Re: [AusNOG] SDWAN Security

2021-05-31 Thread Matthew VK3EVL 
Very much a cynic here.
I’ve been told several times by several vendors how I should go to sdwan (over 
the current MPLS) because that’s what everyone is doing. I can usually finish 
them in one or two questions.
What about QoS, can you guarantee that?
Yes? How can you guarantee QoS over a public internet connection?

A few confused/concerned looks around the room.
Why do you need QoS is usually the next question.

I’m all for progress and SD everything, but it needs to be an improvement on 
what I have, not a step backwards and having my configured reliant on something 
outside my network.

The only other thing that bugs me about meraki (this may have changed) is you 
spend money on hardware, then you pay a subscription. If you stop paying the 
subscription, that hardware stops working, whilst the old 800 series keeps 
chugging away albeit without updates if you stop paying maintenance. I see this 
as a risk, if someone is late paying a bill, someone misses a remittance email, 
someone ticks the wrong box, the network is gone. Sure it can be rectified, but 
at what cost to lost productivity?

SDWan has its place but it isn’t an improvement on MPLS imho.


> On 31 May 2021, at 19:58, dusty  wrote:
> 
> 
> Heya,
> 
> How are those solutions more suited to swapping in for an MPLS network? 
> Aren't they all just some flavour of vpn with a cloud frontend, and some neat 
> fail over behaviours? 
> 
> I am in the unenviable positive of having to prove "why not meraki", rather 
> than "what's the best option". Hopefully that comes later, but the meraki 
> solution has some...investment...to overcome. 
> 
> And that can only be done with hard facts
> 
> 
>> On Mon, 31 May 2021, 7:22 pm Radek Tkaczyk,  wrote:
>> Hi Dusty,
>> 
>> I don’t think you will find that Cisco meraki is not a proper SDWAN 
>> solution. It’s just a glorified VPN with a cloud dashboard. If you call that 
>> SDWAN then SDWAN has been around for 30 years then.
>> 
>> You need to be looking at proper SDWAN solutions like Velocloud(VMware), 
>> Cisco Viptella, Peplink, etc. These are proper SDWAN solutions that can 
>> replace an MPLS.
>> 
>> Sent from my iPhone
>> 
>>> On 31 May 2021, at 4:09 pm, Dale Shaw  wrote:
>>> 
>>> 
>>> Hi Dusty,
>>> 
>>> Full disclosure: I work for VMware (we have a SD-WAN offering) but I’ll 
>>> keep it agnostic—
>>> 
 On Mon, 31 May 2021 at 12:49 pm, dusty  wrote:
 Hi Folks,
 
 After a number of years being more managerial than technical, I find 
 myself staring at a proposal to swap a perfectly good MPLS network with 
 some Meraki shenanigans.
 
 This, frankly, gives me the heebie jeebies.
 
 I've done a bunch of poking around but, alas, it is remarkably difficult 
 to locate reliable analyses of the actual security (or lack thereof) of 
 these solutions - plenty of glossy marketing and whizzbang, not a lot of 
 facts.
 
 Can anyone point me in the direction of some decent whitepapers, blogs, 
 etc about the relative merits of these things?
 
 Thanks!
 --dusty (in Brisbane)
>>> 
>>> (tl;dr: talk to your friendly vendor SE.)
>>> 
>>> What sort of collateral would you look for, to give warm fuzzies, if you 
>>> were evaluating a traditional WAN routing platform?
>>> 
>>> You should be able to find security whitepapers and other technical 
>>> documents that describe management and data plane security, use of 
>>> crypto/PKI etc.
>>> 
>>> Vendors targeting enterprise customers should be putting their products 
>>> through security evaluation frameworks such as Common Criteria — look for 
>>> certification, in-flight or completed, against the Network Device 
>>> collaborative Protection Profile (NDcPP) plus optional modules like VPN. 
>>> Crypto libraries may be FIPS 140-2 [US centric] certified.  
>>> 
>>> For vendors offering things as-a-service, certifications and statements of 
>>> conformance against other regulatory frameworks should be applicable (SOC, 
>>> FedRAMP [again US centric], IRAP etc. may exist).
>>> 
>>> Cheers,
>>> Dale
>>> 
>>> ___
>>> AusNOG mailing list
>>> AusNOG@lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] EFPOST terminals down

2020-06-21 Thread Matthew VK3EVL 

Electronic Funds Point Of Sale T???

