Re: Redhat contact

[Guillaume Tournat via NANOG]


Hello

You may contact distributors instead, such as Arrow or TechData. 

Best regards

>> Le 18 sept. 2020 à 17:51, Eric Litvin  a écrit :
> 
> Hi,  I need to get in contact with someone in the sales team at Redhat but 
> they are not replying either to my emails or phone calls. Do you know anyone 
> working for Redhat whom we can call? Please dm me. 
> 
> Thanks
> 
> Eric  Sent from my iPhone
> 
>>> On Sep 18, 2020, at 7:48 AM, Wilco Baan Hofman  wrote:
>> 
>> 
>>> On 18/09/2020 12:07, Mark Tinka wrote:
>>> 
>>> 
>>> There was a time when the use-case for MACSec was to move banks away
>>> from running their own DWDM/FC networks, and letting operators do it.
>> 
>> Well, the other use case is access networks with 802.1x. With 802.1x as
>> long as the port stays up the session cookie (whatever is set as
>> authenticated) is the MAC address. So once a port is authenticated, it's
>> really easy to spoof a MAC and still be on the network.
>> 
>> With WPA2 enterprise on WiFi, this problem does not exist, because then
>> there is a cryptographic session. MACsec fixes that gap on wired.
>> 
>> Not all that relevant for long-distance links though :)
>> 
>> -- Wilco

Re: email scannering / filtering

[Guillaume Tournat]

Hello,

For MTA server, I use Postfix, with some blacklists (DNSBL).

For filtering then: SpamAssassin + Clamav works well.


Le 14/12/2018 à 12:30, David Funderburk a écrit :


What open source email filtering system is working well for you?


Regards,

David Funderburk
GlobalVision
864-569-0703

For Technical Support, please email gv-supp...@globalvision.net 
.



--
This message has been scanned for viruses and dangerous content by
*E.F.A. Project* , and is believed to be 
clean. 

Re: Escalation point at Google

[Guillaume Tournat]

Hello

Problem with blacklisted CA of Symantec, that issued SSL certificates ?



> Le 9 nov. 2018 à 02:57, Alex Osipov  a écrit :
> 
> Hello –
>  
> Does anyone have an escalation point or a human to speak to on the Google 
> escalations or  Google Safe Browsing team?  Our entire SaaS business, 15 
> years in business, in a niche software industry with a good reputation has 
> become blocked in ALL browsers.  We are impacting 30k+ enterprise users in 
> the financial space and have tried everything but all roads lead to automated 
> systems. 
>  
> Can anyone please reach out with a contact if you have one? 
>  
> Sorry to spam this list if this is inappropriate content.  Very desperate 
> here. 
>  
> Thank you,
> Alex Osipov / CTO

Re: Reporting/fixing broken airport/hotel/etc wifi?

[Guillaume Tournat]

Using sshd on port 443, I can ssh my box with a tunnel to a local squid. My 
browser then use this tunneled proxy to go to internet. 

Private and secure. 


> Le 14 juil. 2017 à 23:04, Ken Chase  a écrit :
> 
> 
> This is exactly why i have SSHd on port 443 and 53 on one of my boxes/IPs. 
> Once
> I got SSH sky's the limit on what I can fix/setup/tunnel.
> 
> /kc
> 
> On Fri, Jul 14, 2017 at 01:43:21PM -0700, Eric Kuhnke said:
>> I've found many times it's the other way around, with highly restrictive
>> captive portals that only allow traffic to 80 and 443. This is exactly the
>> reason why I have an OpenVPN server running in tcp mode (not udp) on 443.
>> 
>> 
>> On Fri, Jul 14, 2017 at 1:33 PM, Christopher Morrow >> wrote:
>> 
>>> Was there a list of folks collecting to provide fix actions for
>>> hotel/airport/etc?
>>> 
>>> Seems that IAD / Washington Dulles don't like "random" tcp/443 sites on the
>>> internet?  173.194.205.129
>>> 
>>> for instance, ping, traceroute, http but no https :(
>>> https works just fine from lots of other places on the tubes... just not
>>> the dulles wifi.
>>> 
>>> -chris
>>> 
> 
> --
> Ken Chase - m...@sizone.org Guelph Canada

Re: Webmail / IMAPS software for end-user clients in 2016

[Guillaume Tournat]

Zimbra is a full featured groupware server. I don't think you can just use the 
webmail part with existing IMAP server. 

So it doesn't fulfill requirements stated by initial poster. 



> Le 13 juin 2016 à 21:24, Greg Sowell  a écrit :
> 
> +1 for Zimbra
> 
>> On Sun, Jun 12, 2016 at 12:53 PM, Jim Lucas  wrote:
>> 
>> June 8 2016 6:08 PM, "Eric Kuhnke"  wrote:
>>> If you had to put up a public facing webmail interface for people to use,
>>> and maintain it for the foreseeable future (5-6 years), what would you
>> use?
>>> 
>>> Roundcube?
>>> https://roundcube.net
>>> 
>>> Rainloop?
>>> http://www.rainloop.net
>>> 
>>> Something else?
>>> 
>>> Requirements:
>>> Needs to be open souce and GPL, BSD or Apache licensed
>>> 
>>> Email storage will be accessed via IMAP/TLS1.2
>>> 
>>> Runs on a Debian based platform with apache2 or nginx
>>> 
>>> Desktop browser CSS and mobile device CSS/HTML functionality on 4" to 7"
>>> size screens with Chrome and Safari
>> 
>> I work for an ISP, and recently we were faced with the same dilemma. We
>> knew that our RoundCube was rather old and needed a facelift.  We started
>> looking at new clients what I came across RainLoop.
>> 
>> IMO RoundCube still doesn't have a decent working mobile theme.
>> 
>> I went ahead and installed RainLoop on my personal server. Configuration
>> was a breeze. The interface is very nice. And the mobile layout is very
>> slick.
>> 
>> I did come across a problem with displaying emails and when I emailed
>> their support email, they were very quick to respond.  And within 24 hors
>> they were able to write a fix for my specific issue and build a new release
>> for me to download and test.
>> 
>> I think that says something for their support team.
>> 
>> Even if my office doesn't adopt RainLoop,  I will continue using it on my
>> personal server for the forsee able future.
>> 
>> --
>> Jim Lucas
>> C - 5414085189
>> H - 5413234219
>> http://cmsws.com
> 
> 
> 
> -- 
> 
> GregSowell.com
> TheBrothersWISP.com

Re: Monitoring system recommendation

[Guillaume Tournat]

Things to notice, as I prefer Zabbix over nagios (real database related, more 
functionalities) :
- Zabbix actually is open source. You can buy support from them or from 
partners if you want
- Zabbix can be distributed through central/proxies architecture to scale
- nagios plugins can be adapted for Zabbix, as the later only needs numerical 
value (no status or text)


> Le 7 juin 2016 à 07:11, Andrew Kirch  a écrit :
> 
> I once worked for Zenoss and still suggest them. Zenoss supports NAGIOS
> plugins, and my $DAYJOB is at a Zenoss Partner who can help you achieve
> your goals.  If you need some help with Zenoss feel free to contact me off
> list.
> 
> Andrew
> 
>> On Monday, June 6, 2016, Manuel Marín  wrote:
>> 
>> Dear Nanog community
>> 
>> We are currently planning to upgrade our monitoring system (Opsview) due to
>> scalability issues and I was wondering what do you recommend for monitoring
>> 5000 hosts and 35000 services. We would like to use a monitoring system
>> that is compatible with the nagios plugin format, however we are not sure
>> if systems like Icinga/Shinken/Op5 are the way to go.
>> 
>> Is someone using systems like Op5 or Icinga2 for monitoring > 5000 hosts?
>> Would you recommend commercial systems like Sevone, Zabbix, etc instead of
>> open source ones?
>> 
>> Your input is really appreciated it
>> 
>> Thank you and have a great day
>> 
>> Regards
>> 

Re: mrtg alternative

[Guillaume Tournat]

Zabbix for monitoring/graphing/alerting
Can be used for maps and SLA measurements too 


> Le 28 févr. 2016 à 00:27, Roberto Alvarado  a écrit :
> 
> Zabbix works for me
> 
> 
> 
>> On 27-02-2016, at 18:12, Rafael Ganascim  wrote:
>> 
>> I like cacti:
>> 
>> http://www.cacti.net
>> 
>> 
>> 
>> 2016-02-26 20:18 GMT-03:00 Baldur Norddahl :
>> 
>>> Hi
>>> 
>>> I am currently using MRTG and RRD to make traffic graphs. I am searching
>>> for more modern alternatives that allows the user to dynamically zoom and
>>> scroll the timeline.
>>> 
>>> Bonus points if the user can customize the graphs directly in the
>>> webbrowse. For example he might be able to add or remove individual peers
>>> from the graph by simply clicking a checkbox.
>>> 
>>> What is the 2016 tool for this?
>>> 
>>> Regards,
>>> 
>>> Baldur
>>> 

Re: Anycast provider for SMTP?

[Guillaume Tournat]

Give a look at hosted GSLB service, FortiDirector, which I have set up for a 
customer (for SMTP, Exchange, ActiveSync world wide services. 



 Le 15 juin 2015 à 19:50, Joe Hamelin j...@nethead.com a écrit :
 
 I have a mail system where there are two MX hosts, one in the US and one in
 Europe.  Both have a DNS MX record metric of 10 so a bastardized
 round-robin takes place.  This does not work so well when one site goes
 down.   My solution will be to place a load balancer in a hosting site
 (virtual, of course) and have it provide HA.  But what about HA for the
 LB?  At first glance anycasting would seem to be a great idea but there is
 a problem of broken sessions when routes change.
 
 Have any of you seen something like this work in the wild?
 
 
 --
 Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474

Re: WiFi courses/vendors recommendation

[Guillaume Tournat]

Fortinet has good products for wifi indoor. Not tested outdoor. 



 Le 1 juin 2015 à 00:43, Mike Lyon mike.l...@gmail.com a écrit :
 
 Ubiquiti Networks.
 
 Its cheap and it works great. Support sucks though.
 
 I use Ubuquiti gear for my wireless ISP and i use their UniFi APs for when
 i do events.
 
 If you need high density wireless, check out Xirrus Wireless access points,
 they are awesome.
 
 -Mike
 On May 31, 2015 3:30 PM, James Laszko jam...@mythostech.com wrote:
 
 I don't have a vendor-agnostic answer for you on #1, but as far as a
 vendor - Ruckus Wireless.   We are a partner who sells and deploys and the
 stuff is quite awesome for what you're looking for.  I'd be happy to
 introduce you to relevant people over there for guidance.
 
 
 Regards,
 
 
 James Laszko
 Mythos Technology Inc
 jam...@mythostech.com
 
 
 -Original Message-
 From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Abdullah Medhat
 Sent: Sunday, May 31, 2015 3:07 AM
 To: nanog@nanog.org
 Subject: WiFi courses/vendors recommendation
 
 Good day all,
 
 We are looking forward to establish MetroWifi network as a new business
 line in our company, in addition to small/medium events Wifi coverage.
 
 I have two questions:
 1. What are the required resources/material/training curriculum to let our
 engineers start educating in this? We are looking for the vendor-agnostic
 materials that will give our engineers the WiFi essentials/fundamentals to
 start building a good foundation before evolving to the professional level.
 
 2. What vendors do you recommend? We need to find a cost-effective yet
 competent option with good pre/post sales service.
 
 Thanks,
 
 --
 
 Abdullah Medhat
 

Re: North Korean internet goes dark (yes, they had one)

[Guillaume Tournat]

You have listened Fox news for too long, being convinced that US are the good, 
and any others are evil. Dont you?


 Le 23 déc. 2014 à 21:00, Landon Stewart landonstew...@gmail.com a écrit :
 
 For the few elite that do have Internet in DPRK it would be 1) a big 
 inconvenience which would annoy them a lot and 2) they have to transmit what 
 they want attacked to the outsourced crew (whoever they might be) somehow.  I 
 doubt the outsourced group has a fax#.