Re: Security alert aggregator?

2019-09-16 Thread Joel Whitehouse 

On 9/16/19 4:50 PM, David Hubbard wrote:
Curious if anyone knows of a security alert aggregation service?  For 
example, go and plug in all the various vendors hardware and software 
packages your enterprise uses, and then the service subscribes to all 
the random RSS feeds, CVE lists, vendor mailing lists, etc. to feed you 
the data instead of needing staff to write something custom, and then 
have checks to ensure the custom thing is still pulling from the right 
location, etc.


Thanks




There's always the US CERT Bulletins, which aggregate CVEs into a handy 
list and is published as an RSS feed:


https://www.us-cert.gov/ncas/bulletins

--
Joel Whitehouse
Software Developer
+1.319.521.7762

Re: Initial ARIN IPv4 membership and resource request

2019-02-06 Thread Joel Whitehouse 

On 2/6/19 2:53 PM, Nathanael Catangay Cariaga wrote:
Dear NANOG, does someone here have a breakdown of the initial ARIN fees 
/ cost assuming I'll be requesting an initial block of /22 IPv4 resource?



Regards,

-nathan



See ARIN's official fee schedule at:

https://www.arin.net/fees/fee_schedule.html

Re: IPv6 Unique Local Addresses

2018-03-04 Thread Joel Whitehouse 

On 03/02/2018 02:40 PM, Matthew Kaufman wrote:

Exactly what Matt Harris says here... ULA is free. Space obtained from ARIN
is not. You want to discourage someone from doing the right thing, charge a
lot for that.



The ARIN fee schedule for an ASN and a /40 has an amortized annual cost 
approximately equal to a 2TB hard drive.  Is that really too much to 
bear for a business running a critical network service?


--
Joel Whitehouse

Google DNS64 misconfigured?

2017-09-27 Thread Joel Whitehouse 
I had an ipv6-only lab environment cease being able to browse much of 
the internet on Monday.  Tracked the issue down to google's public DNS64 
service; the following queries should return DNS64 responses from the 
64:9bff::/96 prefix, however, I'm getting 0 DNS64 answers from dig on 
both their servers for the last 60 hours:


dig @2001:4860:4860::64 ipv4only.arpa 
dig @2001:4860:4860::6464 ipv4only.arpa 

DNS works fine, just not DNS64.  A forum topic [0] suggests this 
behavior might be intermittent but no official response from google 
there.  Is google's public DNS64 down for anyone else?



[0] 
https://groups.google.com/d/topic/public-dns-discuss/dD_lSPfqXHA/discussion

--
Joel Whitehouse

IPv6 first hop security on a budget?

2017-05-05 Thread Joel Whitehouse 
What's a good budget option for switching a small lab or office ipv6 
with RA Guard, DHCP6 snooping, and ICMP6 snooping?