Or maybe it's Electronic funds Postal like sending a cheque by mail

On the other hand, "ef T pos" has been working fine for me :)

On 22/06/2020 12:06 pm, Nathan Brookfield wrote:

What’s EFPOST anyway? Haha

On 22 Jun 2020, at 12:02, Noel Butler  wrote:




hacker? nah...  Might be a minor hissy somewhere with someones 
network, I've used my card at multiple places yesterday and this 
morning - all tap 'n go, the only hiccup I had was at a supermarket 
yesterday, it returned declined,  I tapped immediately same card again 
and it approved



On 22/06/2020 01:29, Chris Hurley wrote:


Hi all,
Has anyone else noticed experience a large increase in EFPOST 
terminals being down?  With CoVid a lot of end users have switched to 
EFPOST only transactions but in the last 72 hrs we have noticed end 
users complaining and a number of sites now only accepting cash eg 
local council tips – Why a hacker would target a tip go figure.

Regards,
Chris Hurley BE (Elec)
Signal Manager

--

Kind Regards,

Noel Butler

This Email, including attachments, may contain legally privileged 
information, therefore remains confidential and subject to copyright 
protected under international law. You may not disseminate any part of 
this message without the authors express written authority to do so. 
If you are not the intended recipient, please notify the sender then 
delete all copies of this message including attachments immediately. 
Confidentiality, copyright, and legal privilege are not waived or lost 
by reason of the mistaken delivery of this message.


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog



___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Equinix SY1 gone dark?

2019-03-13 Thread Matthew VK3EVL 

Thanks.

Guess my 2 week holiday isn't starting at 4:30 like planned.

On 14/03/2019 16:20, Tim Raphael wrote:

I’m still online…

- Tim

On 14 Mar 2019, at 4:18 pm, Matthew VK3EVL <mailto:hit...@itglowz.com>> wrote:


Hi All,

Hearing reports (and lost our cage) in SY1.

Apparently nobody answering the phone at Equinix. Is it just me or 
have others seen it too?


Cheers
Matthew

___
AusNOG mailing list
AusNOG@lists.ausnog.net <mailto:AusNOG@lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] Equinix SY1 gone dark?

2019-03-13 Thread Matthew VK3EVL 

Hi All,

Hearing reports (and lost our cage) in SY1.

Apparently nobody answering the phone at Equinix. Is it just me or have 
others seen it too?


Cheers
Matthew

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Matthew VK3EVL 

Are you sure?

https://aws.amazon.com/directconnect/faqs/

*Q. Can I extend one of my VLANs to the AWS Cloud using AWS Direct 
Connect?*


No, VLANs are utilized in AWS Direct Connect only to separate traffic 
between virtual interfaces.



There may be creative ways to kind of achieve it but not out of the 
box... megaport itself can span a broadcast domain but AWS is the 
limiting factor here.


If you know of a way around this i'd be extremely interested to know.

Cheers
Matthew

On 12/02/2019 12:52, Nathan Brookfield wrote:


100% possible :)

Nathan Brookfield
Chief Executive Officer

Simtronic Technologies Pty Ltd
http://www.simtronic.com.au

On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:

Hi *

  Just wondering if the following scenario is supported for EC2 instances with 
AWS.

  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that interface 
on my router, I put x.x.x.1/24, then on my EC2 instances I'd want to put 
x.x.x.2-254/24 directly on my compute instances, so those EC2 instances 
basically become a part of my broadcast domain over the VLAN on Megaport, and I 
can control data in/out of those instances.

  I'm fairly fresh to AWS so not entirely sure the correct way to go about it 
through the route tables, VPCs etc - is what I'm asking for relatively easy and 
possible?

