Security Scene: March 2021 Edition
By Adair Thaxton, Internet2 Cyberinfrastructure Security Engineer
I hereby petition to rename “March” to “Slog,” as the latter more accurately describes the passage of time these days. At least it’s starting to be a warmer slog, eh?
I enjoyed this article about how ReliaQuest handled the challenges around working with the “Super Bowl” trademark name.
Some of these challenges are perennial, like preventing scoreboard hacks and protecting the teams’ headsets and tablets, but other challenges were new this year. Background checks for workers and volunteers happen every year but adding COVID-19 tests for those people meant that PHI was likely in scope this year. They also noted that since watch parties were discouraged this year, traditional TV ratings were down but streaming ratings were up 65%.
Fatema Bannat Wala from ESnet has given us some interesting topics for discussion at our previous conferences, and she has written a post about how they are using Zeek to monitor their IPv6-only management network. They have created a set of Zeek policies to monitor and allow an analysis of anomalous traffic and IPv6-specific traffic types. She also links to Scott Campbell’s presentation with a bit of additional background. His presentation includes several slides on using sinkholes in their management network to direct traffic, and Fatema promises more information on this in an upcoming blog post.
You all know we’ve been pretty active in encouraging RPKI and IRR usage, and one of our most prominent evangelists in that area has been Steven Wallace. Well, good news! Steven has been named a MANRS Ambassador! MANRS Ambassadors “are well-respected professionals committed to helping make the global routing infrastructure more robust and secure,” and we’re absolutely thrilled to have him representing our community in this effort.
Have a great March and stay safe!