[zanog-discuss] Cloud Innovation Displays Very Poor, If Not Criminal, Netizenship

Ronald Bartels ronald at amastelek.com
Mon May 11 09:31:15 SAST 2020


Good morning —n.

Beer is fermented, not stale.

I have been using threat intelligence to remove the riff raff from business
links.  Although a person can check if it is working using Wireshark, that
definitely does not scale.  One of the tools I went back to using even
though it costs 500 Euro is NTOPNG.  I use it on a mirror port as I really
tried the flow stuff but invariably it isn't designed for an ISP backbone
but more like a link less than 50 mbs.  After getting Elastiflow working, I
melted the box whenever I pointed any large flow to it.  It uses java..

This list includes hijacked IPs:
http://iplists.firehol.org/?ipset=firehol_level4 This (or any other) list
can be loaded into NTOPNG and the traffic from that list is visualized.  So
if you can curate your stale stuff into a list then it will display it.

PS: https://apility.io/search/156.241.3.0
https://talosintelligence.com/reputation_center/lookup?search=156.241.3.0
seems to be ok and not being used for any dodgy stuff.  It just states that
its in Hong Kong?

-----Original Message-----
From: Nishal Goburdhan <nishal at controlfreak.co.za>
Sent: Saturday, 09 May 2020 17:27
To: Ronald Bartels <ronald at amastelek.com>
Cc: zanog-discuss at lists.nog.net.za
Subject: Re: [zanog-discuss] Cloud Innovation Displays Very Poor, If Not
Criminal, Netizenship

On 9 May 2020, at 12:58, Ronald Bartels via zanog-discuss wrote:

> Did you find some beer?

so stale routing objects, are a bad thing, eh?  if only there was some
annoying system/person that would routinely send us reminders to ch..
ooooooohhhh!!!

—n.

ps.  s/o to the vox team, who have done a fantastic job of cleaning up, not
just their address space, but working with their clients to do the same.


More information about the zanog-discuss mailing list