NRW.social

2 Beiträge2 Beteiligte0 Beiträge heute

NLnet LabsA new release of Rotonda, our composable, programmable <a href="https://fosstodon.org/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> engine, is now available. Version 0.4.0 'Bold and Undaunting Youth' features and <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RPKI</a> RTR component, as well as Route Origin Validation on incoming routes. <a href="https://github.com/NLnetLabs/rotonda/releases/tag/v0.4.0" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/NLnetLabs/rotonda/releases/tag/v0.4.0</a>

Rudolph BottBGP Unnumbered with different vendors in 2025: not so fast, hotshot 🙂 <a href="https://blog.bott.im/bgp-unnumbered-in-2025-same-idea-different-implementations/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.bott.im/bgp-unnumbered-in-2025-same-idea-different-implementations/</a><a href="https://chaos.social/tags/juniper" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#juniper</a> <a href="https://chaos.social/tags/nokia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nokia</a> <a href="https://chaos.social/tags/bird" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bird</a> <a href="https://chaos.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://chaos.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://chaos.social/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a>

Stéphane Bortzmeyer<a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> Joli, un des rares cas dans la table de routage mondiale où l'origine est un AS_SET (ici à trois AS) : <a href="https://mastodon.gougere.fr/@bgp/114375106512755449" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mastodon.gougere.fr/@bgp/114375106512755449</a>

Stéphane BortzmeyerOulah, la doc' <a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> de Huawei qui dit que dans un AS_SET (un ensemble, au sens mathématique du terme), les AS sont dans un ordre aléatoire. Non, Huawei, ils ne sont pas ordonnés, c'est la définition d'un ensemble.<a href="https://mastodon.gougere.fr/tags/IlNeFautJamaisLireLaDoc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IlNeFautJamaisLireLaDoc</a>

IPng Networksoh, hey, AS8298 hit 1M IPv4 routes in the FIB today. Happy Easter!<a href="https://ublog.tech/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a>

gyptazyWhat do you guys do with your left-over (public) IPv4 addresses? And no, that’s meant for real :)<a href="https://mastodon.gyptazy.com/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#network</a> <a href="https://mastodon.gyptazy.com/tags/ISP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ISP</a> <a href="https://mastodon.gyptazy.com/tags/hosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hosting</a> <a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homelab</a> <a href="https://mastodon.gyptazy.com/tags/Ipv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ipv6</a> <a href="https://mastodon.gyptazy.com/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a> <a href="https://mastodon.gyptazy.com/tags/peering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#peering</a>

Stéphane Bortzmeyer<a href="https://mastodon.gougere.fr/tags/routage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#routage</a> <a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> Un million de routes dans l'Internet bientôt ? <a href="https://www.bortzmeyer.org/un-million-de-routes.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bortzmeyer.org/un-million-de-routes.html</a>

Stéphane Bortzmeyer% curl -s <a href="https://bgp.bortzmeyer.org/info" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bgp.bortzmeyer.org/info</a> OK: 1031455 IPv4 prefixes, 231602 IPv6 prefixes, 84853 ASWow, so much routes, amazing.<a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://mastodon.gougere.fr/tags/RIS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RIS</a>

Kushal Das :python: :tor:<a href="https://brainattic.in/2025/03/25/root-hints-vs-rfc-8806/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://brainattic.in/2025/03/25/root-hints-vs-rfc-8806/</a> <a href="https://toots.dgplug.org/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dns</a> <a href="https://toots.dgplug.org/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a>

Peter N. M. Hansteenrpki-client 9.5 released <a href="https://www.undeadly.org/cgi?action=article;sid=20250412123402" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.undeadly.org/cgi?action=article;sid=20250412123402</a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://mastodon.social/tags/rpkiclient" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rpkiclient</a> <a href="https://mastodon.social/tags/rpki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rpki</a> <a href="https://mastodon.social/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a> <a href="https://mastodon.social/tags/pki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pki</a> <a href="https://mastodon.social/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#crypto</a> <a href="https://mastodon.social/tags/cryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptography</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/routing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#routing</a> <a href="https://mastodon.social/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freesoftware</a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#libresoftware</a>

skorpyOH: "Tariffs on <a href="https://chaos.social/tags/IPv4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPv4</a>, so everything via <a href="https://chaos.social/tags/AS3320" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AS3320</a>?"<a href="https://chaos.social/tags/IPv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPv6</a> <a href="https://chaos.social/tags/IPvLegacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPvLegacy</a> <a href="https://chaos.social/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a>

gyptazyOops! The MXP01 (Italy) peer had some fuck ups, followed by some insane traffic f*ckups at 3AM & 6AM on the other instances.Rule Nr. 1: Even changing a single character can result in f*ckups. Always test!<a href="https://mastodon.gyptazy.com/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devops</a> <a href="https://mastodon.gyptazy.com/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a> <a href="https://mastodon.gyptazy.com/tags/peering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#peering</a> <a href="https://mastodon.gyptazy.com/tags/ipv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ipv6</a> <a href="https://mastodon.gyptazy.com/tags/traffic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#traffic</a> <a href="https://mastodon.gyptazy.com/tags/fail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fail</a> <a href="https://mastodon.gyptazy.com/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#network</a>

