On Tue, 25 Oct 2016 18:54:22 -0500, Larry Sheldon said:
> What is it? 20 years? since the first time I was banned from NANOG for
> saying that the world would be a nicer place if EVERY true router
> refused to forward a packet whose SOURCE could not be reached from the
> port question. (May not b
On 10/25/2016 08:26, Rich Kulawiec wrote:
On Fri, Oct 21, 2016 at 10:53:42PM -0700, Ronald F. Guilmette wrote:
Recent events, like the Krebs DDoS and the even bigger OVH DDoS, and
today's events make it perfectly clear to even the most blithering of
blithering idiots that network operators, en
On October 25, 2016 at 01:28 r...@tristatelogic.com (Ronald F. Guilmette) wrote:
>
> The fundamental economics have not changed. It pays to design and ship
> things. It doesn't pay to support them afterwards. This isn't going to
> change.
>
> It is common to include "goodwill" on the ba
On October 24, 2016 at 23:46 j...@nuclearfallout.net (John Weekes) wrote:
> > Are they all sent in English?
>
> Currently, mine are.
>
> > Just curious but one wonders what most here would do with an abuse
> > complaint sent to them in Chinese?
>
> If I were to receive one in Chinese, I
The problem is first you have to even recognize it's an abuse
complaint worth spending another second over. For example one gets a
lot of spam to abuse addresses, or I do anyhow. And much of it seems
to be in some character set other than Latin-1.
On October 24, 2016 at 21:58 eyeronic.des...@gmai
On Fri, Oct 21, 2016 at 10:53:42PM -0700, Ronald F. Guilmette wrote:
> Recent events, like the Krebs DDoS and the even bigger OVH DDoS, and
> today's events make it perfectly clear to even the most blithering of
> blithering idiots that network operators, en mass, have to start scanning
> their own
> On Oct 24, 2016, at 11:37 PM, b...@theworld.com wrote:
>
> Just curious but one wonders what most here would do with an abuse
> complaint sent to them in Chinese?
I’ve received a few of these, and if the email included an IP address or domain
name on our networks, I’d run the thing through Go
In message <4FBAFC2ECF5D6244BA4A26C1C94A1E270D579C1CD9@exchange>,
Emille Blanc wrote:
>I can recall at least a half-dozen scenarios where the customer actually
>takes up the problem with the manufacturer. In each of those cases, and
>they're effectively told to push off because the devices are
On 10/24/2016 9:37 PM, b...@theworld.com wrote:
As I've suggested before how much would you attribute this to a lack
of English skills by recipients?
I do not think that is a significant factor.
Here are some points along those lines:
- ab...@cnc-noc.net times out. It's not a matter of whethe
Run it through Google translate?
On Oct 24, 2016 9:40 PM, wrote:
>
> On October 23, 2016 at 22:56 j...@nuclearfallout.net (John Weekes) wrote:
> > For the IoT botnets, most of the emails are ignored or rejected, because
> > most go to providers who either quietly bitbucket them or flat-out
>
On October 23, 2016 at 22:56 j...@nuclearfallout.net (John Weekes) wrote:
> For the IoT botnets, most of the emails are ignored or rejected, because
> most go to providers who either quietly bitbucket them or flat-out
> reject all abuse emails. Most emails sent to mainland China, for
> inst
> 0 - to get an idea of the vast scale of cgn deployment see philipp's
> preso of our imc paper from ripe 75
let's try again. how about ripe 73. specifically,
https://ripe73.ripe.net/archives/video/1244/
randy
On Sun, Oct 23, 2016 at 11:23 PM, Richard Holbo wrote:
> That said... getting end users to actually fix the broken routers etc. etc.
> is NOT easy.Very often we'll notify customers, they will _take their
> stuff to the local computer repair guy_ ... or office depo and they
> will run whate
>> Could mobile phones become a source of such attacks ?
>
> Depends both on the phone and on the network. But since Dyn-style
> attacks don't use IP spoofing, it doesn't really matter.
