Presentation is loading. Please wait.

Presentation is loading. Please wait.

Physical Data Link IPv4/IPv6 TCP,UDP WWW, , SSH, Telnet.

Published byAgnes Terry Modified over 8 years ago

Similar presentations

Presentation on theme: "Physical Data Link IPv4/IPv6 TCP,UDP WWW, , SSH, Telnet."— Presentation transcript:

1 http://tools.ietf.org/html/bcp38

2

3 Physical Data Link IPv4/IPv6 TCP,UDP WWW, Email, SSH, Telnet

4 Virtualization Control Orchestration Application ON SALE SDN LIMITED EDITION NFV SNEAK PREVIEW NDN Welcome to DevOps CLI

5 IP Internet People DNS BGP

6 DNS 1.Thou shall not run RDNS and ADNS on the same machine! 2.Thou shall not open the Recursive DNS to the wide world! 3.Thou shall not use predictable Source Ports and Query IDs! 4.Remember that a CPE or printer may also act as an open RDNS! 5.Honour and support the IETF and RIPE work on DNS. 6.Thou shall not use the same IP address to accept queries and to initiate recursive lookups on the Recursive DNS! 7.Thou shall not do lame delegations, nor endless CNAME-ing! 8.Thou shall use RRL (Response Rate Limit)! 9.Thou shall use TSIG for zone XFERs! 10.Thou shall not be afraid to deploy DNSSEC!

7 BGP 1.Thou shall not hijack IP prefixes from others! 2.Thou shall avoid exporting ANY IGP routes into BGP !!! 3.Thou shall not announce special/private IP prefixes via BGP! 4.Remember to register thy route policy in an IRR (e.g. RIPE DB). 5.Honour and support the IETF/RIPE work on the S-BGP, psBGP etc. 6.Thou shall not announce prefixes longer than /24 (v4) or /48 (v6)! 7.Thou shall not de-aggregate! 8.Thou shall use prefix-lists to control thy customers! 9.Thou shall use maximum-prefix to control thy peers! 10.Thou shall sign thy routes using RPKI ASAP!

8 What to do with … PEOPLE? “L’enfer, c’est les autres” (J.P.Sartre) http://tools.ietf.org/html/bcp38

Download ppt "Physical Data Link IPv4/IPv6 TCP,UDP WWW, , SSH, Telnet."

Similar presentations

RIPE NCC DNS Update Anand Buddhdev. Anand Buddhdev, 15 May 2013 2 K-root Service stable with 17 instances – 5 global – 12 local (prefixes announced with.

RIPE NCC DNS Update Anand Buddhdev. Anand Buddhdev, 15 May K-root Service stable with 17 instances – 5 global – 12 local (prefixes announced with.
Presenter: Mark Elkins Topic: Things not getting done.

Presenter: Mark Elkins Topic: Things not getting done.
Review iClickers. Ch 1: The Importance of DNS Security.

Review iClickers. Ch 1: The Importance of DNS Security.
1IPv6 Day in Armenia, Yerevan, June 6, 2012 1 IPv6 Day in Armenia I.Mkrtumyan ISOC AM.

1IPv6 Day in Armenia, Yerevan, June 6, IPv6 Day in Armenia I.Mkrtumyan ISOC AM.
1 Securing BGP using DNSSEC Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.

1 Securing BGP using DNSSEC Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.

BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.

DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.
© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.

© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.
PKI To The Masses IPCCC 2004 Dan Massey USC/ISI. 1 March PKI Is Necessary l My PKI related actions since arriving at IPCCC n Used an.

PKI To The Masses IPCCC 2004 Dan Massey USC/ISI. 1 March PKI Is Necessary l My PKI related actions since arriving at IPCCC n Used an.
Internet Operations and the RIRs. Overview ARIN and the Regional Internet Registry (RIR) System IP Number Resources, DNS and Routing IP Address Management.

Internet Operations and the RIRs. Overview ARIN and the Regional Internet Registry (RIR) System IP Number Resources, DNS and Routing IP Address Management.
RIS Resource Allocations A special report on an endangered species …

RIS Resource Allocations A special report on an endangered species …
1 Securing BGP Large scale trust to build an Internet again Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.

1 Securing BGP Large scale trust to build an Internet again Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.
A Model of IPv6 Internet Access Service via L2TPv2 Shin Miyakawa NTT Communications 2006/7/10 IETF66th.

A Model of IPv6 Internet Access Service via L2TPv2 Shin Miyakawa NTT Communications 2006/7/10 IETF66th.
Reverse DNS Delegations, Templates and RWS Andy Newton Chief Engineer.

Reverse DNS Delegations, Templates and RWS Andy Newton Chief Engineer.
Traffic Engineering for CDNs Matt Jansen Akamai Technologies APRICOT 2015.

Traffic Engineering for CDNs Matt Jansen Akamai Technologies APRICOT 2015.
APNIC eLearning: Intro to RPKI 10 December 2014 12:30 PM AEST Brisbane (UTC+10)

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.

Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.

Similar presentations

Ads by Google