Death of the Internet, Film at 11
nanog at ics-il.net
Sat Oct 22 22:48:42 UTC 2016
Thanks for the link.
Intelligent Computing Solutions
----- Original Message -----
From: "Ray Van Dolson" <rvandolson at esri.com>
To: "Mike Hammett" <nanog at ics-il.net>
Cc: nanog at nanog.org
Sent: Saturday, October 22, 2016 5:35:50 PM
Subject: Re: Death of the Internet, Film at 11
On Sat, Oct 22, 2016 at 04:48:01PM -0500, Mike Hammett wrote:
> Until Dyn says or someone says Dyn said, everything is assumed.
> ----- Original Message -----
> From: "Peter Baldridge" <petebaldridge at gmail.com>
> To: "Jean-Francois Mezei" <jfmezei_nanog at vaxination.ca>
> Cc: nanog at nanog.org
> Sent: Saturday, October 22, 2016 4:45:13 PM
> Subject: Re: Death of the Internet, Film at 11
> On Sat, Oct 22, 2016 at 1:47 PM, Jean-Francois Mezei
> <jfmezei_nanog at vaxination.ca> wrote:
> > Generic question:
> > The media seems to have concluded it was an "internet of things" that
> > caused this DDoS.
> > I have not seen any evidence of this. Has this been published by an
> > authoritative source or is it just assumed?
> Flashpoint, krebs, arstechnica. I'm not sure what credible
> looks like unless they release a packet but this is probably
> > Has the type of device involved been identified?
> routers and cameras with shitty firmware 
> > Is it more plausible that those devices were "hacked" in the OEM
> > firmware and sold with the "virus" built-in ? That would explain the
> > widespread attack.
> The source code has been released. krebs , code 
> > Also, in cases such as this one, while the target has managed to
> > mitigate the attack, how long would such an attack typically continue
> > and require blocking ?
> This is an actual question that hasn't been answered.
> > Since the attack seemed focused on eastern USA DNS servers, would it be
> > fair to assume that the attacks came mostly from the same region (aka:
> > devices installed in eastern USA) ? (since anycast would point them to
> > that).
> Aren't heat maps just population graphs?
> > BTW, normally, if you change the "web" password on a "device", it would
> > also change telnet/SSH/ftp passwords.
> Seems like no one is doing either.
More information about the NANOG