://blog.cloudflare.com/radius-udp-vulnerable-md5-attack/
https://www.inkbridgenetworks.com/blastradius
Thanks
Sharon Goldberg
(for the Blast-RADIUS team)
https://www.blastradius.fail/
or module (the Agilent Z3816 and kin are of
> > this type).
>
> Does anyone know of any COTS NTP servers that are based on non-ancient
> Linux kernel versions? In 2012 we bought new GPS/CDMA NTP servers
> with OCXO that are based on Linux 2.4, but they are fiddly as you ca
With the caveat that if some of the servers are inside your own private
network then learning who the servers are might be less useful.
But this could be an issue for targets who use servers that are exclusively
on the public internet.
On Wed, May 11, 2016 at 3:15 PM, Sharon Goldberg wrote
are a bunch, so Joe Random Hacker isn't going to have a
> > high chance of guessing the servers your system is using.
>
> A determined attacker will just run servers in the official pool.
>
>
--
Sharon Goldberg
Computer Science, Boston University
http://www.cs.bu.edu/~goldbe
ooking_glass/
http://www-x.antd.nist.gov/rpki-monitor/
http://certification-stats.ripe.net/
http://rpki.surfnet.nl/index.html
But naturally it's harder to see who has turned on origin validation.
Sharon
--
Sharon Goldberg
Computer Science, Boston University
http://www.cs.bu.edu/~goldbe
On Fri, Apr 4, 2014 at 11:17 AM, Sharon Goldberg wrote>
>
>
> Actually, since this is NANOG, might as well ask:
>
> Do you all view filtering your downstream's downstreams as much more
> difficult than filtering only downstreams, or only stub ASes? Do you have
>
On Fri, Apr 4, 2014 at 1:15 AM, Mark Tinka wrote:
> On Friday, April 04, 2014 05:06:22 AM Sharon Goldberg wrote:
>
> > We also looked at prefix filtering and found that it has
> > better partial deployment characteristics. Our analysis
> > assumed that ISPs only filter
t;
> to the best of my knowledge, no one has looked at this for origin
> validation. sharon goldberg and co-conspirators have done a lot
> of work in the area, see her pubs at https://www.cs.bu.edu/~goldbe/.
> but the concentration seems to be on bgpsec which deploys quite
> differently
uld forward the survey to ops at other
organizations who may not be reading NANOG. Thanks all of you that
have responded so far!
Phillipa Gill (U of Toronto), Michael Schapira (Princeton), Sharon
Goldberg (Boston University)
y;
feel free to answer all of our questions, or just a few.
Thanks!
Phillipa Gill, Sharon Goldberg & Michael Schapira
6.8.1: "We test the robustness of our results... by
modeling traffic locality [the idea that ASes are likely to send more
traffic to ASes that are closer to them]..." Section 6.8.2 shows our results are
insensitive to this assumption.
Sincerely,
Phillipa Gill, Michael Schapira, and
ets."
Thus, while we cannot hope to accurately model every aspect of
interdomain routing, nor predict how S*BGP deployment will proceed in
practice, we believe that ISP competition over customer traffic is a
significant economic lever for driving global S*BGP deployment.
Sincerely,
Sharon Goldberg a
12 matches
Mail list logo
