banner
LightNews
jtk.infosec.exchange.ap.brid.gy
John Kristoff
@jtk.infosec.exchange.ap.brid.gy
39 followers 13 following 360 posts
UIC PhD candidate | https://Dataplane.org | Netscout. Internet infrastructure (#BGP, #DNS) and #infosec. Bit mechanic. Also: #Blues / tfr / #fedi22 🌉 bridged from ⁂ https://infosec.exchange/@jtk, follow @ap.brid.gy to interact
Dataplane.org
Posts Media Videos Starter Packs
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 5h
[Frame.work controversy]

Not interested in continuing a debate here. This is mainly for followers, some of whom I know are interested in the products and may want to know about this if they've not heard yet.

The Frame.work community forums, and to some extent other places (e.g., here, and on […]
Original post on infosec.exchange
infosec.exchange
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 1d
Cloudie Networks (#as924) "[...] will be sunsetting our shared hosting, reseller, and VPS services" on October 30, 2025.

Cloudie has arranged for iFog (#as34927), Paradox Networks (#as52025), and HyeHost (#as47272) to accept service migrations.
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 2d
Heard back from Dr. Neumann. RISKS is expected to return next weekend. Keeper of an email I won't share here.

ObFact from WikiPedia: "While a student at Harvard, he had a two-hour breakfast with Albert Einstein [...]"

How many compsci people do you know that can make a claim like that? :-)
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 2d
There is an ActivityPub proposal that involves the #dns.

I have only just discovered it and have not considered it deeply so I am reluctant to make any grand statements. It is not obvious to me why this is useful or better than alternative approaches. It appears to involve the use of TXT RRs […]
Original post on infosec.exchange
infosec.exchange
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 3d
I've been blocking lots of accounts the past few days thanks to the over (ab)use of a certain hashtag I follow.

One account that wasn't an obvious bot, at least to me, is approaching 400,000 toots/boosts in under 4 years. That is like 20 or 30 posts an hour on average!
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 3d
Monday jam: John Lee Hooker | Roll Your Daddy Right | https://song.link/y/48LGPdcqsFk #blues
Roll Your Daddy Right by John Lee Hooker
Listen now on your favorite streaming service. Powered by Songlink/Odesli, an on-demand, customizable smart link service to help you share songs, albums, podcasts and more.
song.link
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 4d
The Virginia Community College System (#as22845) had long been announcing two IPv4 prefixes, a /16 and a /24. Most of the /16 has now been disaggregated.

A variety of explanations could account for such a major change, such as:

1. Operational mistake
2. Prelude to re-allocate or transfer
3 […]
Original post on infosec.exchange
infosec.exchange
1
Reposted by John Kristoff
farrokhi.unix.family.ap.brid.gy
Babak Farrokhi :dns: @farrokhi.unix.family.ap.brid.gy · 5d
DNSDiag 2.8.1 is now available with DNS Cookie support, EDNS Client Subnet testing, automatic Extended DNS Error display, and DNS over QUIC/HTTP3 tracing.
This was also the perfect opportunity to fix the known bugs and make some quality of life improvements […]
Original post on unix.family
unix.family
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 5d
"This series is the result of careful analysis of UDP stack, to optimize the receive side, especially when under one or several UDP sockets are receiving a DDOS attack.

"I have measured a 47 % increase of throughput when using IPv6 UDP packets with 120 bytes of payload, under DDOS." […]
Original post on infosec.exchange
infosec.exchange
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 6d
Weekend Reads

* HTTP edge cases for devs
https://blog.dochia.dev/blog/http_edge_cases/
* Geolocation and Starlink
https://www.potaroo.net/ispcol/2025-09/starlinkgeo.html
* Research & education net routing policy dynamics
https://catalog.caida.org/paper/2025_r_e_routing_policy
* Benchmarking EOL […]
Original post on infosec.exchange
infosec.exchange
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 6d
Speaking of old school, it doesn't get much older than the TELECOM Digest. Sadly it looks it may have ended just a couple years ago. Some truly amazing history for #networking people to explore.

http://www.telecom-digest.org/
Telecom Digest and Archives
This page is about telecommunications, telephone companies, and related topics.
www.telecom-digest.org
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 7d
The venerable Risks Digest has not been published in a couple of months. Checking to see if this is intentional break or not.

