Posted:
The ICANN DNS Symposium concluded today. It was about 3 hours of talks for the past 3 days. Four talks each day. For me it started at 5:00 am and I didn’t always make it on time and I left early a couple of times. This is a very brief summary since I didn’t take very detailed notes and the presentations are not yet online to review. Materials should appear on the IDS page in due time. Read more...
Posted:
The DataPlane.org telnetlogin feed is now publicly available. It looks much like other feeds with the usual set of entry attributes: an IPv4 or IPv6 address, associated route origin information (ASN and AS name), the most recent time stamp of the event in the past 7 days, and the feed name. This feed is derived from TELNET sensors that mimic, but do not implement an actual TELNET server service. The telnetlogin feed reports on clients sending login and password credentials after a TCP port 23 connection to a sensor in the wild. Read more...
Posted:
The DataPlane.org smtpgreet and smtpdata feeds are now publicly available. Both look much like other feeds with the usual set of entry attributes: an IPv4 or IPv6 address, associated route origin information (ASN and AS name), the most recent time stamp of the event in the past 7 days, and the feed name. The distinction between the two feeds is the extent of SMTP client behavior observed. Both feeds are derived from SMTP sensors that are neither advertised nor intended to be used for any actual delivery of legitimate email. Read more...
Posted:
The DataPlane.org proto41 feed is now publicly available. The proto41 feed identifies IPv4 addresses that have been observed as open IPv6 over IPv4 tunnel relays. This feed at once becomes the largest and in some ways the most unique DataPlane.org produces. This is the first project feed based on active network surveying rather than relying on a network of passive sensors. This feed is not only unique to DataPlane.org, but as far as I can tell, the first anywhere to report on open IPv6 tunnel relays. Read more...