Spitballing IoT Security

Mike Hammett nanog at ics-il.net
Mon Oct 24 22:24:58 UTC 2016

Oh, yeah, list e-mail usually just gets skimmed through. No time for reading in detail or links. ;-) 

Sorry. :-\ 

Mike Hammett 
Intelligent Computing Solutions 


----- Original Message -----

From: "Hugo Slabbert" <hugo at slabnet.com> 
To: "Mike Hammett" <nanog at ics-il.net> 
Cc: nanog at nanog.org 
Sent: Monday, October 24, 2016 5:21:48 PM 
Subject: Re: Spitballing IoT Security 

It's possible you might have wanted to read the link for the context that 
pointed this out as sarcastic hyperbole, though the text as-is could 
(unfortunately) have been read as serious. 

Hugo Slabbert | email, xmpp/jabber: hugo at slabnet.com 
pgp key: B178313E | also on Signal 

On Mon 2016-Oct-24 17:17:43 -0500, Mike Hammett <nanog at ics-il.net> wrote: 

>There's a buffer overrun in some software, so let's just remove all passwords (and keys), since they can get in anyway. 
>Just pointing out flawed logic. 
>Mike Hammett 
>Intelligent Computing Solutions 
>----- Original Message ----- 
>From: "J. Oquendo" <joquendo at e-fensive.net> 
>To: "Steve Mikulasik" <Steve.Mikulasik at civeo.com> 
>Cc: nanog at nanog.org 
>Sent: Monday, October 24, 2016 3:53:25 PM 
>Subject: Re: Spitballing IoT Security 
>On Mon, 24 Oct 2016, Steve Mikulasik wrote: 
>> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus. 
>That would involve someone lifting a finger and implement 
>a config change. Much easier to implement BCP38 or was it 
>RFC 4732? Would never work the moment someone has to lift 
>a finger. 
>I think I'll change my position on BCP38. It's pointless to try 
>blocking spoofed source addresses because: 
>* It doesn't solve every single problem 
>* It means more effort for service providers 
>* It requires more CPU processing power 
>* Using it will generate smarter "black hats". 
>J. Oquendo 
>"Where ignorance is our master, there is no possibility of 
>real peace" - Dalai Lama 
>0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463 

More information about the NANOG mailing list