[swinog] Re: Research project on Sustainable Networking

2024-06-21 Diskussionsfäden Rainer Duffner via swinog

Am 2024-06-21 16:48, schrieb Romain Jacob via swinog:

Dear Urs,

Let me keep the list on to reply to some questions, as you are not the
first to ask:

* Most routers we are interested in have multiple power supply. Our
strategy is to use one measurement unit per PSU. That demands extra
hardware, but we wouldn't want to have two PSU connected to the same
power meter anyway as this would create a potential single point of
failure.
* Network connectivity for the Pi is required but DOES WORK BEHIND A
FIREWALL. The only requirement is that the Pi must be able to connect
to the Internet.

Thanks again to those who already reached out!




"the Internet" - you mean Port 443, any IP?


___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch


[swinog] Any users of SCION here?

2024-03-28 Diskussionsfäden Rainer Duffner via swinog
Hi,

and specifically the hardware the company behind it (anapaya) sells.





Best Regards
Rainer
___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch


[swinog] Re: strange failure from online.de MX

2023-03-23 Diskussionsfäden Rainer Duffner via swinog

Am 2023-03-23 09:41, schrieb Michael Righter via swinog:

Hi

A mail to @online.de is blocked on their site with this error. Never
seen such an error.
Anyone seen this before or knows a contact to them?

2023-03-21T09:00:04Z;EMIG;mx01.emig.kundenserver.de[217.72.192.66];400
EmiG fingerprint mismatch
2023-03-21T09:30:04Z;EMIG;mx00.emig.kundenserver.de[212.227.15.40];400
EmiG fingerprint mismatch
2023-03-21T10:00:04Z;EMIG;mx00.emig.kundenserver.de[212.227.15.40];400
EmiG fingerprint mismatch
2023-03-21T10:30:04Z;EMIG;mx01.emig.kundenserver.de[217.72.192.66];400
EmiG fingerprint mismatch
2023-03-21T11:00:03Z;EMIG;mx00.emig.kundenserver.de[212.227.15.40];400
EmiG fingerprint mismatch
2023-03-21T11:30:02Z;EMIG;mx01.emig.kundenserver.de[217.72.192.66];400
EmiG fingerprint mismatch

Thanks Michael
___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch



Seems to be this:

https://www.e-mail-made-in-germany.de/index.html

Is it a forwarded mail?

___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch


[swinog] Re: DNSSEC issue with swizzonic DNS servers?

2022-12-30 Diskussionsfäden Rainer Duffner via swinog

Am 2022-12-30 11:21, schrieb Benoît Panizzon via swinog:

Hi Markus


the name server from swizzonic is not supposed to provide you with a
answer to all the queries.


I guess if I point to our recursive validating caching NS and it does
not possess this data in it's cache, it will start by following from
the root by asking for _.numberportability.ch to avoid revealing which
host it is exactly looking for until it reaches the authoritative DNS
for that zone and then ask this one directly for the desired RR.

I guess this is where something is breaking the chain.

I also don't see why the swizzonic DNS which is the authoritative
primary should not answer to all queries.



If I want to or need to ask the (supposedly) authoritative server(s) 
about a domain, I add +norecurs.


I believe, if you disable recursive queries on the authoritative-server, 
it will not answer them, even if it technically could.


Does DNSSEC change that?

___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch


[swinog] Re: bluewein.ch - automatic spamtrap?

2022-07-14 Diskussionsfäden Rainer Duffner via swinog


> Am 14.07.2022 um 16:57 schrieb Claudio Kuenzler via swinog 
> :
> 
> Hello list,
> 
> We are seeing some "mean" behaviour when sending an e-mail to any e-mail 
> address ending in @bluewein.ch . Note the difference 
> between bluewin and bluewein...
> 
> As soon as an e-mail is sent from our relay to this domain, we get listed on 
> the UCEProtect-Level1 blocklist. Yes, we can discuss whether or not this is a 
> serious blacklist, but some mail providers actually use this service and then 
> block our legit e-mails. 
> 
> Now to this domain. On HTTP all seems in order, the domain is redirected to 
> bluewin.ch . But SMTP points to a separate mail server: 
> mail.ict-olten.ch . Behind ict-olten.ch 
>  seems to be nobody (no website, no other results so 
> far after a bit of research). 
> 
> Does anyone here in the list have information about the behaviour of this 
> domain and who is responsible for it? Obviously a typo "bluewein" instead of 
> "bluewin" happens pretty fast when users are registering and it's already the 
> second or third time within a month that we get blacklisted due to a typo 
> from users.
> 
> thanks for any hints and cheers,
> ck
> ___
> swinog mailing list -- swinog@lists.swinog.ch
> To unsubscribe send an email to swinog-le...@lists.swinog.ch


Maybe this guy:

https://www.moneyhouse.ch/de/company/graeppi-ict-projects-7019018421


„Mr ICT Projects, would you stand up, please?“


;-)



Rainer___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch


[swinog] UPC outbound relay - HELO hostname not in DNS. Can someone at UPC fix this?

