Internet2 Network Security SIG

[Adair Thaxton <>]

Happy April, y'all!  Hopefully your organization's security is less 
busted than my bracket.


If you weren't able to come to Global Summit last month, you missed a 
great meeting.  Jesse says I talked too much, I'm sure you're all surprised.


Actual progress is being made on blocking RFC1918 addresses!  We've 
separated the relevant interfaces and are creating the various filters 
and terms and groups and things required to apply the blocks only to the 
connector interfaces.  We're hoping to have this completed by mid-April.


We didn't have a projector in the room for my presentation on ARTEMIS, 
an open-source alternative to BGPMon, or for Jesse to talk about 
STINGAR.  I did the ARTEMIS presentation at the Connectors BoF and my 
slides are here: 
https://docs.google.com/presentation/d/1DmsePvXrLgmpH9HfnjOATa1ZB3BHzpgYK2QamPiHQ_o/edit?usp=sharing


And here is a page about STINGAR from Jesse: 
https://stingar.security.duke.edu/about-2/  He's very proud of it and 
apparently has an unlimited sticker budget, if you want stickers.


We thought it was a practical idea for institutions to take a mini-step 
towards joining MANRS.  That mini-step is for you all to download the 
Spoofer client from CAIDA (https://www.caida.org/projects/spoofer/) and 
use it to make sure your BCP38/84 anti-spoofing filters are working as 
intended!  More about how anti-spoofing is required for MANRs here: 
https://www.manrs.org/isps/guide/antispoofing/

Hearts,
Adair