8 May
2014
8 May
'14
1:01 a.m.
Dear list members,
Just a quick update regarding the TTTT project. There are multiple GB's of data to analyse and it is still being worked on. We are also working on the public script(s) as well.
Sebastian Urbach
Have been seeing some dubious traffic warnings the last few days on the firewall from 50.116.9.77, 74.207.228.161 and 109.74.204.217.
Are these IPs performing traceroutes for your project and can you vouch for them? If so will it improve your results if the ICMP TTL-expired packets are permitted? You should avoid the duplicate TCP SYNs if you don't want to annoy people. Maybe explain exactly (and tersely) how this works.
If they're not yours they go on the black-hole ACL never to be seen again.