Dating service mpls

Sophisticated Simplicity . Our in-person speed dating events, virtual speed dating events and matchmaking services offer fresh alternatives for Minneapolis singles. Whether you’re looking for a night out with fellow singles, prefer a night in with our virtual events or find one-on-one matchmaking to be your cup of tea, we bring just the right amount of flirty to suit any need. Minneapolis's best FREE dating site! 100% Free Online Dating for Minneapolis Singles at Mingle2.com. Our free personal ads are full of single women and men in Minneapolis looking for serious relationships, a little online flirtation, or new friends to go out with. Start meeting singles in Minneapolis today with our free online personals and free Minneapolis chat! Realminneapolissingles.com provides dating service for the Minneapolis Area. Meet Singles in Minneapolis, Visit us or Call us at (612) 254-1665 Now!! ,, - . Due to COVID-19, Please call (952) 835-9590 to check-in for scheduled appointments call ; call (612) 254-1665 to make an appointment. Toggle navigation. Front Desk: ... Minneapolis free dating sites provide an excellent service for both singles and individuals seeking a lifelong partner. If you want to use the services of a Minneapolis online dating site, you need to remember to look out for the best ones. There are several online sites that are available, and each of them has its own services that it provides. High Touch Service. From match selection to restaurant reservations. We are your dating concierge. Spend your time dating instead of searching. Private. No online dating profile for the world to see. 29 Years’ Experience working with single professionals. It’s Just Lunch is the #1 Personalized Matchmaking service in the world! MPLS singles provide quality dating service. You can meet local men & women here. Minneapolis dating site is one of the best dating site. MINNEAPOLIS ORIGINAL DATING, MATCHMAKING AND SINGLES EVENTS SERVICE. Matchmaking Service of choice to take full advantage of the dating opportunities available and the chance to find love and romance again. Dating Service in Minneapolis on YP.com. See reviews, photos, directions, phone numbers and more for the best Dating Service in Minneapolis, MN.

New version 6.47 is available in stable channel!

2020.06.02 13:29 Lifz_ New version 6.47 is available in stable channel!

What's new in 6.47 (2020-Jun-02 07:38):
Important note!!!
- The Dude server must be updated to monitor v6.46.4 and v6.47beta30+ RouterOS type devices. - The Dude client must be manually upgraded after upgrading The Dude server. - The Dude requires "winbox" policy instead of "dude" to monitor v6.46.4 and v6.47beta30+ RouterOS type devices. - Make sure LTE APN Profile name does not match any of the DHCP server's names if LTE passthrough is used.
MAJOR CHANGES IN v6.47: ---------------------- !) dns - added client side support for DNS over HTTPS (DoH) (RFC8484); !) socks - added support for SOCKS5 (RFC 1928); !) user - enable "winbox" policy for groups with "dude" policy automatically on upgrade; ----------------------
Changes in this release:
*) api - added ECDHE cipher support for "api-ssl" service; *) bonding - improved slave interface MAC address handling; *) bonding - prefer primary slave MAC address for bonding interface; *) branding - do not ask to confirm configuration applied from branding package; *) branding - fixed identity setting from branding package; *) branding - improved branding package installation process when another branding package is already installed; *) bridge - added logging debug message when a host MAC address is learned on a different bridge port; *) bridge - added warning message when a bridge port gets dynamically added to VLAN range; *) bridge - correctly remove disabled MSTI; *) bridge - improved hardware offloading enabling/disabling; *) certificate - added "skid" and "akid" values for detailed print; *) certificate - allow dynamic CRL removal; *) certificate - disabled CRL usage by default; *) certificate - do not use SSL for first CRL update; *) chr - added support for file system quiescing; *) chr - added support for hardware watchdog on ESXI; *) chr - enabled support for VMBus protocol version 4.1; *) chr - improved system stability when running CHR on Hyper-V; *) crs3xx - correctly remove switch rules on CRS317-1G-16S+ and CRS309-1G-8S+ devices; *) crs3xx - fixed "ingress-rate" property on CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices; *) crs3xx - fixed hardware offloaded bonding on Ethernet interfaces for CRS354 devices; *) crs3xx - improved 10G interface initialization on CRS312 devices; *) crs3xx - improved switch host table updating; *) crs3xx - show correct switch model for netPower 15FR device; *) defconf - fixed default configuration initialization if power loss occurred during the process; *) dhcpv4 - added end option (255) validation for both server and client; *) dhcpv4-client - improved stability when changing client while still receiving advertisements; *) dhcpv4-server - disallow zero lease-time setting; *) dhcpv6-client - improved error logging when when renewed address differs; *) dhcpv6-server - do not require "server" parameter for bindings; *) dhcpv6-server - fixed MAC address retrieving from DUID when timestamp is present; *) discovery - do not send discovery packets on inactive bonding slave interfaces; *) discovery - do not send discovery packets on interfaces that are blocked by STP; *) disk - improved disk management service stability when receiving bogus packets; *) disk - improved recently created file survival after reboots; *) dns - added support for exclusive dynamic DNS server usage from IPsec; *) dns - added support for forwarding DNS queries of static entries to specific server; *) dns - added support for multiple type static entries; *) dot1x - added "radius-mac-format" parameter; *) dot1x - added hex value support for RADIUS switch rules; *) dot1x - added range "dst-port" support for RADIUS switch rules; *) dot1x - added support for lower case "mac-auth" RADIUS formats; *) dot1x - fixed "reject-vlan-id" value range; *) dot1x - fixed dynamically created switch rule removal when client disconnects; *) dot1x - fixed port blocking when interface changes state from disabled to enabled; *) dot1x - improved Dot1X service stability when receiving bogus packets; *) dot1x - improved debug logging output to "dot1x" topic; *) dot1x - improved value validation for dynamically created switch rules; *) email - added support for multiple "to" recipients; *) ethernet - fixed interface stopping responding after blink command execution on CCR2004-1G-12S+2XS; *) fetch - fixed "User-Agent" usage if provided by "http-header-field"; *) graphing - improved graphing service stability when receiving bogus packets; *) health - added "gauges" submenu with SNMP OID reporting; *) health - improved stability for system health monitor on CCR2004-1G-12S+2XS; *) hotspot - updated splash page design ('/ip hotspot reset-html' required); *) ike1 - added error message when specifying "my-id" for XAuth identity; *) ike1 - added support for "UNITY_DEF_DOMAIN" and "UNITY_SPLITDNS_NAME" payload attributes; *) ike1 - do not try to keep phase 2 when purging phase 1; *) ike1 - improved policy lookup with specific protocol; *) ike1 - improved stability when performing policy lookup on non-existant peer; *) ike2 - added support for "INTERNAL_DNS_DOMAIN" payload attribute; *) ike2 - added support for RADIUS Disconnect-Request message handling; *) ike2 - added support for RFC8598; *) ike2 - allow initiator address change before authentication; *) ike2 - fixed authentication handling when initiator disconnects before RADIUS response; *) interface - improved system stability when receiving bogus packets; *) interface - increased loopback interface MTU to 65536; *) ipsec - added "split-dns" parameter support for mode configuration; *) ipsec - added "use-responder-dns" parameter support; *) ipsec - allow specifying two peers for a single policy for failover; *) ipsec - control CRL validation with global "use-crl" setting; *) ipsec - do full certificate validation for identities with explicit certificate; *) ipsec - fixed minor spelling mistake in logs; *) ipsec - improved IPsec service stability when receiving bogus packets; *) ipsec - place dynamically created IPsec policies by L2TP client at the begining of the table; *) kidcontrol - ignore IPv6 multicast MAC addresses; *) l2tp - added "src-address" parameter for L2TP client; *) l2tp - added "use-peer-dns" parameter for L2TP client; *) l2tp - improved dynamically created IPsec configuration updating; *) l2tp - use L2TP interface when adding dynamic IPsec peer; *) lcd - fixed LCD service becoming unavailable on devices without LCD screen; *) lcd - improved general system stability when LCD is not present; *) led - fixed minor typo in LED warning message; *) log - added logging entry when changing user's password; *) log - added tunnel endpoint address to establishment and disconnect logging entries; *) log - made startup script failures log as critical errors; *) lte - added support for Huawei K5161 modem; *) lte - added support for NEOWAY N720; *) lte - added support for multiple passthrough APN configuration; *) lte - do not allow running "scan" on R11e-4G; *) lte - fixed "allow-roaming" setting when using LTE network mode on R11e-LTE; *) lte - fixed "band" parameter persistence after disable/enable; *) lte - fixed "ecno" and "rscp" value reporting on R11e-LTE6; *) lte - fixed VLAN interface passthrough support; *) lte - fixed multiple APN reactivation after deactivation by operator; *) lte - improved stability during firmware upgrade; *) lte - made "mac-address" parameter read-only; *) lte - show "phy-cellid" value only in LTE mode; *) netinstall - removed "Flashfig" from Netinstall; *) netinstall - removed "Make Floppy" from Netinstall; *) netinstall - signed netinstall.exe with Digital Signature; *) netwatch - improved Netwatch service stability when invalid configuration values are passed; *) ovpn - added "use-peer-dns" parameter for OVPN client; *) port - removed serial console port on hEX S; *) ppp - added "Acct-Session-Id" attribute to "Access-Request" messages; *) ppp - added support for ZTE MF90; *) ppp - fixed minor typo when running "info" command; *) ppp - removed "comment", "set" and "edit" commands from "PPP->Active" menu; *) pptp - added "use-peer-dns" parameter for PPTP client; *) profile - added support for CCR2004-1G-12S+2XS; *) proxy - increased minimal free RAM that can not be used for proxy services; *) qsfp - added support for FEC mode (fec74), with the FEC mode disabled by default; *) quickset - do not show "SINR" field in Quick Set when there is no data; *) quickset - fixed invalid configuration applying when performing changes during LTE modem initialization process; *) quickset - removed "EARFCN" field from Quick Set; *) quickset - removed "LTE band" setting from Quick Set; *) quickset - show "Antenna Gain" setting on devices without built-in antennas; *) quickset - use "station-wds" mode when connecting to AP with RouterOS flag; *) route - improved system stability after reboot with large amount of VLAN interfaces with PPPoE servers attached; *) routerboard - added "hold-time" parameter to mode-button menu; *) routerboard - added "reset-button" menu - custom command execution with reset button; *) routing - improved IGMP-Proxy service stability when receiving bogus packets; *) routing - improved routing service stability when receiving bogus packets; *) sfp28 - added support for FEC modes (fec74 and fec91), with fec91 mode already enabled by default; *) sniffer - allow setting port for "streaming-server"; *) snmp - added "dot1qTpFdbTable" OID reporting for Q-BRIDGE-MIB; *) snmp - changed "upsEstimatedMinutesRemaining" reported value from seconds to minutes; *) snmp - fixed "dot1dBasePort" index offset for BRIDGE-MIB; *) snmp - improved OID policy checking and error reporting on "set" command; *) snmp - improved stability when polling MAC address related OID; *) ssh - improved SSH service stability when receiving bogus packets; *) supout - added "dot1x" section to supout files; *) supout - improved UPS information reporting; *) switch - correctly display switch statistics when all switch ports are disabled on RTL8367 switch chip; *) switch - correctly enable and disable CPU Flow Control on RB3011UiAS; *) switch - made "auto" the default value for "vlan-id" parameter when creating a new static host entry; *) system - correctly handle Generic Receive Offloading (GRO) for MPLS traffic; *) system - improved driver loading speed on startup; *) tr069-client - added LTE firmware update functionality support; *) tr069-client - added additional LTE information parameters; *) tr069-client - added additional wireless registration table parameters; *) tr069-client - added interface type parameter support; *) tr069-client - added multiple simultaneous session support for diagnostics test; *) tr069-client - added total connection tracking entries parameter; *) tr069-client - removed warning log message when not using HTTPS; *) traffic-flow - added "postDestinationMacAddress" parameter support for IPFIX and NetFlow v9; *) upgrade - fixed space handling in package file names; *) ups - added battery info for APC SmartUPS 2200; *) ups - improved compatibility with APC Smart UPS 1000 and 1500; *) user - improved user management service stability when receiving bogus packets; *) w60g - fixed link status logging; *) w60g - improved rate selection in low traffic conditions; *) w60g - use "arp" and "mtu" parameters from master interface when creating a new station; *) webfig - fixed 5 GHz wireless interface "frequency" parameter value list on Audience; *) webfig - fixed WinBox download link; *) webfig - fixed skin usage from branding package; *) webfig - updated icon design; *) winbox - added "Rate" parameter for switch ACL rules; *) winbox - added "auth-info" parameter under "Dot1X->Active" menu; *) winbox - added "auth-types", "comment", "mac-auth-mode" and "reject-vlan-id" parameters for Dot1X server; *) winbox - added "auto-erase" option to "Tool/SMS" menu; *) winbox - added "bus" parameter for "USB Power Reset" command on NetMetal ac^2; *) winbox - added "bus" parameter for "USB Power Reset" command on RBM33G; *) winbox - added "comment" parameter and "dynamic" flag support under "Switch->Rule" table; *) winbox - added "comment" parameter for Dot1X client; *) winbox - added "region" parameter for W60G interfaces; *) winbox - added "skip-dfs-channels" parameter to wireless interface menu; *) winbox - added comment support for "Switch->VLAN" menu; *) winbox - added enable and disable buttons for "MPLS->MPLS Interface" table; *) winbox - added support for inline bar graphs for LTE signal values; *) winbox - aligned all "IP->Traffic Flow->IPFIX" check boxes in single line (WinBox v3.22 required); *) winbox - allow setting "Primary" parameter for "balance-tlb" bonding interfaces; *) winbox - allow to specify any Ethernet like interface under "Tool/WoL" menu; *) winbox - do not allow to enter empty strings in "caps-man-names" and "common-name" parameters; *) winbox - fixed "BGP Origin" value display under "IPv6->Routes" menu; *) winbox - fixed "Data Rate" checkbox alignment (WinBox v3.22 required); *) winbox - fixed "Tx/Rx Signal Strength" value presence for 4 chain interfaces; *) winbox - fixed WDS usage when connecting to RouterOS access point using QuickSet; *) winbox - fixed bonding type interface support for "Switch->Host" table; *) winbox - fixed dates and times in interface link up/down properties (WinBox v3.24 required); *) winbox - fixed wireless interface "HT" tab setting presence when "band=5ghz-n/ac"; *) winbox - fixed wireless sniffer parameter setting; *) winbox - limit number of simultaneous WinBox sessions to 5 for users without "write" permission; *) winbox - made "yes" the default value for "Inject Summary LSAs" parameter when creating a new NSSA or STUB area; *) winbox - removed duplicate "join-eui", "dev-eui", "counter", "chain", "size" and "payload" parameters under "LoRa/Traffic"; *) winbox - renamed "Routerboard" to "RouterBOARD" under "System/RouterBOARD" menu; *) winbox - show "Hardware Offload" parameter for bonding interfaces; *) winbox - updated icon design; *) wireless - added "russia 6ghz" regulatory domain information; *) wireless - enabled unicast flood for DHCP traffic on ARM architecture access points; *) wireless - fixed Nstreme wireless protocol performance decrease; *) wireless - improved management service stability when receiving bogus packets; *) wireless - updated "egypt" regulatory domain information; *) wireless - updated "russia4" regulatory domain information; *) www - added "tls-version" parameter in "IP->Services" menu;
https://mikrotik.com/download
submitted by Lifz_ to mikrotik [link] [comments]


2020.05.12 18:35 Who-Do-You-Know WDYK - Network Engineer (Active Clearance Required)- Contract to Hire- IMMEDIATE INTERVIEWS!!!

PM for Recruiter Contact Info - Make sure to include the link so I know which one you're asking about.
Title: Network Engineer (Active Clearance Required) Location: Washington, DC 20535 (REMOTE til Covid is over) Rate: DOE Duration: 6 month Contract to Hire
Reiterate Top Must Haves
Reiterate Top Nice To Haves
Role: Resident Professional Services Network Engineer (C2H) Job Description:
Responsibilities
Requirements
Desired Skills / Experience
Details:
Reiterate Top Must Haves
Reiterate Top Nice To Haves
submitted by Who-Do-You-Know to whodoyouknow [link] [comments]


2020.01.25 18:29 gentfede Bare IpSec VPN. Device from VPN can reach LAN (+internet), but the LAN cannot connect to VPN device

Hello everyone,
I have setup a bare IpSec VPN on my Mikrotik HAP AC. I use it to connect from my Android phone to my home network.
It works insofar that the connection is established, and the Android phone can reach devices on the local LAN and the internet (but not the router interface). However, it doesn't work the other way round: devices from the LAN cannot connect to the Android phone! However, I need this for certain applications.
I'm sure it must be some (minor) thing misconfigured or missing from my firewall rules I assume?
I'd be super grateful if some of you could take a look at my config below to see if you can spot any problems. Since I'm not an expert, I'd also be super grateful if you could alert me about other potential issues (specifically security issues ...) you might spot.

Thanks a bunch!!

# jan/21/2020 20:46:08 by RouterOS 6.46.2
# software id = 75A8-UWJH
#
# model = RB962UiGS-5HacT2HnT
/interface bridge
add admin-mac=74:4D:28:CD:FA:B8 arp=proxy-arp auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country=***** disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=myssid wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX country=***** disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=myssid wireless-protocol=802.11
/interface vlan
add interface=ether1 name="VO VLAN" vlan-id=35
/interface pppoe-client
add add-default-route=yes disabled=no interface="VO VLAN" max-mru=1500 max-mtu=1500 name="VO PPPoE" use-peer-dns=yes [email protected]
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip ipsec peer
add name=road-warrior passive=yes
/ip ipsec profile
set [ find default=yes ] enc-algorithm=aes-256,aes-128,3des
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha512,sha256,sha1 enc-algorithms=aes-256-cbc,aes-192-cbc,aes-128-cbc,3des
/ip pool
add name=dhcp ranges=192.168.178.10-192.168.178.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/ip ipsec mode-config
add address-pool=dhcp name=road-warrior
/ipv6 dhcp-server
add interface=bridge name=ipv6dhcp
/ppp profile
set *0 use-mpls=no
add bridge=bridge change-tcp-mss=yes dns-server=192.168.178.31 name=ipsec_vpn use-encryption=yes use-ipv6=default
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface l2tp-server server
set authentication=mschap1,mschap2 default-profile=ipsec_vpn max-mru=1500 max-mtu=1500 use-ipsec=required
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
add interface="VO PPPoE" list=WAN
/ip address
add address=192.168.178.1/16 comment=defconf interface=ether2 network=192.168.0.0
/ip dhcp-client
add comment=defconf interface=ether1
/ip dhcp-server lease
add address=192.168.178.35 client-id=ff:f8:3:89:63:0:2:0:0:ab:11:55:a2:d7:a9:73:40:35:be mac-address=10:F0:05:92:DE:F2 server=defconf
add address=192.168.178.251 mac-address=B4:E6:2D:7D:AD:18 server=defconf
add address=192.168.178.250 mac-address=BC:DD:C2:95:A7:BD server=defconf
add address=192.168.178.249 mac-address=60:01:94:4C:11:C3 server=defconf
add address=192.168.178.247 mac-address=F4:F5:D8:F7:74:FA server=defconf
add address=192.168.178.21 client-id=1:68:5b:35:7f:d0:fd mac-address=68:5B:35:7F:D0:FD server=defconf
add address=192.168.178.82 mac-address=00:17:88:46:11:1B server=defconf
add address=192.168.178.252 mac-address=B4:E6:2D:9E:9D:45 server=defconf
add address=192.168.178.254 mac-address=DC:4F:22:19:95:51 server=defconf
/ip dhcp-server network
add address=192.168.0.0/16 comment=defconf dns-server=192.168.178.31 domain=my.domain gateway=192.168.178.1 netmask=16
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.178.1 name=router.my.domain
add address=192.168.178.35 name=udoo.my.domain
add address=192.168.178.31 name=pi.my.domain
/ip firewall filter
add action=accept chain=input port=1701,500,4500 protocol=udp
add action=accept chain=input protocol=ipsec-esp
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat dst-address=!192.168.178.1 protocol=tcp src-address=192.168.178.0/24
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=443 log=yes protocol=tcp to-addresses=192.168.178.35 to-ports=443
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=80 protocol=tcp to-addresses=192.168.178.35 to-ports=80
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=8883 protocol=tcp to-addresses=192.168.178.35 to-ports=8883
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=3478 protocol=tcp to-addresses=192.168.178.35 to-ports=3478
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=3478 protocol=udp to-addresses=192.168.178.35 to-ports=3478
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=9002 protocol=tcp to-addresses=192.168.178.35 to-ports=9002
add action=dst-nat chain=dstnat dst-address=!192.168.178.1 dst-address-type=local dst-port=1883 protocol=tcp to-addresses=192.168.178.35 to-ports=1883
/ip ipsec identity
add auth-method=pre-shared-key-xauth generate-policy=port-strict mode-config=road-warrior peer=road-warrior username=myIPSECuser
/ip ipsec policy
set 0 dst-address=0.0.0.0/0 src-address=0.0.0.0/0
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge type=internal
add interface="VO PPPoE" type=external
/ipv6 address
add from-pool=vo-ipv6-pool interface=bridge
/ipv6 dhcp-client
add add-default-route=yes interface="VO PPPoE" pool-name=vo-ipv6-pool pool-prefix-length=48 request=prefix
/ipv6 firewall address-list
add address=fe80::/16 list=allowed
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
add address=::224.0.0.0/100 comment="defconf: other" list=bad_ipv6
add address=::127.0.0.0/104 comment="defconf: other" list=bad_ipv6
add address=::/104 comment="defconf: other" list=bad_ipv6
add address=::255.0.0.0/104 comment="defconf: other" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udp
add action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/ppp secret
add local-address=192.168.178.1 name=myIPSECuser profile=ipsec_vpn remote-address=192.168.178.99 service=l2tp
/system clock
set time-zone-name=Europe/Luxembourg
/system logging
add prefix="L2TPDBG===>" topics=l2tp
add prefix="IPSECDBG===>" topics=ipsec
/system scheduler
add interval=1m name="DynDNS Scheduler" on-event="EuroDNS DynDNS" policy=read,write,test start-date=jan/17/2020 start-time=23:22:25
/system script
add dont-require-permissions=no name="EuroDNS DynDNS" owner=admin policy=read,write,test source="..."
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
submitted by gentfede to mikrotik [link] [comments]


2019.12.04 00:30 babelphishy Passed Advanced Networking Specialty

Just passed the Advanced Networking Specialty Exam a couple hours ago, they emailed me my scores right away:
Overall Score: 90%
Topic Level Scoring: 1.0 Design and implement hybrid IT network architectures at scale: 83% 2.0 Design and implement AWS networks: 100% 3.0 Automate AWS tasks: 75% 4.0 Configure network integration with application services: 85% 5.0 Design and implement for security and compliance: 83% 6.0 Manage, optimize, and troubleshoot the network: 100%
As some background, I've worked in AWS exclusively in a developedevops role for three years now, and I've been a professional software developer for 18. I had a reasonable background in networking before starting to study for this exam, although I had no experience at the enterprise architecture level. Things like BGP and MPLS were completely foreign.
This was my first attempt at this certification (or any certification). I started several months ago with the Official AWS Study guide and plodded through the chapters, doing my best not to skip any exercises. If it said to review an FAQ, I did that, and then researched anything that was unfamiliar. This can be a really tedious process but there are a wide range of topics that require mastery to correctly answer the questions.
Once I finished the book, I started on the free AWS training video. The presenter has a charming accent and is engaging, but the videos could probably stand to be broken up more. Somewhere in the middle of that I started ACG's Advanced Networking video course, which is excellent and I definitely recommend. All of these resources are slightly dated, but that did not end up being an issue in the exam. I saw someone recommend their IPv6 course so I consumed most of that right before the exam, which helped a bit as well.
Finally, I took all three Whizlabs exams to test my knowledge and reviewed correct and incorrect answers. In some cases the grammar issues made the questions unnecessarily difficult or ambiguous, but I still recommend them to round things out.
If you intend to attack this exam, I strongly recommend that you consume everything you can get your hands on, and then focus your memorization on what various services can and cannot do. Being able to eliminate impossible answers is absolutely critical to a good score.
The actual exam was difficult and draining but none of the questions seemed unfair or ambiguous. I finished my first pass at answers with 40 minutes left, and finished reviewing my flagged answers with 15 minutes to spare. Seeing I passed was an enormous relief, I had invested so much time and energy at that point.
Good luck to anyone else who is pursuing this! My last piece of advice is to give yourself a lot of time to digest and study a little bit each day rather than trying to cram.
Edit: Forgot to mention, I listened to NET4XX re:invent videos in podcast format from 2018/2017. The Direct Connect Deep Dive is really good, worth two listens.
Also read a few networking whitepapers.
submitted by babelphishy to AWSCertifications [link] [comments]


2019.09.27 07:15 IELAB-ethan Ccie lab dumps SD-WAN and SDN differences

Ccie lab dumps SD-WAN and SDN differences
Software Defined Network (SDN) is a new type of network architecture that implements separate network control and forwarding to form a logically centralized unified controller.In turn, the software programmable interface is opened on the controller for service call, and the purpose of flexible configuration of the network is achieved.In the cloud computing data center, ccie lab dumps.providing virtual resource services is its most important technical realization, and the network is also provided as a service to customers.The network needs to provide dynamic, on-demand, isolated network environment and custom network service chain connection services for different users and applications. These are the traditional network architectures that cannot be met, and SDN was born because of this.ccie lab dumps
Although SDN was not born for a long time, it has been greatly developed. SDN-related startups have sprung up, and traditional network equipment vendors have thrown olive branches to SDN.Major data centers and network operators have launched technical research and various attempts at SDN, with the intention of being able to make a big difference in the era of SDN.SDN already has a relatively complete technical system support, and the Openflow protocol is the core technology of its implementation.However, because everyone has different understandings of SDN, the implemented controller software can only control their own hardware devices, and can not form generalized software.This is also achieved in order to get competitive advantage, exclude other software manufacturers, and obtain more markets, which makes SDN technology landing slower, affecting the development of SDN to some extent.Even so, SDN is still developing rapidly in technical theory, and soon it also has SD-WAN and SD-branch.ccie lab dumps
The full name of SD-WAN is a wide-area software-defined network. In 2015, it became a hot topic in SDN technology, and the first SD-WAN product appeared on the market.SD-WAN inherits the concept of SDN control and forwarding separation and centralized control. It deploys SDN technology in WAN network, mainly uses software advantages to improve network performance and reduce cost, while ensuring security and stability and easy deployment.The basic principle of SD-WAN can be understood as establishing a "virtual network" on top of one or more different physical networks or network services, as long as the mapping between virtual and physical can be done.There is no need to know what technology is being used for things inside and outside the virtual network.In the past, we mentioned that SDN is mainly used in data centers and LANs, and SD-WAN extends SDN to WANs.There are many protocols in the WAN that are different from the Ethernet protocols in the LAN, so it is not a simple migration, but a specific design for the WAN.SD-WAN can operate by measuring basic network traffic metrics such as latency, packet loss, jitter, and availability. With this data, SD-WAN can actively respond to real-time network conditions and select the best path for each packet.SD-WAN has a central controller concept for global network visibility.Network administrators use the controller architecture to create policies and allow the system to take action without explicit manual change control.This controller platform performs policy-based forwarding based on current WAN conditions and complete information on enterprise application preferences, enabling immediate global changes without the need to manually log in to each router.ccie lab dumps
differences:
Ø SD-WAN is focused on providing software-defined application routing for WAN or WAN, as well as connecting geographically distributed locations (headquarters, data centers, branch offices, remote and mobile users), national or global bases. On the other hand, SDN is mainly concentrated in the LAN (local) or the core network of the service provider.
Ø SDN can be fully programmed by the customer or user and allows for efficient change and configuration management. Although SD-WAN is built on SDN technology, SD-WAN vendors handle programming behind the scenes, eliminating the complexity of end users.
Ø SDN focuses on the internal network, whether it is a LAN or a core service provider network. While SD-WAN is focused on connecting the network to the user over the WAN.
Ø SDN is supported by NFV, Network Function Virtualization, which provides a variety of virtualized network functions through software that have been built into proprietary closed systems to date.In contrast, SD-WAN provides software-defined application routing that can be virtualized or virtualized or run on SD-WAN devices.
The technology behind SD-WAN changes the paradigm from a packet-based network routing system to an application-based routing system.This enables organizations to use consumer-grade broadband Internet with improved quality and performance, and importantly, the cost per megabyte is lower than the cost of using MPLS previously.SD-WAN also provides flexibility and flexibility while maintaining centralized, predefined business policies and controlling the way applications are routed. The resulting visibility and control allows you to identify applications running on the WAN and set policies for their priority and usage.SD-WAN also uses dynamic WAN selection to route these applications through the best performing path.In addition, SD-WAN allows you to use multiple available links in an "active/active" configuration to provide load balancing and failover with virtually no perceptual disruption. Traffic between sites flows through dynamic, fully encrypted tunnels and can be segmented to provide a high level of security.ccie lab dumps
SDN is no longer an Ethernet network technology, but all network protocols rely on its development technology, such as storage networks. Software definition concepts have been introduced early, and almost all aspects of the data center are related to software definition. .SDN technology is a global and disruptive network transformation technology. It uses IT technology to transform traditional closed networks, which brings opportunities for network development.ccie lab dumps
Publisher:IE LAB
publish Website: http://ielab.network
WhatsApp: +8617782638871
Skype:live:ielab.anna
submitted by IELAB-ethan to networking_notes [link] [comments]


2019.09.23 23:36 gargravarr2112 ISPs - S gonna HTF tomorrow, wish me luck...

So, backstory, we moved into this office in September last year. Despite extensive efforts, for love nor money we could not get anyone to give us a fibre connection for move-in. Nobody would commit despite glowing fibres already in the server room. And after 3 weeks on a rented 4G system (which I can't fault, it worked very well), we finally said, F it, we'll take on the contract for the previous company.
The previous company was a games firm with multiple offices. They had a high-end MPLS connection from a reseller. Even this was farcical - we got the new router, but the company had taken the NTE.. to San Francisco...
Eventually we got a working fibre line and it has been brilliant, but it's overkill and costing us accordingly - 4 figures per month. And as nice as it is to say we have a 1Gbps fibre line, the only thing I've been able to max it out with is Steam.
By this point, we managed to get one of the uncooperative suppliers to install a backup connection for us. We elected to take the connections from separate providers in case billing messes up or some other common factor hits. So we have a backup fibre line, a comfortable 300Mbps.
With that in place, we started shopping. The reseller wouldn't go much lower, so we went to the provider they resold. Initially this company wanted 180 working days from contract signature to give us a connection. Now, they're much more amiable to giving us service. We settle on the same 300Mbps as the backup line, with the idea of load balancing the two if it becomes necessary. Technician visits, agrees everything is in order, even promises a rack kit for the NTE. We sign the contract with service starting on the 23rd September, and give notice to the reseller to switch over then.
I get a few emails which I answer quickly. However, between other responsibilities, I generally assume things are ticking along as they should be. Only today do I look up and realise something important - it's switchover day, and the ISP hasn't sent the replacement router. We need to send the reseller's back. Further, there have been no phone calls about switchover from the techs. I phone our account manager. To nobody's surprise, no answer, so I leave a message, which isn't returned. I'm there til 9pm. Nothing.
One thing I'm sure I can count on, though, is the reseller contract expiring at midnight. Our backup line has been tested but we all know, these things only go fully wrong when you need to rely on them. So it's going to be an early one for me tomorrow.
We endured 5 months of absolute absurdity trying to arrange this in the first place. The backup ISP also took a lot of crayons/very slow explanation of what we wanted. Every stage of this contract, we were promised a switchover date of the 23rd September. I am completely unsurprised at the result. Why are business ISPs so completely incompetent? Seriously?
submitted by gargravarr2112 to sysadmin [link] [comments]


2019.07.23 02:54 CoolCreeper39 List of all known banned subreddits sorted alphabetically and by reason

Ban/Quarintine Evasion:
Unmoderated:
Violent content:
Harassment:
Prohibited goods or services:
Proliferation of violent content:
Minor sexualization:
Spam:
Subreddits banned due to the rule change:
Copyright infringement:
Involuntary pornography:
Glorifying violence:
Inciting harassment:
Doxxing:
Encouraging violence:
Marketplace:
Inciting violence:
Inciting harm:
Safety reasons:
Violence:
Encouraging harm:
Impersonating:
Interfering with Reddit:
Vote manipulation:
Animal abuse:
Bullying:
Criminal activity:
Glorifying sexual violence:
Other:
No reason given:
submitted by CoolCreeper39 to reclassified [link] [comments]


2019.04.23 08:12 Filemeunderground DAQ (-1) error followed by random symbols- Windows

DAQ (-1) error followed by random symbols- Windows

Hello, I am hoping to find any solutions to my problem. I have installed snort 2.9.13 in virtualized Windows Server. I have succesfully tested out the config file and there seems to be no error on it. I have made also some test rules to test out the functionalities of IDS. However, whenever I try to run snort with "-A console" it comes out with a DAQ (-1) error and random symbols following it. Does anybody have any clue to what is happening?
This is the command I am entering

https://preview.redd.it/tgf4w51xgyt21.png?width=592&format=png&auto=webp&s=cb07cbbda0020842cc0a8f3481d6d113353603cc
This is the error I am getting

The random symbols changes everytime I run snort
and this is my conf file:
#-------------------------------------------------- # VRT Rule Packages Snort.conf # # For more information visit us at: # http://www.snort.org Snort Website # http://vrt-blog.snort.org/ Sourcefire VRT Blog # # Mailing list Contact: [email protected] # False Positive reports: [email protected] # Snort bugs: [email protected] # # Compatible with Snort Versions: # VERSIONS : 2.9.13 # # Snort build options: # OPTIONS : --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-active-response --enable-normalizer --enable-reload --enable-react --enable-flexresp3 # # Additional information: # This configuration file enables active response, to run snort in # test mode -T you are required to supply an interface -i  # or test mode will fail to fully validate the configuration and # exit with a FATAL error #-------------------------------------------------- ################################################### # This file contains a sample snort configuration. # You should take the following steps to create your own custom configuration: # # 1) Set the network variables. # 2) Configure the decoder # 3) Configure the base detection engine # 4) Configure dynamic loaded libraries # 5) Configure preprocessors # 6) Configure output plugins # 7) Customize your rule set # 8) Customize preprocessor and decoder rule set # 9) Customize shared object rule set ################################################### ################################################### # Step #1: Set the network variables. For more information, see README.variables ################################################### # Setup the network addresses you are protecting ipvar HOME_NET [192.168.14.1/29] # Set up the external network addresses. Leave as "any" in most situations ipvar EXTERNAL_NET !$HOME_NET # List of DNS servers on your network ipvar DNS_SERVERS $HOME_NET # List of SMTP servers on your network ipvar SMTP_SERVERS $HOME_NET # List of web servers on your network ipvar HTTP_SERVERS $HOME_NET # List of sql servers on your network ipvar SQL_SERVERS $HOME_NET # List of telnet servers on your network ipvar TELNET_SERVERS $HOME_NET # List of ssh servers on your network ipvar SSH_SERVERS $HOME_NET # List of ftp servers on your network ipvar FTP_SERVERS $HOME_NET # List of sip servers on your network ipvar SIP_SERVERS $HOME_NET # List of ports you run web servers on portvar HTTP_PORTS [80,81,311,383,591,593,901,1220,1414,1741,1830,2301,2381,2809,3037,3128,3702,4343,4848,5250,6988,7000,7001,7144,7145,7510,7777,7779,8000,8008,8014,8028,8080,8085,8088,8090,8118,8123,8180,8181,8243,8280,8300,8800,8888,8899,9000,9060,9080,9090,9091,9443,9999,11371,34443,34444,41080,50002,55555] # List of ports you want to look for SHELLCODE on. portvar SHELLCODE_PORTS !80 # List of ports you might see oracle attacks on portvar ORACLE_PORTS 1024: # List of ports you want to look for SSH connections on: portvar SSH_PORTS 22 # List of ports you run ftp servers on portvar FTP_PORTS [21,2100,3535] # List of ports you run SIP servers on portvar SIP_PORTS [5060,5061,5600] # List of file data ports for file inspection portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143] # List of GTP ports for GTP preprocessor portvar GTP_PORTS [2123,2152,3386] # other variables, these should not be modified ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules var RULE_PATH C:\Snort\rules # var SO_RULE_PATH ../so_rules var PREPROC_RULE_PATH C:\Snort\preproc_rules # If you are using reputation preprocessor set these # Currently there is a bug with relative paths, they are relative to where snort is # not relative to snort.conf like the above variables # This is completely inconsistent with how other vars work, BUG 89986 # Set the absolute path appropriately var WHITE_LIST_PATH C:\Snort\rules var BLACK_LIST_PATH C:\Snort\rules ################################################### # Step #2: Configure the decoder. For more information, see README.decode ################################################### # Stop generic decode events: config disable_decode_alerts # Stop Alerts on experimental TCP options config disable_tcpopt_experimental_alerts # Stop Alerts on obsolete TCP options config disable_tcpopt_obsolete_alerts # Stop Alerts on T/TCP alerts config disable_tcpopt_ttcp_alerts # Stop Alerts on all other TCPOption type events: config disable_tcpopt_alerts # Stop Alerts on invalid ip options config disable_ipopt_alerts # Alert if value in length field (IP, TCP, UDP) is greater th elength of the packet # config enable_decode_oversized_alerts # Same as above, but drop packet if in Inline mode (requires enable_decode_oversized_alerts) # config enable_decode_oversized_drops # Configure IP / TCP checksum mode config checksum_mode: all # Configure maximum number of flowbit references. For more information, see README.flowbits # config flowbits_size: 64 # Configure ports to ignore # config ignore_ports: tcp 21 6667:6671 1356 # config ignore_ports: udp 1:17 53 # Configure active response for non inline operation. For more information, see REAMDE.active # config response: eth0 attempts 2 # Configure DAQ related options for inline operation. For more information, see README.daq # # config daq:  # config daq_dir:  # config daq_mode:  # config daq_var:  # #  ::= pcap afpacket dump nfq ipq ipfw #  ::= read-file passive inline #  ::= arbitrary = ::= path as to where to look for DAQ module so's # Configure specific UID and GID to run snort as after dropping privs. For more information see snort -h command line options # # config set_gid: # config set_uid: # Configure default snaplen. Snort defaults to MTU of in use interface. For more information see README # # config snaplen: # # Configure default bpf_file to use for filtering what traffic reaches snort. For more information see snort -h command line options (-F) # # config bpf_file: # # Configure default log directory for snort to log to. For more information see snort -h command line options (-l) # config logdir: C:\Snort\log ################################################### # Step #3: Configure the base detection engine. For more information, see README.decode ################################################### # Configure PCRE match limitations config pcre_match_limit: 3500 config pcre_match_limit_recursion: 1500 # Configure the detection engine See the Snort Manual, Configuring Snort - Includes - Config config detection: search-method ac-split search-optimize max-pattern-len 20 # Configure the event queue. For more information, see README.event_queue config event_queue: max_queue 8 log 5 order_events content_length ################################################### ## Configure GTP if it is to be used. ## For more information, see README.GTP #################################################### # config enable_gtp ################################################### # Per packet and rule latency enforcement # For more information see README.ppm ################################################### # Per Packet latency configuration #config ppm: max-pkt-time 250, \ # fastpath-expensive-packets, \ # pkt-log # Per Rule latency configuration #config ppm: max-rule-time 200, \ # threshold 3, \ # suspend-expensive-rules, \ # suspend-timeout 20, \ # rule-log alert ################################################### # Configure Perf Profiling for debugging # For more information see README.PerfProfiling ################################################### #config profile_rules: print all, sort avg_ticks #config profile_preprocs: print all, sort avg_ticks ################################################### # Configure protocol aware flushing # For more information see README.stream5 ################################################### config paf_max: 16000 ################################################### # Step #4: Configure dynamic loaded libraries. # For more information, see Snort Manual, Configuring Snort - Dynamic Modules ################################################### # path to dynamic preprocessor libraries dynamicpreprocessor directory C:\Snort\lib\snort_dynamicpreprocessor # path to base preprocessor engine dynamicengine C:\Snort\lib\snort_dynamicengine\sf_engine.dll # path to dynamic rules libraries # dynamicdetection directory C:\Snort\lib\snort_dynamicengine ################################################### # Step #5: Configure preprocessors # For more information, see the Snort Manual, Configuring Snort - Preprocessors ################################################### # GTP Control Channle Preprocessor. For more information, see README.GTP # preprocessor gtp: ports { 2123 3386 2152 } # Inline packet normalization. For more information, see README.normalize # Does nothing in IDS mode # preprocessor normalize_ip4 # preprocessor normalize_tcp: ips ecn stream # preprocessor normalize_icmp4 # preprocessor normalize_ip6 # preprocessor normalize_icmp6 # Target-based IP defragmentation. For more inforation, see README.frag3 preprocessor frag3_global: max_frags 65536 preprocessor frag3_engine: policy windows detect_anomalies overlap_limit 10 min_fragment_length 100 timeout 180 # Target-Based stateful inspection/stream reassembly. For more inforation, see README.stream5 preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 262144, \ max_udp 131072, \ max_active_responses 2, \ min_response_seconds 5 preprocessor stream5_tcp: log_asymmetric_traffic no, policy windows, \ detect_anomalies, require_3whs 180, \ overlap_limit 10, small_segments 3 bytes 150, timeout 180, \ ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137 139 143 \ 161 445 513 514 587 593 691 1433 1521 1741 2100 3306 6070 6665 6666 6667 6668 6669 \ 7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779, \ ports both 80 81 311 383 443 465 563 591 593 636 901 989 992 993 994 995 1220 1414 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7907 7000 7001 7144 7145 7510 7802 7777 7779 \ 7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911 7912 7913 7914 7915 7916 \ 7917 7918 7919 7920 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090 9091 9443 9999 11371 34443 34444 41080 50002 55555 preprocessor stream5_udp: timeout 180 # performance statistics. For more information, see the Snort Manual, Configuring Snort - Preprocessors - Performance Monitor # preprocessor perfmonitor: time 300 file /vasnort/snort.stats pktcnt 10000 # HTTP normalization and anomaly detection. For more information, see README.http_inspect preprocessor http_inspect: global iis_unicode_map unicode.map 1252 compress_depth 65535 decompress_depth 65535 preprocessor http_inspect_server: server default \ http_methods { GET POST PUT SEARCH MKCOL COPY MOVE LOCK UNLOCK NOTIFY POLL BCOPY BDELETE BMOVE LINK UNLINK OPTIONS HEAD DELETE TRACE TRACK CONNECT SOURCE SUBSCRIBE UNSUBSCRIBE PROPFIND PROPPATCH BPROPFIND BPROPPATCH RPC_CONNECT PROXY_SUCCESS BITS_POST CCM_POST SMS_POST RPC_IN_DATA RPC_OUT_DATA RPC_ECHO_DATA } \ chunk_length 500000 \ server_flow_depth 0 \ client_flow_depth 0 \ post_depth 65495 \ oversize_dir_length 500 \ max_header_length 750 \ max_headers 100 \ max_spaces 200 \ small_chunk_length { 10 5 } \ ports { 80 81 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000 7001 7144 7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180 8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090 9091 9443 9999 11371 34443 34444 41080 50002 55555 } \ non_rfc_char { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 } \ enable_cookie \ extended_response_inspection \ inspect_gzip \ normalize_utf \ unlimited_decompress \ normalize_javascript \ apache_whitespace no \ ascii no \ bare_byte no \ directory no \ double_decode no \ iis_backslash no \ iis_delimiter no \ iis_unicode no \ multi_slash no \ utf_8 no \ u_encode yes \ webroot no # ONC-RPC normalization and anomaly detection. For more information, see the Snort Manual, Configuring Snort - Preprocessors - RPC Decode preprocessor rpc_decode: 111 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete # Back Orifice detection. preprocessor bo # FTP / Telnet normalization and anomaly detection. For more information, see README.ftptelnet preprocessor ftp_telnet: global inspection_type stateful encrypted_traffic no check_encrypted preprocessor ftp_telnet_protocol: telnet \ ayt_attack_thresh 20 \ normalize ports { 23 } \ detect_anomalies preprocessor ftp_telnet_protocol: ftp server default \ def_max_param_len 100 \ ports { 21 2100 3535 } \ telnet_cmds yes \ ignore_telnet_erase_cmds yes \ ftp_cmds { ABOR ACCT ADAT ALLO APPE AUTH CCC CDUP } \ ftp_cmds { CEL CLNT CMD CONF CWD DELE ENC EPRT } \ ftp_cmds { EPSV ESTA ESTP FEAT HELP LANG LIST LPRT } \ ftp_cmds { LPSV MACB MAIL MDTM MIC MKD MLSD MLST } \ ftp_cmds { MODE NLST NOOP OPTS PASS PASV PBSZ PORT } \ ftp_cmds { PROT PWD QUIT REIN REST RETR RMD RNFR } \ ftp_cmds { RNTO SDUP SITE SIZE SMNT STAT STOR STOU } \ ftp_cmds { STRU SYST TEST TYPE USER XCUP XCRC XCWD } \ ftp_cmds { XMAS XMD5 XMKD XPWD XRCP XRMD XRSQ XSEM } \ ftp_cmds { XSEN XSHA1 XSHA256 } \ alt_max_param_len 0 { ABOR CCC CDUP ESTA FEAT LPSV NOOP PASV PWD QUIT REIN STOU SYST XCUP XPWD } \ alt_max_param_len 200 { ALLO APPE CMD HELP NLST RETR RNFR STOR STOU XMKD } \ alt_max_param_len 256 { CWD RNTO } \ alt_max_param_len 400 { PORT } \ alt_max_param_len 512 { SIZE } \ chk_str_fmt { ACCT ADAT ALLO APPE AUTH CEL CLNT CMD } \ chk_str_fmt { CONF CWD DELE ENC EPRT EPSV ESTP HELP } \ chk_str_fmt { LANG LIST LPRT MACB MAIL MDTM MIC MKD } \ chk_str_fmt { MLSD MLST MODE NLST OPTS PASS PBSZ PORT } \ chk_str_fmt { PROT REST RETR RMD RNFR RNTO SDUP SITE } \ chk_str_fmt { SIZE SMNT STAT STOR STRU TEST TYPE USER } \ chk_str_fmt { XCRC XCWD XMAS XMD5 XMKD XRCP XRMD XRSQ } \ chk_str_fmt { XSEM XSEN XSHA1 XSHA256 } \ cmd_validity ALLO < int [ char R int ] > \ cmd_validity EPSV < [ { char 12 char A char L char L } ] > \ cmd_validity MACB < string > \ cmd_validity MDTM < [ date nnnnnnnnnnnnnn[.n[n[n]]] ] string > \ cmd_validity MODE < char ASBCZ > \ cmd_validity PORT < host_port > \ cmd_validity PROT < char CSEP > \ cmd_validity STRU < char FRPO [ string ] > \ cmd_validity TYPE < { char AE [ char NTC ] char I char L [ number ] } > preprocessor ftp_telnet_protocol: ftp client default \ max_resp_len 256 \ bounce yes \ ignore_telnet_erase_cmds yes \ telnet_cmds yes # SMTP normalization and anomaly detection. For more information, see README.SMTP preprocessor smtp: ports { 25 465 587 691 } \ inspection_type stateful \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 \ log_mailfrom \ log_rcptto \ log_filename \ log_email_hdrs \ normalize cmds \ normalize_cmds { ATRN AUTH BDAT CHUNKING DATA DEBUG EHLO EMAL ESAM ESND ESOM ETRN EVFY } \ normalize_cmds { EXPN HELO HELP IDENT MAIL NOOP ONEX QUEU QUIT RCPT RSET SAML SEND SOML } \ normalize_cmds { STARTTLS TICK TIME TURN TURNME VERB VRFY X-ADAT X-DRCP X-ERCP X-EXCH50 } \ normalize_cmds { X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ max_command_line_len 512 \ max_header_line_len 1000 \ max_response_line_len 512 \ alt_max_command_line_len 260 { MAIL } \ alt_max_command_line_len 300 { RCPT } \ alt_max_command_line_len 500 { HELP HELO ETRN EHLO } \ alt_max_command_line_len 255 { EXPN VRFY ATRN SIZE BDAT DEBUG EMAL ESAM ESND ESOM EVFY IDENT NOOP RSET } \ alt_max_command_line_len 246 { SEND SAML SOML AUTH TURN ETRN DATA RSET QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ valid_cmds { ATRN AUTH BDAT CHUNKING DATA DEBUG EHLO EMAL ESAM ESND ESOM ETRN EVFY } \ valid_cmds { EXPN HELO HELP IDENT MAIL NOOP ONEX QUEU QUIT RCPT RSET SAML SEND SOML } \ valid_cmds { STARTTLS TICK TIME TURN TURNME VERB VRFY X-ADAT X-DRCP X-ERCP X-EXCH50 } \ valid_cmds { X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ xlink2state { enabled } # Portscan detection. For more information, see README.sfportscan # preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low } # ARP spoof detection. For more information, see the Snort Manual - Configuring Snort - Preprocessors - ARP Spoof Preprocessor # preprocessor arpspoof # preprocessor arpspoof_detect_host: 192.168.40.1 f0:0f:00:f0:0f:00 # SSH anomaly detection. For more information, see README.ssh preprocessor ssh: server_ports { 22 } \ autodetect \ max_client_bytes 19600 \ max_encrypted_packets 20 \ max_server_version_len 100 \ enable_respoverflow enable_ssh1crc32 \ enable_srvoverflow enable_protomismatch # SMB / DCE-RPC normalization and anomaly detection. For more information, see README.dcerpc2 preprocessor dcerpc2: memcap 102400, events [co ] preprocessor dcerpc2_server: default, policy WinXP, \ detect [smb [139,445], tcp 135, udp 135, rpc-over-http-server 593], \ autodetect [tcp 1025:, udp 1025:, rpc-over-http-server 1025:], \ smb_max_chain 3, smb_invalid_shares ["C$", "D$", "ADMIN$"] # DNS anomaly detection. For more information, see README.dns preprocessor dns: ports { 53 } enable_rdata_overflow # SSL anomaly detection and traffic bypass. For more information, see README.ssl preprocessor ssl: ports { 443 465 563 636 989 992 993 994 995 7801 7802 7900 7901 7902 7903 7904 7905 7906 7907 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 }, trustservers, noinspect_encrypted # SDF sensitive data preprocessor. For more information see README.sensitive_data preprocessor sensitive_data: alert_threshold 25 # SIP Session Initiation Protocol preprocessor. For more information see README.sip preprocessor sip: max_sessions 40000, \ ports { 5060 5061 5600 }, \ methods { invite \ cancel \ ack \ bye \ register \ options \ refer \ subscribe \ update \ join \ info \ message \ notify \ benotify \ do \ qauth \ sprack \ publish \ service \ unsubscribe \ prack }, \ max_uri_len 512, \ max_call_id_len 80, \ max_requestName_len 20, \ max_from_len 256, \ max_to_len 256, \ max_via_len 1024, \ max_contact_len 512, \ max_content_len 2048 # IMAP preprocessor. For more information see README.imap preprocessor imap: \ ports { 143 } \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 # POP preprocessor. For more information see README.pop preprocessor pop: \ ports { 110 } \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 # Modbus preprocessor. For more information see README.modbus preprocessor modbus: ports { 502 } # DNP3 preprocessor. For more information see README.dnp3 preprocessor dnp3: ports { 20000 } \ memcap 262144 \ check_crc # Reputation preprocessor. For more information see README.reputation preprocessor reputation: \ memcap 500, \ priority whitelist, \ nested_ip inner, \ whitelist $WHITE_LIST_PATH\white.list, \ blacklist $BLACK_LIST_PATH\black.list ################################################### # Step #6: Configure output plugins # For more information, see Snort Manual, Configuring Snort - Output Modules ################################################### # unified2 # Recommended for most installs # output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types # Additional configuration for specific types of installs # output alert_unified2: filename snort.alert, limit 128, nostamp # output log_unified2: filename snort.log, limit 128, nostamp # syslog # output alert_syslog: LOG_AUTH LOG_ALERT # pcap # output log_tcpdump: tcpdump.log # metadata reference data. do not modify these lines include classification.config include reference.config ################################################### # Step #7: Customize your rule set # For more information, see Snort Manual, Writing Snort Rules # # NOTE: All categories are enabled in this conf file ################################################### # site specific rules include $RULE_PATH\local.rules include $RULE_PATH\app-detect.rules include $RULE_PATH\attack-responses.rules include $RULE_PATH\backdoor.rules include $RULE_PATH\bad-traffic.rules include $RULE_PATH\blacklist.rules include $RULE_PATH\botnet-cnc.rules include $RULE_PATH\browser-chrome.rules include $RULE_PATH\browser-firefox.rules include $RULE_PATH\browser-ie.rules include $RULE_PATH\browser-other.rules include $RULE_PATH\browser-plugins.rules include $RULE_PATH\browser-webkit.rules include $RULE_PATH\chat.rules include $RULE_PATH\content-replace.rules include $RULE_PATH\ddos.rules include $RULE_PATH\dns.rules include $RULE_PATH\dos.rules include $RULE_PATH\experimental.rules include $RULE_PATH\exploit-kit.rules include $RULE_PATH\exploit.rules include $RULE_PATH\file-executable.rules include $RULE_PATH\file-flash.rules include $RULE_PATH\file-identify.rules include $RULE_PATH\file-image.rules include $RULE_PATH\file-multimedia.rules include $RULE_PATH\file-office.rules include $RULE_PATH\file-other.rules include $RULE_PATH\file-pdf.rules include $RULE_PATH\finger.rules include $RULE_PATH\ftp.rules include $RULE_PATH\icmp-info.rules include $RULE_PATH\icmp.rules include $RULE_PATH\imap.rules include $RULE_PATH\indicator-compromise.rules include $RULE_PATH\indicator-obfuscation.rules include $RULE_PATH\indicator-shellcode.rules include $RULE_PATH\info.rules include $RULE_PATH\malware-backdoor.rules include $RULE_PATH\malware-cnc.rules include $RULE_PATH\malware-other.rules include $RULE_PATH\malware-tools.rules include $RULE_PATH\misc.rules include $RULE_PATH\multimedia.rules include $RULE_PATH\mysql.rules include $RULE_PATH\netbios.rules include $RULE_PATH\nntp.rules include $RULE_PATH\oracle.rules include $RULE_PATH\os-linux.rules include $RULE_PATH\os-other.rules include $RULE_PATH\os-solaris.rules include $RULE_PATH\os-windows.rules include $RULE_PATH\other-ids.rules include $RULE_PATH\p2p.rules include $RULE_PATH\phishing-spam.rules include $RULE_PATH\policy-multimedia.rules include $RULE_PATH\policy-other.rules include $RULE_PATH\policy.rules include $RULE_PATH\policy-social.rules include $RULE_PATH\policy-spam.rules include $RULE_PATH\pop2.rules include $RULE_PATH\pop3.rules include $RULE_PATH\protocol-finger.rules include $RULE_PATH\protocol-ftp.rules include $RULE_PATH\protocol-icmp.rules include $RULE_PATH\protocol-imap.rules include $RULE_PATH\protocol-pop.rules include $RULE_PATH\protocol-services.rules include $RULE_PATH\protocol-voip.rules include $RULE_PATH\pua-adware.rules include $RULE_PATH\pua-other.rules include $RULE_PATH\pua-p2p.rules include $RULE_PATH\pua-toolbars.rules include $RULE_PATH\rpc.rules include $RULE_PATH\rservices.rules include $RULE_PATH\scada.rules include $RULE_PATH\scan.rules include $RULE_PATH\server-apache.rules include $RULE_PATH\server-iis.rules include $RULE_PATH\server-mail.rules include $RULE_PATH\server-mssql.rules include $RULE_PATH\server-mysql.rules include $RULE_PATH\server-oracle.rules include $RULE_PATH\server-other.rules include $RULE_PATH\server-webapp.rules include $RULE_PATH\shellcode.rules include $RULE_PATH\smtp.rules include $RULE_PATH\snmp.rules include $RULE_PATH\specific-threats.rules include $RULE_PATH\spyware-put.rules include $RULE_PATH\sql.rules include $RULE_PATH\telnet.rules include $RULE_PATH\tftp.rules include $RULE_PATH\virus.rules include $RULE_PATH\voip.rules include $RULE_PATH\web-activex.rules include $RULE_PATH\web-attacks.rules include $RULE_PATH\web-cgi.rules include $RULE_PATH\web-client.rules include $RULE_PATH\web-coldfusion.rules include $RULE_PATH\web-frontpage.rules include $RULE_PATH\web-iis.rules include $RULE_PATH\web-misc.rules include $RULE_PATH\web-php.rules include $RULE_PATH\x11.rules ################################################### # Step #8: Customize your preprocessor and decoder alerts # For more information, see README.decoder_preproc_rules ################################################### # decoder and preprocessor event rules include $PREPROC_RULE_PATH\preprocessor.rules include $PREPROC_RULE_PATH\decoder.rules include $PREPROC_RULE_PATH\sensitive-data.rules ################################################### # Step #9: Customize your Shared Object Snort Rules # For more information, see http://vrt-blog.snort.org/2009/01/using-vrt-certified-shared-object-rules.html ################################################### # dynamic library rules # include $SO_RULE_PATH/bad-traffic.rules # include $SO_RULE_PATH/chat.rules # include $SO_RULE_PATH/dos.rules # include $SO_RULE_PATH/exploit.rules # include $SO_RULE_PATH/icmp.rules # include $SO_RULE_PATH/imap.rules # include $SO_RULE_PATH/misc.rules # include $SO_RULE_PATH/multimedia.rules # include $SO_RULE_PATH/netbios.rules # include $SO_RULE_PATH/nntp.rules # include $SO_RULE_PATH/p2p.rules # include $SO_RULE_PATH/smtp.rules # include $SO_RULE_PATH/snmp.rules # include $SO_RULE_PATH/specific-threats.rules # include $SO_RULE_PATH/web-activex.rules # include $SO_RULE_PATH/web-client.rules # include $SO_RULE_PATH/web-iis.rules # include $SO_RULE_PATH/web-misc.rules # Event thresholding or suppression commands. See threshold.conf include threshold.conf 
Thank you so much.
submitted by Filemeunderground to snort [link] [comments]


2018.11.12 09:11 Aidong I finally have my shot at tech sales after months of persistence, how to best make use of my time?

Hi Everyone,
I’ve been in the IT industry almost ten years since graduating high-school. I finally have my shot in tech sales with a large-ish MSP with no formal sales training program and more of a tendency to learn via osmosis. The situation I’m in is a little different, so bare with me whilst i try and explain a few of the key points.
The MSP I’ve been working for has granted me the ability to move into sales for three days out of five per week. I’m working at a new branch of this MSP opened in another state. I work alongside a state manager, of whom, is the CEO of his own company that the MSP I work for is an exclusive business partner and provider for. This person is a personal friend as well as a mentor, however due to wearing two hats, working along side him isn’t always time effective or convenient for him, thus making osmosis not as effective.
I’m ready to hit the ground running, and I’ve already pipe-lined $40k potential GP which all potentially look at close dates early next year. As my role is an experimental one, i can effectively do whatever I need to bring (new and existing) business into this new branch (Sales producing GP, or BDR bringing in recurring revenue streams etc. I’m having difficulties in ascertaining where to start and how to best make use of my time with the other reps being in other states and having to set appointments often days into the future with them as to ask as many questions as i can in a block of time.
I’m not too focused on making commissions as I’m still being paid a good technician salary for the time being. I’m more focused on creating a ‘WOW’ factor and letting the numbers do the talking by bringing in new customers and a good number of closed sales. I can sell products such as cloud services, managed service agreements, complex data MPLS networks (Nations largest ISP enterprise level partner) alongside wireless point to point bridging, VoIP systems as well as your standard day to day account management pieces such as PCs, Laptops, hardware and software.
If anyone has a few tips, that would be fantastic. It’s quite frustrating being given this chance, but having to wait around for half a day on your already limited time. I know that I’ll be able to start connecting the dots and trying new things once I have a few ideas to go forth and try.
Cheers!
submitted by Aidong to sales [link] [comments]


2018.09.05 13:51 fatstupidlazypoor vendor invoice management and approval

good morning-
I run an ISP/NSP that is part of a larger company that also provides cloud, proserv and managed services.
I mention that first because it means I'm somewhat wedged into using certain software, and using outboard stuff is an uphill battle.
My business unit provides traditional NSP type stuff: DIA, MPLS, L2 services. We have some of our own fiber, but most of our work is done via NNIs (about 40) as well as some "managed broadband" stuff (where we hold paper on normal broadband circuits, coax, DSL, etc). We also do managed firewalls (which we couple with managed broadband).
The company uses Connectwise and it's not going anywhere. The company also uses ITGlue, Sharefile and Sharepoint, and it's unlikely they are going anywhere. My group uses Solarwinds Orion NPM.
My challenge is invoice approvals and linking vendor account info back to our own records of service delivery. We get about 300 invoices a month.
I'm looking for a scheme whereby I establish cannonical storage of the invoices that also me to associate arbitrary attributes to the invoices (like, linking to structured account info) as well as received dates, paid dates, approval status, and so on.
One feature of this scheme would be that if an invoice (and it's various dollar amounts) is linked to revenue, and the revenue and supporting agreement is not changed from the previous month, it would be approved without much (if any) human effort. The back office could do this without my team's involvement.
There's other stuff too - like my support staff being able to quickly drill into an invoice for a delivered services (going from monitored element in Solarwinds, our Agreement with the customer, and then to the structred account info, and then into spefici invoices if more details is needed).
Or, if we want to do a cost drive-down, we can select all the accounts/invoice based on various attributes and focus on them.
Etc etc.
Just looking for some tool/process ideas from y'all.
Thanks!
submitted by fatstupidlazypoor to networking [link] [comments]


2018.05.19 06:15 SicSemperTympanis Phishing emails spiraling out of control

Need help desperately with best practices on securing accounts and getting a hold of a shit siutation in a hybrid environment. Work in a small department for a big company. Theres the help desk (3 techs) network manager, and cto. Network manager is doing his best to get the company up to date. Switching from Citrix to azure in a month. upgragding from mpls to sdwan is on going. Switching to hosted ip pbx is ongoing. GPO is not an option because remote users use local profiles. Email security was just upgraded to Mimecast a few months back. Had initial growing pains, false positives with spam filter and spoofing, salesforce...
After that it was blue skies until Wednesday when a trusted source outside the organization had his credentials phished. One of our users was a target and got his creds phished Needless to say mass emails left his account to internal and external address. Users in our org, who never dealt with the guy, were opening up the email titled invoice, "unable to see the files after signing in" and asked their colleagues to try and open it. So from W-F we've been securing accounts.
Network manager did some damage control by putting some onus on users in a conference call with the VPs
Rate our process for securing accounts 1. Change password in 0365 admin portal 2. Force sign out of all devices in portal admin 3. Audit email rules by signing in as user in portal 4. Audit forwarding rules 5. Virus scan local computer. Once completed provide user with new password and document all rules, and scan results.
Having to do this for 50 users with only 2 tech's, one doesn't pull his weight (while the network manager was in another state doing a p2p deployment) was draining. Looking for proactive measures instead of reactive.
Heres what i have so far 1. Discovered Azure Active Directory and risky sign ins. Think we may have gotten ahead of the compromised emails just in time for the weekend. 2. made a URL protection policy in mimecast with a very aggressive definition, unfortunately I cannot test this until monday, bc outbound emails don't pass through mimecast, will have to route outbounds to mimecast via connectors in admin portal (right?) So that mimecast can apply policy. Problem is this can interrupt multifunction devices and other services according the network mamager. Hopefully this pans out
That's it. Questions: can I limit user outbound emails in office 365? Can I do this in mimecast? Can I (global admin) audit rule creation for other user accounts in PowerShell exchange session or anywhere else(want to see time and date specifically)? Any other suggestions? Truthfully, how much onus is on the user and how much is on IT?
Any help is appreciated
submitted by SicSemperTympanis to sysadmin [link] [comments]


2018.03.27 19:26 RadiusPoint [Hiring] Provisioning Specialist

Job Summary
RadiusPoint is recruiting for a full time Provisioning Specialist who will be working in a customer focused environment providing operational support to our clients. This is a unique opportunity that blends customer service skills with telecom, wireline and utilities knowledge. We are looking for positive individuals who are in search of a career, and not just a job; who are like-minded in wanting to help grow the company as well as ensure 100% client satisfaction.
Responsibilities and Duties
Respond to service and repair requests for add/moves/changes/disconnects by preparing and completing telecom/utilities work orders. Responsible for the lifecycle of all telecom/utility orders by acting as a liaison between customers and various vendors. Work closely with project managers on large scale enterprise deployments to meet customer’s unique requirements. Work with clients and vendors to obtain up-to-date and accurate information before placing orders. Coordinate with clients and vendors to schedule installations, moves, additions and disconnections Follow-through communication on open carrier escalations and provisioning. Support Full Life Cycle Management of Telecom Audit and Analysis by utilizing our proprietary software ExpenseLogic. Providing customized reports for clients (associating services by Cost Centers, G/L codes, etc.) Perform all other duties as assigned Requirements
Candidate will have a solid background in telecom and facilities provisioning and support. This person will need to excel in a fast-paced, dynamic environment with the ability to multi-task and provide support across a complex enterprise infrastructure. Experience with enterprise level telecom and utility MACD (Moves, Adds, Changes and Disconnects) in a day to day environment. Conceptual knowledge of MPLS/VoIP/TDM/PBX as well as facilities services such as power, water, waste, and other utilities a plus. Ability to communicate effectively with clients and vendors. Organizational and time management skills a must. Ability to prioritize deadlines and openly initiate communications with management team if deadlines appear to be at risk. Proficiency with MS Office, especially advanced knowledge of Excel Multilingual a plus Positive attitude, collaborative team player, who cares about the success of their fellow team mates
Benefits
Our company is focused on a great work/life balance, as well as serving the community. We offer a range of benefits, as well as a volunteer program. We are excited about finding the perfect candidate for this position who we can help grow within the company, as well as use their skills to help the company grow.If you are interested in this position and have all of the above requirements, please go to this site:
http://www.ondemandassessment.com/verify/apply/SqevmDv/DahCTEnT
Upload your resume and take a quick pre-employment test
You must be eligible to work in the US. We administer pre-employment testing, background checks and drug tests.E.O.E./M/F/H/V
Job Type: Full-time
Salary: $15.00 to $17.00 /hour
submitted by RadiusPoint to OrlandoJobs [link] [comments]


2017.09.07 20:23 jchaven Alternatives to Level 3?

Current L3 customer that is becoming increasingly discouraged with their customer service. Seems they can never commit to an actual date for turn-ups and disconnects and keep dragging things out.
In the past we have used MCI Worldcom, ITC Deltacom, and TWTelecom before they were bought-out by L3. I know of AT&T but, considering how they operate their phone service, I see that being more of a cluster than L3. AFA Earthlink Business, TWC Business, etc. I cannot see any of these guys working out either.
Are there equally big service providers like L3 that can cover the Southeastern US that would allow us to connect our locations using something like MPLS?
Thanks in advance!
submitted by jchaven to networking [link] [comments]


2017.08.20 20:39 socalmdb ISP Recomendation

Hi networking. I'm hoping that some of you could provide some thoughtful input on an ISP recommendation.
Our incumbent provider (let's call them $BreezeCreek), does a fair enough job keeping the packets flowing, but God help you if you need to make a change or request a repair. Something as simple as a route change can take two weeks or ten minutes. They are wildly inconsistent with their customer service. Currently, I've been waiting 9 months for them to deliver a fiber circuit after we moved a building to a new location. ***disclaimer, LEC needed to build out facilities, but that has been completed for three months and $BreezeCreek still can't give me an FOC date. Frankly, this is the straw that is breaking the back of that poor, overworked camel.
We currently have 8 facilities of various sizes spread across the southwest. At the three larger ones, we have 100mb fiber with 12mb T-1 backups. At the remaining smaller facilities, we do 3mb T-1s. On these circuits, $BreezeCreek provides internet, MPLS, and SIP trunking services.
What are you guys using these days for connectivity? Who do you recommend as a provider?
submitted by socalmdb to networking [link] [comments]


2017.06.29 22:31 Jarunik Log of AMA with Skycoin

boldninja Let's all give a warm welcome to @synth from SkyCoin.net and for taking the time to do this AMA
synth *hello
mike Hi Synth
jakethepanda Hey @synth
thrice.pi Hey synth
dr10 Hi
boldninja I think we can start - you guys know the drill. Give him some time to respond (no more than 2-3 questions on backlog so he can catch up)
dr10 How would you - shortly & in easy words - sum-up the advantages of SkyCoin to magazines and non-crypto people?
mgaruccio Can you explain a bit about the mesh net? Is it just an mpls network between nodes or is there something deeper going on?
michaelthecryptoguy Whassup @synth
tranzer hi synth. I have a question - are those coins that are not in circulation in any cold wallets since only a portion is currently available according to CMC? What would you say is the 1 unique feature that Skycoin has?
synth It is very difficult, because Skycoin is a very large project and already has +6 years of development. Different parts of the project have different objectives.
The cryto, coin part is about solving the problems with the existing consensus algorithms. Being able to do +300 transactions a second, transactions in seconds instead of minutes (faster than credit cards), eliminating miners, eliminating block rewards (eliminating inflation) and eliminating 51% attack and the other problems with mining.
then there are other repos and experimental projects under github.com/skycoin such as a meshnet and distributed VPN prototype, where people will be paid coins for forwarding traffic. Also prototypes of distributed social media application, with peer to peer data replication and different experimental projects. Research into immutable data structures for next generation internet. Some of them are very radical.
dr10 How does the Network consensus algorithm Obelisk work and differ from widely known algorithms like Proof of Work and Proof of Stake?
mgaruccio So how much exists today? Could I build an app on the platform if I wanted to?
mike In terms of the rate of progress, what is currently your greatest limiting factor - like funding, manpower, currently available technology?
synth
Can you explain a bit about the mesh net? Is it just an mpls network between nodes or is there something deeper going on?
It is not actually a meshnet. It is software defined networking, it is much more powerful than just meshnet. Its a new type of networking and new completely new protocol and networking namespace, independent of the existing internet.
It supports source routing, while the existing internet does hot potato routing, so never achieves optimal latencies.
It supports multi-homing, which IPv6 does not (Which is critical for when we have gigabit or terabit networking and multi-redundant bandwidth paths)
It has default oppurunistic crypto, both link layer and end to end; so everything is encrypted by default, unlike the current internet.
It has store and forward networking and will operate in Africa or even under conditions where latencies are in the minutes or hours and packet loss is excessive. Where existing protocols cannot operate reliability. It is much more robust than IPv4/IPv6 or TCP/ip
It has improved privacy. If a packet takes a route that is 10 hops, each hop only knows the previous node in the route and the next node in the route. It is not like IPv4 where each packet gives the source and destination. The privacy level is something that does not exist on the current internet.
IP addresses are replaced by public key and no one can read traffic to a destination, without knowing the private key of the public key that identifies the destination. The system does not need 3rd parties or certificate authorities. The design is a revolution.
are those coins that are not in circulation in any cold wallets since only a portion is currently available according to CMC?
The coins are locked into 100 addresses, each with 1 million coins each. And they are released sequentially.
There is a complicated locking procedure and releasing new coins requires unamious consent and a shared secret among a group of developers. Anyone in the shared secret group can block distribution of more coins (to stop the problem that killed NXT). So by design the coins were supposed to be difficult to distribut, there had to be a good reason or justification before a distribution would be approved.
mike What are the hardware requirements to operate a wireless Skywire (the name for the protocol described above) Node?
arc-over-water nxt i think is doing ok..
synth
How does the Network consensus algorithm Obelisk work and differ from widely known algorithms like Proof of Work and Proof of Stake?
PoS and PoW use miners. Miners receive new coins every block as a block reward. So miners are making money and will fight to control the network. An everyone will suffer because the newly created coins represent inflation.
Skycoin was designed to eliminate mining and eliminate the inflation. No block rewards, no new coins. And we needed to develop a new consensus algorithm to do that and there are only a few methods that work, for these constraints. The consensus algorithm is based upon Ben-Or's randomization procedure for achieving consensus in a distributed system, with some improvements for detecting adversarial or malicious nodes who are trying to prevent the consensus process.
There are white papers on skycoin.net about the specifics. I would call it "network consensus" and it uses a sort of Web of Trust (WoT), where if the people creating blocks are doing a bad job or attacking the network, then the community can get rid of them. At the same time, the people who control the network, do not have any real power to attack the network except by slowing down transactions and being annoying, so even if they become malicious the only issue is how to get rid of them and select new people.
mike Any idea when Skywire will be released and ready to test on hardware nodes (testnet or mainnet)?
mgaruccio So if there is no block reward what is the incentive to run a node?
vega What will be the actual function of Skycoin (the coin itself)? Will the coin be used as currency, as transfer of value in and between all these various developing functionalities, semi-separate projects to tie them all together or it's function will be more limited?
michaelthecryptoguy Do you have an idea on the specs of a node that would be required? In the beginning? What about with 10,000 users? (edited)
synth
nxt i think is doing ok..
There were three people that each owned 30% of the coin. One decided he wanted out and began dumping. NXT was over 150 million I think. When he started dumping, it basicly killed NXT.
Skycoin's distribution was designed to stop dumping by the founders and early people.
After Skycoin gets to 30% of the total coins distributed, there will probably a hard time lock on the remaining coins, so that a maximum of 5% of the remaining coins can be released per year. So the distribution for the other 70% of the coins will take a minimum of 14 years (and could be longer).
We cannot even sell the rest of the coins, because if we sold 10% of the total now at $5 per coin, it would be 50 million or something and we cannot spend or even use that amount of money. Not at this stage.
Ethereum spent 30 million or 70 million in their first year or two after the ICO and then nearly went bankrupt. Silicon Valley wages and offices etc. We have been very conservative and have kept costs down and kept them responsible. Now we have coins like EOS and they want to raise a billion dollars and have not produced anything yet, do not hav a blockchain and I have no idea what they would spend that money on, but they are throwing $350,000 parties in time square for marketing/PR etc...
arc-over-water what prevents you from selling? anybody can spend that amount of money?
nxt is a newer platform than sky, market value is $220 million plus $166 million, I get what you are saying but the evidence is wrong. Community is huge and active in Nxt. But you say it is killed, i dont get it?
synth
What will be the actual function of Skycoin (the coin itself)? Will the coin be used as currency, as transfer of value in and between all these various developing functionalities, semi-separate projects to tie them all together or it's function will be more limited?
Yes. Bitcoin has no purpose. An altcoin does two things - check your balance - send money to other people
Two features - check balance - send
For a coin to have value, people need to be forced to buy it to consume specific services. There has to be stuff for people to spend the coin on, that there is demand for.
So Bitcoin is really just a purely speculative asset. It generates no cashflow and its value is determined by perception or social convention.
Ideally, Skycoin would start off as a "better Bitcoin" (faster, more secure, new algorithm, simplier, etc), then over time we would build up an ecosystem and have some type of backing and tie the coin's value into the network and usebase.
The mesh netork (skywire) is good, because it gives something for people to do to get coins and it allows people to consume the coins. You can run your internet traffic through a VPN that tunnels over Skywire and maybe it will be a nominal amount (actually absurdly small amount of money), but there would be real economic activity and a real userbase and community using the coin. Not just speculation.
Later on the scope is much wider.
arc-over-water So the skycoin wallet will be a VPN for our internet usage?
synth
nxt is a newer platform than sky, market value is $220 million plus $166 million, I get what you are saying but the evidence is wrong. Community is huge and active in Nxt. But you say it is killed, i dont get it?
What I am saying, is that NXT would be a lot further along than it is now and probably around where Ethereum is, except for that mistake in the distribution and keeping it too concentrated. It set them back by years. They did not consider what the impact on the price would be, over the long term, when one of the early whales started selling off or decided he wanted out.
arc-over-water But they did the same again with IOTA, same lead dev.. Its over a $Billion
they released and let the market price distribute
synth
So the skycoin wallet will be a VPN for our internet usage?
The VPN is just one application, that uses bandwidth over Skywire. There are several things in development.
This is a BBS like 4chan, that is completely distributed, with CXO. https://github.com/skycoin/bbs
It will run over Skywire also, This is like building a whole new internet from scratch. The apps that run on it are going to specialized and privacy focused, etc GitHub skycoin/bbs Contribute to bbs development by creating an account on GitHub.
mike So Skycoin is a Proof of Resource coin where its value is actually backed by provision of a useful service, in this case private and secure networking? Are there plans to add decentralized storage and even distributed processing to it?
arc-over-water so these 100 separate million coin accounts will be 100 ICOs or how is the distribution patterned? is it written into the code or up to the devs?
rockyj !calculate
slackbot Custom Response https://docs.google.com/spreadsheets/d/1FGo3FkC3uSWXGHatPQyny2brMWjAIJsHFCR-Lhkl_m0/edit#gid=0
synth
So if there is no block reward what is the incentive to run a node?
running a consensus node does not cost anything. You can run it on a raspberry pi.
The important thing is that if the people doing consensus are doing a bad job, that the community can get rid of them and replace them. The other important thing, is that they can be audited and determined automatically if they are obeying the protocol.
the miners in skycoin are not very powerful and cannot do anything except slow down transactions. They are unable to spend other people's money without their private keys, so the consensus/mining nodes are almost irrelevent. It is not like Bitcoin where the miners can hold the network hostage or act selfishly (driving up the transactions fees for their own personal benefit and delaying any innovations that would improve bitcoin for everyone, etc).
So Skycoin is a Proof of Resource coin where its value is actually backed by provision of a useful service, in this case private and secure networking? Are there plans to add decentralized storage and even distributed processing to it?
We have decentralized storage, which is called CXO. But only the bandwidth is monetized by Skywire. We do not nickle and dime and try to attach a coin cost to every API call. Everything that should be free is free. So its a different philosphy.
On top of CXO we also have distributed social media applications (simmilar to Steemit)
CXO is very similar to IFPS, but simplier and designed for our internal infrastructure and with our crypto standards, instead of being a mismash.
mike Is it possible for Skycoin to choose the best paths and route around bad or slow nodes as damage to the network, in effect reducing their impact on consensus?
looks like you answered the question above while I was typing...
tranzer How many tx/s can skycoin handle? What are block times?
thrice.pi 300 right? ^
arc-over-water on your website it says you will have a NON- Turing complete lisp language?
synth
so these 100 separate million coin accounts will be 100 ICOs or how is the distribution patterned? is it written into the code or up to the devs?
We will have a distribution page, up on the website soon. Its complicated.
Skywire, is designed to pull coins out of circuation, through a sort of tithe on network activity and it does automatic buy backs effectively. So the distribution will actually peak and then decline. But one distribution is from the locked coins, and the locked coins are freed, then circulate, then end up at the foundation (from the skywire tithe are pulled out of circulation), but still count towards the free float.
The coin holders also receive a coinhour dividend and there will be a market rate conversion between coin hours and Skycoins and coinhours are the actual currency for the Skywire network. If you do not have enough coin hours, then you sell Skycoin for CoinHour at the market rate, to purchase bandwidth; but if you have a lot of coins then you have enough coin hours for downloading movies or VPN or whatever you are doing and it is essentially free.
So there is a dual level economic structure. Both with coin buybacks to pull coins out of circulation and with a dividend or incentive to encourage users to hold the coin if they are using the network.
arc-over-water so there will be two currencies, holding one reserves the other
synth
Is it possible for Skycoin to choose the best paths and route around bad or slow nodes as damage to the network
Yes. This is very important.
The person dialing a connection, chooses the path of the connection!
You can choose the lowest latency path for video games or Skype, and choose highest throughput paths for video downloads etc. Or can choose paths through specific nodes or facilities or countries, for security concerns and to minimize the number of points that the traffic could be intercepted at.
mike Will Skycoin still have the node subsidy plan for setting up and registering the mesh nodes like originally planned?
dr10 When do you plan to be able to present your planned technology and services to the masses? When can they use what you try do accomplish?
synth
on your website it says you will have a NON- Turing complete lisp language?
That is probably an error. LOL. We will have a new website soon.
There is no scripting language on the skycoin blockchain. Each transaction is constant time (for efficiency and security and to achieve the highest transaction rate and to keep the coin simple).
However, we have a language called CX in development, which is a next generation language that is beyond "smart contracts" and the toy things on ethereum. It uses immutable datastructures and is something completely new. Most of the skycoin "smart contracts" will probably be off blockchain or in personal blockchains and we do not want to shove all the data onto the main chain, because forcing everyone to download everyone one elses contracts it the world is just spamming the blockchain to death. There are better ways to do it.
Will Skycoin still have the node subsidy plan for setting up and registering the mesh nodes like originally planned?
Yes. We are going to get from 20% to 30% distributno of the coins, through network incentives for people running Skywire nodes, consensus nodes and services.
I think this is going to be massive for marketing. And it is the best way to get the coins out to the users, instead of all the coins being held by whales
samuelvihollandia I read how you suggest Skycoin could be used for VPN connections, is this the largest use case you see?
arc-over-water Maidsafe has been working on the redesign of the net for about ten years, what are you doing the same and what different?
synth
I read how you suggest Skycoin could be used for VPN connections, is this the largest use case you see?
No. This is just something easy, that we have working. Its not the largest applicatoin at all.
80% of internet traffic right now is bitorrent and the bitorrent sites are being systematically shutdown and driven off the internet. They wont go away, but will jut go underground. What.cd (largest music tracker, with 800k people) was just shut down, bakabt (largest anime tracker) has gone closed registration, Nyantorrent etc...
User communities of millions of people will be migrating from the clearnet (the existing corporate shit-net) to the "new internet". We are going to see people migrating by the millions, whole user communities of millions of people.
arc-over-water Are you a corporation or foundation or charity? Registered? I am not sure i have seen anything about who you are? What is the dev team size? Background? - Maidsafe is open and clear so is IOTA and Stellar etc. Can you let us know who you and your team are? Especially you are talking about 15 year and up obligations..
techbytes Do we need to hold skycoin to run Skywire nodes or consensus nodes like masternodes from other coins?
synth
Maidsafe has been working on the redesign of the net for about ten years, what are you doing the same and what different?
Maidsafe is in version 2 or 3. Maidsafe will not have a real coin until version 9. Each version takes them about two or three years. Maidsafe will not be "done" or ready for atleast 18 years at this rate.
Skycoin has been in development for ~6 years and the meshnet for 4 years and it will be finished in a few months. To the poin that people can start using it.
Skycoin is similar to maidsafe in the objective, but has a different approach and architecture and primitives. We did not try to do everything, but focused on a smaller, tractable core and got that done.
There will be multiple projects in this space, but few teams are able to plan on the time horizon necisary for building a new internet or able to design each of the components of a system this large, or figure out how to do it so that it is useful at each stage of construction of a project that may take a decade. (edited)
mike Can you see a way for Ark and Skycoin to build on each other in a synergistic manner? I'm all for not reinventing the wheel, especially when it looks like it will be replaced with antigravity like Skycoin.
I see Skycoin as essentially replacing TCP/IP and providing mesh network type functionality at the hardware level, Ark would run on top of it as a top level application layer.
arc-over-water are you up to date on Maidsafe, they are nearly out of Alpha and its more like release early next year? But that being said, Maidsafe says once it is released it is like a virus or AI type, so does Tau Chain, and also Autonomic by HunterMinerCrafter, are we heading towards AI with Maid, Sky Tau and Autonomic?
dr10 smartbridge now! :kappa:
mike So Skycoin would act as a sort of global decentralized cloud server to build on top of.
To communicate, it is more like sharing encrypted files to selected recipients than it is sending messages or hosting sites on a specific server.
synth
Are you a corporation or foundation or charity? Registered? I am not sure i have seen anything about who you are? What is the dev team size? Background?
I think there are over ~60 people who have worked on Skycoin or have made major contributions. Its really a project from the darknet.
Many of the contributors are anonymous. Some of them have security clearances and were in the military industrial complex and one of them worked at the San Diego Naval Defence Research Lab and a lot of the idea for the networking protocols came out of public sector academic researched, funded from there.
We also have a lot of very very early Bitcoin people, hardcore crypto people that predate Bitcoin and an Ethereum core developer, etc..
On the Chinese side we have an early investor in Alibaba and telecom investor. And are doing pilot with china aviation group (owns four publicly traded airline companies) and apparently now Sinopec (which is 2nd largest publicly traded corporation in world).
Then we have people who are part of israeli and US intelligence and are probably doing some sort of money laundering or phychological operations background, who just showed up for some reason. This group seems very interested in the "applications" of these coins and how to improve tranaction privacy and the specifics of the CoinJoin protocol implementation. We got a lot of advice from people experienced in forensic accounting and what they wanted to see and where they felt Bitcoin was deficient and where it leaked metadata.
Then a bunch of PHD level people doing research into distributed database consensus algorithms and another group doing programming language research.
Then a lot of people from the deep darknet, anon, frog twitter and cipher punks and bitorrent communities. (really should be listed as two seperate groups). And people from the Russian darknet community. We have like eight Ivans. (edited)
I see Skycoin as essentially replacing TCP/IP and providing mesh network type functionality at the hardware level, Ark would run on top of it as a top level application layer.
Yes. The key functionality is two things - connecting to people by public key (networking) - distributing self validating, immutble data peer to peer (transactions, blocks etc... content addressible storage)
And you can build almost anything on those two building blocks. The whole internet will eventually be rewritten on top of those primitives and it will replace many of the existing protocols.
arc-over-water Who is the entity that is funding this? I think you have done 2 ICOs? How much did you receive? The first was 10c and the second was @ 50c per coin, released 6 million, is that correct?
samuelvihollandia Are you planning to enter a different exchange market soon?
arc-over-water Have you personally been in Sky from the start? What members have? Who allocates the ICO money etc... I hope you understand that decentralization with investment is a two edged sword, we invest in people but we cannot know these people.... So... we question.. (edited)
thrice.pi with all these outside parties that helped to build skycoin and bring it where it is today who are the main core team who will help to keep all these cool features running. Will these outside parties be recruited for the long haul?
synth
Who is the entity that is funding this? I think you have done 2 ICOs? How much did you receive? The first was 10c and the second was @ 50c per coin, released 6 million, is that correct?
The people who funded the project for the first four years, were early bitcoin and deep crypto people; who were unhappy with the fact that Bitcoin and the other alts did not seem concerned about the core issues at all. They gave us over 1200 bitcoin I think, over several years and did not ask for anything in return.
The early Skycoin devs were doing academic research, architecture and new algorithms. Prototyping and simulation. The later stage people were more project managers and doing implementation.
We did four ICOs for small amounts, to fund development and to allow developers working on the project to buy in. The first ICO I remember was at $0.10 per coin and the price now is about $4.00 per coin, so its up ~35x or 40x, but when you consider the Bitcoin price going from $100 to $3000, the increase has not been so much. lol (edited)
arc-over-water With the price up 35x in about 1 year, is it not now time to cool the run up and release another ICO? At what amount of coins released and what procedure?
mike Would Intel Edison or Joule, or Samsung Artik 10 work well as a Skywire wireless node? They have 2 Gb-8 Gb RAM, 8-64 Gg eMMC storage, 802.11n wireless, bluetooth, and some with Zigbee?
synth
Have you personally been in Sky from the start? What members have? Who allocates the ICO money etc... I hope you understand that decentralization with investment is a two edged sword, we invest in people but we cannot know these people.... So... we question.
I think there wer three different groups that merged together in first three years, that had similar objectives. Because the code was in different language. There was python, C code and then eventually golang and the golang code became the basis for the current codebase.
The way the coin allocations work, is that it requires unamimious consent for releasing coins and it has to be for a specific, ear marked purpose and can be blocked by any of the devs.
Then there is a pool of coins in bitcoin for various project managers to allocate. And that is an operational fund for paying developers, contractors, marketing etc. Then different people have different responsibilities.
Then we also have corporate funding and sponsorship and some companies paying our full time devs etc, which helps a lot.
arc-over-water Silicon Valley (TV SHOW) recently had their decentralized web running on a network or refrigerators? So i would guess, smart phones, smart gadgets? Home gadgets etc could add services and receive rewards from Sky?
mike best would be a totally open source and publicly audited manufactured system on a chip for the nodes to prevent any backdoors. Even chip designers now don't really know what they're putting into the chips since they just drag and drop black boxes known as IP cores into the ASIC designs.
synth
With the price up 35x in about 1 year, is it not now time to cool the run up and release another ICO? At what amount of coins released and what procedure?
I think the Skycoin price has been doubling every 40 days, for as long as I can remember. However, it will still be years before it is in the top 20, its still a long way to climb. It took bitcoin years to go from 0 to $1, even though it was growing at 1% per day the whole time for six years.
best would be a totally open source and publicly audited manufactured system on a chip for the nodes to prevent any backdoors.
we are going to use arm
arc-over-water IOTA is also working on their own hardware for nodes etc, Trinary asset is JINN
synth all intel and AMD systems have remote management engine backdoors. So they are not safe for storing large amounts of coins.
We also have alpine linux and special version of linux, that is 6 MB and has everything that is needed for running our toolchain. It will not have any binary blobs in the kernel or anything that we cant compile from source. It does not have systemd and does not have gli, but uses musl. And does not have openssl.
mike so looks like the Samsung Artik 5 and 10 can run it no problem, they're ARM based. 25x35x4mm package for the Artik 10, Artik 5 is smaller, less powerful but has 2 separate antenna ports, nice for mesh networking with an omni and a directional antenna.
earlyarkinvestor how does Ark compare to Lisk?
synth uploaded this image: 1923810435.jpg Add Comment
earlyarkinvestor isn't Lisk trying to achieve interoperability between blockchains as well
synth uploaded this image: 1433594905.jpg Add Comment
synth uploaded this image: 1432540863.jpg Add Comment
synth uploaded this image: 2049465686.jpg Add Comment
mike nice! looks like an ARM based server rack
let me know if you need any help with it, see you're on solidworks, which I run as well.
synth this is the skycoin cluster; it has 8 CPU boards; 4 cores per CPU, 2 GB of ram per CPU and 64 bit ARM processor. Only one program will run on each individual board, so there is compartmentalization and a physical gap so that compromising one process on a system does no allow all other processes on the system to be compromised
mike looks like 2 ethernet ports per board.
synth and the hardware does not have the qualcom backdoors and is actually chinese equipment; and the backdoors are normally at the kernel level because they are not at hardware backdoors yet
lol
mike do they have SATA ports, maybe M.2 for storage?
synth and we will hav an ARM openwrt router eventually too
this model does not have SATA, but we have a model with SATA; you could hook up 16 2 TB drives, lol and download half the piratebay to your cluster (edited)
the skycoin infrastructure is cluster based and designed for running across +300 computers, with one "node" deployed per computer. Eithe a CXO storage node, or a skywire SDN/meshnet node, or a VPN end point node or a consensus network, or skycoin node, etc. We have multiple node/application types.
so this is a "personal cloud' by itself
its not like StoreJ where you have other people storing your stuff; you are going to have ~5 clusters and 300 computers and can store your own files, on your own internet, on your own hardware. You do not need to go outside of your own network.
mike Have thought it'd be nice to have a board with an array of M.2 sockets to run SSD arrays without all the cables, have the busses shielded in circuit board.
synth yes, i think there will be m.2 eventually
these actually use a microSSD for storage, and its 48MB/s
mike any idea on the pricing on your ARM boards in quantity? We are looking at Intel for Bitseed V3, but ARM would be good to stay with, especially using your boards if there is SATA.
arc-over-water Do you have a general idea of usable functions to be released next in what order? The first release was the Coin and wallet, then the ICOs and can you give a general future with dates if you can
synth the boards are $30 each and the memory for solid state, is actually more than the the cost of the CPU/RAM/board now. Which is sort of insane.
mike so you have microSSD, what's maximum size? we shipping 1with Tb hard drives right now
synth Bitseed mike is going to help with this; so we can pool the boards and do a custom PCB
mike yes, that's where we see the price jumps, is in RAM and eMMC costs.
and it's hard to find low cost boards with SATA
synth try the orange pi
the price goes up 30% for SATA
mike yes, very nice specs.
synth eventually, we will make one that has custom PCB and is a pluggable blade server, I think.
mike I like the Samsung Artiks for the tiny form factor for drone routers, cubesat/picosat possibilities.
but like the fact that you are controlling much deeper down the supply chain with your boards.
synth we only need ram, CPU, then microSD slot; and that is it. so the wifi and all this other stuff is just crap and its junk. We only have communication, storage and computation. So should be minimialist.
submitted by Jarunik to ArkEcosystem [link] [comments]


2017.06.29 04:10 redfedora231 waterloo network upgrade

From: Ian Orchard, Vice-President Academic & Provost Bruce Campbell, Chief Information Officer
Date: June 26, 2017
Re: Campus Network Upgrade
Later this year IST will be starting an upgrade of the campus network Ethernet switching and routing infrastructure. This will be the first upgrade of this equipment since IST assumed responsibility for campus wide network management, in 2011. Much of the switching and routing equipment is approaching 10 years old. As with the campus WiFi upgrade a few years ago, all equipment for the switch upgrade will be centrally funded, and IST staff will perform all of the work involved, coordinating with faculty/departmental IT staff and others as needed. IST will provide regular updates on the planning, and work, through the Computing Technology Services Committee (CTSC) and University Committee on Information Systems and Technology (UCIST).
This provides, for the first time, a complete end-to-end campus design built from the ground up with scalability and quality of service (QoS) at the forefront. The design will have the ability to incrementally improve redundancy, reliability and robustness for the users. The selected equipment further positions IST to investigate and deploy more advanced technologies such as Multiprotocol Label Switching (MPLS) for more flexible deployments with increased performance and efficiencies or MACsec (IEEE 802.1AE) for data confidentiality and integrity. All this can be accomplished while still maintaining a standard and supportable design across the campus as a whole including satellite locations.
In addition to providing full Power over Ethernet+ (IEEE 802.3at) and standard 1 gigabit per second (gbps) connection to all devices [1,2] the equipment can accommodate additionally complex and varying requirements that may arise from faculty, staff and researchers such as multigigabit ethernet (mGig, IEEE 802.11bz). All of the increases offered by the upgrade will be accompanied by a reduction in power usage through a combination of modern equipment, "Green Initiatives" such as Energy Efficient Ethernet (IEEE 802.3az), EnergyWise, and a deployment model that pre-activates fewer network jacks (only actively used or likely to be used jacks are initially pre-connected to networking equipment. Any jack that is not active will be easily identified and blocked with a lock-out device. IST has committed to a one-hour turnaround time to activate these drops on request.)
While many users use wireless, a switched network environment still provides the foundation to support WiFi, servers, desktop computing, research computing, VoIP telephony and infrastructure services such as access control, surveillance systems, HVAC and building automation and with the advancement of the Internet of Things, their integrations.
[1] where supported by cabling infrastructure based on auto-negotiation of hardware
[2] Category 5 (cat5) cabling will be located and identified during this project with upgrades to category 6 (cat6a) occurring at a later date
submitted by redfedora231 to uwaterloo [link] [comments]


2017.05.07 00:11 DeeBoFour20 Best and worst ISPs for Business

Has your opinion of ISPs changed since you started working in IT? Mine sure has. Came into it thinking "Oh Comcast has gotta be one of the worst." Turns out, nope. They're pretty middle of the road and their customer service (at least for Business class service) is one of the best (shocking right?)
I'll list off some ISPs that I've dealt with working for a small MSP catering to small-medium sized business. We advertise to our clients that we are their single point of contact for everything IT. If their internet goes down, we call the ISP for them and figure out if the problem is on their end or on the client's internal network (which we manage ourselves.) So I have plenty of experience in dealing with ISPs (and software vendors, which we also have to call for the client, but that's a topic for another discussion.)
I'll start from the worst and go to the best. I'm curious how this compares to other's experiences:
1. ClearRate: Upside: After you've dealt with them, other ISPs are no problem. Could be used in your company's training program for how to deal with difficult vendors.
Downside: These guys are by far the worst I've delt with. They try to be something like a combination of ISP, phone provider, and MSP but their techs are not nearly qualified to support all of the various services they offer. They've got one of our larger clients locked into a multi-year contract or we would have had them switch by now. It's very complicated too. The client has ~20 locations. Some locations they provide internet, VOIP phones, and even desktop support. Some locations it's just the VOIP phones going over another ISP's internet. Some locations they deploy their own routers, switches, and wireless APs. However, if we need to make a config change to their equipment, we have to call them and it can take a week or longer for it to get done. This meant we were forced to replace their equipment with our own where possible and now, whenever the client has issues with their service (which happens often), they try to blame the problem on our router without even checking things on their end first.
Then we have to go through the back and forth "We don't have any reports of an outage. We think your router is the problem." "I don't think so. This router has been online for a month with no issues. Also we replaced it because your horribly out of date FortiWifi 20C (this model is so low end we don't even offer it even to our smallest customers) kept rebooting itself in the middle of the work day. We replaced it with a FortiGate 60D." "Well... we can't help you until you configure your router to do X (usually a SIP change that we know won't help because there's massive packet loss on the WAN link.)" "OK, fine we made the change. Client is still having the same issue." "Hmm... I'll need to check with my supervisor, next tier of support, etc." (multiple days later we get a call back) "Oh we found some line quality issues. We have a tech working on the node right now." FML... if we thought it was a router issue, it would have been much time and headache for us to replace it than waste our time on the phone with you...
In our case, the client signed up with them before signing up with us but if your boss/customer is ever thinking of this company, just say NO. This company has one of the worst customer support (the people that answer the phone can only put tickets in and have a tech call you back, usually several hours later even in an emergancy client unable to work situation) and terribly unreliable service to boot.
Also, at the time of writing, their website is jacked up and not loading any images/formatting (http://www.clearrate.net/) Does that surprise me at all? No but it should give you an idea of how bad they are. Curious to see how long it takes them to fix their own internal stuff because it will only take longer to fix client services.
2. Frontier: Upside: It's a wired internet connection and you can get their ADSL in areas where nothing else is available.
Downside: I've only seen clients use it when they had no other options. It goes out frequently and they have to run cellular hotspots configured as failover. Customer service is pretty useless and will refuse to help you unless you are physically onsite. The people that answer the phones have no way to ping your modem or run line quality tests. Most of the time, they can't even confirm whether or not it's an area wide outage. Only plus side is they're small so the client has the local field tech's cell phone numbers who will usually say "Oh yea we're having an issue with the node. I'm out working on it right now. Here's an ETA." when the help desk people can't even confirm there's an outage in the first place. Should go without saying but ADSL is almost always going to be too slow and/or unreliable for business use (VDSL I will give as an exception but it's usually only offered close to the city where there is competition from other ISPs.) In this client's case, they're the only option for wired internet and I think speed is something stupid like 3mbps down, <1mbps up. If you have other options, take them.
3. AT&T: Upside: Their service is generally pretty reliable even for their DSL/UVerse service (I lived with their residential 3mbps ADSL service for 10+ years because it was my only option. While it was slow as hell, there was only an outage maybe once a year at most.) Their business fiber and T1/T3 services are even more reliable.
Downside: WORST customer service I've ever dealt with. Honestly, it's even worse than ClearRate/Frontier but I'd still choose them over the above 2 because reliability is much better so you don't have to deal with their customer service nearly as often. Everyone I've talked to over there either comes off with an attitude like they really don't care to help you or are even plan up rude. Also their different departments have almost no cross-communication. I had a client having issues with their business fiber line so I looked up AT&T's phone number online and gave them a call. Turns out that was for UVerse support. I told them multiple times that I do NOT have UVerse, it's a fiber line and here is the account number, circuit ID, etc. Not a one of them could look the account up or even tell me who I was supposed to call. One agent even tried to tell me I didn't have AT&T at all. They wasted my time by transfering me to 5-6 different people then finally, after an hour, they told me "You need to get a copy of the bill from the client and call that number." Couldn't even tell me what the number was.
Even after getting the correct number from the client's bill (which is listed nowhere online and is probably different for each area), it was still a headache getting them to run line tests to resolve a packet loss issue. You're never aloud to speak to an actual tech, just someone that puts in tickets. They never follow back up with you either so you schedule "intrusive testing" overnight, call back the next day and "Oh, we didn't do do. The tech ran into a problem." "Well, what's the problem?" "The tech didn't out that in his notes..." Turns out, they didn't do it because the circuit ID had changed and they were trying to run tests on an inactive line. Took me like a week of back and forth to find out what the problem was and get the new circuit ID.
Also, they are lacking on price per perfromance. The client in the above example had a fiber line but the speed was I believe 5mbps synchronus and they were paying something like $500/month for it. Now, that may be an extreme example. If I had to guess, they signed up for that service many years ago and just never asked for a speed increase. Even still, I've talked with clients considering signing up for new service and their fiber and T1 packages can be VERY expensive.
4. Comcast: Upside: They are (relatively) cheap and have high bandwidth options for their Business cable packages. Top speed package available in my area for business is I believe 300mbps down/30mbps up and 1gbps down (I think still only ~30mbps up) just became available for residential thanks to DOCSIS 3.1 so that may hit Business class before too long. That's faster than anything xDSL I've ever seen and the fastest packages are mostly available to anyone in their service area (as opposed to VDSL where you can get 45mbps down if you're right next to the CO but right accross the street you may only be able to get 24mbps.) The down speed is very often even faster than fiber. For example, our office buidling provides something like 100-150mbps synchronous fiber but, instead of using that, we have our own cable modem with 300mbps down for a fraction of the cost. For upstream bandwidth and latency they've got us beat but the vast majority of our traffic is downstream so it's funny to think "Hey would you like to use our fiber connection?" "No thanks, we've got a cable modem, it's faster." That said, the real reason we're on cable is so we can have our own WAN address for things like site-to-site IPSec VPN tunnels which we would be unable to do on their connection since we don't control the router and would be stuck behind their NAT.
Customer service is also fairly decent. The people that answer the phones have up to date outage information and are able to remotely run diagnostics and make changes on the modem. This is very helpful for us when we're not physically at the client site as they're able to tell "I can't see the modem. It's an outage." or "There's no outage but I still can't see the modem. We'll send a tech out." or even "The modem is online. You need to check the rest of the network." Also, when a ticket gets sent to Tier 2 support, you speak with the actual tech working on the issue which is infintely more helpful than other ISPs who just have non-technical people reading badly written notes from the tech to you.
Downside: Reliability. Comcast cable probably has an area outage on average every 1-2 months which is not great. A secondary ISP for failover or load balancing is required if downtime is not acceptable. This really only applies to their cable service, though. In the above building example, there was a Comcast cable outage but the fiber line (also provided by Comcast) was completely unaffected. We also use Comcast fiber in our data center and I've never seen it go down.
5. Level3: Upside: Probably one of the best if you can afford it. One of our largest clients uses them for point-to-point Metro-E to their datacenter and it's rock solid. Only time they ever had issues was during the major Level3 outage last year. Only had to call their customer service a handfull of times and it was for setting up new service or transfering phone numbers. So how is their technical support? Not sure because they (mostly) never go down.
Downside: Price, mostly. They don't have cheap cable/DSL service. They offer things like fiber, T1, Metro-E, MPLS... all that fancy stuff that costs a lot of money. Totally worth it for larger businesses that can afford it though.
submitted by DeeBoFour20 to networking [link] [comments]


2017.03.29 13:47 Kr4ut Snort startup fail

Hello there,
I build snort3 from source and it seems not to work.
$snort -V ,,_ -*> Snort++ <*- o" )~ Version 3.0.0-a4 (Build 228) from 2.9.8-383 '''' By Martin Roesch & The Snort Team http://snort.org/contact#team Copyright (C) 2014-2016 Cisco and/or its affiliates. All rights reserved. Copyright (C) 1998-2013 Sourcefire, Inc., et al. Using DAQ version 2.2.1 Using libpcap version 1.8.1 Using LuaJIT version 2.0.3 Using PCRE version 8.35 2014-04-04 Using ZLIB version 1.2.8 Using OpenSSL 1.0.1t 3 May 2016 
But if I try to start it this happens:
$snort -c /etc/snort/snort1.conf -------------------------------------------------- o")~ Snort++ 3.0.0-a4-228 -------------------------------------------------- Loading /etc/snort/snort1.conf: FATAL: can't load /etc/snort/snort1.conf: /etc/snort/snort1.conf:1: '=' expected near 'HOME_NET' Fatal Error, Quitting.. 
this is my config file
ipvar HOME_NET 192.168.178.0/24,10.8.0.0/24 ipvar EXTERNAL_NET any ipvar DNS_SERVERS $HOME_NET ipvar SMTP_SERVERS $HOME_NET ipvar HTTP_SERVERS $HOME_NET ipvar SQL_SERVERS $HOME_NET ipvar TELNET_SERVERS $HOME_NET ipvar SSH_SERVERS $HOME_NET ipvar FTP_SERVERS $HOME_NET ipvar SIP_SERVERS $HOME_NET portvar HTTP_PORTS [80,81,311,383,591,593,901,1220,1414,1741,1830,2301,2381,2809,3037,3128,3702,4343,4848,5250,6988,7000,7001,7144,7145,7510,7777,7779,8000,8008,8014,8028,8080,8085,8088,8090,8118,8123,8180,8181,8243,8280,8300,8800,8888,8899,9000,9060,9080,9090,9091,9443,9999,11371,34443,34444,41080,50002,55555] portvar SHELLCODE_PORTS !80 portvar ORACLE_PORTS 1024: portvar SSH_PORTS 22 portvar FTP_PORTS [21,2100,3535] portvar SIP_PORTS [5060,5061,5600] portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143] portvar GTP_PORTS [2123,2152,3386] ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/rules/so_rules var PREPROC_RULE_PATH /etc/snort/rules/preproc_rules var WHITE_LIST_PATH /etc/snort/rules/iplists var BLACK_LIST_PATH /etc/snort/rules/iplists config disable_decode_alerts config disable_tcpopt_experimental_alerts config disable_tcpopt_obsolete_alerts config disable_tcpopt_ttcp_alerts config disable_tcpopt_alerts config disable_ipopt_alerts config checksum_mode: all config pcre_match_limit: 3500 config pcre_match_limit_recursion: 1500 config detection: search-method ac-split search-optimize max-pattern-len 20 config event_queue: max_queue 8 log 5 order_events content_length config paf_max: 16000 dynamicpreprocessor directory /uslib/snort_dynamicpreprocesso dynamicengine /uslib/snort_dynamicengine/libsf_engine.so dynamicdetection directory /uslib/snort_dynamicrules preprocessor normalize_ip4 preprocessor normalize_tcp: ips ecn stream preprocessor normalize_icmp4 preprocessor normalize_ip6 preprocessor normalize_icmp6 preprocessor frag3_global: max_frags 65536 preprocessor frag3_engine: policy windows detect_anomalies overlap_limit 10 min_fragment_length 100 timeout 180 preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 262144, \ max_udp 131072, \ max_active_responses 2, \ min_response_seconds 5 preprocessor stream5_tcp: policy windows, detect_anomalies, require_3whs 180, \ overlap_limit 10, small_segments 3 bytes 150, timeout 180, \ ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137 139 143 \ 161 445 513 514 587 593 691 1433 1521 1741 2100 3306 6070 6665 6666 6667 6668 6669 \ 7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779, \ ports both 80 81 311 383 443 465 563 591 593 636 901 989 992 993 994 995 1220 1414 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7907 7000 7001 7144 7145 7510 7802 7777 7779 \ 7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911 7912 7913 7914 7915 7916 \ 7917 7918 7919 7920 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090 9091 9443 9999 11371 34443 34444 41080 50002 55555 preprocessor stream5_udp: timeout 180 preprocessor http_inspect: global iis_unicode_map unicode.map 1252 compress_depth 65535 decompress_depth 65535 max_gzip_mem 104857600 preprocessor http_inspect_server: server default \ http_methods { GET POST PUT SEARCH MKCOL COPY MOVE LOCK UNLOCK NOTIFY POLL BCOPY BDELETE BMOVE LINK UNLINK OPTIONS HEAD DELETE TRACE TRACK CONNECT SOURCE SUBSCRIBE UNSUBSCRIBE PROPFIND PROPPATCH BPROPFIND BPROPPATCH RPC_CONNECT PROXY_SUCCESS BITS_POST CCM_POST SMS_POST RPC_IN_DATA RPC_OUT_DATA RPC_ECHO_DATA } \ chunk_length 500000 \ server_flow_depth 0 \ client_flow_depth 0 \ post_depth 65495 \ oversize_dir_length 500 \ max_header_length 750 \ max_headers 100 \ max_spaces 200 \ small_chunk_length { 10 5 } \ ports { 80 81 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000 7001 7144 7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180 8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090 9091 9443 9999 11371 34443 34444 41080 50002 55555 } \ non_rfc_char { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 } \ enable_cookie \ extended_response_inspection \ inspect_gzip \ normalize_utf \ unlimited_decompress \ normalize_javascript \ apache_whitespace no \ ascii no \ bare_byte no \ directory no \ double_decode no \ iis_backslash no \ iis_delimiter no \ iis_unicode no \ multi_slash no \ utf_8 no \ u_encode yes \ webroot no preprocessor rpc_decode: 111 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete preprocessor bo preprocessor ftp_telnet: global inspection_type stateful encrypted_traffic no check_encrypted preprocessor ftp_telnet_protocol: telnet \ ayt_attack_thresh 20 \ normalize ports { 23 } \ detect_anomalies preprocessor ftp_telnet_protocol: ftp server default \ def_max_param_len 100 \ ports { 21 2100 3535 } \ telnet_cmds yes \ ignore_telnet_erase_cmds yes \ ftp_cmds { ABOR ACCT ADAT ALLO APPE AUTH CCC CDUP } \ ftp_cmds { CEL CLNT CMD CONF CWD DELE ENC EPRT } \ ftp_cmds { EPSV ESTA ESTP FEAT HELP LANG LIST LPRT } \ ftp_cmds { LPSV MACB MAIL MDTM MIC MKD MLSD MLST } \ ftp_cmds { MODE NLST NOOP OPTS PASS PASV PBSZ PORT } \ ftp_cmds { PROT PWD QUIT REIN REST RETR RMD RNFR } \ ftp_cmds { RNTO SDUP SITE SIZE SMNT STAT STOR STOU } \ ftp_cmds { STRU SYST TEST TYPE USER XCUP XCRC XCWD } \ ftp_cmds { XMAS XMD5 XMKD XPWD XRCP XRMD XRSQ XSEM } \ ftp_cmds { XSEN XSHA1 XSHA256 } \ alt_max_param_len 0 { ABOR CCC CDUP ESTA FEAT LPSV NOOP PASV PWD QUIT REIN STOU SYST XCUP XPWD } \ alt_max_param_len 200 { ALLO APPE CMD HELP NLST RETR RNFR STOR STOU XMKD } \ alt_max_param_len 256 { CWD RNTO } \ alt_max_param_len 400 { PORT } \ alt_max_param_len 512 { SIZE } \ chk_str_fmt { ACCT ADAT ALLO APPE AUTH CEL CLNT CMD } \ chk_str_fmt { CONF CWD DELE ENC EPRT EPSV ESTP HELP } \ chk_str_fmt { LANG LIST LPRT MACB MAIL MDTM MIC MKD } \ chk_str_fmt { MLSD MLST MODE NLST OPTS PASS PBSZ PORT } \ chk_str_fmt { PROT REST RETR RMD RNFR RNTO SDUP SITE } \ chk_str_fmt { SIZE SMNT STAT STOR STRU TEST TYPE USER } \ chk_str_fmt { XCRC XCWD XMAS XMD5 XMKD XRCP XRMD XRSQ } \ chk_str_fmt { XSEM XSEN XSHA1 XSHA256 } \ cmd_validity ALLO < int [ char R int ] > \ cmd_validity EPSV < [ { char 12 char A char L char L } ] > \ cmd_validity MACB < string > \ cmd_validity MDTM < [ date nnnnnnnnnnnnnn[.n[n[n]]] ] string > \ cmd_validity MODE < char ASBCZ > \ cmd_validity PORT < host_port > \ cmd_validity PROT < char CSEP > \ cmd_validity STRU < char FRPO [ string ] > \ cmd_validity TYPE < { char AE [ char NTC ] char I char L [ number ] } > preprocessor ftp_telnet_protocol: ftp client default \ max_resp_len 256 \ bounce yes \ ignore_telnet_erase_cmds yes \ telnet_cmds yes preprocessor smtp: ports { 25 465 587 691 } \ inspection_type stateful \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 \ log_mailfrom \ log_rcptto \ log_filename \ log_email_hdrs \ normalize cmds \ normalize_cmds { ATRN AUTH BDAT CHUNKING DATA DEBUG EHLO EMAL ESAM ESND ESOM ETRN EVFY } \ normalize_cmds { EXPN HELO HELP IDENT MAIL NOOP ONEX QUEU QUIT RCPT RSET SAML SEND SOML } \ normalize_cmds { STARTTLS TICK TIME TURN TURNME VERB VRFY X-ADAT X-DRCP X-ERCP X-EXCH50 } \ normalize_cmds { X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ max_command_line_len 512 \ max_header_line_len 1000 \ max_response_line_len 512 \ alt_max_command_line_len 260 { MAIL } \ alt_max_command_line_len 300 { RCPT } \ alt_max_command_line_len 500 { HELP HELO ETRN EHLO } \ alt_max_command_line_len 255 { EXPN VRFY ATRN SIZE BDAT DEBUG EMAL ESAM ESND ESOM EVFY IDENT NOOP RSET } \ alt_max_command_line_len 246 { SEND SAML SOML AUTH TURN ETRN DATA RSET QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ valid_cmds { ATRN AUTH BDAT CHUNKING DATA DEBUG EHLO EMAL ESAM ESND ESOM ETRN EVFY } \ valid_cmds { EXPN HELO HELP IDENT MAIL NOOP ONEX QUEU QUIT RCPT RSET SAML SEND SOML } \ valid_cmds { STARTTLS TICK TIME TURN TURNME VERB VRFY X-ADAT X-DRCP X-ERCP X-EXCH50 } \ valid_cmds { X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ xlink2state { enabled } preprocessor ssh: server_ports { 22 } \ autodetect \ max_client_bytes 19600 \ max_encrypted_packets 20 \ max_server_version_len 100 \ enable_respoverflow enable_ssh1crc32 \ enable_srvoverflow enable_protomismatch preprocessor dcerpc2: memcap 102400, events [co ] preprocessor dcerpc2_server: default, policy WinXP, \ detect [smb [139,445], tcp 135, udp 135, rpc-over-http-server 593], \ autodetect [tcp 1025:, udp 1025:, rpc-over-http-server 1025:], \ smb_max_chain 3, smb_invalid_shares ["C$", "D$", "ADMIN$"] preprocessor dns: ports { 53 } enable_rdata_overflow preprocessor ssl: ports { 443 465 563 636 989 992 993 994 995 7801 7802 7900 7901 7902 7903 7904 7905 7906 7907 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 }, trustservers, noinspect_encrypted preprocessor sensitive_data: alert_threshold 25 preprocessor sip: max_sessions 40000, \ ports { 5060 5061 5600 }, \ methods { invite \ cancel \ ack \ bye \ register \ options \ refer \ subscribe \ update \ join \ info \ message \ notify \ benotify \ do \ qauth \ sprack \ publish \ service \ unsubscribe \ prack }, \ max_uri_len 512, \ max_call_id_len 80, \ max_requestName_len 20, \ max_from_len 256, \ max_to_len 256, \ max_via_len 1024, \ max_contact_len 512, \ max_content_len 2048 preprocessor imap: \ ports { 143 } \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 preprocessor pop: \ ports { 110 } \ b64_decode_depth 0 \ qp_decode_depth 0 \ bitenc_decode_depth 0 \ uu_decode_depth 0 preprocessor modbus: ports { 502 } preprocessor dnp3: ports { 20000 } \ memcap 262144 \ check_crc output unified2: filename snort.log, limit 128, nostamp, mpls_event_types, vlan_event_types include classification.config include reference.config include $RULE_PATH/local.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules include $RULE_PATH/bad-traffic.rules include $RULE_PATH/chat.rules include $RULE_PATH/ddos.rules include $RULE_PATH/dns.rules include $RULE_PATH/dos.rules include $RULE_PATH/experimental.rules include $RULE_PATH/exploit.rules include $RULE_PATH/finger.rules include $RULE_PATH/ftp.rules include $RULE_PATH/icmp-info.rules include $RULE_PATH/icmp.rules include $RULE_PATH/imap.rules include $RULE_PATH/info.rules include $RULE_PATH/misc.rules include $RULE_PATH/multimedia.rules include $RULE_PATH/mysql.rules include $RULE_PATH/netbios.rules include $RULE_PATH/nntp.rules include $RULE_PATH/oracle.rules include $RULE_PATH/other-ids.rules include $RULE_PATH/p2p.rules include $RULE_PATH/policy.rules include $RULE_PATH/pop2.rules include $RULE_PATH/pop3.rules include $RULE_PATH/rpc.rules include $RULE_PATH/rservices.rules include $RULE_PATH/scan.rules include $RULE_PATH/smtp.rules include $RULE_PATH/snmp.rules include $RULE_PATH/sql.rules include $RULE_PATH/telnet.rules include $RULE_PATH/tftp.rules include $RULE_PATH/virus.rules include $RULE_PATH/web-attacks.rules include $RULE_PATH/web-cgi.rules include $RULE_PATH/web-client.rules include $RULE_PATH/web-coldfusion.rules include $RULE_PATH/web-frontpage.rules include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules include $RULE_PATH/community-sql-injection.rules include $RULE_PATH/community-web-client.rules include $RULE_PATH/community-web-dos.rules include $RULE_PATH/community-web-iis.rules include $RULE_PATH/community-web-misc.rules include $RULE_PATH/community-web-php.rules include $RULE_PATH/community-sql-injection.rules include $RULE_PATH/community-web-client.rules include $RULE_PATH/community-web-dos.rules include $RULE_PATH/community-web-iis.rules include $RULE_PATH/community-web-misc.rules include $RULE_PATH/community-web-php.rules include threshold.conf 
Can someone send help?
kind regards kr4ut
submitted by Kr4ut to snort [link] [comments]


2017.02.28 15:51 hunter15991 Upcoming Major Municipal Elections - Contact Guide

Hey there, /esist! Glad to see enthusiasm as it pertains to the victory in Delaware, as well as US House races in early April. Calling for these state races - especially swing ones like GA-6 - is very very important.
But in addition to the state special elections (and the nationally important gubernatorial elections in New Jersey and Virginia), there are many municipal election taking place throughout the year. These ultimately are the people who influence your day to day lives the most - your city council and mayor manage public services, while your school board plays a vital role in determining local children's curriculum and overall education experience.
If you're more of a canvassing person vs. calling phones, or if you simply want to get involved locally, check the list to see if you live in a city with a scheduled election. I've included a contact link for the local Dem. party, the location of the seats up for grabs in that city if available, and election date.
If none of the candidates running in your area seem good, contact your local party and see if it's not too late to file your own candidacy - the 2016 election has shown that lack of experience isn't a be-all-end-all.
To save space, I will list elections ongoing in any of the top 100 cities by population, just like Ballotpedia does.
City/State Date Races Local Party Info District Map
Birmingham, Alabama 8/22/17, runoff on 10/3/17 All 9 city council seats, all 9 Education Board seats, mayor Jefferson County Democrats - "Contact Us" Map
Anchorage, Alaska 4/4/17 District 1 council seat, one seat in each of Districts 2-6. School district seats C and D. Anchorage Democrats City Council Map - school district map unavailable.
Phoenix, Arizona 3/14/17 District 3 Council run-off election LD28 Democrats Map
Phoenix, Arizona 8/29/17, runoff on 11/7/17 District 2, 4, 6 8 Council seats Maricopa County Democratic Party Map
Tucson, Arizona 11/7/17, primary on 8/29/17 City Council seats from Wards 3, 5, and 6 Pima County Democratic Party Map
Los Angeles, California 3/7/17, runoff on 5/16/17 Council Districts 1, 3, 5, 7, 9, 11, 13, 15. Mayor, City Attorney, City Comptroller. LACCD Districts 2, 4, 6. LAUSD District 2, 4, 6. Ballot resolutions re. marijuana tax, zoning restrictions, and harbor leases. LA County Democratic Party City Council Map, LAUSD map, LACCD map unavailable
Riverside, California 6/6/17 Wards 2, 4, 6 Riverside County Democrats Map
Riverside, California 11/7/17 Board of Education Seats 1 and 5 Riverside County Democrats Map unavailable
Aurora, Colorado 11/7/17 Wards I, II, and III. 4 at-large Board of Education seats. Arapahoe Democrats Ward map.
Colorado Springs, Colorado 11/7/17 All 6 city council seats, 4 at-large Education Board seats. PeakDems Map
Hialeah, Florida 11/7/17, runoff on 11/21/17 Mayor, city council seats 5, 6, 7 Miami-Dade Democratic Party Unavailable
Miami, Florida 11/7/17, runoff on 11/21/17 Mayor (R), Council Districts 3 and 5 Miami-Dade Democratic Party Council Map
Orlando, Florida 11/7/17, runoff on 11/21/17 Mayor, Council Districts 3 and 5. Orange County Democrats D3 map, D5 map
St. Petersburg, Florida 11/7/17, runoff on 11/21/17 Mayor (D), Council districts 2, 4, 6, and 8. Pinellas County Democrats Map
Atlanta, Georgia 11/7/17, runoff on 12/5/17 Mayor, 3 at-large council members, all 12 Council districts, City Council President, all 9 Education Board Seats DeKalb Democrats Council Map, Education Board Map
Boise, Idaho 11/7/17, runoff on 12/7/17 City Council seats 2, 4, 6 Ada County Democrats Unavailable
Chicago, Illinois 2/28/17, possible runoff on 4/4/17 Special Election for Ward 4 Cook County Democrats Map
Wichita, Kansas 8/1/17, runoff on 11/7/17 City Council seats 1, 3, 6. School Board seats 1, 2, 5, 6. Sedgwick County Democrats City Council locator. School board unavailable.
Boston, Massachusetts primary on 9/26/17, general on 11/7/17 Mayor, all city council districts Massachusetts Democrat Party Map
Detroit, Michigan 8/8/17, runoff on 11/7/17 Mayor, all city council districts Michigan Democratic Party Map
Minneapolis, Minnesota 11/7/17 Mayor, all 13 city council spots Minneapolis DFL Map
St. Paul, Minnesota 11/7/17 Mayor, 3 at-large school board seats St. Paul DFL NA
St. Louis, Missouri Primary on 3/7/17. General on 4/4/17 Mayor, Comptroller, 2 at-large school district members, Odd-numbered Alderman in Wards 1-27 + Ward 16. Missouri Democratic Party Map
Lincoln, Nebraska primary on 4/4/17, general on 5/2/17 3 at-large city council seats, seats 1, 3, 5, 7 on school board, airport authority Lancaster County Democrats School Board Map
Omaha, Nebraska primary on 4/4/17, general on 5/9/17 Mayor, all 7 city council members Douglas County Democrats Map
Henderson, Nevada primary on 4/4/17, general on 6/13/17 Mayor, Ward III councilman Clark County Democrats
Las Vegas, Nevada primary on 4/4/17, general on 6/13/17 Mayor, Wards 2, 4, 6 Clark County Democrats Map
North Las Vegas, Nevada primary on 4/4/17, general on 6/13/17 Mayor, Wards 1, 3 Clark County Democrats Map
Jersey City, New Jersey 6/6/17, runoff on 11/7/17 Mayor, Wards A-F, 3 at-large city council seats. 3 at-large school district seats. Jersey City Democratic Organization Map
Albuquerque, New Mexico 10/3/17, runoff on 11/7/17 Mayor, Districts 1, 3, 5, 7, 9 Bernalillo County Democrats Map
Buffalo, New York 9/12/17, general on 11/7/17 Mayor Erie County Democrats NA
New York City, New York 9/12/17, general on 11/7/17 Mayor, all 51 city council members NY Democratic Party - select local borough. District Map
Charlotte, North Carolina primary is 9/12/17, general is 11/7/17 Mayor, all 11 city council members, 6 districted school board seats Mecklenburg County Democrats Locate city council district
Durham, North Carolina primary is 10/10/17, general is 11/7/17 Mayor, three of six at-large city council seats Durham Democrats NA
Greensboro, North Carolina primary is 10/10/17, general is 11/7/17 Mayor, five districted, three at-large council seats Guilford County Democrats Map
Raleigh, North Carolina primary is 10/10/17, general is 11/7/17 Mayor, 5 districted, 2 at-large council seats Wake County Democrats Map
Cincinnati, Ohio mayoral primary 5/2/17, general election 11/7/17 Mayor, 9 at-large council seats, 4 at-large school board seats Hamilton County Democrats NA
Cleveland, Ohio primary on 9/12/17, general on 11/7/17 Mayor and all 17 council members Cuyahoga County Democrats Locate your ward
Columbus, Ohio primary on 5/2/17, general on 11/7/17 City attorney, city auditor, 3 at-large school board seats, 3 at-large council seats Franklin County Democrats NA
Oklahoma City, Oklahoma runoff 4/4/17 Ward 4 councilmember, 3 seats on school board OK County Democrats Ward Map, school board map
Pittsburgh, Pennsylvania primary on 5/16/17, general on 11/7/17 Districts 2, 4, 6, 8 in City Council, Districts 1, 3, 5, 7, 9 in School Board Alleghany County Democratic Committee District Map for both offices
Arlington, Texas 5/6/17 Mayor, Council districts 3, 4, 5, 8. School board Places 6, 7. Tarrant County Democrats City Council map, school board unavailable
Corpus Christi, Texas 5/6/17 Mayor - newly elected mayor Dan McQueen resigned (his story is worth a read) Nueces County Democrats NA
Dallas, Texas 5/6/17 All city council positions, school district positions 2, 6, and 8. Dallas County Democrats Council Map School district map
El Paso, Texas 5/6/17 Mayor, Council Districts 2, 3, 4, 7. School districts 1, 3, 4, 5. El Paso Democrats City Council map, School Board map
Fort Worth, Texas 5/6/17 Mayor, all City Council districts, School Board districts 1, 4, 7, 8, 9 Tarrant County Democrats City Council map, School board maps
Garland, Texas 5/6/17 Mayor, Council districts 3, 6, 7, 8. School board places 4 and 5. Dallas County Democrats, Garland Democratic Women's Club Council map, school board map unavailable
Irving, Texas 5/6/17 Mayor, Council places 3 and 5. School board places 1, 2. Irving Democrats City council map School board map
Plano, Texas 5/6/17 4 at-large city council seats. School board places 1, 2, 3, 6. Bond measures. Collin County Democrats Unavailable
San Antonio, Texas 5/6/17, runoff on 6/10/17 Mayor, all 10 council members, school board districts 1, 3, 4, and 7. Bexar County Democrats Council map, school board map
Seattle, Washington mayoral/council primary on 8/1/17, general on 11/7/17, school district runoff on 12/5/17 Mayor, city council seats 8 and 9, school district districts 4, 5, and 7. King County Democrats Council district locator, School district map
Madison, Wisconsin 4/4/17 All 20 city council/alderman districts. Dane County Democrats Aldermanic map of districts
submitted by hunter15991 to esist [link] [comments]


2016.12.22 11:30 NomDePlume69 CV review please - Considering Senior IT positions for next role (Head of IT, IT Director)

Personal Summary A versatile and highly experienced Head of IT, Customer Service and Operations with over 19 years’ experience of delivering high quality IT, Customer Support and Helpdesk Services, consistently demonstrating exceptional leadership, vision and teamwork to deliver services that meet the business needs. I am an ITIL expert and Prince2 practitioner with a proven track record of planning, implementing and delivering projects and organisational change. I am persistent and perceptive, appreciating the wider business implications of actions in complex business environments. Excellent interpersonal skills enable me to build strong trust relationships with colleagues and service providers and provide coaching, leadership and motivation to teams and individuals for personal development and to achieve business goals. I have vast experience of supplier, contract and service management across IT Operations, Customer Services and Facilities. To ensure constant professional and personal development, I thrive on setting and exceeding goals to build expertise and understand the latest industry developments.
Career History
UK IT Manager Dec 2015 - present As UK IT Manager I report directly to the Chief Information Officer. I am responsible for all business systems within the business ensuring that they are fit for purpose and up to date with the latest releases whilst maintaining the compatibility and data interchange points across the multiple workflow processes.
Responsibilities and achievements: • The business has recently procured a new Customer Relationship Management system which we have successfully rolled-out across the country. Working with my project team to ensure that the data from the old CRM systems is successfully cleaned and migrated. • Working with the Infrastructure team to specify and deliver new Virtual Servers that will be mirrored between our Data Centre and local server room to provide a platform for our roadmap of projects that will provide improved resilience, availability and reliability. This will also improve our disaster recovery capabilities. • Producing and managing the IT roadmap to deliver improvements to the business and ensure that all inter-dependencies are understood and considered as we will be running several enterprise-wide projects in parallel with one another to streamline business processes and remove some of the high-risk single points of failure. • Specified the requirements for a new SQL/XML Electronic Data Interchange solution to use with our third party logistics provider and Enterprise Resource Planning solution. • Upgrading our business wide Enterprise Resource Planning system and evaluating/testing a new module designed to deliver electronic invoice approval. • Procuring a new Internet Service Provider for the delivery of an MPLS private network to support the centralisation of our currently de-centralised job planning system. • Migrating our business reporting tool from a server-based solution to a cloud-based solution in order to make the data more visible to the business and our franchisees as well as improving the appearance and integrity of the data. • Planning the amalgamation of our European Domains, Active Directory and Exchange structures.
Head of IT and Programme Management NFP Organisation June 2012 – Nov 2015 I started at this NFP organisation as Head of IT and Customer service and moved into the role of Head of IT and Programme management. I reported directly to the Executive Management Team, specifically to the Resources Director with responsibilities for IT service delivery, Business Applications support and development, Customer Services and Facilities Management.
Responsibilities and achievements: • As Head of IT and a member of the Programme Board for the organisation I was a key stakeholder in the IT/Business Development Programme which included procuring and implementing a new Housing Management System (Aareon QLH), developing a Mobile/Agile strategy and solution using First Touch, migrating to Windows 7 in a Citrix environment and procuring/implementing a new cloud-based telephony solution to support Disaster Recovery and Business Continuity. • A large part of the new Housing Management System project was having the responsibility to ensure that all our other business systems were fit for purpose and where necessary compatible for interfacing/data exchange. These systems included a Business Analysis and reporting system (CorVu), a scheduling system (Kirona DRS), an Asset Management system (Keystone), Finance system (Aareon QLF) and to a degree using Documotive as an EDM solution. • Responsible for ICT/CSC Change Management to enable Continual Service Improvement using ITIL operating framework. • Managing and nurturing our supplier relationships ensuring excellent Service Delivery to the organisation at all levels. • As Head of IT and Customer Service I worked with the business to ensure that all projects are backed by an appropriate business case to inform Programme Board and supplier resource planning expectations. • Working with our 3rd party supplier I had overall responsibility for several ICT projects including fully virtualising our server environment designed to increase business continuity, resilience and disaster recovery capabilities and to facilitate implementation of new production and test environments for future projects. Additional LAN/WAN upgrades were also required to meet changing business requirements. • Annually developing and managing the budgets and Operational plans for Customer Services, ICT and Business Services/Facilities aligned to the strategic and financial plans incorporating the objectives across the organisation. I actively ensured on-going professional development of the team to enable delivery of the plans. I have been involved in the development of the 5-year strategic plan in partnership with the Board and the Executive Team. • I led the strategies for ICT and Customer Services. I was responsible for developing the vision for the strategy, key themes and service outcomes e.g. process improvement, customer satisfaction, ICT solution delivery, Business Application review and development of high quality services for customers and customer segmented groups. • Managed the organisation through a complete review of our Complaints Policy and process including the development of management reporting involving business and customer stakeholders to shape the service. • Reduced the number of complaints coming in and embedded lessons learned from complaints across the business. • Reviewed and delivered the Customer Care and Access Strategy to meet Customer, Business, Board and Executive Management expectations to shape the business’ approach to Service Delivery achieving KPI’s and customer satisfaction targets. • Promote, deliver and manage the cultural development of delivering high quality Customer Service across the organisation both internally and externally. • Provided leadership, guidance and mentoring to the Customer Service and Business Administration teams. • Facilities and Contract Management across all areas of the business and managing the Landlords service delivery contract including a favourable lease break rent review. • Placed 7th overall nationally and 1st in the public sector in the Top 50 Companies for Customer Service in 2014. • Demonstrated Value for Money by saving over £75k in the first year by negotiating new contracts for mobile and fixed line telephony across the organisation.
Technical Operations Manager EMEA Nov 2001 – April 2012 Reporting into the VP of Global Operations, managing and delivering high quality IT Helpdesk, Service Delivery and Project management, Customer Support Services (CSS) and Facilities Management for the EMEA region.
Responsibilities and achievements: • Budgetary control for Technical Operations encompassing EMEA Customer Support Services, IT and Facilities Management. • Customer service strategy and delivery across the organisation including driving service improvement. • Standard Operation Procedure design and implementation across Customer Support Services, IT and Facilities. • Part of the acquisition and integration team demonstrating careful management of staff and operations through several Global acquisitions designed to grow the business. • Consistently exceeded SLA’s in Customer Service Centre and IT support services. IT Helpdesk and Services - • Delivery of IT services and support for the EMEA region covering Helpdesk, Infrastructure, standard operating procedures, new service design and management/implementation of global projects in line with Business requirements. • Global Change and Incident/Issue Escalation Manager (Change Advisory Board Chairman). • Process owner for daily global IT issue management and group chair for IT managers daily operational review meeting. • Planning and delivery of EMEA IT infrastructure to meet continually evolving business objectives. • Project Manager for the global backup system review. Identified cost saving of over $250k and requirement to move to newer platform by reviewing current process and procedure. • Successful hardware refresh of all critical business systems through management of IT team to new IBM platform in order to provide high availability internal systems across EMEA region to meet business SLA’s. • Implementation of Virtual Machine environment to reduce physical footprint and improve disaster recovery status. • Successful implementation and communication of centralised IT Helpdesk system to enable customers in all time zones to log service issues/project requests as dictated by global business requirements and to deliver on business SLA’s. • Central point of contact for all IT and Support related issues with global business leaders. Customer Support Services - • Planning, implementation and delivery of internal call centre from global Outsource model – Centralised EMEA-wide external Customer Support Services in-house with a very aggressive timescale saving the company over $1m in the first year. o Recruitment of 22 start-up multi-lingual staff. o New phone switch requirement design, sourcing, implementation and deployment. o Call Centre procedures design and implementation. o Planning of internal environment. • Management of multi-skilled, multi-lingual EMEA call centre team. • Support and management of outsourced call centre (Manila) and European partners. • Responsibility for Staff recruitment, review/assessment and retention within IT and CSS. • Future planning for evolution of call centre environment and structure based on trends and budgetary constraints. • Carried out business case and feasibility study for moving Customer Support Services to on-shore Outsource Partner for EMEA for Senior Management. Project was realised and put into action some 12 months later with substantial savings made across the Customer Support Services business unit. Facilities - • Supplier and Contract management for facilities services including: Leasehold management: Site security and safety: Buildings and Plant maintenance: Electrical safety: Fire/Health and Safety: Heating/cooling systems. • Managed all aspects of moving the company from small rented offices into larger leased premises to accommodate growing company. • Renegotiation of inherited services, buildings and maintenance contracts and utilities saving the company over $1m. • Project Managed dilapidations work on 6 locations including offices in Germany, France and Ireland saving over £150k against landlords own quotations through careful contractor selection. • Internal and external office refurbishment/redevelopment project in line with leasehold and changing company requirements.
Technical Operations Manager EMEA Mar ’98 – Nov ‘01 Responsible for EMEA IT, CSS and Facilities Management, reporting to the Director of Global Operations. As part of the acquisition team, I planned and executed all aspects of a move to combined new EMEA Headquarters; Implemented and recruited for an expanded multi-lingual Customer Service Centre, LAN/WAN/IT team and Infrastructure and Facilities contracts. 
System Installation/Projects Co-ordinator - XXXXManagement Systems Nov ‘96 – Mar’98
Client Services/Project Manager - XXXX Management Systems Sept ’94 – Oct ’96
Education/Qualifications
BTEC HND Hotel, Catering and Institutional Management. Information Technology Information Library (ITIL) V3 to Expert level. Prince2 Foundation and Practitioner LEAN Systems Thinking Organising Training, Assessment and Performance Management. Leadership Skills for Managers - Managing Teams and Change.
submitted by NomDePlume69 to resumes [link] [comments]


2016.10.12 06:08 RandallFlag Proper (Best Practice?) Metro-E Routing and Configuration

So I have a network I have inherited in which we will soon be implementing a Metro-E service to connect 4 different sites, the primary site being the only one with a true WAN and the Metro-E is going to be a point to multi-point uplink. The ISP is providing a flat layer 2 Ethernet handoff and we will doing/responsible for all routing between sites.
Each site already has an established IP subnet and is currently connected via site to site VPN tunnels.
In the past, I have worked with already in place Metro-E connections and most have always just had various interfaces on the primary WAN router configured with IP addresses on the matching remote subnets for this routing. They were never truly VLAN'd out and there was never anything really special done to route between the sites. These networks involved the primary site have interfaces, physical or virtual, that had IP addresses homed to the branch sites networks.... Example, Primary site router had LAN interface of 10.10.10.1 for local subnet, then virtual sub-interfaces of 10.10.11.1, 10.10.12.1, and 10.10.13.1 for the 3 branch sites, with those branch sites having IP interfaces of x.x.x.2 respectively.
For this scenario, the end game is to also update an older, failing phone system with a more up to date VOIP platform and I will be implementing various VLAN's for this purpose for QoS etc. etc. and I am wondering if there is a better, more preferred way to properly setup and route traffic between different VLAN's using a flat layer 2 Metro-E point to multi-point connection.
The thought was to create a virtual network that did nothing but route traffic between locations, much like you would find with a hosted MPLS type solution from many major ISP's/providers. But I am just wondering if that is over complicating it. Example, Each site has a primary Data (192.168.2,3,4,5.x/24) and Voice (10.10.10,11,12,13.x/24) VLAN and the uplinks for the Metro-E would have their own separate IP subnet and VLAN (172.20.10.1,2,3,4/29). Routing from site to site would use the IP's of this routing VLAN network to direct traffic appropriately with default route sending all traffic to main office WAN router.
Does it matter which methodology is used for this, the separate IP network mimicking the MPLS format or simply have interfaces with remote network IP's configured on them. I have looked around at various resources and believe I have a good baseline understanding of what to do/what is needed.... and while I am not a network engineer I have a pretty good basic understanding of it, am familiar with Cisco, SonicWALL, AdTran etc. etc. and have no issues working through a configuration..... But this will be the first implementation for me from a design perspective and I want to make sure that in building this out I do so in a manner in which it makes sense and isn't a convoluted mess and makes later possible expansion feasible and easily built upon.
The basic VLAN and routing between sites I believe I have a handle on, I am primarily looking for any suggestions on a proper (better?) or more preferred way to design and implement this type of networking. Any suggestions or recommendations are greatly appreciated.
submitted by RandallFlag to networking [link] [comments]


2016.07.23 23:18 the-packet-thrower Everything you need to know for the CCNA R&S - Read this first.

Hi all,
This post is intended to be a one stop aggregate of content related to the CCNA R&S, new users are encouraged to look through this post before asking these common post topics. Because I'm lazy I'll be copy and pasting relevant sections from other posts as needed :)

Can I use older versions of the study material?

No, at best you'll get basic information but you'll be missing topics, reading about topics you don't need to, and could generally not learn a topic well enough. It isn't worth trying to save money since failing the exam is much more expensive than some new books.
Saying that some video courses are still worth while, CBT nuggets for example has plenty of CCNA related series such as their CCNA packet capture course that is still good info though out of date.

Discount Exams

You can occasionally save some $$$ by buying a discount voucher, a discount voucher is a voucher that is expiring sooner than a ordinary voucher, the less time left the more it is discounted. For example a CCNA voucher with 3 days left might get 50% off.
I have used these sites before and they work well.
www.itexamvouchers.com or www.getcertified4less.com

The Exam Change

CCNA 2.0 is being retired on the following dates:
100-101 ICND1 Last day to test August 20, 2016
200-101 ICND2 Last day to test September 24, 2016
200-120 CCNA Last day to test August 20, 2016
A common misconception is that ICND1 is a prerequisite for the CCNA, it is not. Rather the ICND1 earns the CCENT certification and the CCENT is the prerequisite for the CCNA. This distinction means that you can write the 3.0 ICND2 exam even if you have passed the ICND1 2.0 exam.

Exam topics

100-105 - ICND1 3.0
ICND1 Exam topics
Here is a summary of the changes in the new version:
Removed:
  • RIP is now the sole routing protocol in this exam.
  • IPv6 Dual Stack was removed in favour of transition techologies
  • CEF has been removed from the exam.
Added:
  • High level knowledge of Firewalls, Access Points, and Wireless Controllers
  • Awareness of Collapsed Core architecture
  • Configure and verify IPv6 SLAAC
  • IPv6 Anycast addresses
  • Knowledge of LLDP
  • Troubleshooting DNS and DHCP related connectivity issues
  • Understanding Syslog
  • Device management
200-105 - ICND2 3.0
ICND2 Exam topics
Removed:
  • Frame-Relay (HOORAY!)
  • VRRP and GLBP (BOO!)
Added:
  • Knowledge of IWAN
  • Basic eBGP
  • VPNs: DMVPN, Site to Site, Client VPNs
  • Understanding the Cloud
  • Understanding SDN
  • Using APIC-EM's Path Trace application
  • QoS
200-125 - CCNAX 3.0
Composite 3.0 Exam topics
All in all some pretty fair additions and only a couple questionable removals.

Should you take the composite exam?

The short answer is....no, probably not.
Generally speaking the composite is only for the experienced network professionals who are used to certification exams. It is really meant for convenient switching to the R&S track from say Juniper. Why not take it? It's just considered to be a much more difficult exam because:
It doubles the number of topics you can be tested on, this makes it so you must have mastered everything in the CCNA since it is fair game. This also makes repeat attempts harder since the question pool is large enough that if you do badly on say IP Services, you might instead get a security focus the next time. You have a smaller margin of error: with ICND1 and 2 you can get say...10 questions wrong to pass with the minimum score so you can get 20 questions wrong and still be a CCNA. With the composite you can only get 10 wrong before failing
There is less padding questions, icnd1 may also you 10 subnetting questions but the composite may just ask a couple and move on the next topic. This makes things harder since your more likely to hit a hard question rather than get a few easier ones.
Cisco assumes your a network professional so they may hit harder than with the other exams. Based on my own observations from watching this sub and talking to people, I would say a junior has about a 90% fail rate for the composite and it typically takes them about 3 tries to pass it. Incidentally they also tend to be bitter with Cisco after paying for so many failed exams. Long story short, it isn't worth it, I should also point out that you get the same CCNA no matter what path you take. The only difference is that with the two exam method you get the CCENT as well, which means you can get up to two kitty gifs!

Reading List

Books by Odom and Lammle remain our recommendations for this CCNA version, you should read both to get both perspectives on topics. Generally Odom is considered to be more dry and technical and Lammle is more readable and approachable.

Home Lab

There are two main options for a home lab - physical and virtual. You can also mix and match as needed.
Because of the new version it is recommended to try to use IOS 15 in all your physical gear so you can utilize the modern features that IOS brings to the table. The router models don't matter all that much since features at the CCNA and CCNP level are mostly the same, you also don't need to worry about serial modules nearly as much because serial is a very small topic now.
Model numbers matter with switches though, you should aim to get 3 or 4 Cisco 3560 switches so your lab will last you well past your CCNA R&S studies, though you can pick up a some L2 Cisco 2960 switches if need be.
For virtual you have 3 main options
  • Packet Tracer - a mostly functional emulation tool that meets most of the CCNA requirements, it requires very little resources or technical knowledge but only supports just enough IOS features for you to pass the CCNA.
PT 7.0 is out now and can be gotten for free from Cisco.
  • GNS3 - a functional solution that runs real IOS images, the downside is you need to get your hand on IOS images. It also doesn't have native support for most L2 features.
Here is a blog post I wrote about setting it up end to end:
Mastering GNS3
  • VIRL - this is the most resource heavy option but its benefit is that Cisco provides IOS images to you.
Here is the post I did about VIRL:
Mastering VIRL

Exam Tips

Remember there is no back button so always read the question until you fully understand what it is asking you and you know what technology it is testing you on before answering.
If you can't think of an answer within a minute consider picking the best answer and moving on. You are unlikely to correctly figure out the question after thinking about it for another minute and will likely talk yourself into a wrong answer. You don't have a ton of time in the exam!
For people with a bit more IT experience, remember the context and level of the exam. There are many solutions to problems in the real world and at the end of the day the CCNA doesn't get too deep into topics. Keep the exam topics in mind when answering a question...for example if Cisco asks what device would run BGP? Then the answer would be a router even though most devices can support BGP these days from hosts to servers to firewalls etc. The reason why is the CCNA v3.0 only teaches about basic eBGP on a router so Cisco isn't going to expect you to know that Windows Server can do BGP.

The Best Answer

People also have a lot of issues getting used to the concept of the best answer. Like the BGP scenario above you have to keep the context of the question in mind, a router can indeed use a switch module to act like a switch and a L3 switch can act like a router etc but if they ask what device is best for switching then it will be a switch.

The Cisco Answer

The "Cisco Answer" is something that keeps popping up over and over, and in my opinion is drastically overblown and misunderstood in most cases. Basically it is the claim that Cisco wants you to answer the question their way as opposed to the industry correct answer. Generally this seems to be feed from the pitfalls I mentioned above:
An example of an old Cisco answer was back when other vendors first started supporting CDP and if you were asked if CDP only ran on Cisco you had to decide if Cisco was expecting you to know that polycom phones could do CDP. But generally those types of questions are gone in the R&S track at least (I'm told the wireless track needs more time in the oven)
The other place it comes from is when you are multi vendor and/or have a higher knowledge/experience level then the exam your writing. A simple example might be if they asked you how many link state routing protocols are supported by Cisco, a CCNA will probably say 1, whereas a more advanced candidate may answer 2. But considering CCNA doesn't mention IS-IS then 1 would be the CCNA correct answer. The trick is you have to keep your exam level in mind as your writing it.
Finally there is the obvious actual Cisco answer where if they asked you what OSPF's Administrative Distances is? Now on Cisco it is 110/110/110, on Juniper it is 10/150, and on HPE it is 10/150/150. So in this case they are looking for the Cisco right answer but that only really can affect you if you are multi-vendor.

Question Marks and Tab

Sim's generally have support for the tab and ? but it can be limited if Cisco decides to remove them to make sure you know how to do a task or if they simply just don't fully implement them since the sim is just a flash animation they have to program. It is also worth noting that even if Cisco does give you full functionality, you would still need to know the full commands since Cisco can just straight up ask you syntax questions.

Practice Tests

The Boson practice tests are highly regarded and tend to be of similar difficulty or more difficult than the actual exam.

New topic posts

I'll try to keep this updated as they pop up but here is the current posts that are cover the new topics
What is Metro Ethernet
What is MPLS as a WAN Service
What is BGP?
submitted by the-packet-thrower to ccna [link] [comments]


How to Date When You're Over 50 (Dating Tips & Where to ... Dating: Matchmaking Service - Model Quality Introductions Review Singles In Minneapolis  Minneapolis Dating  Matchmaker Minneapolis Dating Service Roleplay Part 2 (ASMR) - YouTube Dating at 70 - Modern day seniors - Tips for Dating at 70 ... Dating Service Commercial (Jon Lajoie) - YouTube Abraham Hicks ♥ Dating websites ♥ Let your vortex be your ... GUYS THAT WANT TO DATE ME - A BBW / SSBBW Dating In The Philippines .... The Best Dating Site For ... Best Free Dating Sites in USA without payment 2020 : Top ...

Minneapolis Singles & Personals: Free Online Dating & Chat ...

  1. How to Date When You're Over 50 (Dating Tips & Where to ...
  2. Dating: Matchmaking Service - Model Quality Introductions Review
  3. Singles In Minneapolis Minneapolis Dating Matchmaker Minneapolis
  4. Dating Service Roleplay Part 2 (ASMR) - YouTube
  5. Dating at 70 - Modern day seniors - Tips for Dating at 70 ...
  6. Dating Service Commercial (Jon Lajoie) - YouTube
  7. Abraham Hicks ♥ Dating websites ♥ Let your vortex be your ...
  8. GUYS THAT WANT TO DATE ME - A BBW / SSBBW
  9. Dating In The Philippines .... The Best Dating Site For ...
  10. Best Free Dating Sites in USA without payment 2020 : Top ...

Hey poopsies, here is PART TWO of the dating service roleplay! Finally. It’s been over a year since the last posted one. Season one is now over, and we are a... How to Date When You're Over 50 (Dating Tips & Where to Meet Women) Improve your chances in finding, attracting & keeping a good woman no matter what age you... Hello Dear in this video I am going to tell you about the best free dating site in USA. Internet dating is becoming trending these days. Now you can easily f... Sha’s Vlog in the Philippines Channel: https://www.youtube.com/channel/UC7aUwGkC6iJRpWr_k-TG55A Please Help Support our Channel: Patreon: https://www.patreon... Tips for Dating at 70, http://www.seniordating-uk.co.uk Modern day seniors A person is technically considered a senior citizen when they reach the age of 65.... Dedicated to sharing the laws of the universe Interactive Workbooks created to allow anyone to create the life they always desired.Read more↓↓↓ ↓↓↓click show... www.jonlajoie.com starring Erin Stack www.erinstack.com and Jon Lajoie written and directed by Jon Lajoie camera by Brandon Dermer The Truth About Dating As A Plus Size Woman - Duration: 7:34. Lesly Galletti 39,052 views. 7:34. Mandy Rain - Want to date me, nows your chance - Duration: 0:46. Minneapolis MN Dating Coach, April Davis of Cupid's Cronies Matchmakers Dating Service - Duration: 0:58. LUXE Matchmaker Dating Service - Chicago 990 views 0:58 If you are looking for a matchmaking service, then you will like this... Skip navigation ... Minneapolis Millionaire Matchmaker Explains How to Meet ... Luxury Matchmaking Dating Service 1,760 ...