Cisco/Level3 takedown

Edouard Chamillard edouard.chamillard at
Thu Apr 9 21:12:09 UTC 2015

Le 09/04/2015 22:39, Chris Boyd a écrit :
>> On Apr 9, 2015, at 3:01 PM, Matt Olney (molney) <molney at> wrote:
>> In response to Sameer Khosla's comment that we should work with the entire
>> service provider community:
>> Talos is the threat intelligence group within Cisco.  We absolutely
>> welcome discussions with any network operator on how we can improve the
>> state of security on the Internet.  Please contact me directly via email
>> and we can have a discussion about how we can work together going forward.
> While I agree that the (at least temporary) mitigation of the threat was overall a good thing, I'm not really happy with the method used.  Decisions to drop/block/filter traffic should be done locally.  I would have appreciated Talos coming to the various *nog lists and saying something like "Hey, there's some really bad guys here.  Here's the evidence of their bad behavior, you really should block them."  That probably would have had a wider reach than just going to Level3.
> --Chris

this kind of decision should be left to the various providers, and be
taken openly. while i am sure the decision has been taken with the best
intention, i'd prefer not seeing this kind of power wielded in a
discretionary fashion. 'tis a road that can lead to places i'm pretty
sure nobody wants to go.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the NANOG mailing list