[AusNOG] network security Question

Oliver Eyre oliver.eyre at bigair.net.au
Wed May 21 09:21:52 EST 2014


How else are you supposed to stop the hackers if you can't block ICMP???

=)

On 21 May 2014 09:05, Luca Salvatore <luca at digitalocean.com> wrote:

> There's a special place in Hell reserved for people (especially providers)
> who block ICMP ;-)
>
>
> On Tue, May 20, 2014 at 9:13 PM, Damien Gardner Jnr <rendrag at rendrag.net>wrote:
>
>> Pen-test scenario? It used to be the shits-and-giggles pastime at the
>> Canberra 2600 meets, seeing how many networks could be dropped off in the
>> same 1-hour block because they auto-blackholed uneeda.telstra.net, their
>> upstream gateway, their providers BGP IP, etc etc :-p
>>
>> Automatic blackholing based anything but full connection TCP is a pretty
>> dumb idea mmmkay :)
>>
>> —DG
>>
>>
>> On 20 May 2014, at 8:54 pm, Shain Singh <shain.singh at gmail.com> wrote:
>>
>> > Blocking arbitrary blocks is fraught with danger...
>> >
>> >>
>> >> With regards to arbitrarily blocking whole country netblocks; sure,
>> some
>> >> people do it. Having your IDS/IPS temporarily block trouble addresses
>> is
>> >> probably a better solution if you want to go down that path, though.
>> >>
>> >
>> > Common pen-test scenario for if you have an IDS/IPS setup to
>> > temporarily block based on attack signatures is to make your attacks
>> > look like they originate from root DNS servers.
>> >
>> >
>> > --
>> > Shaineel Singh
>> > e: shain.singh at gmail.com
>> > p: +61 422 921 951
>> > w: http://buffet.shainsingh.com
>> >
>> > --
>> > "Too many have dispensed with generosity to practice charity" - Albert
>> Camus
>> > _______________________________________________
>> > AusNOG mailing list
>> > AusNOG at lists.ausnog.net
>> > http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
>
>
> --
> Luca Salvatore
> Network Engineer
> DigitalOcean
> AUS: +61 414 700 383
> USA: +1 (347) 305-4030
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140521/625cb6fb/attachment.html>


More information about the AusNOG mailing list