From jcrowell at dcn.davis.ca.us Mon Sep 1 00:19:58 2003 From: jcrowell at dcn.davis.ca.us (John M. Crowell) Date: Mon, 1 Sep 2003 00:19:58 -0700 (PDT) Subject: [DCN-TechOps] Monthly LoginID Report Message-ID: DCN LoginID Activity: August 1, 2003 - August 31, 2003 -------------------------------------------------------- This is a summary of LoginID activity on wheel for the month of August, 2003. This represents only the activity affecting the password authentication file, and reflects only LoginID's. There is not a one-to-one correspondence between LoginID and registered subscribers, but the correlation is close. Activity for the month of August: 36 New LoginID's 27 Active LoginID's deleted 2 Suspended LoginID's deleted 0 LoginID's suspended (i.e. LoginID exists, but password invalidated) 0 LoginID's reactivated Current LoginID's as of: 31-Jul 31-Aug Category --------------------------------------------------------------------- 13 13 System ID's used only by the OS and netadmin 9 8 DCN internal and administrative accounts 10 10 Training accounts used for classes and demonstrations 12 10 Suspended/inactive LoginID's 2519 2529 Active LoginID's ---- ---- 2563 2570 Total ---------------------------------------------------------------------- John M. Crowell Learn from the Past Davis Community Network Live for Today DCN Systems Manager Look to Tomorrow netadmin at dcn.davis.ca.us Take a Nap This afternoon Sacramento Master Singers Music Librarian jcrowell at mastersingers.org ______________________________________________________________________ From jcrowell at dcn.davis.ca.us Mon Sep 1 00:20:42 2003 From: jcrowell at dcn.davis.ca.us (John M. Crowell) Date: Mon, 1 Sep 2003 00:20:42 -0700 (PDT) Subject: [DCN-TechOps] Monthly Downtime Report Message-ID: Monthly System Availability Report: August, 2003 Systems: wheel: 00:00 01-Sep-03 uptime= 1 days 22:23 hours 26Aug03 02:14-02:35 wheel shutdown to prevent process table (0:21) runaway. 30Aug03 00:05-01:45 wheel shutdown to single-user mode for (1:40) installation of Sun-recommended, and security patches. web: Scheduled interruptions every Saturday midnight for cycling log files. downtime ~20 seconds spoke: 00:00 01-Sep-03 uptime = 65 days 5:39 hours No Downtime Modems: No reported outages. Network: No reported outages. ---------------------------------------------------------------------- John M. Crowell Learn from the Past Davis Community Network Live for Today DCN Systems Manager Look to Tomorrow netadmin at dcn.davis.ca.us Take a Nap This afternoon Sacramento Master Singers Music Librarian jcrowell at mastersingers.org ______________________________________________________________________ From msmosaic at dcn.davis.ca.us Sun Sep 7 06:23:00 2003 From: msmosaic at dcn.davis.ca.us (msmosaic at dcn.davis.ca.us) Date: Sun, 7 Sep 2003 06:23 -0700 Subject: [DCN-TechOps] Web Activity Summary Message-ID: <200309071323.h87DNAK01567@wheel.dcn.davis.ca.us> 996,067 requests 8,392,101,888 bytes transferred Subdomains by bytes transferred ------------------------------- 1 peanutscollectorclub.com 1,180,631,318 14.07 2 warbird.com 714,819,848 8.52 3 vctinney 604,043,858 7.20 4 vme 459,648,267 5.48 5 klsabin 388,419,841 4.63 6 academic-genealogy.com 334,513,766 3.99 7 DCN 303,130,491 3.61 8 gracevalley.org 240,702,407 2.87 9 foua.net 237,471,561 2.83 10 redwoodbarn.com 226,470,878 2.70 11 gvcc 216,759,509 2.58 12 birchlane 201,545,429 2.40 13 abih.org 199,229,930 2.37 14 gizmo 199,166,348 2.37 15 multiwareinc.com 180,570,508 2.15 16 palmsplayhouse.com 144,902,339 1.73 17 explorit.org 132,859,624 1.58 18 welsh 117,162,137 1.40 19 platypus 111,838,423 1.33 20 yannascimbene.com 106,543,648 1.27 21 bartosh.com 103,390,056 1.23 22 mos 100,556,969 1.20 23 members.dcn.org 100,331,101 1.20 Subdomains by requests ---------------------- 1 abih.org 115,044 11.55% 2 peanutscollectorclub.com 108,353 10.88% 3 DCN 76,999 7.73% 4 vme 57,996 5.82% 5 coffer.com 40,864 4.10% 6 warbird.com 35,434 3.56% 7 gvcc 34,631 3.48% 8 klsabin 32,319 3.24% 9 gracevalley.org 26,555 2.67% 10 vctinney 24,629 2.47% 11 palmsplayhouse.com 24,136 2.42% 12 foua.net 20,812 2.09% 13 explorit.org 20,077 2.02% 14 academic-genealogy.com 19,871 1.99% 15 birchlane 17,554 1.76% 16 redwoodbarn.com 13,608 1.37% 17 yolorecorder.org 11,932 1.20% 18 members.dcn.org 11,840 1.19% 19 mos 11,737 1.18% 20 gizmo 10,555 1.06% 21 bang 10,514 1.06% 22 rentcomputers.com 10,469 1.05% 23 explorit 10,201 1.02% 24 platypus 10,142 1.02% From steve at dcn.org Wed Sep 10 13:22:18 2003 From: steve at dcn.org (Steve McMahon) Date: Wed, 10 Sep 2003 13:22:18 -0700 Subject: [DCN-TechOps] Port Blocking Proposal Message-ID: <3F5F87FA.4090308@dcn.org> Hi TechOps, I don't know to what extent DCN/Omsoft are now blocking ports, but thought this deserved discussion: From today's SANS Newsbites: --ISPs Could Block Ports to Reduce Spread of Malware (8 September 2003) A report written by Johannes Ullrich, SANS Internet Storm Center CTO, proposes that Internet service providers (ISPs) block access to "commonly exploited" communications ports on customers' computers. While it would not prevent all Internet threats, it could address a bulk of the problems. The four ports, 135, 137, 139 and 445, are not necessary for most Internet use. The proposal is aimed at ISPs that serve individual customers and universities, not those that serve corporate customers. http://www.nwfusion.com/edge/news/2003/0908studyisps.html http://www.sans.org/rr/special/isp_blocking.pdf -- ______________________________________________________ Steve McMahon Reid-McMahon, LLC steve at reidmcmahon.com steve at dcn.org From bill at math.ucdavis.edu Wed Sep 10 13:27:01 2003 From: bill at math.ucdavis.edu (Bill Broadley) Date: Wed, 10 Sep 2003 13:27:01 -0700 Subject: [DCN-TechOps] Port Blocking Proposal In-Reply-To: <3F5F87FA.4090308@dcn.org> References: <3F5F87FA.4090308@dcn.org> Message-ID: <20030910202701.GG8359@sphere.math.ucdavis.edu> On Wed, Sep 10, 2003 at 01:22:18PM -0700, Steve McMahon wrote: > Hi TechOps, > > I don't know to what extent DCN/Omsoft are now blocking ports, but > thought this deserved discussion: I've been involved in numerous discussions on campus about this. The question becomes: Do you reduce functionality for everyone because some don't patch? Do you allow windows filesharing or not? -- Bill Broadley Mathematics UC Davis From omrob at omsoft.com Wed Sep 10 13:47:16 2003 From: omrob at omsoft.com (Robert Nickerson) Date: Wed, 10 Sep 2003 13:47:16 -0700 Subject: [DCN-TechOps] Port Blocking Proposal In-Reply-To: <20030910202701.GG8359@sphere.math.ucdavis.edu> Message-ID: HI We already block these I think. Lucas should be able to tell you when he returns on 9/15. THx RAN > -----Original Message----- > From: dcn-technical-committee-bounces at velocipede.dcn.davis.ca.us > [mailto:dcn-technical-committee-bounces at velocipede.dcn.davis.ca.us]On > Behalf Of Bill Broadley > Sent: Wednesday, September 10, 2003 1:27 PM > To: Steve McMahon > Cc: DCN-Technical-Committee at velocipede.dcn.davis.ca.us > Subject: Re: [DCN-TechOps] Port Blocking Proposal > > > On Wed, Sep 10, 2003 at 01:22:18PM -0700, Steve McMahon wrote: > > Hi TechOps, > > > > I don't know to what extent DCN/Omsoft are now blocking ports, but > > thought this deserved discussion: > > I've been involved in numerous discussions on campus about this. > > The question becomes: > Do you reduce functionality for everyone because some don't patch? > Do you allow windows filesharing or not? > > > -- > Bill Broadley > Mathematics > UC Davis > _______________________________________________ > DCN-Technical-Committee mailing list > DCN-Technical-Committee at mailman.dcn.org > http://www2.dcn.org/mailman/listinfo/dcn-technical-committee > From msmosaic at dcn.davis.ca.us Sun Sep 14 06:23:00 2003 From: msmosaic at dcn.davis.ca.us (msmosaic at dcn.davis.ca.us) Date: Sun, 14 Sep 2003 06:23 -0700 Subject: [DCN-TechOps] Web Activity Summary Message-ID: <200309141323.h8EDNNK23896@wheel.dcn.davis.ca.us> 1,108,548 requests 9,960,111,315 bytes transferred Subdomains by bytes transferred ------------------------------- 1 peanutscollectorclub.com 1,413,932,400 14.20 2 warbird.com 1,168,045,360 11.73 3 vme 899,884,458 9.03 4 vctinney 683,254,288 6.86 5 klsabin 443,080,148 4.45 6 birchlane 360,572,941 3.62 7 academic-genealogy.com 326,812,119 3.28 8 DCN 317,967,800 3.19 9 gracevalley.org 291,096,529 2.92 10 gvcc 271,090,878 2.72 11 redwoodbarn.com 270,298,032 2.71 12 abih.org 205,161,877 2.06 13 explorit.org 178,056,296 1.79 14 platypus 162,532,413 1.63 15 palmsplayhouse.com 161,735,611 1.62 16 members.dcn.org 151,897,708 1.53 17 multiwareinc.com 138,880,568 1.39 18 welsh 133,163,273 1.34 19 gizmo 114,334,201 1.15 Subdomains by requests ---------------------- 1 abih.org 123,595 11.15% 2 peanutscollectorclub.com 120,857 10.90% 3 DCN 80,037 7.22% 4 vme 65,633 5.92% 5 warbird.com 59,581 5.37% 6 coffer.com 53,622 4.84% 7 gvcc 38,927 3.51% 8 klsabin 35,259 3.18% 9 gracevalley.org 28,567 2.58% 10 palmsplayhouse.com 26,779 2.42% 11 explorit.org 26,088 2.35% 12 vctinney 26,069 2.35% 13 birchlane 22,326 2.01% 14 academic-genealogy.com 20,997 1.89% 15 redwoodbarn.com 16,286 1.47% 16 members.dcn.org 15,600 1.41% 17 yolorecorder.org 15,518 1.40% 18 platypus 14,944 1.35% 19 rentcomputers.com 13,654 1.23% From lucas at omsoft.com Mon Sep 15 14:09:29 2003 From: lucas at omsoft.com (lucas at omsoft.com) Date: Mon, 15 Sep 2003 14:09:29 -0700 Subject: [DCN-TechOps] Port Blocking Proposal In-Reply-To: References: <20030910202701.GG8359@sphere.math.ucdavis.edu> Message-ID: <3F65C819.29603.4C00448@localhost> This issue is quite heated, just read a few threads from DSLReports.com and you will see. Some people are happy to have us blocking everything, and some of our customers even complain that we don't block certain things. Others see it as an attempt to control and watch their every move. Currenty, we are only blocking port 139, and there are about 2 dozen customers who have opted out of it for various reasons. If we start blocking all the other ports, we may find ourselves getting calls about mysterious problems that can only be solved by un-blocking one or more of the ports for that customer. Also, it may start being costly to the CPU on our gateway router if we have hundreds of extra lines in our ACLs. Its handling pretty well so far, so that may be moot, but it is something to consider. Lucas On 10 Sep 2003 at 13:47, Robert Nickerson wrote: > HI > > We already block these I think. Lucas should be able to tell you when he > returns on 9/15. > > THx > RAN > > > -----Original Message----- > > From: dcn-technical-committee-bounces at velocipede.dcn.davis.ca.us > > [mailto:dcn-technical-committee-bounces at velocipede.dcn.davis.ca.us]On > > Behalf Of Bill Broadley > > Sent: Wednesday, September 10, 2003 1:27 PM > > To: Steve McMahon > > Cc: DCN-Technical-Committee at velocipede.dcn.davis.ca.us > > Subject: Re: [DCN-TechOps] Port Blocking Proposal > > > > > > On Wed, Sep 10, 2003 at 01:22:18PM -0700, Steve McMahon wrote: > > > Hi TechOps, > > > > > > I don't know to what extent DCN/Omsoft are now blocking ports, but > > > thought this deserved discussion: > > > > I've been involved in numerous discussions on campus about this. > > > > The question becomes: > > Do you reduce functionality for everyone because some don't patch? > > Do you allow windows filesharing or not? > > > > > > -- > > Bill Broadley > > Mathematics > > UC Davis > > _______________________________________________ > > DCN-Technical-Committee mailing list > > DCN-Technical-Committee at mailman.dcn.org > > http://www2.dcn.org/mailman/listinfo/dcn-technical-committee > > > > _______________________________________________ > DCN-Technical-Committee mailing list > DCN-Technical-Committee at mailman.dcn.org > http://www2.dcn.org/mailman/listinfo/dcn-technical-committee > From jcrowell at dcn.davis.ca.us Wed Sep 17 12:50:05 2003 From: jcrowell at dcn.davis.ca.us (John M. Crowell) Date: Wed, 17 Sep 2003 12:50:05 -0700 (PDT) Subject: [DCN-TechOps] sendmail upgrade Message-ID: Unless there is objection, I plan to upgrade sendmail on wheel and spoke to version 8.12.9 on Saturday, September 20. This is a major change. The new version uses different configuration files and mail queues for sendmail connections via the running daemon and sendmail processes invoked by users and users' scripts. The new version offers much more security, fixing security holes from previous versions, and running without setting its UID to root. The configuration file(s) are much more complex, and it took a while for me to perform the DCN customizations to allow relaying from, but not to, specified hosts and domains. As usual, a backout script will be ready to revert to the old version should anything go awry. Comments and suggestions are welcome. - Jack ---------------------------------------------------------------------- John M. Crowell Learn from the Past Davis Community Network Live for Today DCN Systems Manager Look to Tomorrow netadmin at dcn.davis.ca.us Take a Nap This afternoon Sacramento Master Singers Music Librarian jcrowell at mastersingers.org ______________________________________________________________________ From jcrowell at dcn.davis.ca.us Wed Sep 17 12:54:49 2003 From: jcrowell at dcn.davis.ca.us (John M. Crowell) Date: Wed, 17 Sep 2003 12:54:49 -0700 (PDT) Subject: [DCN-TechOps] Re: sendmail upgrade In-Reply-To: Message-ID: On Wed, 17 Sep 2003, John M. Crowell wrote: > > Unless there is objection, I plan to upgrade sendmail on wheel and spoke > to version 8.12.9 on Saturday, September 20. > Immediately after sending that message, I was notified that Version 8.12.10 is available. If my local tests of 8.12.10 pan out, I shall upgrade wheel and spoke to that version instead. - Jack ---------------------------------------------------------------------- John M. Crowell Learn from the Past Davis Community Network Live for Today DCN Systems Manager Look to Tomorrow netadmin at dcn.davis.ca.us Take a Nap This afternoon Sacramento Master Singers Music Librarian jcrowell at mastersingers.org ______________________________________________________________________ From msmosaic at dcn.davis.ca.us Sun Sep 21 06:23:00 2003 From: msmosaic at dcn.davis.ca.us (msmosaic at dcn.davis.ca.us) Date: Sun, 21 Sep 2003 06:23 -0700 Subject: [DCN-TechOps] Web Activity Summary Message-ID: <200309211323.h8LDNPUA004418@wheel.dcn.davis.ca.us> 1,185,981 requests 10,732,328,215 bytes transferred Subdomains by bytes transferred ------------------------------- 1 peanutscollectorclub.com 1,331,805,070 12.41 2 warbird.com 1,229,184,515 11.45 3 bartosh.com 1,048,299,870 9.77 4 vctinney 658,202,381 6.13 5 vme 534,544,850 4.98 6 redwoodbarn.com 487,887,455 4.55 7 klsabin 409,487,974 3.82 8 DCN 338,450,975 3.15 9 birchlane 301,326,238 2.81 10 academic-genealogy.com 289,587,570 2.70 11 gvcc 263,331,407 2.45 12 gizmo 238,873,376 2.23 13 gracevalley.org 214,324,377 2.00 14 abih.org 214,283,950 2.00 15 palmsplayhouse.com 197,058,736 1.84 16 explorit.org 177,730,311 1.66 17 multiwareinc.com 156,985,417 1.46 18 members.dcn.org 140,395,872 1.31 19 welsh 123,826,138 1.15 20 rentcomputers.com 121,418,351 1.13 Subdomains by requests ---------------------- 1 abih.org 129,467 10.92% 2 peanutscollectorclub.com 116,015 9.78% 3 DCN 83,920 7.08% 4 vme 72,063 6.08% 5 warbird.com 61,687 5.20% 6 coffer.com 55,441 4.67% 7 bartosh.com 47,604 4.01% 8 gvcc 43,823 3.70% 9 klsabin 34,367 2.90% 10 palmsplayhouse.com 32,910 2.77% 11 gracevalley.org 29,737 2.51% 12 explorit.org 26,681 2.25% 13 redwoodbarn.com 26,117 2.20% 14 vctinney 24,738 2.09% 15 birchlane 22,350 1.88% 16 gizmo 20,639 1.74% 17 academic-genealogy.com 18,501 1.56% 18 members.dcn.org 16,621 1.40% 19 yolorecorder.org 14,958 1.26% 20 rentcomputers.com 13,922 1.17% 21 explorit 12,571 1.06% From omrob at omsoft.com Thu Sep 25 09:21:26 2003 From: omrob at omsoft.com (Robert Nickerson) Date: Thu, 25 Sep 2003 09:21:26 -0700 Subject: [DCN-TechOps] Omsoft/DCN Facilities upgrade Message-ID: Hi The current DCN/Omsoft connection to the Internet rides on an ATM DS3 to SBC on a fiber physical link. As of October 6th, the DCN/Omsoft connection will be upgraded and provisioned over an ATM OC3 through the same fiber cabinet. No additional upstream bandwidth will be ordered at this time, however as the coming months add many more DSL users to our network, we will be adding additional bandwidth. The reason for the upgrade is that our current DS3 can no longer support additional bandwidth upgrades at this time. Anticipating we will need additional bandwidth in the 3-4 month range, Omsoft has gone ahead with a facilities upgrade to our current connection. The current 45 Mbps DS3 has 1 20 Mbps circuit carrying traffic through our upstream provider, PBI, to the Internet. The remaining 25 Mbps brings traffic from the SBC DSL network into the Omsoft/DCN network. Instead of ordering another DS3 it is cheaper and simpler to upgrade the exiting DS3 to OC3. This will give us room to add lots of additional customers and bandwidth with the 155 Mbps capacity of that connection. A brief timeline of the upgrade process follows: 1) New Backbone router SMS 1800 (with OC3 card) installed 9/29 and tested 5-8 am. The one 20 mbps connection to PBI is transferred from the DS3 pipe to the OC3 pipe. Downtime should be around 1-2 minutes if all goes well. Traffic comes onto the network through the old DS3 and gets routed out the new OC3. This is left up for a week to ensure things run smoothly. 2) Transfer of SBC DSL customer circuits. This will occur between 5-8 am on Monday 10/6. One customer Virtual Path will be tested initially for a period of 15 minutes, and then the rest of the SBC DSL customers will be transitioned in about 2 hours. These customers will experience some downtime as they are transitioned from the DS3 to OC3 facility. All customers should be back in service by 8 am on 10/6. 3) Old DS3 decommissioned on 10/6 old redback SMS 500 removed and completely replaced by new SMS 1800. Anecdotes: No changes for any of the DCN servers will be necessary to complete this move. This new SMS is about 8 times more raw processing power than our current SMS - so I am expecting latency to drop a little. The new unit has redundant power and 1 plug will go to the Fortress UPS, while the other will go to another Omsoft UPS. The old DS3 will be available until 10/12 should any problems arise with the new equipment everything can be transferred back to the old equipment and DS3 We will send out a notice to the customers for the 10/6 downtime on 9/29. Please let me know if you have any comments or questions. Thanks Robert Nickerson C.E.O. tel (530) 758-0119 fax (530) 758-0140 ------------------------------------------------------- Omsoft Technologies - The Enlightened Internet Solution (tm) Visit us on the web at www.omsoft.com From msmosaic at dcn.davis.ca.us Sun Sep 28 06:23:00 2003 From: msmosaic at dcn.davis.ca.us (msmosaic at dcn.davis.ca.us) Date: Sun, 28 Sep 2003 06:23 -0700 Subject: [DCN-TechOps] Web Activity Summary Message-ID: <200309281323.h8SDNLuB021626@wheel.dcn.davis.ca.us> 1,173,651 requests 10,070,468,515 bytes transferred Subdomains by bytes transferred ------------------------------- 1 peanutscollectorclub.com 1,413,142,618 14.03 2 warbird.com 804,448,215 7.99 3 vctinney 657,675,036 6.53 4 redwoodbarn.com 609,582,873 6.05 5 vme 576,943,095 5.73 6 gvcc 450,770,409 4.48 7 klsabin 416,219,534 4.13 8 birchlane 366,419,668 3.64 9 DCN 319,622,372 3.17 10 academic-genealogy.com 302,436,812 3.00 11 gracevalley.org 280,573,118 2.79 12 gizmo 268,993,104 2.67 13 bartosh.com 255,989,058 2.54 14 abih.org 209,286,045 2.08 15 palmsplayhouse.com 197,004,141 1.96 16 explorit.org 185,059,925 1.84 17 multiwareinc.com 169,200,093 1.68 18 members.dcn.org 131,778,845 1.31 19 welsh 119,175,549 1.18 20 rentcomputers.com 117,881,145 1.17 Subdomains by requests ---------------------- 1 abih.org 133,160 11.35% 2 peanutscollectorclub.com 121,868 10.38% 3 DCN 81,333 6.93% 4 vme 77,820 6.63% 5 coffer.com 51,074 4.35% 6 gvcc 41,137 3.51% 7 warbird.com 38,687 3.30% 8 palmsplayhouse.com 33,557 2.86% 9 klsabin 33,450 2.85% 10 redwoodbarn.com 33,235 2.83% 11 gracevalley.org 32,193 2.74% 12 gizmo 28,724 2.45% 13 explorit.org 27,732 2.36% 14 birchlane 26,176 2.23% 15 vctinney 24,875 2.12% 16 academic-genealogy.com 18,920 1.61% 17 yolorecorder.org 18,492 1.58% 18 yannascimbene.com 14,222 1.21% 19 members.dcn.org 13,614 1.16% 20 bartosh.com 12,530 1.07% 21 bang 12,436 1.06% 22 rentcomputers.com 12,283 1.05%