Thanks,
Joe
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] .au Password Recovery

2018-07-24 Thread Matthew VK3EVL 

I tried with one of my domains and put in a random name. Still worked.

What i find mildly amusing is this message on the page after you click 
the link and get your password.


"If you have received this notification and have not requested your 
domain password please contact your sponsoring registrar or reseller 
immediately."


I understand it on the email, but after you've read the email and 
clicked the link.



On 24/07/2018 13:46, Ted Cooper wrote:

Works quite well. This is a huge step forward from the phone call, or go
talk to the existing recalcitrant registrar first method.

In regards to where the email has gone, this is still available via the
web based whois system. Wish list for the same page, but still available
for now.

I also ponder the Requestor Name field. Neither it nor an IP address is
included in the email or the linked page. They weren't part of the
previous system either so it's more of a curiosity.

Having a link/menu on each of these sites that links to the others would
be useful. eg Jump between whois and password recovery.

For your filers and whitelists, emails are currently sent from Amazon
AWS hosts, with sending email address of supp...@afilias.com.au. Emails
are not DKIM signed. Sending host is specifically set in SPF:
H=ws-us-east-lb-1.afilias.tech (ws-us-east-lb-10.afilias.info) [52.5.176.76]

SPF does include an IPv6 address, however it doesn't appear to be
currently in use; mine came over IPv4 and there's no PTR or  for it.
2600:1f18:271c:c801:2d13:426:efbf:9828

This is still an immense relief to have password recovery over email
though! Different but workable.

On 24/07/18 13:29, Nick Stallman wrote:

Very nice, Slightly different to the old system with a link instead of
just putting the password in the email.

One oddity however, to request a password you have to put in a name, but
I can't figure out what that's used for? It doesn't put the requester's
name in the email nor on the link.
I'm not sure why they'd want to collect it if they didn't use it.

It would have been nice if it was included in the email so if I
requested a password on behalf of a client (so much easier sometimes)
they'd see my name in the email and not wonder what the strange email means.

Also it seems you can no longer see where the email actually got sent
to. Again, very useful if the client has multiple email addresses and
you can tell them which one to check.

On 24/07/18 13:12, Paul Goodsell wrote:

Hi All,

Just wanted to let you all know that Afilias' new .au password
recovery tool is live. You can find it here:

https://pw.auda.org.au/

It's pretty straightforward. Enter URL and your name (requestor).
You'll receive an email with recovery link to the email associated
with your registration. Click it and you'll find your domain password,
registration expiry date, and sponsoring registrar information. The
recovery link expires after 48 hours.

​Cheers,​

--

Paul Goodsell

Marketing Manager

Afilias Australia Pty Ltd.

M: +61 4 6665 5973



___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

--
Nick Stallman
Technical Director
Email   n...@agentpoint.com 
Phone   02 8039 6820 
Website www.agentpoint.com.au 


Agentpoint 
Netpoint 

Level 3, 100 Harris Street, Pyrmont NSW 2009Facebook
 Twitter
 Instagram
 Linkedin




___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] .au Domain Registrations

2018-07-11 Thread Matthew VK3EVL 
Submit feedback to auDA.
I’m sure if enough people feel the same way things may change back to how it 
was.
I’ve done my bit. 
I’ve just received a renewal letter for a .au domain at $job for $275 for two 
years through a registrar that the company does not normally use and sounds 
very scammy so looks like I’m about to go through the same process :(

