200

Jonathan,

 Sorry but I disagree with Per.  ISPs have a duty to prevent email
 Spam which is a terrible curse for us all.  If they decide that
 blocking port 25 outbound will help then they should do it.
 
 If you are a user, why can't you use the ISPs relay server? If you
 are a provider you ought to have your own mail server on a fixed IP
 address.

You'd be amazed how many companies operate their own mail servers, even
behind dynamic addresses (in which case they usually use some mailbox
polling mechanism to feed their server from mail from the outside), but
send outgoing mail directly with SMTP.

 Of course, one day we need a better protocol than SMTP (*Simple* Mail 
 Transfer Protocol) which was never meant as a global email solution.  
 But until then we have to do something to stop people abusing it.

But by killing the payload, not the messenger, please... 

Cheers,
Markus
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] does Econophone block port25

[Scott Weeks]

-From: Jeroen Massar [EMAIL PROTECTED]-
: To avoid problems there, make a simple policy: if found 
: spreading a virus/spamming and having disabled the blockage: 
: no Internet for a week.  Or a similar measure that can of 
: course be lifted after paying a fine.


Wouldn't that make customers go to another comany for service?

scott




--- [EMAIL PROTECTED] wrote:

From: Jeroen Massar [EMAIL PROTECTED]
To: swinog@swinog.ch
Subject: Re: [swinog] does Econophone block port25
Date: Wed, 04 Apr 2007 08:42:20 +0100

Candid Aeby wrote:
 Hi
 
 first this is no local decision. We never liked it. I know it is unpopular
 and i would prefer a better solution. Since Monday Port 25 is blocked for
 Dial-Up and ADSL connections.

Is that outbound from $customer - $internet, or is that also for
inbound $internet - $customer?

Having a block on port 25/tcp, 137-139/udp and some other magic
virusports is acceptable on end-user IP's. BUT as long as the user of
that line has the option to easily turn this off. Eg using a
webinterface where they can login using their user/pass and then enable
it again, that is disable the block. If that is not possible, then when
a user moans about not getting Internet connectivity they are quite right.

Users who are not the typical techy, can always use 587 as you indicated
and should, in general, keep the block on.

To avoid problems there, make a simple policy: if found spreading a
virus/spamming and having disabled the blockage: no Internet for a week.
Or a similar measure that can of course be lifted after paying a fine.

Greets,
 Jeroen



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] JOB: Senior Network Engineer, Schlieren/ZH

[Scott Weeks]

--- [EMAIL PROTECTED] wrote:
From: Stanislav Sinyagin [EMAIL PROTECTED]

--- Scott Weeks [EMAIL PROTECTED] wrote:

 Do you guys have a hard time finding folks at this level there?

The market of average-level network engineers is quite large, as in 1999-2000
many CCIEs and other engineers were brought to Swizterland (including 
myself :-) If you're looking for someone special, this can be hard.
--


Thanks for the info, I am curious what other parts of the world are like with 
respect to the internet and who works on it.

scott






























___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] JOB: Senior Network Engineer, Schlieren/ZH

[Scott Weeks]

--- [EMAIL PROTECTED] wrote:--
From: Pascal Gloor [EMAIL PROTECTED]

- Senior Network Engineer.
snip

ahem... that's a long list...

I'm just wondering what the community thinks, how much should one earn
in such a position with all those skills and requirements? Or, if you're
the man for this position, how much do would you expect as salary?

I'm just wondering about our 2006/2007 'job market status' ;-)



It's not that large of a list.  I have experiences in everything but the below. 
 I am at the CCIE level eventhough I don't have the cert.  I work on Juniper 
and Alcatel routers.  However, I can speak a little Hawaiian, would that help?  
Just kidding. :-)  I must live near the ocean as I am addicted to surfing big 
waves...

- DOCSIS network technologies
- VoIP and IP Telephony
- Cisco certifications of Professional or Expert level are welcome.
- Fluent German and English languages are the required.
- Ability to communicate in French is very much welcome.
- A valid driver license is also essential.

After converting the salary range (from another email) from Swiss Francs to 
American Dollars, I see you're able to pay what's average here.  However, I 
don't know how to relate the spending power of that level of salary to what it 
can do here, so it might be more or less value to the person.

Do you guys have a hard time finding folks at this level there?

scott

















___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog