Spitballing IoT Security
nanog at ics-il.net
Mon Oct 24 22:17:43 UTC 2016
There's a buffer overrun in some software, so let's just remove all passwords (and keys), since they can get in anyway.
Just pointing out flawed logic.
Intelligent Computing Solutions
----- Original Message -----
From: "J. Oquendo" <joquendo at e-fensive.net>
To: "Steve Mikulasik" <Steve.Mikulasik at civeo.com>
Cc: nanog at nanog.org
Sent: Monday, October 24, 2016 3:53:25 PM
Subject: Re: Spitballing IoT Security
On Mon, 24 Oct 2016, Steve Mikulasik wrote:
> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus.
That would involve someone lifting a finger and implement
a config change. Much easier to implement BCP38 or was it
RFC 4732? Would never work the moment someone has to lift
I think I'll change my position on BCP38. It's pointless to try
blocking spoofed source addresses because:
* It doesn't solve every single problem
* It means more effort for service providers
* It requires more CPU processing power
* Using it will generate smarter "black hats".
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama
0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463
More information about the NANOG