Posts by jtk@infosec.exchange
 (DIR) Post #Aqg50li8rkUqQcGSC8 by jtk@infosec.exchange
       2025-02-01T14:45:58Z
       
       0 likes, 0 repeats
       
       @bortzmeyer Thanks for providing running updates and highlights, very useful!
       
 (DIR) Post #As7ItqTLsIxtTnPg5w by jtk@infosec.exchange
       2025-03-16T15:49:04Z
       
       0 likes, 1 repeats
       
       A fire-related incident in a Singapore data center (https://www.peeringdb.com/fac/6874) on March 14, 2025..  Various services and operations located there were interrupted.  One person injured.  https://www.straitstimes.com/singapore/one-taken-to-hospital-after-fire-at-data-centre-in-chai-chee
       
 (DIR) Post #AsfBq6f4HSYHR58jxI by jtk@infosec.exchange
       2025-04-01T23:10:17Z
       
       0 likes, 1 repeats
       
       I can only recall two hosting providers, out of dozens, that did not have a working #Debian OS template - and one promises to fix it.In both cases there is no option to bring your own ISO, but Ubuntu templates were available.  So... I did what any Debian fanatic would do, I installed Ubuntu and converted the system to Debian.It is not pretty, probably leaves a couple of warts lurking, and is not generally recommended, but it can be done.  In my most recent case I installed Ubuntu 20.x, changed the sources.list, added the Debian keyring with apt-key, ran apt update/upgrade/dist-upgrade and made a couple minor tweaks.  Presto change-o... Bookworm.  Not April Fool's.
       
 (DIR) Post #AtSaGyC8e3aDbjVmJk by jtk@infosec.exchange
       2025-04-25T19:56:28Z
       
       0 likes, 0 repeats
       
       @ricci Far be it for me to suggest more work, but if someone had the energy to sum the number of users on each server, if available, might also be neat to rank net/locale by user count.
       
 (DIR) Post #AtX6ZUUlg32Y71KtKy by jtk@infosec.exchange
       2025-04-28T00:27:04Z
       
       0 likes, 0 repeats
       
       @ricci Many have written and said much about the threats to the DNS by the U. S. government.  A lot of the paranoia historically came from kooks, grifters, and cranks, some of whom have tried to push alternative roots. A more recent version of that may involve a blockchain. Some of that fear is not entirely unreasonable to the uninitiated, but was and remains a tech phobia.In 2025, the threat may seem greater than ever before, but I'd argue it remains grossly overblown. There are a variety of reasons for this. Some are the practical limits of power the executive branch has. Mostly, there are numerous technical, economic, and social checks that protect the system. It would take a long, detailed essay, maybe one we should write one, to enumerate a number of convincing arguments to lay people on all the reasons why they should worry less about this.
       
 (DIR) Post #Atq31386PiOfnxeeS8 by jtk@infosec.exchange
       2025-05-07T03:47:05Z
       
       0 likes, 0 repeats
       
       @ricci "Rob" is not an option? :-)
       
 (DIR) Post #AusDRFJdlbKJWOGQSG by jtk@infosec.exchange
       2025-06-07T02:38:07Z
       
       0 likes, 1 repeats
       
       "We can't verify that the DNS root servers are running the code they say they are nor trust that the root zone won't be manipulated by a rogue U.S. administration. Therefore, we need [something completely different]."DNS is a convenient example, but substitute almost any widely deployed subsystem or tech of your choice.I find these sorts of hand wavy, shallow 240-character arguments to be as easily dismissed as they are so often made.
       
 (DIR) Post #AvDsJcj6Pk6O4TXYTg by jtk@infosec.exchange
       2025-06-17T13:31:08Z
       
       0 likes, 1 repeats
       
       US broadband provider Astound, aka RCN, (#AS6079).  I've asked if this FAQ is outdated, it doesn't sound right."Disabling IPv6For CA, OR, TX and WA[...]IPv6 is not yet widely adopted; most software, routers, modems, and other network equipment does not support this emerging protocol"https://www.astound.com/ten-trails/faqs/#accordion_accordion-19Why those states are singled out is not clear, maybe an artifact of a an earlier organization prior to acquisition.Any Astound people or customers in those states able to say more?
       
 (DIR) Post #AvGCLkUEv43A7MnahE by jtk@infosec.exchange
       2025-06-18T16:26:14Z
       
       0 likes, 0 repeats
       
       @ricci For history, maybe something from The Teaching Company or the Modern Scholar? You could do a lot worse than Margaret MacMillian's Paris 1919 for example.
       
 (DIR) Post #AwfhA7x6RUM1pIr22a by jtk@infosec.exchange
       2025-07-30T21:28:25Z
       
       0 likes, 0 repeats
       
       This was "packet rat".  +2 points to id what pack is sitting on, +10 if you know the specific phone device to the rear.
       