2022-02-01 Diskussionsfäden Rainer Duffner
Hi,


our mailserver rejects mails from servers that don’t send a resolvable 
HELO-hostname.

As such, customers have been complaining about UPC:


 450 4.7.1 : Helo command rejected:


From this posting, although a bit dated:

https://www.mail-archive.com/swinog@lists.swinog.ch/msg06676.html 



it looks as if there is some sort of typo or it was simply forgotten to update 
DNS.


Can someone fix this?




Rainer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Can somebody from Zattoo contact me?

2022-01-24 Diskussionsfäden Rainer Duffner


> Am 24.01.2022 um 15:36 schrieb Fabian Wenk :
> 
> Hello Rainer
> 
> On 24.01.2022 10:16, Rainer Duffner wrote:
>> one of our IP-Ranges is attributed by Zattoo to be in Germany, apparently.
>> In fact, the customer has reported that other services have reported the 
>> same problem in the last week.
> 
> Then this is probably not really a problem of Zattoo and more general with 
> geographical IP location data.
> 
>> I would like to understand why this is the case.
> 
> Maybe check the geo location from one of the affected IP address at 
> https://www.maxmind.com/ <https://www.maxmind.com/>. As far as I know they 
> are probably the most used service for Geo IP Data.
> 
> 
> Best regards,


Hi,

I checked with maxmind and whatismyip.com (which in itself checks at least two 
different databases).

Both report the IP to be in Switzerland.

The funny thing is that https://www.wieistmeineip.de locates this IP in 
Germany, too.

I would like to understand how that happens.



Regards
Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


[swinog] Can somebody from Zattoo contact me?

2022-01-24 Diskussionsfäden Rainer Duffner
Hi,

one of our IP-Ranges is attributed by Zattoo to be in Germany, apparently.

In fact, the customer has reported that other services have reported the same 
problem in the last week.

I would like to understand why this is the case.




Best Regards
Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] SafeHost AS21217 accused to leak routes for two hours to China Telecom AS4134 - anyone from SafeHost to comment?

2019-06-09 Diskussionsfäden Rainer Duffner



> Am 09.06.2019 um 13:32 schrieb Andreas Fink :
> 
> Interesting thas this happens at times where a certain bloody event in china 
> has its 30th birthday.
> Could well be a coincident to see how the world deals with it or an attempt 
> to censor it outside of china.
> ...
> or it might just be a stupid engineer's mistake...
> 




Coincidence?

https://www.safehost.com/en/news/335-safe-host-china-telecom-announce-strategic-partnership






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Quad9 "does not collect", but .... it does.... (Was: Google DNS on Salt Mobile)

2018-11-01 Diskussionsfäden Rainer Duffner


> Am 01.11.2018 um 21:26 schrieb Jeroen Massar :
> 
> TLDR:


On a related note:

Does anyone run a resolver with QNAME-minimization enabled?

Any problems, common or specific to certain domains?




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


[swinog] SIM Card Hijacking?

2018-08-03 Diskussionsfäden Rainer Duffner
Hi,


saw this article on vice.com mentioned elsewhere:

https://motherboard.vice.com/en_us/article/3ky5a5/criminals-recruit-telecom-employees-sim-swapping-port-out-scam


Does anyone know just how feasible that is in Switzerland?

I’m asking from a threat-assessment point of view, not because I want to do it 
myself ;-)

Changing my number from a corporate-managed Orange^wSalt account to another 
corporate-managed Swisscom account took a number of attempts, IIRC (I wasn’t 
too involved).

Does it make a difference if it’s a private account vs. a corporate-managed 
account?

Though, I guess for the intended purpose (taking over accounts secured with 
TFA), the change doesn’t need to stay in place for long - just enough to switch 
the credentials.






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Brocade MLXe: Random Linecard Reboot - anyone else?

2016-09-18 Diskussionsfäden Rainer Duffner

> Am 18.09.2016 um 08:11 schrieb Fredy Kuenzler :
> 
> Friday night we observed several Brocade MLXe linecards rebooting (several 
> locations, i.e. Amsterdam, Frankfurt, Geneva), which caused network 
> instability due to flapping iBGP etc.
> 
> As of now we know that iWay and nine.ch suffered from similar issues in the 
> same time window, and we believe that they use also Brocade MLXe.
> 
> Tonight around 4 a.m. symptoms occurred again, on a lesser degree. nine.ch 
> reports it too.
> 
> For reference the tickets:
> http://www.init7.net/de/status/?ticket=10348
> https://status.nine.ch/en/messages/544
> https://www.iway.ch/iway/status/
> 
> Did anyone else observed similar symptoms?
> 
> Since these routers operate in various locations and ASNs but are the same 
> make/model I suppose it's a software security issue. Can malicious packets 
> force a linecard reboot?
> 



Coincidence?

https://twitter.com/schneierblog/status/775783898366160896


;-)





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Zukunft von Abuse Desks (was: Reject von hotmail.com)

2016-03-18 Diskussionsfäden Rainer Duffner

> Am 18.03.2016 um 08:44 schrieb Benoit Panizzon  >:
> 
> Ich bin nicht bereit, täglich mehrere hundert Complaints via Webform
> mit Captcha einzureichen. Ich wüsste auch nicht, wie ich dies technisch
> machen sollte.




