📰 Noction IRP v4.3 Launches with Automated DDoS Detection and Routing-Native Mitigation
Noction releases IRP v4.3 with Automatic Anomaly Detection! 🛡️ The new feature provides rapid, automated DDoS detection & mitigation using routing-native tools like BGP FlowSpec and RTBH to protect networks at the edge. #DDoS #BGP #NetOps #CyberSec...
Looking for a sponsoring LIR for my ASN.
I run a small non‑commercial network with a WireGuard uplink via Route64 and plan a second upstream (HE POP) for redundancy and BGP/IPv6 learning.
I can maintain IRR/RPKI. Any LIR willing to sponsor an ASN is welcome.
#BGP #ASN #IPv6 #Multihoming #HomeLab #NetOps #NetworkEngineering #RIPE #LIR #NOG #PLNOG #DENOG #NLNOG #UKNOF #Routing #Sysadmin #Route64 #HurricaneElectric
I love velcro cable ties. If you haven’t tried them, it may change your life (in a small positive way).
Pour finir, l’info a fait son chemin
jusqu’à la mailing-list des administrateurs de relais #tor.
Donc c’est bien une des campagnes ...académiques de sensibilisation de masse.
Mais comme souvent, au final ça suscite plus de questions que de réponses,
vu qu’on parle d’une attaque au niveau AS / BGP.
Thread côté Tor
👇
https://lists.torproject.org/mailman3/hyperkitty/list/tor-relays@lists.torproject.org/thread/R5IUD5DJBBJXJ3Q3YXY3HLDLDHA6AO57/
Et bien évidemment, ça déclenche des réactions très humaines 😅
Extrait qui résume assez bien l’ambiance :
“ Is the stated vulnerability an actively exploited problem or is this a DoS attack by scaremongering?
My guess is it is neither. I would be that it's just some over-excited
researchers who want to get the news out about just how awful BGP is.
But, while it is "exploitable", there's not much that can be done with
it. All an attacker could do is cause the connections destined for your
relay to go to their servers instead. But crucially, they do not have
your relay key, so all other relays and clients would refuse to connect
to them..”
Bref,
je vais quand même ouvrir un ticket chez Scaleway,
histoire de voir ce qu’ils en pensent de leur côté.
You are in an admin/programmer/devops role. When you look for a solution to a problem, what is the ratio of time reach for AI first? In this poll, "Other" includes official docs, howto posts, video tutorials or similar things.
Just signed up my AS space for @greynoise. Curious to see what will land in my inbox as we're tiny, but it can't hurt...
RE: https://c7.io/@snullp/115618731200733871
关于pfSense的一个小细节(其他网关应该也一样):对于有状态的连接,规则匹配策略严格遵循握手时的方向,之后这个连接的所有数据包都匹配相同的规则,无论方向如何。
当规则包含Limiter等高级设置时,事情就变得有趣了。举个例子:你想用Limiter限制某个本地IP(比如在pfSense的LAN子网下)的下载速度,而下载连接是由这个IP发起的,连接到外部服务器。
那么你需要为LAN接口(而不是WAN)设置规则,将要限制的IP放在Source字段(!),并将Limiter应用到Out方向。
解释:握手方向实际上是从这个IP到外部服务器,所以这个连接的所有数据包在匹配规则时都应用握手时的方向(source为本地IP,target为外部服务器)。即使实际的下载数据包是从外部服务器发送到这个IP的。这有点违反直觉。
关于Limiter方向,这是因为下载数据包离开pfSense发送到这个IP,所以是out方向。
同样,如果这个IP向外网开放了端口,连接是由外部发起的,那么从外部发送到此IP的数据包则不受上述Limiter限制,尽管在两种情况下数据都是从外部发送到这个IP的。
A small quirk about pfSense (should be the same for other gateways): For stateful connections, the Rules matching strategy strictly follows the direction during the handshake, and thereafter all packets of this connection match the same Rules *regardless of direction*.
Things become interesting when a Rule includes advanced settings like Limiters. For example: you want to use a Limiter to restrict the download speed of a local IP (say, under pfSense's LAN subnet), and the download connection is initiated by this IP, connecting to an external server.
Then you need to set up a Rule for LAN interface (not WAN), put the IP to be limited in the Source field(!), apply the Limiter to the Out direction.
Explanation: The handshake direction is actually from this IP to the external server, so all packets of this connection apply the direction from the handshake when matching rules (source is the local IP, target is the external server). Even though the actual download packets are sent from the external server to this IP. This is somewhat counterintuitive.
