Nato warns of strike against cyber attackers

Owen DeLong owen at
Tue Jun 8 20:33:46 UTC 2010


I realize your fond of punishing all of us to subsidize the ignorant, but I would rather see those with compromised machines pay the bill for letting their machines get compromised than have to subsidize their ignorant or worse behavior.


Sent from my iPad

On Jun 8, 2010, at 1:12 PM, dlr at (Dave Rand) wrote:

> [In the message entitled "Re: Nato warns of strike against cyber attackers" on Jun  8, 16:03, "J. Oquendo" writes:]
>> All humor aside, I'm curious to know what can anyone truly do at the end
>> of the day if say a botnet was used to instigate a situation. Surely
>> someone would have to say something to the tune of "better now than
>> never" to implement BCP filtering on a large scale. Knobs, Levers, Dials
>> and Switches: Now and Then (please sir, may I have some more ?) is 7
>> years old yet I wonder in practice, how many networks have 38/84
>> filtering. I'm wondering why it hasn't been implemented off the shelf in
>> some of the newer equipment. This is not to say "huge backbones" should
>> have it, but think about it, if smaller networks implemented it from the
>> rip, the overheard wouldn't hurt that many of the bigger guys. On the
>> contrary, my theory is it would save them headaches in the long run...
>> Guess that's a pragmatic approach. Better that than an immediate
>> pessimistic one.
> It's really way, way past time for us to actually deal with compromised
> computers on our networks.  Abuse desks need to have the power to filter
> customers immediately on notification of activity.  We need to have tools to
> help us identify compromised customers.  We need to have policies that
> actually work to help notify the customers when they are compromised.
> None of this needs to be done for free.  There needs to be a "security
> fee" charged _all_ customers, which would fund the abuse desk.
> With more than 100,000,000 compromised computers out there, it's really
> time for us to step up to the plate, and make this happen.
> -- 

More information about the NANOG mailing list