[tech] pagrus/matrix , was Re: [wheel] Fwd: UCC Cloudflare Migrations
Nick Bannon
nick at ucc.gu.uwa.edu.au
Tue Jul 28 08:04:15 AWST 2020
On Mon, Jul 27, 2020 at 04:35:23AM +0800, James Arcus wrote:
> Didn't see any comments on this so I went ahead and made a list of all the
> open SSH servers on our network. We don't have any FTP running currently.
Thanks. Don't forget to at least explicitly Cc: wheel at ucc.gu.uwa.edu.au
on every outgoing communication , so that Paul and Geoff get back
in the habit of doing so as well.
* or tech at ucc , as appropriate
* not wheel at ucc.asn.au - that will get confused with the magic
ServiceNow address that we need to use
Not everything that was working is:
* fixed; or
* explictly decommissioned
yet, but I think we want to move to the next stage where we troubleshoot
the ongoing change-control ServiceNow process.
pagrus.ucc.asn.au/gnuperth.org has broken:
https://federationtester.matrix.org/#gnuperth.org
Can the following be enabled, please?
===
SSH whitelisting hostname, for remote management and backups:
pagrus.ucc.asn.au
Web/REST for Cloudflare proxying: purpose: matrix web chat&federation
client.gnuperth.org
element.gnuperth.org
matrix.gnuperth.org
jitsi.gnuperth.org
turn.gnuperth.org
gnuperth.org
===
Those gnuperth.org names are currently pointing directly (or via CNAME)
to pagrus.ucc.asn.au/130.95.13.154 .
Thanks,
Nick.
> They're as follows:
>
> Router/VPN host:
> murasoi (.1)
>
> Git via SSH:
> gitlab (.6)
>
> User login servers:
> motsugo (.7)
> ssh (.11)
> mussel (.18)
> gothamburg (.26)
> titan (.48)
>
> Other severs:
> mailauesi (.3)
> maculatus (.12)
> mailfish (.19)
> uccmonitor (.34)
> eggman (.109)
>
> Member machines:
> evil (.111)
> armtest (.117)
> minecraft2017 (.135)
> minecraft (.136)
> oxinabox-workhorse (.137)
> zanchey-chordata (.138)
> tec-experiments (.148)
> nick-pagrus (.154)
> langtonic-diamond (.174)
> notfrekkagain-ucc (.185)
> james1-server (.187)
> jimbo-bluering (.190)
>
>
> I'm a bit overdue on getting back to Paul (meant to do on Friday) so I need
> to get this out to him soon. As mentioned in the previous email, he wants a
> description of the service and justification for each.
>
>
> I understand why most are open, including the user servers and member VMs,
> but any arguments you can make in favour that I could include in my request
> would be helpful. Also, is there any particular reason why mailauesi,
> maculatus and mailfish are open to the net?
>
> Cheers,
> James [MPT]
>
> On 20/7/20 7:24 pm, James Arcus wrote:
> > -------- Forwarded Message --------
> > Subject: UCC Cloudflare Migrations
> > Date: Fri, 17 Jul 2020 08:39:15 +0800
> > From: Paul Fisher <paul.fisher at uwa.edu.au>
> > To: James Arcus (21954943) <21954943 at student.uwa.edu.au>
> > CC: Geoff Costello <geoff.costello at uwa.edu.au>
> >
> >
> >
> > Hi James,
> >
> > How are you?
> >
> > These remaining IP address's are due to be firewalled Wednesday the 22nd
> > of June.
> >
> > 130.95.13.6
> > 130.95.13.18
> > 130.95.13.28
> > 130.95.13.111
> >
> > Please let me know if you need further assistance with the migration.
> >
> > The following week we will whitelist ssh and ftp, we need your ssh and
> > ftp requirements in advance.
> >
> > You will need to describe the service and justification for each.
> >
> > Thanks
> > Paul
--
Nick Bannon | "I made this letter longer than usual because
nick-sig at rcpt.to | I lack the time to make it shorter." - Pascal
More information about the tech
mailing list