Patch Management - Windows RHEL/CentOS based on Date
Hi All, Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out. Ie. Patch to date set to2012-06-10 So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the Patch to Date is moved forward. Wade Peacock Production IT | Vision Critical direct 604.629.9358 mobile 604.363.8137 www.visioncritical.comhttp://www.visioncritical.com/ New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
Akamai - Timouts (TCP Stalls) at the SIX
We've been experiencing issue with content coming from Akamai servers located in Seattle since Thursday January 27, 2011. Our upstream peers directly with Akamai as the SIX (Seattle Internet Exchange). We've been seeing timeouts/partial loads for sites with content delivered from IP block 96.17.8.0/24. Known impacted site for our customers: www.cbc.ca www.ebay.ca www.westjet.ca(redirect to www.westjet.com) We've opened tickets with our upstream and Akamai, but we are curious if others are experiencing the same issues. Wade Peacock Network Administrator Sun Country Cablevision Ltd Sunwave Internet Department Tel: (250) 832-9711 or (250) 546-9667 Dir: (250) 832-5123 x 220 Web: http://www.sunwave.net Email: wade.peac...@sunwave.net Support Email: supp...@sunwave.net
Re: Future timestamps in /var/log/secure
It is classic syslogd syslogd -v syslogd 1.4.1 I was thinking timezone but we are PST (-8:00) so I can not explain the +12:00 difference. Isn't the timestamps inserted by syslog rather then the reporting program itself? What syslog do you use - classic (ie: sysklogd) or a modern one like rsyslog? It almost looks like the timezone got changed from local to GMT or similar, then swapped back (as odd as it may sound). Perhaps time to file a bug report with the author of the syslog daemon you use?
Re: Future timestamps in /var/log/secure
the proftpd line happened to be the next line in the log. the next simular ssh lines looks like (duplicate removed) Feb 26 10:08:48 mx sshd[22165]: Did not receive identification string from UNKNOWN Feb 26 10:09:27 mx sshd[22261]: Failed password for root from 219.137.192.231 port 54111 ssh2 Been a long time since I've dealt with this stuff, but it looks like the shell for proftpd has a different TZ from the one running the other stuff. (syslogd runs in the shell of the caller, right?)
Re: Future timestamps in /var/log/secure
It might be prudent to mention that all of the connections of this type are null routed via an iptables drop rule after three failed attempts via a home grown daemon similar to DENYHOSTS. All traffic from host is DENIED for 120 days unless we manually over ride it. I do appreciate the cautionary, better have a look around just to be sure comments Wade
Re: Future timestamps in /var/log/secure
That does make sense. I will try to simulate that with a temporary virtual machine as a different timezone. Wade aha! there you go, mine doesn't but maybe yours does? The specification for the syslog protocol is that timestamps embedded in the message should be used instead of syslogd's time. Most syslog daemons as a result apply this concept to both local and remote messages. You have to keep in mind that syslogd can also send/receive messages to/from remote destinations. William
ATT / Bellsouth Email Feedback Loop
Greetings Brain Trust, We have found ATT to be heavy handed with their email (spam) filtering. Without warn all of our mail servers will be denied from delivering email to their many domains (att.net, bellsouth.net, etc). They have a removal request form (like most other large ISPs) which takes 2 days to process. We never find out why the we get listed. We always check as many email reputation systems and rbl searches to determine why. Everywhere we look we see no evidence of a problem. We have joined other ISP feedback look system, (AOL, Yahoo and even Hotmail/Live) which all have helped stop issues (comprised accounts, bots, etc) before they get to the point of a listing/block. I have searched and I can not find out definitively whether ATT has or does not has a feedback loop system. Anyone out there know? -- Wade Peacock Network Administrator Sun Country Cablevision Ltd Sunwave Internet Department Tel: (250) 832-9711 or (250) 546-9667 Web: http://www.sunwave.net Email: wade.peac...@sunwave.net Support Email: supp...@sunwave.net
Re: Network Provider Recommendation in Edmonton AB
Have you tried contacting Shaw Business Solutions (Formally BigPipe Inc) or Bell (GT /360 Networks) or even Telus? I would expect that all should be able to provide symmetric (non cable or adsl) solution. Wade Lyndon Nerenberg (VE6BBM/VE7TFX) wrote: I have a client in Edmonton who's looking for a network drop to their office, something in the 2-10 MB/s range. The location is at 46 Ave. and 99 St. The core requirement is for a bare unfiltered *symmetric* pipe (no ADSL). Traffic volume will be low: 2-4 laptop VPNs plus some light web server and email traffic. 2 Mb/s as a lower bound should be fine, with a /28 IPv4 address block (either bridged or routed). I've been away from Edmonton long enough now that I no longer know who's active there, so any and all feedback is welcome. (Vendors, too, provided you include some real content.) Please respect the Reply-To header. Cheers, --lyndon
Consumer Grade - IPV6 Enabled Router Firewalls.
We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd attachment: wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Matthew Dodd wrote: Apple has been shipping the Airport Extreme and Express (consumer router) with v6 support since 2007, if I recall correctly. They can also create a 4to6 tunnel automatically. By 4to6 to you mean IPv4 on the inside and IPv6 on the outside? Wade Peacock Sun Country Cablevision Ltd attachment: wade_peacock.vcf