Date   

April NUGA Meeting - TOMORROW! - Tuesday, April 4th - Verizon - What's New in Alaska?

Jerry Tibor
 

Please join us for the April meeting - TOMORROW! - Tuesday, April 4th!

 

When:  Tuesday, April 4th, 2017, from noon to 1:00 p.m.

 

Where:  BP Energy Center, 1014 Energy Ct, Anchorage, AK 99508:

(NEW Link to Map & Directions) - http://www.bp.com/content/dam/bp-country/en_us/PDF/bp_energy_center_map.pdf

 

Who:  All NUGA members and Guests welcome

 

Topic:  Verizon - What's New in Alaska?

 

Presentation:

 

Verizon has been in Alaska for a few years now.  How have they grown and expanded here?  What new products and services do they have now and envision in the future?  Join us for lunch to find out!

Presented by:   Billy Blixt - Business Account Manager - Verizon

Bio:  Billy Blixt moved to Alaska in August of 2016 and has worked for Verizon for 13 years.  Moving from Nashville, Tennessee was quite the experience!  During his time with Verizon, he has held many different positions including customer service, corporate instruction and sales to name a few.  He currently resides in Palmer, Alaska with his partner and three fur babies that truly enjoy Hatcher’s Pass hiking.

 

 

It should be another terrific presentation so plan now to attend and bring a guest!

 

As always, we will have pizza (and now salad!) (sponsored by Verizon!) available for your eating pleasure along with door prizes and free information!

 

--

 

Jerry Tibor 

Vice-President, Network Users Group Alaska
http://www.nuga.org

 

jftibor@...
(907) 786-4734 - voice
(907) 786-4888 - fax

 


Re: Cisco Equpment/CCIE Lab

wrodriguez@lexisps.com <wrodriguez@...>
 

Thanks Jesse! 

From: <nuga@groups.io> on behalf of Jesse Perry <Jp@...>
Reply-To: "nuga@groups.io" <nuga@groups.io>
Date: Monday, April 3, 2017 at 7:46 AM
To: "nuga@groups.io" <nuga@groups.io>
Subject: Re: [nuga] Cisco Equpment/CCIE Lab

Hi Wayne,

Best of luck on your downsizing, my wife and I are doing the same thing, it can be fun but stressful too. I will keep an eye out for people looking for some good Cisco gear. Take care bro.


On Sun, Apr 2, 2017, 10:18 PM wrodriguez@... <wrodriguez@...> wrote:

Just to clarify my reasons for selling. I have accumulated this equipment over some time but now we are looking to sell our home and downsize so I won't have the space anymore. I figured some of you might want to build a lab or perhaps you need some good used equipment for a project. -Wayne R. 

--


JP (Jesse Perry)

voice/txt: 907-748-2200
email: jp@...
web: http://jptechnical.com


Re: Cisco Equpment/CCIE Lab

JP
 

Hi Wayne,

Best of luck on your downsizing, my wife and I are doing the same thing, it can be fun but stressful too. I will keep an eye out for people looking for some good Cisco gear. Take care bro.


On Sun, Apr 2, 2017, 10:18 PM wrodriguez@... <wrodriguez@...> wrote:

Just to clarify my reasons for selling. I have accumulated this equipment over some time but now we are looking to sell our home and downsize so I won't have the space anymore. I figured some of you might want to build a lab or perhaps you need some good used equipment for a project. -Wayne R. 

--


JP (Jesse Perry)

voice/txt: 907-748-2200
email: jp@...
web: http://jptechnical.com


Re: Cisco Equpment/CCIE Lab

wrodriguez@lexisps.com <wrodriguez@...>
 

Just to clarify my reasons for selling. I have accumulated this equipment over some time but now we are looking to sell our home and downsize so I won't have the space anymore. I figured some of you might want to build a lab or perhaps you need some good used equipment for a project. -Wayne R. 


Cisco Equpment/CCIE Lab

wrodriguez@lexisps.com <wrodriguez@...>
 

I have a number of used Cisco routers and switches available. 
-(2) 2811 routers with Advanced IP Services IOS and WIC-1DSU-T1-V2 $150 each
-(2) 2811 routers with base IOS and WIC-1DSU-T1-V2 $150 each
-(2) 3560 switches (L2/L3) 48-port PoE 10/100 $100 each
-(2) 3560 switches (L2/L3) 24-port PoE 10/100 $50 each
(3) 3500XL switches (L2), two are 24-port and one is 48-port 10/100
-(1) 4506 chassis switch with SUPII, dual 1300W power supplies, 1 10/100 PoE blade, one 10/100/1000 Ethernet blade and one Gigabit GBIC blade $250
-(2) AIR-WLC4402-12-K9 Wireless LAN controllers $50
-(4) Older 802.11G-class lightweight AP's $10 each
- I have an assortment of GBICs and SFP's for $15 each.

All equipment is functioning properly and has the rack-mounting hardware; I personally removed it all from service when I installed new equipment and took this equipment on trade. If you want the lot we can work out a price for the whole thing.
Wayne Rodriguez
907-312-6723

     


Re: significant IIS 6 vulnerability with published exploit, some Alaskan impact

Ben Weaver
 

Many of my best ideas come to me in the shower...

--
Ben Weaver
Projects and Engineering Manager
Direct: (907) 751-8259


On Fri, Mar 31, 2017 at 8:14 AM, Royce Williams <royce@...> wrote:
Don't rest too easy yet. :/

It occurred to me in the shower this morning that my methodology was inadequate. I was focused solely on HTTPS-speaking servers in my list of known host names.

I'll publish an updated (and almost certainly expanded) list - maybe later today, as time permits.

Royce

On Fri, Mar 31, 2017 at 8:09 AM, JP <jp@...> wrote:

Thanks Royce. It is a good day when none of my managed domains show up on your hit list :-D




Re: significant IIS 6 vulnerability with published exploit, some Alaskan impact

Royce Williams
 

Don't rest too easy yet. :/

It occurred to me in the shower this morning that my methodology was inadequate. I was focused solely on HTTPS-speaking servers in my list of known host names.

I'll publish an updated (and almost certainly expanded) list - maybe later today, as time permits.

Royce

On Fri, Mar 31, 2017 at 8:09 AM, JP <jp@...> wrote:

Thanks Royce. It is a good day when none of my managed domains show up on your hit list :-D



Re: significant IIS 6 vulnerability with published exploit, some Alaskan impact

JP
 

Thanks Royce. It is a good day when none of my managed domains show up on your hit list :-D


On Thu, Mar 30, 2017, 7:03 AM Royce Williams <royce@...> wrote:
The vulnerability:


Why it matters:

This one is now very unlikely to receive a patch from Microsoft. It also now has a public exploit. It is likely to be weaponized (or even turn into a worm) soon, as the bar to recreating the exploit appears to be low.

Description:

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.


Alaskan exposure:

At least 109 Alaskan hosts in 83 unique domains appear to still be running IIS 6, including some pretty familiar names.  

Here is the list:


I've also made a list of just the domains by frequency count, sorted by domain, for easy visual checking:


Let me know if you can't retrieve them. 

I've tried to restrict these lists to known Alaskan networks, but it's trivial obscurity. IIS version is publicly discoverable, even if you suppress the web server's advertisement of its version. Tools like Shodan allow anyone to query for IIS version and geography, so this list is trivially recreate-able. And exploit is likely to be so easy that it can be tried against every server, regardless of version. 

Call to action:

Advise your clients/stakeholders, mitigate, and/or forward to interested parties accordingly. 

If you have a WAF in front of your web server, ensure that it has a signature for this. If you don't have a WAF, consider putting one in front of the server. Something like Cloudfront can be spun up pretty quickly.

Royce

--


JP (Jesse Perry)

voice/txt: 907-748-2200
email: jp@...
web: http://jptechnical.com


Senior .NET Programmer / Analyst

Timothy B. Trueblood
 

Hello NUGA,

If you or someone with whom you network are interested in a Senior .NET Programmer / Analyst position, here is great position with a local firm, Alaska Tour and Travel:

http://stackoverflow.com/jobs/138842

Background: Alaska Tour and Travel has been, over the past 3 years, an active donor and supporter of NUGA refurbish projects. Not only have there been complete desktop systems, but in February there was a Dell server, HP Procurve network gear and UPS.

Please give them your consideration.

Tim
--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!


significant IIS 6 vulnerability with published exploit, some Alaskan impact

Royce Williams
 

The vulnerability:


Why it matters:

This one is now very unlikely to receive a patch from Microsoft. It also now has a public exploit. It is likely to be weaponized (or even turn into a worm) soon, as the bar to recreating the exploit appears to be low.

Description:

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.


Alaskan exposure:

At least 109 Alaskan hosts in 83 unique domains appear to still be running IIS 6, including some pretty familiar names.  

Here is the list:


I've also made a list of just the domains by frequency count, sorted by domain, for easy visual checking:


Let me know if you can't retrieve them. 

I've tried to restrict these lists to known Alaskan networks, but it's trivial obscurity. IIS version is publicly discoverable, even if you suppress the web server's advertisement of its version. Tools like Shodan allow anyone to query for IIS version and geography, so this list is trivially recreate-able. And exploit is likely to be so easy that it can be tried against every server, regardless of version. 

Call to action:

Advise your clients/stakeholders, mitigate, and/or forward to interested parties accordingly. 

If you have a WAF in front of your web server, ensure that it has a signature for this. If you don't have a WAF, consider putting one in front of the server. Something like Cloudfront can be spun up pretty quickly.

Royce


Re: Chrome deprecation of certs issued by Symantec-owned CAs

Royce Williams
 

And here's a nice, readable summary from the Bulletproof TLS Newsletter (free, recommended). 

(And It's a little concerning that Symantec basically responded with "meh". I professionally recommend moving away from them as a CA. As an alternative, I'm a big fan of Let's Encrypt - free, well executed, automatically renewing, short lifetime, high-quality certs.)

Quoting:

Google has proposed taking very severe steps against Symantec due to violations of its responsibilities as a certificate authority. In January, it became known that Symantec had issued several certificates for domains that weren't requested by their owners. These certificates were created by the South Korean company Crosscert, to which Symantec had given access to its certificate issuance infrastructure.

Over the course of the investigation, it became clear that multiple companies had been given similar access to Symantec's infrastructure without sufficient oversight. Symantec knew about some of the problems and didn't come forward with that knowledge. All together, around 30,000 certificates have been issued by these companies.

Google now plans to phase out all currently valid Symantec certificates. Via several steps, the Chrome browser would distrust certificates with certain validity times. In the end, Symantec would only be allowed to issue certificates with a validity of nine months in the future. Also, Symantec would lose its ability to issue Extended Validation (EV) certificates. Although many people question the utility of EV-certificates, they’re a major source of income for certificate authorities due to their higher prices .

Symantec noted that it finds Google’s actions irresponsible. In an emailed statement, as reported by Ars Technica, Symantec wrote: “Our SSL/TLS certificate customers and partners need to know that this does not require any action at this time.”


On Wed, Mar 29, 2017 at 11:57 AM, Royce Williams <royce@...> wrote:
Urgency: not immediate - but it could impact some sites as soon as June, and could take some lead time to get ready, so analyze soon. And if you depend on visible signs of Extended Validation, that will be impacted almost immediately.

Impact: Chrome will start distrusting Symantec certs (as well as Thawte, Verisign, and other CA properties owned by Symantec) on a graduated timeline, depending on age and duration of cert. They will also stop showing visible signs of Extended Validation (EV) certs immediately.

Google announcement and discussion:

    https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/eUAKwjihhBs/rpxMXjZHCQAJ

Good summary of the practical upshot, with timelines:

    https://github.com/sleevi/explainer/blob/master/README.md

Alternate checking tool:

    https://www.renditioninfosec.com/socapps/sslcheck/index.php

I also have a feature request in with Qualys to add this to the SSL Labs Server Test

    https://github.com/ssllabs/ssllabs-scan/issues/477

Royce
--
Royce Williams



Chrome deprecation of certs issued by Symantec-owned CAs

Royce Williams
 

Urgency: not immediate - but it could impact some sites as soon as June, and could take some lead time to get ready, so analyze soon. And if you depend on visible signs of Extended Validation, that will be impacted almost immediately.

Impact: Chrome will start distrusting Symantec certs (as well as Thawte, Verisign, and other CA properties owned by Symantec) on a graduated timeline, depending on age and duration of cert. They will also stop showing visible signs of Extended Validation (EV) certs immediately.

Google announcement and discussion:

    https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/eUAKwjihhBs/rpxMXjZHCQAJ

Good summary of the practical upshot, with timelines:

    https://github.com/sleevi/explainer/blob/master/README.md

Alternate checking tool:

    https://www.renditioninfosec.com/socapps/sslcheck/index.php

I also have a feature request in with Qualys to add this to the SSL Labs Server Test

    https://github.com/ssllabs/ssllabs-scan/issues/477

Royce
--
Royce Williams


kudos to testvactrak.alaska.gov for their A+ TLS config!

Royce Williams
 

To whoever set up HTTPS configuration for this site:

https://testvactrak.alaska.gov/

... great work. It's the first A+ Qualys score that I've seen for *.alaska.gov!

https://www.ssllabs.com/ssltest/analyze.html?d=testvactrak.alaska.gov

Kudos!

Royce


Re: Sun/SGI Computers

Jeffery Kinzel
 

Hello Ron, I'm in need of a computer, would be interested in one of
your SGI's if you still have available.

Thanks, Jeff
907-717-3625

On Mon, Mar 27, 2017 at 9:55 AM, Timothy B. Trueblood
<ttrueblood@...> wrote:
Thanks for the note, Ron. Look forward to hearing from ya!

A question: would you be interested in configing a Cisco 2948G? On the
project mentioned below, there was an unused unit in the server room.

Thanks,

Tim


On 3/27/2017 9:22 AM, RONALD YEAGER wrote:

I'll get back to ya as soon as possible Tim. Just got off work and need
sleep!
Ron


----- Original Message -----
From:
nuga@groups.io

To:
<nuga@groups.io>
Cc:

Sent:
Sun, 26 Mar 2017 21:39:48 -0800
Subject:
Re: [nuga] Sun/SGI Computers


Hello Ron,

NUGA is working on a technology refresh for a 501(c)3 school in
Palmer.
Part of the refresh is their server room and the need for a few pieces
of Cisco gear. Don't know if your have disposed of your units, but if
not please let me know what is available.

Thanks,

Tim

On 3/25/2017 10:19 PM, RONALD YEAGER wrote:
> Recent post on another list about the computers reminds me that I
have
> Sun and SGI machines that I want to give to a new home.
> I hate to do it, but need room for other "machines" (cars).
> I have Sun pizza box machines, SGI IRIS, SGI Indigo, SGI
> Challenge...Just off the top of my head.
> Also really heavy monitors for these.
> Additionally a couple pieces of Cisco equipment.
> Contact me off list if interested. I'll take a small donation
towards my
> bad habit of Porsche, but am
> willing to give most of it away as long as someone can learn from
this
> neat equipment.
>
> Ron Yeager
>

--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!



--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!



Re: Sun/SGI Computers

Timothy B. Trueblood <ttrueblood@...>
 

Thanks for the note, Ron. Look forward to hearing from ya!

A question: would you be interested in configing a Cisco 2948G? On the project mentioned below, there was an unused unit in the server room.

Thanks,

Tim

On 3/27/2017 9:22 AM, RONALD YEAGER wrote:
I'll get back to ya as soon as possible Tim. Just got off work and need
sleep!
Ron


----- Original Message -----
From:
nuga@groups.io

To:
<nuga@groups.io>
Cc:

Sent:
Sun, 26 Mar 2017 21:39:48 -0800
Subject:
Re: [nuga] Sun/SGI Computers


Hello Ron,

NUGA is working on a technology refresh for a 501(c)3 school in Palmer.
Part of the refresh is their server room and the need for a few pieces
of Cisco gear. Don't know if your have disposed of your units, but if
not please let me know what is available.

Thanks,

Tim

On 3/25/2017 10:19 PM, RONALD YEAGER wrote:
> Recent post on another list about the computers reminds me that I have
> Sun and SGI machines that I want to give to a new home.
> I hate to do it, but need room for other "machines" (cars).
> I have Sun pizza box machines, SGI IRIS, SGI Indigo, SGI
> Challenge...Just off the top of my head.
> Also really heavy monitors for these.
> Additionally a couple pieces of Cisco equipment.
> Contact me off list if interested. I'll take a small donation
towards my
> bad habit of Porsche, but am
> willing to give most of it away as long as someone can learn from this
> neat equipment.
>
> Ron Yeager
>

--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!



--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!


Re: Sun/SGI Computers

RONALD YEAGER
 

I'll get back to ya as soon as possible Tim. Just got off work and need sleep!
Ron 


----- Original Message -----
From:
nuga@groups.io

To:
<nuga@groups.io>
Cc:

Sent:
Sun, 26 Mar 2017 21:39:48 -0800
Subject:
Re: [nuga] Sun/SGI Computers


Hello Ron,

NUGA is working on a technology refresh for a 501(c)3 school in Palmer.
Part of the refresh is their server room and the need for a few pieces
of Cisco gear. Don't know if your have disposed of your units, but if
not please let me know what is available.

Thanks,

Tim

On 3/25/2017 10:19 PM, RONALD YEAGER wrote:
> Recent post on another list about the computers reminds me that I have
> Sun and SGI machines that I want to give to a new home.
> I hate to do it, but need room for other "machines" (cars).
> I have Sun pizza box machines, SGI IRIS, SGI Indigo, SGI
> Challenge...Just off the top of my head.
> Also really heavy monitors for these.
> Additionally a couple pieces of Cisco equipment.
> Contact me off list if interested. I'll take a small donation towards my
> bad habit of Porsche, but am
> willing to give most of it away as long as someone can learn from this
> neat equipment.
>
> Ron Yeager
>

--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!




Re: Sun/SGI Computers

Timothy B. Trueblood
 

Hello Ron,

NUGA is working on a technology refresh for a 501(c)3 school in Palmer. Part of the refresh is their server room and the need for a few pieces of Cisco gear. Don't know if your have disposed of your units, but if not please let me know what is available.

Thanks,

Tim

On 3/25/2017 10:19 PM, RONALD YEAGER wrote:
Recent post on another list about the computers reminds me that I have
Sun and SGI machines that I want to give to a new home.
I hate to do it, but need room for other "machines" (cars).
I have Sun pizza box machines, SGI IRIS, SGI Indigo, SGI
Challenge...Just off the top of my head.
Also really heavy monitors for these.
Additionally a couple pieces of Cisco equipment.
Contact me off list if interested. I'll take a small donation towards my
bad habit of Porsche, but am
willing to give most of it away as long as someone can learn from this
neat equipment.

Ron Yeager
--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!


Sun/SGI Computers

RONALD YEAGER
 

Recent post on another list about the computers reminds me that I have Sun and SGI machines that I want to give to a new home.
I hate to do it, but need room for other "machines" (cars).
I have Sun pizza box machines, SGI IRIS, SGI Indigo, SGI Challenge...Just off the top of my head.
Also really heavy monitors for these. 
Additionally a couple pieces of Cisco equipment.
Contact me off list if interested. I'll take a small donation towards my bad habit of Porsche, but am 
willing to give most of it away as long as someone can learn from this neat equipment.

Ron Yeager  


FW: Alaska Security Exhibit April 25-26, 2017

Jerry Tibor
 

Anixter will be hosting their annual IP Security Exhibit the 25th and 26th of April and asked that we forward the invitation to the NUGA list.

 

Details and a link to register are below.

 

Jerry

--

 

Jerry Tibor
Vice-President, Network Users Group Alaska
http://www.nuga.org

 

jftibor@...
(907) 786-4734 - office
(907) 786-4888 - fax

 

From: Bob Thibault [mailto:Bob.Thibault@...]
Sent: Saturday, March 18, 2017 11:53 AM
To: Bob Thibault <Bob.Thibault@...>
Cc: Michele Gooding <michele.gooding@...>; Melissa Smith <Melissa.Smith@...>
Subject: Alaska Security Exhibit April 25-26, 2017

 

Hi All,

 

YOU ARE INVITED TO OUR 7TH ANNUAL ALASKA SECURITY EXHIBIT.

 

We finally got the invite together.  Please see the attached. This year the event will be held at the Anchorage Hilton Hotel. 

 

There will be new vendors this year and of course some of the regular ones.  These are some of the tops in the industry.  All of them have new things to show you.  This year we are going to be focused not only on the new technology available but, how can we help you design, implement or improve what security system you currently have.  Let us show you how to evaluate your system so you are not wasting time and money.

 

This is a great opportunity to meet the manufacturers, see what is available and learn how you can improve your existing system to be more proactive.

 

I have a wma. file above to give you an example of one of the things you can implement in your system.

 

Please forward to others within your company that might be interested.

 

We look forward to seeing you there!

 

You can register by going to the link below next to my signature.

 

If you have any difficulties with the registration please let myself or Michele know.

 

Thanks

 

Bob

 



Bob Thibault, RCDD
Alaska Territory Manager
Anixter Inc.
2550 Denali Street, Ste 1614
Anchorage | Ak | 99503
Tel: 907-561-5960
Mob: 907-230-4914
Fax: 907-334-9825
Bob.Thibault@...
www.anixter.com

FacebookLinkedInTwitterYouTube

Anixter IP Security Exhibit April 25-26


 


Re: Graphics Design?

David Roes
 

Another to check with is Beacon Media & Marketing. I know they do a lot of that type of thing.

David Roes
Christian Health Associates
Office: 907-339-8748
Cell: 907-351-4034
This communication may contain material protected by law. If you are not the intended recipient or the individual responsible for delivering the e-mail to the intended recipient, please be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you have received this e-mail in error, please immediately notify me by telephone at 907-351-4034. You may be reimbursed for reasonable costs incurred in notifying us.”

-----Original Message-----
From: nuga@groups.io [mailto:nuga@groups.io] On Behalf Of Timothy B. Trueblood
Sent: Saturday, March 18, 2017 7:45 AM
To: nuga@groups.io
Subject: Re: [nuga] Graphics Design?

Hello Christopher,

I can recommend Stellar Designs, 6340 Petersburg, 562-4248, stellar-designs.com. There are two full time graphic designers on staff.
Ask for Tim Ellis and let him know I recommended you give them a call.
Customer service reps quite helpful: Jon Ellis or Corrine Schrank.

My relationship goes back to CY2000; great folks to work with.
Disclosure: Stellar was a client until CY2015 when I retired my self and business.

Thanks,

Tim
--
Tim Trueblood
cell: 907 441-0319
land: 907 272-1627
_fax: 907 272-1628
If you think backup is painful, try recovery without it!

On 3/17/2017 3:31 PM, Christopher Howard wrote:
Hi list, I need to hire a graphic designer to create a feature image
for a client's technology business Web site I'm working on. (No coding
should be necessary.) They are also in the Satcom field so probably
will be creating something sci-fi with satellites or satellite dishes in it.
Anybody have a good experience with a particular firm? I might be
interested in a freelancer but didn't really want to spend hours and
hours sorting through portfolios to find a good one.

461 - 480 of 529