Spitballing IoT Security

Mike Hammett nanog at ics-il.net
Mon Oct 24 22:17:43 UTC 2016


There's a buffer overrun in some software, so let's just remove all passwords (and keys), since they can get in anyway. 





Just pointing out flawed logic. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "J. Oquendo" <joquendo at e-fensive.net> 
To: "Steve Mikulasik" <Steve.Mikulasik at civeo.com> 
Cc: nanog at nanog.org 
Sent: Monday, October 24, 2016 3:53:25 PM 
Subject: Re: Spitballing IoT Security 

On Mon, 24 Oct 2016, Steve Mikulasik wrote: 

> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus. 
> 

That would involve someone lifting a finger and implement 
a config change. Much easier to implement BCP38 or was it 
RFC 4732? Would never work the moment someone has to lift 
a finger. 

/* 
I think I'll change my position on BCP38. It's pointless to try 
blocking spoofed source addresses because: 

* It doesn't solve every single problem 
* It means more effort for service providers 
* It requires more CPU processing power 
* Using it will generate smarter "black hats". 

https://www.nanog.org/mailinglist/mailarchives/old_archive/2004-10/msg00132.html 

*/ 


-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 
J. Oquendo 
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM 

"Where ignorance is our master, there is no possibility of 
real peace" - Dalai Lama 

0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463 
https://pgp.mit.edu/pks/lookup?op=get&search=0xFC837AF59D8A4463 



More information about the NANOG mailing list