Managed VPN vendors
Greetings, I'm looking for vendors who can provide managed VPN services. Key requirements: * Users would be assigned their own globally-routable IP (or shared with a small number of other users) * Can QoS outgoing connectivity (or at least monitor it to prevent abuse) * Split tunnel with only routes to specific netblocks/IPs (not redirect-gateway) * Egress IPs would need to be dedicated (as in, not shared with any other customers or people) * Ease of administration (adding/removing users) is key (preferably an API!) My Google foo is weak on this (cannot find anything like what I'm looking for), so hoping somebody can help me out or at least point me in the right direction. So much of the search results are about using a VPN to hide your IP and/or protect privacy, which isn't what I am looking for. If you know of anything, please hit me up OOB. Thank you so much in advance! ~reed
Re: Patch Management - Windows & RHEL/CentOS based on Date
On Wed, 13 Jun 2012 23:47:24 + Wade Peacock wrote: > Does anyone know of a patch management system that will allow us to > control the roll out of patches, specifically for Windows but Linux > would be nice too, that can use a date to limit whether a patch is > rolled out. I don't know of a good software product that does *both* Windows and RHEL/CentOS, but for Windows, have you looked at Microsoft's WSUS [0]? For RHEL/CentOS, use Spacewalk [1]. Hope that helps! ~reed [0] http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx [1] http://spacewalk.redhat.com/
Re: AWS EC2 us-west-2 reboot
On Wed, 24 Sep 2014 21:39:39 -0400 Peter Beckman wrote: > Likely some sort of potentially serious bug or flaw in EC2 or Xen. AWS > Security is really on the ball on such things and do everything they can to > make invisible fixes with no customer impact, but sometimes a reboot is > required in order to apply the changes necessary to keep customer instances > safe from attacks and vulnerabilities. Rumor mill is that it's XSA-108, embargoed until 2014-10-01 12:00 (http://xenbits.xen.org/xsa/). Just somebody's guess, though, afaik. ~reed
Re: SSL 3 vulnerability released
On Tue, 14 Oct 2014 16:29:50 -0700 Grant Ridder wrote: > Just incase anyone hasn't seen yet... > http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html One thing that's always useful to follow is Mozilla's TLS on servers recommendations (https://wiki.mozilla.org/Security/Server_Side_TLS). It's kept up-to-date pretty often and includes example configs for most web servers / load balancers (including ELBs). If you're able to (depending on who your customers are and what browsers they use), I would try to use at least the 'intermediate' configuration for anything that terminates SSL/TLS. ~reed
Re: Mozilla performing pdf.js DNS queries?
https://bugzilla.mozilla.org/show_bug.cgi?id=1098415 has been filed to track this issue. ~reed On Thu, Nov 13, 2014 at 5:26 AM, Seth Mos wrote: > Hi, > > Whilst rummaging through some DNS (dnsmasq) logs I've noticed quite a > decent amount of queries for pdf.js from what appear to be mozilla > browsers. > > Seems rather odd that it is performing DNS queries for a internal PDF > viewer. > > Has anyone else come across these lookups? > > Kind regards, > > Seth >
Re: IP to authoritative CIDR webservices
On Mon, 14 Dec 2009 23:13:28 -0600 William Pitcock wrote: > On Mon, 2009-12-14 at 21:10 -0800, Mehmet Akcin wrote: > > Current RIR whois actually does that. > > > > ie: search for 199.4.29 > > it will show you 199.4.28/22 > > Yes, but it has to be parsed, and RIRs have varying whois formats. ARIN > vs RIPE whois output, for example. You might could modify the CyberAbuse Whois (zcw) client[1] to also output CIDR information. It already outputs range information, so shouldn't be hard to add CIDR support to what it displays. I'll contact the author to see if he could add that, as it would be a useful feature for all. ~reed [1] http://www.cyberabuse.org/whois/ -- Reed Loden - pgpdIU4lttjJX.pgp Description: PGP signature
Re: Spamcop Blocks Facebook?
On Thu, 25 Feb 2010 19:14:37 -0800 Shon Elliott wrote: > Anyone from Facebook or Spamcop lurking around to look into this? It's quite > annoying.. I can't imagine how many other users are scratching their heads on > this one... I'm a long-time SpamCop member, so I forwarded your mail to the deputies. They are aware that facebook's servers have been sporadically listed, and one of them specifically said the following: "Not much we can do about the listings. They're sending spam to our traps in large enough numbers that raises the score to a listing level. If Facebook were to follow best practices the spam complaints and trap hits would drop to levels that keeps them from getting listed." ~reed -- Reed Loden -
