Networking And Telephony

(BDavis/48406) I have heard this to be true but my own ISP definitely honors TT...

BDavis@rss.iscabbs.com — Wed, 22 Feb 2012 11:48:00 -0600

I have heard this to be true but my own ISP definitely honors TTLs. In fact at
times I have had IPs changed I thought maybe they were even caching them less
than the defined TTL as it seemed to propagate sooner than I expected.

(JL/48405) ignoring TTL's to cache DNS seems like a disservice to your user...

JL@rss.iscabbs.com — Wed, 22 Feb 2012 08:46:00 -0600

ignoring TTL's to cache DNS seems like a disservice to your users!
Low TTL's are there for a reason, right?

(Wang Master/48404) do when it comes to TTLs, keep in mind that alot of caching name...

Wang Master@rss.iscabbs.com — Wed, 22 Feb 2012 08:04:00 -0600

do when it comes to TTLs, keep in mind that alot of caching name servers either
ignore TTL, or ignore TTLs under a certain value (24 hours is fairly common)

(SilverEdge/48403) Thats what I use. I point my domain to the username.dyndns.org ...

SilverEdge@rss.iscabbs.com — Wed, 22 Feb 2012 07:46:00 -0600

Thats what I use.  I point my domain to the username.dyndns.org name, which
then points to the current IP of the machine.  It's free for what I use it for.
I don't know if there any charges for commercial use.

(Justin Case/48402) Dyndns.org?

Justin Case@rss.iscabbs.com — Wed, 22 Feb 2012 07:42:00 -0600

Dyndns.org?

(Kena/48401) Zoneedit.com does come to mind. Two observations:

Kena@rss.iscabbs.com — Wed, 22 Feb 2012 07:21:00 -0600

Zoneedit.com does come to mind.  Two observations:
- They have a lower limit to TTLs (though it's not *that* high, I don't think)
- They *REALLY* pissed me off, once.  We were actually paying customers(!), and
  one day, the just flat stopped resolving our DNS.  Went on for hours.  Tried
  every way we could to contact them, failing miserably, with all in-bound
  corporate e-mail going God-knows-where, web site down, even some internal
  services horking due to idiot administrators who made some bad historical
  choices.  Finally, after being down until about 2:00 p.m., decided to pull
  the plug, and went with an alternate provider; took about another two hours
  for everything to catch up.  Long about 5:30, we get an e-mail from ZoneEdit:
  "Of course we aren't answering your DNS queries; your registrar is pointing
  somewhere else!"  No s***, Sherlock.

(Danix/48400) zoneedit.com ?

Danix@rss.iscabbs.com — Wed, 22 Feb 2012 06:55:00 -0600

zoneedit.com ?

(JL/48399) Is there a cheap (free), reliable DNS hosting service?

JL@rss.iscabbs.com — Wed, 22 Feb 2012 06:43:00 -0600


Is there a cheap (free), reliable DNS hosting service?

Dotster sucks, and they want $10/yr for DNS Management.
I don't want to handle DNS on my web host, because when the site goes
unavailable, so does my DNS.

The goal is to able to shorten my TTL's and quickly switch IP addresses for my
server, if needed.

My site is still under a DoS attack, and at least this would give me some
flexibility.

So, any suggestions for a DNS host?

(Kena/48398) there are any number of reasons it might die, but the biggie is ...

Kena@rss.iscabbs.com — Wed, 22 Feb 2012 04:24:00 -0600

there are any number of reasons it might die, but the biggie is probably
something stepping on UDP packets.  If you become root, you can use
traceroute's "-T" option:
root@luthien:~# traceroute -n -T www.monetra.com
traceroute to www.monetra.com (216.155.101.70), 30 hops max, 60 byte packets
 1  192.168.43.1  3.294 ms  3.278 ms  3.344 ms
 2  66.174.121.80  62.011 ms  62.034 ms  62.185 ms
 3  66.174.121.63  77.801 ms  78.799 ms  79.503 ms
 4  69.83.15.177  79.608 ms  85.660 ms  85.590 ms
 5  69.83.14.18  97.482 ms  98.574 ms  123.235 ms
 6  66.174.18.132  122.821 ms  119.407 ms  115.763 ms
 7  66.174.18.131  120.110 ms  81.621 ms  81.398 ms
 8  209.220.16.13  88.197 ms  99.061 ms  98.590 ms
 9  206.111.13.126  98.555 ms  103.816 ms  98.001 ms
10  152.63.3.109  98.330 ms  92.417 ms  91.502 ms
11  152.63.3.134  116.346 ms  113.379 ms  112.726 ms
12  152.63.80.49  112.730 ms  118.556 ms  124.951 ms
13  157.130.71.234  147.453 ms  134.452 ms  132.795 ms
14  216.155.103.125  149.788 ms  149.268 ms  147.743 ms
15  216.155.103.97  146.742 ms  146.883 ms  140.359 ms
16  216.155.103.142  147.842 ms  137.008 ms  136.637 ms
17  216.155.101.70  136.325 ms  153.124 ms  162.956 ms

(Raubvogel/48397) What can I infer from this? It is just something does not want

Raubvogel@rss.iscabbs.com — Wed, 22 Feb 2012 03:43:00 -0600

        What can I infer from this? It is just something does not want
to show me the final hops to the said machine?

[raub@DuckWitch ~]$ tracepath www.monetra.com
 1:  DuckWitch (66.172.33.139)                              0.164ms pmtu 1500
 1:  66.172.33.1 (66.172.33.1)                              1.779ms
 2:  xe-7-2-2.edge6.LosAngeles1.Level3.net (4.30.63.241)    0.511ms
 3:  vlan60.csw1.LosAngeles1.Level3.net (4.69.144.62)       0.490ms
 4:  ae-92-92.ebr2.LosAngeles1.Level3.net (4.69.137.29)     0.467ms
 5:  ae-3-3.ebr3.Dallas1.Level3.net (4.69.132.78)          32.135ms
 6:  ae-7-7.ebr3.Atlanta2.Level3.net (4.69.134.22)         51.895ms
 7:  ae-63-63.ebr1.Atlanta2.Level3.net (4.69.148.242)      52.260ms
 8:  ae-1-8.bar1.Orlando1.Level3.net (4.69.137.149)       asymm  9  60.090ms
 9:  ae-0-11.bar2.Orlando1.Level3.net (4.69.137.146)      asymm 10  59.281ms
10:  ae-9-9.car2.Orlando1.Level3.net (4.69.133.69)         60.133ms
11:  ACCELERATIO.car2.Orlando1.Level3.net (4.28.162.130)   60.450ms
12:  atm-5-0-221.cisco-7206-g1.metro.gnv.acceleration.net (216.155.103.161)
78.932ms
13:  216.155.103.142 (216.155.103.142)                     81.194ms
14:  no reply
15:  no reply
16:  no reply
17:  no reply
18:  no reply
19:  no reply
20:  no reply
21:  no reply
22:  no reply
23:  no reply
24:  no reply
25:  no reply
26:  no reply
27:  no reply
28:  no reply
29:  no reply
30:  no reply
31:  no reply
     Too many hops: pmtu 1500
     Resume: pmtu 1500
[raub@DuckWitch ~]$

(Justin Case/48396) JL-->Tell hostgator to call Radware. They've been mititaging th...

Justin Case@rss.iscabbs.com — Tue, 21 Feb 2012 09:37:00 -0600

JL-->Tell hostgator to call Radware.  They've been mititaging those kinds of
attacks for quite some time.  And they protect some big companies (and
governments) to boot.

(Kena/48395) I thought the Linux stack had been tweaked three or four years a...

Kena@rss.iscabbs.com — Tue, 21 Feb 2012 09:29:00 -0600

I thought the Linux stack had been tweaked three or four years ago to better
deal with SYN attacks... there might be some tweaks there, too, assuming it's
Linux.

(Egregious/48394) They might be doing it as a shakedown. Check your mail for offe...

Egregious@rss.iscabbs.com — Tue, 21 Feb 2012 09:18:00 -0600


They might be doing it as a shakedown.  Check your mail for offers to make it
stop for X thousand bucks.  If they ask for Bitcoins, call the cops on Mr
Tinkertrain.

Third-party boxes do handling SYN attacks have been around for years.  I was
at a compnay making them a decade ago.  At that time they charged hundreds of
thousands of dollars but the Cisco Guard ought to be able to do the SYN cookie
magic transparently for you.

(Knightshade/48393) If that Social Network movie is accurate it's possible it's Zuck...

Knightshade@rss.iscabbs.com — Tue, 21 Feb 2012 09:18:00 -0600

If that Social Network movie is accurate it's possible it's Zuck himself doing
it :P

(JL/48392) The data center is putting on Cisco Guard for 24 hours at a time...

JL@rss.iscabbs.com — Tue, 21 Feb 2012 09:08:00 -0600

The data center is putting on Cisco Guard for 24 hours at a time, which is
helping a lot. They were attacking one IP, so we switched, and now they're
attacking the new one.

I'm going to explore ways to change TCP settings to at least help reduce the
problem. I have full root access to the system (it's a dedicated box). Well, I
have full access if I can *get* to it, which I can't right now.

Why?

I don't know. I have no conclusion, but I have observations:

1. I recently starting getting a lot more publicity because my app helps users
adjust the new Facebook Timeline. I got lots of links from all over, including
LifeHacker. Someone could be randomly picking links to attack from LifeHacker,
for all I know.

2. Another FB app, "FB Purity" got taken down by Facebook last Friday. I made a
couple posts that were kind of critical of the author, and mentioning my app
and web site. A short time later, the attacks started. It could be the author
of that app, or a random "fan" of the app, or even a random hacker that picks
up links to attack from his page.

3. I think Facebook strongly dislikes what I do, especially at a time when they
are about to roll out Timeline to all users, and prepare for an IPO. It would
be quite a conspiracy theory to suspect that they were at the root of this, not
to mention quite vain. People like to think they are, but I think there is a
0.00% chance they would have anything to do with it.

4. I recently broke a mirror. My bad?

(DesCartes/48391) Any idea why you'd be attacked? Or is it just one of those prid...

DesCartes@rss.iscabbs.com — Tue, 21 Feb 2012 09:03:00 -0600

Any  idea why you'd be attacked? Or is it just one of those pride things,
hitting anything that raises a significant profile?

(Egregious/48390) If someone is forging traffic, all bets are off. I'm a little s...

Egregious@rss.iscabbs.com — Tue, 21 Feb 2012 08:50:00 -0600

If someone is forging traffic, all bets are off.  I'm a little surprised that
anyone lets data leave their network with improper source addresses, but only a
little.

There are programmatic defenses against SYN attacks that have varying levels
of success depending on just how hard you are being attacked.  But you'll need
access to your host's OS.

(JL/48389) My website (SocialFixer.com) has been under constant SYN attacks...

JL@rss.iscabbs.com — Tue, 21 Feb 2012 08:36:00 -0600


My website (SocialFixer.com) has been under constant SYN attacks for days.

The host (Hostgator) says there is no way to trace the origin of the attack,
because by its very nature, the return route is invalid.

Is there any way to get more info on the source of this?

It completely sucks to have everything grind to a halt and my whole project be
unavailable because some dickhead somewhere DoS's me. Oy.

(Kena/48388) Indeed, it was. I even found it -- sorry for not getting back h...

Kena@rss.iscabbs.com — Tue, 21 Feb 2012 08:27:00 -0600

Indeed, it was.  I even found it -- sorry for not getting back here.  Thank you
kindly; it was just driving me insane that I couldn't remember its name.

(LOGAN/48387) Kena> 802.1d (which includes spanning-tree) is likely the answe...

LOGAN@rss.iscabbs.com — Tue, 21 Feb 2012 06:58:00 -0600

Kena>  802.1d (which includes spanning-tree) is likely the answer that you
seek.

(Kena/48386) I';m trying, and failing desperately, to remember what the damn ...

Kena@rss.iscabbs.com — Tue, 21 Feb 2012 04:38:00 -0600

I';m trying, and failing desperately, to remember what the damn protocol to
prevent ethernet loopbacks is called.  Bueller?

(Cyanide/48385) I have had a lot of issues with the linksys and autonegotiate, w...

Cyanide@rss.iscabbs.com — Mon, 20 Feb 2012 04:01:00 -0600

I have had a lot of issues with the linksys and autonegotiate, which is
why i ask.. And part of the might have been because of autonegotiate and
the other auto with old hardware. Sometimes thoroughput is an issue, but
not that often even with slow switches and GigE.

These are replacing an SMC 5-port switch. I only use 4 ports consistantly, so
an 8-port switch where 4 of them are normally off, is probably going to save
me money in electric. Which probably justifies the cost even if the SMC's
still worked.

(Harbinger/48384) I've got a pair of the 5 port gigE Trendnet switches. I've run ...

Harbinger@rss.iscabbs.com — Mon, 20 Feb 2012 03:46:00 -0600

I've got a pair of the 5 port gigE Trendnet switches.  I've run one w/ jumbo
frames, the other w/o and they've been perfectly fine (running at 2+ years
now).  Not the best or the worst.

(Cyanide/48383) My switches died at home, are these Trendnet green gigE switches...

Cyanide@rss.iscabbs.com — Sun, 19 Feb 2012 08:25:00 -0600

My switches died at home, are these Trendnet green gigE switches any good.
It is for home, so they don't have to be managed or anything. LowE == good.
Is there something else I should be looking at?

(Danix/48382) Yup, you said exactly that. My point is that the first one prote...

Danix@rss.iscabbs.com — Fri, 17 Feb 2012 12:31:00 -0600

Yup, you said exactly that. My point is that the first one protects you from
the casual people already, while the other two incur in
performance/compatibility issues while not really giving any added security (it
will be circumvented by default by the tools I mentioned). :)

(Keogk/48381) I Dont recall my post but I thought I said use ll 3 WPA,Mac addy...

Keogk@rss.iscabbs.com — Fri, 17 Feb 2012 12:28:00 -0600

I Dont recall my post but I thought I said use ll 3 WPA,Mac addy filtering and
hidden ssid.

(Danix/48380) Keogk> The problem I see with that approach is thinking that MAC...

Danix@rss.iscabbs.com — Fri, 17 Feb 2012 09:11:00 -0600

Keogk> The problem I see with that approach is thinking that MAC addy filtering
and hidden SSID will keep you out from WEP-crackers.
You've basically got three kinds of possible "wifi-jackers":

- Common users. They'll just look around for unprotected WiFi and connect to
'em. Hiding SSID protects you from them, but so does just putting up WEP as
they'll rather search other networks and see who's got an unprotected one.
- WEP crackers. They will usually download and run some WEP cracking tool.
These tools already have most of the stuff automated... and they actually sniff
the waves, and spit out SSIDs (even the hidden ones) and *MAC addresses of all
devices connecting to them*. WPA protects against them, but MAC filtering/SSID
hiding is useless as the tool will show them anyway, unless you aren't using
the WiFi network at all.
- Dedicated crackers or someone with a grudge against you: WPA2, probably
802.1X will protect you. Probably.

So really SSID hiding and MAC filtering will not protect you from the people
you'd think it does, while incurring in compatibility problems with some
devices (SSID hiding) and incurring in performance issues on the AP (MAC
filtering).

(Egregious/48379) I implemented that hack back when I first learned squid. It was...

Egregious@rss.iscabbs.com — Thu, 16 Feb 2012 07:50:00 -0600

I implemented that hack back when I first learned squid.  It was fun.

(Cragmor/48378) Once upon a time in Outlook (2007) when we hosted our own exchan...

Cragmor@rss.iscabbs.com — Thu, 16 Feb 2012 07:36:00 -0600

Once upon a time in Outlook (2007) when we hosted our own exchange server, if
we received an email with other people outside the organization in the To or cc
fields, where they showed up as lastname, first, we could right click on them,
select outlook properties, and an email properties window would open showing us
the address for this person. Since we moved to Microsoft's hosted exchange,
sometimes we get an outlook properties box with nothing in it instead of email
properties that shows the address. So, we do not know what the address is we
are sending to. Anyone know how to correct this, or why this happens sometimes?
Some names still work fine. I am wondering if the ones that no longer work are
using exchange as well, and outlook is getting confused, trying to resolve them
on our exchange server.

(Kena/48377) Well, really, the One True WiFi hack of all time has to be this ...

Kena@rss.iscabbs.com — Wed, 15 Feb 2012 21:44:00 -0600

Well, really, the One True WiFi hack of all time has to be this one:
http://www.ex-parrot.com/~pete/upside-down-ternet.html

(Keogk/48376) I tend to treat my Wifi security like Car

Keogk@rss.iscabbs.com — Wed, 15 Feb 2012 09:53:00 -0600

I tend to treat my Wifi security like Car
I do what I can to keep the casual person walking by or sitting next door off
If someone is in range and can see my Ap is secure they move on to the next
unsecure easy target.
So WPA,Mac address filtering and hidden SSID will keep you 99% safe
The 1 percent is gonna be someone who is looking to get into your network
I also like my buddys system. He has a Ciso Ap that no longer works properly
but he leaves it on and has it set up to broadcast something like 25 SSID some
secure some not. Even if people connect they cant get anyway he just has theAP
plugged into power.

(Danix/48375) Heh. I used to have the Bruce Schneier view on Wireless until th...

Danix@rss.iscabbs.com — Tue, 14 Feb 2012 10:56:00 -0600

Heh. I used to have the Bruce Schneier view on Wireless until the kiddie porn
cases popped up. Given that I'm living at a country where the Feds are bumbling
idiots that jump at conclusions *and jail you* without strong evidence, I
ain't gonna risk it.

So, what can I do? WEP is a joke, even Android phone can crack it.
MAC filtering and ESSID hiding is snake oil. Kinda like "securing" your house
by painting over your doorlock so that it doesn't look like it's there. In
fact, MAC filter/ESSID hiding might amount to security theater; both of these
things can be found out with regular WiFi cracking tools like the WiFi Slax
distro, *and they do it by default*.

That is, hiding your SSID won't even protect you from the amateur script
kiddiez because it'll be found as soon as you use your WiFi.

Oh, and MAC filtering makes the AP fail shittastically once the table grows too
big.

So basically, if you really, really want to have secure WiFi, your options are:

- WPA2-PSK with AES and a truly secure passphrase. Might prove hard enough to
crack that ppl will just go and hack another wifi.
- The above setting, but behind an isolated VLAN. Your devices have to log on a
VPN which has an endpoint visible to the wifi's VLAN.
- The VPN thingy, but with an open wifi
- 802.1X, which uses public certs for this and will make the wifi actually
secure.

However, good luck on getting appliances to use most of those methods, barring
WPA2-PSK.

(Mr Tinkertrain/48374) er, GPU. Thanks for catching that Kena. I was home yesterday w...

Mr Tinkertrain@rss.iscabbs.com — Tue, 14 Feb 2012 07:23:00 -0600

er, GPU.  Thanks for catching that Kena.  I was home yesterday with a sick
infant, so I was all flustered and tired. :)

(Kena/48373) Well, the real question isn't what "most people" will do -- it's...

Kena@rss.iscabbs.com — Tue, 14 Feb 2012 06:48:00 -0600

Well, the real question isn't what "most people" will do -- it's "what are you
trying to avoid have happen?"  I mean, it can run the gamut from "I just don't
feel like sharing my bandwidth," to "I read about that guy who did kiddie porn
through his neighbor's WiFi, in England, as an act of revenge, and I don't want
that to happen to me."  Sure, a hidden ESSID will stop casual browsers, but if
someone's On A Mission, well, WPA's a good start.
Or, you can drive by my house, and pick up "whateveryouwant" that's wide open.
[Ken: "What do you want to name the WiFi?"  Wife: "Whatever you want."]

(Distant Horizon/48372) Well, I went ahead and enabled WPA, but I'll have to buy a new n...

Distant Horizon@rss.iscabbs.com — Tue, 14 Feb 2012 05:13:00 -0600

Well, I went ahead and enabled WPA, but I'll have to buy a new network adapter
for that old laptop next time I want to use it; it only does WEP.

(SilverEdge/48371) I would think though that with the high amount of networks in an...

SilverEdge@rss.iscabbs.com — Tue, 14 Feb 2012 04:55:00 -0600

I would think though that with the high amount of networks in any given
neighborhood these days, most people will look for open networks first, then
whatever visible network with WEP, then whatever visible network with WPA,
before theyd even bother with a network with a hidden SSID.  Thoughts?

(Kena/48370) "GPA?" Do you mean GPU? Or is this an NTLA? (New three-letter ...

Kena@rss.iscabbs.com — Tue, 14 Feb 2012 02:42:00 -0600

"GPA?"  Do you mean GPU?  Or is this an NTLA? (New three-letter acronym, of
course. ;-)

(Mr Tinkertrain/48369) http://hashcat.net/wiki/cracking_wpawpa2

Mr Tinkertrain@rss.iscabbs.com — Mon, 13 Feb 2012 16:13:00 -0600

 http://hashcat.net/wiki/cracking_wpawpa2

(Mr Tinkertrain/48368) WPA is much easier to crack these days. Not as easy, of course,...

Mr Tinkertrain@rss.iscabbs.com — Mon, 13 Feb 2012 16:04:00 -0600

WPA is much easier to crack these days.  Not as easy, of course, as WEP, but
with GPA crackers it's much much easier to do than it used to be.

(Kena/48367) Which takes roughly .5 seconds of actual sniffing if you've got ...

Kena@rss.iscabbs.com — Mon, 13 Feb 2012 12:43:00 -0600

Which takes roughly .5 seconds of actual sniffing if you've got the right
tools, and there's any traffic.  Hidden ESSID and MAC filtering, though,
qualify as "security through obscurity."  WPA is the way to fly.  Unless, of
course, you subscribe to the Bruce Schneier school of thought -- leave it wide,
wide, wide open:
http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html

(Cyanide/48366) Mac filtering is sort of a joke. You actually have to take the t...

Cyanide@rss.iscabbs.com — Mon, 13 Feb 2012 10:39:00 -0600

Mac filtering is sort of a joke. You actually have to take the time to find the
right mac addy though.

(The After Party/48365) DH

The After Party@rss.iscabbs.com — Mon, 13 Feb 2012 05:42:00 -0600

DH

  MAC filtering is .. a joke. Your MAC can easily be spoofed. If your
  machine is online, it will confuse the heck out of the router. If your
  machine is offline, the other person is home free.
  A good password will protect your router from getting owned.
  Without WPA your wifi data is unencrypted so your MAC is in th open to
  copy/spoof and so is all of your http traffic, etc.

  Enable WPA

(Smoke Eater/48364) No. MAC address filtering, a strong password, and WPA encryptio...

Smoke Eater@rss.iscabbs.com — Mon, 13 Feb 2012 05:18:00 -0600

No.  MAC address filtering, a strong password, and WPA encryption is sufficient
for wireless network security.

(Distant Horizon/48363) Is MAC address filtering on my router (linksys wrt54gl) and a go...

Distant Horizon@rss.iscabbs.com — Mon, 13 Feb 2012 05:09:00 -0600

Is MAC address filtering on my router (linksys wrt54gl) and a good password on
the router anywhere near sufficient for wireless network security?

Running a Windows box, a television, a Kindle, and occasionally an old Windows
laptop.

(LOGAN/48361) Kena> A multihomed Windows box with multiple default gateways wi...

LOGAN@rss.iscabbs.com — Sun, 12 Feb 2012 16:46:00 -0600

Kena> A multihomed Windows box with multiple default gateways will almost
certainly send traffic for subnet which are not directly connected via
whichever "default" route was last configured.

10.255.255.255/32 is for subnet directed broadcast.
255.255.255.255/32 is for regular broadcast traffic.

A full listing of the routing table would be more useful in terms of figuring
out what traffic goes where.

(Kena/48360) A couple questions if there are any Windows networking demigods ...

Kena@rss.iscabbs.com — Fri, 10 Feb 2012 04:38:00 -0600

A couple questions if there are any Windows networking demigods hanging out:
- Is there defined behavior for what Windows does with multiple default g'ways?
- If I've got a 10.1.2.3/24 address, what's with the 10.255.255.255/32 route?
- Likewise, what's with the 255.255.255.255/32 route?

Thanks...

(Keogk/48359) Again it seems at work if I need something done I have to do it ...

Keogk@rss.iscabbs.com — Sun, 29 Jan 2012 14:33:00 -0600

Again it seems at work if I need something done I have to do it myself. Latest
is making my own changes on our ASA firewall. Any recomendations on a decent
book or videos I may want to check out. It seems pretty straight forward

(Egregious/48358) Anyone recopgnize this network protocol going over UDP?

Egregious@rss.iscabbs.com — Fri, 27 Jan 2012 06:54:00 -0600


Anyone recopgnize this network protocol going over UDP?

atv:bin:0:Mf3rjfoy4JIqR1saLr/VXazVf+eAefvQ4NznNwfO8Xbs7dy9nrSeIQuuUe/1h

(Keogk/48357) Kena>

Keogk@rss.iscabbs.com — Tue, 24 Jan 2012 17:18:00 -0600

Kena>
I think you can create a GPO that will remove the shutdown option from the
menu. I think you may be able to move it as well

(Tom Brady/48356) Anyone know how to take an outbound request from behind a Cisco ...

Tom Brady@rss.iscabbs.com — Tue, 24 Jan 2012 11:17:00 -0600

Anyone know how to take an outbound request from behind a Cisco ASA and
redirect the port?

Like a client inside asks for 123.45.6.78 port 22 from the internet and I port
translate that to 123.45.6.78 port 5555?

Would that be an outside->Inside NAT, or outside to outside?  My brain is
fried.

(SilverEdge/48355) O.o I'd ask them to make your base profile roaming - depending ...

SilverEdge@rss.iscabbs.com — Tue, 24 Jan 2012 09:57:00 -0600

O.o  I'd ask them to make your base profile roaming - depending on your
environment of course.  A login script specific to you should be the least they
can do for you.

(Kena/48354) Exactly. I help administer > 1K Windows boxen, and having a few...

Kena@rss.iscabbs.com — Tue, 24 Jan 2012 07:41:00 -0600

Exactly.  I help administer > 1K Windows boxen, and having a few things be the
same each time I log in would be really handy.  Maybe I could ask IT to throw
a login script into my profile...

(SilverEdge/48353) Do you have a shared storage somewhere? I generally map my clie...

SilverEdge@rss.iscabbs.com — Tue, 24 Jan 2012 07:36:00 -0600

Do you have a shared storage somewhere?  I generally map my clients to point
their "My Documents" folder to a server share, ie: \\server\users\username or
something like that.  If so, you could always manually go in and run that each
time if need be.  Not as automatic though if you go machine to machine.

(Kena/48352) We ain't. Or, at least... I'm 99% sure we aren't; I suppose I s...

Kena@rss.iscabbs.com — Tue, 24 Jan 2012 05:18:00 -0600

We ain't.  Or, at least... I'm 99% sure we aren't; I suppose I should verify
that.

(SilverEdge/48351) Kena> Are you using roaming profiles? If so, just make a batch ...

SilverEdge@rss.iscabbs.com — Tue, 24 Jan 2012 04:05:00 -0600

Kena> Are you using roaming profiles?  If so, just make a batch file, put it in
your personal startup folder.  It should run wherever you go if you're using
roaming profiles and affect only you.  I do it for various clients with special
needs.

(Kena/48350) When I rdp to a 2003 box, I'd really like to make the "shutdown"...

Kena@rss.iscabbs.com — Mon, 23 Jan 2012 23:47:00 -0600

When I rdp to a 2003 box, I'd really like to make the "shutdown" menu option go
away.  Is there an easy way to do that?

A corallary to this, I guess, is a different question: *without* admin privs to
a domain, is there a way I can set up some sort of global login script for
myself?

(Stilgar/48349) PDAs is a better forum for cell phone questions. It's really no...

Stilgar@rss.iscabbs.com — Fri, 20 Jan 2012 00:07:00 -0600

PDAs is a better forum for cell phone questions.  It's really not topical here.
But to answer your question, the ringtones you're describing are nothing more
than MIDI files.  Search the internet for free midis and you will find anything
you're looking for for free.  They should play on your computer and then you
just need to get them onto your phone.

(Calhoun/48348) This forum looks like my best bet, so......

Calhoun@rss.iscabbs.com — Thu, 19 Jan 2012 08:13:00 -0600

This forum looks like my best bet, so......

Can anyone recommend a good source for polyphonic ring tones?  I've looked at
several websites, but the fine prints says you're agreeing to pay some amount
(like $10/month) to use the site.  I'm looking for a site I can make a onetime
payment to down load specific rigntones.  Any suggestions?

(Cyanide/48347) I think they got stuck and it was a plea for help to get some la...

Cyanide@rss.iscabbs.com — Thu, 19 Jan 2012 04:40:00 -0600

I think they got stuck and it was a plea for help to get some larger scale
testing done to help isolate some bugs.

They got help from Microsoft, they extended the unit testing to samba4, and
they did quite a bit of work especially with forests, but they ran into
some issues.

The integration between open source projects like bind, ldap and kerberos
have been dropped, and I think that is their biggest issue. They basically
wrote all of those servers instead of getting help from other people to
get it integrated. The only people they are getting help from is Microsoft
(who incidently has also added patches..)

(Kena/48346) Woot! Looks like Samba4 is getting ready to be pushed out the d...

Kena@rss.iscabbs.com — Wed, 18 Jan 2012 17:49:00 -0600

Woot!  Looks like Samba4 is getting ready to be pushed out the door.  I'm
afraid that they're kind of pulling the KDE 4.0 model: if we don't release it,
it'll never get released.  So, as a practical matter, I probably would *not*
recommend running 4.0.0 on a production site.  But I bet that (say) 4.0.2 will
be pretty decent.  Seems we're talking a matter of months, rather than years:
http://lwn.net/SubscriberLink/475592/15353ae15cd300cc/

(Cyanide/48345) That makes more sense. :) IPv6 is kind of a pain.. unless you ca...

Cyanide@rss.iscabbs.com — Wed, 18 Jan 2012 06:24:00 -0600

That makes more sense. :) IPv6 is kind of a pain.. unless you can do it all at
once. which of course you just have to shut down the world for a day and do it
lol

(Kena/48344) Okay. Just spoke with an expert (my wife), and she says 3G cert...

Kena@rss.iscabbs.com — Wed, 18 Jan 2012 05:53:00 -0600

Okay.  Just spoke with an expert (my wife), and she says 3G certainly supports
IPv6, but it depends on how the provider's provisioned it -- and, indeed, might
be different in a given vendor's own network.

(Justin Case/48343) Cyanide-->To my knowledge, and at least on Verizon, 3G is IPv4 o...

Justin Case@rss.iscabbs.com — Wed, 18 Jan 2012 05:44:00 -0600

Cyanide-->To my knowledge, and at least on Verizon, 3G is IPv4 only.  LTE,
however, is IPv6 native.

Danix-->To get our feet wet, last year, we looked at bringing in a dedicated
IPv6 connection, firewall, load balancer, IPS and router to get our web
sites spun up with IPv6 and we were looking at darn near 1/4 of a
$million.

The web server would have been configured to support dual stack.

(Danix/48342) Justin Case> Expensive beyond just enabling IPv6? Is it the soft...

Danix@rss.iscabbs.com — Wed, 18 Jan 2012 05:37:00 -0600

Justin Case> Expensive beyond just enabling IPv6? Is it the software, hardware
or both? I'm pretty sure my Catalyst 2950 won't work on IPv6, though its
principal function (switching) can cope with IPv6. If it were the router that
wasn't IPv6 enabled, that's another story.

But then there are those 6in4 tunnels you can do..

(Cyanide/48341) 3G doesnt have IPv6 support in the hardware?

Cyanide@rss.iscabbs.com — Wed, 18 Jan 2012 05:08:00 -0600

3G doesnt have IPv6 support in the hardware?

(Justin Case/48340) River->Just saw that.

Justin Case@rss.iscabbs.com — Wed, 18 Jan 2012 04:54:00 -0600

River->Just saw that.

Last year we spent some time looking into what it would take to enable our
consumer facing web sites with IPv6.  Ouch.  It was expensive.

So we didn't do it.

I've asked if we can try to do it this year.  We'll see what happens.

If you have an LTE phone, any LTE phone for that matter, as long as it is on
LTE and not 3G, you have an IPv6 device in your hand.

Or an LTE datacard/dongle for that matter.

(River Rat/48339) So June 6th is the new tentative date for IPv6.

River Rat@rss.iscabbs.com — Wed, 18 Jan 2012 03:43:00 -0600

So June 6th is the new tentative date for IPv6.

Are there any gateways, since that is what they are that support IPv6?

I don't know if Frontier.net is going to support IPv6 or not yet.

(Raubvogel/48338) Good linksys are the ones you can put openwrt in. Another brand

Raubvogel@rss.iscabbs.com — Tue, 17 Jan 2012 09:09:00 -0600

        Good linksys are the ones you can put openwrt in. Another brand
to consider IMHO is buffalo. Some do come with dd-wrt out of the box
and/or also support openwrt

(The After Party/48337) JL

The After Party@rss.iscabbs.com — Mon, 16 Jan 2012 00:37:00 -0600

JL

  I'm due to replace mine, but I'm not sure teh new 802.11ac stuff is out
  yet. That's what I'm waiting for.

  I have a D-link at home that i'm not in love with (in-frequent reboots
  needed. not too bad. There was a horrible software bug causing the
  signal to due a complete W with regards to wireless speed:
  http://gabe.misura.org/2011/06/16/terrible-wifi/

  I'm at the in-laws using a netgear i bought them awhile ago. Seems
  pretty good (i bet the firmware hasn't been updated since I was here
  last time, about 1.5 years ago). Works pretty good, but the wifi
  signal isnt' that great thru the cement walls here.

  I boycot linksys cuz i'm spiteful of the fact a long time ago they
  had an 'idle timeout' config that did nothing. plus, i don't
  think their quality is that good anymore.

(JL/48336) My Linksys E3000 wireless router seems to be flaky after less th...

JL@rss.iscabbs.com — Sat, 14 Jan 2012 18:26:00 -0600


My Linksys E3000 wireless router seems to be flaky after less than a year of
owning it. Lots of outages. When I swapped back in my old Linksys G router, no
problems.

So, I'm thinking it's time to replace it.

I like the idea of getting a router with built-in DLNA support, so I can just
hook up a USB drive and stream videos to my TV from it.

Any recommendations?

(Kena/48335) Well, in that case, Cragmor, sure, you could saturate your pipe,...

Kena@rss.iscabbs.com — Fri, 13 Jan 2012 09:08:00 -0600

Well, in that case, Cragmor, sure, you could saturate your pipe, no problem. 
It *would* take a number of "real" servers doing real network utilization; a
significant number of servers hit other forms of resource contention long
before they're making a significant impact on network utilization.

(BDavis/48334) "UC network" sounds like a management-by-magazine buzzword. In w...

BDavis@rss.iscabbs.com — Fri, 13 Jan 2012 08:31:00 -0600

"UC network" sounds like a management-by-magazine buzzword. In which case, you
could think of it as a mashup of synergistic technologies empowering the mobile
workforce to collaborate with business partners and engage the consumer through
an enhanced corporate social graph.

Or what Copper Lethe said.  :-)

(Copper Lethe/48333) There's really no such thing as a "UC network."

Copper Lethe@rss.iscabbs.com — Fri, 13 Jan 2012 08:12:00 -0600


There's really no such thing as a "UC network."
UC is "unified communication," which means (in a very general and simplified
sense) to integrate communications tools, real-time and otherwise, with each
other.  Accessing voicemail or SMS messages via email is an example of this.
The way Microsoft Communicator integrates with Outlook is another example.

(Egregious/48332) What is a "UC network"?

Egregious@rss.iscabbs.com — Fri, 13 Jan 2012 07:50:00 -0600

What is a "UC network"?

(Cragmor/48331) Port mirroring. All traffic on other ports on the switch are mir...

Cragmor@rss.iscabbs.com — Fri, 13 Jan 2012 07:32:00 -0600

Port mirroring. All traffic on other ports on the switch are mirrored to the vm
host port, then we have a virtual switch set up to mirror all vm's on the host.

(Kena/48330) Cragmor: what's your capture mechanism? I mean, how are you agg...

Kena@rss.iscabbs.com — Fri, 13 Jan 2012 05:07:00 -0600

Cragmor: what's your capture mechanism?  I mean, how are you aggregating the
other systems' network traffic?  I'm kind of not getting how you expect to see
non-broadcast traffic that isn't unicast at your monitoring system.

(Kena/48329) Eh-hem. 10.x.x.x has a /8 default. ;-)

Kena@rss.iscabbs.com — Fri, 13 Jan 2012 05:05:00 -0600

Eh-hem.  10.x.x.x has a /8 default. ;-)

(Cragmor/48328) We have a system, running as a VM at our hosting center. On this...

Cragmor@rss.iscabbs.com — Fri, 13 Jan 2012 04:57:00 -0600

We have a system, running as a VM at our hosting center. On this VM we do
packet capture. We capture packets from other VM's on the same physical server,
as well as other servers in our rack. I cannot give you network utilization
numbers just now, but in general, how likely could it be that you could
oversaturate the network, and actually miss packets? What we capture is
contained in a single packet, so there is no packet streams to rebuild. We are
seeing instances of our capture missing data that the server confirms being
transmitted. These instances involve other VM's on the same host, as well as
other servers in the rack.

(LOGAN/48327) Assuming that each of those networks has a /24 network mask, you...

LOGAN@rss.iscabbs.com — Thu, 12 Jan 2012 07:54:00 -0600

Assuming that each of those networks has a /24 network mask, you'd need a
router to get data from one subnet to another.  In all likelihood, the reason
it works is that the machines have a /16 network mask (the default for
10.x.x.x).  If that is the case, all of your machines are actually in the same
subnet.

(Keogk/48326) Have a network with 4 subnets

Keogk@rss.iscabbs.com — Thu, 12 Jan 2012 03:15:00 -0600

Have a network with 4 subnets
10.0.1.0
10.0.2.0
10.0.3.0
10.0.4.0
I have Domain controller on the 1 network
I have computers on all the other networks as well as the 1
I have a backup box that backsup from all the networks. I do not want my
traffic from each box to go thru my firewall
The IP address of the BU box is in the 4 net.
I have 3 more network cards each with just a IPv4 address and subnet mask for
the other 3 networks no other settings like dns or default gateway.
Most everything seems to be working ok.
But Should my other boxes in other subnets have a host file that points to the
machines ip in that same subnet or should theyt be able to get to it thru its 4
subnet address
Not sure if I am making sense.

(Kena/48325) Heh. There are places in NH, still, where you get dialup, perio...

Kena@rss.iscabbs.com — Sun, 25 Dec 2011 02:19:00 -0600

Heh.  There are places in NH, still, where you get dialup, period.  Not many;
most are covered by a blend of DSL and/or cable, but not so much for many of
the more rural parts.

(Justin Case/48324) Holy bat crap Merry Christmas. Parents live out in the boonies....

Justin Case@rss.iscabbs.com — Fri, 23 Dec 2011 15:38:00 -0600

Holy bat crap Merry Christmas.  Parents live out in the boonies.  Discovered
today that the 6/1 package they had is gone.  Now, they have 12/1 and it costs
a buck a month less!  w00t!

(Danix/48323) I wonder how many people have actually said "Shiboleet" while on...

Danix@rss.iscabbs.com — Thu, 15 Dec 2011 05:27:00 -0600

I wonder how many people have actually said "Shiboleet" while on an ISP tech
support call?

(Wang Master/48322) so i have a wireless performance question.

Wang Master@rss.iscabbs.com — Thu, 15 Dec 2011 05:04:00 -0600

so i have a wireless performance question.

I know that running devices from a previous 802.11 protocol on a newer 802.11
protocol (say a 802.11g device on an 802.11n network) can lower performance of
the entire network.

does this apply to the different signalling technology within a protocol?

for example 801.11n has wide and narrow bands as well as MIMO to get to it's
300/450/600Mbps performance.

if you have a device that's limited to narrow band and only a single antenna
that device is limited to around 75Mbps or so (wide band single antenna is
capable of 150 if i recall right).

Does that bring down the rest of the network performance similar to running
802.11g on 802.11n, or is that irrelevant?

(BDavis/48321) From a command-line: echo %LOGONSERVER%

BDavis@rss.iscabbs.com — Wed, 14 Dec 2011 07:52:00 -0600

From a command-line: echo %LOGONSERVER%
Or just type set|more and browse the output.

(Kena/48320) Dammit. I know I've asked this before, but I'm a loser (and my ...

Kena@rss.iscabbs.com — Wed, 14 Dec 2011 06:36:00 -0600

Dammit.  I know I've asked this before, but I'm a loser (and my Google-fu is
failing, big-time): how do I determine which DC I'm bound to?

(Miser/48318) Lochner>

Miser@rss.iscabbs.com — Mon, 12 Dec 2011 04:00:00 -0600

Lochner>
To answer your question, you may be looking for a packet analyzer such as
Wireshark.  It would allow you to capture network traffic on the interface and,
in particular, look for any suspect traffic that might be eating its bandwidth.

I'd also suggest checking the settings on the NIC to make sure it's using full
duplex, set to 100/1000 speed, etc.  Also, if the issue appears to be Internet
related, you can use an online speed checker such as speedtest.net to see what
kind of bandwidth it's getting.  A simple traceroute could further narrow down
the issue.

Lastly, if you already have a baseline (ie using ping or tracert) and happen to
have an extra NIC lying around, try putting it in there, disabling the old NIC
interface, and running the tests again.

(Lochner/48317) I need some free software/tools to analyze performance on my hom...

Lochner@rss.iscabbs.com — Mon, 12 Dec 2011 02:47:00 -0600


I need some free software/tools to analyze performance on my home LAN.
Specifically, I've got one device that I suspect may not be getting much
bandwidth.  Any recommendations?

(Odd/48316) TAP> Yeah, I'll do that. Problem was, the system causing the p...

Odd@rss.iscabbs.com — Thu, 08 Dec 2011 04:15:00 -0600

TAP>  Yeah, I'll do that.  Problem was, the system causing the problems IS the
system I ssh into to run the bbs right now :-)

(Boogie With Stu/48315) Thanks! It was in fact an old process that had survived many /e...

Boogie With Stu@rss.iscabbs.com — Wed, 07 Dec 2011 07:55:00 -0600

Thanks!  It was in fact an old process that had survived many /etc/init.d/ssh
reloads/restarts.  Works champly now on my port of choice.  I appreciate all
the help!

(Kena/48314) Good call. I'd shut down SSH, entirely, through graceful means,...

Kena@rss.iscabbs.com — Wed, 07 Dec 2011 04:39:00 -0600

Good call.  I'd shut down SSH, entirely, through graceful means, and see if any
ssh processes are still extant.  If so, "kill -9" the mofo's.

(Starples/48313) Boogie With Stu> there are two different pids - 9187 is listenin...

Starples@rss.iscabbs.com — Wed, 07 Dec 2011 02:30:00 -0600

Boogie With Stu> there are two different pids - 9187 is listening on 22 and
64114 and 3248 on 64113. Might be an old process running and taking up that
port, maybe with an old config or is somehow otherwise wonky.

(Boogie With Stu/48312) More SSH-on-non-standard-ports Weirdness!

Boogie With Stu@rss.iscabbs.com — Tue, 06 Dec 2011 20:21:00 -0600

More SSH-on-non-standard-ports Weirdness!

Thanks for the hints so far about checking for the SSH header via telnet on
that port (64113) and checking the logs.  Here's what I've found:

The header *does* appear, and it looks the same as the one I get from the same
connection on port 22:

unclemax:~ cliff$ telnet gretl 64113
Trying 192.168.2.201...
Connected to gretl.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
Connection closed by foreign host.
unclemax:~ cliff$ ssh -p 64113 gretl
Connection closed by 192.168.2.201
unclemax:~ cliff$ telnet gretl 22
Trying 192.168.2.201...
Connected to gretl.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7

So that's a good sign.  But then when I checked the auth.log, I saw that the
server couldn't bind to port 64113 after all:

Dec  7 08:05:36 gretl sudo:  cliff : TTY=pts/0 ; PWD=/var/log ; USER=root ;
COMMAND=/usr/sbin/dpkg-reconfigure openssh-server
Dec  7 08:05:37 gretl sshd[5834]: Received signal 15; terminating.
Dec  7 08:05:38 gretl sshd[9187]: Server listening on 0.0.0.0 port 48221.
Dec  7 08:05:38 gretl sshd[9187]: Server listening on :: port 48221.
Dec  7 08:05:38 gretl sshd[9187]: error: Bind to port 64113 on 0.0.0.0 failed:
Address already in use.
Dec  7 08:05:38 gretl sshd[9187]: error: Bind to port 64113 on :: failed:
Address already in use.
Dec  7 08:05:38 gretl sshd[9187]: Server listening on 0.0.0.0 port 22.
Dec  7 08:05:38 gretl sshd[9187]: Server listening on :: port 22.

"Address already in use?"  How can I find out by what?  sudo netstat -nltp
shows me that 64113 is in use only for sshd...but could there be a conflict
between tcp and tcp6?

cliff@gretl:/var/log$ sudo netstat -nltp
[sudo] password for cliff:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address     Foreign Address   State PID/Program name
tcp    0  0 127.0.0.1:3306    0.0.0.0:*     LISTEN 859/mysqld
tcp    0  0 0.0.0.0:139     0.0.0.0:*     LISTEN 588/smbd
tcp    0  0 0.0.0.0:80      0.0.0.0:*     LISTEN 941/apache2
tcp    0  0 0.0.0.0:64113     0.0.0.0:*     LISTEN 3248/sshd
tcp    0  0 0.0.0.0:64114     0.0.0.0:*     LISTEN 941/apache2
tcp    0  0 0.0.0.0:22      0.0.0.0:*     LISTEN 9187/sshd
tcp    0  0 192.168.2.201:8118  0.0.0.0:*     LISTEN 5442/privoxy
tcp    0  0 127.0.0.1:631     0.0.0.0:*     LISTEN 911/cupsd
tcp    0  0 0.0.0.0:48221     0.0.0.0:*     LISTEN 9187/sshd
tcp    0  0 0.0.0.0:445     0.0.0.0:*     LISTEN 588/smbd
tcp6   0  0 :::64113      :::*        LISTEN 3248/sshd
tcp6   0  0 :::22       :::*        LISTEN 9187/sshd
tcp6   0  0 ::1:631       :::*        LISTEN 911/cupsd
tcp6   0  0 :::48221      :::*        LISTEN 9187/sshd

(The After Party/48311) Odd

The After Party@rss.iscabbs.com — Tue, 06 Dec 2011 09:13:00 -0600

Odd

  Ssh out somewhere, enable keepalive on that, then use a client from there.
  That's what I do..

(Kena/48310) Okay, guys. Here's a freebie for the first two takers. When yo...

Kena@rss.iscabbs.com — Tue, 06 Dec 2011 03:31:00 -0600

Okay, guys.  Here's a freebie for the first two takers.  When you work at
Comcast, you get "Make it right" cards (akin to http://xkcd.com/806/, in my
mind).  They do, however, expire (we get new ones; I guess this is to push us
to use 'em).  I've got two (2) left that expire on the 31st.  If you've got a
Comcast problem, and want someone who's *not* tier 1 support, lemme know, and
I'll shoot you the contact info.

(Odd/48309) The modem is fine, otherwise, I just think it has a triggerhappy...

Odd@rss.iscabbs.com — Tue, 06 Dec 2011 03:25:00 -0600

The modem is fine, otherwise, I just think it has a triggerhappy timeout
setting somewhere in the firewall part.  The previous one didn't do this, as
far as I recall.  I doubt replacing it with a new modem will fix the issues, so
I'll probably just have to deal with it.

(Cyanide/48308) odd> tell the cable company to fix it. :) but i am surprised you...

Cyanide@rss.iscabbs.com — Mon, 05 Dec 2011 15:02:00 -0600

odd> tell the cable company to fix it. :) but i am surprised you are directly
connected to it without a switch in there somewhere.. But I think i got a
new modem when I complained.

(Odd/48307) this is the bbs client from IO ERROR. No problem with other pro...

Odd@rss.iscabbs.com — Mon, 05 Dec 2011 12:35:00 -0600

this is the bbs client from IO ERROR.  No problem with other protocols (so far)
, but if the client is running within my home network it times out after about
a minute and locks up.

Kena>  I considered that, but this is a cable modem specific for my provider.
Not sure it's worth messing with a firmware upgrade, not knowing if it will
ever work again.  Thanks for the tip, though.

(Egregious/48306) If you are conneting to a Linux server, you can also have it sen...

Egregious@rss.iscabbs.com — Mon, 05 Dec 2011 12:04:00 -0600

If you are conneting to a Linux server, you can also have it send keepalives.
Something like /proc/net/tcp/tcp_keepalive, or around there.

(The After Party/48305) Odd

The After Party@rss.iscabbs.com — Mon, 05 Dec 2011 11:47:00 -0600

Odd

  What client?
  In PuTTY, there is a setting to enable 'keep alive' so the router doesn't
  see the connection as idle and doesn't close it...

(Kena/48303) Odd: one "trick" that I've done that "fixed" that particular iss...

Kena@rss.iscabbs.com — Mon, 05 Dec 2011 10:59:00 -0600

Odd: one "trick" that I've done that "fixed" that particular issue with my
Linksys was installing one of the third-party firmwares.  Seems a bit like
doing the ol' kill-a-fly-with-a-sledgehammer thing, but hey: it worked for me.
;-)

(Odd/48302) TAP> Yeah, I'm thinking idle timeout. Annoying - happens reall...

Odd@rss.iscabbs.com — Mon, 05 Dec 2011 10:48:00 -0600

TAP>  Yeah, I'm thinking idle timeout.  Annoying - happens really quickly (like
1 minute).  Browse a web page, back to client - bam, hangs.  No way to kill the
bbs client either.

I just checked all my modem settings, no luck.  SSH connections seem fine, so
it's something with the BBS or telnet protocol it seems.

(The After Party/48301) River Rat

The After Party@rss.iscabbs.com — Mon, 05 Dec 2011 10:12:00 -0600

River Rat

  Was not talking to Odd. He was talking to Boogie With Stu.

(River Rat/48300) Kena, did you not read the question?

River Rat@rss.iscabbs.com — Mon, 05 Dec 2011 09:36:00 -0600

Kena, did you not read the question?
I think he was saying he connects, but it times out/locks up after a while.
You are trying to imply that he can't connect.

(Kena/48299) Well, before looking at logs (because you might be looking for s...

Kena@rss.iscabbs.com — Mon, 05 Dec 2011 07:11:00 -0600

Well, before looking at logs (because you might be looking for something that's
not there, which is a PITA), I'd try telnetting to the port.  Sure, sure,
telnet won't log you into SSH -- but it *will* verify that you're talking to
SSH:
ken@mirrormere:~$ telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7

So, give that a go.  If you're not getting an SSH banner, it's either a
firewall, or something competing for the port.  If you *are* getting an SSH
banner, check yer logs.  (And for the sheer Hell of it, if you don't get a
banner, you might check and/or disable your (x)inetd until you're done
debugging, assuming you even have one running.)

(The After Party/48298) Odd

The After Party@rss.iscabbs.com — Mon, 05 Dec 2011 06:46:00 -0600

Odd

  connection timeout
  idle timeout
  probably the latter.

(Kael/48297) ssh: WDLS (What Do the Logs Say)?

Kael@rss.iscabbs.com — Mon, 05 Dec 2011 05:30:00 -0600

ssh: WDLS (What Do the Logs Say)?

(Odd/48296) Since I've switched to a new router (ziggo wireless, no idea wha...

Odd@rss.iscabbs.com — Mon, 05 Dec 2011 03:13:00 -0600

Since I've switched to a new router (ziggo wireless, no idea what brand that
really is), I find that my bbs client "locks up" after a few minutes of
inactivity.  I've had that before, but it hadn't occured for a couple of years.

Any ideas what kind of network/firewall settings to look for?  As far as I know
it's the fault of the new gateway/firewall/router device.  I used to have a
linux server as router with a different cable modem, I beleive it did not occur
then.

It doesn't matter which computer on the local network runs the bbs client, they
all seem to suffer from it.  Both isca and inara.  IO ERROR's client, latest
version.

(Danix/48295) iptables blocking those ports?

Danix@rss.iscabbs.com — Sun, 04 Dec 2011 22:29:00 -0600

iptables blocking those ports?

(Boogie With Stu/48294) Yep, reloaded/restart and netstat -nltp shows me it's listening ...

Boogie With Stu@rss.iscabbs.com — Sun, 04 Dec 2011 11:59:00 -0600

Yep, reloaded/restart and netstat -nltp shows me it's listening on that port:

cliff@gretl:~$ sudo netstat -nltp
[sudo] password for cliff:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address  Foreign Address   State     PID/Program name
tcp      0    0 127.0.0.1:3306       0.0.0.0:*          LISTEN    859/mysqld
tcp      0    0 0.0.0.0:139         0.0.0.0:*          LISTEN    588/smbd
tcp      0    0 0.0.0.0:80          0.0.0.0:*          LISTEN    941/apache2
tcp      0    0 0.0.0.0:64113        0.0.0.0:*          LISTEN    3248/sshd
tcp      0    0 0.0.0.0:64114        0.0.0.0:*          LISTEN    941/apache2
tcp      0    0 0.0.0.0:22          0.0.0.0:*          LISTEN    5834/sshd
tcp      0    0 192.168.2.201:8118    0.0.0.0:*          LISTEN    5442/privoxy
tcp      0    0 127.0.0.1:631        0.0.0.0:*          LISTEN    911/cupsd
tcp      0    0 0.0.0.0:48221        0.0.0.0:*          LISTEN    5834/sshd
tcp      0    0 0.0.0.0:445         0.0.0.0:*          LISTEN    588/smbd
tcp6     0    0 :::64113           :::*              LISTEN    3248/sshd
tcp6     0    0 :::22             :::*              LISTEN    5834/sshd
tcp6     0    0 ::1:631            :::*              LISTEN    911/cupsd
tcp6     0    0 :::48221           :::*              LISTEN    5834/sshd

(I just removed some of the superfluous spaces so it wouldn't wrap here on
ISCABBS.  Still can't get in on 64113.  64114 for apache seems to work
just fine.
)

(John Public/48293) Did you reload/restart sshd and verify that sshd is listening on...

John Public@rss.iscabbs.com — Sun, 04 Dec 2011 06:33:00 -0600

Did you reload/restart sshd and verify that sshd is listening on that port?
`netstat -nltp`

(Boogie With Stu/48292) Is there something special about port 64113? I can't seem to ss...

Boogie With Stu@rss.iscabbs.com — Sat, 03 Dec 2011 18:01:00 -0600

Is there something special about port 64113?  I can't seem to ssh into my Linux
box on that port (even though I ought to be able to according to my sshd_config
file); I always get an error, like this:

        brigitta:~ cliff$ ssh -p 64113 gretl
        Connection closed by 192.168.2.201
        brigitta:~ cliff

Using 48221 works just fine, however:

        brigitta:~ cliff$ ssh -p 48221 gretl
        Linux gretl 2.6.32-36-generic-pae #79-Ubuntu SMP Tue Nov 8 23:25:26 UTC
         2011 i686 GNU/Linux Ubuntu 10.04.3 LTS

        Welcome to Ubuntu!

Here are the first few lines from my sshd_config on the machine named gretl:

        # Package generated configuration file
        # See the sshd_config(5) manpage for details

        # What ports, IPs and protocols we listen for
        Port 22
        Port 64113      # I put this port in here
        Port 48221      # I put this port in here
        # Use these options to restrict which interfaces/protocols sshd will
        # bind to
        #ListenAddress ::
        #ListenAddress 0.0.0.0
        Protocol 2
        # HostKeys for protocol version 2
        ...

Am I missing something obvious that would preclude port 64113?

(Kena/48291) (Hmmm. Upon second thought, it would be trivial to use CID spoo...

Kena@rss.iscabbs.com — Sat, 26 Nov 2011 11:20:00 -0600

(Hmmm.  Upon second thought, it would be trivial to use CID spoofing to leave
VMs of numbers I wanted to call.  Okay, maybe it *is* exploitable...  NOTE: I
am not recommending this as a course of action, nor is it one I will pursue. 
Just puttin' that out there. ;-)

(Kena/48290) Fongaboo: yes. Well, so long as a voicemail has a phone number ...

Kena@rss.iscabbs.com — Sat, 26 Nov 2011 11:20:00 -0600

Fongaboo: yes.  Well, so long as a voicemail has a phone number I want to call
associated with it.

(Fongaboo/48289) I have two of these units:

Fongaboo@rss.iscabbs.com — Fri, 25 Nov 2011 14:39:00 -0600

I have two of these units:

http://www.tp-link.com/us/products/details/?categoryid=216&model=TL-WA5210G

I initially experimented with them, setting up a point-to-point link. According
to the instructions, this required setting one up as a Wifi Access Point (which
I'll call the 'Pitcher') and the other as a Client (which I'll call the
'Catcher').

The units come factory preset with an IP of 192.168.1.254. I used Ethernet to
connect my netbook directly to each one and configure them through its web
interface.

I left the 'Pitcher' unit as 1.254. And set it as a WiFi AP with SSID
'Pitcher'. But I changed the 'Catcher' to 1.253 and I set it to operate as a
'client' connecting to the other one's SSID.

The 'Catcher' does connect to the 'Pitcher' AP in terms of 802.11, based on the
lights on the unit and the Status page on the web interface.

The first time I did this, everything worked as expected. I could connect my
netbook to the ethernet of either one (setting my netbook ethernet to a
192.168.1.x static IP) and ping either 1.253 or 1.254 in either case.

Still going with the first time I tried this, I added an Internet router
upstream on 1.1 and was able to browse the Internet when connected to the
'Catcher'.

I since messed around with the units in other modes... But now tried to
reconfigure it in this Point-to-Point fashion again. The strange thing is this
time around... I can connect my netbook to the 'Pitcher' via Ethernet and ping
..254 ('Pitcher') or .253 ('Catcher'). But if I connect my netbook to the
'Catcher' via Ethernet, I can ping only .253 ('Catcher') but not .254
('Pitcher'). It's like the wireless link between the two is connected and
working, but I can only ping in one direction.

I've tried redoing this 4 times with the same result, restoring to factory
defaults each time. Even tried another laptop and no dice. What the heck
could cause one-way pinging? Is one of the units seemingly defective?
If so, is it fair to say the 'Catcher' is the culprit?

(Fongaboo/48288) Wait so your old phone is making calls willy-nilly even though i...

Fongaboo@rss.iscabbs.com — Fri, 25 Nov 2011 12:00:00 -0600

Wait so your old phone is making calls willy-nilly even though it's technically
not activated?

(Kena/48287) Found an interesting exploit today. I left my cell at a fair-li...

Kena@rss.iscabbs.com — Tue, 22 Nov 2011 12:05:00 -0600

Found an interesting exploit today.  I left my cell at a fair-like thing, and
my wife, ever the itchy trigger finger, called up the folks it was insured
under, Insurion (?), and reported it as lost, so they'd send me a replacement.
I got the replacement -- and someone turned in the lost cell.  The replacement
was a refurb, and was flaky, so I called up and tried to get my original cell
re-enabled.  No dice: once it's on the "lost or stolen" list, that's it.  So,
whammo, my five-year-old now has a Droid-X-shaped Android tablet.  But today, I
noticed that it knew I had new voicemail.  So I called the VM, and lo!  I could
talk to it.  Then I got a sneaky suspicion: Verizon voicemail lets you call the
person who left you a message.  So I left myself a message from my home number,
and then called back.  And, sure 'nuff, even though I can't make any direct
calls, that went right through -- as "private caller."

Pretty hard to exploit that in a truly nefarious manner -- after all, it needs
the VM password, and, presumably, compliance of the actual phone owner -- but I
bet it's something that's under their radar, nonetheless.

(Danix/48286) Justin, you should xpost to Tech Po> as well. It's in fact somet...

Danix@rss.iscabbs.com — Fri, 18 Nov 2011 05:27:00 -0600

Justin, you should xpost to Tech Po> as well. It's in fact something I've
raised there

(Justin Case/48285) Gang, if you're not aware of the SOPA act winding its way throug...

Justin Case@rss.iscabbs.com — Fri, 18 Nov 2011 03:24:00 -0600

Gang, if you're not aware of the SOPA act winding its way through committe
right now, you should educate yourself.  It is a very serious threat to the
net.

http://thenextweb.com/insider/2011/11/16/sopa-is-an-easy-no-these-idiots-are-co
ming-for-your-internet/

(BDavis/48284) Assuming you are accessing a Windows desktop with RDP, and your ...

BDavis@rss.iscabbs.com — Mon, 14 Nov 2011 08:37:00 -0600

Assuming you are accessing a Windows desktop with RDP, and your work group
policy allows it, it is a checkbox in your home RDP (Remote Desktop) client.
Before you connect, hit the down arrow for "Options" near the bottom of the
window, choose "Local Resources" tab, and check "Printers". Now connect. Note
that you may have issues with printer drivers; check the event logs.

(Justin Case/48283) That's built in. But your workstation at the office has to have...

Justin Case@rss.iscabbs.com — Mon, 14 Nov 2011 07:15:00 -0600

That's built in.  But your workstation at the office has to have that feature
turned on.  To do so, you need to go into the Terminal Service manager and
configure it.

Then, it'll pipe your printer to your remote RDP session.

(Lochner/48282) I'm running Windows 7 at home here, and I VPN in to my office ne...

Lochner@rss.iscabbs.com — Mon, 14 Nov 2011 04:44:00 -0600


I'm running Windows 7 at home here, and I VPN in to my office network.  I'd
like to be able to print documents I've got open at work locally, is there any
software package that can do this?  If not, what's the easiest way to do this?
Right now I'm e-mailing documents back and forth to myself and that smokes a
serious chaod.

(SilverEdge/48281) Thanks for the info. I'll read the wiki and come back with ques...

SilverEdge@rss.iscabbs.com — Fri, 11 Nov 2011 07:16:00 -0600

Thanks for the info.  I'll read the wiki and come back with questions if I have
them.  :)

On an unrelated note, I need some help with enabling/disabling the wireless
adapter on specific WSs on a network I maintain.

Background> We have two remote sites using MetroEthernet.  Unfortunately, we
have had a rash of outtages lately due to fiber cuts.  This generally results
in downtime of 4-10 hours as they track it down and repair it.  Unfortunately,
the remote sites require information located on servers in the main office to
conduct business with reliability.  Their current workaround is to print off
everything at the main office and courier it down there.  Given it's a fiber
cut, they also have usually lost their fax lines.  This is obviously time
consuming and leaves them struggling for an hour or more till the courier can
get to them.

My current hopeful workaround is to have AT&T mobile hotspots setup since the
WSs there have WiFi adapters built-in, though currently disabled.  Given that
adapters have to be enabled as an administrator (or with an admin password),
this is a pain to get them enabled.  I am not willing to give them the admin
password as some of the users are likely to use it when they shouldn't and
install "Bad Things" (tm).

Accordingly, I want to write a script they can run when needed to enable the
WiFi adapter.  I will ahead of time setup the connection in the adapter's
configuration to connect to the hotspot, set the metric as needed, etc.  Thus,
when it is enabled, it just kicks in and they start hitting the net using it.

I figure I would write the script to detect the WiFi adapters current state and
if enabled, disable it, and if it is disabled, enable it.

I generally write scripts in AutoHotkey, but I could use a batch file, etc.
Any ideas, or pointers to something I could look into would be appreciated.

(Cyanide/48280) www.openplug.org is "technically" the plug computer site.

Cyanide@rss.iscabbs.com — Fri, 11 Nov 2011 04:08:00 -0600

www.openplug.org is "technically" the plug computer site.
The computer is the size of a wall wart literally.
They are System on Chip or Single Board computers.

Generically, I use it to describe, small computer using an ARM chip
or I call them cell phone computers since ARM chips are in 90% of
cell phones, and projects like the pandaboard and beagleboard
are literally cell phone prototype boards.

I just posted a list of various "projects" in the unix> forum.
not that long ago.

(Kena/48279) A computer that looks an awful lot like a plug. The "SheevaPlug...

Kena@rss.iscabbs.com — Fri, 11 Nov 2011 04:12:00 -0600

A computer that looks an awful lot like a plug.  The "SheevaPlug" is the one
that started it all (at least, insofar as I'm aware):
http://en.wikipedia.org/wiki/SheevaPlug .  Huh!  There's an actual Wikipedia
page just for the entry "Plug computer":
http://en.wikipedia.org/wiki/Plug_computer

(BDavis/48278) It's a very small computer with the bare essentials for internal...

BDavis@rss.iscabbs.com — Fri, 11 Nov 2011 04:10:00 -0600

It's a very small computer with the bare essentials for internals and a few
ports for at least ethernet and power, any maybe USB for storage. There are a
number of vendors that sell these things, which a search on "plug computer"
will turn up for you along with this wikipedia article.
  http://en.wikipedia.org/wiki/Plug_computer

(SilverEdge/48277) Not to sound dumb, but what is a plug computer?

SilverEdge@rss.iscabbs.com — Fri, 11 Nov 2011 04:06:00 -0600

Not to sound dumb, but what is a plug computer?

(Cyanide/48276) It is about 2 but yeah very few watts.

Cyanide@rss.iscabbs.com — Thu, 10 Nov 2011 16:10:00 -0600

It is about 2 but yeah very few watts.

(Kena/48275) Hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm...

Kena@rss.iscabbs.com — Thu, 10 Nov 2011 12:54:00 -0600

Hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm... I suddenly
like the idea of possibly making my in-house fileserver one of those.  I bet
I'd save its purchase price in electricity after the first year.

(Danix/48274) I'd also go for a plug computer; I had an NSLU2 at home doing IP...

Danix@rss.iscabbs.com — Thu, 10 Nov 2011 12:04:00 -0600

I'd also go for a plug computer; I had an NSLU2 at home doing IPv6 tunnelbroker
routing and a couple of good stuff. It worked pretty well, at least until it
died but it seems that it died because of my overclocking the slug. :(

(Cyanide/48273) My answer is try a plug computer. :) but im a little bias and ch...

Cyanide@rss.iscabbs.com — Thu, 10 Nov 2011 08:45:00 -0600

My answer is try a plug computer. :) but im a little bias and cheap. :)

(Fongaboo/48272) I want to dedicate a computer that I will place between a modem ...

Fongaboo@rss.iscabbs.com — Thu, 10 Nov 2011 08:23:00 -0600

I want to dedicate a computer that I will place between a modem and
a router whose whole job would be to proxy all traffic through the
Tor network. What OS and software should I use?

I am most familiar with Windows, OSX and FreeBSD. I
know nothing about Linux so that would add a
learning curve and time to impliment. .

(Zipo/48271) or a nettop I'm thinking ogetting one and just slapping spare me...

Zipo@rss.iscabbs.com — Thu, 10 Nov 2011 02:52:00 -0600

or a nettop I'm thinking ogetting one and just slapping spare memory and hd in
it.. I just don't know how it wil run 2008R2

(Cyanide/48270) You could get a plug computer for 100-150 bucks with those featu...

Cyanide@rss.iscabbs.com — Wed, 09 Nov 2011 14:23:00 -0600

You could get a plug computer for 100-150 bucks with those features, and it is
-small- and low power.

(Justin Case/48269) So use some old crap hardware laying around the house...

Justin Case@rss.iscabbs.com — Wed, 09 Nov 2011 13:04:00 -0600

So use some old crap hardware laying around the house...

(LOGAN/48268) Anything that runs DD-WRT or OpenWrt should fit the bill. The S...

LOGAN@rss.iscabbs.com — Wed, 09 Nov 2011 09:14:00 -0600

Anything that runs DD-WRT or OpenWrt should fit the bill.  The Soekris is nice,
but by the time you have a board and case, the cost is much higher than an off
the shelf home broadband gateway.  To each their own, of course.

(Justin Case/48267) Soekris + m0n0wall = bees knees.

Justin Case@rss.iscabbs.com — Wed, 09 Nov 2011 08:57:00 -0600

Soekris + m0n0wall = bees knees.

m0n0 also does Mobile IPSEC connections too.

(Grayson/48266) So, lookign for hardware suggestions. I have a need for a small...

Grayson@rss.iscabbs.com — Wed, 09 Nov 2011 04:16:00 -0600

So, lookign for hardware suggestions.  I have a need for a small router for a
home office that will allow me to setup an site-to-site VPN connection with my
Cisco ASA at my office.  Preferably a router that also has wireless (as it's
for a remote user).  I have a small Cisco security appliance for my house to do
the same thing... but would prefer a smaller all-in-one device.

(Kena/48265) Huh. I guess I just never tried it before. Well, first time fo...

Kena@rss.iscabbs.com — Tue, 08 Nov 2011 10:39:00 -0600

Huh.  I guess I just never tried it before.  Well, first time for everything.
(Though I'm now in the position of not being the one to do these things, but,
rather, helping critique what's going on.  Might be time for me to dig up some
old switches and play with 'em at home...)

(Grayson/48264) NIC teaming can be on different switches but they still have to ...

Grayson@rss.iscabbs.com — Tue, 08 Nov 2011 10:31:00 -0600

NIC teaming can be on different switches but they still have to be on the same
subnet generally (same gateway).  We have pretty much all of our teaming setup
to go to separate switches... the reason being: the switches have failed more
often than the NICs.

(Kael/48263) For strictly a backup nic, no switch support is generally need (...

Kael@rss.iscabbs.com — Mon, 07 Nov 2011 08:17:00 -0600

For strictly a backup nic, no switch support is generally need (meaning NICs on
different switches is fine). They need to be in the same VLAN however.
Doing active-active or load balancing requires switch support in general.

(Justin Case/48262) Generally one NIC per switch. That's how we roll (and have for ...

Justin Case@rss.iscabbs.com — Mon, 07 Nov 2011 07:52:00 -0600

Generally one NIC per switch.  That's how we roll (and have for over a decade).

(Danix/48261) NIC teaming can be done with different switches these days. At l...

Danix@rss.iscabbs.com — Mon, 07 Nov 2011 07:15:00 -0600

NIC teaming can be done with different switches these days. At least, they are
doing that at my former workplace...

(Kena/48260) Yeah... but with NIC teaming, they're both going to the same swi...

Kena@rss.iscabbs.com — Mon, 07 Nov 2011 07:09:00 -0600

Yeah... but with NIC teaming, they're both going to the same switch, no?  Or
has stuff gotten "cooler" since I did NIC bonding back with Cat 4K's?

(Justin Case/48259) The switches won't care. It is up to your dual homed server/dev...

Justin Case@rss.iscabbs.com — Mon, 07 Nov 2011 07:05:00 -0600

The switches won't care.  It is up to your dual homed server/device to
make a determination on which switch is still alive.

For example, if you've got an HP server with NIC teaming setup, you can
set it up so that one or both NICs are hot.  Generally, I configure mine
with prefered order.

(Kena/48258) Anyone wanna explain how (or if -- but I assume it exists) Ether...

Kena@rss.iscabbs.com — Mon, 07 Nov 2011 05:25:00 -0600

Anyone wanna explain how (or if -- but I assume it exists) Ethernet switch
failover works from the client's perspective?  I mean, if I've got a server
with two NICs plugged into two different switches, with, presumably, NIC1 being
"live," if that NIC/cable/switch somehow has issues, what happens?  I know
there's a routing failover protocol (HSRP), but does such a thing exist for
switches?

(Cyanide/48257) the srcnat parameter in the ipsec.conf file?

Cyanide@rss.iscabbs.com — Fri, 04 Nov 2011 17:16:00 -0500

the srcnat parameter in the ipsec.conf file?

(Egregious/48256) Maybe I should ask in Unix>, but is there a way to tell isakmpd ...

Egregious@rss.iscabbs.com — Fri, 04 Nov 2011 11:34:00 -0500


Maybe I should ask in Unix>, but is there a way to tell isakmpd which
source address to use?

(Justin Case/48255) Ralph-->I've got lots of friends in the industry. Some who have...

Justin Case@rss.iscabbs.com — Fri, 04 Nov 2011 02:00:00 -0500

Ralph-->I've got lots of friends in the industry.  Some who have worked for F5
and moved on to other loadbalancer/security companies.  A couple have gone
back to F5 over the years.

Their big claim to fame was extensibility.  For example, a web site, say,
Facebook could send a nifty XML based command to the load balancer farm and
reprogram them on the fly.  But other companies have added that feature.

FWIW, I'm a Radware fanboy.  I've used Cisco and Citrix (Netscaler) products in
my past lives and Radware just smokes them both.

(Cyanide/48254) I heard they were really hard, but probably relative to other sy...

Cyanide@rss.iscabbs.com — Thu, 03 Nov 2011 16:33:00 -0500

I heard they were really hard, but probably relative to other systems..