[zanog-discuss] Cloud Innovation Displays Very Poor, If Not Criminal, Netizenship

Ronald Bartels ronald at amastelek.com
Mon May 11 09:57:31 SAST 2020


https://github.com/netenglabs/suzieq

This seems like an interesting project to monitor routing tables - freshly
released.

-----Original Message-----
From: Ronald Bartels <ronald at amastelek.com>
Sent: Monday, 11 May 2020 09:31
To: 'zanog-discuss at lists.nog.net.za' <zanog-discuss at lists.nog.net.za>
Subject: RE: [zanog-discuss] Cloud Innovation Displays Very Poor, If Not
Criminal, Netizenship

Good morning —n.

Beer is fermented, not stale.

I have been using threat intelligence to remove the riff raff from business
links.  Although a person can check if it is working using Wireshark, that
definitely does not scale.  One of the tools I went back to using even
though it costs 500 Euro is NTOPNG.  I use it on a mirror port as I really
tried the flow stuff but invariably it isn't designed for an ISP backbone
but more like a link less than 50 mbs.  After getting Elastiflow working, I
melted the box whenever I pointed any large flow to it.  It uses java..

This list includes hijacked IPs:
http://iplists.firehol.org/?ipset=firehol_level4 This (or any other) list
can be loaded into NTOPNG and the traffic from that list is visualized.  So
if you can curate your stale stuff into a list then it will display it.

PS: https://apility.io/search/156.241.3.0
https://talosintelligence.com/reputation_center/lookup?search=156.241.3.0
seems to be ok and not being used for any dodgy stuff.  It just states that
its in Hong Kong?


More information about the zanog-discuss mailing list