Re: improving signal to noise ratio from centralized network syslogs

2018-01-26 Thread Steven Miano 
Splunk is the obvious solution that most organizations with a mature
security group will likely already have in their portfolio.

Going a step further, and with an abundance of skill, ability, and
forethought: either ELK (or any derivative there of such as: Elasticache,
Fluentd, Kibana), or rsyslog|syslog-ng + database + loganalzyer.

Grep-fu will pay dividends in any of the three options (do nothing, go
proprietary, go open).

~Steven

On Fri, Jan 26, 2018 at 1:01 AM, Michael Loftis  wrote:

> On Thu, Jan 25, 2018 at 8:11 PM Joe Maimon  wrote:
>
> > Hey All,
> >
> > Centralized logging is a good thing. However, what happens is that every
> > repetitive, annoying but not (usually) important thing fills up the log
> > with reams of what you are not looking for.
> >
> > Networks are a noisy place and silencing every logged condition is
> > impractical and sometimes undesirable.
> >
> > What I am interested in is an automated zoom-in zoom-out tool to mask
> > the repetition of "normal" events and allow the unusual to stand out.
> >
> > Add to that an ability to identify gaps in the background noise. (The
> > dog that didnt bark)
> >
> > What I am not interested in are solutions based upon preconfigured
> > filters and definitions and built in analysis for supported
> > (prepopulated definitions) platforms, this is all about pattern
> > mining/masking and should be self discoverable. Ideally a command tool
> > to generate static versions of the analysis coupled with a web platform
> > (with zoom +- buttons)  for realtime.
> >
> > I made a crude run of it with SLCT, using its generated patterns to grep
> > -v, and that in and of itself was useful, but needs a bit of work. Also,
> > its not quite real time.
> >
> > Any ideas would be greatly appreciated.
>
>
> Not cheap, but Splunk comes to mind.
>
> >
> >
> > Joe
> >
> --
>
> "Genius might be described as a supreme capacity for getting its possessors
> into trouble of all kinds."
> -- Samuel Butler
>



-- 
Steven M. Miano
http://stevenmiano.com

Re: Bonded VDSL2 / ADSL2+ Modems with 4 or more lines bonded

2017-01-09 Thread Steven Miano 
Zyxel SBG3600-N may be another offering you might want to look into?

On Mon, Jan 9, 2017 at 10:11 AM, Colton Conor 
wrote:

> What options are out there to bond 4 or more DSL lines together?
>
> I know Positron has a 4 and 8 pair VDSL2 modem
> http://www.positronaccess.com/AK626LC.php
>
> Adtran has a 8 port VDSL2 modem
> https://portal.adtran.com/web/page/portal/Adtran/product/1172868F1/470
>
>
> and an Adtran 12 port ADSL2+ modem
> https://portal.adtran.com/web/page/portal/Adtran/product/1172850G1/470
>
> Actelis has a 8 pair VDS2 Modem:
> http://actelis.com/actelis-products/ethernet-access-devices/ml700/
>
>
> Is there anyone else out there? The problem with all these solutions is
> they each cost over $1000, which is a lot considering 2 port bonded VDSL2
> modems are in the $75-150 range. I know demand for these products is low,
> but still hoping there is an OEM version.
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Wanted: volunteers with bandwidth/storage to help save climate data

2016-12-16 Thread Steven Miano 
It would seem like the more copies the better, seemingly chunking this data
up and using .torrent files may be a way to both (a) ensure the integrity
of the data, and (b) enable an additional method to ensure that there are
enough copies being replicated (initial seeders would hopefully retain the
data for as long as possible)...

On Fri, Dec 16, 2016 at 12:24 PM, Ken Chase  wrote:

> University Toronto's Robarts Library is hosting an all-day party tomorrow
> of
> people to surf and help identify datasets, survey and get size and details,
> authenticate copies, etc.
>
> fb event: https://www.facebook.com/events/1828129627464671/
>
> /kc
>
> On Fri, Dec 16, 2016 at 06:42:46PM +0200, DaKnOb said:
>   >We are currently working on a scheme to successfully authenticate and
> verify the integrity of the data. Datasets in https://climate.daknob.net/
> are compressed to a .tar.bz2 and then hashed using SHA-256. The final file
> with all checksums is then signed using a set of PGP keys.
>   >
>   >We are still working on a viable way to verify the authenticity of
> files before there are tons of copies lying around and there???s a working
> group in the Slack team I sent previously where your input is much needed!
>   >
>   >Thanks,
>   >Antonios
>   >
>   >> On 16 Dec 2016, at 18:30, Ken Chase  wrote:
>   >>
>   >> Surfing through the links - any hints on how big these datasets are?
> Everyone's got
>   >> a few TB to throw at things, but fewer of us have spare PB to throw
> around.
>   >>
>   >> There's some random #s on the goog doc sheet for sizes (100's of TB
> for the
>   >> landsat archive seems credible), and there's one number that destroys
>   >> credibility of the sheet (1000 GB (100 ZB)) for the EPA
> archive.
>   >>
>   >> The other page has many 'TBA' entries for size.
>   >>
>   >> Not sure what level of player one needs to be to be able to serve a
> useful
>   >> segment of these archives. I realize some of the datasets are tiny
> (   >> but which ones are most important vs size (ie the win-per-byte ratio)
> isnt indicated.
>   >> (I know its early times.)
>   >>
>   >> Also I hope they've SHA512'd the datasets for authenticity before all
> these
>   >> myriad copies being flungabout are 'accused' of being manipulated 'to
> promote
>   >> the climate change agenda' yadda.
>   >>
>   >> Canada: time to step up! (Cant imagine the Natl Research Council
> would do so
>   >> on their mirror site, too much of a gloves-off slap in the face to
> Trump.)
>   >>
>   >> /kc
>   >>
>   >>
>   >> On Fri, Dec 16, 2016 at 06:02:46PM +0200, DaKnOb said:
>   >>> If you???re interested, there???s also a Slack team:
> climatemirror.slack.com
>   >>>
>   >>> You can find more info about that here:
>   >>>
>   >>> - https://climate.daknob.net/
>   >>> - http://climatemirror.org/
>   >>> - http://www.ppehlab.org/datarefuge
>   >>>
>   >>> Thank you for your help!
>   >>>
>   >>>
>    On 16 Dec 2016, at 17:58, Rich Kulawiec  wrote:
>   
>    This is a short-term (about one month) project being thrown together
>    in a hurry...and it could use some help.  I know that some of
>    you have lots of resources to throw at this, so if you have an
>    interest in preserving a lot of scientific research data, I've set
>    up a mailing list to coordinate IT efforts to help out.  Signup via
>    climatedata-requ...@firemountain.net or, if you prefer Mailman's
> web
>    interface, http://www.firemountain.net/mailman/listinfo/climatedata
>    should work.
>   
>    Thanks,
>    ---rsk
>   
>   >>>
>   >>
>
> --
> Ken Chase - m...@sizone.org Guelph Canada
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Favorite Speed Test Systems

2016-12-05 Thread Steven Miano 
First, you only get down from fast.com not up - so the up/down is a bit
suspect there.

Second, this is a more 'real world' test than iperf - if you want to ensure
that your NIC is operating at the rated speed I'd imagine you'd have the
ability to setup an iperf target and check Layer2/Layer3 transfer
speeds/etc.

Third, you should really look into that if you are 1 hop away and getting
that type of speed. Clearly you deserve better. ;-)

80Mbps result (with comparison link if you don't like that one):
http://i.imgur.com/Cnr92Ag.png - of course I'm on a 240Mbps WAN connection:

*Last Result:*
Download Speed: *236960* kbps (29620 KB/sec transfer rate)
Upload Speed: *22991* kbps (2873.9 KB/sec transfer rate)
Latency: *12* ms
Jitter: *2* ms
12/5/2016, 10:57:56 AM

(Those results are from my provider in the Tampa Bay area at:
speedtest.bhn.net).

~Steven

On Mon, Dec 5, 2016 at 10:51 AM, Josh Reynolds  wrote:

> A lot of people have crappy performance to those. For example, from a 10G
> server to fast.com I was pulling around 9Mbps up/down. 1 hop away from a
> Netflix open connect appliance.
>
> On Dec 5, 2016 9:49 AM, "Steven Miano"  wrote:
>
>> fast.com is a dead fast/simple download result page.
>>
>> ...also with a huge customer base - it is often closer to
>> speedtest..net|com than some of those others.
>>
>> There is also a speedtest-cli available on Linux/MacOS (via Brew).
>>
>> On Mon, Dec 5, 2016 at 9:50 AM, Graham Johnston > >
>> wrote:
>>
>> > For many years we have had a local instance of the Ookla speedtest.net
>> on
>> > our network, and while it is pretty good some other tests seem include
>> more
>> > detailed results.
>> >
>> > I am aware of the following speedtest systems that an operator can
>> likely
>> > have a local instance of:
>> >
>> > * Speedtest.net
>> >
>> > * Sourceforge.net/speedtest
>> >
>> > * Dslreports.com/speedtest
>> >
>> > Are there others? What is your preferred one and why?
>> >
>> > Thanks,
>> > Graham
>> >
>> >
>>
>>
>> --
>> Miano, Steven M.
>> http://stevenmiano.com
>>
>


-- 
Miano, Steven M.
http://stevenmiano.com

Re: Favorite Speed Test Systems

2016-12-05 Thread Steven Miano 
fast.com is a dead fast/simple download result page.

...also with a huge customer base - it is often closer to
speedtest..net|com than some of those others.

There is also a speedtest-cli available on Linux/MacOS (via Brew).

On Mon, Dec 5, 2016 at 9:50 AM, Graham Johnston 
wrote:

> For many years we have had a local instance of the Ookla speedtest.net on
> our network, and while it is pretty good some other tests seem include more
> detailed results.
>
> I am aware of the following speedtest systems that an operator can likely
> have a local instance of:
>
> * Speedtest.net
>
> * Sourceforge.net/speedtest
>
> * Dslreports.com/speedtest
>
> Are there others? What is your preferred one and why?
>
> Thanks,
> Graham
>
>


-- 
Miano, Steven M.
http://stevenmiano.com

Re: 18 years ago today - rfc 2468

2016-10-15 Thread Steven Miano 
For those who are not sure: The significance of Jon Postel's contributions
to building the Internet, both technical and personal, were such that a
memorial recollection of his life forms part of the core technical
literature sequence of the Internet in the form of RFC 2468 "I Remember
IANA", written by Vinton Cerf.

On Sat, Oct 15, 2016 at 9:08 AM, Rodney Joffe  wrote:

> How time flies
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: issues?

2016-07-15 Thread Steven Miano 
@Ryan

I've been receiving a lighter amount of messages, but there was traffic on
Tuesday, Wednesday, and Thursdaymay want to check your spam/junk
folders?

On Thu, Jul 14, 2016 at 10:43 PM, Chris Boyd 
wrote:

>
> > On Jul 14, 2016, at 9:21 PM, Ryan Finnesey  wrote:
> >
> > Is this list having issues?  The last message I received was late
> Tuesday.
>
> You didn’t get a message from your router vendor(s) that it’s time for the
> biennial cleaning of the intartubes and emptying of the bit buckets?
>
> —Chris




-- 
Miano, Steven M.
http://stevenmiano.com

Re: Gmail down

2016-07-05 Thread Steven Miano 
Nothing being reported by the vendor:

http://www.google.com/appsstatus#hl=en&v=status

Seems all but calendar has been spotless for the past week

On Tue, Jul 5, 2016 at 10:53 AM, Josh Luthman 
wrote:

> Looks like it's back up for both my personal and work accounts (issue
> limited to the web interface).
>
> 851 reports and climbing every time I refresh @
> http://downdetector.com/status/gmail
>
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> On Tue, Jul 5, 2016 at 10:49 AM, Josh Luthman  >
> wrote:
>
> > Web interface is broken, downdetector sure sees activity.  This attempt
> is
> > from mobile.
> >
> > Josh Luthman
> > Office: 937-552-2340
> > Direct: 937-552-2343
> > 1100 Wayne St
> > Suite 1337
> > Troy, OH 45373
> >
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: NIST NTP servers

2016-05-11 Thread Steven Miano 
Building a S1 system with RaspberryPis would not fly in most of the
corporate/enterprise environments I've worked in (random 'appliances',
non-uniformity, and lack of support are all glaring issues).

Get a PCIe card with a BNC connector and dual power supplies for life in a
data center.

For home/hobby use a Garmin 18x LVC and any spare compute is a great
project: http://www.catb.org/gpsd/gpsd-time-service-howto.html

On Wed, May 11, 2016 at 6:47 AM, Dovid Bender  wrote:

> What about something like this?
> http://www.satsignal.eu/ntp/Raspberry-Pi-NTP.html
> Has anyone used a Pi to create their own server?
>
>
> On Wed, May 11, 2016 at 3:24 AM, Mel Beckman  wrote:
>
> > Regarding Roland’s reference to time and position spoofing via a hacked
> > GPS signal, the hacker has to get physical line of sight to the victim’s
> > antenna in order to succeed with this attack. That’s likely within a few
> > blocks, if not within a few feet. And a rooftop antenna might require a
> > drone attack. And how does the drone get guidance without a reliable GPS
> > signal? :)
> >
> > Eric, I agree that sometimes a site can’t get a GPS signal, but in my
> > experience designing data centers, that’s still pretty rare. Many NTP
> > systems use an active GPS antenna that can be hundreds of feet away. But
> > you can always put the $300 NTP server in an outdoor enclosure and power
> it
> > with PoE.
> >
> > There’s always CDMA, GSM, and even WWV for a less-accurate plan B time
> > source.  Here’s a somewhat pricey ($700) CDMA gizmo I haven’t
> investigated
> > yet:
> >
> > http://www.beaglesoft.com/celsynhowworks.htm
> >
> > And their $400 WWV-based Stratum 1 time server:
> >
> > http://www.beaglesoft.com/radsynreceiver.htm
> >
> > So if you want non-Internet clock diversity, you can have clock
> diversity.
> > You just have to pay for it.
> >
> >  -mel
> >
> > On May 10, 2016, at 9:18 PM, Eric Kuhnke  > eric.kuh...@gmail.com>> wrote:
> >
> > For quite some time, in debian the default configuration for the
> ntpd.conf
> > that ships with the package for the ntpd is to poll from four different,
> > semi-randomly assigned DNS pool based sources. I believe the same is true
> > for redhat/centos.
> >
> > In the event that one out of four sources is wildly wrong the ntpd will
> > ignore it.
> >
> > If people have routers/networking equipment inside their network that
> only
> > supports retrieving ntp from one IP address (or hostname) and have
> manually
> > configured it to request time from a single external source, not their
> own
> > internal ntpd that is <10ms away, bad things could definitely happen.
> >
> > It is worthwhile to have both polling from external sources via IP as
> well
> > as GPS sync. Many locations in a network have no hope of getting a GPS
> > signal or putting an antenna with a clear view to the sky, but may be on
> a
> > network segment that is <4ms away from many other nodes where you can
> > colocate a 1U box and GPS antenna.
> >
> > On Tue, May 10, 2016 at 9:05 PM, Joe Klein  > jskl...@gmail.com>> wrote:
> >
> > Is this group aware of the incident with tock.usno.navy.mil &
> > tick.usno.navy.mil on November 19. 2012 2107 UTC, when the systems lost
> 12
> > years for the period of one hour, then return?
> >
> > The reasons were not fully explained, but the impact was global. Routers,
> > switches, power grids, phone systems, certificates, encryption, Kerberos,
> > logging and any tightly coupled transaction systems were impacted.
> >
> > So I began doing 'security research' on the topic (don't confuse me with
> > joe hacker), and discovered both interesting and terrifying issues,
> which I
> > will not disclose on an open forum.
> >
> > Needless to say, my suggestions are:
> > 1. Configure a trusted time source and good time stratum architecture for
> > your organization.
> > 2. When identifying your source of time, the majority of the technologies
> > can be DDOS'ed, spoofed or MITM, so consider using redundant sources and
> > authentication.
> > 3. For distribution of time information inside your organization, ensure
> > your critical systems (Encryption, PKI, transactions, etc) are using your
> > redundant sources and authentication.
> > 4. Operating systems, programming languages, libraries, and applications
> > are sensitive to time changes and can fail in unexpected ways. Test them
> > before it's too late.
> > 5. Disallow internal system to seek NTP from other sources beyond your
> edge
> > routers.
> > 6. All core time systems should be monitored by your security team or
> SOC.
> >
> > One question, is this a topic anyone would find interested at a future
> > NANOG? Something like "Hacking and Defending time?".
> >
> >
> > Joe Klein
> > "Inveniam viam aut faciam"
> >
> > PGP Fingerprint: 295E 2691 F377 C87D 2841 00C1 4174 FEDF 8ECF 0CC8
> >
> > On Tue, May 10, 2016 at 9:59 PM, Mel Beckman  > m...@beckman.org>> wrote:
> >
> > I don't pretend to know all the ways a hacker can find out what nap
> > ser

Re: NIST NTP servers

2016-05-10 Thread Steven Miano 
NTP has vulnerabilities, so using an external source opens your networks
and infrastructure to disruptions.

Going with an internal GPS/GLONASS/RADIO based S1 allows you to restrict
incoming traffic and not rely on volunteers or external entities (which may
undergo maintenance or budget issues).

My preference is more so something akin to the GLN180PEX (I am not
affiliated or paid to endorse this product). It allows you to use commodity
hardware (like a decommissioned 1U or several preferably) and creation of
ones own reliable internal time source(s). Introducing black boxes into a
production (revenue generation or expected services by paying customers)
environment is undesirable.

>From there setting up NTPd, Chronyd, and PTPd is up to you.

Relying on satellites may seem like just another external reliance, but the
next life is proposing a design life of 12 years.

On Mon, May 9, 2016 at 11:12 PM, Majdi S. Abbas  wrote:

> On Tue, May 10, 2016 at 03:08:16AM +, Mel Beckman wrote:
> > NTP has vulnerabilities that make it generally unsuitable for
> > provider networks. I strongly recommend getting a GPS-based
> > time server. These are as cheap as $300. Here is one I use quite a bit:
>
> So how does this stop from distributing time to their
> customers via NTP?
>
> GPS doesn't save the protocol, in particular where the S1
> clocks involved are embedded devices with rather coarse clocks and
> timestamping.
>
> --msa
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Veeam Cloud Connect?

2015-11-18 Thread Steven Miano 
Using Veeam for backup at the moment, pretty unhappy with backup copy
functions on multiple deduplication devices.

Would also be very interested in hearing cloud connect experiences.

On Wed, Nov 18, 2015 at 12:09 AM, Mike Lyon  wrote:

> I haven't used Veeam Cloud Connect but I have used Veeam. I was pretty
> happy with it. Easy and fast to configure.
>
> -Mike
>
>
> On Tue, Nov 17, 2015 at 8:56 PM, Ryan Finnesey  wrote:
>
> > I was wondering if anyone has deployed Veeam Cloud Connect.  How has
> Veeam
> > been to work with?
> >
> >
> > Sent from my Windows Phone
> >
>
>
>
> --
> Mike Lyon
> 408-621-4826
> mike.l...@gmail.com
>
> http://www.linkedin.com/in/mlyon
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Quakecon: Network Operations Center tour

2015-08-01 Thread Steven Miano 
It would have been more interesting to see:

-- a network weather map
-- the ELK implementation
-- actual cache statistics (historically steam/game downloads are not
cahce'able)

Thanks for the share though Sean!





On Sat, Aug 1, 2015 at 9:16 PM, Christopher Morrow 
wrote:

> highlights:
>   "happy and blinking"
>   "two firewalls for the two att 1gig links, and two spare doing ."
>
> catalyst 6500's
>
> Also the 3750 on top of the services rack is funny... because empty.
>
> On Sat, Aug 1, 2015 at 3:27 PM, Sean Donelan  wrote:
> >
> > Non-work, work related information.  Many NANOG geeks might be interested
> > in this video tour of the Quakecon NOC tour.  As any ISP operator knows,
> > gamers complain faster about problems than any NMS, so you've got to
> > admire the bravery of any NOC in the middle of a gaming convention floor.
> >
> > What Powers Quakecon | Network Operations Center Tour
> > https://www.youtube.com/watch?v=mOv62lBdlXU
> >
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Whats' a good product for a high-density Wireless network setup?

2015-06-19 Thread Steven Miano 
> 8-10 buildings with possibly a over 1000 users at any given time.

Aerohive, easily. AP330s would thrive in a setup such as that.

On Fri, Jun 19, 2015 at 5:11 AM, Faisal Imtiaz 
wrote:

> >>> With that many users I cannot recommend Ubiquiti, Ruckus would be the
> way to go.
>
> Really ?
> Considering you are referring to Company Names, each with a full product
> line of low end to high end products ?
>
> I often remind folks that Chevrolet, makes both the Corvette as well as
> the Chevette
>
> :)
>
> Actual implementations, and deployments suggest that Companies offer
> products that can serve such an environment when implemented correctly.
> While they each have their strengths and nuances, the key is proper
> implementation...
>
>
> Faisal Imtiaz
> Snappy Internet & Telecom
>
> - Original Message -
> > From: "Tyler Mills" 
> > To: "Sina Owolabi" , "nanog@nanog.org list" <
> nanog@nanog.org>
> > Sent: Friday, June 19, 2015 2:24:00 AM
> > Subject: Re: Whats' a good product for a high-density Wireless network
> setup?
> >
> > With that many users I cannot recommend Ubiquiti, Ruckus would be the way
> > to go.
> >
> > On Fri, Jun 19, 2015 at 1:58 AM Sina Owolabi 
> wrote:
> >
> > > Hi
> > >
> > > We are profiling equipment and design for an expected high user density
> > > network of multiple, close nit, residential/hostel units. Its going to
> be
> > > 8-10 buildings with possibly a over 1000 users at any given time.
> > > We are looking at Ruckus and Ubiquiti as options to get over the high
> > > number of devices we are definitely going to encounter.
> > >
> > > How did you do it, and what would you advise for product and layout?
> > >
> > > Thanks in advance!
> > >
> > --
> > Tyler W. Mills
> > Infrastructure and Network Engineer
> > Atlanta,  GA.
> >
>



-- 
Miano, Steven M.
http://stevenmiano.com

Re: Recommended wireless AP for 400 users office

2015-01-29 Thread Steven Miano 
Another hat that I haven't seen thrown in the ring yet is Aerohive.

They're great to work with - and the product is decent in terms of
scalability across geographically locations with management being hosted by
them, or you - as/when needed.

Huge list of features and capabilities (from having silly fun with the LEDs
on the units, to 802.1x and WIPS/etc).

On Thu, Jan 29, 2015 at 11:22 AM, Paul Nash  wrote:

> You can also VLAN allocation through RADIUS.  Our setup has a single SSID,
> 250-odd user accounts.  User connects to the SSID & authenticates with
> their userid/password and is assigned to their VLAN, which connects them to
> the appropriate DHCP server, gateway, etc.
>
> Makes management and segregation fairly trivial (for non-trivial values of
> trivial :-)).
>
> paul
>
>
> > On Jan 29, 2015, at 11:18 AM, Tyler Mills  wrote:
> >
> > Most of the issues are related to firmware.  Most of my UBNT experience
> was
> > with the UAP-Pro and the UAP-AC, and it wasn't a good experience.
> > Production firmwares seem to be of beta quality.
> >
> > For features, they can't compete with Ruckus.  One thing I can think of
> off
> > the top of my head is support for tagging management on its own VLAN and
> > tagging wired traffic onto another.  If you were to implement this on the
> > UBNT products you would have to SSH into every single one and implement
> the
> > features as you would on a linux box, and it might work.  Ruckus, you
> > configure the VLAN's how you would want through the Zonedirector or the
> > AP's GUI and it will just work.
> >
> > They cost more, but you get what you pay for.
> >
> > On Thu Jan 29 2015 at 10:54:44 AM Mike Hammett  wrote:
> >
> >> Did you figure out why it was dropping out? All of it dropping out? Just
> >> some APs dropping? Just some users dropping?
> >>
> >>
> >>
> >>
> >> -
> >> Mike Hammett
> >> Intelligent Computing Solutions
> >> http://www.ics-il.com
> >>
> >>
> >>
> >> - Original Message -
> >>
> >> From: "Paul Stewart" 
> >> To: "Mike Hammett" , nanog@nanog.org
> >> Sent: Thursday, January 29, 2015 8:34:46 AM
> >> Subject: RE: Recommended wireless AP for 400 users office
> >>
> >> I had a bad experience with it one time at a tradeshow environment. 6
> >> access points setup for public wifi. The radio levels were quite good in
> >> various areas of the tradeshow however traffic would keep dropping out
> at
> >> random intervals as soon as about 300 users were online. It wasn't my
> idea
> >> to use UBNT but it definitely turned me off of their product after
> digging
> >> into their gear...
> >>
> >> Again as someone pointed out, for residential and perhaps SOHO
> >> applications it can probably work well - and in my opinion it's priced
> for
> >> that market.
> >>
> >> Paul
> >>
> >>
> >> -Original Message-
> >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mike Hammett
> >> Sent: Thursday, January 29, 2015 8:23 AM
> >> To: nanog@nanog.org
> >> Subject: Re: Recommended wireless AP for 400 users office
> >>
> >> What problems have you had with UBNT?
> >>
> >> It's zero hand-off doesn't work on unsecured networks, but that's about
> >> the extent of the issues I've heard of other than stadium density
> >> environments.
> >>
> >>
> >>
> >>
> >> -
> >> Mike Hammett
> >> Intelligent Computing Solutions
> >> http://www.ics-il.com
> >>
> >>
> >>
> >> - Original Message -
> >>
> >> From: "Manuel Marín" 
> >> To: nanog@nanog.org
> >> Sent: Wednesday, January 28, 2015 11:06:39 PM
> >> Subject: Recommended wireless AP for 400 users office
> >>
> >> Dear nanog community
> >>
> >> I was wondering if you can recommend or share your experience with APs
> >> that you can use in locations that have 300-500 users. I friend
> recommended
> >> me Ruckus Wireless, it would be great if you can share your experience
> with
> >> Ruckus or with a similar vendor. My experience with ubiquity for this
> type
> >> of requirement was not that good.
> >>
> >> Thank you and have a great day
> >>
> >>
> >>
> >>
>
>

Re: Marriott wifi blocking

2014-10-03 Thread Steven Miano 
There are IPS features in nearly all of the 'enterprise' level wireless
products now:

http://www.cisco.com/c/en/us/products/collateral/wireless/adaptive-wireless-ips-software/data_sheet_c78-501388.html

http://www.aerohive.com/solutions/applications/secure.html

Doing a search for WIPs - or browsing forums about poorly configured
WIPS/Policies can show that the deauth storms can be quite turbulent.

~mianosm

On Fri, Oct 3, 2014 at 4:06 PM, David Hubbard  wrote:

> Saw this article:
>
> http://www.cnn.com/2014/10/03/travel/marriott-fcc-wi-fi-fine/
>
> The interesting part:
>
> 'A federal investigation of the Gaylord Opryland Resort and
> Convention Center in Nashville found that Marriott employees
> had used "containment features of a Wi-Fi monitoring system"
> at the hotel to prevent people from accessing their own
> personal Wi-Fi networks.'
>
> I'm aware of how the illegal wifi blocking devices work, but
> any idea what legal hardware they were using to effectively
> keep their own wifi available but render everyone else's
> inaccessible?
>
> David
>

Re: No topic -- Photo in its context might be interesting...

2014-07-09 Thread Steven Miano 
Rest of the article for those interested/lazy:

http://englishrussia.com/2014/07/07/do-they-have-internet-connection-on-the-arctic-icebreaker/

Seems like most ships I've seen...satellite communication is nothing
new/crazy.


On Tue, Jul 8, 2014 at 8:31 PM, Larry Sheldon  wrote:

> http://media.englishrussia.com/022013/icebcomm/
> icebreakercommunicationsystems001-37.jpg
>
> In an article titled "Do they have Internet on the Icebreaker?"
>
> http://englishrussia.com/wp-content/plugins/ttftitles/cache/
> 3682a941fcfa4ee69e6f5e5e9729de4e.png
> --
> Requiescas in pace o email   Two identifying characteristics
> of System Administrators:
> Ex turpi causa non oritur actio  Infallibility, and the ability to
> learn from their mistakes.
>   (Adapted from Stephen Pinker)
>



-- 
 Miano, Steven M.
http://stevenmiano.com

Re: IANA IPv4 Recovered Address Space registry updated

2014-05-21 Thread Steven Miano 
If you're just clicking the link it won't work in some e-mail clients.

Copy the entirety and it will display for you I'm sure.


On Wed, May 21, 2014 at 2:42 PM, Larry Sheldon  wrote:

> On 5/20/2014 9:30 AM, Leo Vegoda wrote:
>
>> https://www.iana.org/assignments/ipv4-recovered-
>> address-space/ipv4-recovered
>> -address-space.xhtml#ipv4-recovered-address-space-2
>>
>
> Comes up 404 here.
>
>
> --
> Requiescas in pace o email   Two identifying characteristics
> of System Administrators:
> Ex turpi causa non oritur actio  Infallibility, and the ability to
> learn from their mistakes.
>   (Adapted from Stephen Pinker)
>

Re: Residential CPE suggestions

2014-05-06 Thread Steven Miano 
You could also go Supermicro, and build out a 1U with SFP/Copper
connections and put VyOS/vyatta as a linux based routing platform

going that way you'll be strictly CPU/software bound though (Intel
wrote up this interesting report:
http://www.csit-sun.pub.ro/~cpop/Documentatie_SM/Intel_Microprocessor_Systems/Intel_ProcessorNew/Intel%20White%20Paper/Integrating%20Services%20at%20the%20Edge%20for%20Intel%20Xeon%205500.pdfwhich
is no longer available on their site seemingly).

Totally built out you'd be looking at high triple digits (the SFP PCIe card
and chassis/motherboard would be your biggest hits).



On Tue, May 6, 2014 at 8:47 AM, Cryptographrix wrote:

> It also has support for some type of ipv4 and ipv6 offload.
>
>
>
> On Tue, May 6, 2014 at 3:01 AM, Joe Greco  wrote:
>
> > > I was also going to recommend the EdgeRouter Pro as it has dual SFP =
> > > ports and the Vyatta/Linux stuff works quite well.
> > >
> > > I suspect you will be very surprised with the quality experience.  If =
> > > you've not used Vyatta, it's very JunOS-like.
> >
> > Does anyone have any practical experience with the EdgeRouter with a
> > largish number of prefixes?
> >
> > http://dl.ubnt.com/datasheets/edgemax/EdgeRouter_DS.pdf
> >
> > The "2 million+ packets per second" leads me to believe that this is
> > merely a highly optimized software based router, but under "Hardware
> > Specs" it specifically says "hardware acceleration for packet
> > processing".
> >
> > I have no idea what's being accelerated since the "layer 3 forwarding
> > performance" specs for the FR-8 are 2Mpps (an 800MHz CPU) and the
> > FRPro-8 are 2.4Mpps (1GHz) which suggests software lookup.
> >
> > Do these things suffer if you load them down with a full table?  Or
> > a handful of firewall rules?
> >
> > ... JG
> > --
> > Joe Greco - sol.net Network Services - Milwaukee, WI -
> http://www.sol.net
> > "We call it the 'one bite at the apple' rule. Give me one chance [and]
> > then I
> > won't contact you again." - Direct Marketing Ass'n position on e-mail
> > spam(CNN)
> > With 24 million small businesses in the US alone, that's way too many
> > apples.
> >
>



-- 
 Miano, Steven M.
http://stevenmiano.com