Notas de Ciberseguridad

Notas de Ciberseguridad === <i class="fa fa-user-circle-o" aria-hidden="true"></i> Johnny Pan <i class="fa fa-clock-o" aria-hidden="true"></i> 2019-05-24 :::info **Descripción** > Recopilación personal de algunos enlaces con información, herramientas y guías para facilitar algunos procesos requeridos en ciberseguridad. ::: # Distribuciones * https://www.kali.org/ * https://www.parrotsec.org/ * https://www.caine-live.net/ * http://www.deftlinux.net/ * https://forensics.cert.org/appliance/README.html * https://www.networksecuritytoolkit.org/nst/index.html * https://sumuri.com/software/paladin/ * https://securityonion.net/ * https://digital-forensics.sans.org/community/downloads * https://www.backbox.org/download/ * https://sourceforge.net/projects/samurai/files/ * https://www.pentoo.ch/download/ * https://www.qubes-os.org/downloads/ * https://tails.boum.org/install/index.en.html * https://www.whonix.org/wiki/Download * https://www.privacy-cd.org/howto.html#get_pre * https://www.digi77.com/linux-kodachi/#Download * https://heads.dyne.org/download/ * https://subgraph.com/sgos/download/index.en.html * https://www.ipredia.org/os/download/ * https://www.openwall.com/Owl/ * https://alpinelinux.org/downloads/ * https://blackarch.org/ # CTF/Wargames ## Guías para CTF * https://trailofbits.github.io/ctf/ ## En Inglés * https://overthewire.org/wargames/ * https://www.pentesterlab.com/ * http://www.itsecgames.com/ * https://exploit-exercises.com/ * https://www.enigmagroup.org/ * http://smashthestack.org/ * http://3564020356.org/ * https://www.hackthissite.org/ * http://www.hackertest.net/ * http://0x0539.net/ * https://vulnhub.com * https://ringzer0team.com/ * https://root-me.org/ * https://microcorruption.com/ * http://abctf.xyz/ * http://pwnable.kr/ * https://ctftime.org/ * https://www.vulnhub.com/ * https://w3challs.com/challenges/hacking * http://forensicscontest.com/puzzles * https://xss-game.appspot.com/ * http://pwnable.tw * https://io.netgarage.org/ * https://www.mavensecurity.com/resources/web-security-dojo/ * http://blog.ijun.org/2009/12/understanding-elf-using-readelf-and.html * https://github.com/dennis714/RE-for-beginners * http://ref.x86asm.net/index.html -- google for opcode references for other architectures * https://msdn.microsoft.com/en-us/library/ms809762.aspx * http://resources.infosecinstitute.com/applied-reverse-engineering-ida-pro/ * https://samsymons.com/blog/reverse-engineering-with-radare2-part-1/ * https://microcorruption.com/login * http://smashthestack.org/ * https://www.hackthebox.eu/ * https://www.vulnhub.com/ * http://overthewire.org/wargames/ * http://captf.com/practice-ctf/ * http://www.wechall.net/ * http://www.lost-chall.org/ * http://www.canyouhack.it/ * https://www.rankk.org/ * https://ctftime.org/ * http://captf.com/ ## En Español * https://wow.sinfocol.org/ * http://www.yashira.org/ * https://www.hackplayers.com * https://www.securityartwork.es/ * https://www.flu-project.com/p/retos-hacking.html * https://atenea.ccn-cert.cni.es/home # Google Dorks * https://www.exploit-db.com/google-hacking-database * https://gist.github.com/clarketm/919457847cece7ce40323dc217623054 * https://www.cybrary.it/0p3n/google-dorks-easy-way-of-hacking/ * https://www.technotification.com/2017/05/google-dorks-the-hackers-way.html * https://www.hackingloops.com/google-dorks/ * http://pdf.textfiles.com/security/googlehackers.pdf # Herramientas ## Recopilación de información * https://tools.kali.org/information-gathering/ace-voip * https://tools.kali.org/information-gathering/amap * https://tools.kali.org/information-gathering/apt2 * https://tools.kali.org/information-gathering/arp-scan * https://tools.kali.org/information-gathering/automater * https://tools.kali.org/information-gathering/bing-ip2hosts * https://tools.kali.org/information-gathering/braa * https://tools.kali.org/information-gathering/casefile * https://tools.kali.org/information-gathering/cdpsnarf * https://tools.kali.org/information-gathering/cisco-torch * https://tools.kali.org/information-gathering/copy-router-config * https://tools.kali.org/information-gathering/dmitry * https://tools.kali.org/information-gathering/dnmap * https://tools.kali.org/information-gathering/dnsenum * https://tools.kali.org/information-gathering/dnsmap * https://tools.kali.org/information-gathering/dnsrecon * https://tools.kali.org/information-gathering/dnstracer * https://tools.kali.org/information-gathering/dnswalk * https://tools.kali.org/information-gathering/dotdotpwn * https://tools.kali.org/information-gathering/enum4linux * https://tools.kali.org/information-gathering/enumiax * https://tools.kali.org/information-gathering/eyewitness * https://tools.kali.org/information-gathering/faraday * https://tools.kali.org/information-gathering/fierce * https://tools.kali.org/information-gathering/firewalk * https://tools.kali.org/information-gathering/fragroute * https://tools.kali.org/information-gathering/fragrouter * https://tools.kali.org/information-gathering/ghost-phisher * https://tools.kali.org/information-gathering/golismero * https://tools.kali.org/information-gathering/goofile * https://tools.kali.org/information-gathering/hping3 * https://tools.kali.org/information-gathering/ident-user-enum * https://tools.kali.org/information-gathering/inspy * https://tools.kali.org/information-gathering/intrace * https://tools.kali.org/information-gathering/ismtp * https://tools.kali.org/information-gathering/lbd * https://tools.kali.org/information-gathering/maltego-teeth * https://tools.kali.org/information-gathering/masscan * https://tools.kali.org/information-gathering/metagoofil * https://tools.kali.org/information-gathering/miranda * https://tools.kali.org/information-gathering/nbtscan-unixwiz * https://tools.kali.org/information-gathering/nikto * https://tools.kali.org/information-gathering/nmap * https://tools.kali.org/information-gathering/ntop * https://tools.kali.org/information-gathering/osrframework * https://tools.kali.org/information-gathering/p0f * https://tools.kali.org/information-gathering/parsero * https://tools.kali.org/information-gathering/recon-ng * https://tools.kali.org/information-gathering/set * https://tools.kali.org/information-gathering/smbmap * https://tools.kali.org/information-gathering/smtp-user-enum * https://tools.kali.org/information-gathering/snmp-check * https://tools.kali.org/information-gathering/sparta * https://tools.kali.org/information-gathering/sslcaudit * https://tools.kali.org/information-gathering/sslsplit * https://tools.kali.org/information-gathering/sslstrip * https://tools.kali.org/information-gathering/sslyze * https://tools.kali.org/information-gathering/sublist3r * https://tools.kali.org/information-gathering/thc-ipv6 * https://tools.kali.org/information-gathering/theharvester * https://tools.kali.org/information-gathering/tlssled * https://tools.kali.org/information-gathering/twofi * https://tools.kali.org/information-gathering/unicornscan * https://tools.kali.org/information-gathering/urlcrazy * https://tools.kali.org/information-gathering/wireshark * https://tools.kali.org/information-gathering/wol-e * https://tools.kali.org/information-gathering/xplico ## Análisis de vulnerabilidad * https://tools.kali.org/vulnerability-analysis/bbqsql * https://tools.kali.org/vulnerability-analysis/bed * https://tools.kali.org/vulnerability-analysis/cisco-auditing-tool * https://tools.kali.org/vulnerability-analysis/cisco-global-exploiter * https://tools.kali.org/vulnerability-analysis/cisco-ocs * https://tools.kali.org/vulnerability-analysis/doona * https://tools.kali.org/vulnerability-analysis/hexorbase * https://tools.kali.org/vulnerability-analysis/jsql * https://tools.kali.org/vulnerability-analysis/lynis * https://tools.kali.org/vulnerability-analysis/ohrwurm * https://tools.kali.org/vulnerability-analysis/openvas * https://tools.kali.org/vulnerability-analysis/oscanner * https://tools.kali.org/vulnerability-analysis/powerfuzzer * https://tools.kali.org/vulnerability-analysis/sfuzz * https://tools.kali.org/vulnerability-analysis/sidguesser * https://tools.kali.org/vulnerability-analysis/siparmyknife * https://tools.kali.org/vulnerability-analysis/sqlmap * https://tools.kali.org/vulnerability-analysis/sqlninja * https://tools.kali.org/vulnerability-analysis/sqlsus * https://tools.kali.org/vulnerability-analysis/tnscmd10g * https://tools.kali.org/vulnerability-analysis/unix-privesc-check * https://tools.kali.org/vulnerability-analysis/yersinia ## Ataques inalámbricos * https://tools.kali.org/wireless-attacks/airbase-ng * https://tools.kali.org/wireless-attacks/aircrack-ng * https://tools.kali.org/wireless-attacks/airdecap-ng-and-airdecloak-ng * https://tools.kali.org/wireless-attacks/aireplay-ng * https://tools.kali.org/wireless-attacks/airgraph-ng * https://tools.kali.org/wireless-attacks/airmon-ng * https://tools.kali.org/wireless-attacks/airodump-ng * https://tools.kali.org/wireless-attacks/airodump-ng-oui-update * https://tools.kali.org/wireless-attacks/airolib-ng * https://tools.kali.org/wireless-attacks/airserv-ng * https://tools.kali.org/wireless-attacks/airtun-ng * https://tools.kali.org/wireless-attacks/asleap * https://tools.kali.org/wireless-attacks/besside-ng * https://tools.kali.org/wireless-attacks/bluelog * https://tools.kali.org/wireless-attacks/bluemaho * https://tools.kali.org/wireless-attacks/bluepot * https://tools.kali.org/wireless-attacks/blueranger * https://tools.kali.org/wireless-attacks/bluesnarfer * https://tools.kali.org/wireless-attacks/bully * https://tools.kali.org/wireless-attacks/cowpatty * https://tools.kali.org/wireless-attacks/crackle * https://tools.kali.org/wireless-attacks/eapmd5pass * https://tools.kali.org/wireless-attacks/easside-ng * https://tools.kali.org/wireless-attacks/fern-wifi-cracker * https://tools.kali.org/wireless-attacks/freeradius-wpe * https://tools.kali.org/wireless-attacks/giskismet * https://tools.kali.org/wireless-attacks/gqrx * https://tools.kali.org/wireless-attacks/gr-scan * https://tools.kali.org/wireless-attacks/hostapd-wpe * https://tools.kali.org/wireless-attacks/ivstools * https://tools.kali.org/wireless-attacks/kalibrate-rtl * https://tools.kali.org/wireless-attacks/killerbee * https://tools.kali.org/wireless-attacks/kismet * https://tools.kali.org/wireless-attacks/makeivs-ng * https://tools.kali.org/wireless-attacks/mdk3 * https://tools.kali.org/wireless-attacks/mfcuk * https://tools.kali.org/wireless-attacks/mfoc * https://tools.kali.org/wireless-attacks/mfterm * https://tools.kali.org/wireless-attacks/multimon-ng * https://tools.kali.org/wireless-attacks/packetforge-ng * https://tools.kali.org/wireless-attacks/pixiewps * https://tools.kali.org/wireless-attacks/pyrit * https://tools.kali.org/wireless-attacks/reaver * https://tools.kali.org/wireless-attacks/redfang * https://tools.kali.org/wireless-attacks/rtlsdr-scanner * https://tools.kali.org/wireless-attacks/spooftooph * https://tools.kali.org/wireless-attacks/tkiptun-ng * https://tools.kali.org/wireless-attacks/wesside-ng * https://tools.kali.org/wireless-attacks/wifi-honey * https://tools.kali.org/wireless-attacks/wifiphisher * https://tools.kali.org/wireless-attacks/wifitap * https://tools.kali.org/wireless-attacks/wifite * https://tools.kali.org/wireless-attacks/wpaclean ## Aplicaciones web * https://tools.kali.org/web-applications/apache-users * https://tools.kali.org/web-applications/arachni * https://tools.kali.org/web-applications/blindelephant * https://tools.kali.org/web-applications/burpsuite * https://tools.kali.org/web-applications/cutycapt * https://tools.kali.org/web-applications/davtest * https://tools.kali.org/web-applications/deblaze * https://tools.kali.org/web-applications/dirb * https://tools.kali.org/web-applications/dirbuster * https://tools.kali.org/web-applications/fimap * https://tools.kali.org/web-applications/funkload * https://tools.kali.org/web-applications/gobuster * https://tools.kali.org/web-applications/grabber * https://tools.kali.org/web-applications/hurl * https://tools.kali.org/web-applications/jboss-autopwn * https://tools.kali.org/web-applications/joomscan * https://tools.kali.org/web-applications/padbuster * https://tools.kali.org/web-applications/paros * https://tools.kali.org/web-applications/plecost * https://tools.kali.org/web-applications/proxystrike * https://tools.kali.org/web-applications/skipfish * https://tools.kali.org/web-applications/ua-tester * https://tools.kali.org/web-applications/uniscan * https://tools.kali.org/web-applications/w3af * https://tools.kali.org/web-applications/webscarab * https://tools.kali.org/web-applications/webshag * https://tools.kali.org/web-applications/webslayer * https://tools.kali.org/web-applications/websploit * https://tools.kali.org/web-applications/wfuzz * https://tools.kali.org/web-applications/whatweb * https://tools.kali.org/web-applications/wpscan * https://tools.kali.org/web-applications/xsser * https://tools.kali.org/web-applications/zaproxy ## Herramientas de explotación * https://tools.kali.org/exploitation-tools/armitage * https://tools.kali.org/exploitation-tools/backdoor-factory * https://tools.kali.org/exploitation-tools/beef-xss * https://tools.kali.org/exploitation-tools/commix * https://tools.kali.org/exploitation-tools/exploitdb * https://tools.kali.org/exploitation-tools/linux-exploit-suggester * https://tools.kali.org/exploitation-tools/metasploit-framework * https://tools.kali.org/exploitation-tools/msfpc * https://tools.kali.org/exploitation-tools/routersploit * https://tools.kali.org/exploitation-tools/shellnoob ## Herramientas forenses * https://tools.kali.org/forensics/binwalk * https://tools.kali.org/forensics/bulk-extractor * https://tools.kali.org/forensics/capstone * https://tools.kali.org/forensics/cuckoo * https://tools.kali.org/forensics/dc3dd * https://tools.kali.org/forensics/ddrescue * https://tools.kali.org/forensics/dff * https://tools.kali.org/forensics/dumpzilla * https://tools.kali.org/forensics/extundelete * https://tools.kali.org/forensics/foremost * https://tools.kali.org/forensics/galleta * https://tools.kali.org/forensics/guymager * https://tools.kali.org/forensics/iphone-backup-analyzer * https://tools.kali.org/forensics/pdfid * https://tools.kali.org/forensics/pdf-parser * https://tools.kali.org/forensics/pdgmail * https://tools.kali.org/forensics/peepdf * https://tools.kali.org/forensics/regripper * https://tools.kali.org/forensics/volatility * https://tools.kali.org/tag/forensics-2 ## Pruebas de estrés * https://tools.kali.org/stress-testing/dhcpig * https://tools.kali.org/stress-testing/inundator * https://tools.kali.org/stress-testing/ipv6-toolkit * https://tools.kali.org/stress-testing/rtpflood * https://tools.kali.org/stress-testing/slow * https://tools.kali.org/stress-testing/t50 * https://tools.kali.org/stress-testing/termineter * https://tools.kali.org/stress-testing/thc-ssl-dos ## Sniffing & Spoofing * https://tools.kali.org/sniffingspoofing/bettercap * https://tools.kali.org/sniffingspoofing/dnschef * https://tools.kali.org/sniffingspoofing/fiked * https://tools.kali.org/sniffingspoofing/hamster-sidejack * https://tools.kali.org/sniffingspoofing/hexinject * https://tools.kali.org/sniffingspoofing/iaxflood * https://tools.kali.org/sniffingspoofing/inviteflood * https://tools.kali.org/sniffingspoofing/isr-evilgrade * https://tools.kali.org/sniffingspoofing/mitmproxy * https://tools.kali.org/sniffingspoofing/protos-sip * https://tools.kali.org/sniffingspoofing/rebind * https://tools.kali.org/sniffingspoofing/responder * https://tools.kali.org/sniffingspoofing/rtpbreak * https://tools.kali.org/sniffingspoofing/rtpinsertsound * https://tools.kali.org/sniffingspoofing/rtpmixsound * https://tools.kali.org/sniffingspoofing/sctpscan * https://tools.kali.org/sniffingspoofing/sipp * https://tools.kali.org/sniffingspoofing/sipvicious * https://tools.kali.org/sniffingspoofing/sniffjoke * https://tools.kali.org/sniffingspoofing/voiphopper * https://tools.kali.org/sniffingspoofing/xspy ## Ataques de contraseña * https://tools.kali.org/password-attacks/brutespray * https://tools.kali.org/password-attacks/cewl * https://tools.kali.org/password-attacks/chntpw * https://tools.kali.org/password-attacks/cmospwd * https://tools.kali.org/password-attacks/creddump * https://tools.kali.org/password-attacks/crowbar * https://tools.kali.org/password-attacks/crunch * https://tools.kali.org/password-attacks/findmyhash * https://tools.kali.org/password-attacks/gpp-decrypt * https://tools.kali.org/password-attacks/hashcat * https://tools.kali.org/password-attacks/hash-identifier * https://tools.kali.org/password-attacks/hydra * https://tools.kali.org/password-attacks/john * https://tools.kali.org/password-attacks/johnny * https://tools.kali.org/password-attacks/keimpx * https://tools.kali.org/password-attacks/maskprocessor * https://tools.kali.org/password-attacks/multiforcer * https://tools.kali.org/password-attacks/ncrack * https://tools.kali.org/password-attacks/oclgausscrack * https://tools.kali.org/password-attacks/ophcrack * https://tools.kali.org/password-attacks/pack * https://tools.kali.org/password-attacks/patator * https://tools.kali.org/password-attacks/phrasendrescher * https://tools.kali.org/password-attacks/polenum * https://tools.kali.org/password-attacks/rainbowcrack * https://tools.kali.org/password-attacks/rcracki-mt * https://tools.kali.org/password-attacks/rsmangler * https://tools.kali.org/password-attacks/seclists * https://tools.kali.org/password-attacks/sqldict * https://tools.kali.org/password-attacks/statsprocessor * https://tools.kali.org/password-attacks/thc-pptp-bruter * https://tools.kali.org/password-attacks/truecrack * https://tools.kali.org/password-attacks/wordlists ## Mantener el acceso * https://tools.kali.org/maintaining-access/cryptcat * https://tools.kali.org/maintaining-access/cymothoa * https://tools.kali.org/maintaining-access/dbd * https://tools.kali.org/maintaining-access/dns2tcp * https://tools.kali.org/maintaining-access/intersect * https://tools.kali.org/maintaining-access/nishang * https://tools.kali.org/maintaining-access/powersploit * https://tools.kali.org/maintaining-access/pwnat * https://tools.kali.org/maintaining-access/ridenum * https://tools.kali.org/maintaining-access/sbd * https://tools.kali.org/maintaining-access/shellter * https://tools.kali.org/maintaining-access/u3-pwn * https://tools.kali.org/maintaining-access/webshells * https://tools.kali.org/maintaining-access/weevely * https://tools.kali.org/maintaining-access/winexe ## Ingeniería inversa * https://tools.kali.org/reverse-engineering/apktool * https://tools.kali.org/reverse-engineering/dex2jar * https://tools.kali.org/reverse-engineering/distorm3 * https://tools.kali.org/reverse-engineering/edb-debugger * https://tools.kali.org/reverse-engineering/jad * https://tools.kali.org/reverse-engineering/javasnoop * https://tools.kali.org/reverse-engineering/jd-gui * https://tools.kali.org/reverse-engineering/ollydbg * https://tools.kali.org/reverse-engineering/smali * https://tools.kali.org/reverse-engineering/valgrind * https://tools.kali.org/reverse-engineering/yara ## Hardware Hacking * https://tools.kali.org/hardware-hacking/android-sdk * https://tools.kali.org/hardware-hacking/arduino * https://tools.kali.org/hardware-hacking/sakis3g ## Herramientas de informes * https://tools.kali.org/reporting-tools/cherrytree * https://tools.kali.org/reporting-tools/dos2unix * https://tools.kali.org/reporting-tools/dradis * https://tools.kali.org/reporting-tools/magictree * https://tools.kali.org/reporting-tools/nipper-ng * https://tools.kali.org/reporting-tools/pipal * https://tools.kali.org/reporting-tools/rdpy # Análisis de malware ## Muestras de malware * https://thezoo.morirt.com/ * https://github.com/ytisf/theZoo * https://github.com/fabrimagic72/malware-samples/ * https://contagiodump.blogspot.com/ * https://malware.lu/ * https://virusshare.com/ * https://github.com/shakenetwork/malwaresearch * http://iec56w4ibovnb4wc.onion/ ``` wget -r -np -nd -R "index.html*" -U Mozilla https://iec56w4ibovnb4wc.onion.to/Library/ ``` ## Análisis de memoria * https://github.com/volatilityfoundation/volatility ## Análisis estático * https://github.com/viper-framework/viper * https://www.hex-rays.com/products/ida/support/download_freeware.shtml * https://www.immunityinc.com/products/debugger/ * https://www.radare.org/r/ * http://www.ollydbg.de/ * http://windbg.org/ * https://github.com/icsharpcode/ILSpy * http://www.ntcore.com/exsuite.php * http://wjradburn.com/software/ * http://www.safer-networking.org/products/filealyzer/ * http://www.winitor.com/ * http://exeinfo.atwebpages.com/ * https://www.aldeid.com/wiki/PEiD * http://angusj.com/resourcehacker/ * https://crits.github.io/ * http://www.malzilla.org/downloads.html * https://docs.microsoft.com/es-es/sysinternals/downloads/ ## Análisis dinámico * https://www.virustotal.com/ * https://malwr.com/ * https://www.hybrid-analysis.com/ * https://avcaesar.malware.lu/ * https://www.reverse.it/ * https://www.joesandbox.com/ * https://docs.microsoft.com/es-es/sysinternals/downloads/ * https://www.telerik.com/fiddler * https://sourceforge.net/projects/regshot/files/ * https://github.com/dragokas/hijackthis/ * https://www.inetsim.org/ # Análisis de tráfico de red * https://www.wireshark.org * https://www.tcpdump.org/ * https://www.netresec.com/?page=NetworkMiner * https://www.snort.org/ * https://www.zeek.org/download/index.html * https://suricata-ids.org/ * https://molo.ch/ # Análisis de logs * https://github.com/jensvoid/lorg * https://www.elastic.co/es/elk-stack * https://www.graylog.org/ * https://www.splunk.com/ # Verificar si un enlace es seguro * https://virusdesk.kaspersky.com/ * https://scanurl.net/ * https://www.phishtank.com/ * https://transparencyreport.google.com/safe-browsing/search * https://www.virustotal.com/gui/home/url * https://search.norton.com/ * https://www.urlvoid.com/ # Reporte de URLs maliciosas * https://www.netcraft.com/ * https://safebrowsing.google.com/ * https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site * https://submit.symantec.com/antifraud/phish.cgi # Estándares Internacionales * ISO 27001 * ISO 27002 * ISO 31000 * ISO 27037 * NIST 800-86 # Certificaciones * https://certification.comptia.org/why-certify/roadmap * https://kali.training/ * https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/ # RFC * [RFC 1208 - A Glossary of Networking Terms](https://www.ietf.org/rfc/rfc1208.txt) * [RFC 1983 - Internet Users Glossary](https://www.ietf.org/rfc/rfc1983.txt) * [RFC 4949 - Internet Security Glossary](https://www.ietf.org/rfc/rfc4949.txt) * [RFC 2196 - Site Security Handbook](https://www.ietf.org/rfc/rfc1208.txt) * [RFC 2350 - Expectations for Computer Security Incident Response](https://www.ietf.org/rfc/rfc2350.txt) * [RFC 2504 - Users Security Handbook](https://www.ietf.org/rfc/rfc2504.txt) * [RFC 3631 - Security Mechanisms for the Internet](https://www.ietf.org/rfc/rfc3631.txt) * [RFC 6040 - Security Architecture for the Internet Protocol](https://www.ietf.org/rfc/rfc6040.txt) * [RFC 3227 - Guidelines for Evidence Collection and Archiving](https://www.ietf.org/rfc/rfc3227.txt) * [RFC 5070 - The Incident Object Description Exchange Format](https://www.ietf.org/rfc/rfc5070.txt) * [RFC 4778 - Current Operational Security Practices in Internet Service Provider Environments](https://www.ietf.org/rfc/rfc4778.txt)