Krebs on Security booted off Akamai network after DDoS attack proves pricey

Patrick W. Gilmore patrick at
Sun Sep 25 21:57:42 UTC 2016

On Sep 25, 2016, at 5:50 PM, ryan landry <ryan.landry at> wrote:
> On Sun, Sep 25, 2016 at 9:07 PM, Mark Andrews <marka at> wrote:

>> This is such a golden opportunity for each of you to find compromised
>> hosts on your network or your customer's network.  The number of
>> genuine lookups of the blog vs the number of botted machine would
>> make it almost certain that anything directed at the blog is a
>> compromised machine.  A phone call to the customer / further analysis
>> would reduce the false positive rate.
>> Mark
> i wish you luck with that. explaining to grandma that her samsung smart tv
> has been rooted and needs to be updated should be good fun.
> for isp's it's a resourcing vs revenue problem. always has been. always
> will be. far more inclined to hold liable the folks that are churning out
> terribly dangerous cpe / IoT(shit). surely some regulatory body is looking
> into this.

Yeah, ‘cause that was so successful in the past.

Remember University of Wisconsin vs. D-Link and their hard-coded NTP server address?


More information about the NANOG mailing list