> I just realized that many automatically put emails with the subject
> line of "Spoofer Report for NANOG" in the trash, so I changed it.
>
> Is that for real or a spoof itself? If it's real I know a buncha
> guys that will help. ;)
This is real:
https://spoofer.caida.org/recent_tests.php?as_inc
Hi Vincent,
On Mon, May 11, 2020 at 10:36:03AM +0200, Vincent Bernat wrote:
> This work is quite interesting. I see you have also a page to build
> regex from router names for each operator. Did you already work on
> extracting city names/US states? This would be quite helpful as well.
I haven't
Hi NANOG
To support Internet topology analysis efforts, we have been working on
an algorithm to detect AS numbers inside hostnames (PTR records) for
router interfaces, and automatically build regular expressions
(regexes) to extract them. Specifically, we are looking at operators
who embed the AS
records that has things with ISP domain
> names last in use in the year 2002.
>
>
>
> On Mon, Apr 29, 2019 at 6:15 AM Matthew Luckie wrote:
>
> > Hi NANOG,
> >
> > To support Internet topology analysis efforts, I have been working on
> > an algorithm
Hi NANOG,
To support Internet topology analysis efforts, I have been working on
an algorithm to automatically detect router names inside hostnames
(PTR records) for router interfaces, and build regular expressions
(regexes) to extract them. By "router name" inside the hostname, I
mean a substring
To my knowledge this is the meeting network.
https://spoofer.caida.org/recent_tests.php?as_include=19230
Your interpretation of the results is congruent with mine. If you look
through the history of tests you can see SAV is usually deployed on the
network during the meeting.
This is true of oth
Hi,
The CAIDA Spoofer project has been collecting and publicly sharing
data on the deployment of source address validation since March 2016.
We've built up a reasonably large install-base of the open-source
client, and receive tests from 400-500 unique IPs per day. We're
posting reports with link
> This doesn't seem quite like it is BCP38 and more like this is
> BCP84, but it only talks about use of ACLs in section 2.1 without
> providing any examples. Given that it is also 13 years old I thought
> there might be fresher information out there.
section 2.1 is about permitting packets from s
> Since about a week or so it's become impossible to reach wp.com content
> over IPv6.
>
> IPv4 content does work fine, using the IPv6 literal returns a 404 which
> is small enough to fit in a smaller 1480 byte MTU.
>
> I have another test site that has a clean 1500 byte mtu and I can fetch
> th
n to annotate each relationship with examples as to why it was
inferred the way it was, but we have not yet got that far yet.
Thanks,
Matthew Luckie
CAIDA
> What's really needed is a service that looks up a given web page
> over IPv6 from behind a 1280 byte MTU link and reports if all the
> elements load or not. It dumps a list of elements with success/fail.
>
> This would be useful to send the idiots that block ICMPv6 PTB yet
> send packets bigger
IPv6 paths that are the same as an IPv4-level path are correlated with
better IPv6 performance according to: "Assessing IPv6 Through Web
Access - A Measurement Study and Its Findings"
http://repository.upenn.edu/ese_papers/602/
At the Feb NANOG I gave a lightning talk on trends involving dual
zero.
We would appreciate it if anyone who is willing to provide us with their
AS number and the number of their providers, would email this
information to m...@caida.org.
Matthew Luckie
CAIDA.
p.s. It would be great if you could also tell us who your providers are.
> 1) My goal is to store the traffic may be fore ever, and analyze it in
> the future for security related incidents detected by ids/ips.
Take a look at "Building a Time Machine for Efficient Recording and
Retrieval of High-Volume Network Traffic"
https://www.usenix.org/conference/imc-05/building
These days there are better implementations of traceroute that are less
likely to infer false IP paths by not playing games with the source and
destination ports.
www.paris-traceroute.net
Paris traceroute hacks the payload of the UDP probe to use the checksum
field as the probe identifier (and al
15 matches
Mail list logo
