swinog

swinog@lists.swinog.ch

2933 discussions

Is hinting the authorities or CERT team about a customer willingly distributing malware legal?
by Benoit Panizzon 16 Dec '16

16 Dec '16

Hi Swinogers It's not an actual case where we are involved in, nor did it happen in switzerland, but I'm in contact with a registrar and hoster that probably is in this situation. A customer registered a domain and booked a web and email service. The booking were made in the name of an apparently newly created company. Everything looked legit, the domain owner wanted his privacy protected by a whois proxy provider. That company sent emails to various recipients, that led those recipients to their website to download some documents. Those documents were infected with the locky ransomware. It's clear that this is not a hacked site, but a site built purposefully to distribute that malware and make it look legitimate. The hoster reacted quicky to complaints, took the site offline and removed the DNS entries to prevent further damage. But what can the hoster/registrar do next? Can he contact his government's CERT team or the authorities and hand them over the customer data, ip addresses used to upload the site etc. to try to get hold of the gang behind that fraud as quickly as possible? Or would that break the privacy laws and they have to wait to get a subpoena, which could take several weeks and give the gang enough time to clear all traces? -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

3 2

More MUD fun
by Eliot Lear 15 Dec '16

15 Dec '16

Hallo 'zammen, This is a bit belated. Thanks everyone for the opportunity to present at the last SwiNOG meeting about Manufacturer Usage Descriptions. As a status, I've landed code for dhcpcd so that if you happen to be building a small Raspberry Pi-like device it's a simple tweak to add a MUD URL. In addition, if you would like to build a MUD file description, you can go to https://www.ofcourseimright.com/mudmaker and create the appropriate file to point to. In addition, if you want to debug, I've a pull request now pending for tcpdump. The same is more or less case for the PKIX / 802.1ar option. We have an assignment now from IANA and it is possible to add the appropriate extension using Openssl. I'm working on dropping some code into wireshark for debugging, but that is taking just a bit longer. Questions? Feel free to drop me a line. Eliot

1 0

SwiNOG-BE162 - Beer Event 162 - Christmas Dinner @ Chässtube Rehalp / ZH, Monday, 2016-12-12
by Emanuel Kleindienst 09 Dec '16

09 Dec '16

****Christmas Dinner**** Dear SwiNOGers, Let's have our Christmas Dinner with Cheese fondue, Kirsch and beer (if you like) at Rehalp!!! Place limit 12 for now, may be extended to 15 max. Upcoming events for 2017 will be announced shortly. Looking forward seeing you! Emanuel, Mobile +41 79 382 73 77, Email emanuel(a)vshn.ch Details for the next event: ----------------------------------------------- Event: SwiNOG-BE162 - Beer Event 162 - Christmas Dinner When? Monday, 12th December 2016 18:30 Where? Chässtube Rehalp Forchstrasse 359, 8008 Zürich, Tel. +41 44 381 01 80 http://www.chaesstube-rehalp.ch (GoogleMaps Link: http://goo.gl/maps/ur3Lq) Places avaiable? 12 !! Please sign up if you're really coming - because the seats are limited! !! ----------------------------------------------- Registration: Start: Wednesday, 26th October 2016 - 10:00 Stop: Friday, 9th December 2016 - 18:00 Reg-URL: http://swinog.be/ ----------------------------------------------- Since we have to make reservations, I need to know who's coming and who not. If you can't attend and you're registered please inform me ASAP (+41 79 382 73 77). greetings Emanuel Kleindienst

1 1

SwiNOG-BE161 - Beer Event 161 @ Restaurant St. Gallerhof, Zurich central station, Monday, 2016-11-28
by Emanuel Kleindienst 25 Nov '16

25 Nov '16

Dear SwiNOGers, Late invitation, I'm sorry... Busy times... Let's have some Beer & Food at Restaurant St. Gallerhof! Upcoming events for rest of 2016: > SwiNOG-BE162: Mo, 12.12.16 (Christmas dinner) Looking forward seeing you! Emanuel, Mobile +41 79 382 73 77, Email emanuel(a)vshn.ch Details for the next event: ----------------------------------------------- Event: SwiNOG-BE161 - Beer Event 161 When? Monday, 28th November 2016 18:30 Where? Restaurant St. Gallerhof Konradstrasse 2, 8005 Zürich, Tel. +41 44 271 52 60 http://www.st-gallerhof.ch/gallerhof-menu#opentab (GoogleMaps Link: http://https://goo.gl/maps/woZhreAFm5x) Places available? 8 !! Please sign up if you're really coming - because the seats are limited! !! ----------------------------------------------- Registration: Start: Friday, 25th November 2016 - 15:00 Stop: Monday, 28th November 2016 - 17:00 Reg-URL: http://swinog.be/ ----------------------------------------------- Since we have to make reservations, I need to know who's coming and who's not. If you can't attend and you're registered please inform me ASAP (+41 79 382 73 77). Cheers, Emanuel Kleindienst

3 3

SmokePing 3.0 Project
by Tobias Oetiker 21 Nov '16

21 Nov '16

Good Morning At SwiNOG-30, I was approached by several people, praising the merits of SmokePing and also wondering when version 3 will come out. I was happy for the praise, but did not have any concrete announcements for a new version, beyond bugfixes. So that got me thinking ... would there be sufficient support among SwiNOG members to raise the money for writing Smokeping version 3? Here is my feature shortlist: * non-blocking polling engine - by using an event loop at the heart of the polling engine, smokeping becomes much more scaleable, as it can wait for many probes to return information in parallel without forking, thus reducing the memory impact. * interactive charts as shown in the demo at SwiNOG without * a responsive UI working with mobile devices * the ability to pull in target information from a database My current estimate creating this rewrite of is around 50k CHF. If you are willing to chip in, and if you have requirements of your own, please be in touch. cheers tobi -- Tobi Oetiker, OETIKER+PARTNER AG, Aarweg 15 CH-4600 Olten, Switzerland www.oetiker.ch tobi(a)oetiker.ch +41 62 775 9902

4 4

Virtueller Server mit IPv6 Blocks von schweizer Internet Telcos
by LinuXperia 17 Nov '16

17 Nov '16

Hallo. Ich bin seit Tagen auf der Suche nach einem Virtuellen Linux Server Angebot bei dem man zusätzlich noch IPv6 Adressen dazu kaufen bzw mieten kann. Am liebsten wäre es mir wenn das von einem Schweizer Internet Telco Anbieter angeboten wird. Ich habe schon das Angebot von Init7 auf Ihrer Webseite überprüft aber könnte dort kein Virtueller Server Angebot finden. Habe darauf Green.ch angeschrieben die wiederum bieten keine Möglichkeit weder IPv6 noch IPv4 Adressen dazukaufen zu können. > Antwort von green.ch zum Ticket [1006343-TT-359948] > Bei unseren virtuellen Servern ist es nicht möglich, IPv6-Adressen > dazu zu bestellen, die Konfigurationen sind fest gemäss den > verfügbaren Daten auf der Website. Gibt es echt keinen schweizer Telco Anbieter in der Schweiz der solch ein einfaches Angebot auf dem Markt für seine Kundschaft anbietet? Kannst fast nicht glauben! Besten Dank für eure hilfreiche Antworten im voraus. Freundliche Grüsse LinUXperia -- My DIY Hack Projects: --------------------- Eigenes Micro Linux Computer Betriebsystem: http://www.ievs.ch/projects/index.php?page=microlinux Primzahlen Generator: http://www.ievs.ch/projects/index.php?page=primzahlengenerator Spirulina Bio Reaktor http://www.ievs.ch/projects/index.php?page=spirulina

2 3

swisscom contact offlist for Centro Business CPE
by Gregor Bruhin 14 Nov '16

14 Nov '16

Hi, Could someone @swisscom please contact me offlist regarding latest firmware upgrade and dhcp issues. https://www.swisscom.ch/de/business/kmu/hilfe/geraet/centro-business-einric… [1] Thanks, Greg Links: ------ [1] https://www.swisscom.ch/de/business/kmu/hilfe/geraet/centro-business-einric…

1 0

Mifahrgelegenheit Basel Bern und zurück
by Oliver Sachs 02 Nov '16

02 Nov '16

Hallo zusammen, ich könnte von Basel aus aufgrund der relativ kurzen Strecke nach Bern am Freitag bis zu 4 Mitfahrplätze anbieten, natürlich auch wieder zurück. Bei Interesse einfach per Mail melden, damit wir einen Treffpunkt abmachen können. Grüße aus Südbaden Oliver -- oscon itk GmbH Maugenharder Weg 14 79588 Efringen-Kirchen os(a)oscon.de www.oscon.de Tel +49 7628 8004840 Fax +49 7628 8004841 Umsatzsteuer-ID: DE275019039 Handelsregister-Nr.: HRB 706250 Registergericht: Amtsgericht, Freiburg im Breisgau Geschäftsführer: Oliver Sachs Telekommunikationsnetzbetreiber nach §6 Telekommunikationsgesetz Registriernummer: 12/195 Aufsichtsbehörde: Bundesnetzagentur, Tulpenweg 4, 53113 Bonn

2 1

SwiNOG #30 is this friday - last information!
by Steven Glogger 01 Nov '16

01 Nov '16

Dear Participants and Speakers Please find general information about the SwiNOG #30 meeting below. Date: 04.11.2016 - Registration 08h15 - 09h15 Location: Gurtenpark, Bern. NEW Location: it’s now closer to the station. Follow the signs - like last time. From Bern main station you may take: - S-Bahn S3 Belp and exit at Wabern station - Tram 9 (Wabern) and exit at Gurtenbahn stop (Use the new SBB App for best planning :)) —> Then take the Gurtenbahn to the Gurtenpark. You DO NOT have to pay a fee, just tell you attend to the SwiNOG event. Don’t throw away the ticket - you'll need it to get down. Map (Ground Station of the cable rail): https://goo.gl/maps/5uSKtgbianM2 Suggested trains from Geneva: 06h12 Zurich: 07h02 WIRELESS ACCESS During the meeting you have access to free WLAN! - SSID: Swisscom - Credentials will be printed on your badge - YOU are responsible for the security of your data, this WLAN is not encrypted! Many thanks to our sponsor Juniper! See you at SwiNOG #30! Steven, Roman & Simon SwiNOG Organisation

1 0

Re: [swinog] blackhole-1.iana.org : no servers could be reached
by Christian Fahrni 30 Oct '16

30 Oct '16

Hi Julien Yes, we are experiencing the same issues recently with ptr-requests forwarded to the iana blackhole nameservers. # dig -x 10.0.0.100 @blackhole-1.iana.org ;; global options: +cmd ;; connection timed out; no servers could be reached We now configured our nameservers to respond to those requests immediately without sending the queries to internet servers, which they shouldn't do anyway for RFC1918 IPs [1][2] Regards, Christian [1] https://deepthought.isc.org/article/AA-00800/0 [2] https://www.iana.org/help/abuse-answers -> Information about "Blackhole" Servers 2016-10-27 16:13 GMT+02:00 <maj(a)mbuf.net>: > Hi, > are there some people experiencing issues on some AS when using > iana blackhole nameservers for localnets? > > I usually meet this response for instance: > dig 172.16.1.1 @blackhole-1.iana.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34667 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > ;; WARNING: recursion requested but not available > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;172.16.1.1. IN A > > ;; Query time: 46 msec > ;; SERVER: 192.175.48.6#53(192.175.48.6) > ;; WHEN: Thu Oct 27 16: > > > But I don't get any reply packet on AS8220 (COLT). > dig 172.16.1.1 @blackhole-1.iana.org > ;; global options: +cmd > ;; connection timed out; no servers could be reached > > thank you. > > -- > |_|0|_| julien mabillard > |_|_|0| OpenPGP key fingerprint : F009 EFD0 8060 50FE DE07 4953 0E57 5BB0 8284 EF08 > |0|0|0| > > > _______________________________________________ > swinog mailing list > swinog(a)lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

4 3

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog