Spitballing IoT Security

Mike Hammett nanog at ics-il.net
Mon Oct 24 22:24:58 UTC 2016


Oh, yeah, list e-mail usually just gets skimmed through. No time for reading in detail or links. ;-) 

Sorry. :-\ 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Hugo Slabbert" <hugo at slabnet.com> 
To: "Mike Hammett" <nanog at ics-il.net> 
Cc: nanog at nanog.org 
Sent: Monday, October 24, 2016 5:21:48 PM 
Subject: Re: Spitballing IoT Security 

It's possible you might have wanted to read the link for the context that 
pointed this out as sarcastic hyperbole, though the text as-is could 
(unfortunately) have been read as serious. 

-- 
Hugo Slabbert | email, xmpp/jabber: hugo at slabnet.com 
pgp key: B178313E | also on Signal 

On Mon 2016-Oct-24 17:17:43 -0500, Mike Hammett <nanog at ics-il.net> wrote: 

>There's a buffer overrun in some software, so let's just remove all passwords (and keys), since they can get in anyway. 
> 
> 
> 
> 
> 
>Just pointing out flawed logic. 
> 
> 
> 
> 
>----- 
>Mike Hammett 
>Intelligent Computing Solutions 
>http://www.ics-il.com 
> 
>Midwest-IX 
>http://www.midwest-ix.com 
> 
>----- Original Message ----- 
> 
>From: "J. Oquendo" <joquendo at e-fensive.net> 
>To: "Steve Mikulasik" <Steve.Mikulasik at civeo.com> 
>Cc: nanog at nanog.org 
>Sent: Monday, October 24, 2016 3:53:25 PM 
>Subject: Re: Spitballing IoT Security 
> 
>On Mon, 24 Oct 2016, Steve Mikulasik wrote: 
> 
>> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus. 
>> 
> 
>That would involve someone lifting a finger and implement 
>a config change. Much easier to implement BCP38 or was it 
>RFC 4732? Would never work the moment someone has to lift 
>a finger. 
> 
>/* 
>I think I'll change my position on BCP38. It's pointless to try 
>blocking spoofed source addresses because: 
> 
>* It doesn't solve every single problem 
>* It means more effort for service providers 
>* It requires more CPU processing power 
>* Using it will generate smarter "black hats". 
> 
>https://www.nanog.org/mailinglist/mailarchives/old_archive/2004-10/msg00132.html 
> 
>*/ 
> 
> 
>-- 
>=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 
>J. Oquendo 
>SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM 
> 
>"Where ignorance is our master, there is no possibility of 
>real peace" - Dalai Lama 
> 
>0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463 
>https://pgp.mit.edu/pks/lookup?op=get&search=0xFC837AF59D8A4463 
> 



More information about the NANOG mailing list