J-F's question was not about ip spoofing, but rather the infected
devices being behind nats. in the states, m
-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Richard Holbo
>Sent: October-23-16 11:23 PM
>To: John Weekes
>Cc: NANOG
>Subject: Re: Death of the Internet, Film at 11
>
>I run/manage the networks for several smallish (in the thousands o
>Dumb question:
>
>If some camera, vaccum cleaner, toothbrush or refrigirator is behind
>NAT, can it do IP spoofing ? Won't the "from" address be replaced by
>the CPE router with the proper IP address assigned to that customer so
>that on the Internet itself, that packet will travel with a real IP
Dumb question:
If some camera, vaccum cleaner, toothbrush or refrigirator is behind
NAT, can it do IP spoofing ? Won't the "from" address be replaced by
the CPE router with the proper IP address assigned to that customer so
that on the Internet itself, that packet will travel with a real IP
routa
On Mon, Oct 24, 2016 at 7:46 AM, Eliot Lear wrote:
>
>
> On 10/24/16 4:03 PM, Ca By wrote:
>
>
> Please elaborate on concrete evidence to support your claim the CPE market
> is changing.
>
>
> If you can't see that then you're not paying attention.
>
> Eliot
>
>
Not helpful. Reflects the weakness
On 10/24/16 4:03 PM, Ca By wrote:
>
> Please elaborate on concrete evidence to support your claim the CPE
> market is changing.
If you can't see that then you're not paying attention.
Eliot
signature.asc
Description: OpenPGP digital signature
On Mon, Oct 24, 2016 at 6:22 AM, Eliot Lear wrote:
> Hi,
>
>
> On 10/24/16 3:06 PM, Ca By wrote:
> >
> > Assuming MUD is successful in the ietf, the cpe lifecycle is 10 years
> > before the needle moves. At which point the target will have morphed
> > to something else. Also, nobody is going to p
Hi,
On 10/24/16 3:06 PM, Ca By wrote:
>
> Assuming MUD is successful in the ietf, the cpe lifecycle is 10 years
> before the needle moves. At which point the target will have morphed
> to something else. Also, nobody is going to pay for that feature. Just
> like the early days of ipv6, the econom
On Monday, October 24, 2016, Eliot Lear wrote:
> Hi Leo and all,
>
> Well, here we are together again ;-) Please see below.
>
>
> On 10/22/16 2:53 PM, Leo Bicknell wrote:
> > In a message written on Sat, Oct 22, 2016 at 07:34:55AM -0500, Mike
> Hammett wrote:
> >> "taken all necessary steps to in
Hi Leo and all,
Well, here we are together again ;-) Please see below.
On 10/22/16 2:53 PM, Leo Bicknell wrote:
> In a message written on Sat, Oct 22, 2016 at 07:34:55AM -0500, Mike Hammett
> wrote:
>> "taken all necessary steps to insure that none of the numerous specific
>> types of CCVT thi
You CAN actually block things, within reason. The caveat is you simply have
to disclose it. There is a 'reasonable network management' clause. IANAL,
please consult your telecommunications legal team.
On Oct 24, 2016 1:25 AM, "Richard Holbo" wrote:
> I run/manage the networks for several smallis
On Mon, Oct 24, 2016 at 02:29:02AM -0400, valdis.kletni...@vt.edu wrote:
> A few years ago, Vint Cerf gave a keynote speech at a conference, where he
> claimed that there were 140 million pwned devices on the Internet - and this
> was before IoT was itself a thing.
>
> Not one person in the securi
Question:
For something like Mirai and others, there appears to be a timer that
starts the attack at a certain day/time (with unknown amount of time to
distribute the software to any/all infectable devices prior to attack).
Do these generally have a timer to also stop the attack and go dormant
aw
On Sat, 22 Oct 2016 19:22:04 -0400, Jean-Francois Mezei said:
> 10s of millons of IP addresses. Is it realistic to have 10s of millions
> of infected devices ? Or is that the dense smoke that points to IP
> spoofing ?
