[HECnet] Cisco DECnet routers and NML

Supratim Sanyal supratim at riseup.net
Tue May 5 15:19:21 PDT 2020 

Just reread the list - 161/162 is indeed blocked :(


---
Supratim Sanyal, W1XMT
39.19151 N, 77.23432 W
QCOCAL::SANYAL via HECnet


> On May 5, 2020, at 6:15 PM, Supratim Sanyal <supratim at riseup.net> wrote:
> 
> it's important we watch our blood pressure. I got this gem back. Trying to figure out why SNMP is not working based on this list ...
> 
> Support Ticket #62899404 has been updated
> 
> Description:
> Hello Supratim,
> We've been implementing measures to avoid cyber attacks from and or to our network, For this reason, ports: 23,123,7722,389,135,137-139,445,69,514,161-162,6667 have been blocked.
> 
> ---
> Supratim Sanyal, W1XMT
> 39.19151 N, 77.23432 W
> QCOCAL::SANYAL via HECnet
> 
> 
>> On May 5, 2020, at 6:05 PM, Dave McGuire <mcguire at neurotica.com> wrote:
>> 
>> On 5/5/20 5:22 PM, Paul Koning wrote:
>>>>> The Cisco DECnet router implementation does not speak "decnet management" as
>>>>> we all knew. The way we are using them the tunnel end-points are on the Internet.
>>>>> 
>>>>> Most of the information "missing" is actually available through the SNMP MIB,
>>>>> so if we could agree on a common read-only community and publish the IP addresses
>>>>> of those routers it would be possible to complete Paul's map.. 
>>>>> 
>>>> I would definitely be up for that. Maybe "hecnet-ro" for the community name?
>>>> 
>>>> Regards, Tim. 
>>> 
>>> Unfortunately this doesn't seem to be feasible.  The issue is that my ISP blocks SNMP outbound -- I have no idea why they would so such a thing.  And as far as I can tell there isn't any way to tell Cisco to accept incoming SNMP requests on any port other than the standard one.
>> 
>>  I would be on the phone with them cursing a blue streak.  I mean, do
>> they sell you a damn net connection, or not?  There's life outside of
>> port 80!  Wow.
>> 
>>  One thing you might be able to do is create a port mapping coming into
>> whatever terminates the "web browsing connection" from your upstream
>> provider, on some port that they don't presume to block, forwarding back
>> to port 161 on the Cisco.
>> 
>>            -Dave
>> 
>> -- 
>> Dave McGuire, AK4HZ
>> New Kensington, PA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sonic.net/pipermail/hecnet-list/attachments/20200505/c2706df5/attachment-0001.html>

More information about the Hecnet-list mailing list