You must not support end users.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Mark Andrews" <ma...@isc.org> To: "Roland Dobbins" <rdobb...@arbor.net> Cc: nanog@nanog.org Sent: Monday, September 26, 2016 11:43:36 PM Subject: Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey In message <b796c128-afdf-45a1-b5af-c29bff06e...@arbor.net>, Roland Dobbins wri tes: > > On 27 Sep 2016, at 6:58, Christopher Morrow wrote: > > > wouldn't something as simple as netflow/sflow/ipfix synthesized on the > > CPE and kept for ~30mins (just guessing) in a circular buffer be 'good > > enough' to present a pretty clear UI to the user? > > +1 for this capability in CPE. > > OTOH, it will be of no use whatsoever to the user. Providing the user > with access to anomalous traffic feeds won't help, either. > > Users aren't going to call in some third-party service/support company, > either. Why not? You call a washing machine mechanic when the washing machine plays up. This is not conceptually different. > It call comes down to the network operator, one way or another. There's > no separation in the public mind of 'my network' from 'the Internet' > that is analogous to the separation between 'the power company' and 'the > electrical wiring in my house/apartment' (and even in that space, the > conceptual separation often isn't present). Actually I don't believe that. They do know what machines they have have connected to their home network. Boxes don't magically connect. Every machine was explictly connected. Mark > ----------------------------------- > Roland Dobbins <rdobb...@arbor.net> -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
