Krebs on Security booted off Akamai network after DDoS attack proves pricey

Ca By cb.list6 at
Sun Sep 25 17:41:12 UTC 2016

On Sunday, September 25, 2016, John Levine <johnl at> wrote:

> >> Yeh, bcp38 is not a viable solution.
> Krebs said this DDoS came from insecure IoT devices, of which there
> are a kazillion, with the numbers growing every day.  Why would they
> need to spoof IPs?  How would BCP38 help?
> R's,
> John

Worth reading to level set

The attack is triggered by a few spoofs somewhere in the world. It is not
feasible to stop this.

The attack traffic that blows up to 600gbs is from traceable iot crap , the
victim knows who is sending the packers (iot crap) and the access network
(comcast, att ...) has the AUP authority to shut it down.

One by one.

Or automated.

Please see

More information about the NANOG mailing list