[147635] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Is AS information useful for security?

daemon@ATHENA.MIT.EDU (Eric)
Thu Dec 15 21:06:42 2011

From: Eric <eric@roxanne.org>
In-Reply-To: <Pine.LNX.4.64.1112150933310.1202@whammy.cluebyfour.org>
Date: Thu, 15 Dec 2011 21:05:35 -0500
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

It's useful in terms of remediation as it can help identify through which "d=
oor" packets entered your  network.  Though, as others will undoubtedly poin=
t out, it's trustworthiness will depend upon how you derive the AS mapping a=
nd upon other security features  (e.g. uRPF)

-- Eric :)

> On Thu, 15 Dec 2011, Joe Loiacono wrote:
>=20
>> Is a good knowledge of either origin-AS, or next-AS with respect to flows=

>> valuable in establishing, monitoring, or re-enforcing a security posture?=

>> In what way?


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[147635] in North American Network Operators' Group

Re: Is AS information useful for security?

daemon@ATHENA.MIT.EDU (Eric)Thu Dec 15 21:06:42 2011

daemon@ATHENA.MIT.EDU (Eric)
Thu Dec 15 21:06:42 2011