 (DIR) Post #Awfi638cV2HBgurR32 by jtk@infosec.exchange
       2025-07-30T21:41:51Z
       
       0 likes, 0 repeats
       
       @ricci Close enough. I think it might have been a 5509. This an old picture from a lab I ran, and being from around 2002, I don't think I would have had a 6509 to play around with, they were too valuable to us at the time.  But I could be wrong.Another picture of it here. Is that a 6509 or 5509? I can't tell by looking anymore, been awhile since I've touched either.https://web.archive.org/web/20190710032737/http://condor.depaul.edu/jkristof/technotes/incident-response.html
       
 (DIR) Post #Awgq47qV1EhWVJwFRw by jtk@infosec.exchange
       2025-07-31T10:45:47Z
       
       0 likes, 0 repeats
       
       @tomjennings Tom, are you aware of the new book "Other Networks: A Radical Technology Sourcebook" by @loriemerson? It is quite something I think you'd enjoy if you've not seen it.
       
 (DIR) Post #AwhiDyD75nGh2dew9w by jtk@infosec.exchange
       2025-07-31T20:51:32Z
       
       0 likes, 0 repeats
       
       @fatred @ricci It was reliable, but they really burned a hole in the corporate wallet when you had to upgrade sup cards every few years.
       
 (DIR) Post #Ax90s5S4dJTNWgqzS4 by jtk@infosec.exchange
       2025-08-13T23:57:07Z
       
       0 likes, 1 repeats
       
       Not cool."We have determined that a bad actor has generated false slides and exploited USENIX’s slide collection process to submit them as though they belong to legitimate authors."#usenixsecurity
       
 (DIR) Post #AxUvM1iqjqfGOqiD1k by jtk@infosec.exchange
       2025-08-24T14:37:32Z
       
       0 likes, 2 repeats
       
       #AFRINIC voter designation and board nominations close in 2 and 5 days respectively.There are restrictions on who can nominate, who can be a nominee, and of course who can vote.  Encourage your AFRINIC region members and colleagues to participate.https://elections.afrinic.net/
       
 (DIR) Post #Aym4VQFa70cnnatMzw by jtk@infosec.exchange
       2025-10-01T14:47:15Z
       
       1 likes, 0 repeats
       
       Sad to report, a colleague and friend to many in the network operator community, Fearghas McKay, spouse to the late Susan Forney, heavily involved in RIPE, NANOG, and other groups has suddenly and unexpectedly passed away.  He will be missed.
       
 (DIR) Post #AzGlaicVMlHKzUBT8q by jtk@infosec.exchange
       2025-10-16T14:28:51Z
       
       0 likes, 1 repeats
       
       Romanian network provider Zet.net (#AS6204)::  "Connecting the World with AI-Optimized Routing"".Oh dear.
       
 (DIR) Post #AzOzDN707UREFMtBw0 by jtk@infosec.exchange
       2025-10-20T11:59:18Z
       
       0 likes, 3 repeats
       
       Have you noticed that when the blame #DNS meme starts flying the root is perfectly operational, there is rarely a mention of the big registry operators, BIND, Unbound, Knot, and PowerDNS  are absent the conversation, and many who can craft a reasonable dig query are getting responses from local and public resolvers to debug?Even with all the misconfiguration, added complexity on top of it, and burden of being used by practically every service on the Internet, we should marvel at how amazingly good the vast majority of the DNS performs despite our best efforts to overwhelm it with all the Internet junk we've created.
       
 (DIR) Post #B24sxFF0Nsy37jkJ60 by jtk@infosec.exchange
       2026-01-08T14:26:05Z
       
       0 likes, 0 repeats
       
       @dougmadory I've observed occasional IPv6 transport failures to or from .IR TLD servers.  Not sure if it is related.  e.g.,* TCP: https://dnsmon.ripe.net/ir?start=2025-08-03T00%3A00%3A00.000Z&end=2025-08-09T23%3A59%3A00.000Z&zone=ir.&protocol=tcp&ipVersion=6* UDP: https://dnsmon.ripe.net/ir?start=2025-08-03T00%3A00%3A00.000Z&end=2025-08-09T23%3A59%3A00.000Z&zone=ir.&protocol=udp&ipVersion=6
       
 (DIR) Post #B2Ety7YWUByR74SKtU by jtk@infosec.exchange
       2026-01-09T22:54:23Z
       
       0 likes, 1 repeats
       
       There are four .ir TLD nameservers, three of which are located behind IRNIC and have been generally unavailable outside of Iran (not sure about in-country).One auth NS (c.nic.ir.) is operating behind #AS48011 outside of Iran and is responding to queries.However, from what I can see from the SOA RRs for the zone captured by passive DNS, c.nic.ir does not currently appear to be in sync (older serial than a.nic.ir) and is falling behind.The zone is DNSSEC signed, so there could be some interesting anomalies to come.#DNS