Now I expect many reading this to either be learning of Risks for the first time or realize they've forgotten about it. Old school.

https://catless.ncl.ac.uk/Risks/
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 7d
I had just assumed Steve Bellovin was in the Internet Hall of Fame, but he's not.This seems like something that needs remedying when nominations open up again.
1 6
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 7d
@bagder Initially just QUIC with OpenSSL is what I was waiting for to roll out.
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 7d
@bagder I have not used it yet, but I would like to eventually do some measurement experiments. Along with some ECH tests.

Last I checked I can't do either without building from feature branches, which was just inconvenient enough for something that wasn't a priority. On my todo list if that […]
Original post on infosec.exchange
infosec.exchange
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 8d
Sad to report, a colleague and friend to many in the network operator community, Fearghas McKay, spouse to the late Susan Forney, heavily involved in RIPE, NANOG, and other groups has suddenly and unexpectedly passed away. He will be missed.
1 3
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 9d
@doachs It kind of looks like the v6 traffic is more real-time user-driven than t the v4 if I'm seeing the peaks and valleys of a typical working day correctly.

If so, I'd guess that would make sense for the typical big content providers that see that usage.

Is this also a lot of QUIC to/from […]
Original post on infosec.exchange
infosec.exchange
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 10d
@jerry @mastometrics Yea, I think so. The dev @robertvh seems to have lucked funds and maybe interest in Mastodon altogether.
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 10d
Whoops, trying to browse to mastometrics.com results in a Cloudflare "Error 1000 DNS points to prohibited IP".

Not sure anyone uses that much anymore, but I know @icecubesapp has built-in capability to integrate with it.
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 10d
Monday jam: Junior Kimbrough | Nobody But You | https://song.link/us/i/1088127591 #blues
Nobody but You by Junior Kimbrough
Listen now on your favorite streaming service. Powered by Songlink/Odesli, an on-demand, customizable smart link service to help you share songs, albums, podcasts and more.
song.link
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 11d
CoChen (#as49608), recently went offline. Their website suggests they provide circuits to businesses and consumers in select markets in HK, JP, KR and US.

Seems unlikely. They were single homed behind Kaopu Cloud. They were announcing a handful of leased IP4 blocks. Previous BGP upstreams were […]
Original post on infosec.exchange
infosec.exchange
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 13d
Weekend Reads

* Monitoring AS-SETs
https://blog.cloudflare.com/monitoring-as-sets-and-why-they-matter/
* IX LAN broadcast traffic
https://blog.benjojo.co.uk/post/ixp-bad-broadcast-packets-interesting
* Cryptocurrency mania as groupthink insight […]
Original post on infosec.exchange
infosec.exchange
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 13d
ColoCrossing, now HostPapa, (#as36352) is starting to provide #ipv6 assignments and connectivity to dedicated servers in their Buffalo location. Other locations and VMs purportedly coming soon.

This is kind of a big deal in some circles, because they are one of the oldest, biggest, and last […]
Original post on infosec.exchange
infosec.exchange
1
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 14d
@farrokhi I've seen some suggest those tokens are spoofed in the hope the server gives a better preview.
jtk.infosec.exchange.ap.brid.gy
John Kristoff @jtk.infosec.exchange.ap.brid.gy · 14d
facebookexternalhit/1.1 Facebot Twitterbot/1.0

If you see that in a user agent string in your web logs, someone at or behind the source address has probably shared the URL in an Apple iMessage as a result of the link preview function.

Enabling Lockdown Mode on the iPhone should prevent that […]
Original post on infosec.exchange
infosec.exchange
1