Writings from Justin Wilson
https://gizmodo.com/for-20-years-the-nuclear-launch-code-at-us-minuteman-si-1473483587
Those in the U.S. that had been fitted with the devices, such as ones in the Minuteman Silos, were installed under the close scrutiny of Robert McNamara, JFK’s Secretary of Defence. However, The Strategic Air Command greatly resented McNamara’s presence and almost as soon as he left, the code to launch the missile’s, all 50 of them, was set to 00000000.
The following is from http://routing.he.net/algorithm.html . This outlines the criteria HE.NET uses for filtering routes from peers and customers.
This is the route filtering algorithm for customers and peers that have explicit filtering:
1. Attempt to find an as-set to use for this network.
1.1 Inspect the aut-num for this ASN to see if we can extract from their IRR policy for what they would announce to Hurricane by finding export or mp-export to AS6939, ANY, or AS-ANY.
1.2 Also see if they set what looks like a valid IRR as-set name in peeringdb.
2. Collect the received routes for all BGP sessions with this ASN. This details both accepted and filtered routes.
3. For each route, perform the following rejection tests:
3.1 Reject default routes 0.0.0.0/0 and ::/0.
3.2 Reject paths using BGP AS_SET notation (i.e. {1} or {1 2}, etc). See draft-ietf-idr-deprecate-as-set-confed-set.
3.3 Reject prefix lengths less than minimum and greater than maximum. For IPv4 this is 8 and 24. For IPv6 this is 16 and 48.
3.4 Reject bogons (RFC1918, documentation prefix, etc).
3.5 Reject exchange prefixes for all exchanges Hurricane Electric is connected to.
3.6 Reject routes that have RPKI status INVALID_ASN or INVALID_LENGTH based on the origin AS and prefix.
4. For each route, perform the following acceptance tests:
4.1 If the origin is the neighbor AS, accept routes that have RPKI status VALID based on the origin AS and prefix.
4.2 If the prefix is an announced downstream route that is a subnet of an accepted originated prefix that was accepted due to either RPKI or an RIR handle match, accept the prefix.
4.3 If RIR handles match for the prefix and the peer AS, accept the prefix.
4.4 If this prefix exactly matches a prefix allowed by the IRR policy of this peer, accept the prefix.
4.5 If the first AS in the path matches the peer and path is two hops long and the origin AS is in the expanded as-set for the peer AS and either the RPKI status is VALID or there is an RIR handle match for the origin AS and the prefix, accept the prefix.
5. Reject all prefixes not explicitly accepted
A little bit of deviation from techie stuff. For those of you looking to make life better here are some “hacks” I totally agree with. What are you life hacks? What are soem things you do which are related to your tech field?
https://medium.com/the-ascent/the-9-best-life-hacks-to-become-unstoppable-87b9587992ac
Life-hacking is ridiculously fun when you see what it can do for you.
I was never much of an ‘experimenter’ — more of a go with the flow kind of guy. This strategy didn’t work for me. I fell in love with money and alcohol and that led to a larger than life mental illness. The mind can ruin you if you let it. But the mind can do even more good for you.
All of that has changed. I’m now a life-hacker and get off on experiments. These tiny little experiments have helped me have an unconventional career, write thousands of blog posts on the internet, meet some extraordinary people, and earn enough passive income to be comfortable.
People often call me unstoppable. They see my work ethic as crazy. It’s not really. What looks crazy is nothing more than the positive effects of these life hacks that other people taught me. Here are the best life hacks you can steal.
https://medium.com/the-ascent/the-9-best-life-hacks-to-become-unstoppable-87b9587992ac
For those of you implementing Syslog triggers and such the following list will be helpful in filtering and classifying Syslog entries.
0 – Emergency
1 – Alert
2 – Critical
3 – Error
4 – Warning
5 – Notice
6 – Informational
7 – Debug
https://radar.qrator.net/blog/as10990-routing-optimization-tale
Conclusion? Do not try to optimize the routes with automated software – BGP is a distance-vector routing protocol that has proved, throughout the years, its ability to handle the traffic. Software, wanting to “optimize” the system involving thousands of members would never be smart enough to compute all the possible outcomes of such manipulation.
…We’re excited to announce a new subsea cable—Grace Hopper—which will run between the United States, the United Kingdom and Spain, providing better resilience for the network that underpins Google’s consumer and enterprise products.
John Lovell interviews professional hacker on cyber security, privacy on the internet, cyber terrorism, penetration testing, information / data security, confidentiality, phishing, the dark / deep web, and hacking in Hollywood movies such as James Bond Skyfall, Hackers, Swordfish, the Net, Mr. Robot, and other movies.