John Kristoff<p>You can glean a lot from <a href="https://infosec.exchange/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGP</span></a> route changes. <a href="https://infosec.exchange/tags/AS397222" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AS397222</span></a> recently began announcing 192.28.94.0/24 a <a href="https://infosec.exchange/tags/3M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>3M</span></a> prefix which includes an address mapped to an authoritative name server for 3m.com.</p><p>The significance? 397222 is originated by <a href="https://infosec.exchange/tags/Neustar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Neustar</span></a> security group. The other auth name server is also being originated by another Neustar ASN. What we can't know definitely from routes alone is intent. Could be proactive, an active DDoS mitigation in progress, minor configuration change, a test, or something else.</p><p>For more:</p><p>* CIDR Report <a href="https://www.cidr-report.org/cgi-bin/as-report?as=AS397199&view=2.0" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cidr-report.org/cgi-bin/as-rep</span><span class="invisible">ort?as=AS397199&view=2.0</span></a><br>* RIPE routing-history <a href="https://stat.ripe.net/widget/routing-history#w.resource=192.28.94.0/24" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stat.ripe.net/widget/routing-h</span><span class="invisible">istory#w.resource=192.28.94.0/24</span></a></p>
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.6Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#neustar
0 posts · 0 participants · 0 posts today
John Kristoff<p><a href="https://infosec.exchange/tags/Neustar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Neustar</span></a> Security Services is now known as <a href="https://infosec.exchange/tags/Vercara" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vercara</span></a>. <a href="https://vercara.com/news/neustar-security-services-is-now-vercara" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vercara.com/news/neustar-secur</span><span class="invisible">ity-services-is-now-vercara</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload