Death of the Internet, Film at 11

Josh Reynolds josh at kyneticwifi.com
Sat Oct 22 22:22:49 UTC 2016


And then what? The labor to clean up this mess is not free. Who's
responsibility is it? The grandma who got a webcam for Christmas to watch
the squirrels? The ISP?... No... The vendor? What if the vendor had
released a patch to fix the issue months back, and grandma hadn't installed
it?

Making grandma and auntie Em responsible for the IT things in their house
is likely not going to go well.

Making the vendor responsible might work for the reputable ones to a point,
but won't work for the fly by night shops that will sell the same products
under different company names and model names until they get sued or "one
starred" into oblivion. Then they just change names and start all over.

The ISPs won't do it because of the cost to fix... The labor and potential
loss of customers.

So once identified, how do you suggest this gets fixed?

On Oct 22, 2016 5:11 PM, "Mark Andrews" <marka at isc.org> wrote:


One way to deal with this would be for ISP's to purchase DoS attacks
against their own servers (not necessarially hosted on your own
network) then look at which connections from their network attacking
these machines then quarantine these connections after a delay
period so that attacks can't be corollated with quarantine actions
easily.

This doesn't require a ISP to attempt to break into a customers
machine to identify them.  It may take several runs to identify
most of the connections associated with a DoS provider.

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the NANOG mailing list