Regarding the Limiter direction, it's because download packets leave pfSense heading to this IP, so it's the out direction.
Similarly, if this IP has opened a port to the external network and the connection is initiated from outside, then packets sent from outside to this IP are not subject to the Limiter restriction mentioned above, even though in both cases data is being sent from outside to this IP.
⚠️ Most breaches don’t require genius — just opportunity.
Attackers don’t need zero-days. They exploit what’s already exposed:
• Default creds still active
• Config drift no one monitors
• Cloud misconfigs after updates
• APIs exposed by accident
We’re building autonomous agents to close those gaps 24/7 at HACKTIVATE LABS.
The Reality:
Most orgs don’t need more security staff —
they need faster decision loops.
Executed by agents that never sleep.
What we’re testing now:
🧠 AI agents that shape the threat surface in real time
🛰️ Pre-attack recon using live intel feeds
⚔️ Automated red team prep using CVE correlation
🔄 Defense loops that execute without human approval
The goal isn’t alerts.
The goal is autonomous containment.
💬 If you’re building in #AIsec, #Cybersecurity, or #DevSecOps — let’s align.
Tag your team or @mention someone who should see this.
#Automation #RedTeam #AISecurity #SOC #NetOps #SecurityFuture #AIagents
RE: https://infosec.exchange/@Hacktivate/115582254829761849
⚠️ Most breaches don’t require genius — just opportunity.
Here’s what attackers actually exploit:
• Default creds still active
• Config drift no one monitors
• Cloud misconfigs after updates
• APIs exposed by accident
We’re building autonomous agents to close those gaps 24/7.
If you’re in #Cybersecurity #AIsec or #DevSecOps — let’s talk.
Tag a team that needs this operational.
⚠️ Most breaches don’t require genius — just opportunity.
Here’s what attackers actually exploit:
• Default creds still active
• Config drift no one monitors
• Cloud misconfigs after updates
• APIs exposed by accident
We’re building autonomous agents to close those gaps 24/7.
If you’re in #Cybersecurity #AIsec or #DevSecOps — let’s talk.
Tag a team that needs this operational.
RE: https://infosec.exchange/@Hacktivate/115581917628259124
⚡ 3 Fast Checks Every Network Should Run Today
1️⃣ Unknown devices on VLANs?
2️⃣ Unused open ports pre-attack?
3️⃣ Default creds still active anywhere?
You don’t need a full audit — just a disciplined recon loop.
AI + automation makes this continuous.
#Cybersecurity #AIsec #NetOps #DevSecOps
Want micro playbooks or scripts? @mention me.
If I see another MTU issue this week, I swear I’ll manually fragment myself into 512-byte chunks and yeet them across the network just to make a point.
Ever get pulled into a cloud troubleshooting call for a cloud you don't know? Forward Enterprise quickly cuts through the noise to get you the insights you need. #CloudOps #NetOps #NDT #ForwardNetworks #Troubleshooting https://youtu.be/6EDVLGf1cDs?si=0g1lTCNofDvZLV_N
I'm going to be actively looking for work later in the year with a view to starting a new role at the beginning of next year.
Basics here:
https://www.linkedin.com/in/adam-sweet-4531b7b/
Job offers or suggestions on how to better present myself welcome
@jpmens - I am convinced, the #netops team put more effort into the DNS service, than the PA team on the website.
Jokes aside: Since the start of the project, I felt various times, that the website's quality and information is not en par with what should be expected from a project of that scale. Without following the actual stakeholder meetings, you would have had a hard time on keeping up. Updates on the project were very loosely and irregularly shared, if at all. The public meetings however were very helpful. Yet I would have expected more from a project that aims for the reach of 450 million EU citizens.
Productive morning:
* Fitted new UPSs
* All my home Cisco FW+R+S infrastructure upgraded to latest releases
* Broken out the core network segment into second rack
* New Catalyst switch wired in for second NAS and lab kit
* Firewall logs now go to SIEM (finally got around to fixing the access-list!)
* MRTG configs updated
Afternoon question, should I build a second domain controller on the lab LAN?
Me: netbox is like bitwarden for datacenter stuff!
G: yeah exactly haha, grumpy it rep goes over to grumpy netops guy "grrs" in "where address" "grunts" in "check source truth"
G: both go on about their day hunting problems with clubs >_<
#it #iit #infotech #infosec #datacenters #netops #worklife #cavemen #convosfromtheoffice
