netsec-sig - Re: [Security-WG] Security group highlights
Subject: Internet2 Network Security SIG
List archive
- From: Jesse Bowling <>
- To: "" <>
- Subject: Re: [Security-WG] Security group highlights
- Date: Fri, 7 Dec 2018 14:45:18 +0000
- Accept-language: en-US
- Authentication-results: mail-gw.oit.duke.edu; spf=none ; dmarc=none
- Ironport-phdr: 9a23:+ujJ6BZdwXQPwnevCu4TgXH/LSx+4OfEezUN459isYplN5qZrsy4bnLW6fgltlLVR4KTs6sC17KG9fi4EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCa+bL9oMBm6sRjau9ULj4dlNqs/0AbCrGFSe+RRy2NoJFaTkAj568yt4pNt8Dletuw4+cJYXqr0Y6o3TbpDDDQ7KG81/9HktQPCTQSU+HQRVHgdnwdSDAjE6BH6WYrxsjf/u+Fg1iSWIdH6QLYpUjmk8qxlSgLniD0fOjA57m/Zl9BwgqxYrhKvpRNxxI/Ub52aO/dlcaPRYdYaSHBBXspNVSFMBJ63YYsVD+oGOOZVt43zqEUVrRulGwanGf7iyjhGh3/y3K061eshGhzB0QwiAd0Oq2/Uo8vvOKgJVuC0wq3IzTTFb/NZwjry9ZXIchM/rv2WQ71/bNfRxFApGgjYgFuQronlMCmU1uQLq2Wb8+pgVfixhGE9tg5+vCKvyt02hYnRnoIZ0lHF9SJ+wIYwP9G4VVV7bNi5G5VTryGXL5Z6T8M8T21ytis20KAKtJ2/cSQQ1pgqyADTZ+Saf4WI/B7vTuicLS12iX9qYr6yhxm//VCuyuLiVcS4zFNHoy9Kn9TPtX0Cyhne58yER/Zz8Ees3DSC2gLd5+xFJE05lbDUJpE9zbM2i5Edq17MHjXsl0XzlKKWdlsr+uyv6+n/Z7XpvJ6cN4tthgHxPKUig9GzDOUiPggJXmib5f6w26D+/U36XrpGlOM5nbTEsJzCJMQboLC2AxNN34o+6xuzES2q3doCkXUaL19IfAiLg5bmNl3QOPz4CO2wg1WokDdl3fDGObjhD43PLnfdi7fhZqhy51RHxwo0w9Ff45NUCrcOIP/oR0Dxqd/YAQEjPwOq3unnFc1x1pkCVmKXHq+ZLKTSvEeT5u0xP+aMeZUVuDfhK/kl/vLvg3A5lEQZfamoxpsXdGu4Eup8L0WYZ3rsnskOEX0MvgUgUOzmlkeOXiBOaHavDOoA4WRxE4+tEJ3CWpHon7Op3SGnE4dQa3wcTF2ADD2gI56JUOoWaT6DZ9Buuj0CSbW7TYI9j1ejuBKsmJR9Ke+B2CADrp+r/t9q4+zVmllm9zFvFMnb2WaSS2BykUsEWjw7mq1zvBoumR+4zaFkjqkARpRo7PRTX1Jib8SOxvFmC930RgPKd8uIT1DjWNi9HDUtVYJqkdoHYkI4FMrkiRHfmSa3ALJTmrCWV/lWk7nE0S33IMBwg23DyLFnilAnRsVVMmjzhKNk7AWVDYnWl0SfmI6maKcRmiPB6TTmrwuCuUhCW1t2VqPIUA==
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
Hi Adair,
Thank you for this! I think this is a great idea.
I’m sorry I’ve been a little slow in getting involved in some of these
conversations, but am turning over a new leaf as some of my other non-Duke
responsibilities are winding down.
Cheers,
Jesse
> On Dec 7, 2018, at 8:56 AM, Adair Thaxton
> <>
> wrote:
>
> Good morning, everyone! One of my takeaways from recent discussions was
> that it would be great if I could send out regular updates to the
> working group about what we've been up to at Internet2.
>
> - The working group listserv had a good discussion about methods to
> detect DDoSes and trigger mitigation. Specific tools mentioned were
> FastNetMon, Arbor Peakflow, Kentik, and Plixer Scrutinizer.
>
> - We've been working with a team from CAIDA to test ARTEMIS, a BGP
> hijacking detection tool. We have a TON of peers, so we're still
> working on getting them all added, which is creating false positives.
>
> - We continue to work on being good MANRS participants. We’ve gotten
> the prefixes we originate documented in the IRR and now have ROA’s for
> all of them. We have our contact information updated in the IRR and on
> our website, and have double-checked to ensure that all of our customer
> BGP sessions are protected by in-bound explicit BGP prefix-lists.
> Finally, we’ve applied unicast RPF to all of our host subnets, the ones
> that support our PAS servers, etc.
>
> - An interesting article about a pentest that failed:
> https://threader.app/thread/1063423110513418240
>
> - If you missed the MANRS webinar, it was recorded:
> https://internet2.zoom.us/recording/share/uhrmb_DXcB-AGdX7yAYqpTwl_Zcjudin7mpiXNElS6OwIumekTziMw
>
> Adair
--
Jesse Bowling
ITSO::Security Architect & CSIRT Program Manager
jesse.bowling[AT]duke.edu::919-660-1073
334 Blackwell St::Durham, NC::27701
Attachment:
signature.asc
Description: Message signed with OpenPGP
- [Security-WG] Security group highlights, Adair Thaxton, 12/07/2018
- Re: [Security-WG] Security group highlights, Jesse Bowling, 12/07/2018
Archive powered by MHonArc 2.6.19.