Krebs on Security booted off Akamai network after DDoS attack proves pricey

Jay R. Ashworth jra at
Sun Sep 25 15:01:44 UTC 2016

----- Original Message -----
> From: "Ca By" <cb.list6 at>

> On Sunday, September 25, 2016, Jay Farrell via NANOG <nanog at>
> wrote:
>> And of course Brian Krebs has a thing or two to say, not the least is which
>> to push for BCP38 (good luck with that, right?).
> Yeh, bcp38 is not a viable solution.
> As long as their is one spoof capable network on the net, the problem will
> not be solved. While bcp38 is a true bcp, it is not a solution. It will
> not, and has not, moved the needle.

No; things which are not implemented anywhere generally don't move the needle.

You're confusing cause and effect here, I think.

You give no evidence that *pervasive implementation of 38* would *not* move
the needle, and that's where we are right now: we do not have anything that 
looks like "pervasive implementation".

*Ten* people could solve this problem.  Tomorrow.

The chief engineers of the top 10 US eyeball providers could simply sit down
and say "let's go do this thing".  And better than 80% of the potential sources
would just vanish off the face of the internet.

Do I need to go do research, and name these 10 people?  :-)

-- jra
Jay R. Ashworth                  Baylink                       jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

More information about the NANOG mailing list