Tonight, starting at 11:59PM, we will be performing maintenance on gear that aggregates some legacy DSL connections in northern California. Expected downtime is less than 10 minutes.

-Tomoc

Update: 1:55AM PDT, This maintenance is now complete.

Tonight, 10/22/2014, beginning at 11:59PDT we will be performing software upgrades on core voice equipment in Santa Rosa. No customer impact is expected from this. The upgrade should take between 2 to 3 hours to perform.

-Tim J.

Starting tonight at 6:15PM PDT we will begin blocking all UDP traffic at our network edge destined to port 1900 (SSDP) to mitigate DDoS amplification attacks from affected equipment.

-Tim J.

In an effort to better protect our customer's data, we have been working
on updating our SSL protected services to the industries "best
practice". As of yesterday, we have ceased the use of SSLv3 on our
member services including Member Tools, Webmail, and our mail cluster.
This was to protect against a new vulnerability in the SSLv3 protocol
that has been dubbed "POODLE". More information for that may be found
here:
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ .

It is also recommended that users disable SSLv3 in their clients. Some
older clients may not be able to disable this protocol, and the only
course of action is to update to a client that supports TLS. For more
information on how to configure your clients, see the following link:

https://zmap.io/sslv3/browsers.html
 
In other SSL related news, the SHA-1 hashing algorithm is to be phased
out over the next few years. As a result of this announcement, we have
been reissuing our certificates to the SHA-2 hashing algorithm over the
last week.

Any discussion of SSL should be directed to the forums.
https://forums.sonic.net/

Kelsey, Grant, and SOC