Amazon Mechanical Turk oder sonst irgendwie an eine Clickworker-Plattform 
outsourcen?
;-)



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] DNS Admin tool

2016-02-06 Diskussionsfäden Rainer Duffner

> Am 06.02.2016 um 20:42 schrieb Stanislav Sinyagin :
> 
> Second that, and... Have a look at incognito.com  Name 
> Commander. It's a commercial tool that governs BIND servers.
> 
> Another option would be to outsource the whole DNS service to a team which 
> knows what they're doing :)
> 
> 


That’s sometimes a difficult decision.
Though few will count DNS as being a core-business, a lot of stuff depends on 
it.

And unless it’s a core-business, you will certainly not be able to run it as 
well as somebody like dyn.com or easydns.com .

It really depends on how much of an „ISP“ you consider yourself and how many 
zones you maintain (and how many queries you get to those zones).



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] DNS Admin tool

2016-02-06 Diskussionsfäden Rainer Duffner

> Am 06.02.2016 um 17:34 schrieb Kägi Adrian :
> 
> Hi Swinog
> I guess all of us is in touch to administrate DNS Servers. And I guess Bind 
> will be a popular one.
> In our situation, different admins, with different skill make changes on zone 
> files. And some guys (. I cannot understand why.), don't like vi as 
> administration tool.
> We're looking for a web based Admin Tool, to manage our zone files on two 
> Bind DNS (Master, slave) Servers. If any possible, this tool should support 
> zone based admin rights for external customers.
> 
> What kind of tool do you use? Webmin? Plesk? vi?
> 
> I found a lot of outdated and unmaintained tools, quite frustrating.



Hi,

we use NicTool (http://www.nictool.com , 
https://github.com/msimerson/NicTool/releases 
 )
Though, it’s web interface is currently not public-facing.

The only thing it doesn’t do right now is DNSSEC.
Also, its privilege-system granularity stops at the zone level.
So, you can assign the rights for a complete forward- or reverse-zone, but not 
for a single IP of a reverse-zone.

The web interface itself is usable, but lacks i18n.

People can still shoot themselves in the foot - but the tool does a lot of 
checks in advance.


The cool thing is, it supports all kinds of DNS-servers, not just bind.



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


[swinog] UPC-Cablecom and ip6.arpa

2015-06-16 Diskussionsfäden Rainer Duffner
Hi,

a customer with a UPC line has contacted us to ask how a PTR-record for his 
IPV6-address could be created.
Customer also asked for IPV6-resolvers…

Address/network in question is:

2a02:aa08:e000:b00:: /56

Currently, it looks like this range isn’t delegated.

dig -x 2a02:aa08:e000::

; <<>> DiG 9.9.4-rpz2.13269.14-P2 <<>> -x 2a02:aa08:e000::
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30794
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.e.8.0.a.a.2.0.a.2.ip6.arpa. IN 
PTR

;; AUTHORITY SECTION:
0.a.2.ip6.arpa. 899 IN  SOA pri.authdns.ripe.net. dns.ripe.net. 
1434384236 3600 600 864000 7200


Or am I wrong?

Maybe somebody from UPC can contact me off-list to direct me to the people 
responsible for UPC-Cablecoms reverse-DNS-infrastructure…


Thanks in advance.





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] New .exe virus in.zip file via mail

2015-04-16 Diskussionsfäden Rainer Duffner

> Am 16.04.2015 um 16:54 schrieb Mike Kellenberger 
> mailto:mike.kellenber...@escapenet.ch>>:
> 
> Hi all
> 
> I've been contacted by a couple of customers which caught a new virus in the 
> last few days, sent by e-mail in a .zip file containing an .exe. (yes, there 
> are still people out there who open these kind of attachments if they come 
> from a known address)
> 
> The .zip file passes our AV on the mailserver (Kaspersky) as well as our 
> desktop AV (Symantec) with the newest definitions.
> 
> Once infected, it spreads via e-mail (probably through the outlook e-mail 
> profile, it authenticates nicely against our mailserver anyway) blasting out 
> hundreds of mails in a single short session only to sleep again until the 
> next day...
> 
> Has anybody else seen this? Is there a name or details or cure fo it yet?


virustotal will tell you a name, which you can google.

Antivirus is a bit of a placebo and snake oil - but surprisingly, a lot of 
people still believe in its value for them while the only value it really has 
is for those who sell signature-updates...

I’m pretty sure you can also block exe’s in zips - AFAIK, google has recently 
started blocking exes, too.

https://support.google.com/mail/answer/6590?hl=en 


Bugs in „popular“ office-productivity software would in practice require to 
block .doc, .xsl, .ppt etc.
So, it’s not usually done.

I’d be glad that the thing was so noisy. If it was an APT-style attack, you’d 
only realize it months later (or not at all, until MELANI and SWITCH contact 
you, or worse: the press).
Or maybe there’s an APT going on in the background and this was only the decoy 
;-)




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Auskunft über Personendaten / deutsches Recht anwendbar?

2014-12-23 Diskussionsfäden Rainer Duffner

> Am 23.12.2014 um 13:06 schrieb Q-X GmbH - Pascal Wagenhofer 
> mailto:wagenho...@q-x.ch>>:
> 
> Hallo SWINOGer
>  
> I hope, you’re enjoying already the holidays somewhere around.
>  
> We’re having here a little difficulties with a german lawyer. We’re offering 
> shared hosting services. One of our customers is sharing links to 
> uploaded.net , which contains music, which might be 
> copyright protected.
>  
> The german law agency is now requesting the data of the owner which – 
> apparently – we cannot provide due to restrictions of the data protection law 
> of Switzerland. They’re supplying us this 
> judgement:http://www.justiz.nrw.de/nrwe/olgs/koeln/j2011/6_U_87_10urteil20110325.html
>  
>  
> .
>  
> Question to the community:
> 1.   What are you doing in such situations? (Yes, appart from contact 
> your lawyer ;-) ).
> 2.   Did you have similar issues and how did you handle them?
>  
> I wish you merry Christmas and a happy new year.



How much jurisdiction does a German court have in Switzerland anyway?

Can’t you ask them to go to a Swiss court in Lausanne or wherever that stuff is 
handled?

Oh wait, that would mean additional cost (like working with a lawyer in 
Switzerland, of all things), most likely without a ROI in the end.
So, it’s easier trying to intimidate the hosting-company.


If what whois provides is not enough - tough luck.




Rainer




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] 3G Repeater

2014-07-31 Diskussionsfäden Rainer Duffner
Am Thu, 31 Jul 2014 08:28:17 +0200
schrieb Miguel Elias :


> But some times, it isn't at all bad, to have this lonesome island with
> no reception. :)
> 



Yep. 
They could rent it out as an "offline-holiday" apartment ;-)


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Intel X540 Driver Documentation

2014-02-25 Diskussionsfäden Rainer Duffner
Am Tue, 25 Feb 2014 09:32:16 +
schrieb :

> Hi Everyone,
> 
> I have a friend working on the Intel X540 driver for BSD and he needs
> some documentation.
> 
> He wrote me:
> 
> 
> 
> We are working on intel X540  driver and are in need of some
> documentation, which seems not to be so readily available,
> 
> We need to get the
> 
> X540 datasheet – chapter 18 –  Apparently this is intentionally not
> published.
> http://www.intel.co.uk/content/www/uk/en/network-adapters/10-gigabit-network-adapters/ethernet-x540-faq.html?wapkw=x540+datasheet
> 
> Do you know anyone who could get us this chapter
> 
> 
> 
> Anyone who could help me out here? If so, PM me directly.
> 
> 
> 
> -steven



I suggest posting to freebsd-stable.
AFAIK, Intel has paid staff working on the FreeBSD drivers and they do
post and read on that list.
They should be able to put you in touch with the right people quickly.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Fun with Fiber

2013-03-18 Diskussionsfäden Rainer Duffner
Am Mon, 18 Mar 2013 14:59:08 +0100
schrieb Andre Oppermann :

> On 18.03.2013 14:48, Pim van Pelt wrote:
> > Hoi,
> >
> > 2013/3/18 Andre Oppermann :
> >> The Netflix guys wiring up a fully loaded ASR9010 with 118 single
> >> mode fibers:
> >>
> >>   http://www.youtube.com/watch?v=tyb-nnRNwfw
> > Cool!
> >> Their CDN boxes are almost stock FreeBSD 9.1 based, contain some
> >> 35 HDDs at 4TB plus a couple of SSDs and push about 15Gbit/s *each*
> >> during the evening hours.  They are limited by HDD (seek)
> >> bandwidth.
>  >
> > Do you think they use ZFS+L2ARC as the filesystem of their content
> > push system?
> 
> IIRC they use plain UFS2 on the disks.  They don't care about disks
> dying, so no RAID.  The availability of the content is controlled
> from upper layers.  So if a disk dies requests for that content get
> redirected to another box with the same content.  Only the popular
> movies and shows are stored on the CDN boxes.  The long tail is
> served from AWS S3.
> 



Described in more detail here:


http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] NIC

2012-09-03 Diskussionsfäden Rainer Duffner

Am 03.09.2012 um 20:34 schrieb Pim van Pelt :

> 2012/9/3 Lukas Eisenberger :
>> Anybody else also having problems reaching www.nic.ch?
> --- www.nic.ch ping statistics ---
> 5 packets transmitted, 5 received, 0% packet loss, time 4005ms
> rtt min/avg/max/mdev = 4.436/4.562/4.783/0.126 ms
> 
> --- www.nic.ch ping6 statistics ---
> 5 packets transmitted, 5 received, 0% packet loss, time 4005ms
> rtt min/avg/max/mdev = 16.920/18.038/19.724/1.359 ms
> 
> telnet to IPv4 and IPv6 port 80 works.
> 
> $ curl -I www.nic.ch
> HTTP/1.1 302 Found
> Date: Mon, 03 Sep 2012 18:34:00 GMT
> Server: Apache
> Location: http://www.nic.ch/reg/
> 
> Works for me -- AS15169.


Yep.
But:

"Wegen Wartungsarbeiten ist das Registrierungssystem zur Zeit ausser Betrieb."


And it took ages to get to that page.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] massive amount of hanging web connection

2012-04-26 Diskussionsfäden Rainer Duffner
Am Thu, 26 Apr 2012 17:24:05 +0200 (CEST)
schrieb "Silvan M. Gebhardt" :

> Good Evening, 
> 
> 
> 
> We currently face an excessive amount of open/closing connections on
> our webservers (dozends of servers showing the same thing) and it is
> going to all different domains and different files, looks like
> massive connection aborts going on. 
> 
> 
> 
> Does anyone know if a large ADSL/Cableprovider is having problems? We
> do not see packet drops at our Firewalls at all 


Only Swiss IP-ranges?

It could also be something like slowloris.


Rainer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Cisco Devices for Sale / 2x Cisco ASA5520 / CiscoWS-C4507R + some modules

2010-01-08 Diskussionsfäden Rainer Duffner
Mickey Coggins schrieb:
>> Alternatively:
>> do you know company near Zurich, which makes business with
>> buying/selling used hardware in this class ?
>> 
>
> I would also be interested in knowing about such a company - I have
> several tons (literally) of IT equipment I'd like to get rid of.
>
>   

Well, if all else fails:

http://www.swicorecycling.ch/d/entsorgen_unternehmen.asp


SCNR
;-)


Rainer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] DNS virtual Appliance

2009-12-08 Diskussionsfäden Rainer Duffner

Am 08.12.2009 um 22:35 schrieb Reza Kordi:

> At least Marc had an Idea.
>
> Thanks anyway


Anybody tried pfDNS?
I always want to try it, but never get around.
It's an appliance in the style of pfSense but for (IIRC) tinydns.




Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Video Streaming

2009-12-03 Diskussionsfäden Rainer Duffner
Mateo Meier schrieb:
>
> Hi guys,
>
>  
>
> Does anyone has any experience with on demand online video streaming ?
>
>  
>
> Regards
>
> Mateo
>
>  
>
>  
>
>  
>


Flash or MPEG?

We haven't done MPEG, but Flash, you can do with NGINX. Quite nicely,
actually.

What kind of traffic are you estimating?



Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] killer app for IPv6

2009-11-10 Diskussionsfäden Rainer Duffner
Jeroen Massar schrieb:
> Rainer Duffner wrote:
> [..]
>   
>> How does that work on IPV6 anyway?
>> I read that RBLs will be dead in IPV6-land, due to the fact that the
>> address-space can't be packed in a database anymore..
>> 
>
> The person who writes that does not realize how much easier it becomes.
>
> RBLs will simply take a scheme of:
>
> Register in db a max of   5 spamming IPs in the database per /64,
>""   """" 50 spamming /64's per /48
>""   """"500 spamming /48's per /32
>
> The '5' is variable of course. Too much spam, just block the whole /32
> unless they clean it up. Veyy easy.
>
> Heck for that matter similar system could be employed for IPv4:
>
>   

Spamhaus does that, AFAIK.


> Register in db a max of  5 spamming IPs in the database per /24,
>""   """"50 spamming /24's per ASN
>
> Tada, block out the whole ASN when it hits the threshold. Then again,
> there won't be much mail coming out of there in those cases.
>
> Also, politically all /48's should be registered in WHOIS, which is of
> course a good thing. It seems though that there is no enforcement there
> and most ISPs don't care at all though.
>
>   
>> Currently, RBLs are an important part of our spam-defence.
>> 
>
> You do mean as a scoring method I hope...
>
>   


Yes, but we also block. Mostly dynamic IPs and stuff on the swinog/IX-RBL.
On my own mailserver, I block all Asian IPs ;-)



Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] killer app for IPv6

2009-11-10 Diskussionsfäden Rainer Duffner
Stanislav Sinyagin wrote:
>
>   
> forcing will not work, we all know that. The users have to be attracted by 
> some 
> new possibilities which they didn't have with ipv4.
>
> Free and completely legal movie downloads and spam-free email could be such 
> a driver. 
>
>   

How does that work on IPV6 anyway?
I read that RBLs will be dead in IPV6-land, due to the fact that the
address-space can't be packed in a database anymore..
Currently, RBLs are an important part of our spam-defence.

> What else? Everything else we already have with ipv4, why bother buying 
> new modems, tweaking settings on my windows PC, spending hours on support 
> lines? :)
>   

People love to do that, apparently. Why else would there exist so much
literature around those subjects?
;-)



Rainer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] ip abuse ?

2009-05-07 Diskussionsfäden Rainer Duffner
. . schrieb:
> Hi swinog
>
> today i recieved the following mail:
> 
>   


Last time I looked, German courts and policy-officers didn't have much
ruling over Swiss companies.
Did that change?
Advise him to get a court order from a Swiss judge.
For bonus points, point out that he should use the "-- "
(dash-dash-space) as a signature-separator ;-))



Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Fwd: Re: "Hackerparagraph"

2009-03-23 Diskussionsfäden Rainer Duffner
Michael Naef schrieb:
> On Monday 23 March 2009, Rainer Duffner wrote:
> [..]
>   
>> People can survive without email
>> 
>
> I am tempted to doubt that. The reactions to mail outage suggest 
> the contrary ;-)
>
>   

Well, it depends.
I survived a week without email on my holiday.
;-)
But our customers' business sort-of depends on email-availability, yes.

Can you eat/drink email?
Can you breath email?
Can you email the garbage away?
;-)

Nope, it's fully virtual.
Email's non-availability is only an issue, if you're the only one
without it.
If everybody else didn't have it, it wouldn't be such a problem.



Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Fwd: Re: "Hackerparagraph"

2009-03-23 Diskussionsfäden Rainer Duffner
Ihsan Dogan schrieb:
>
>
> Instead of educating politicians it would make more sense, if the IT
> people would be more involved in politics. The IT industry is doing more
> for the GDI (BIP) than the farmers, but unfortunately we are not organized.
>
>   


We also have no means to deliver kilo-gallons of slurry to the
front-door of the parliament ;-)
Also, farmers have much more means to apply pressure to the public -
it's not easy to replace their goods & services on short-notice and they
are mostly self-employed.
Our work has been commoditized to the point where we are replaceable
almost immediately - and most of us are employees. Those who are not are
replaceable even easier
And all the heavy-lifting of the infrastructure is done by big
corporations that never go on strike or deny service to their customers
(which is the usual way pressure groups like garbage-men and farmers get
their agenda through).

A part of reality is also, of course, that most of what we do is not
really essential - superfluous luxury so to speak.
People need food, water, shelter (and garbage-collection). People can
survive without email (though we work hard to convince them otherwise) ;-)


Rainer



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Post from Canton de Vaud

2009-02-16 Diskussionsfäden Rainer Duffner
Mike Kellenberger schrieb:
>
> just thinking about this again: why don't they force the site operator
> to take down the site? Would be much easier…
>
>  
>

He's already mirrored it on various servers outside of Switzerland.

Stupid detail: some of the URLs you have to DNS-lame-delegate are
actually .ch servers!
But instead of asking SWITCH to just remove the NS entries or delete the
domain, they go to each provider...
Of the rest, some have already fallen to domain-grabbers...

This is s stupid.
Besides, our resolvers don't accept queries from all over the world.
There's no way to verify other than buying a subscription from us...

As they say in the US: your tax-dollars at work.
Big mistake of the guy: he attacks and offends some judges...



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Advice from cc needed

2009-01-12 Diskussionsfäden Rainer Duffner
d...@nts.ch schrieb:
> Hi folks
>
> Can a cablecom techie contact me offlist? I'm in war with the swissonline.ch
> spam protection.
>   


Did you get anything out of this?
The mailsystem is in Austria now, AFAIK and it seems to be easier to
press water out of a stone than to get any feedback at all from them
;-)

FYI: we now configured our relays to send exactly one message at once,
so that their gateway doesn't think we're spamming them, just because a
large number of users forward their mail (which contains some spam,
because we have to forward that, too) from their personal domains to
their hispeed accounts.



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] trouble to reach a DNS-server from a single network in switzerland

2008-11-12 Diskussionsfäden Rainer Duffner

Am 12.11.2008 um 20:28 schrieb Stephan Wolf:

> rebel-management.com


Yeah, works fine from here to.
And from my colo-box in Nuremberg.

Try one of the various public nslookup tools on the web, if you don't  
trust your local resolver.
Or setup a quick dnscache installation and go directly via the root- 
servers.



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] IRC Server dead ?

2008-10-08 Diskussionsfäden Rainer Duffner
Stanislav Sinyagin schrieb:
>> From: Andre Timmermann <[EMAIL PROTECTED]>
>> 
>
>   
>> Am Mittwoch, den 08.10.2008, 03:55 -0700 schrieb Stanislav Sinyagin:
>> 
>>> yes, Venty, everyone wants to know what you talk about in your 
>>> private communications.
>>>   
>> Yihaaa, the *ng "I don't have anything to hide"-statement.
>> 
>
> nope, it's the other thing: If I need to hide something, I use the right 
> tools :)
>
> so, if I go once and buy 1000 paper knives, I will not pay by my plastic card 
> and won't use any Supercard or Cumulus :-)
>   


Well, in the former GDR (DDR, East Germany), when they had elections,
people could use the polling booth to mark the ballot paper in privacy.
But most people choose not to - it looked too much as if they had
something to hide and might want to vote with "No" (GDR was "famous for
99.9%" results.

What people don't seem to "get" is that privacy is something you've got
to maintain while you don't really need it - because if you let it erode
to the point that it no longer exists, it's too late and you can't
reclaim it without large and painful sacrifices.




Rainer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] IRC Server dead ?

