<div dir="ltr">De acordo, João. <br>Mas só conseguirei fazer isso a partir de Segunda-Feira. Se alguém se voluntariar a fazer antes, seria ótimo. Caso contrário, invisto tempo nisto na semana que vem. </div><br><div class="gmail_quote"><div dir="ltr">Em qua, 12 de dez de 2018 às 21:44, João Butzke <<a href="mailto:jaobutzke@gmail.com">jaobutzke@gmail.com</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF">
    Daniel, boa tarde!<br>
    <br>
    Uma sugestão seria botar o how to em um tópico na wiki do BPF, o que
    vc acha?<br>
    <br>
    Att,<br>
    João Butzke.<br>
    <br>
    <div class="gmail-m_-5198601445144529729moz-cite-prefix">Em 12/12/2018 18:10, Daniel Damito
      escreveu:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">
        <div dir="ltr">Ayub, com certeza.<br>
          Conte conosco.<br>
          <br>
          Preenchi as ações do documento (itens a, b e c). Veja se está
          de acordo.<br>
          <br>
          Eu acharia também válido citar como fazer as ACLs em Mikrotik
          (IP > Services), mas não vi como encaixar isto bem no
          documento. </div>
        <div class="gmail-m_-5198601445144529729gmail-yj6qo gmail-m_-5198601445144529729gmail-ajU" style="outline:none;padding:10px 0px;width:22px;margin:2px 0px 0px"><br class="gmail-m_-5198601445144529729gmail-Apple-interchange-newline">
        </div>
      </div>
      <br>
      <div class="gmail_quote">
        <div dir="ltr">Em qua, 12 de dez de 2018 às 18:07, T. Ayub <<a href="mailto:listas@ayub.net.br" target="_blank">listas@ayub.net.br</a>>
          escreveu:<br>
        </div>
        <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div dir="ltr"><br clear="all">
            <div>
              <div dir="ltr" class="gmail-m_-5198601445144529729gmail-m_-9155677151262820429gmail_signature">
                <div dir="ltr">
                  <div>
                    <div dir="ltr">
                      <div>
                        <div dir="ltr">
                          <div>
                            <div dir="ltr">
                              <div dir="ltr">
                                <div>
                                  <div dir="ltr">Aloha Damito,<br>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
            <div dir="ltr">
              <div><br>
              </div>
              <div><br>
                Se você com sua consultoria se oferece a gratuitamente
                corrigir pontualmente essa vulnerabilidade, mais que uma
                persuasão para resolver o problema, estaríamos
                concretamente resolvendo o problema.</div>
              <div><br>
              </div>
              <div>Se ninguém aqui se opor, irei incluir um parágrafo no
                texto sinalizando que o AS notificado pode solicitar
                esse apoio gratuito do Damito.</div>
              <div><br>
              </div>
              <div><br>
              </div>
              <div>Abraços,</div>
              <div dir="ltr">
                <div>
                  <div dir="ltr" class="gmail-m_-5198601445144529729gmail-m_-9155677151262820429gmail_signature">
                    <div dir="ltr">
                      <div>
                        <div dir="ltr">
                          <div>
                            <div dir="ltr">
                              <div>
                                <div dir="ltr">
                                  <div dir="ltr">
                                    <div>
                                      <div dir="ltr"><br>
                                      </div>
                                      <div dir="ltr">Ayub<br>
                                        --<br>
                                        <b>Twitter</b>: <a href="https://twitter.com/Ayubio" target="_blank">https://twitter.com/Ayubio</a><br>
                                        Canal no <b>YouTube</b> "Eu faço
                                        a internet funcionar": <a href="https://www.youtube.com/c/Ayubio" target="_blank">https://www.youtube.com/c/Ayubio</a><br>
                                      </div>
                                    </div>
                                    <div><b>Blog</b>: <a href="https://medium.com/@ayubio" target="_blank">https://medium.com/@ayubio</a></div>
                                    <div><br>
                                    </div>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
              <br>
              <div class="gmail_quote">
                <div dir="ltr">Em qua, 12 de dez de 2018 às 16:05,
                  Daniel Damito <<a href="mailto:contato@danieldamito.com.br" target="_blank">contato@danieldamito.com.br</a>>
                  escreveu:<br>
                </div>
                <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
                  <div dir="ltr">
                    <div dir="ltr">Concordo.
                      <div><br>
                        Acho que seria interessante exemplificar que um
                        roteador vulnerável no IX pode ser usado para
                        fazer sequestro de um prefixo, como ocorrido com
                        o Santander: <a href="http://made4it.com.br/falha-generalizada-internet-banking-santander-brasil/" target="_blank">http://made4it.com.br/falha-generalizada-internet-banking-santander-brasil/</a>
                        .</div>
                      <div>Além disso, queria ajudar a preencher as
                        ações recomendadas. Pode me dar permissão para
                        eu adicionar comentários, <a class="gmail_plusreply" id="gmail-m_-5198601445144529729gmail-m_-9155677151262820429gmail-m_4601145449004315625plusReplyChip-0" href="mailto:contato@ayub.net.br" target="_blank">@Thiago
                          Ayub</a> ? <br>
                        <br>
                        Me disponho, pela minha empresa, à ajudar
                        gratuitamente esses provedores com
                        vulnerabilidades. Acham válido citar isto
                        também?</div>
                      <div><br>
                      </div>
                    </div>
                  </div>
                  <br>
                  <div class="gmail_quote">
                    <div dir="ltr">Em qua, 12 de dez de 2018 às 15:44,
                      T. Ayub <<a href="mailto:listas@ayub.net.br" target="_blank">listas@ayub.net.br</a>>
                      escreveu:<br>
                    </div>
                    <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
                      <div dir="ltr">
                        <div dir="ltr">
                          <div dir="ltr">
                            <div dir="ltr">
                              <div>
                                <div dir="ltr" class="gmail-m_-5198601445144529729gmail-m_-9155677151262820429gmail-m_4601145449004315625gmail-m_-5405080661731924201gmail-m_-1147201512256701792gmail-m_-6878187138607397615gmail_signature">
                                  <div dir="ltr">
                                    <div dir="ltr">
                                      <div>
                                        <div dir="ltr">
                                          <div dir="ltr">
                                            <div dir="ltr">
                                              <div>Olá,<br>
                                              </div>
                                            </div>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                              <div dir="ltr">
                                <div dir="ltr">
                                  <div><br>
                                  </div>
                                  <div><br>
                                  </div>
                                  <div>Na tarde de hoje no IX Fórum 12 o
                                    Elizandro Pacheco e o Vagner Zanoni
                                    apresentaram um estudo de centenas
                                    de roteadores Mikrotik vulneráveis
                                    em diversos IX.br do país. Não só a
                                    gerência (Winbox) destes
                                    participantes está acessível para os
                                    demais participantes do IX como em
                                    alguns casos encontraram login admin
                                    com senha em branco. Os locais de
                                    coleta foram os IX.br de São Paulo,
                                    Rio, Porto Alegre e Fortaleza.</div>
                                  <div><br>
                                  </div>
                                  <div>Conversando aqui com o Elizandro
                                    presencialmente perguntei a ele se
                                    ele tinha notificado os AS
                                    vulneráveis e ele disse que ainda
                                    não, que a ideia era de fazê-lo em
                                    nome do BPF. Então pergunto aos
                                    colegas: podemos e devemos? Se a
                                    resposta for sim e sim, peço vossa
                                    ajuda e aconselhamento aqui.</div>
                                  <div><br>
                                  </div>
                                  <div>Já redigi um template desse
                                    e-mail e desejo enviá-lo
                                    individualmente para cada AS com o <a href="mailto:cert@cert.br" target="_blank">cert@cert.br</a>
                                    em cópia. Segue a URL do template: <a href="https://docs.google.com/document/d/1qSOuFSXSkZBqFKq3R94_PxmZELWlLEoOESBUhKOAIIU/edit?usp=sharing" target="_blank">https://docs.google.com/document/d/1qSOuFSXSkZBqFKq3R94_PxmZELWlLEoOESBUhKOAIIU/edit?usp=sharing</a> -
                                    gostaria de obter um feedback de
                                    vocês a respeito do texto. É
                                    necessário logar com uma conta
                                    Google para ler o texto.</div>
                                  <div><br>
                                  </div>
                                  <div> Se o cidadão já foi relapso ou
                                    negligente ao ponto de ter um
                                    roteador ligado no IX com gerência
                                    aberta, login admin e senha em
                                    branco, pedir encarecidamente que
                                    ele colabore corrigindo o problema
                                    não será suficiente. O texto tem que
                                    deliberadamente ter um tom duro e é
                                    esse tom que eu dei a ele.<br>
                                  </div>
                                  <div><br>
                                  </div>
                                  <div>O Elizandro está atualizando a
                                    lista dos IPs vulneráveis e me
                                    passando. A partir delas estou
                                    criando uma planilha com estes IPs e
                                    o ASN responsável por eles. A etapa
                                    seguinte será incluir nesta planilha
                                    os endereços de e-mail dos
                                    responsáveis de cada AS para fazer o
                                    envio destes e-mails.</div>
                                  <div><br>
                                  </div>
                                  <div>Faço pontualmente à comunidade
                                    BPF as seguintes perguntas:</div>
                                  <div><br>
                                  </div>
                                  <div><b>1)</b> Podemos assinar em nome
                                    do BPF nestes e-mails?</div>
                                  <div><br>
                                  </div>
                                  <div><b>2)</b> Se for em nome do BPF,
                                    o endereço de origem poderá ser o
                                    meu endereço pessoal? Ou sugerem
                                    algum outro endereço de e-mail de
                                    origem?</div>
                                  <div><br>
                                  </div>
                                  <div><b>3)</b> Poderiam me ajudar na
                                    parte do texto em que faço as
                                    prescrições do que o cidadão tem que
                                    fazer? URLs de tutoriais que passo a
                                    passo o cara mesmo sendo leigo
                                    consiga proteger o roteador dele.
                                    Isso será importante para que
                                    tenhamos o resultado desejado.</div>
                                  <div><br>
                                  </div>
                                  <div>Vejo que nesta iniciativa teremos
                                    duas consequências diretas:
                                    primeiro, corrigindo as
                                    vulnerabilidades e problemas
                                    identificados pelo Elizandro e
                                    Vagner e por tabela estaremos
                                    divulgando ainda mais o BPF para
                                    operadores de rede que visivelmente
                                    carecem muito de nosso conteúdo,
                                    aconselhamento e nossas boas
                                    práticas.</div>
                                  <div><br>
                                  </div>
                                  <div>Abraços,</div>
                                  <div><br>
                                  </div>
                                  <div>
                                    <div>
                                      <div dir="ltr">Ayub<br>
                                        --<br>
                                        <b>Twitter</b>: <a href="https://twitter.com/Ayubio" target="_blank">https://twitter.com/Ayubio</a><br>
                                        Canal no <b>YouTube</b> "Eu faço
                                        a internet funcionar": <a href="https://www.youtube.com/c/Ayubio" target="_blank">https://www.youtube.com/c/Ayubio</a><br>
                                      </div>
                                    </div>
                                    <div><b>Blog</b>: <a href="https://medium.com/@ayubio" target="_blank">https://medium.com/@ayubio</a></div>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                      _______________________________________________<br>
                      bpf mailing list<br>
                      <a href="mailto:bpf@listas.brasilpeeringforum.org" target="_blank">bpf@listas.brasilpeeringforum.org</a><br>
                      <a href="https://listas.brasilpeeringforum.org/mailman/listinfo/bpf" rel="noreferrer" target="_blank">https://listas.brasilpeeringforum.org/mailman/listinfo/bpf</a><br>
                    </blockquote>
                  </div>
                  <br clear="all">
                  <div><br>
                  </div>
                  -- <br>
                  <div dir="ltr" class="gmail-m_-5198601445144529729gmail-m_-9155677151262820429gmail-m_4601145449004315625gmail_signature">
                    <div dir="ltr"><b><i>Atenciosamente,</i><br>
                        Daniel Damito</b></div>
                  </div>
                </blockquote>
              </div>
            </div>
          </div>
        </blockquote>
      </div>
      <br>
      <fieldset class="gmail-m_-5198601445144529729mimeAttachmentHeader"></fieldset>
      <pre class="gmail-m_-5198601445144529729moz-quote-pre">_______________________________________________
bpf mailing list
<a class="gmail-m_-5198601445144529729moz-txt-link-abbreviated" href="mailto:bpf@listas.brasilpeeringforum.org" target="_blank">bpf@listas.brasilpeeringforum.org</a>
<a class="gmail-m_-5198601445144529729moz-txt-link-freetext" href="https://listas.brasilpeeringforum.org/mailman/listinfo/bpf" target="_blank">https://listas.brasilpeeringforum.org/mailman/listinfo/bpf</a>
</pre>
    </blockquote>
    <br>
  </div>

_______________________________________________<br>
bpf mailing list<br>
<a href="mailto:bpf@listas.brasilpeeringforum.org" target="_blank">bpf@listas.brasilpeeringforum.org</a><br>
<a href="https://listas.brasilpeeringforum.org/mailman/listinfo/bpf" rel="noreferrer" target="_blank">https://listas.brasilpeeringforum.org/mailman/listinfo/bpf</a><br>
</blockquote></div>