Krebs on Security booted off Akamai network after DDoS attack proves pricey

jim deleskie deleskie at
Sun Sep 25 17:41:21 UTC 2016

Sorry but you are mistaken. I've worked at Sr. levels for several LARGE and
medium sized networks.  What does it cost and what do we make doing it,
over rules what is "good for the internet" every time it came up.

On Sun, Sep 25, 2016 at 2:27 PM, Ca By <cb.list6 at> wrote:

> On Sunday, September 25, 2016, John Kristoff <jtk at> wrote:
> > On Sun, 25 Sep 2016 14:36:18 +0000
> > Ca By <cb.list6 at <javascript:;>> wrote:
> >
> > > As long as their is one spoof capable network on the net, the problem
> > will
> > > not be solved.
> >
> > This is not strictly true.  If it could be determined where a large
> > bulk of the spoofing came from, public pressure could be applied.  This
> > may not have been the issue in this case, but in many amplification and
> > reflection attacks, the originating spoof-enabled networks were from a
> > limited set of networks.  De-peering, service termination, shaming, etc
> > could have an effect.
> >
> > John
> >
> Ok, sorry for the not being exact. I am trying to be practical.
> My point is, a lot of access networks will respond to public pressure if
> the data is exposed on the offending real ips of the iot crap, and they
> will enforce their AUP.
> We have seen comcast do just that, on this list a few months back. That
> path has legs.
> Google also blocks service to certain hacked networks as well, we have seen
> that on this list too. That is an interesting angle in the krebs case. Will
> google block service to folks sharing ip with the iot  ddos mess ?

More information about the NANOG mailing list