Tools for teaching users online safety
I'm trying to find out if there are currently any resources available for teaching people how to be safe online. As in, how to not get a virus, how to pick out phishing emails, how to recognize scams. I'm sure everyone on this list knows these things, but a lot of end users don't. I'm trying to find a way to teach these things to people who aren't too technically savvy. It seems to me that the fewer end users that have issues, the easier our lives will be. So what I'm trying to figure out is, is there a good site or set of sites for this stuff, or is there anyone out there interested in helping to build a unified list of instructions, videos, etc. for all this? -- Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com
Re: Looking for W7 whois freeware
On 5/10/2012 1:49 AM, Hank Nussbacher wrote: I am looking for a Window 7 GUI utility that does raw whois - not the standard domain lookup, but rather allows me to specify and change the whois server I am talking to and allows me to customize the whois search string for IPs or ASNs or anything else a whois server will accept, like: "-B -G as378". It's not a GUI, but whois under Cygwin has always worked well for me. -Alex
Re: 10-GigE for servers
As long as it's not a single connection that you're looking to get over 1Gb, etherchannel should actually work. It uses a hash based on (I believe) source and destination IP and port, so it should roughly balance connections between the servers. The other option, if you're using Linux, is to use balance-rr mode on the bonding driver. This should deliver per-packet balancing and the switch doesn't have to know anything about the bonding. Documentation for the bonding driver is here: http://www.cyberciti.biz/howto/question/static/linux-ethernet-bonding-driver-howto.php -- Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com On 5/1/2009 12:55 PM, Jason Shoemaker wrote: My company is looking for ways to improve throughput for data transfers between individual servers. We’re exploring the creation of Etherchannels using multiple server NICs, but Etherchannel seems to have the limitation of not supporting per-packet load-balancing, therefore limiting traffic between two individual hosts to 1 Gig. In most of my research, I’ve seen 10-GigE used for traffic aggregation and for the “unified fabric” solution that Cisco and others are pushing. I’m interested in knowing if any of you have attempted to implement 10-GigE at the host level to improve network throughput between individual servers and what your experience was in doing so. Thanks in advance, Jason -- Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com
Re: Make that NTT America (was Re: Verio taking twitter down during Iran Election Riots?
On 6/15/2009 4:45 PM, Erik Fichtner wrote: Erik Fichtner wrote: http://status.twitter.com/post/124145031/maintenance-window-tonight-9-45p-pacific I am reading it wrong, partially. It's NTT America, not Verio. Missed a layer. Anyway... I know they're not actually making any money, so they may not be able to afford it, but shouldn't a service that's trying to be as big as twitter be multihomed?
Re: Verio taking twitter down during Iran Election Riots?
An update here. Reuters is reporting that the US State Department is behind this maintenance being pushed back. http://www.reuters.com/article/internetNews/idUSWBT01137420090616?feedType=RSS&feedName=internetNews&rpc=22&sp=true I find it very interesting that the US government is seeing the use Twitter is getting from a political perspective. Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com On 6/16/2009 10:03 AM, Chris Woodfield wrote: What's interesting is that the !NANOG part of the universe presumes the maintenance was to be performed by Twitter, not by their carrier (i.e. server, not network, upgrades). Given the fact that the WhaleFail has become a commonly-recognizable sight, I can see this make people a bit, um, nervous. The real impact of the maintenance would have most likely been minimal short of a Murphy strike. That said, kudos to NTT for backing off in the face of some pretty momentous current events, and hope the delay doesn't cause too many ripple-effect problems for them. -C On Jun 16, 2009, at 10:48 AM, Jack Bates wrote: Erik Fichtner wrote: And yet, all upgrades can be postponed with the right... motivation. Hmmm, you do know that motivation may have strictly been, "Your maintenance corresponds with a major event, can you put it off for a day?" The maintenance in question has obviously been marked critical by NTTA with what appears to be short notification and limiting the delay to a minimum. They may have been unaware of the event and its importance to their customers. I'm more curious about what maintenance they are actually performing. I know they run mixed Cisco/Juniper, and all their Junipers should be able to handle in service upgrades. Of course, even switching hits of an upgrade warrants setting a maintenance window and notification due to Murphy. Jack
Re: Level 3 - "legacy" Wiltel/Looking Glass bandwidth
We were a former Wiltel customer that was bought out by Level 3. Wiltel service had been great, and then as soon as level 3 took over, things went downhill. We had GigE service, and wanted another line, but Level 3 said they didn't want to sell any more ports on Wiltel gear. We also had serious problems even when we tried to disconnect. They didn't have access to any of the Wiltel records, so they couldn't even tell who had ordered what. Big mess overall. I'm not going to be working with Level 3 anymore if I can avoid it, and I definitely wouldn't get in on legacy Wiltel stuff under Level 3. Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com On 7/2/2009 10:01 AM, David Hubbard wrote: From: nanog@nanog.org We're not very happy with Level3 anymore either, terrible support, no RFO is ever given, tickets are closed with no explanation at all. They bought so many providers close together that they have a lot of work to do to integrate everything into a workable set of products. Haven't had any support issues, but we've had a billing dispute that's been going back and forth for 14 months now, yes, months, and during that time we've gone through three different sales reps, the newest one brought on more than three months ago and I've yet to hear from the guy. Good times... David
Re: Gigabit Linux Routers
Just as another source of info here, I'm running: Dual Core Intel Xeon 3060 @ 2.4Ghz 2 Gb Ram (it says "Mem: 2059280k total, 1258500k used, 800780k free, 278004k buffers" right now) 2 of these on the motherboard: Ethernet controller: Intel Corporation 82571EB Gigabit Ethernet Controller (rev 06) (port-channel bonded to my switch) One other card with 2 ports: Ethernet controller: Intel Corporation 82573E Gigabit Ethernet Controller (Copper) (rev 03) Gentoo Linux with a fairly small kernel with FIB_TRIE enabled. I'm taking in 2 full BGP feeds, a decent amount of iptables rules, and I've hit 1.2 Gbps with no problems. At this point, I just don't have anything behind the router to push more than that. -- Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com Chris wrote: > You've given me lots to think about ! Thanks for all the input so far. > > A few queries for the replies if I may. My brain is whirring. > > Chris: You're right and I'm tempted. I've almost had my arm twisted to go > down the proprietory route as I have some Cisco experience but have become > pretty familiar with Quagga and tc. > > David: May I ask which NICs you use in the IBM boxes ? I see the Intels > recommended by Mike have dual ports on one board (the docs say "Two complete > Gigabit Ethernet connections in a single device • Lower latency due to one > electrical load on the bus"). > > Patrick: That's what I was hoping to hear :) It's not the world's biggest > network. > > Michael: Thanks very much. We have three upstreams. I guess 2GB of RAM would > cover many more sessions. > > Eugeniu: That's very useful. The Intel dual port NICs mentioned aren't any > good then I presume (please see my comment to David). > > Thanks again, > > Chris > >
Re: Gigabit Linux Routers
Florian Weimer wrote: * Eugeniu Patrascu: My concern with PC routing (in the WAN area) is a lack of WAN NICs with properly maintained kernel drivers. Depending on your WAN interface, there's actually a decent amount of stuff out there. The cheaper alternative to me has actually always been to get some old cisco hardware with the proper interfaces and use it for media conversion. I have a 6500 with Sup1As in it. It can't take BGP feeds with the amount of memory it has, but with the right cards, it will give my router Ethernet and push a few million pps with no problem. Sounds like he's getting Ethernet from his provider though, so this probably isn't an issue. -- Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com
Re: Level3 funkiness
Same result from Cogent in Texas. Dying at ge-6-2.hsa1.Denver1.Level3.net # traceroute level3.net traceroute to 63.211.236.36 (63.211.236.36), 30 hops max, 46 byte packets 1 gi1-1.ccr01.aus02.atlas.cogentco.com (38.104.4.37) 0.493 ms 0.393 ms 0.496 ms 2 te4-4.ccr01.aus01.atlas.cogentco.com (154.54.25.157) 1.040 ms te4-3.ccr01.aus01.atlas.cogentco.com (154.54.25.153) 0.645 ms te4-4.ccr01.aus01.atlas.cogentco.com (154.54.25.157) 0.662 ms 3 te8-2.mpd01.iah01.atlas.cogentco.com (154.54.1.66) 3.972 ms 3.999 ms 3.926 ms 4 te4-1.mpd01.dfw01.atlas.cogentco.com (154.54.2.14) 9.289 ms * 9.249 ms 5 te3-3.mpd01.dfw03.atlas.cogentco.com (154.54.6.94) 9.227 ms te7-3.mpd01.dfw03.atlas.cogentco.com (154.54.6.66) 9.670 ms te3-3.mpd01.dfw03.atlas.cogentco.com (154.54.6.94) 9.806 ms 6 te-3-2.car3.Dallas1.Level3.net (4.68.110.109) 9.670 ms 9.813 ms 9.431 ms 7 * vlan79.csw2.Dallas1.Level3.net (4.68.19.126) 19.579 ms 20.438 ms 8 ae-72-72.ebr2.Dallas1.Level3.net (4.69.136.141) 15.812 ms 15.417 ms 18.290 ms 9 ae-2.ebr1.Denver1.Level3.net (4.69.132.105) 26.905 ms * 24.321 ms 10 ge-6-2.hsa1.Denver1.Level3.net (4.68.107.131) 24.518 ms !H * 24.644 ms !H Alex Thurlow Blastro Networks http://www.blastro.com http://www.roxwel.com http://www.yallwire.com On 4/15/2009 2:49 PM, Dixon, Justin wrote: -Original Message- From: J. Oquendo [mailto:s...@infiltrated.net] Sent: Wednesday, April 15, 2009 15:36 To: nanog@nanog.org Subject: Level3 funkiness Anyone else experience sporadic funkiness via Level3? I can't even reach the main website from who knows how many networks I've tried. Also friends and former colleagues have tried to reach the site to no avail. One of my machines on AT&T: # traceroute level3.net traceroute to level3.net (63.211.236.36), 30 hops max, 40 byte packets 4 cr1.n54ny.ip.att.net (12.122.105.58) 11.285 ms 21.702 ms 21.477 ms 5 ggr2.n54ny.ip.att.net (12.122.131.141) 12.712 ms 10.194 ms 16.393 ms 6 so-8-0-0.car3.NewYork1.Level3.net (4.68.127.149) 9.975 ms 10.019 ms 10.833 ms 7 vlan79.csw2.NewYork1.Level3.net (4.68.16.126) 10.162 ms 10.189 ms 14.474 ms 8 ae-71-71.ebr1.NewYork1.Level3.net (4.69.134.69) 15.763 ms 11.166 ms 9.725 ms 9 ae-3-3.ebr4.Washington1.Level3.net (4.69.132.93) 16.139 ms 30.616 ms 16.275 ms 10 ae-64-64.csw1.Washington1.Level3.net (4.69.134.178) 15.684 ms ae-74->74.csw2.Washington1.Level3.net (4.69.134.182) 21.870 ms ae-84->84.csw3.Washington1.Level3.net (4.69.134.186) 28.729 ms 11 ae-92-92.ebr2.Washington1.Level3.net (4.69.134.157) 17.035 ms ae-62->62.ebr2.Washington1.Level3.net (4.69.134.145) 17.041 ms ae-72->72.ebr2.Washington1.Level3.net (4.69.134.149) 21.940 ms 12 ae-2-2.ebr2.Chicago2.Level3.net (4.69.132.69) 31.671 ms 42.407 ms 45.774 ms 13 ae-1-100.ebr1.Chicago2.Level3.net (4.69.132.113) 31.922 ms 32.115 ms 38.135 ms 14 ae-3.ebr2.Denver1.Level3.net (4.69.132.61) 75.265 ms 67.528 ms 67.937 ms 15 ge-9-0.hsa1.Denver1.Level3.net (4.68.107.35) 62.587 ms !H ge-9->1.hsa1.Denver1.Level3.net (4.68.107.99) 62.543 ms !H ge-9-2.hsa1.Denver1.Level3.net>(4.68.107.163) 75.797 ms !H (From Texas through Above.net) $ traceroute level3.net|tail -n 1 traceroute to level3.net (63.211.236.36), 64 hops max, 40 byte packets 11 ge-6-2.hsa1.Denver1.Level3.net (4.68.107.131) 21.473 ms !H * ge-6->0.hsa1.Denver1.Level3.net (4.68.107.3) 21.547 ms !H Confirmed it can't be reached from Travelers Ins, The Hartford, none of my connections. Anyone else seeing issues? I'm seeing drop off from clients going through their Atlanta interconnects with Charter and two other providers, which I can't make sense of. I DO KNOW they experienced some sort of issue with a TDM switch or so they said... Very broad statements: "We know teh interwebs are down please stand by" I know websites are one thing, but the chances of the website going down, a TDM switch being wacky and now clients traversing their networks complaining all at once seems a little out of the ordinary. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+>=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E Looks similar from Sprints perspective via https://www.sprint.net/lg/lg_start.php as well... Sprint Source Region: Anaheim, CA (sl-bb20-ana) IP Destination: 63.211.236.36 Performing: ICMP Traceroute Tracing the route to 63.211.236.36 1 sl-crs2-ana-0-13-5-0.sprintlink.net (144.232.1.177) 4 msec 0 msec 0 msec 2 144.232.19.227 4 msec 24 msec sl-st3
Re: [Nanog] ATT VP: Internet to hit capacity by 2010
Chris Adams wrote: > Once upon a time, Steve Gibbard <[EMAIL PROTECTED]> said: >> iTunes video, which looks perfectly acceptable on my old NTSC TV, is .75 >> gigabytes per viewable hour. I think HDTV is somewhere around 8 megabits >> per second (if I'm remembering correctly; I may be wrong about that), >> which would translate to one megabyte per second, or 3.6 gigabytes per >> hour. > > You're a little low. ATSC (the over-the-air digital broadcast format) > is 19 megabits per second or 8.55 gigabytes per hour. My TiVo probably > records 12-20 hours per day (I don't watch all that of course), often > using two tuners (so up to 38 megabits per second). That's not all HD > today of course, but the percentage that is HD is going up. > > 1.1 terabytes of ATSC-level HD would be a little over 4 hours a day. If > you have a family with multiple TVs, that's easy to hit. > > That also assumes that we get 40-60 megabit connections (2-3 ATSC format > channels) that can sustain that level of traffic to the household with > widespread deployment in 2 years and that the "average" household hooks > it up to their TVs. > I'm going to have to say that that's much higher than we're actually going to see. You have to remember that there's not a ton of compression going on in that. We're looking to start pushing HD video online, and our intial tests show that 1.5Mbps is plenty to push HD resolutions of video online. We won't necessarily be doing 60 fps or full quality audio, but "HD" doesn't actually define exactly what it's going to be. Look at the HD offerings online today and I think you'll find that they're mostly 1-1.5 Mbps. TV will stay much higher quality than that, but if people are watching from their PCs, I think you'll see much more compression going on, given that the hardware processing it has a lot more horsepower. -- Alex Thurlow Technical Director Blastro Networks ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog
Re: OS, Hardware, Network - Logging, Monitoring, and Alerting
Andrew Girling wrote: On Jun 26, 2008, at 5:22 AM, Rev. Jeffrey Paul wrote: Hi. I've a (theoretically) simple problem and I'm wondering how others solve it. I've recently deployed ~40 Linux instances on ~20 different Dell blades and PowerEdges (we're big on virtualization), a few 7204s and 3560s, and assorted switchable PDUs and whatnot. We need to monitor standard things like cpu, memory, disk usage on all OSes. This is straightforward with net-snmp. It would also be cool if I could monitor more esoteric things, like ntp synchronization status, i/o statistics, etc. Other stuff we really need to keep an eye on is hardware - redundant PSU status in our 7204s and Dells, temperatures and voltages (one of our colos in New York peaked at over 40C a few weeks ago, for instance), and disk array status (I'd like to know of a failed disk in a hardware RAID5 before I get calls about performance issues). Our blade chassis have DRACs in them and I think they export this data via SNMP (I'm trying to avoid the use of SNMP traps), but not all of our other PowerEdges have the DRACs in them so some of this information may need to be pulled via IPMI from within the host OS. Presumably the Cisco gear makes the temperature available via SNMP. Finally, service checks - standard stuff (dns, http, https, ssh, smtp). Now, to the questions. 1) Is SNMP the best way to do this? Obviously some of the data (service checks) will need to be collected other ways. 2) Is there any good solution that does both logging/trending of this data and also notification/monitoring/alerting? I've used both Nagios and Cacti in the past, and, due to the number of individual things being monitored (3-5 items per OS instance, 5-10 items per physical server, 10-50 things per network device), setting them both up independently seems like a huge pain. Also, I've never really liked Nagios that much. I recently entertained the idea of writing a CGI that output all of this information in a standard format (csv?), distributing and installing it, then collecting it periodically at a central location and doing all the rrd/notification myself, but then realized that this problem must've been solved a million times already. There's got to be a better way. What do you guys use? (I'm not opposed to non-free solutions, provided they work better.) You may want to have a look at Zenoss, http://www.zenoss.com/ Cheers, Andrew I have to second the Zenoss recommendation. Fairly automatic setup for most things, great categorization and it will incorporate nagios plugins or any script that outputs in that format. It's free, but you can also buy support or install service from them. -- Alex Thurlow Technical Director Blastro Networks
Redundant BGP for lower cost
Let me preface this by saying that I'm not a full time network admin, but we're a small company and I'm the only one handling this. Our budget is also not huge, but we're at the point where extended downtime would cost us enough money that we can spend some money to fix the problem. Here's my situation: I have two providers, each handing me gigabit ethernet. I'm getting full BGP feeds and handling them with a Linux/Quagga router. We max out at about 100kpps, as we're mostly pushing video which gives us a large packet size. It works fine, and I've been happy with it so far. But, we've gotten to the point where I want a backup router of some sort in case something happens to that one, what with the fans and disks that could fail. I see a few options. 1. Just set up another Quagga box and use keepalived or some other HA solution. 2. Buy a Cisco/Juniper/whatever and then have the Quagga box as backup. 3. I have a 6500 behind the router that's just doing switching. Could I have something switch that to static route all traffic to one of my providers if something happened to the router? The 6500 has Sup1A with MSFC2 running IOS native. On the Cisco side, I see that we could probably run a 7200VXR with NPE-G1 (about $6000 on ebay). Moving to the Sup720, even used is probably out of our price range. What do you guys think I should use here? Thanks, Alex
Re: Redundant BGP for lower cost
I have to say that this looks like a nice solution to me, and I've definitely had many people point me to OSPF. One problem is that I've never run OSPF before. Some googling brings of a few results on implementation, but can someone recommend a good place to look or a book to get to really get it all figured out? Thanks, Alex On 3/4/2010 11:23 AM, Jack Carrozzo wrote: If you want to keep it cheap, roll out another Quagga edge - one to each peer. Drop default into OSPF from both edges, iBGP over a GE between them. If one toasts you'll only lose half your routes for 1s-ish, or however long you set your OSPF keepalives. While you're at it, add extra fans and run the edge systems off solid state disks or CF cards. Or, buy $real hardware. -Jack Carrozzo On Thu, Mar 4, 2010 at 12:17 PM, Alex Thurlow <mailto:a...@blastro.com>> wrote: Let me preface this by saying that I'm not a full time network admin, but we're a small company and I'm the only one handling this. Our budget is also not huge, but we're at the point where extended downtime would cost us enough money that we can spend some money to fix the problem. Here's my situation: I have two providers, each handing me gigabit ethernet. I'm getting full BGP feeds and handling them with a Linux/Quagga router. We max out at about 100kpps, as we're mostly pushing video which gives us a large packet size. It works fine, and I've been happy with it so far. But, we've gotten to the point where I want a backup router of some sort in case something happens to that one, what with the fans and disks that could fail. I see a few options. 1. Just set up another Quagga box and use keepalived or some other HA solution. 2. Buy a Cisco/Juniper/whatever and then have the Quagga box as backup. 3. I have a 6500 behind the router that's just doing switching. Could I have something switch that to static route all traffic to one of my providers if something happened to the router? The 6500 has Sup1A with MSFC2 running IOS native. On the Cisco side, I see that we could probably run a 7200VXR with NPE-G1 (about $6000 on ebay). Moving to the Sup720, even used is probably out of our price range. What do you guys think I should use here? Thanks, Alex
Intermittent Google issues in Austin area
Anyone else having intermittent issues connecting to google servers from the Austin area? I first noticed google.com/jsapi loading slowly to slow down my website from loading, and I've since seen other sites loading from their ajaxapis and even www.google.com's search results taking upwards of 30 seconds to load. Many times it loads fine, and then it won't. I couldn't find a place to submit this to them, so I thought I'd check with you guys. -Alex
