Death of the Internet, Film at 11

bzs at TheWorld.com bzs at TheWorld.com
Mon Oct 24 00:52:35 UTC 2016


On October 23, 2016 at 17:14 hannigan at gmail.com (Martin Hannigan) wrote:
> > 
>
>On Oct 23, 2016, at 16:26, bzs at TheWorld.com wrote:
>
>
>   
>    I'm not sure who you mean when you say "people". My reference was to
>    manufacturers of IoT devices only.
>
>
>The users are not going to be able to help. You're right, it's all about the
>manufacturers. If you can remove or reduce profits enough where it matters, it
>will help tremendously. 
>
>I spent an hour looking through the IEEE standards RA pattern searching mac
>addrs thinking about mitigation techniques and doing random lookups of the
>registrants.

That's a good idea particularly in terms of not letting this stuff
out. For example one could imagine a patch to DSL, cable, and similar
last mile equipment to rate limit, perhaps flag etc, packets from
known vulnerable MAC ID ranges if they can be identified.

That'd be relatively cheap and easy.

>These attacks are the canary in the coal mine in terms of what is probably
>coming.

Oh yeah...that code is out there.


-- 
        -Barry Shein

Software Tool & Die    | bzs at TheWorld.com             | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
The World: Since 1989  | A Public Information Utility | *oo*


More information about the NANOG mailing list