[AusNOG] Data Retention and CGNAT - educational exercise

Sid virtualsid at gmail.com
Thu Mar 26 12:58:45 EST 2015


Hi,

> On 26 Mar 2015, at 08:35, Nick Stallman <nick at agentpoint.com> wrote:
> 
> I was refering to stuff like this:
> https://isc.sans.edu/forums/diary/New+tricks+that+may+bring+DNS+spoofing+back+or+Why+you+should+enable+DNSSEC+even+if+it+is+a+pain+to+do/16859/
> 
> It would only be a security issue in certain cases, but if the set of ports was consecutive and not pseudo randomised it could reduce security of some applications which utilise random source ports.

Ah, of course. I wasn't thinking wide enough. Good point :-).

Then I guess (hope) the multiple methods described in the RFC, in particular the cryptographic method would help to alleviate some of these concerns.

Sid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150326/df3f950c/attachment.html>


More information about the AusNOG mailing list