Re: Suggestions for a more privacy conscious email provider
On 2017-12-02 10:35, Michael S. Singh wrote: Hi all, I am in need of some suggestions for some privacy conscious email providers. I am currently using Migadu email hosting from Switzerland, basically they allow their users to have as many domains and mailboxes without storage limits without extra cost. However they only allow 10 messages to be sent per day on their free tier. https://protonmail.com/ ?
Re: how statefull firewall works for udp?
Hello, Default configuration for statefull firewall is to allow traffic form TRUST ZONE to UNTRUST ZONE. As I Know those device will use some feilds in the TCP Header. But, how the firewall will handle this policy for none TCP traffics (udp, icmp, and IPsec)? http://lmgtfy.com/?q=+how+do+stateful+firewall+works+for+udp%3F I think understanding this will help me in the designing. Kr, Laurens
Re: Penetration Test Vendors
On 6/22/2010 10:48 PM, George Bonser wrote: Anyone have any suggestions for a decent vendor that provides network penetration testing? We have a customer requirement for a third party test for a certain facility. Have you used anyone that you thought did a great job? Anyone you would suggest avoiding? Replies can be sent off list and I will summarize any feedback I might get from the community if anyone is interested. Verizon Business (formerly CyberTryst formerly ...)?
Re: Finding content in your job title
This is perhaps a rather silly question, but one that I'd like to have answered. I'm young in the game, and over the years I've imagined numerous job titles that should go on my business card. They went from cool, to high-priority, to plain unimaginable. Now, after 10 years, I reflect back on what I've done, and what I do now. To me, if a business is loose-knit with no clear job descriptions or titles (ie. too small to have CXO etc), I feel that a business card should reflect what one feels is the primary job responsibility, or what they do the most (or love the most). For instance, I like to present myself as a 'network engineer'. I have never taken formal education, don't hold any certifications (well, since 2001), and can't necessarily prove my worth. How does the ops community feel about using this designation? Is it intrusive or offensive to those who hold real engineering degrees? I'm content with 'network manager', given that I still do perform (in my sleep) numerous system tasks and have to sometimes deal with front-line helpdesk stuff. Instead of acting like I'm trying to sell myself out, I'll leave out what I actually do and ask those who sig themselves with 'network engineer' what they do day-to-day to acquire that title, and if they feel comfortable with having it. When the University I worked for went all touchy-feely and told us to pick titles for ourselves I wanted to use Savant. They wouldn't let me, so I tried Jack Of All Trades. Vetoed. So I just stayed with the cards I had that said Associate Director for Telecommunications and Computers. Which is about as void of meaning then and now as anything I have ever heard of. I actually held the title Super Security Engineer at my previous company according to my business cards. Now that I think of it, I need new business cards, any ideas? :)
Re: Best VPN Appliance
On 3/8/2010 8:37 PM, Blomberg, Orin P (DOH) wrote: There is also the fact to consider that Cisco has said there will be no support for Windows 64-bit on their IPSEC client, they are pushing people to the AnyConnect (An SSL-based clientless IPSEC) who want to use Windows 64-bit or other OSs, so in the future the argument for having a separate box for client-based IPSEC will be moot. You can also use the Shrew Soft VPN Client. Comes in various flavors including 64-bit. Greetings, L. -Original Message- From: Stefan Fouant [mailto:sfou...@shortestpathfirst.net] Sent: Monday, March 08, 2010 11:29 AM To: Voll, Toivo; Chris Campbell; Dawood Iqbal Cc: nanog@nanog.org Subject: Re: Best VPN Appliance Toivo, The SA Series absolutely supports IPsec if you are using Network Connect. It defaults to using IPsec and if that is not supported then it will fall back to SSL. Of course, NC is not as secure as W-SAM, J-SAM, or Core Access in terms of role and resource granularity control but the support for IPsec is absolutely there. HTHs. Stefan Fouant --Original Message-- From: Voll, Toivo To: Chris Campbell To: Dawood Iqbal Cc: nanog@nanog.org Subject: RE: Best VPN Appliance Sent: Mar 8, 2010 11:56 AM We're generally happy with our Juniper SA6500s, but they, and a lot of the other SSL VPN vendor appliances will not support IPSec. Cisco's ASA does, but it's less feature-rich in the SSL VPN arena. The Juniper was the most mature and flexible of all the offerings we looked at, but also the most expensive, and it's not perfect either. Having migrated from Cisco's 3000 series appliances, the current SSL VPNs are a totally different mindset and about two orders of magnitude more complicated. Have a very good understanding of exactly what problem you're trying to solve with the product and what kind of policies and requirements you have to meet, or it's going to be a mess. I can answer more specific questions on our experiences and testing off-list. -- Toivo Voll University of South Florida Information Technology Communications -Original Message- From: Chris Campbell [mailto:chris.campb...@nebulassolutions.com] Sent: Friday, March 05, 2010 11:36 AM To: Dawood Iqbal Cc: nanog@nanog.org Subject: Re: Best VPN Appliance The Juniper SA is by far and away the market leader and in my opinion the best end user experience. On 5 Mar 2010, at 15:57, Dawood Iqbal wrote: Hello All, Is it possible to get your ideas on what VPN appliances are good to have in enterprise network? Requirements are; SSL IPSec Client and Web VPN support (Win/MAC/iPhone/Android) If webvpn is used, then when any user connects via webvpn, we should be able to re-direct him to any and ONLY specific application i.e SAP. If 2 boxes are installed then they should replicate data seamlessly. Regards, dI Sent from my Verizon Wireless BlackBerry
Re: Security Guideance
snip The problem is that a user on this box appears to be launching high traffic DOS attacks from it towards other sites. These are UDP based floods that move around from time to time - most of these attacks only last a few minutes. Maybe it's not 'malicious' at all. For instance, is there a Bittorrent client on the box? snip