nanog mailing list archives
Re: Ingress filtering on transits, peers, and IX ports
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Tue, 13 Oct 2020 20:04:41 -0700
If I had a dollar for every 'scary security alert' email received in a NOC email inbox from a 'security researcher group' that is the results of a port scan, or some small subset of trojan infected residential endpoint computers attempting outbound connections on ($common_service_port), or similar... On Tue, Oct 13, 2020 at 7:50 PM Chris Adams <cma () cmadams net> wrote:
Once upon a time, Eric Kuhnke <eric.kuhnke () gmail com> said:Considering that one can run an instance of an anycasted recursive nameserver, under heavy load for a very large number of clients, on a$6001U server these days... I wonder what exactly the threat model is.A customer forwarded one of these notices to us - looked like it's about recursive DNS cache poisoning. It's been a while since I looked closely, but I thought modern recursive DNS software was pretty resistant to that, and anyway, the real answer to that is DNSSEC. I could be wrong, but getting a scary-sounding OMG SECURITY ALERT email from some group I've never heard of (and haven't AFAIK engaged the community about their "new" attack, scans, or notices)... seems more like shameless self promotion. -- Chris Adams <cma () cmadams net>
Current thread:
- Re: Ingress filtering on transits, peers, and IX ports, (continued)
- Re: Ingress filtering on transits, peers, and IX ports Brian Knight via NANOG (Oct 22)
- RE: Ingress filtering on transits, peers, and IX ports adamv0025 (Oct 23)
- Re: Ingress filtering on transits, peers, and IX ports Tim Durack (Oct 20)
- Re: Ingress filtering on transits, peers, and IX ports Marcos Manoni (Oct 20)
- Re: Ingress filtering on transits, peers, and IX ports Dobbins, Roland (Oct 20)
- Re: Ingress filtering on transits, peers, and IX ports Nick Hilliard (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Mike Hammett (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Jared Mauch (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Eric Kuhnke (Oct 13)
- Re: Ingress filtering on transits, peers, and IX ports Chris Adams (Oct 13)
- Re: Ingress filtering on transits, peers, and IX ports Eric Kuhnke (Oct 13)
- Re: Ingress filtering on transits, peers, and IX ports Seth Mattinen (Oct 13)
- Re: Ingress filtering on transits, peers, and IX ports Casey Deccio (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Mark Andrews (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Chris Adams (Oct 13)
- Re: Ingress filtering on transits, peers, and IX ports Bryan Holloway (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Casey Deccio (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Mel Beckman (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Eric Kuhnke (Oct 14)
- Re: Ingress filtering on transits, peers, and IX ports Casey Deccio (Oct 19)