Re: Security alert aggregator?
On 9/16/19 4:50 PM, David Hubbard wrote: Curious if anyone knows of a security alert aggregation service? For example, go and plug in all the various vendors hardware and software packages your enterprise uses, and then the service subscribes to all the random RSS feeds, CVE lists, vendor mailing lists, etc. to feed you the data instead of needing staff to write something custom, and then have checks to ensure the custom thing is still pulling from the right location, etc. Thanks There's always the US CERT Bulletins, which aggregate CVEs into a handy list and is published as an RSS feed: https://www.us-cert.gov/ncas/bulletins -- Joel Whitehouse Software Developer +1.319.521.7762
Re: Initial ARIN IPv4 membership and resource request
On 2/6/19 2:53 PM, Nathanael Catangay Cariaga wrote: Dear NANOG, does someone here have a breakdown of the initial ARIN fees / cost assuming I'll be requesting an initial block of /22 IPv4 resource? Regards, -nathan See ARIN's official fee schedule at: https://www.arin.net/fees/fee_schedule.html
Re: IPv6 Unique Local Addresses
On 03/02/2018 02:40 PM, Matthew Kaufman wrote: Exactly what Matt Harris says here... ULA is free. Space obtained from ARIN is not. You want to discourage someone from doing the right thing, charge a lot for that. The ARIN fee schedule for an ASN and a /40 has an amortized annual cost approximately equal to a 2TB hard drive. Is that really too much to bear for a business running a critical network service? -- Joel Whitehouse
Google DNS64 misconfigured?
I had an ipv6-only lab environment cease being able to browse much of the internet on Monday. Tracked the issue down to google's public DNS64 service; the following queries should return DNS64 responses from the 64:9bff::/96 prefix, however, I'm getting 0 DNS64 answers from dig on both their servers for the last 60 hours: dig @2001:4860:4860::64 ipv4only.arpa dig @2001:4860:4860::6464 ipv4only.arpa DNS works fine, just not DNS64. A forum topic [0] suggests this behavior might be intermittent but no official response from google there. Is google's public DNS64 down for anyone else? [0] https://groups.google.com/d/topic/public-dns-discuss/dD_lSPfqXHA/discussion -- Joel Whitehouse
IPv6 first hop security on a budget?
What's a good budget option for switching a small lab or office ipv6 with RA Guard, DHCP6 snooping, and ICMP6 snooping?