Re: Apcupsd-users Digest, Vol 132, Issue 3

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Apcupsd-users Digest, Vol 132, Issue 3

fragsh3ll
Thanks Tim, I've contacted the owner. I didn't see the original reply, which is why I made a second attempt.

It wasn't a threat, sorry if you took it that way. :)

Have a good one!


On Fri, Apr 21, 2017 at 12:50 PM, <[hidden email]> wrote:
Send Apcupsd-users mailing list submissions to
        [hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.sourceforge.net/lists/listinfo/apcupsd-users
or, via email, send a message with subject or body 'help' to
        [hidden email]

You can reach the person managing the list at
        [hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Apcupsd-users digest..."


Today's Topics:

   1. Re: Vulnerability in APCUPSD (Timothe Litt)
   2. Apcupsd-users List archives (Timothe Litt)
   3. APC SMART UPS 5000 with network card | pcnet |    commfailure
      (Biscuit Ninja)


----------------------------------------------------------------------

Message: 1
Date: Mon, 17 Apr 2017 18:55:25 -0400
From: Timothe Litt <[hidden email]>
Subject: Re: [Apcupsd-users] Vulnerability in APCUPSD
To: [hidden email]
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="windows-1252"

You've been told how to get an a-mail address.  Threatening people won't
help.

At the foot of every e-mail on this list - including yours - is a web
address.

Visit that page, got to the bottom where it says "list run by".

Contact that person.  Or read the list archives - it's pretty obvious
who the primary maintainer is.  The archives are accessible from that
same webpage.

Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

On 17-Apr-17 18:45, fragsh3ll wrote:
> I need an e-mail to report a vulnerability for APCUPSD. I have a
> CVE-ID reserved for this now. A full disclosure will be released
> within 30 days if no response is received from this.
>
>
> _______________________________________________
> Apcupsd-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/apcupsd-users

-------------- next part --------------
An HTML attachment was scrubbed...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4577 bytes
Desc: S/MIME Cryptographic Signature

------------------------------

Message: 2
Date: Mon, 17 Apr 2017 19:07:19 -0400
From: Timothe Litt <[hidden email]>
Subject: [Apcupsd-users] Apcupsd-users List archives
To: Apcupsd Discussion List <[hidden email]>
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="windows-1252"

After referring this person to the list archive - I took a look.  It
seems that it stopped recording traffic in Apr of 2016.

You might want to address this with sourceforge...there's a lot of
useful information that apparently has been lost.

Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

On 17-Apr-17 18:59, Adam Kropelin wrote:
> You received one reply already. Here's another. Please send the
> relevant info to me at [hidden email] <mailto:[hidden email]> or
> via the sf.net <http://sf.net> remailer at
> [hidden email] <mailto:[hidden email]>
> if you prefer.
>
> --Adam
>
> On Apr 17, 2017 6:46 PM, "fragsh3ll" <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     I need an e-mail to report a vulnerability for APCUPSD. I have a
>     CVE-ID reserved for this now. A full disclosure will be released
>     within 30 days if no response is received from this.
>

-------------- next part --------------
An HTML attachment was scrubbed...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4577 bytes
Desc: S/MIME Cryptographic Signature

------------------------------

Message: 3
Date: Fri, 21 Apr 2017 17:33:07 +0100
From: Biscuit Ninja <[hidden email]>
Subject: [Apcupsd-users] APC SMART UPS 5000 with network card | pcnet
        |       commfailure
To: [hidden email]
Message-ID: <9d526b73a3c15f850738386000ea8a[hidden email]>
Content-Type: text/plain; charset=US-ASCII; format=flowed

We run an APS SmartUPS at the office with a network card. PCNS is
installed on Windows clients. APCUPSD is installed on Linux boxen.

We've had an infuriating issue for a while now where the Linux boxen
would occasionally bleat about losing connectivity to the UPS. A
colleague firmware upgraded the UPS yesterday in an effort to resolve
the issue. And of course that's backfired and made the problem much
worse.

Here's an excerpt from the apcupsd.event log:

2017-04-21 10:53:05 +0100  Communications with UPS lost.
2017-04-21 10:53:08 +0100  Communications with UPS restored.
2017-04-21 11:10:30 +0100  Communications with UPS lost.
2017-04-21 11:10:39 +0100  Communications with UPS restored.
2017-04-21 12:26:12 +0100  Communications with UPS lost.
2017-04-21 12:26:25 +0100  Communications with UPS restored.
2017-04-21 12:55:25 +0100  Communications with UPS lost.
2017-04-21 12:55:36 +0100  Communications with UPS restored.
2017-04-21 13:11:10 +0100  Communications with UPS lost.
2017-04-21 13:11:27 +0100  Communications with UPS restored.
2017-04-21 16:11:21 +0100  Communications with UPS lost.
2017-04-21 16:11:25 +0100  Communications with UPS restored.

We are running version 3.14.10 under Ubuntu 12.04 and 3.14.12 under
Debian Jessie - same situation with both distributions.

I've done some digging into APCUPSD with the pcnet driver. It is reliant
up on receiving UDP broadcast MASTATUS packets from the UPS at ~25
second intervals. After every 3rd packet, the UPS waits ~19 seconds and
emits an MACONFIG packet, which APCUPSD silently ignores. ~25 seconds
later the cycle starts again with the broadcast of another MASTATUS
packet.

Occasionally (five times this morning, just once this afternoon) the UPS
emits two consecutive MACONFIG packets. That means APCUPSD goes ~69
seconds without seeing an MASTATUS packet. The longest it will wait for
an MASTATUS packet is 60 seconds (equal to 25 * 2 + "a bit"). Thus the
regularly reported commfail event.

Has anyone else experienced this? Any idea why the UPS generates
MACONFIG packets, and what could cause it to generate two of them
consecutively?
I'm at the extent of my knowledge now and I figured it might be useful
to get some broader insight into the problem.

Thanks



------------------------------

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

------------------------------

_______________________________________________
Apcupsd-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/apcupsd-users


End of Apcupsd-users Digest, Vol 132, Issue 3
*********************************************


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Apcupsd-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/apcupsd-users
Loading...