Krebs on Security booted off Akamai network after DDoS attack proves pricey

Ca By cb.list6 at
Sun Sep 25 17:50:50 UTC 2016

On Sunday, September 25, 2016, jim deleskie <deleskie at> wrote:

> Sorry but you are mistaken. I've worked at Sr. levels for several LARGE
> and medium sized networks.
> mazel tov

> What does it cost and what do we make doing it, over rules what is "good
> for the internet" every time it came up.
100% agree

Thats why i want to see a pie chart of attribution. Charter had this,
vz had that, and so on.

Headline reads "xyz isp totally hacked network overrun with bots takes down
journalists...FCC and DHS demand heads role ... congress yells at ceo...
investors dump stock"

Perhaps release the article to the brass first, with an alternate ate
 headline "xyz isp seriously commit to security partners to secure critical
infrastructure "

You have 2 weeks to pick the story

> On Sun, Sep 25, 2016 at 2:27 PM, Ca By <cb.list6 at
> <javascript:_e(%7B%7D,'cvml','cb.list6 at');>> wrote:
>> On Sunday, September 25, 2016, John Kristoff <jtk at
>> <javascript:_e(%7B%7D,'cvml','jtk at');>> wrote:
>> > On Sun, 25 Sep 2016 14:36:18 +0000
>> > Ca By <cb.list6 at
>> <javascript:_e(%7B%7D,'cvml','cb.list6 at');> <javascript:;>>
>> wrote:
>> >
>> > > As long as their is one spoof capable network on the net, the problem
>> > will
>> > > not be solved.
>> >
>> > This is not strictly true.  If it could be determined where a large
>> > bulk of the spoofing came from, public pressure could be applied.  This
>> > may not have been the issue in this case, but in many amplification and
>> > reflection attacks, the originating spoof-enabled networks were from a
>> > limited set of networks.  De-peering, service termination, shaming, etc
>> > could have an effect.
>> >
>> > John
>> >
>> Ok, sorry for the not being exact. I am trying to be practical.
>> My point is, a lot of access networks will respond to public pressure if
>> the data is exposed on the offending real ips of the iot crap, and they
>> will enforce their AUP.
>> We have seen comcast do just that, on this list a few months back. That
>> path has legs.
>> Google also blocks service to certain hacked networks as well, we have
>> seen
>> that on this list too. That is an interesting angle in the krebs case.
>> Will
>> google block service to folks sharing ip with the iot  ddos mess ?

More information about the NANOG mailing list