2008-10-07 Diskussionsfäden Rainer Duffner
Stanislav Sinyagin schrieb:
>> From: Martin Ebnoether <[EMAIL PROTECTED]>
>> 
>
>
>   
>> All that is needed to take Skype down is an automatic windows
>> update of some thousand computers.
>>
>> Remember last summer?
>> http://ars.userfriendly.org/cartoons/?id=20070819
>> 
>
> hey Venty, long time no see :)
>
> if you remember, back in 2003-2004 there were viruses which knocked down 
> hundreds 
> of thousands of windows PCs. So what, we're still using that :)
>
>   

Well, you maybe - I don't ;-)
But then, I also didn't use Windows in 2003, either...
Nowadays, the viruses don't knock down the Windows-boxes, they just use
them as Spam-Zombies or attack-drones or whatever the people that rent
them want to use them for.


> If the tool serves my needs, I don't really care if it's open source - I'm 
> not 
> going to compile anything on my desktop anyway. And if it collects any 
> marketing 
> stats, so what, everyone is doing that, and we're helping them (Coop Supercard
> for example).


I don't have any of those, either.


>  There's nothing bad about companies knowing better what I might 
> buy from them :-)
>   

I think you are oversimplifying and trivializing what these databases
can be used for.
Nowadays, these giant databases of consumer buying-behavior are probably
also used to find potential terrorists.
"Who bought box-cutters and what did they buy with them?"
"Who bought box-cutters only?"
"Who bought the other items alone that the people buying box-cutters and
other items bought?"

It's hilarious, but that's how some people actually believe the war
against terror can be won.

Also, I think you should do some reading regarding the Skype application.
I think that if it wasn't for its widespread use, most AV-programs would
consider it "malware".
The executable itself is packed and encrypted and actively tries to
avoid debugging/reverse-engineering by in-memory debuggers.
The communication itself is encrypted with an unknown encryption-method.
And of course, yes, no source code is available (for the general public).

I did sign up for an account and used it for a few times - but just
because I didn't have time to setup my own Jabber server and experiment
with iChat ;-)
I've got a _very_ bad feeling using this app - it's just scary.



Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] RBL's (again) (Was: Anyone from Green here?)

2008-09-11 Diskussionsfäden Rainer Duffner

Am 11.09.2008 um 20:28 schrieb [EMAIL PROTECTED]:

> great idea,
> whitelisting every system on the world which sends confirmation  
> email ..
> it will be an big efford for that small country to convince the rest  
> of the world
> ;-)


To be precise:
I use dnsbl.sorbs.net to blacklist all dynamic IPs (and the RBL from  
spamcop, and also the swinog RBL - I would use spamhaus, but they  
blocked us because we make too many requests and we can't afford their  
prices). Then, I use the list on the SWINOG-RBL homepage to whilelist  
all the swiss dynamic IPs (and some other big systems, plus various  
IPs clients requested us to whitelist over the years) - because those  
are the one's that may actually want to relay through our system or  
send us mail legitimately.
senderbase.org helps finding IPs of outbound relays, too.

I don't use greylisting - IMO, it's a system that doesn't work large- 
scale, in a similar way TMDA or other "please reply to this email or  
click on this link"-systems don't work in practise.

To be vaguely on topic - most of our customers have static IPs, and  
it's not a problem to set the PTR to another value.
But we also don't boast 10+ customers, like www.green.ch does -  
maybe they're afraid of having to change 100k PTRs, if they set a  
precedent?
;-)

IT would be so easy - it's just users and customers that make it  
difficult :-)))



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] RBL's (again) (Was: Anyone from Green here?)

2008-09-11 Diskussionsfäden Rainer Duffner
Jeroen Massar schrieb:
> Marc SCHAEFER wrote:
> [..]
>   
>> I am a heavy users of those RBL lists, they offer quite a bit of
>> protection (but not as much as you might think, and with
>> 
>
> You should use RBL's only for *scoring*; not for decision making and
> then directly rejecting based on it.
>
>   

In Switzerland, you can whitelist most of the "known-good" (dynamic) IP 
address ranges (and important mailservers) quite easily with a mixture 
of the list provided by the swinog-RBL and some historic data.
There rest is dealt with a few customer-support tickets.
That's the beauty of Switzerland - it's so small ;-)


Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] searching a manageable fanless gigabit switch

2008-07-08 Diskussionsfäden Rainer Duffner

Am 08.07.2008 um 22:13 schrieb Peter Rohrer:

> Hello
>
> I'm looking for a manageable fanless gigabit Ethernetswitch with
> VLan-Tagging, SNMP and 16-24 port.
> Unfortunately, everything I've seen so far has either no SNMP, no
> VLAN-Tagging or a noisy fan.
>
> Do you know any such device?
>


Maybe HP's 1800-24G, available at (amongst others...) digitec.ch

Web-managed, but apparently it does VLANs.
I own a 1800-8G (same-same, but with 8 ports) - but I must confess I  
didn't have time to do much with it.

I'd give the 1800-8G a try and see if it does what you want, then buy  
the 1800-24G (which costs a bit more than double the price of the  
1800-8G).



Regards,
Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Firewall recommendation for a rack of webservers?

2008-06-18 Diskussionsfäden Rainer Duffner

Beat Siegenthaler schrieb:

Rainer Duffner wrote:

http://pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50 


and start with that.  But the customer would also like to see some "non
open-source"-based solutions... :>




I'd go for a Netscreen model -


The funny thing about this: Netscreen and pfSense are both xBSD-based 
;-). Nokia is BSD-Based... Checkpoint (SPLAT) is Linux-based...

In this case You will be forced to deploy M$-ISA ;-)



I thought only the Juniper router stuff was FreeBSD-based (they recently 
donated a MIPS reference implementation).
AFAIK, Nokia moved to Linux, too, some time ago. But previously, they 
could give you Checkpoint on BSD. In a way.


pfSense is FreeBSD6 ;-)


Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Firewall recommendation for a rack of webservers?

2008-06-18 Diskussionsfäden Rainer Duffner

Olivier Mueller schrieb:

Hello,

Now that the office firewall is running fine (uptime: 34 days, not a
single problem since last month, cf. the "VDSL/Zyxel P2802 HWL not
"strong" enough for a small company LAN?" thread), I'm now back, 
looking for a new kind of firewall :) 

Is there anything you can recommend in this case?  It if was only me, 
I would take something there:

http://pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50
and start with that.  But the customer would also like to see some "non
open-source"-based solutions... :>

  


I'd go for a Netscreen model - but which model also depends on the 
number of sessions you expect.

If people are "brand-addicted", they should at least expect to the price.



cheers,
Rainer






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Bluewin SMTP Policy

2008-06-13 Diskussionsfäden Rainer Duffner

Jeroen Massar schrieb:


Just display the captcha from the signup on $pornsite, a person will 
fill it in for you, captcha bypassed. If it is interesting and cheap 
for then to abuse it, they will.



Do you have a current, working example for that?
(Just for research purposes, of course)
;-



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] Bluewin SMTP Policy

2008-06-13 Diskussionsfäden Rainer Duffner

Roger Schmid schrieb:

On Fri, Jun 13, 2008 at 10:13 AM, Adrian Ulrich <[EMAIL PROTECTED]> wrote:
  

Hi Roger,




I see the problem, but perhaps something like a captcha would also be
sufficient to prevent this.
  



I don't think so.
Spammer signing up for free accounts is also a "social" problem in that 
the spammers (or the people they pay) don't have much choice.

You can't solve social problems with technology (much as we would like).



Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] SwiNOG-BE61 - Beer Event 61 - 5th of May 2008 @ Hooters / ZH

2008-05-05 Diskussionsfäden Rainer Duffner

[EMAIL PROTECTED] schrieb:

hi everybody

well... new beer event, new location.
let's try the hooters ,-)
will food be a irrelevant fact? ,-)

the facts for the next event:
-
Date:   5th of May 2008

Time:   starting around 18.30 o'clock

Location:   @ the "Hooters" beside Helvetiaplatz
(www.hooters.ch)

Registration deadline:  03.05.2008 16:00:00

  


Hi,

ich hab' vergessen, mich anzumelden - ist ja auch nicht immer sicher, ob 
ich kommen kann. Bzw. letztes mal hab' ichs komplett vergessen


Hätte trotzdem Interesse, vorbeizuschauen.

Ginge das?


cu,
Rainer

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: [swinog] VDSL/Zyxel P2802 HWL not 'strong' enough for a small company LAN?

2008-03-05 Diskussionsfäden Rainer Duffner
Manuel Krummenacher schrieb:
> I personally would buy an Alix board from pcengines.ch (costs about CHF
> 150 with 3 LAN interfaces), install pfSense on it, switch the Zyxel to
> bridge mode and be happy. ;-) With the Alix, you would also gain extra
> benefits like complex packet filter rules, traffic shaping, traffic graphs
> etc. (see pfsense.com for full feature list).
>   


Seconded.
I've got a previous-generation WRAP board with pfSense (just upgraded to
the recently released 1.2).
It should be noted that pfSense also does IPSEC and OpenVPN "SSL-VPN"
and a host of other things.
I'm not sure how much bandwidth the Alix-boards can shuffle, but my WRAP
is supposed to max out somewhere in the 30MBit range.
You can also install it on an old PC and temporary replace the Zyxel, to
get some idea about the current traffic pattern.



Rainer



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


Re: AW: [swinog] Log centralisation / mining

2008-01-21 Diskussionsfäden Rainer Duffner
Michele Capobianco schrieb:
> Too bad that Splunk does not run on Windows :(
>
> We are a Windows Company and if i tell them that we want to run a Linux 
> Server, our Management would kill me ;)
>   


Then, don't expect a free (OSS) solution ;-)
I'd look into some of the UTM (Unified Threat Management) or
(specialized) IDS solutions.
I haven't tried it, but if I'd have a budget, I'd take a look at
Tenable's log-correlation products:
http://www.tenablesecurity.com/
They actually don't run on Windows, either, but they can analyze
Windows-logs.

See these links:
http://www.networkintrusion.co.uk/consoles.htm

BTW: I'd be interested to hear from people running one of those.


> Is there anything out in the Net for Log management witch is Windows Based?
>   

I guess there is a system-management solution from MSFT, too.
Call your MSFT-sales rep ;-)



cheers,
Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog