> Subject:
> [44net] PTD
> From:
> Brian <n1uro(a)n1uro.ampr.org>
> Date:
> 10/10/2015 04:13 AM
>
> To:
> 44net(a)hamradio.ucsd.edu
>
>
> Is anyone on PTD.net that's running SNMP?
Please MAKE SURE that you block all incoming SNMP traffic from internet to amprnet!
(especially when you are using community names like "public")
The bad guys use SNMP as an attack amplifier.
One time I moved a switch to another address and it became exposed, and within 3 days I had an abuse report.
Now I have a general rule that drops all SNMP at our gateway.
(of course the real problem is the ISPs that refuse to implement BCP38, source address filtering)
Rob
Is anyone on PTD.net that's running SNMP?
24.115.114.195.res-cmts.flt.ptd.net.54321 > gw.ct.ampr.org.snmp: [udp
sum ok] { SNMPv2c C=AMPRNet_RO { GetRequest(34) R=198102558
E:14988.1.1.1.1.1.7.0 } }
22:08:32.571779 IP (tos 0x0, ttl 114, id 15043, offset 0, flags [none],
proto UDP (17), length 81)
24.115.114.195.res-cmts.flt.ptd.net.54321 > gw.ct.ampr.org.snmp:
[udp sum ok] { SNMPv2c C=AMPRNet_RO { GetRequest(34) R=198102560
E:14988.1.1.1.1.1.4.0 } }
22:08:32.571848 IP (tos 0x0, ttl 114, id 15044, offset 0, flags [none],
proto UDP (17), length 81)
24.115.114.195.res-cmts.flt.ptd.net.54321 > gw.ct.ampr.org.snmp:
[udp sum ok] { SNMPv2c C=AMPRNet_RO { GetRequest(34) R=198102562
E:14988.1.1.1.1.1.3.0 } }
22:08:32.571914 IP (tos 0x0, ttl 114, id 15045, offset 0, flags [none],
proto UDP (17), length 81)
24.115.114.195.res-cmts.flt.ptd.net.54321 > gw.ct.ampr.org.snmp:
[udp sum ok] { SNMPv2c C=AMPRNet_RO { GetRequest(34) R=198102564
E:14988.1.1.1.1.1.2.0 } }
--
Dolphins are so smart that within a few weeks of captivity, they
can train people to stand on the very edge of the pool and throw them
fish.
73 de Brian - N1URO
email: (see above)
Web: http://www.n1uro.net/
Ampr1: http://n1uro.ampr.org/
Ampr2: http://nos.n1uro.ampr.org
Linux Amateur Radio Services
axMail-Fax & URONode
http://uronode.sourceforge.nethttp://axmail.sourceforge.net
AmprNet coordinator for:
Connecticut, Delaware, Maine,
Maryland, Massachusetts,
New Hampshire, Pennsylvania,
Rhode Island, and Vermont.
For those of you using the Portal’s API, this is a “heads up” to check your client code…
It was pointed out to me that the JSON encoding the API returns was slightly non-standard. Having looked into the issue this seems to be the case, so I have today corrected the error and bumped the version.
Just check your client is still decoding the output correctly - most libraries would have happily accepted the JSON variant I was using, so chances are you won’t need to change anything, but if you coded your own JSON decode routine…
Regards,
Chris
You may want to fix this...
ax0: fm PY2ZEN-15 to QST ctl UI pid=CC(IP) len 161
IP: len 161 10.1.1.5->239.255.255.250 ihl 20 ttl 1 DF prot UDP
UDP: len 141 52618->1900 Data 133
0000 M-SEARCH * HTTP/1.1..MX: 2..HOST: 239.255.255.250:1900..MAN: "ss
0040 dp:discover"..ST: urn:schemas-upnp-org:service:WANPPPConnection:
0080 1....
ax0: fm PY2ZEN-15 to QST ctl UI pid=CC(IP) len 161
IP: len 161 10.1.1.5->239.255.255.250 ihl 20 ttl 1 DF prot UDP
UDP: len 141 52618->1900 Data 133
0000 M-SEARCH * HTTP/1.1..MX: 2..HOST: 239.255.255.250:1900..MAN: "ss
0040 dp:discover"..ST: urn:schemas-upnp-org:service:WANPPPConnection:
0080 1....
ax0: fm PY2ZEN-15 to QST ctl UI pid=CC(IP) len 160
IP: len 160 10.1.1.5->239.255.255.250 ihl 20 ttl 1 DF prot UDP
UDP: len 140 52618->1900 Data 132
0000 M-SEARCH * HTTP/1.1..MX: 2..HOST: 239.255.255.250:1900..MAN: "ss
0040 dp:discover"..ST: urn:schemas-upnp-org:service:WANIPConnection:1
0080 ....
--
Dolphins are so smart that within a few weeks of captivity, they
can train people to stand on the very edge of the pool and throw them
fish.
73 de Brian - N1URO
email: (see above)
Web: http://www.n1uro.net/
Ampr1: http://n1uro.ampr.org/
Ampr2: http://nos.n1uro.ampr.org
Linux Amateur Radio Services
axMail-Fax & URONode
http://uronode.sourceforge.nethttp://axmail.sourceforge.net
AmprNet coordinator for:
Connecticut, Delaware, Maine,
Maryland, Massachusetts,
New Hampshire, Pennsylvania,
Rhode Island, and Vermont.
I know a couple of groups now have proper reverse delegation of DNS for their subnets… Wondering who to drop a line to so I can get 44.103.0.0/19 delegated to a.ns.mi6wan.net and b.ns.mi6wan.net ?
Didn’t see it in the portal or wiki and my notes from a few months ago are foggy...
--
Fredric Moses - W8FSM - WQOG498
fred(a)moses.bz
By request a new endpoint has been added to the API:
GET encapSerial
This returns the current serial number for the encap file, so you can poll this and decide whether you need to download the encap data.
Regards,
Chris
Hi,
I've gotten my ISP to provide me a letter to authorize advertising of my
44net subnet. Nowhere on the Wiki can I find where to send this document.
Where do I send it? I glean that I need to mail it (do I need an original
document from my ISP? They have given me a signed but scanned document for
now).
Thanks!
Jim VE5EIS
On Wed, Sep 16, 2015 at 1:44 PM, K7VE - John <k7ve(a)k7ve.org> wrote:
> And don't forget to donate http://www.ampr.org/donate.html
What exactly do donations fund? I'm pretty critical of the non-profits
I donate to. I like to see that a minimal percentage is used for
administration and that board members are elected in a democratic
manner.
Tom KD7LXL
I've been looking at ways to get the W4AQL shack and repeater building
fully internet connected and online. The current systems sit behind a
departmentally managed firewall and associated network stack.
Recently discovered AMPRNet...
How would we go about requesting an SWIP allocation? I had an informal
discussion with a senior member of the campus network team, and they do
have the capability to announce using BGP to our interconnection peers on
our current ASN.
Respectfully,
Sam Kuonen, KK4UVL
Hello 44 net list,
I hope there are some people still here.
I am again trying to set up my gateway and route mine and a few others blocks of 44.x addresses.
I have a static IP address at home and have set this up in the portal, however I am monitoring the linux pc by tcpdump and I am not seeing any RIP2 broadcast being sent to me.
>From my previous testing I can confirm the Linux PC is in the DMZ and no firewall, it responds to ICMP ping packets too.
My public IP is 92.234.91.114
Is anyone able to help me out here or is there a way to force a rip2 broadcast (how often are these sent?)
Looking forward to catching up with you all soon
Best regards
James Preece M0JFP / 2e1avx
James Preece | Global Services
D 01932 582 063 M 07584 480 694
f5.com<https://www.f5.com> | synthesis.f5.com<https://synthesis.f5.com>
[Twitter]<https://twitter.com/f5networks>[LinkedIn]<http://www.linkedin.com/company/f5-networks>[Facebook]<https://www.facebook.com/f5networksinc>[YouTube]<http://www.youtube.com/f5networksinc>[DevCentral]<https://devcentral.f5.com/>
[F5 Logo and Tagline]