Cheers
Matthew

> On 11 Jul 2018, at 20:20, Ted Cooper  wrote:
> 
> It would be much better if we could return to the previous function of
> immediate email of the password to the registrant contact email address.
> There is no benefit to forcing engagement with the losing registrar,
> especially when they are non-cooperative or cactus.
> 
> Case in point - the "this is not an invoice" scams.
> 
> After 5 years of falling victim to the scam, the original scam company
> being closed down by ASIC or similar, all positive control over the
> domain was lost by the client. The contact email address was still valid
> but Afilias refused to pass on the password to it to allow me to fix the
> domain by transferring to a responsible registrar. The scam company
> refused to cooperate with the Afilias phone call, effectively blocking
> the ability get the password.
> 
> In the end I emailed _everyone_ in the chain (scam company, TuCows,
> Afilias, auDA) about the situation and _one_ of them did the deed and
> sent it to the contact address. A week after starting and the domain is
> finally transferred and fixed.
> 
> For the love of all things good, just send the damn password to the
> email address! Why does it have to be anything but automated?? I'll fix
> the contact information when it gets here.
> 
> 
>> On 11/07/18 16:37, Bryce Telfer wrote:
>> Unfortunately,  the new Domain Password Recovery system that Afilias
>> provide (https://afilias.com.au/about-au/domain-pw-recovery) is a poor
>> substitute for the previous AusRegistry system.
>> 
>> Rather than an immediate, automated email to the Registrant Contact, 
>> the new system involves someone at Afilias making a telephone call to
>> the Registrant Contact Phone Number sometime in the next 2 days.
>> 
>> Time to do a thorough clean-up of all the Registrant Contact Phone
>> numbers on all our domains.
>> 
>> *Bryce Telfer*
>> 
>> p| 1300 720 790   e| brycetel...@allinternet.com.au
>> 
>> 
>> 
>> On 21 June 2018 at 21:01, Nathan Brookfield
>> > > wrote:
>> 
>>Hi Chris,
>> 
>>The .AU domain registration agency is changing from AusRegistry o
>>Afilias but that’s all, no real changes to the community except
>>dealing with a new registrar body, no changes to .au domains are
>>coming on that date.
>> 
>>Nathan Brookfield
>>Chief Executive Officer
>> 
>>Simtronic Technologies Pty Ltd
>>http://www.simtronic.com.au
>> 
>>On 21 Jun 2018, at 20:50, Christopher Hawker >> wrote:
>> 
>>Hi All,
>> 
>>__ __
>> 
>>With the changes coming on 1^st July to the way .au domain
>>registrations, is there a way to pre-register .au domains? Or is it
>>a matter of “first in, first served”?
>> 
>>__ __
>> 
>>Thanks,
>> 
>>CH.
>> 
>>___
>>AusNOG mailing list
>>AusNOG@lists.ausnog.net 
>>http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>> 
>>___
>>AusNOG mailing list
>>AusNOG@lists.ausnog.net 
>>http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>> 
>> 
>> 
>> 
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> 
> 
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] iiNet Status

2018-05-01 Thread Matthew VK3EVL 

Not me personally but I have heard 2 reports so far plus assuming yours.


On 2/05/2018 11:04, Alex Voigt wrote:


Peoples

Anyone have issues with iiNet Services ATM?

Alex Voigt

Consultant

*ADV Technical Consulting*

3 Furniss Road

Landsdale W.A. 6065

Tel:   08 9302 4866

Fax:  08 9302 4844

Mob: 0419 010 191

mspartner-reverse

Please make a note to use the following email addresses to ensure a 
prompt response


For Support - supp...@advtech.com.au 
 & Admin/Accounts - 
i...@advtech.com.au 




*Disclaimer*

The information contained in this communication from the sender is 
confidential. It is intended solely for use by the recipient and 
others authorized to receive it. If you are not the recipient, you are 
hereby notified that any disclosure, copying, distribution or taking 
action in relation of the contents of this information is strictly 
prohibited and may be unlawful.


This email has been scanned for viruses and malware, and may have been 
automatically archived by *Mimecast Ltd*, an innovator in Software as 
a Service (SaaS) for business. Providing a *safer* and *more useful* 
place for your human generated data. Specializing in; Security, 
archiving and compliance. To find out more Click Here 
.




___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Fiber cut

2017-12-12 Thread Matthew VK3EVL 
Who said there is only 2 paths? Particularly in the cbd.

> On 12 Dec 2017, at 22:26, Bryan O'Reilly  
> wrote:
> 
> So diverse routes are no longer diverse until the damaged cable is repaired?
> 
> That should create some sort of reporting, especially if you are paying for a 
> diverse route, or am I looking at this the wrong way?
> 
>  
> 
> ---
> Kind regards,
> 
> Bryan O'Reilly
> Founder - Telco Independent Consulting
> www.telcoindependent.com.au
> 0419 632 098
> 
> 30+ years experience to provide YOUR business with independent advice.
> 
> 
>> On Tue, 12 Dec 2017 10:10:45 +, Nathan Brookfield 
>>  wrote:
>> 
>> Diverse routes and paths so they don’t have to report it.
>> The damaged duct is owned by Telstra, AAPT aren’t the only ones in it haha.
>> 
>> On 12 Dec 2017, at 21:09, Christopher Hawker  wrote:
>> 
>> Hi Nathan,
>> 
>>  
>> 
>> Who is your source? That may be a different issue and Telstra is showing no 
>> outages, so either must be really delayed with updates or some other funky 
>> stuffs is going on.
>> 
>>  
>> 
>> CH.
>> 
>> From: Nathan Brookfield 
>> Sent: Tuesday, 12 December 2017 9:05:13 PM
>> To: Christopher Hawker
>> Cc: Andrew Jeffree; ausnog@lists.ausnog.net
>> Subject: Re: [AusNOG] Fiber cut
>>  
>> The actual civil works which damaged the duct was in the CBD, on Liverpool 
>> Street.
>> 
>> Nathan Brookfield
>> Chief Executive Officer
>> Simtronic Technologies Pty Ltd
>> http://www.simtronic.com.au
>> 
>> On 12 Dec 2017, at 20:39, Christopher Hawker  wrote:
>> 
>> Looks like TPG has had (yet another) fiber cut: 
>> https://www.tpg.com.au/servicestatus/servicestatus.php?category=16=last24
>> 
>> And it's eastern suburbs in Sydney.
>> 
>> Thanks,
>> CH.
>> 
>> Sent from my Telstra 4GX Plus on the Telstra Mobile Network
>> 
>> On 12 Dec 2017 8:30 PM, Andrew Jeffree  wrote:
>> 
>> It may be worth specifying the State and/or City to help others determine 
>> what you're talking about...
>> 
>> On Tue, Dec 12, 2017 at 8:29 PM Christopher Hawker  
>> wrote:
>> Hi All,
>> 
>> Is anyone aware of a fiber cut in/near the Eastern Suburbs? AAPT said there 
>> is an outage due to a cut.
>> 
>> Thanks,
>> CH.
>> 
>> Sent from my Telstra 4GX Plus on the Telstra Mobile Network
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] OT: Cabler around Eagle Farm - Brisbane

2017-09-14 Thread Matthew VK3EVL 

Hi All,

Can anyone recommend someone to do some data (copper) cabling work for 
me around Eagle Farm Brisbane?


Replies off list please.

Cheers
Matthew

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Telstra m2m and cisco - slightly OT

2017-07-26 Thread Matthew VK3EVL 

*sigh*

Thanks for those that helped. i think i've just been staring at too 
many consoles for too long today.


Got it working.

MAtthew


On 26/07/2017 5:00 PM, Matthew VK3EVL wrote:

Hi All,

Does anyone have any experience with Cisco routers and the telstra m2m 
network.


plug the sim in to anything else and it works a treat. In to a cisco 
device and it's asking for a username and password that i don't have 
:S I'm sure i'm just missing something and mentioning m2m to almost 
anyone in telstra has them scratching their heads.


Probably best to contact off list if you can help.

Cheers
Matthew


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] Telstra m2m and cisco - slightly OT

2017-07-26 Thread Matthew VK3EVL 

Hi All,

Does anyone have any experience with Cisco routers and the telstra m2m 
network.


plug the sim in to anything else and it works a treat. In to a cisco 
device and it's asking for a username and password that i don't have :S 
I'm sure i'm just missing something and mentioning m2m to almost anyone 
in telstra has them scratching their heads.


Probably best to contact off list if you can help.

Cheers
Matthew


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog