Re: [swinog] Port 25 Blockade @ Swisscom (Bluewin)

[Daniele Guazzoni]

Spam coming through Bluewin ADSL is not something new.
Doing whatever action to stop spam in an early stage (aka years ago) would
not had result in a shitload of support calls.
But the guys at Swisscom waited long enough to implement this, so they don¹t
deserve my empathy...

I know enough ISPs which implemented the ³forced own SMTP² already on
dial-in accesses (so you see which decade I¹m talking about).

Finally I just wonder which alternative ISP will the swiss-spammers choose
to continue to mess up the internet.
Keep looking your spam-filter logs for a mass shift :-)

Daniele

On 3/8/10 2:26 PM, "rai...@ultra-secure.de"  wrote:

> Blocking port 25 for *everybody* will just help to induce one shitstorm of
> a support-nightmare. It doesn't even make a difference if you have a
> grace-period or not (people ignore this stuff anyway).
> Steven can probably provide numbers about how many people are still using
> 25 vs. 587.
> It's probably millions.
> What happens if millions of people call the support-hotline?
> 
> Yep, I hate the privacy implications. But with 100k abuse complaints/month
> - what would you do, besides going postal?
> 
> The only thing that could be done is a government-mandate to cut-off
> people with zombies in their LANs from the net and have a state-licensed
> PC-techie come over and clean-out the PC(s). For 200 CHF per hour. Plus 37
> CHF court costs and administrative fees. ;-)
> 
> 
> It works for cars, so it should work for PCs, too, right?
> ;-)
> 
> 
> 
> Rainer
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
> 
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.733 / Virus Database: 271.1.1/2717 - Release Date: 03/07/10
> 20:34:00
> 



This e-mail, any associated files and the information contained in them are 
confidential and is intended for the addressee(s) only. If you have received 
this message in error please notify the originator and delete the email 
immediately. The unauthorised use, disclosure, copying or alteration of this 
message is strictly forbidden. E-mails to and from the company are monitored 
for operational reasons and in accordance with lawful business practices. Any 
opinions expressed are those of the individual and do not necessarily represent 
the views of the company. The company does not conclude contracts by email and 
all negotiations are subject to contract. We make every effort to maintain our 
network free from computer viruses but accept no responsibility for any viruses 
which might be transferred by this e-mail.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] BGP over xDSL ... is evil? says who?

[Daniele Guazzoni]

Lukas Beeler wrote:
> Now, even expensive FB-DIMM memory by vendors like HP and IBM only
> costs around 360 CHF for 4 GB. And even small two way x86 boxes max
> out at around 32 - 48 GB. Even if Cisco and Juniper charge 10x as
> much, that'd still be only 3600 CHF.
> 
> I understand that routers use ASICs and probably faster memory than
> servers, but i can't really imagine it to be a problem to pop 4GB
> memory into a router that's connected directly to the internet.
> 
> Now, where am i mistaken?
> 

There still a lot of hardware around which is at the memory expansion limit.
And (talking about Cisco) the IOS images don't tend to get smaller...
So finally you end up replacing the whole router or NM-engine for some kilo-$ 
instead of a relative cheap memory upgrade...

I agree with Fredy's concerns about link stability and flapping, especially for 
residential services.
BGP on DSL can although be deployed as backup solution or, if you're close 
enough to the "BBCS owner", as main link.
The major problem you face there is getting a skilled person when you're in 
trouble...
The help-desk guy/girl you get at the phone does usually don't even know how to 
spell B-G-P and will ask you why you have 4 of them :-)

Daniele

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] following to my illegal service secret stuff

[Daniele Guazzoni]

***UNSUBSCRIBE***

Zorg 421 wrote:
> Hello,
> 
> A following to my service secret stuff:
> 
> - It does not seem linked much to the vaud state police before may-june 
> 2008.
> - Between 2002 and 2007, it definitively seems linked to the DDPS / SRS 
> (Strategischer Nachrichtendienst SND), the "agents" close to me being 
> RENATO and GADLU.
> 
> The goal of all of this mess:
> 
> Infiltrating the internet community (in this experiment, thru me) and 
> get close to people able to engineer
> traffic spying device, by using the filtrating proxy and 
> anti-pedocriminality "coverup".
> 
> The whitebox setup is a perfect setup for illegal spying activities that 
> spying shop are so eager to have under their hands.
> Don't dream much: they are laws regulating that kind of action, but 
> service secret office people always complain about
> the hassle to go thru the legal way.
> 
> With me, their have been pushing way too far, but beware, they may act 
> more sensibly next time.
> 
> I've added some abstract and conclusion to the website, but it's still 
> in french only.
> 
> http://helvetic-park.bravehost.com/
> 
> Regards.
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailGate* , and is
> believed to be clean.
> 
> 
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] $MATCH (fwd)login banner

[Daniele Guazzoni]

Or other wisely said:
"Security is not absolute. It's just a matter of will and perseverance to break 
in."

Now to come back to the login banner:
what exactly do you want to protect with a "lawful banner" your 
network/application or the operators ?

I mean, if you offer someone a login and you cannot:
- ensure you can clearly identify the person loggin in
- ensure that, within the reasonable limit, your authentication system is 
secure (2 factor authenthication, ...)
why bother about statements like "I told you not to" ?

Either you set up your systems in a way you can sleep at night or you will have 
to deal with a potential security issue.
No matter how your banner will look like.

You can actually resume the whole story in two simple words: risk management.

Daniele

Michael Naef wrote:
> "Security cannot be declared, one can only try hard and 
> constantly to implement it."


-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Weird BGP behavior at Swisscom

[Daniele Guazzoni]

Someone from Swisscom could please contact me off list.
We are facing troubles with announcements through ASN3303.

Thank you

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] a NAZI in the vaud state police experimentatingBRAINWASHING

[Daniele Guazzoni]

That's a personal opinion.
Read the charter at http://www.swinog.ch/charter/index.asp

Daniele

Gaston Shepard wrote:
> Look one screen height above the .png, from january 2007, it's only 
> about human networks in the computer network engineering field.
> 
> And my goal is to say "beware".
> 
> Of the military sons around you.
> The right wing policeman.
> And banking pseudo-ethical freaks (mine masquerade herself has a 
> psychiatrist lately to "network" other peoples and have more trust from 
> them it seems).
> 
> Le 19 décembre 2008 02:15, Steven Glogger  a écrit :
> 
> i just read this mail and take a short look at the website.
> i dont think swinog is the right platform for those topics..what do
> you think?
> -steven
> 
> 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailGate* , and is
> believed to be clean.
> 
> 
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] test

[Daniele Guazzoni]

please ignore

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] a NAZI in the vaud state police experimentatingBRAINWASHING

[Daniele Guazzoni]

This has really nothing to do with Swinog.
No comment.

Daniele

Steven Glogger wrote:
> i just read this mail and take a short look at the website.
> i dont think swinog is the right platform for those topics..what do you 
> think?
> -steven
> 
> 
> *From:* swinog-boun...@lists.swinog.ch
> [mailto:swinog-boun...@lists.swinog.ch] *On Behalf Of *Gaston Shepard
> *Sent:* Friday, December 19, 2008 12:15 AM
> *To:* swi...@swinog.ch
> *Subject:* [swinog] a NAZI in the vaud state police
> experimentatingBRAINWASHING
> 
> Guys, here is an account of my life in this business, with a cop,
> used to be a friend of mine at school, became a real NAZI.
> It's a tale of service secret, and the worst you can imagine.
> 
> It's happening in switzerland, not under a dictature.
> 
> It's in french. Please feel free to translate it in german, it's
> worth it.
> 
> ---
> Short synopsis
> ---
> 
> Les services secrets: un gateau a la merde dont ont me sert une
> tranche par jour depuis 6 ans
> 
> Mon premier emploi, chez un ISP, des droles de zozo nous tournent
> autour, lors de sorties en soiree
> dans les restaurant de la region, avec 3 collegues et amis. A cette
> epoque je ne me rend compte de
> rien, c'est plus tard que j'ouvrirai les yeux sur ces phenomenes.
> 
> Printemps 2001, un type m'en parle, pas de la maniere la plus
> simple. J'oublie dans les minutes qui
> suivent notre conversation.
> 
> Fin du printemps 2002, suite a des sortes de minis pieces de theatre
> dans des lieux pour moi habituels,
> je commence a devenir conscient. Pendant quelques jours c'est
> relativement marrant. Au bout de 3 a 4 semaines
> il me paraissent imbeciles et grossier au possible a de tres rares
> exceptions.
> 
> S'enchaine tres rapidement un episode digne d'une insondable
> connerie humaine: en fin d'une journee
> de "test" pour la ville de Lausanne, mon amie me tend un joint
> petite feuille bien rempli de mix.
> Je le fume sans me douter de rien. Il a une amertume inhabituel mais
> je ne me doute pas de
> la suite des evenements. Une minute a peine apres avoir terminer le
> joint, la montee est particuliere: mon
> pouls monte tres rapidement a env. 160 - 170 pulsations minutes,
> sans aucune activite physique.
> S'ensuit une inquietude quant a mon poul, degenerant en un grave
> acces psychotique.
> Un empoisonement avec une substance genre stimulant cardiaque ou
> vasodilatateur puissant. Une vrai
> saloperie, un bad trip impossible a obtenir avec du cannabis.
> 
> Hopital regional. Sa ne se calme guere. Hopital psychiatrique.
> Neuroleptique dosage maximal.
> Dehors, dans la rue, le plan des cretins organises en reseau
> continue a exister pour me montrer du pays,
> a quel point je suis petit face a l'immenste sociale de vieux
> patriotes d'arriere garde.
> Il va s'eterniser sur 3 (!) longues et penibles annees.
> 
> Gravement soumis par la peur, je vais commettre ma seule erreur: ne
> pas oser en parler.
> Meler a la peur de tous les instant, je perd mes capacites de
> concentration et m'enfonce
> dans une depression severe, a trois reprise la tentation du suicide
> est forte a tres forte.
> 
> Je vais perdre 2 jobs successifs, apres quoi je refais un sejour en
> hopital psychiatrique.
> La comme par enchentement, les imbeciles cessent leur demonstration
> de force, des ma sortie de
> l'hopital.
> 
> La peur va enfin me quitter, laissant place a une emotivite vive,
> une sursensibilite
> au moindre alea de mon environnement, puis je vais m'enfoncer dans
> une melancolie tournant a la depression
> durant encore 2 ans.
> 
> C'est seulement debut 2008 que je remonte a la surface, avec encore
> quelques trous d'airs en terme
> d'humeur et une ribambelle d'hurluberlu m'influencant pour me faire
> taire.
> 
> Un systeme de conditionnement et controle de l'humain deguise en
> autre chose, a la guise, en fonction
> du soldat a "integrer" (les pretextes trop divers sont la seul
> raison du secret).
> Une ribambelle d'imbeciles convaincus d'etres des agents secrets,
> un laisser faire politique bien pratique pour maintenir une chape de
> plomb et continuer
> a etre une place de reglement d'affaires financieres a l'abri des
> critiques (je parlai
> a mon entourage de la taxe tobin et du risque systemique peu avant
> la decompensation).
> 
> A titre personnel, 6 annees de vie perdue, a regresser
> professionellement pendant 3 ans, pour
> combler mon retard les 3 suivantes. 4 sous neuroleptique.
> 3 ans ou ma personnalite va se dissodre dans le bain acide de la
> peur. Suive 2.5 ans de lourds
> sequels de _DEPERSON

Re: [swinog] Netclean - news

[Daniele Guazzoni]

I see this like another example of fighting evil at the wrong end.
Of course it is important to fight such content but is filtering websites the 
right method ?
I don't think so.

Let be realistic, how many ISPs worldwide are gonna deploy a Whitebox ?
Filtering locally simply means stopping end users to access illegal sites.
Ok, but the sites are still there and everybody else will still have access !
What do we wanna fight ? The access to illegal content or the publishing of 
them ?
Just because some ISPs will filter-out those sites will not reduce the amount 
of kids being abused.
What is worser ? Someone looking at kids being abused or someone who abuse them 
?

I see already Netclean press releases claiming the big success as the list of 
sites will increase,
as at the same time, the guys who manage those sites will not notice any 
decrease in hits...

The Netclean solution is better than nothing but definitely this is not gonna 
make the difference.

Daniele



-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] I miss you spam...

[Daniele Guazzoni]

And here we go with a new wave of spam coming from DSL and Cable bots...
My spamfilter was getting bored...


Benoit Panizzon wrote:

Am Dienstag, 4. November 2008 08:54 schrieb Benoit Panizzon:

Am Dienstag, 4. November 2008 08:46 schrieb Adrian Kägi:

About 2 weeks we receive approx. 30% less Spam on our Firewall.

someone knows the same phenomenon?


Ok, I must correct my statement. Since mccolo etc. are down, spam has 
considerably dropped:


http://spamkiller.scout.ch/index.php?view=_spamno_checkvirusmail_inskip_checksuserunknown_summary_line.png





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

<>___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] I miss you spam...

[Daniele Guazzoni]

I can confirm this behavior.
Although I don't expect that the spammers gave finally up...

Daniele



Adrian Kägi wrote:

About 2 weeks we receive approx. 30% less Spam on our Firewall.

someone knows the same phenomenon?

Is the Bot-Master in holidays? ;-)

 


Best wishes

Adrian

 



--
This message has been scanned for viruses and
dangerous content by *MailGate* , and is
believed to be clean.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

<>___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Bluewin and Prestige 650ME

[Daniele Guazzoni]

Ensure that the distance between splitter and modem is no more than 2m and it 
will work fine...

Daniele

Josh Geisser wrote:
> Hi Swinog
>  
> is there an issue with those old Zyxel Prestive 650ME modem/routers? I 
> have that 650 configured as modem and want to use PPPoE from a pfSense.
> works fine for 10minutes until the connection breaks and i do have to 
> reboot either the pfSense, or restart the 650. then it works again for 
> 10min.
>  
> i wonder whether this is a bluewin issue, or a 650 problem?
>  
> cheers
> Josh
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailGate* , and is
> believed to be clean.
> 
> 
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] RBL's (again) (Was: Anyone from Green here?)

[Daniele Guazzoni]

...and beside that, is really strange that 90% of the professional spam cleaner 
(I'm talking about services not appliances) extensively use greylisting.

I'm using greylisting (with some self made scripts to auto learn to withe and 
blacklist) since 2 1/2 years and I never missed a single mail.

Someone said that "greylisting is a religion".
No, it's not.
It's just a pretty effective method of keep the spam out.
There are lot of tools, scripts and applications to do that but most of them 
are quite cpu intensive.
98% of the incoming spam is catched by the greylisting engine with almost zero 
cpu, only the remaining 2% need to be analyzed.

And so fair as I am, I also put a notice in the 450 and 554 error code 
explaining why it is delayed or rejected.
That's not true for notorious spammers which will hangs for hours in my tarpit 
(and thus saving some other people from being spammed).
I know that spammers don't cares about logs but I expect a serious mail-admin 
does (at least the non M$ admins) and can react on it.

As long as the internet community does not efficiently fight spam at the source 
I will put my efforts on fighting spam at the destination !
My personal opinion is that no consumer hoster or ISP (xDSL/Docsis) should 
allow their customers to send SMTP directly (beside some exceptions).
Just a matter of keep the mess out of the net.
We all know that most of the spam comes from bot pc which are on residential 
access.
I guess that if every ISP would apply a mandatory SMTP-relay we would have at 
least 70% less spam !

And now I stop before we start another "never ending flame-up" discussion :-)


Stanislav Sinyagin wrote:
> actually greylisting works pretty well, and the whitelist 
> of exceptions is relatively small (not more than 300 entries as 
> far as I remember). Also if you communicate the value 
> of it to the customers, they tend to agree that having 90% of spam 
> filtered before entering the system is worth waiting for half an hour 
> for email from a new source. 
> 
> It's also a matter of resources: if you don't want or cannot enable 
> greylisting, you have to invest more resources into a more sophisticated 
> mail filtering software. Even if it's available for free, still developing 
> and maintaining your solution might become too expensive.
> 
> so, basically as we discussed it already last week in regards to Skype:
> use the right tools for the right task :-)
> 
> 
> 
> 
> 
> 
> 
> - Original Message 
>> From: Tonnerre Lombard <[EMAIL PROTECTED]>
>> To: [EMAIL PROTECTED]
>> Cc: swinog@lists.swinog.ch; [EMAIL PROTECTED]
>> Sent: Friday, October 17, 2008 5:27:10 PM
>> Subject: Re: [swinog] RBL's (again) (Was:  Anyone from Green here?)
>>
>> Salut, Per,
>>
>> On Fri, 17 Oct 2008 12:47:48 +0200, Per Jessen wrote:
>>> Another option is to disable greylisting just for that one
>>> mailserver.  
>> This implies that either you know all servers hosting broken scripts
>> (NP-complete I think) or your customers will always communicate
>> problems. Usually they encounter them and rant about it on their
>> Stammtisch and then change provider to someone with one hell of a lot
>> of SPAM.
>>
>> Tonnerre
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
> 

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] RBL's (again) (Was: Anyone from Green here?)

[Daniele Guazzoni]

Don't blame greylisting for this behavior.

Queue-and-retry was an option but it is mandatory since RFC-2821.

The very obsolete RFC-821 stated that "clients should retry".
In the old RFC-2119 it was explained that "should" means recommended. 
The actual RFC-2821 states clearly that:
- "the SMTP client retains responsibility for delivery of the message"
- "the SMTP client is encouraged to try again"
- "mail that cannot be transmitted immediately MUST be queued and 
periodically retried by the sender."

You'd rather blame the lazy programmers who don't cares about RFCs and other 
standards !

Daniele


Tonnerre Lombard wrote:
> The problem is that your users go to web sites and subscribe their mail
> addresses to newsletters generated by PHP programmers. As expected, a
> lot of these try to deliver the mail directly to the destination host
> from the PHP script using some Pear SMTP crap module, rather than local
> sendmail. A typical dialog looks about like this:
> 
>  Out: 220 planck.ngas.ch ESMTP Postfix (2.5.1)
>  In:  HELO gmail.com
>  Out: 250 planck.ngas.ch
>  In:  MAIL FROM: <[EMAIL PROTECTED]>
>  Out: 250 2.1.0 Ok
>  In:  RCPT TO: <[EMAIL PROTECTED]>
>  Out: 450 4.7.0 You are greylisted for 300 seconds
>  In:  DATA
>  Out: 554 Error: No valid recipients
>  In:  From [EMAIL PROTECTED]
>  Out: 221 2.0.0 error: I can break rules, too. goodbye.
> 
> Not very problematic for the mail server but of course the PHP script
> does _not_ attempt redelivery. And your users go to gmail, because
> there they get the mail. Not sure that's desirable for you.
> 
> That's the problem I am seeing with Greylisting, and I have discovered
> that methods like rejecting SPAM after DATA can be way more effective
> if the SPAM filter databases are sufficiently trained and the RBLs well
> chosen.
> 
>   Tonnerre
> 
> 
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Firewall recommendation for a rack of webservers?

[Daniele Guazzoni]

pfSense HAS commercial support !
It is provided by BSD Perimeter and Centipede Networks
Take a look at www.pfsense.org under "support".

Open-source and unsupported are two different words.

Daniele

Manuel Krummenacher wrote:

Hello!

On Wed, June 18, 2008 2:06 pm, Olivier Mueller wrote:

Is there anything you can recommend in this case?  It if was only me,
I would take something there:
http://pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50
and start with that.  But the customer would also like to see some "non
open-source"-based solutions... :>


I would go with pfSense, but a Zyxel Zywall could also be an option if it
should be a "commercial solution". Reasonable price, many features,
rackmount kit available and very good support.

Regards,

Manuel

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Firewall recommendation for a rack of webservers?

[Daniele Guazzoni]

Beat Siegenthaler wrote:

In this case You will be forced to deploy M$-ISA ;-)


Please...
He's talking about firewalls... :-)


Oliver, I have pfSense in use and you can also have commercial support from 
them.
It's stable and you can run inline-snort with autoblacklist or simple log.
I guess for your purpose it's not a bad solutions.

If you want to impress your customers go for Secure Computing Sidewinder G2...
...but get a sponsor before !

Daniele

--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Switzerlandwide Internet problem

[Daniele Guazzoni]

Well, as I called the helpdesk on thursday they told me that they got a 
swiss-wide outage.
We have a dual DSL link with BGP and both link never went down and the remote 
/30 was all the time reachable.
Simply over 30 min we got no prefixes being announced and also the default 
route was not present.
I guess they messed up some routing, at least in the ZH big area.
Anyway, I don't expect any (plausible) RFO from them.

Daniele

Tonnerre Lombard wrote:

Salut, Michele,

On Fri, 6 Jun 2008 15:00:11 +0200, Michele Capobianco wrote:

A friend just told me that Cybernet told him there is a
Switzerlandwide Internet Problem. Does anybody know something?


I did notice two short interruptions, but other than that, I didn't see
any major outage expect on Cybernet's side. So I think this is a
typical case of "Oh look, the entire rest of the internet is down!"

Tonnerre




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Unbundled ADSL in Volketswil ?

[Daniele Guazzoni]

Sorry to bother you during your friday evening beer... ;-)

Anyone knows if there is any ISP offering unbundled ADSL in Volketswil ?

Answer please directly to me.


Thanx

Daniele

--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Windows-Pizza

[Daniele Guazzoni]

Your scripts do not work on mozilla (or opera or safari or whatever) ?
Go the lazy way as the M$ pizza admin did: code for IE and shit on everything 
else !

Pizza admin if you read these lines:
you absolutely need to add some .asp, direct-x, c# and VB-scripts !
Some few non M$ people still can access you page...

:-)

Stanislav Sinyagin wrote:

but broken javascripts don't let you use the site from mozilla anyway :-)

- Original Message 

From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Sent: Tuesday, November 27, 2007 10:26:54 AM
Subject: Re: [swinog] Windows-Pizza

Seems the defacers (?) are reading the Swinog-list... at least 
pizza-joker.com can be reached again... 




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



--


regards


-----
Daniele Guazzoni
Senior Network Engineer, CCNP, CCNA


Linux and AMD-x86_64 or do you still with Windows and Intel ?

--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] New cisco dealer ?

[Daniele Guazzoni]

Do I get Coop SuperPoints by buying ? :-)
Or will they organize a "Catalyst Trophy" ? :-)

Daniele


[EMAIL PROTECTED] wrote:

i was speakless ..

_http://www.microspot.ch/microspot/__HYBRIS__/category/Microspot.ch/JJ_Bridges_Router&manid=Z00087/detail.jsf_ 
<http://www.microspot.ch/microspot/__HYBRIS__/category/Microspot.ch/JJ_Bridges_Router&manid=Z00087/detail.jsf> 



Roger
 


--
This message has been scanned for viruses and
dangerous content by *MailGate* <http://www.gcomm.ch/mailgate.html>, and is
believed to be clean.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


--


regards


-----
Daniele Guazzoni
Senior Network Engineer, CCNP, CCNA


Linux and AMD-x86_64 or do you still with Windows and Intel ?

--
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

RE: [swinog] Re: blocking ports?

[Daniele Guazzoni]

Ladu, Daniele wrote:
> Why not sell some fixed IPs, to customers who want use their own
> mailserver ?
> If i receive a request from such a user, that has a dyn IP, i tell him
> to buy
> a static one, because of full control and exclusion of DUHL. Furthermore
> the customer is self responsable, if a IP Adress in his range will be
> listed.
> Complaint Mails are also directly sent to the owner of the IP, so the
> Abuse Team
> don't need to work on such cases.

That's the setup I have.
ADSL with static IP, own MTA, registered abuse e-mail, ...
Having a smarthost in front would not be a big problem too but I'll prefer
to be directly exposed to the internet as I'm developing a spam-filter and
the "raw scum" feeds my filter :-)

Daniele


-- 
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.

___
swinog mailing list
[EMAIL PROTECTED]
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: C(c)able Problems was: [swinog] de-peering

[Daniele Guazzoni]

 --
 --
 [   Will van Gulik ]
 [  [EMAIL PROTECTED]]
 [ http://www.porcus.ch ]




graphic

csdata brasil Ltda.
Roger Schmid
Rua Arquiteto Luiz Nunes 186
Imbiribeira
CEP: 51170-430   
Recife / PE


BR +55 81 3422 1714
US:  +1 360 515 33 80
CH:+41 32 5110858
UK:+44 8444845331
VOIP: [EMAIL PROTECTED]


--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


--


regards


-
Daniele Guazzoni
Senior Network Engineer, CCNP, CCNA


Linux and AMD-x86_64 or do you still with Windows and Intel ?

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] BGP problems at Cablecom?

[Daniele Guazzoni]

Use ORSN (Open Root Server Network) public nameservers:

NS1.DE.EU.ORSN.NET  IP 217.146.139.5
RESOLVER.DATA-UNION.NET IP 62.157.101.211


Daniele

Stanislav Sinyagin wrote:

as a home user of Cablecom, I can't reach many American sites
since about 11am this Sunday.

These are not reachable:

mail.yahoo.com
gmail.com
www.cnn.com

Most of Swiss (and surprisingly Russian :) sites are reachable.

cheers,
stan
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] smtp attacks

[Daniele Guazzoni]

Uhm, my private detected spam count is still average:
150 spam/24h which means 87% of total mails received.
Also nothing special here.

This is not spam. To unsubscribe to this mail please reply with the 
words "shut up" in the subject, directly to me :-)


Daniele

Matthias Hertzog wrote:

Yes, same here. We had to blacklist several domains to keep our
inbound clean.

Matthias Hertzog
_

mhs @ internet AG
Zürcherstrasse 204, CH - 9014 St. Gallen
Phone +41 71 274 93 93, Fax +41 71 274 93 94
http://www.mhs.ch
_





- Original Message - From: "Rene Luria" <[EMAIL PROTECTED]>
To: ; <[EMAIL PROTECTED]>
Sent: Monday, November 27, 2006 5:58 PM
Subject: [swinog] smtp attacks



Hi folks,

We are currently experiencing a heavy load on all our smtp inbound
servers since saturday.

It is due to bounces coming from everywhere. Spamers using fake email
addresses from domains for which we are the MX.

The amount of such emails (which we almost all reject, user unknown,
etc.. because of the fake email addresses) is enormous compared to
normal traffic (like 10 times what we have in general).

Do any of you experience the same problem ?

--
Rene Luria
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Selling hardware...

[Daniele Guazzoni]

Would someone please remove Knowledge Computers from the list ?
During the last discussion regarding what is allowed to be posted for 
sales we got an agreement.


see http://lists.swinog.ch/public/swinog/2006-May/subject.html "Rules 
for used hardware selling"


Knowledge Computers is definitely no ISP nor it has in any way something 
to do with Switzerland.
Actually if they would send e-mail to my account they would be tagged as 
spam...



Daniele

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] CCNP

[Daniele Guazzoni]

Zoran

is really a matter of self discipline and motivation.
I did CCNA and CCNP almost on my own (2 courses at Getronics), the main 
effort using Cisco press and related books, CCO and of course hands-on 
on some real hardware...


Personally I use the kick in the ass method:
1) set the exam date
2) study / try / repeat
3) pass the exam (are there alternatives ?...)

This way I have the kick and a real target to focus on.

Until now I used to success with them, I will see next monday if I also 
get the CCIE qualification that way...


My suggestion to you (I don't know your actual knowledge level):
get some Boson tests (real test simulation) and walk through.
That way you can find out where are your weak points and you can get 
specific self-study books and/or get training.


Save the 16k for the CCIE track...


Daniele


Zoran Brakus wrote:

Hello

 I'm looking for a best way to upgrade my CCNA and become a CCNP. At
 the moment, I have the following options on my mind:

 a) CCNP academy
- it costs around 16k CHF; a lot of money, isn't it?
- is CCNP course organized somewhere in Zürich or Zug (preferably
  on weekends)?
- can I expect to have academy lessons in English language or only
  German?

 b) to make my own lab (ebay), buy all books and try to become a "home
made" CCNP? :-)

 c) ?

 I would appreciate any info and/or suggestions.

 Thanx



--



best regards

------
Daniele Guazzoni
Senior Network Engineer, CCNA, CCNP

Ackersteinstrasse 203
CH-8049 Zurich
--
"Destiny is not a matter of chance, it is a matter of choice;
it is not a thing to be waited for, it is a thing to be achieved."
William Jennings Bryan

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] subscribed e-mail change

[Daniele Guazzoni]

Could the list admin contact directly Tan at [EMAIL PROTECTED] ?
He would like to change his existing subscribed e-mail and therefore
solve the "out-of-office" reply.


Thanks
-- 



best regards

-----
Daniele Guazzoni
Network & System Engineer
Cisco Certified Network Professional

Audatex Systems GmbH
An ADP Company
Zollstrasse 62
CH-8021 Zürich

Phone:  +41 44 278 87 54
Fax:+41 44 278 85 15
E-Mail: [EMAIL PROTECTED]
Web:http://www.audatex.com
-
"I still don't know what the window keys on my keyboard are for.
 Neither Linux, openBSD, freeBSD nor Solaris reacts on it..."
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog