Cacti Graphing

Hi All, Has any one on this list graphed alcatel-lucent service routers succesfully using Cacti and if yes would you be kind enough to provide the base template or the how to.? -- Kind Regards Joseph Nzioka, Cell:+254 735 452050 Cell:+254 711 968429

RE: The Confiker Virus.

Joe, Here's the link for the Python Crypto toolkit: http://www.amk.ca/python/code/crypto.html I scanned our internal network and didn't find anything, so I can't really vouch for it's reliablity though. -Original Message- From: David Tebbutt [mailto:da...@sunshadeseyewear.com.au] Sent:

Re: The Confiker Virus.

Anyone try the new nmap beta that includes the ability to detect it? nmap-4.85BETA5 ? I am looking for output from a scan on a known infected machine vs what I believe is a clean machine I have. Thanks, On Tue, Mar 31, 2009 at 7:48 AM, Eric Tykwinski wrote: > Joe, > > Here's the link for the Py

Re: The Confiker Virus.

Here is a pretty good recap of all options, including some useful comments: http://it.slashdot.org/article.pl?sid=09/03/30/090224 - including the specific one addressing the py script: http://it.slashdot.org/comments.pl?sid=1180397&cid=27387085 ) Stefan On Tue, Mar 31, 2009 at 7:48 AM, Eric Tykw

Re: The Confiker Virus.

Also see http://arstechnica.com/security/news/2009/03/new-method-for-detecting-conficker-discovered-debuted.ars

Re: The Confiker Virus.

I forgot to mention that I have had python-crypto already installed before I posted. I was still getting the WARNING. -- Joe On Mon, Mar 30, 2009 at 11:10 PM, David Tebbutt wrote: > you need to add python-crypto with whatever package manager your OS > uses, > yast line in suse: > > │python-crypto

Re: The Confiker Virus.

0n Tue, Mar 31, 2009 at 09:22:32AM -0400, Steven M. Bellovin wrote: Honeynet Project has released Know Your Enemy: Containing Conficker: Our "Know Your Enemy: Containing Conficker" whitepaper was released on March 30th as a PDF only. You can download the full paper from the link belo

Re: The Confiker Virus.

>From what I can find with the nmap way, You don't want to see *Conficker: LIKELY INFECTED* or *Conficker: VULNERABLE*. 2009/3/31 JoeSox > I forgot to mention that I have had python-crypto already installed > before I posted. I was still getting the WARNING. > -- > Joe > > On Mon, Mar 30, 2009 a

Re: The Confiker Virus.

I am uncertain also. I scan a subnet on my network with Axence NetTools looking for 445 port and I receive some hits. I perform a netstat -a some of those results but don't really see any 445 activity. The SCS script doesn't find anything either. The PCs are patched and virusscan updated. One PC

TWC outage

Seems to be an outage with Time Warner Cable in the upstate New York area ... As far as I can tell, it's on AS7843. I'm awaiting callback from an engineer for details Adam -- Webjogger (845) 757-4000 ASN 20208 == C:\>tracert www.authorize.net Tracing route to www.authorize.net [64.

Spoofer project update

Hi, as many of you are acutely aware, IP source spoofing is still a common attack vector. The ANA spoofer project: http://spoofer.csail.mit.edu first began quantifying the extent of source verification in 2005. We've amassed several years worth of data -- data that has become particularly inte

Re: Cacti Graphing

Hi Nzioka, the appropriate place for your request is http://forums.cacti.net/. Or you can also check http://sourceforge.net/mailarchive/forum.php?forum_name=cacti-user Regards Raymond Macharia On Tue, Mar 31, 2009 at 1:05 PM, Joseph Nzioka wrote: > Hi All, > > Has an

RE: Earthlink help needed

Hey, I'm also having an issue with mail delivery to earthlink. It seems some of the messages to earthlink are not reaching the inbox post the initial acceptance. Can an earthlink administrator confirm off-list if this is something the client can control? The few that I have examples of swear th

Re: Cacti Graphing

Hi Joe, I sent you some links offline as well, but make sure the polling host can talk to the target: IIRC, the Alcatel/Lucent device(s) default to snmp v2. IIRC, Cacti is defaulted to v1. At the CLI of the [hopefully] nix device: snmpwalk -v 2c $community ip_addr 1.3.6 That shou

Re: The Confiker Virus.

Is anyone aware of any network-based signatures that could be used to identify and tag IP traffic, for dropping at the ingress/egress points? On Tue, Mar 31, 2009 at 9:41 AM, JoeSox wrote: > I am uncertain also. I scan a subnet on my network with Axence > NetTools looking for 445 port and I rece

Re: The Confiker Virus.

See http://honeynet.org/node/388 for snort signatures for .a and .b variants. - d. On Tue, 31 Mar 2009, Steven Fischer wrote: Is anyone aware of any network-based signatures that could be used to identify and tag IP traffic, for dropping at the ingress/egress points? On Tue, Mar 31, 2009

Re: TWC outage

Thanks for various replies off-list which helped to troubleshoot this issue and possibly accelerate resolution. Time Warner attributed the issue to a routing loop on the Level 3 network caused by some work last night. Based on a traceroute from a Webjogger customer, the loop was in Chicago.

Re: TWC outage

are you just a little early for April Fools? :-) On 2009Mar31, at 5:43 PM, Adam Greene wrote: Based on a traceroute from a Webjogger customer, the loop was in Chicago.

Hotmail/MSN/Live help?

My mail server is currently being blocked by Windows/Live/Hotmail even though I am (and have been for years) a member of Microsoft's JMRP and SNDS services. Not sure what changed after years of peaceful co-existence. Could someone from Windows Live Hotmail please contact me off list? TIA --

Re: Google Over IPV6

Nick Hilliard wrote: > On 27/03/2009 15:26, Leo Bicknell wrote: >> AFAIK you have to have native peering with them to be part of the >> pilot. At least, you did when we signed up. They may have relaxed >> that since. > > According to a Google IPv6 talk I attended yesterday, they don't intend > t

Re: Google Over IPV6

Everything is a tunnel... Tube man. Everything is a tube... and Al Gore invented tubes. MMC Nick -- Matthew Moyle-Croft Internode/Agile Peering and Core Networks

Can you see these AS links:)

Hello folks, As part of a research project here at Northwestern, we have found quite a few unexpected AS-level links that do not appear in public available BGP tables. We really need your help in validating them; for anyone who knows links associated with any AS, if you can assist us with this plea

Re: Can you see these AS links:)

On Mar 31, 2009, at 10:56 PM, Kai Chen wrote: As part of a research project here at Northwestern, we have found quite a few unexpected AS-level links that do not appear in public available BGP tables. We really need your help in validating them; for anyone who knows links associated with an