Ingress filtering on transits, peers, and IX ports
Seth Mattinen
sethm at rollernet.us
Wed Oct 14 03:36:33 UTC 2020
On 10/13/20 8:04 PM, Eric Kuhnke wrote:
> If I had a dollar for every 'scary security alert' email received in a
> NOC email inbox from a 'security researcher group' that is the results
> of a port scan, or some small subset of trojan infected residential
> endpoint computers attempting outbound connections on
> ($common_service_port), or similar...
>
I get stupid automated "abuse" notices all the time about being an evil
haxx0r, which is actually just having egress proxy enabled on GGC.
The most crazy email I've had so far was saying that I "breached Section
4 of the Terms and Conditions of the domain" and that my as (the AS the
GGC nodes are behind) is "to immediately cease and desist" followed by a
bunch of BS about how their IP addresses are restricted and no crawl
rights have been granted blah blah blah.
More information about the NANOG
mailing list