MailTopics
From NANOG
Contents
|
[edit]
Interesting NANOG topic summaries
[edit]
Mobile Phone Addresses for Monitoring
- 7 September 2007: http://www.merit.edu/mail.archives/nanog/msg02823.html
[edit]
240/4 experimental use
- 18 October 2007: http://www.merit.edu/mail.archives/nanog/msg03818.html
[edit]
P2P Application "Fairness" / Comcast blocking P2P
- 22 Oct 2007: http://www.merit.edu/mail.archives/nanog/msg03992.html
- 22 Oct 2007: http://www.merit.edu/mail.archives/nanog/msg03996.html
[edit]
Youtube IP Range Hijacking (Hi Pakistan!)
- http://www.merit.edu/mail.archives/nanog/msg06384.html
- 27 Feb 2008: http://arstechnica.com/news.ars/post/20080225-insecure-routing-redirects-youtube-to-pakistan.html
- 29 Feb 2008: http://www.ripe.net/news/study-youtube-hijacking.html
- 3 March 2008 - Understanding Resiliency of Internet Topology Against Prefix Hijacking Attacks (2007) - http://www.cs.ucla.edu/~mohit/cameraReady/hijack-dsn.pdf
[edit]
Internet Alert Registry Peering / "Pretty Good BGP"
- Initial Post: 10 Mar 2008: http://www.merit.edu/mail.archives/nanog/msg06605.html
[edit]
Customer-Facing ACLs
- 7 Mar 2008: Initial post: http://www.merit.edu/mail.archives/nanog/msg06546.html
[edit]
Filtering Information
- Mark Tinka: filtering when supplying transit to multiple ISPs: http://www.merit.edu/mail.archives/nanog/msg06583.html
- Justin Streiner: filtering SMTP in a previous life: http://www.merit.edu/mail.archives/nanog/msg06547.html
- Kameron Gasso: filtered SMTP to dialup but not DSL - specifically mentions a fast abuse desk to deal with complaints and how customers are filtered until the complaint has been addressed: http://www.merit.edu/mail.archives/nanog/msg06552.html
- SBC Dallas: http://www.merit.edu/mail.archives/nanog/msg06559.html
- Christopher Morrow - pointing out UUNET has been doing SMTP filtering for clients since 2002 - http://www.merit.edu/mail.archives/nanog/msg06624.html
- Joel Jaeggli: bot filtering based on connection rate thresholds: http://www.merit.edu/mail.archives/nanog/msg06572.html
[edit]
Projects
- Robert Beverley - talking about a recent project to measure filtering prevalence - http://www.merit.edu/mail.archives/nanog/msg06551.html
- .. and the relevant data - http://ana.csail.mit.edu/rsp/
- Danny McPherson - Arbor Networks asked this in their latest Internet Infrastructure Survey - http://www.merit.edu/mail.archives/nanog/msg06554.html
- .. and the relevant site - http://www.arbornetworks.com/report ; the paper is at http://www.tcb.net/wisr_2007_v3.pdf
- Internet Alert Registry - http://iar.cs.unm.edu/
- Pretty Good BGP - http://cs.unm.edu/~karlinjf/pgbgp/
- SANS Internet Storm Centre: an example relevant story: http://www.incidents.org/diary.html?storyid=4045
- Linked to an ISC Diary article: http://isc.incidents.org/diary.html?storyid=3529 ; includes some data
- Linked to a Usenix LEET '08 submission: A Study of Passwords and Methods Used in Brute-Force SSH Attacks (Jim Owens and Jeanna Matthews) - http://people.clarkson.edu/~owensjp/pubs/leet08.pdf
[edit]
Technologies
- Filtering technologies for different connection types? ADSL? Cable? Wireless? Fibre/Ethernet termination?
- TBD
[edit]
Should things be filtered?
- Justin Shore: http://www.merit.edu/mail.archives/nanog/msg06558.html
- Scott Weeks: where should the line be drawn :http://www.merit.edu/mail.archives/nanog/msg06560.html
- Dave Pooser: why filter FTP/Telnet: are they being actively exploited: http://www.merit.edu/mail.archives/nanog/msg06562.html
- Justin Shore: blocking outbound telnet/SSH? Most SSH versions on his netblocks (customers, I assume -ed) are old or vulnerable; customers paying for static IPs get the ability to have the filter removed: http://www.merit.edu/mail.archives/nanog/msg06578.html
[edit]
Filtering: Data
- Frank Bulk - spam outflow rates (2/sec): http://www.merit.edu/mail.archives/nanog/msg06571.html
- Dave Pooser - probe rates (SSH bruteforcing): http://www.merit.edu/mail.archives/nanog/msg06573.html
[edit]
SMP Filtering Effects on Roaming Customers
- TBD
[edit]
Third-Party Network Monitoring
- TBD
