Skip to Content.
Sympa Menu

netsec-sig - [Security-WG] Security group highlights

Subject: Internet2 Network Security SIG

List archive

[Security-WG] Security group highlights


Chronological Thread 
  • From: Adair Thaxton <>
  • To: "" <>
  • Subject: [Security-WG] Security group highlights
  • Date: Fri, 7 Dec 2018 13:56:03 +0000
  • Accept-language: en-US
  • Authentication-results: internet2.edu; dkim=none (message not signed) header.d=none;internet2.edu; dmarc=none action=none header.from=internet2.edu;
  • Ironport-phdr: 9a23:iBI7jBxWbrA5kOrXCy+O+j09IxM/srCxBDY+r6Qd2uwWIJqq85mqBkHD//Il1AaPAd2Lraocw8Pt8InYEVQa5piAtH1QOLdtbDQizfssogo7HcSeAlf6JvO5JwYzHcBFSUM3tyrjaRsdF8nxfUDdrWOv5jAOBBr/KRB1JuPoEYLOksi7ze+/94HQbglSmDaxfa55IQmrownWqsQYm5ZpJLwryhvOrHtIeuBWyn1tKFmOgRvy5dq+8YB6/ShItP0v68BPUaPhf6QlVrNYFygpM3o05MLwqxbOSxaE62YGXWUXlhpIBBXF7A3/U5zsvCb2qvZx1S+HNsDwULs6Wymt771zRRHolikJKiI5/m/UhMxxkK1Vrx2uqgdjw4HPeoyZKOZycr/fcN4cWGFPXtxRVytEAo6kc4YAEvAOPedCr4LguVUOrQGxBAawBOPozD9Dm3j73bYm0+QhCw7H0xAgH9UIsHnPrdX1MrsSXv6vzKnO0zrDc+1a1S3j54fVbxAsuPeBVq9+f8rWzEkgDQLFjlOIpIz5PzOVzPoCvHKG4OV+T+KjkXQoqxlpojS3x8YsjY7JhocPxlDZ7iV0xps+K96gSENjfNKoDJRduzuVOoZ0WM8vQ31ktDw6x7EboZK3YjQGxIg6yxPaZPGKcouF7xf9WOuQPzt0mHdod6iliBmo60etz+jxW8mo3FpWsiZJitfMuW4O2hDP78WKT/hw/kmg1DuK1w3c8PxILEMxmKfbNpIswbo9m58dsUvZACP7nlj9grWMeUU+4Oeo7vzqYrX4qZ+YMI95khnwP7gplMCjAek0KxUDUGqF9eil073s5lP2TK9Njv0rjqnWq5faJdkdpqGkGQNVypwj6xGjDzi4zNsYgXgHLFVDeB6diIjpJk3OIPT/Dfe4gFSgiitkx/fDPrH5A5XNKGbMkKv5cLpg90JRxxA/wN9d6p5OCrwNPOj/V0/suNDACx82KQ20w+LpCNVn0YMeXHqCArSFMKPSq1CJ6f4vI+6KZIIOuTb9LeQl6OD0jX8/h1AdYbel0YEJZ3+lA/RqO1+Zbmb0gtcdDWcKuRIzTPf0h1KeTD5TfXeyX7485z0iBoOmApzORoSsgLyawCe7BYNaanpHClCKDXfnaZ+EW/ESZyKOPMNtiCILWqW8S9xp6Rb7/hT3wKd9L/bFvzIXnZPlyNVv4eDPz1c/+SE+R5CG3mqQVWBojyYXSBc32rxyu0pw1g3F3KRl1a92D9tWstpFWwYgfaLcxvxmDNa6Dhndft6ZVFGgatSgHTwrSN8tmZkDb1srSIbqtQzKwyf/W+xdrLeMHpFhqviGjXHsO8ZwzWrH36A9jl4gB9FCLnCimrUmrViBBojVnl+fmrrwM6kQwX2F+GSCyD+Iu0dVGE51XL7eVH8SLk3RsZzi50zEQrPvbNZvMgZIxcOYbKcfbNrvgAZHQuvuItLTfzj3lmutVl6Ew7qWZ9/sfGMQlCzWFEkDlVUV+nCLUGp2Biqor2/ESjJ0Ele6YkXw/PN4pW/hCEI40lKH
  • Spamdiagnosticoutput: 1:0
Good morning, everyone! One of my takeaways from recent discussions was
that it would be great if I could send out regular updates to the
working group about what we've been up to at Internet2.

- The working group listserv had a good discussion about methods to
detect DDoSes and trigger mitigation. Specific tools mentioned were
FastNetMon, Arbor Peakflow, Kentik, and Plixer Scrutinizer.

- We've been working with a team from CAIDA to test ARTEMIS, a BGP
hijacking detection tool. We have a TON of peers, so we're still
working on getting them all added, which is creating false positives.

- We continue to work on being good MANRS participants. We’ve gotten
the prefixes we originate documented in the IRR and now have ROA’s for
all of them. We have our contact information updated in the IRR and on
our website, and have double-checked to ensure that all of our customer
BGP sessions are protected by in-bound explicit BGP prefix-lists.
Finally, we’ve applied unicast RPF to all of our host subnets, the ones
that support our PAS servers, etc.

- An interesting article about a pentest that failed:
https://threader.app/thread/1063423110513418240

- If you missed the MANRS webinar, it was recorded:
https://internet2.zoom.us/recording/share/uhrmb_DXcB-AGdX7yAYqpTwl_Zcjudin7mpiXNElS6OwIumekTziMw

Adair

Archive powered by MHonArc 2.6.19.

Top of Page