PC: Mohan Thomas At SANOG 37, I had the opportunity to share some of the ways in which we have been doing Threat Hunting using DNS at my $dayjob. Here is the video of the presentation. https://youtu.be/S3IuZgt61pA?t=9667 I also had a little demo but I decided to improvise and add slides instead, since the program was running a little behind schedule and I was the only one standing between everyone and their lunch.

Over the course of the last year, the Flat Network at home has become an important extension of the enterprise network. Figure 1 - A simple representation of a flat network What is a flat network? The network is not segmented i.e computers/devices can access any other computer/device in the network A simple design with the goal to reduce cost, maintenance and administration From a security perspective, the design poses a few challenges,

tl;dr If Jio VoWiFi isn’t working for you, set a different DNS resolver on the phone. While I am a big proponent of running your own resolver in the network, ( runyourownresolver.in ) , you could test by using open resolvers. The issue doesn’t seem to be impacting everyone and only a subset of users. To begin with, there are multiple things broken in the authoritative name servers ns1.vowifi.jio.com. and ns2.

Image shows the locations of the root server IP Anycast instances. Source: https://root-servers.org/ Current State of DNS Root Servers The DNS root server system uses IP Anycast.There are 13 root server operators with a total of 1084 instances all over the world. Let’s look at some of the problems in the context of the root server system, Decrease the round trip time to the root servers The round trip time to the root servers is dependent on multiple factors.

Note - The FreeBSD Logo and the mark FreeBSD are registered trademarks of The FreeBSD Foundation and are used by Swapneel Patnekar with the permission of The FreeBSD Foundation. With COVID-19 having disrupted NOG meetings, conferences and onsite trainings, I have decided to jump on the webinar bandwagon and experiment a bit. On 8th June, I presented an introduction to FreeBSD to students and faculty from different colleges. 84 registered and about half of them attended the webinar.

Update (06/08/2020) - APNIC has published this post on their blog. Robbie Mitchell from APNIC was of great help in correcting a few things and polishing the article. You can read the Part 1 on the APNIC blog here DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While on the surface, users rely on accessing websites, apps, email etc underneath it’s the DNS database which provides the map for the Internet.

DNS root servers are the heart of the DNS infrastructure. Although there are just 13 of them, the actual number comprises of 1084 instances in Anycast operated by 12 independent root server operators. A recent study by ICANN OCTO on Analysis of the Effects of COVID-19-Related Lockdowns on IMRS Traffic shed some light on DNS traffic patterns before COVID-19 and during. While the study looked at the ICANN Managed Root Server Instance (IMRS) i.

While this is not something new, it perhaps has more significance because of the ever increasing market share of more than 60% of Chromium based browsers. Chromium based browsers have a very uncanny method to check if the web browser is sitting behind a captive portal. And if you’re running a recursive resolver in your network with a large user base running Chromium based browsers (Google Chrome, Brave etc), it might even startle you if you observe the recursive resolver logs.

The Shadowserver Foundation releases and updates a scan report containing results for open resolvers on the Internet. Open resolvers basically respond to any a DNS queries from anyone on the Internet. Open resolvers are bad for the Internet primarily because they are a catalyst in a DNS amplification attack. A Domain Name Server (DNS) Amplification attack is a popular form of Distributed Denial of Service (DDoS), in which attackers use publicly accessible open DNS servers to flood a target system with DNS response traffic.

A few months ago, Pranesh had asked if there are any universities in India that have their own ASN. https://twitter.com/pswapneel/status/1172821340736241666?s=20 I think the answer warrants a few more details. AS132785Shiv Nadar UniversityAS137282KIIT UniversityAS133552B.M.S College Of EngineeringAS38872Indian School of BusinessAS137617Indian Institute Of Management, AhmedabadAS136304Institute Of Physics, BhubaneswarAS138231Indian Institute Of Information Technology, AllahabadAS137956Indian Institute of Technology, RoparAS134901Indian Institute Of Science Education And ResearchAS132749Indraprastha Institute of Information Technology, DelhiAS2697ERNET (Education and Research Network) India (Also peers with AS55824 - NKN Core Network)