Update:I ran a tcpdump in my vRouter as before, the hits are very minimal and happen once every hour or so but here's one:
--- root@r-205-VM:~# tcpdump -i eth0 port 53 -vvvtcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes 12:19:32.245883 IP (tos 0x0, ttl 45, id 10589, offset 0, flags [DF], proto UDP (17), length 58) 223.113.128.133.44939 > r-205-VM.domain: [udp sum ok] 6+ TXT CHAOS? version.bind. (30) 12:19:32.246139 IP (tos 0x0, ttl 64, id 39901, offset 0, flags [DF], proto UDP (17), length 83) r-205-VM.domain > 223.113.128.133.44939: [bad udp cksum 0x1c6b -> 0xe026!] 6* q: TXT CHAOS? version.bind. 1/0/0 version.bind. CHAOS [0s] TXT "dnsmasq-2.85" (55) 12:19:32.333748 IP (tos 0x0, ttl 64, id 64418, offset 0, flags [DF], proto UDP (17), length 74) r-205-VM.39973 > one.one.one.one.domain: [bad udp cksum 0xbe6c -> 0x2911!] 37389+ PTR? 133.128.113.223.in-addr.arpa. (46) 12:19:32.736102 IP (tos 0x0, ttl 59, id 32530, offset 0, flags [DF], proto UDP (17), length 74) one.one.one.one.domain > r-205-VM.39973: [udp sum ok] 37389 NXDomain q: PTR? 133.128.113.223.in-addr.arpa. 0/0/0 (46) 12:19:32.737649 IP (tos 0x0, ttl 64, id 63743, offset 0, flags [DF], proto UDP (17), length 66) r-205-VM.33590 > one.one.one.one.domain: [bad udp cksum 0xbe64 -> 0xf1fa!] 45813+ PTR? 1.1.1.1.in-addr.arpa. (38) 12:19:32.739138 IP (tos 0x0, ttl 59, id 29383, offset 0, flags [DF], proto UDP (17), length 95) one.one.one.one.domain > r-205-VM.33590: [udp sum ok] 45813 q: PTR? 1.1.1.1.in-addr.arpa. 1/0/0 1.1.1.1.in-addr.arpa. [16m24s] PTR one.one.one.one. (67
----The source was from IP address 223.113.128.133, which is abusive according to this: https://www.abuseipdb.com/check/223.113.128.133
Is it possible for me to block port 53 entirely on the vRouter for incoming traffic? If yes, where in cloudstack UI do I do that as I use shared networking and not isolated I do not see egress options in the UI anywhere. Also, would it have any affect on my VMs if I do block it off?
On 3/11/24 12:33, Granwille Strauss wrote:
Hi NuxThanks for the update. Sorry, I am only a year and a half into cloudstack and the whole cloud environment. So learning day by day.So DC gave me two IPs, one of which is my one VirtualRouter and the other is an IP address that is "Assigned" but the UI does not say to what. Its just blank.Now, the router in question seems to only manage two VMs, see attached screenshots as proof. I ran the script Wei provided in my KVM host and this is what it returned:---./network_stat.sh VM: i-2-199-VM NIC: vnet90 Transmit Bytes: 347038161309 bytes (330961.38 MB, 323.20 GB) ------------------------------------ VM: i-2-203-VM NIC: vnet103 Transmit Bytes: 128741269385 bytes (122777.24 MB, 119.89 GB) ------------------------------------ VM: r-205-VM NIC: vnet117 Transmit Bytes: 342804580 bytes (326.92 MB, .31 GB) NIC: vnet118 Transmit Bytes: 111781578 bytes (106.60 MB, .10 GB) ---------------------------------------But these stats make sense. VM i-2-199-VM was deployed Dec 2023 and VM i-2-203-VM was deployed Jan 2024, these stats don't look suspicious, at least not for me. You will also see I included r-205-VM in the script, which is the vRouter in question.I then took the two IP addresses DC gave me, and followed Nux answer and I can confirm BOTH IP addresses were able to successfully reach those hosts apache.org via port 53. Again, the one IP is "assigned" but it shows me nothing. I only know the other IP is assigned to the vRouter. The second one I find it nowhere, no SystemVM no VM instance, nothing.So here's the thing we provide this service as a private cloud, so no one has access to cloudstack, but me and my team. I did a basic deploy as per documentation and that's all. I have no firewall settings in place in cloudstack UI or so nothing. I only have firewalls in place on the VM instances itself via CSF, for example.PS I can 100% confirm that _unassigned_ IP addresses CANNOT reach the apache.org hosts via Nux tests. So its ONLY the assigned IPs that can do so.Please let me know what your thoughts are and anyway I need to go about this?On 3/11/24 12:09, Nux wrote:I have seen this in the past where port 53 was open on these public IPs on the VR and was indeed leading to amplification attack.It's super easy to verify, from some 3rd party IP that you know is not whitelisted anywhere in your firewall or cloudstack, run a host or dig command that unallocated IP. If it replies, there is a problem.dig @IP apache.org a host apache.org IP On 2024-03-11 07:43, Granwille Strauss wrote:Hi Guys I ended updating to 4.19 and updated all SystemVMs and routers accordingly. DC has just informed me again that there is amplified DDOS attacks originating from my virtual router and from an IP address that's assigned to no instance or systemvm but shows via UI its assigned. Any ideas what I can try to stop this? On 2/12/24 21:30, Wei ZHOU wrote:cloudstack 4.19.0.0 has been released recently, which contains a new systemvm template. You can upgrade. -Wei 在 2024年2月12日星期一,Granwille Strauss <granwi...@namhost.com> 写道:Update: So since I ran updates for dnsmasq in all system vms, the issue seems to be solved. Our DC hasn't complained again. So it seems the vm templates need an update? On 2/9/24 10:29, Jayanth Reddy wrote: Please capture on 53/UDP as most of the DNS stack uses UDP by default. I looked the screenshot, No NAME means that the IP hasn't undergone STATIC NAT to a VM, which is okay wherein perhaps there could be port forwards or Load Balancer instead. The VR should assign the IP on its interface if it is acquired in the network. If I may ask, how are you concluding that IPs are unassigned elsewhere, have you performed basic reachability tests? Your case could be one of the below 1. That IP could be SNAT for that network. 2. Or there was an assignment to one of the VMs previously as STATIC NAT and later released. Please check your events. Get Outlook for Android<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1] ________________________________ From: Granwille Strauss <granwi...@namhost.com> <granwi...@namhost.com> Sent: Friday, February 9, 2024 1:40:05 pm To: users@cloudstack.apache.org <users@cloudstack.apache.org> <users@cloudstack.apache.org> Cc: Jayanth Reddy <jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com>; Wei ZHOU <ustcweiz...@gmail.com> <ustcweiz...@gmail.com> Subject: Re: DDOS Attacks from my virtual Router I run version 4.18.1.0 currently, oddly there was an update for dnsmasq so I applied them to all systemvms. I clean restarted the guest networks and so far everything seems to be running fine. If I pick up issues, I will destroy the routers so that cloudstack can recreate them again. In the meantime, I am running the tcpdump as recommended in the vritual router and will keep an eye on it, as mentioned there seems to be no movement on port 53 so far and I also asked the DC to provide an update on this after the changes I have applied. In any case, attached is a screenshot of the IP address that are allocated but zero VM associated, I checked all of them and these IPs show up no where. I have no loadbalancers, proxies nothing. Just simple setup, with two virtual routers, one SSVM and one Consolevm. The rest are VM instances. I am going to check the git url you provided and query the DB to see what these are. On 2/9/24 09:53, Jayanth Reddy wrote: Hi, Allocated means that it is assigned somewhere. You'll need to check the Public IP Address tab. Use the shared GH issue for exceptional case. The VR does bind only on the internal network. No, manually updating packages on VRs and System VMs might produce strange results. Please provision them again. Thanks Get Outlook for Android<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1]<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1] ________________________________ From: Granwille Strauss <granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com> Sent: Friday, February 9, 2024 1:10:32 pm To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org> <users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org> Cc: Wei ZHOU <ustcweiz...@gmail.com> <ustcweiz...@gmail.com><mailto:ustcweiz...@gmail.com> <ustcweiz...@gmail.com>; jayanthreddy5...@gmail.com<mailto:jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com><mailto:jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com> Subject: Re: DDOS Attacks from my virtual Router Hi Yes, I have Advanced network set up. I am going to check for the allocated IPs that have zero VMs associated via the DB and see what I can find. I see more than one that is "allocated" in different guest networks. However, I would appreciate any clues or tips, as I have barely touched CS database in my life. Then, the rvm does not seem to listen on a DNS server via port 53 only dnsmaq, could this not be the issue too? As explained in the blog I linked earlier? I am currently running a tcpdump for the day to see what happens so far the dump is not providing any hits, but keep in mind I did run apt-get update dnsmaq prior and rebooted the systemvms including router vms. On 2/9/24 09:23, Wei ZHOU wrote: +1 it looks like one of the VMs in the isolated network is compromised. try to capture the packets of port 53 (tcp/udp) by tcpdump in the virtual router, and see what is the source IP of the packets. -Wei On Fri, 9 Feb 2024 at 08:18, Jayanth Reddy <jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com><mailto:jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com><mailto:jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com><mailto:jayanthreddy5...@gmail.com> <jayanthreddy5...@gmail.com> wrote: Hello, The VR does process DNS queries, and if you're using cloud-init on VMs, the primary nameserver would be your VR IP. VR is usually configured to forward the requested DNS queries to upstream servers which is defined in the zone settings. So I guess one of the VMs should have gotten compromised leading to generating of attack. Usually the VR does SNAT, so the SNAT or STATICNAT IP becomes the source on the Internet (unless there is double NAT happening) See if you can check the MAC address of that Public IP from your uplinks. I've faced the same issue earlier wherein one VR was holding one IP but for whatever reason db was updated as free. See thishttps://github.com/apache/cloudstack/issues/6821. You should check in DB for that IP. For me, I was able to get using the API, looked for routers and filtered the MAC address for that IP. Happens.. Is it safe for me to assume your zone is "Advanced"? Thanks Jayanth Reddy Get Outlook for Android<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1]<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1]<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1]<https://aka.ms/AAb9ysg> [1] <https://aka.ms/AAb9ysg> [1] ________________________________ From: Granwille Strauss <granwi...@namhost.com.INVALID><granwi...@namhost.com.INVALID><mailto:granwi...@namhost.com.INVALID><granwi...@namhost.com.INVALID><mailto:granwi...@namhost.com.INVALID><granwi...@namhost.com.INVALID><mailto:granwi...@namhost.com.INVALID>[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/logo/621b3fa39fb210001f975298/cd2904ba-304d-4a49-bf33-cbe9ac76d929_248x-.png<granwi...@namhost.com.INVALID> Sent: Friday, February 9, 2024 11:38:13 am To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org> <users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> <users@cloudstack.apache.org> Subject: DDOS Attacks from my virtual Router Hei My DC has just sent me notice that two of my IP addresses from the allocated subnets are responsible for amplifying DDOS attacks. One out of the two is my virtual router IP address. I was advised to firewall port 53 or deactivate recursive functions. Can you perhaps provide some in sight on how this could be possible? The second IP address, I see under the guest networks that it is "Allocated" but I have reviewed all my SystemVMs and all my virtual routers, none of them have that IP address assigned. Nor any VM instance either. Its assigned to something but I cannot tell what. Is there a better way for me to see what server/service uses this IP in Cloudstack, please. -- Regards / Groete[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_01/621b3fa39fb210001f975298/9151954b-b298-41aa-89c8-1d68af075373_48x48.png]<https://www.namhost.com> [2] <https://www.namhost.com> [2]<https://www.namhost.com> [2] <https://www.namhost.com> [2]<https://www.namhost.com> [2] <https://www.namhost.com> [2]<https://www.namhost.com> [2] <https://www.namhost.com> [2] Granwille Strauss // Senior Systems Admin e: granwi...@namhost.com<mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com> m: +264 81 323 1260<tel:+264813231260> [3] <+264813231260><tel:+264813231260> [3] <+264813231260><tel:+264813231260> [3] <+264813231260><tel:+264813231260> [3] <+264813231260> w: www.namhost.com [4]<http://www.namhost.com> [4] <http://www.namhost.com> [4]<http://www.namhost.com> [4] <http://www.namhost.com> [4]<http://www.namhost.com> [4] <http://www.namhost.com> [4]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_02/621b3fa39fb210001f975298/85a9dc7c-7bd1-4958-85a9-e6a25baeb028_48x48.png]<https://twitter.com/namhost>]<https://www.facebook.com/namhost> [6] <https://www.facebook.com/namhost> [6]<https://www.facebook.com/namhost> [6] <https://www.facebook.com/namhost> [6]<https://www.facebook.com/namhost> [6] <https://www.facebook.com/namhost> [6]<https://www.facebook.com/namhost> [6] <https://www.facebook.com/namhost> [6][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_03/621b3fa39fb210001f975298/c1c5386c-914c-43cf-9d37-5b4aa8e317ab_48x48.png]<https://www.instagram.com/namhostinternetservices/>[7] <https://twitter.com/namhost> [7]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_04/621b3fa39fb210001f975298/3aaa7968-130e-48ec-821d-559a332cce47_48x48.png]<https://www.linkedin.com/company/namhos>[8] <https://www.instagram.com/namhostinternetservices/> [8]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_05/621b3fa39fb210001f975298/3a8c09e6-588f-43a8-acfd-be4423fd3fb6_48x48.png]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>[9] <https://www.linkedin.com/company/namhos> [9]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9][https://www.adsigner.com/v1/i/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner/940x300[10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/bannerAdSigner]<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSA The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go tohttps://www.namhost.com/privacy-policy [Powered by[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/logo/621b3fa39fb210001f975298/cd2904ba-304d-4a49-bf33-cbe9ac76d929_248x-.png]<https://www.namhost.com>-- Regards / Groete[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_01/621b3fa39fb210001f975298/9151954b-b298-41aa-89c8-1d68af075373_48x48.png]<https://www.facebook.com/namhost>[2] <https://www.namhost.com> [2]<https://www.namhost.com> [2] <https://www.namhost.com> [2] Granwille Strauss // Senior Systems Admin e: granwi...@namhost.com<mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com><mailto:granwi...@namhost.com> <granwi...@namhost.com> m: +264 81 323 1260<tel:+264813231260> [3] <+264813231260><tel:+264813231260> [3] <+264813231260> w: www.namhost.com [4]<http://www.namhost.com> [4] <http://www.namhost.com> [4]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_02/621b3fa39fb210001f975298/85a9dc7c-7bd1-4958-85a9-e6a25baeb028_48x48.png][6] <https://www.facebook.com/namhost> [6]<https://www.facebook.com/namhost> [6] <https://www.facebook.com/namhost> [6][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_03/621b3fa39fb210001f975298/c1c5386c-914c-43cf-9d37-5b4aa8e317ab_48x48.png]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_04/621b3fa39fb210001f975298/3aaa7968-130e-48ec-821d-559a332cce47_48x48.png]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_05/621b3fa39fb210001f975298/3a8c09e6-588f-43a8-acfd-be4423fd3fb6_48x48.png]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9][https://www.adsigner.com/v1/i/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner/940x300]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>[11][11]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner><https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>[11]AdSigner]<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[11] Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSA The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy [Powered by<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[12][12]<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818><https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[12][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/logo/621b3fa39fb210001f975298/cd2904ba-304d-4a49-bf33-cbe9ac76d929_248x-.png]<https://www.namhost.com>[12] -- Regards / Groete[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_01/621b3fa39fb210001f975298/9151954b-b298-41aa-89c8-1d68af075373_48x48.png]<https://www.facebook.com/namhost>[2] <https://www.namhost.com> [2] Granwille Strauss // Senior Systems Admin e: granwi...@namhost.com<mailto:granwi...@namhost.com> <granwi...@namhost.com> m: +264 81 323 1260<tel:+264813231260> [3] <+264813231260> w: www.namhost.com [4]<https://www.namhost.com/> [5] <https://www.namhost.com/> [5][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_02/621b3fa39fb210001f975298/85a9dc7c-7bd1-4958-85a9-e6a25baeb028_48x48.png][6] <https://www.facebook.com/namhost> [6][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_03/621b3fa39fb210001f975298/c1c5386c-914c-43cf-9d37-5b4aa8e317ab_48x48.png]<https://twitter.com/namhost> [7] <https://twitter.com/namhost> [7][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_04/621b3fa39fb210001f975298/3aaa7968-130e-48ec-821d-559a332cce47_48x48.png]<https://www.instagram.com/namhostinternetservices/> [8] <https://www.instagram.com/namhostinternetservices/> [8][https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_05/621b3fa39fb210001f975298/3a8c09e6-588f-43a8-acfd-be4423fd3fb6_48x48.png]<https://www.linkedin.com/company/namhos> [9] <https://www.linkedin.com/company/namhos> [9][https://www.adsigner.com/v1/i/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner/940x300]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>[11]AdSigner]<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[11] Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSA The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy [Powered by<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[12]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>[12] -- Regards / Groete <https://www.namhost.com> [2] Granwille Strauss // Senior Systems Admin *e:* granwi...@namhost.com *m:* +264 81 323 1260 <+264813231260> *w:* www.namhost.com [4] <https://www.facebook.com/namhost> [6] <https://twitter.com/namhost> [7] <https://www.instagram.com/namhostinternetservices/> [8] <https://www.linkedin.com/company/namhos> [9] <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> [10]<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>[11] Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSA The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/ privacy-policy [image: Powered by AdSigner][12]-- Regards / Groete [2] Granwille Strauss // Senior Systems Admin e: granwi...@namhost.com m: +264 81 323 1260 [3] w: www.namhost.com [5] [6] [7] [8] [9] [10] [11] Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSAThe content of this message is confidential. If you have receivedit by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy [12] Links: ------ [1] https://aka.ms/AAb9ysg [2] https://www.namhost.com [3] tel:+264813231260 [4] http://www.namhost.com [5] https://www.namhost.com/ [6] https://www.facebook.com/namhost [7] https://twitter.com/namhost [8] https://www.instagram.com/namhostinternetservices/ [9] https://www.linkedin.com/company/namhos [10] https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA[11] https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner [12] https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818-- Regards / Groete <https://www.namhost.com> Granwille Strauss // Senior Systems Admin *e:* granwi...@namhost.com *m:* +264 81 323 1260 <tel:+264813231260> *w:* www.namhost.com <https://www.namhost.com/> <https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> <https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner> Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSAThe content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policyPowered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>
-- Regards / Groete <https://www.namhost.com> Granwille Strauss // Senior Systems Admin *e:* granwi...@namhost.com *m:* +264 81 323 1260 <tel:+264813231260> *w:* www.namhost.com <https://www.namhost.com/> <https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA> <https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner> Namhost Internet Services (Pty) Ltd, 24 Black Eagle Rd, Hermanus, 7210, RSAThe content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy
Powered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>
smime.p7s
Description: S/MIME Cryptographic Signature
