[AusNOG] network security Question

Mark ZZZ Smith markzzzsmith at yahoo.com.au
Thu May 22 19:31:56 EST 2014 

Service providers who've used RFC1918s internally might be getting blocking for free ...

"Issues with Private IP Addressing in the Internet"
http://tools.ietf.org/html/rfc6752




>________________________________
> From: Luca Salvatore <luca at digitalocean.com>
>To: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net> 
>Sent: Wednesday, 21 May 2014 9:05 AM
>Subject: Re: [AusNOG] network security Question
> 
>
>
>There's a special place in Hell reserved for people (especially providers) who block ICMP ;-)
>
>
>
>On Tue, May 20, 2014 at 9:13 PM, Damien Gardner Jnr <rendrag at rendrag.net> wrote:
>
>Pen-test scenario? It used to be the shits-and-giggles pastime at the Canberra 2600 meets, seeing how many networks could be dropped off in the same 1-hour block because they auto-blackholed uneeda.telstra.net, their upstream gateway, their providers BGP IP, etc etc :-p
>>
>>Automatic blackholing based anything but full connection TCP is a pretty dumb idea mmmkay :)
>>
>>—DG
>>
>>
>>
>>On 20 May 2014, at 8:54 pm, Shain Singh <shain.singh at gmail.com> wrote:
>>
>>> Blocking arbitrary blocks is fraught with danger...
>>>
>>>>
>>>> With regards to arbitrarily blocking whole country netblocks; sure, some
>>>> people do it. Having your IDS/IPS temporarily block trouble addresses is
>>>> probably a better solution if you want to go down that path, though.
>>>>
>>>
>>> Common pen-test scenario for if you have an IDS/IPS setup to
>>> temporarily block based on attack signatures is to make your attacks
>>> look like they originate from root DNS servers.
>>>
>>>
>>> --
>>> Shaineel Singh
>>> e: shain.singh at gmail.com
>>> p: +61 422 921 951
>>> w: http://buffet.shainsingh.com
>>>
>>> --
>>> "Too many have dispensed with generosity to practice charity" - Albert Camus
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>_______________________________________________
>>AusNOG mailing list
>>AusNOG at lists.ausnog.net
>>http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
>
>
>-- 
>
>Luca Salvatore
>Network Engineer
>DigitalOcean
>AUS: +61 414 700 383
>USA: +1 (347) 305-4030
>
>_______________________________________________
>AusNOG mailing list
>AusNOG at lists.ausnog.net
>http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140522/62953c0c/attachment.html>

More information about the AusNOG mailing list