[HECnet] Cisco DECnet routers and NML

Johnny Billquist bqt at softjar.se
Tue May 5 15:23:20 PDT 2020 

They are unfortunately mostly incompetent, set to watch over even more 
incompetent people hooking up to the internet. So they try to do what 
they think is right, but it's a royal pain for people who actually do 
know what they are doing, and who want to do some things...

(I will not even tell you how much problems I have with mail in 
different directions...)

   Johnny

On 2020-05-06 00:15, Supratim Sanyal wrote:
> it's important we watch our blood pressure. I got this gem back. Trying 
> to figure out why SNMP is not working based on this list ...
> 
> Support Ticket #62899404 has been updated
> 
> Description:
> Hello Supratim,
> We've been implementing measures to avoid cyber attacks from and or to 
> our network, For this reason, ports: 
> 23,123,7722,389,135,137-139,445,69,514,161-162,6667 have been blocked.
> 
> ---
> Supratim Sanyal, W1XMT
> 39.19151 N, 77.23432 W
> QCOCAL::SANYAL via HECnet <http://www.update.uu.se/~bqt/hecnet.html>
> 
> 
> On May 5, 2020, at 6:05 PM, Dave McGuire <mcguire at neurotica.com 
> <mailto:mcguire at neurotica.com>> wrote:
> 
>> On 5/5/20 5:22 PM, Paul Koning wrote:
>>>>> The Cisco DECnet router implementation does not speak "decnet 
>>>>> management" as
>>>>> we all knew. The way we are using them the tunnel end-points are on 
>>>>> the Internet.
>>>>>
>>>>> Most of the information "missing" is actually available through the 
>>>>> SNMP MIB,
>>>>> so if we could agree on a common read-only community and publish 
>>>>> the IP addresses
>>>>> of those routers it would be possible to complete Paul's map..
>>>>>
>>>> I would definitely be up for that. Maybe "hecnet-ro" for the 
>>>> community name?
>>>>
>>>> Regards, Tim.
>>>
>>> Unfortunately this doesn't seem to be feasible.  The issue is that my 
>>> ISP blocks SNMP outbound -- I have no idea why they would so such a 
>>> thing.  And as far as I can tell there isn't any way to tell Cisco to 
>>> accept incoming SNMP requests on any port other than the standard one.
>>
>>  I would be on the phone with them cursing a blue streak.  I mean, do
>> they sell you a damn net connection, or not?  There's life outside of
>> port 80!  Wow.
>>
>>  One thing you might be able to do is create a port mapping coming into
>> whatever terminates the "web browsing connection" from your upstream
>> provider, on some port that they don't presume to block, forwarding back
>> to port 161 on the Cisco.
>>
>>            -Dave
>>
>> -- 
>> Dave McGuire, AK4HZ
>> New Kensington, PA


-- 
Johnny Billquist                  || "I'm on a bus
                                   ||  on a psychedelic trip
email: bqt at softjar.se             ||  Reading murder books
pdp is alive!                     ||  tryin' to stay hip" - B. Idol

More information about the Hecnet-list mailing list