As returning readers of this blog would be aware - I found a trick to find Facebook caching servers around the world during the APRICOT 2018 hackathon. Since then I am running my code again every year to see the changes and publish this report. Previous reports March 2018 here Nov 2019 here April 2021 here Facebook knows! Back in 2019, I was in San Francisco, California for NANOG 75. While roaming around in the lobby, someone read the NANOG card hanging around my neck and greeted me. His 2nd ...| Personal blog of Anurag Bhatia
In June 2025 we activated a new AuthDNS node, hosted at Maharlika IX in Makati City, Manilla Metro, Philippines. In this article we look at what impact this had for DNS clients in the country as well as to the AuthDNS system as a whole.| RIPE Labs
Hello, Community! Customers and holders of contributor subscriptions can now download VyOS 1.4.3 release images and the corresponding source tarball. This release includes fixes for CVE-2024-3596 (BlastRADIUS) — a vulnerability in the RADIUS PAM module that made it possible (even if not easy) for an attacker capable of active MitM to forge a server response and log in to a vulnerable system without valid credentials. It also fixes over seventy bugs and adds a few new features. Those featur...| VyOS - Blog
Future capabilities of quantum attackers will present a host of new vulnerabilities for RPKI. A research student from SIDN Labs presents the first work on post-quantum cryptography for the RPKI, establishing the foundation for making this critical Internet infrastructure quantum-safe.| RIPE Labs
In this article, we introduce openPenny, an open-source traffic checker currently under development as part of the RIPE NCC Community Projects Fund. The goal of openPenny is to help network operators identify non-spoofed traffic arriving at unexpected entry points: this offers a new primitive to detect routing misconfigurations, evaluate policy or commercial adjustments, and defend against security threats such as BGP hijacks.| RIPE Labs
Bridge firewall improvements, ongoing configuration system rework, and many bug fixes. #vyos #project #update| blog.vyos.io
BGP is the de facto routing protocol for inter-domain routing, or in other words, the global internet. It’s used to exchange routing information among autonomous systems around the entire world. Therefore, it’s extremely important we do what we can to secure BGP communications, what we advertise, and the methods we use to create peering relationships.... Continue Reading →| {networkphil}
Over forty bug fixes, faster BGP convergence, safer upgrades, BRAS improvements, and more! #vyos #release| blog.vyos.io
Hello, Community! It's spring in the northern hemisphere, and here's the March update. A lot of our effort is currently going into the development of the accelerated dataplane based on VPP: We added a prototype of IPsec, and we are actively working on support for NAT. But there are many other updates, including a fix for a vulnerability in service console-server, support for loading firewall groups from a URL, an option to set a custom container registry, and more. Read on for details!| VyOS - Blog
These are notes taken during and after the 38C3 conference in Hambourg. Notes might be a bit sketchy at times I went to this session because I don't know anything about BGP and how it works. It was a bit hard to follow, but I got some knowledge out of …| (not) my ideas
Hello, Community! While VyOS 1.4/Sagitta has taken its final shape, and we are working to smoothen any remaining sharp edges (especially in migration scripts), the upcoming 1.5/Circinus branch is the new frontier where we can go wild and experiment freely. Safe features from the current branch are still backported to 1.4/Sagitta. Still, we already have non-back portable features — such as improvements to the new DHCP server implementation based on Kea rather than the now-obsolete ISC DHCP s...| VyOS - Blog
Hello, community! Curious what we've been up to in January? Our main focus is the final stabilization of the 1.4.0/Sagitta branch, and we will soon make the first EPA (Early Production Access) release — after that point, config syntax and behavior will not change in the 1.4 LTS release lifetime, and all radical changes will go to the upcoming 1.5/Circinus branch. Quite a lot of things are happening in the development branch, and many of those improvements are also backported to 1.4, includi...| VyOS - Blog
Hello, Community! VyOS 1.4.0-rc3 image is now available for everyone to download and test. We are grateful to everyone who helped us test previously release candidate images. Thanks to your bug reports and pull requests, we fixed many bugs, including two that could cause the system to lock up at startup or shut down! We also did a lot of internal refactoring in January, but this image still has quite a few new features, including support for obtaining certificates from ACME providers (such as...| VyOS - Blog
数据中心的网络和家用网络有很大不同,家用网络一个小路由器就够了,挂了的话,就忍受一下没有网络的时间,然后去网上下单再买一个换上。数据中心可不行,所有的东西都要设计成高可用的。| www.kawabangga.com
Disclaimer: this post is going to be quite geeky. So this is not the kind of post you want to read if you don’t need this stuff. But hey, I needed to tell someone after getting this to work, …| Cloudtrooper
To make you more familiar with the concepts of network routing and to get acquainted with the reputable vendors of network routers, we have prepared a number of blogs as a series, the different parts of which are as follows: Part 1 - What is a Network Router? Routing Terms (Such as Routing Protocols, and [...] The post Network Routing: Part 1 – What is a Network Router? Routing Terms (Such as Routing Protocols, and Types of Routers) appeared first on ITperfection - Network Security.| ITperfection – Network Security
This post is part of our MANRS Basics series intended for non-experts interested in learning more about routing security.| MANRS
U.S. agencies want to secure the Border Gateway Protocol, but experts question whether their approach could worsen security.| CyberScoop
By Henry Birge-Lee, Grace Cimaszewski, Liang Wang, Cyrill Krähenbühl, Kerstin Fagerstrom, and Prateek Mittal Today we are announcing the development of a| Freedom to Tinker
Designing network connectivity in public cloud can very quickly become a daunting task. Of course, public cloud providers do offer native networking services, and with those it is fairly easy. This…| Cloudtrooper
Last month, Amazon lost control of its cloud-based IP address pool for more than three hours, which allowed cyber criminals to steal $235,000 from users of one of AWS’s customers. Using BGP hijacking, hackers gained control over a pool of 256 IP addresses. Briefly describing the BGP protocol, it is a backbone – the basis ...| research.securitum.com