On 3/1/2017 10:50 PM, James DeVincentis via NANOG wrote:
Realistically any hash function *will* have collisions when two items are
specifically crafted to collide after expending insane amounts of computing
power, money, and… i wonder how much in power they burned for this little stunt.
Easy
On Thu, Mar 02, 2017 at 12:24:38PM +0700, Roland Dobbins wrote:
> On 2 Mar 2017, at 9:55, Oliver O'Boyle wrote:
>
> >Currently, I have 3 devices connected. :)
>
> What about DNS issues? Are you sure that you really have a
> networking issue, or are you having intermittent DNS resolution
> proble
On Wed, Mar 1, 2017 at 7:57 PM, James DeVincentis via NANOG
wrote:
[ reasonable analysis snipped :) ]
> With all of these reasons all wrapped up. It clearly shows the level of hype
> around this attack is the result of sensationalist articles and clickbait
> titles.
I have trouble believing t
On 2 Mar 2017, at 9:55, Oliver O'Boyle wrote:
Currently, I have 3 devices connected. :)
You could have one or more botted machines launching outbound DDoS
attacks, potentially filling up the NAT translation table and/or getting
squelched by your broadband access provider with layer-4 granula
Let me add some context to the discussion.
I run threat and vulnerability management for a large financial institution.
This attack falls under our realm. We’ve had a plan in progress for several
years to migrate away from SHA-1. We’ve been carefully watching the progression
of the weakening of
I like the footnote they attached specifically for SHA1.
"[3] Google spent 6500 CPU years and 110 GPU years to convince everyone we need
to stop using SHA-1 for security critical applications. Also because it was
cool."
It’s also not preimage. This isn’t even a FIRST preimage attack. That tabl
On Thu, Mar 02, 2017 at 03:42:12AM +, Nick Hilliard wrote:
> James DeVincentis via NANOG wrote:
> > On top of that, the calculations they did were for a stupidly simple
> > document modification in a type of document where hiding extraneous
> > data is easy. This will get exponentially computat
James DeVincentis via NANOG wrote:
> On top of that, the calculations they did were for a stupidly simple
> document modification in a type of document where hiding extraneous
> data is easy. This will get exponentially computationally more
> expensive the more data you want to mask. It took nine q
Next -->
On March 1, 2017, at 9:31 PM, Ryan Pugatch wrote:
On Wed, Mar 1, 2017, at 09:29 PM, Oliver O'Boyle wrote:
Each device associated with the AP consumes memory. Small low-end routers don't
typically come with much memory. If you've got a lot of devices associated with
the AP you will
On Wed, Mar 1, 2017, at 09:29 PM, Oliver O'Boyle wrote:
> Each device associated with the AP consumes memory. Small low-end
> routers don't typically come with much memory. If you've got a lot of
> devices associated with the AP you will run out of memory. I'm not
> sure how many devices you'r
Each device associated with the AP consumes memory. Small low-end routers
don't typically come with much memory. If you've got a lot of devices
associated with the AP you will run out of memory. I'm not sure how many
devices you're connecting, though. Three will not cause this problem. 30
might.
O
On Wed, Mar 1, 2017, at 06:35 PM, Jean-Francois Mezei wrote:
> On 2017-03-01 11:28, Ryan Pugatch wrote:
>
> > At random times, my Windows machines (Win 7 and Win 10, attached to the
> > network via WiFi, 5GHz) lose connectivity to the Internet.
>
> > For what it's worth, the router is a Linksy
Keep in mind botnets that large are comprised largely of IoT devices which have
very little processing power compared to the massive multi-core, high
frequency, high memory bandwidth (this is especially important for
cryptographic operations) CPUs in data centers. It doesn’t take much processing
On Wed, 01 Mar 2017 15:28:23 -0600, "james.d--- via NANOG" said:
> Those statistics are nowhere near real world for ROI. You'd have to invest
> at least 7 figures (USD) in resources. So the return must be millions of
> dollars before anyone can detect the attack. Except, it's already
> detectable.
On 2017-03-01 11:28, Ryan Pugatch wrote:
> At random times, my Windows machines (Win 7 and Win 10, attached to the
> network via WiFi, 5GHz) lose connectivity to the Internet.
> For what it's worth, the router is a Linksys EA7300 that I just picked
> up.
Way back when, I have a netgear router.
> The what? RFC5280 does not contain the string "finger".
