[HECnet] Cisco DECnet routers and NML
Supratim Sanyal
supratim at riseup.net
Tue May 5 20:35:53 PDT 2020
> On May 5, 2020, at 9:51 PM, Thomas DeBellis <tommytimesharing at gmail.com> wrote:
>
> Blocking NTP?? Boy, that's pretty anti-social...
They allow client connections to their own NTP servers. The problem is I had four servers contributing to the NTP Pool project (https://www.ntppool.org/a/chk9fxzbh9h64vbcdx6dr). Upgrading to their newer hypervisors is their solution. I have started to migrate.
>
> Perhaps they only wanted queries to go to internal NTP servers and not outside to non-ISP servers? One reason for this is if you get an 'accurate' clock and declare yourself a level-1 node, you get wind up getting hit with a lot of traffic.
>
>> On 5/5/20 7:32 PM, Peter Lothberg wrote:
>> Blocking NTP? So how do you get time? (udp 123)
>>
>> ----- Original Message -----
>> From: "bqt" <bqt at softjar.se>
>> To: "hecnet" <hecnet at Update.UU.SE>
>> Sent: Tuesday, May 5, 2020 6:23:20 PM
>> Subject: Re: [HECnet] Cisco DECnet routers and NML
>>
>> They are unfortunately mostly incompetent, set to watch over even more
>> incompetent people hooking up to the internet. So they try to do what
>> they think is right, but it's a royal pain for people who actually do
>> know what they are doing, and who want to do some things...
>>
>> (I will not even tell you how much problems I have with mail in
>> different directions...)
>>
>> Johnny
>>
>>> On 2020-05-06 00:15, Supratim Sanyal wrote:
>>> it's important we watch our blood pressure. I got this gem back. Trying
>>> to figure out why SNMP is not working based on this list ...
>>>
>>> Support Ticket #62899404 has been updated
>>>
>>> Description:
>>> Hello Supratim,
>>> We've been implementing measures to avoid cyber attacks from and or to
>>> our network, For this reason, ports:
>>> 23,123,7722,389,135,137-139,445,69,514,161-162,6667 have been blocked.
>>>
>>> ---
>>> Supratim Sanyal, W1XMT
>>> 39.19151 N, 77.23432 W
>>> QCOCAL::SANYAL via HECnet <http://www.update.uu.se/~bqt/hecnet.html>
>>>
>>>
>>> On May 5, 2020, at 6:05 PM, Dave McGuire <mcguire at neurotica.com
>>> <mailto:mcguire at neurotica.com>> wrote:
>>>
>>>> On 5/5/20 5:22 PM, Paul Koning wrote:
>>>>>>> The Cisco DECnet router implementation does not speak "decnet
>>>>>>> management" as
>>>>>>> we all knew. The way we are using them the tunnel end-points are on
>>>>>>> the Internet.
>>>>>>>
>>>>>>> Most of the information "missing" is actually available through the
>>>>>>> SNMP MIB,
>>>>>>> so if we could agree on a common read-only community and publish
>>>>>>> the IP addresses
>>>>>>> of those routers it would be possible to complete Paul's map..
>>>>>>>
>>>>>> I would definitely be up for that. Maybe "hecnet-ro" for the
>>>>>> community name?
>>>>>>
>>>>>> Regards, Tim.
>>>>> Unfortunately this doesn't seem to be feasible. The issue is that my
>>>>> ISP blocks SNMP outbound -- I have no idea why they would so such a
>>>>> thing. And as far as I can tell there isn't any way to tell Cisco to
>>>>> accept incoming SNMP requests on any port other than the standard one.
>>>> I would be on the phone with them cursing a blue streak. I mean, do
>>>> they sell you a damn net connection, or not? There's life outside of
>>>> port 80! Wow.
>>>>
>>>> One thing you might be able to do is create a port mapping coming into
>>>> whatever terminates the "web browsing connection" from your upstream
>>>> provider, on some port that they don't presume to block, forwarding back
>>>> to port 161 on the Cisco.
>>>>
>>>> -Dave
>>>>
>>>> --
>>>> Dave McGuire, AK4HZ
>>>> New Kensington, PA
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sonic.net/pipermail/hecnet-list/attachments/20200505/66d90b3c/attachment-0001.html>
More information about the Hecnet-list
mailing list