From jose.quinones9 at upr.edu Thu Oct 1 09:08:36 2009 From: jose.quinones9 at upr.edu (Jose L Quinones Borrero) Date: Thu, 1 Oct 2009 09:08:36 -0400 Subject: [sysadmin] UPR.EDU down Message-ID: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> Hey guys! What just happened?, just curious ... the DNS reported the correct IP (no poisoning) , and the page responded if you directed your browser by IP (no redirecting). Was it a MITM, Spoofed or something else? -- -- Jos? L. Qui?ones-Borrero, B.S. Director Center for Informatics and Technology School of Medicine - Medical Sciences Campus University of Puerto Rico Tel 787.758.2525 x.1980,1550 Fax: 787.763.3641 E-mail: jose.quinones9 at upr.edu Web: http://cit.md.rcm.upr.edu/ Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information considered confidential and privileged. Any unauthorized review, use, copying, disclosure or distribution, in whole or in part, is prohibited. If you received this message by error, please notify the sender and Delete this e-mail from your system. Think Green! Please do not print this e-mail unless it is completely necessary. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Pablo.Rebollo at ece.uprm.edu Thu Oct 1 09:32:44 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo) Date: Thu, 01 Oct 2009 09:32:44 -0400 Subject: [sysadmin] UPR.EDU down In-Reply-To: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> References: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> Message-ID: <4AC4AF7C.1040401@ece.uprm.edu> Hi Jose, I can access http://www.upr.edu without problems from Mayaguez. I noticed that two different pages are displayed. It's possible that they serve multiple virtual. I also noticed that upr.edu doesn't has a DNS A record. Pablo Jose L Quinones Borrero wrote: > Hey guys! > > What just happened?, just curious ... the DNS reported the correct IP > (no poisoning) , and the page responded if you directed your browser > by IP (no redirecting). > > Was it a MITM, Spoofed or something else? > > -- > -- > Jos? L. Qui?ones-Borrero, B.S. > Director > Center for Informatics and Technology > School of Medicine - Medical Sciences Campus > University of Puerto Rico > Tel 787.758.2525 x.1980,1550 > Fax: 787.763.3641 > E-mail: jose.quinones9 at upr.edu > Web: http://cit.md.rcm.upr.edu/ > Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + > > Confidentiality Notice: This e-mail message, including any > attachments, is for the sole use of the intended recipient(s) and may > contain information considered confidential and privileged. Any > unauthorized review, use, copying, disclosure or distribution, in > whole or in part, is prohibited. If you received this message by > error, please notify the sender and Delete this e-mail from your system. > > Think Green! Please do not print this e-mail unless it is completely > necessary. > ------------------------------------------------------------------------ > > _______________________________________________ > sysadmin mailing list > sysadmin at lists.hpcf.upr.edu > http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin > From Pablo.Rebollo at ece.uprm.edu Thu Oct 1 09:42:17 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo) Date: Thu, 01 Oct 2009 09:42:17 -0400 Subject: [sysadmin] UPR.EDU down In-Reply-To: <4AC4AF7C.1040401@ece.uprm.edu> References: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> <4AC4AF7C.1040401@ece.uprm.edu> Message-ID: <4AC4B1B9.4080302@ece.uprm.edu> Oops.. I noticed that two different pages are displayed when using the http://136.145.11.96 or http://www.upr.edu. Pablo --- boss at noc:~$ dig www.upr.edu A ; <<>> DiG 9.4.2-P2 <<>> www.upr.edu A ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10287 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.upr.edu. IN A ;; ANSWER SECTION: www.upr.edu. 82184 IN A 136.145.11.96 ;; AUTHORITY SECTION: upr.edu. 81584 IN NS dns1.uprm.edu. upr.edu. 81584 IN NS dns2.uprm.edu. upr.edu. 81584 IN NS upr1.upr.clu.edu. upr.edu. 81584 IN NS ns1.upr.edu. ;; ADDITIONAL SECTION: dns1.uprm.edu. 3600 IN A 136.145.30.2 dns2.uprm.edu. 3600 IN A 136.145.30.30 ns1.upr.edu. 13543 IN A 136.145.5.66 upr1.upr.clu.edu. 84390 IN A 136.145.1.4 ;; Query time: 0 msec ;; SERVER: 136.145.57.3#53(136.145.57.3) ;; WHEN: Thu Oct 1 09:27:34 2009 ;; MSG SIZE rcvd: 197 boss at noc:~$ dig upr.edu A ; <<>> DiG 9.4.2-P2 <<>> upr.edu A ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41126 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;upr.edu. IN A ;; AUTHORITY SECTION: upr.edu. 6071 IN SOA upr1.upr.clu.edu. framos.mail.upr.edu. 2009092501 7200 3600 604800 86400 ;; Query time: 0 msec ;; SERVER: 136.145.57.3#53(136.145.57.3) ;; WHEN: Thu Oct 1 09:27:38 2009 ;; MSG SIZE rcvd: 86 boss at noc:~$ nslookup upr.edu Server: 136.145.57.3 Address: 136.145.57.3#53 Non-authoritative answer: *** Can't find upr.edu: No answer Pablo J. Rebollo wrote: > Hi Jose, > > I can access http://www.upr.edu without problems from Mayaguez. I > noticed that two different pages are displayed. It's possible that they > serve multiple virtual. I also noticed that upr.edu doesn't has a DNS A > record. > > Pablo > > Jose L Quinones Borrero wrote: > >> Hey guys! >> >> What just happened?, just curious ... the DNS reported the correct IP >> (no poisoning) , and the page responded if you directed your browser >> by IP (no redirecting). >> >> Was it a MITM, Spoofed or something else? >> >> -- >> -- >> Jos? L. Qui?ones-Borrero, B.S. >> Director >> Center for Informatics and Technology >> School of Medicine - Medical Sciences Campus >> University of Puerto Rico >> Tel 787.758.2525 x.1980,1550 >> Fax: 787.763.3641 >> E-mail: jose.quinones9 at upr.edu >> Web: http://cit.md.rcm.upr.edu/ >> Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + >> >> Confidentiality Notice: This e-mail message, including any >> attachments, is for the sole use of the intended recipient(s) and may >> contain information considered confidential and privileged. Any >> unauthorized review, use, copying, disclosure or distribution, in >> whole or in part, is prohibited. If you received this message by >> error, please notify the sender and Delete this e-mail from your system. >> >> Think Green! Please do not print this e-mail unless it is completely >> necessary. >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> sysadmin mailing list >> sysadmin at lists.hpcf.upr.edu >> http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin >> >> > > _______________________________________________ > sysadmin mailing list > sysadmin at lists.hpcf.upr.edu > http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin > From jose.quinones9 at upr.edu Thu Oct 1 09:44:20 2009 From: jose.quinones9 at upr.edu (Jose L Quinones Borrero) Date: Thu, 1 Oct 2009 09:44:20 -0400 Subject: [sysadmin] UPR.EDU down In-Reply-To: <4AC4AF7C.1040401@ece.uprm.edu> References: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> <4AC4AF7C.1040401@ece.uprm.edu> Message-ID: <6b5ebdcb0910010644v7873f573ve4c8122246bfbbe0@mail.gmail.com> Early this morning we were getting an Indian Meds webpage, its fixed now. JQ On Thu, Oct 1, 2009 at 9:32 AM, Pablo J. Rebollo wrote: > Hi Jose, > > I can access http://www.upr.edu without problems from Mayaguez. I > noticed that two different pages are displayed. It's possible that they > serve multiple virtual. I also noticed that upr.edu doesn't has a DNS A > record. > > Pablo > > Jose L Quinones Borrero wrote: > > Hey guys! > > > > What just happened?, just curious ... the DNS reported the correct IP > > (no poisoning) , and the page responded if you directed your browser > > by IP (no redirecting). > > > > Was it a MITM, Spoofed or something else? > > > > -- > > -- > > Jos? L. Qui?ones-Borrero, B.S. > > Director > > Center for Informatics and Technology > > School of Medicine - Medical Sciences Campus > > University of Puerto Rico > > Tel 787.758.2525 x.1980,1550 > > Fax: 787.763.3641 > > E-mail: jose.quinones9 at upr.edu > > Web: http://cit.md.rcm.upr.edu/ > > Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + > > > > Confidentiality Notice: This e-mail message, including any > > attachments, is for the sole use of the intended recipient(s) and may > > contain information considered confidential and privileged. Any > > unauthorized review, use, copying, disclosure or distribution, in > > whole or in part, is prohibited. If you received this message by > > error, please notify the sender and Delete this e-mail from your system. > > > > Think Green! Please do not print this e-mail unless it is completely > > necessary. > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > sysadmin mailing list > > sysadmin at lists.hpcf.upr.edu > > http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin > > > > -- -- Jos? L. Qui?ones-Borrero, B.S. Director Center for Informatics and Technology School of Medicine - Medical Sciences Campus University of Puerto Rico Tel 787.758.2525 x.1980,1550 Fax: 787.763.3641 E-mail: jose.quinones9 at upr.edu Web: http://cit.md.rcm.upr.edu/ Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information considered confidential and privileged. Any unauthorized review, use, copying, disclosure or distribution, in whole or in part, is prohibited. If you received this message by error, please notify the sender and Delete this e-mail from your system. Think Green! Please do not print this e-mail unless it is completely necessary. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Pablo.Rebollo at ece.uprm.edu Thu Oct 1 09:50:14 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo) Date: Thu, 01 Oct 2009 09:50:14 -0400 Subject: [sysadmin] UPR.EDU down In-Reply-To: <6b5ebdcb0910010644v7873f573ve4c8122246bfbbe0@mail.gmail.com> References: <6b5ebdcb0910010608r14f6e8a2k18dfe1e86ecd5e3a@mail.gmail.com> <4AC4AF7C.1040401@ece.uprm.edu> <6b5ebdcb0910010644v7873f573ve4c8122246bfbbe0@mail.gmail.com> Message-ID: <4AC4B396.5010703@ece.uprm.edu> Jose, I received a message on my upr.edu email account about the problem this morning. OSI reported that the problem was solved. ;) Pablo Jose L Quinones Borrero wrote: > Early this morning we were getting an Indian Meds webpage, its fixed now. > > JQ > > On Thu, Oct 1, 2009 at 9:32 AM, Pablo J. Rebollo > > wrote: > > Hi Jose, > > I can access http://www.upr.edu without problems from Mayaguez. I > noticed that two different pages are displayed. It's possible > that they > serve multiple virtual. I also noticed that upr.edu > doesn't has a DNS A > record. > > Pablo > > Jose L Quinones Borrero wrote: > > Hey guys! > > > > What just happened?, just curious ... the DNS reported the > correct IP > > (no poisoning) , and the page responded if you directed your browser > > by IP (no redirecting). > > > > Was it a MITM, Spoofed or something else? > > > > -- > > -- > > Jos? L. Qui?ones-Borrero, B.S. > > Director > > Center for Informatics and Technology > > School of Medicine - Medical Sciences Campus > > University of Puerto Rico > > Tel 787.758.2525 x.1980,1550 > > Fax: 787.763.3641 > > E-mail: jose.quinones9 at upr.edu > > > > Web: http://cit.md.rcm.upr.edu/ > > Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + > > > > Confidentiality Notice: This e-mail message, including any > > attachments, is for the sole use of the intended recipient(s) > and may > > contain information considered confidential and privileged. Any > > unauthorized review, use, copying, disclosure or distribution, in > > whole or in part, is prohibited. If you received this message by > > error, please notify the sender and Delete this e-mail from your > system. > > > > Think Green! Please do not print this e-mail unless it is completely > > necessary. > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > sysadmin mailing list > > sysadmin at lists.hpcf.upr.edu > > http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin > > > > > > > -- > -- > Jos? L. Qui?ones-Borrero, B.S. > Director > Center for Informatics and Technology > School of Medicine - Medical Sciences Campus > University of Puerto Rico > Tel 787.758.2525 x.1980,1550 > Fax: 787.763.3641 > E-mail: jose.quinones9 at upr.edu > Web: http://cit.md.rcm.upr.edu/ > Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + > > Confidentiality Notice: This e-mail message, including any > attachments, is for the sole use of the intended recipient(s) and may > contain information considered confidential and privileged. Any > unauthorized review, use, copying, disclosure or distribution, in > whole or in part, is prohibited. If you received this message by > error, please notify the sender and Delete this e-mail from your system. > > Think Green! Please do not print this e-mail unless it is completely > necessary. From ramon at hpcf.upr.edu Wed Oct 21 10:14:49 2009 From: ramon at hpcf.upr.edu (Ramon Sierra) Date: Wed, 21 Oct 2009 10:14:49 -0400 Subject: [sysadmin] Freeware Tools For Linux Message-ID: <4ADF1759.4050201@hpcf.upr.edu> Consegu? esta p?gina con referencia a programas para Linux. Tiene programas para todo tipo de aplicaci?n y esta organizado por categor?as. Me pareci? bastante ?til y por eso lo comparto con ustedes. http://www.debianhelp.co.uk/tools.htm Ram?n From jose.quinones9 at upr.edu Wed Oct 21 10:47:01 2009 From: jose.quinones9 at upr.edu (Jose L Quinones Borrero) Date: Wed, 21 Oct 2009 10:47:01 -0400 Subject: [sysadmin] Windows 7 Eligibility de Dell Message-ID: <6b5ebdcb0910210747x5059812dy8ec1a39772e6d786@mail.gmail.com> https://win7.dell.com/Eligibility.aspx -- -- Jos? L. Qui?ones-Borrero, B.S. Director Center for Informatics and Technology School of Medicine - Medical Sciences Campus University of Puerto Rico Tel 787.758.2525 x.1980,1550 Fax: 787.763.3641 E-mail: jose.quinones9 at upr.edu Web: http://cit.md.rcm.upr.edu/ Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information considered confidential and privileged. Any unauthorized review, use, copying, disclosure or distribution, in whole or in part, is prohibited. If you received this message by error, please notify the sender and Delete this e-mail from your system. Think Green! Please do not print this e-mail unless it is completely necessary. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Pablo.Rebollo at ece.uprm.edu Sun Oct 25 17:50:48 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo-Sosa) Date: Sun, 25 Oct 2009 17:50:48 -0400 Subject: [sysadmin] Maquina probando puerto 1433 Message-ID: <4AE4C838.4060904@ece.uprm.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Saludos, La maquina con el IP 136.145.129.221 ha estado probando el puerto 1433. Cordialmente, Pablo J. Rebollo - --- Log ... Oct 25 15:00:56.861966 136.145.129.221.2220 > 136.145.56.3.1433: Oct 25 15:01:05.830531 136.145.129.221.2220 > 136.145.56.3.1433: Oct 25 15:03:12.267953 136.145.129.221.2513 > 136.145.58.23.1433: Oct 25 15:03:15.220881 136.145.129.221.2513 > 136.145.58.23.1433: Oct 25 15:03:21.245496 136.145.129.221.2513 > 136.145.58.23.1433: Oct 25 15:04:53.768023 136.145.129.221.2680 > 136.145.34.108.1433: Oct 25 15:04:56.720782 136.145.129.221.2680 > 136.145.34.108.1433: Oct 25 15:05:02.736446 136.145.129.221.2680 > 136.145.34.108.1433: Oct 25 15:11:53.767484 136.145.129.221.3515 > 136.145.58.235.1433: Oct 25 15:11:56.720366 136.145.129.221.3515 > 136.145.58.235.1433: Oct 25 15:12:02.735560 136.145.129.221.3515 > 136.145.58.235.1433: Oct 25 15:19:42.766824 136.145.129.221.4082 > 136.145.56.46.1433: Oct 25 15:19:45.719688 136.145.129.221.4082 > 136.145.56.46.1433: Oct 25 15:19:51.735029 136.145.129.221.4082 > 136.145.56.46.1433: Oct 25 15:21:24.266313 136.145.129.221.4230 > 136.145.116.164.1433: Oct 25 15:21:27.219584 136.145.129.221.4230 > 136.145.116.164.1433: Oct 25 15:21:28.859880 136.145.129.221.4224 > 136.145.57.85.1433: Oct 25 15:21:31.812887 136.145.129.221.4224 > 136.145.57.85.1433: Oct 25 15:21:33.234933 136.145.129.221.4230 > 136.145.116.164.1433: Oct 25 15:21:37.828843 136.145.129.221.4224 > 136.145.57.85.1433: Oct 25 15:23:08.719032 136.145.129.221.4409 > 136.145.35.242.1433: Oct 25 15:23:11.781377 136.145.129.221.4409 > 136.145.35.242.1433: Oct 25 15:23:17.796911 136.145.129.221.4409 > 136.145.35.242.1433: Oct 25 15:25:30.359899 136.145.129.221.4552 > 136.145.58.38.1433: Oct 25 15:25:33.313007 136.145.129.221.4552 > 136.145.58.38.1433: Oct 25 15:25:39.328409 136.145.129.221.4552 > 136.145.58.38.1433: Oct 25 15:30:12.765881 136.145.129.221.4918 > 136.145.59.155.1433: Oct 25 15:30:15.718435 136.145.129.221.4918 > 136.145.59.155.1433: Oct 25 15:33:18.265568 136.145.129.221.1314 > 136.145.34.243.1433: Oct 25 15:33:21.218115 136.145.129.221.1314 > 136.145.34.243.1433: Oct 25 15:33:27.233952 136.145.129.221.1314 > 136.145.34.243.1433: Oct 25 15:33:56.765443 136.145.129.221.1741 > 136.145.58.139.1433: Oct 25 15:33:59.718446 136.145.129.221.1741 > 136.145.58.139.1433: Oct 25 15:34:05.733959 136.145.129.221.1741 > 136.145.58.139.1433: Oct 25 15:35:48.764994 136.145.129.221.4178 > 136.145.58.12.1433: Oct 25 15:35:51.717905 136.145.129.221.4178 > 136.145.58.12.1433: Oct 25 15:35:57.733903 136.145.129.221.4178 > 136.145.58.12.1433: Oct 25 15:39:57.264785 136.145.129.221.1055 > 136.145.56.15.1433: Oct 25 15:40:00.217635 136.145.129.221.1055 > 136.145.56.15.1433: Oct 25 15:40:06.233453 136.145.129.221.1055 > 136.145.56.15.1433: Oct 25 15:45:08.764724 136.145.129.221.1868 > 136.145.58.144.1433: Oct 25 15:45:11.716999 136.145.129.221.1868 > 136.145.58.144.1433: Oct 25 15:45:17.732937 136.145.129.221.1868 > 136.145.58.144.1433: Oct 25 15:45:50.763820 136.145.129.221.2007 > 136.145.35.128.1433: Oct 25 15:45:53.716955 136.145.129.221.2007 > 136.145.35.128.1433: Oct 25 15:45:59.732707 136.145.129.221.2007 > 136.145.35.128.1433: Oct 25 15:51:19.761834 136.145.129.221.3255 > 136.145.34.46.1433: Oct 25 15:51:22.714289 136.145.129.221.3255 > 136.145.34.46.1433: Oct 25 15:51:28.730348 136.145.129.221.3255 > 136.145.34.46.1433: Oct 25 15:53:40.855089 136.145.129.221.3868 > 136.145.56.183.1433: Oct 25 15:53:43.808204 136.145.129.221.3868 > 136.145.56.183.1433: Oct 25 15:53:49.823679 136.145.129.221.3868 > 136.145.56.183.1433: ... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrkyDQACgkQxjU5UYZ6K6csYwCeL5YdITWgKOrCwk2q7UOTFpDT 1pQAn0v64eKBU8DQ/Eo2ofo+NCnxI00w =lJUq -----END PGP SIGNATURE-----