Spitballing IoT Security

Hugo Slabbert hugo at slabnet.com
Mon Oct 24 22:21:48 UTC 2016

It's possible you might have wanted to read the link for the context that 
pointed this out as sarcastic hyperbole, though the text as-is could 
(unfortunately) have been read as serious.

Hugo Slabbert       | email, xmpp/jabber: hugo at slabnet.com
pgp key: B178313E   | also on Signal

On Mon 2016-Oct-24 17:17:43 -0500, Mike Hammett <nanog at ics-il.net> wrote:

>There's a buffer overrun in some software, so let's just remove all passwords (and keys), since they can get in anyway.
>Just pointing out flawed logic.
>Mike Hammett
>Intelligent Computing Solutions
>----- Original Message -----
>From: "J. Oquendo" <joquendo at e-fensive.net>
>To: "Steve Mikulasik" <Steve.Mikulasik at civeo.com>
>Cc: nanog at nanog.org
>Sent: Monday, October 24, 2016 3:53:25 PM
>Subject: Re: Spitballing IoT Security
>On Mon, 24 Oct 2016, Steve Mikulasik wrote:
>> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus.
>That would involve someone lifting a finger and implement
>a config change. Much easier to implement BCP38 or was it
>RFC 4732? Would never work the moment someone has to lift
>a finger.
>I think I'll change my position on BCP38. It's pointless to try
>blocking spoofed source addresses because:
>* It doesn't solve every single problem
>* It means more effort for service providers
>* It requires more CPU processing power
>* Using it will generate smarter "black hats".
>J. Oquendo
>"Where ignorance is our master, there is no possibility of
>real peace" - Dalai Lama
>0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20161024/0c64878e/attachment.pgp>

More information about the NANOG mailing list