Skip to main content


Showing posts from February, 2017

Ahhh 10Gbps

That feeling with you see the green light on the 10Gbps switch?

Then you see the 40 second builds and, wow, all worth the $4k for the upgrades. Builds are mostly time spent downloading source and uploading artifacts. That 2 minute build down to 40 seconds is priceless.

Western Digital and IP

We have an RX4100 and a DX400 series Sentinel device in two separate networks. Every week I get an IPS hit on for a buffer overflow:

Watchguard IPS Notice

I've ignored this in the past because I couldn't find much information about it. Plus, the IPS is denying it, so I didn't pay much attention to it.

Today, though, I dug a little bit deeper.Turns out is Star Wind, which is a virtual storage software provider (in Germany).

I couldn't find the offending header that was triggering the IPS. We don't track that level of detail in the IPS detection, unfortunately. That would be a nice thing to have.

Why the WD devices are contacting StarWind on a weekly basis is unknown to me. I don't recall any disclosures about that activity when I bought these devices.

We're retiring that RX4100 soon. It's network cards always go offline for no apparent reason. Other IT people have reported a similar experience w…

YMLP vs AWeber

Aweber was easy to block because it had well defined block ranges. They play nice, but at the cost of being easily identified.

YMLP was a little bit harder, but a google search of YMLPUF and you get to see the inside world of their spamming campaigns. Once there, you just lookup and get the netblock of their Belgian servers ( Done.

I still like you guys. I just don't want to get your spam. That German list observer you are using, though, is pretty darn clever. That one I won't share, except to those of the close inner circle.

Haven't found the ad network block for YMLP though, so that's different than AWeber.

Next time, Madison Lee, use gmail instead.