Erik van Straten<a href="https://chaos.social/@fleaz" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fleaz</a> : it's not MultiMultiFactorAuthentication but 1FA max.Assuming that you don't use those hardware keys to generate TOTP codes (which are pointless when confronted with the likes of <a href="https://infosec.exchange/tags/Evilginx2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Evilginx2</a>), but use WebAuthn instead (FIDO2 passkeys in hardware keys), everything depends on one factor: the domain name of the website.1️⃣ DV-CERTS SUCK It is not very common that certificates are issued to malicious parties, but it *does* happen now and then (<a href="https://infosec.exchange/@ErikvanStraten/112914050216821746" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/112914050216821746</a>).2️⃣ SUBDOMAINS Furthermore, sometimes organizations have "dangling" subdomain names. For example, test.example.commay point to the IP-adress of some cloud server no longer used by example.com. Anyone with write access to that server may install a fake "test.example.com" website and phish you to it. It *may* be used to phish your WebAuthm credentials *if* "example.com" does not explicitly *DENY* WebAuthn from "test.example.com".See <a href="https://github.com/w3ctag/design-reviews/issues/97#issuecomment-175766580" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/w3ctag/design-reviews/issues/97#issuecomment-175766580</a> for how Google prevents "sites.google.com" from authenticating to "google.com".3️⃣ DNS HACKED It may not be neccessary to execute BGP-hijacks to redirect network traffic to an impostor: it also all depends on how reliable DNS records are protected against unauthorized access. If the dude in charge for DNS uses a stupid password only, or the DNS provider is easily fooled into believing "I forgot my creds", it's game over. The crooks will obtain a DV-cert in no time, no questions asked, for free.4️⃣ All the bells and whistless are moot if there's an alternative way to log in (such as by using a 1FA rescue code) and the user is fooled into providing it (after they've been lied to that their WebAithn public key on the server became corrupted or was lost otherwise).5️⃣ Cloudflare MitM's https connections (it's not a secret: <a href="https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/</a>). The same applies to any server you log in to, which is accessible by untrustworthy personnel. They can steal your session cookie.6️⃣ In the end MFA/2FA is a hoax anyway, because the session cookie (or JWT or whatever) is 1FA anyway.Did I mention the risks of account lockout with hardware keys that cannot be backupped? And the mess it is to keep at least one other hardware key synchronized if it's in a vault? And the limitation of, for example, 25 WebAuthn accounts max? And (unpatcheable) vulnerabilities found in hardware keys? And their price? And how easy it is to forget or loose them?<a href="https://infosec.exchange/@odr_k4tana" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@odr_k4tana</a> <a href="https://infosec.exchange/tags/1FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#1FA</a> <a href="https://infosec.exchange/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#2FA</a> <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MFA</a> <a href="https://infosec.exchange/tags/JWT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JWT</a> <a href="https://infosec.exchange/tags/SessionCookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SessionCookie</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://infosec.exchange/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://infosec.exchange/tags/Yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Yubikey</a> <a href="https://infosec.exchange/tags/Titan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Titan</a> <a href="https://infosec.exchange/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNS</a>

Stéphane BortzmeyerAssociation entre adresse IP et ASDans les discussions au sujet du réseau Internet, on voit souvent passer des demandes sur l'AS associé à une adresse IP ou bien le contraire. Mais les questions simples du genre « de quel AS dépend une adresse IP ? » sont… trop simples.<a href="https://www.bortzmeyer.org/association-as-ip.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bortzmeyer.org/association-as-ip.html</a><a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://mastodon.gougere.fr/tags/whois" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#whois</a> <a href="https://mastodon.gougere.fr/tags/RDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RDAP</a> <a href="https://mastodon.gougere.fr/tags/RIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RIR</a>

gyptazyThe core router at KNS in the US like: "Am I joke to you?" - He's absolutely bored. <a href="https://mastodon.gyptazy.com/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#network</a> <a href="https://mastodon.gyptazy.com/tags/RUNBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RUNBSD</a> <a href="https://mastodon.gyptazy.com/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://mastodon.gyptazy.com/tags/IPv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPv6</a> <a href="https://mastodon.gyptazy.com/tags/core" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#core</a> <a href="https://mastodon.gyptazy.com/tags/boxybsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#boxybsd</a> <a href="https://mastodon.bsd.cafe/@BoxyBSD" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BoxyBSD</a>

Vitex<a href="https://f.cz/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://f.cz/tags/NyanCat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NyanCat</a>

The New Oil<a href="https://mastodon.thenewoil.org/tags/Cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cisco</a> <a href="https://mastodon.thenewoil.org/tags/IOSXR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOSXR</a> vulnerability lets attackers crash <a href="https://mastodon.thenewoil.org/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> on routers<a href="https://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

securityaffairs<a href="https://infosec.exchange/tags/Cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cisco</a> <a href="https://infosec.exchange/tags/IOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOS</a> <a href="https://infosec.exchange/tags/XR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XR</a> flaw allows attackers to crash <a href="https://infosec.exchange/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> process on routers <a href="https://securityaffairs.com/175421/security/cisco-ios-xr-flaw-cve-2025-20115.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/175421/security/cisco-ios-xr-flaw-cve-2025-20115.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a>

David BombalHuge CML update (Docker and more!)YouTube video: <a href="https://youtu.be/p08Lwpz-ilI" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/p08Lwpz-ilI</a><a href="https://infosec.exchange/tags/Sponsored" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sponsored</a> <a href="https://infosec.exchange/tags/ccna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ccna</a> <a href="https://infosec.exchange/tags/docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#docker</a> <a href="https://infosec.exchange/tags/bgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bgp</a> <a href="https://infosec.exchange/tags/ccnp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ccnp</a> <a href="https://infosec.exchange/tags/ccie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ccie</a> <a href="https://infosec.exchange/tags/cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cisco</a> Cisco

Stéphane Bortzmeyer<a href="https://mastodon.gougere.fr/tags/IETF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IETF</a> <a href="https://mastodon.gougere.fr/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a>"BGP Color-Aware Routing" We are going to paint the routers and the links?

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#bgp