Krebs on Security booted off Akamai network after DDoS attack proves pricey
Mark Andrews
marka at isc.org
Tue Sep 27 05:14:33 UTC 2016
In message <EAE71BCC-A260-4AED-92D8-AEE614A8134A at arbor.net>, Roland Dobbins writes:
> On 27 Sep 2016, at 11:43, Mark Andrews wrote:
>
> > Why not? You call a washing machine mechanic when the washing machine
> > plays up. This is not conceptually different.
>
> Washing machines aren't a utility. Internet is viewed as a utility.
>
> > Actually I don't believe that. They do know what machines they have
> > have connected to their home network. Boxes don't magically
> > connect. Every machine was explictly connected.
>
> First of all, not every devices was explicitly connected by the user.
> Think set-top boxes/DVRs.
I'm yet to see a set top box, DVR, TV, games console, phone, etc.
that didn't require selecting the WiFi SSID or require you to plug
in a ethernet cable. As I said, they don't magically connect to
the network. Someone did something to permit them to connect.
> Secondly, users connect things an then don't think about them, don't
> remember credentials, had a horrible ordeal (from their perspective)
>
> Thirdly, expecting users to troubleshoot which of their devices is
> emanating bad traffic is unrealistic.
Which is why there are computer technitions. If you have a fault
with a fan you call a electrian. If you have a problem with a
toilet you call a plumber. Why do you think people are incapable
of calling in someone to help them fix a known issue.
> The only effective consumer remediation efforts we've seen to date have
> been broadband access ISPs proactively scanning their customer networks
> and contacting them when exploitable devices and compromised PCs have
> been found. Although it's a lot of work, that kind of thing can be done
> for CPE broadband routers; it can't be done for the things sitting
> behind those devices, which are doing NAT/firewalling. The partial
> exception is PCs, because everyone thinks of those when they think of
> 'the Internet'.
>
> And the fact that even their lightbulbs are being connected now - i.e.,
> the huge proliferation of connected devices - militates against user
> troubleshooting, as well.
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG
mailing list