Death of the Internet, Film at 11

Brandon Butterworth brandon at rd.bbc.co.uk
Sat Oct 22 14:22:55 UTC 2016


> From: Mike Hammett <nanog at ics-il.net>
> "taken all necessary steps to insure that none of the numerous specific types of CCVT thingies that Krebs and others identified" 
> 
> Serious question... how? 

Well their addresses are now known so one way would be for each ISP to
drop traffic from them. If people don't fix them why should these
devices stay on the net? If say Comcast has a million of them it might
be tricky to scale but not impossible

It'd take a bit of effort and care to aggregate and disseminate the
data to each responsible AS, there'd be risk of bad guys getting the
data and false positives/people spoofing to attack others. They'd also
be building a tool that some might try to hijack for other purposes.

None of that is an excuse to do nothing as is usually the result with
any suggested measure that involves doing work to fix a problem

I know ISPs generaly don't want the support calls but they'll end up
with them and a legislative burden with commerial liability if they
don't sort it out themselves.

brandon


More information about the NANOG mailing list