The fingerprint (or thumbprint) is the hash (sha1/sha256) of the certificate
data in DER format, it's not part of the actual certificate. The fingerprint
is largely used in the security and development community in order to
quickly identif
On Wed, Mar 1, 2017, at 03:58 PM, iam...@gmail.com wrote:
> On many non-windows OS (Mac OSX, Linux, FreeBSD etc.) you can specify
> ICMP
> traceroute using -I:
>
> traceroute -I google.com
>
> I wonder if this would replicate your experience with Windows tracert
Definitely on my list to test.
On many non-windows OS (Mac OSX, Linux, FreeBSD etc.) you can specify ICMP
traceroute using -I:
traceroute -I google.com
I wonder if this would replicate your experience with Windows tracert
On Wed, Mar 1, 2017, at 02:57 PM, William Herrin wrote:
> On Wed, Mar 1, 2017 at 2:31 PM, Ryan Pugatch wrote:
> > So in that case, I would be back to my original issue where I stop being
> > able to pass traffic to the Internet, and when that happens my
> > traceroute always dies at the same hop
On Wed, Mar 1, 2017 at 2:31 PM, Ryan Pugatch wrote:
> So in that case, I would be back to my original issue where I stop being
> able to pass traffic to the Internet, and when that happens my
> traceroute always dies at the same hop. After disconnecting and
> reconnecting, the same traceroute wil
On Tue, Feb 28, 2017 at 01:16:23PM -0600, James DeVincentis via NANOG wrote:
> The CA signing the cert actually changes the fingerprint
The what? RFC5280 does not contain the string "finger".
> (and serial number, which is what is checked on revocation lists)
The CA doesn't "change" the serial
On Wed, Mar 1, 2017, at 02:04 PM, William Herrin wrote:
> > On Wed, Mar 1, 2017, at 01:23 PM, Aaron Gould wrote:
> >> That's strange... it's like the TTL on all Windows IP packets are
> >> decrementing more and more as time goes on causing you to get less and
> >> less hops into the internet
>
>
On Wed, 01 Mar 2017 14:04:07 -0500, William Herrin said:
> I have no information about whether comcast blocks pings to its routers.
All the Comcast gear in the path from my home router to non-Comcast addresses
will quite cheerfully rate-limit answer both pings and traceroutes.
pgpO6xO_p6EQX.pgp
> On Wed, Mar 1, 2017, at 01:23 PM, Aaron Gould wrote:
>> That's strange... it's like the TTL on all Windows IP packets are
>> decrementing more and more as time goes on causing you to get less and
>> less hops into the internet
Hi Ryan,
Windows tracert uses ICMP echo-request packets to trace the
The issue doesn't happen with my previous router, and I've tested
multiple computers (one that isn't mine.)
It doesn't seem like it decrements over time.. it just dies sooner as I
trace further up the path. I can consistently die at the 7th hop if I
try to go to Google, but if I trace to the 6th
Hi everyone,
I've got a real head scratcher that I have come across after replacing
the router on my home network.
I thought I'd share because it is a fascinating issue to me.
At random times, my Windows machines (Win 7 and Win 10, attached to the
network via WiFi, 5GHz) lose connectivity to the
The CA signing the cert actually changes the fingerprint (and serial number,
which is what is checked on revocation lists), so this is not a viable
scenario. Beyond that, SHA1 signing of certificates has long been deprecated
and no new public CAs will sign a CSR and cert with SHA1.
> On Feb 27,
Hi,
we are a team of researchers from TU Berlin [1] working on a measurement project
to assess the ramifications of traffic with spoofed source IP addresses in the
Internet.
To better understand the operational challenges that you as network operators
face when deploying (or not deploying) source
On Wed, Mar 01, 2017 at 10:49:07AM +, Nagarjun Govindraj via NANOG wrote:
> Is it possible to maintian an IRR database locally for quering route
> objects from various RIR's and do a regular sync like what RPKI validator
> does for ROA's.
IRRExplorer's database is available as json blob, if yo
Yeap. If you look at http://irr.net/docs/list.html , all of them list FTP
sites where you can get all information in bulk, load into your IRR daemon
and have a fast look-up for all that data.
Rubens
On Wed, Mar 1, 2017 at 7:49 AM, Nagarjun Govindraj via NANOG <
nanog@nanog.org> wrote:
> Hi n
Hi nanog,
Is it possible to maintian an IRR database locally for quering route
objects from various RIR's and do a regular sync like what RPKI validator
does for ROA's.
- Nagarjun
31 matches
Mail list logo