A few years ago, Vint Cerf gave a keynote speech at a conference, where he
clai
I run/manage the networks for several smallish (in the thousands of
customers) eyeball ISP's and I appreciate a nice "hey you've got a bot" or
"someone is scanning" me notice to my abuse emails. They are useful in
identifying crap that's going on, so for those of you who have the
resources to do
On 10/23/2016 4:19 PM, Ronald F. Guilmette wrote:
... I've recorded
about 2.4 million IP addresses involved in the last two months (a number
that is higher than the number of actual devices, since most seem to
have dynamic IP addresses). The ISPs behind those IP addresses have
received notifica
Aaron C. de Bruyn via NANOG :
> On Sun, Oct 23, 2016 at 12:41 PM, wrote:
> >
> > Assuming these manufacturers who are culpable carry product liability
> > insurance go to their insurance companies and explain the situation.
>
> Cheaper solution: Start a company, build crappy firmware, carry
> pr
A bit tidbits of information from:
> http://www.networkworld.com/article/3134035/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-attack.html
Chinese firm admits its hacked products were behind Friday's massive
DDOS attack
Hangzhou Xiongmai Technology, a vendor behind D
On Sun, Oct 23, 2016 at 12:41 PM, wrote:
>
> Assuming these manufacturers who are culpable carry product liability
> insurance go to their insurance companies and explain the situation.
Cheaper solution: Start a company, build crappy firmware, carry
product liability insurance, release the produ
On 10/23/2016 21:02, David Conrad wrote:
Shut down subnets of your own customers?
That was the problem I broke my pick on 20 years or more ago.
ISPs absolute refusal to put in filters at no-revenue-expense since it
would cost money to install and maintain, and worst of all MIGHT
conceivab
On 10/23/2016 07:02 PM, David Conrad wrote:
> On October 23, 2016 at 6:52:05 PM, Stephen Satchell (l...@satchell.net) wrote:
> So, bottom line, nothing is going to happen until the cost to those
> negligent provides rises so high as to affect profits. Period.
> Yep. Or government intervention.
>
On October 23, 2016 at 6:52:05 PM, Stephen Satchell (l...@satchell.net) wrote:
So, bottom line, nothing is going to happen until the cost to those
negligent provides rises so high as to affect profits. Period.
Yep. Or government intervention.
Larger eyeball operators could help, by shutting dow
On 10/23/2016 04:19 PM, Ronald F. Guilmette wrote:
> I guess that's just an example of what somebody else already noted here,
> i.e. that providers don't care to spend the time and/or effort and/or
> money necessary to actually -do- anything about compromised boxes, and
> anyway, they don't want to
g access to their
> customers networks to the botherders so they could make money from both
> ends.
>
>
>
> ---
> Sent from Samsung Mobile
>
>
>
> Original message From: "Ronald F.
> Guilmette" Date:2016-10-23 17:20
> (GMT-07:00) To: Cc: nanog@nanog.org
> Subject: Re: Death of the Internet, Film at 11
>
;Ronald F. Guilmette"
Cc: "NANOG"
Sent: Sunday, October 23, 2016 8:39:52 PM
Subject: Re: Death of the Internet, Film at 11
Why would the provider want to do anything? They suuport (make money from)
their cudtomers. And the more traffic the send/receive, the more money the
provid
make money from both ends.
---
Sent from Samsung Mobile
Original message From: "Ronald F. Guilmette"
Date:2016-10-23 17:20 (GMT-07:00)
To: Cc: nanog@nanog.org Subject: Re: Death of
the Internet, Film at 11
On October 23, 2016 at 17:14 hanni...@gmail.com (Martin Hannigan) wrote:
> >
>
>On Oct 23, 2016, at 16:26, b...@theworld.com wrote:
>
>
>
>I'm not sure who you mean when you say "people". My reference was to
>manufacturers of IoT devices only.
>
>
>The users are not going to be able to
In message <874m43qsk2@mid.deneb.enyo.de>,
Florian Weimer wrote:
>Not that the underlying threat will go away until we find a way to
>clean up almost all of the compromised devices (and without breaking
>the Internet along the way, forever).
The Internet *is* already broken.
After the att
In message <26b01962-9b09-11cb-0ac8-89cf3e0a5...@nuclearfallout.net>,
John Weekes wrote:
>... I've recorded
>about 2.4 million IP addresses involved in the last two months (a number
>that is higher than the number of actual devices, since most seem to
>have dynamic IP addresses). The ISPs be
In message <580bf49c.5090...@vaxination.ca>,
Jean-Francois Mezei wrote:
>10s of millons of IP addresses. Is it realistic to have 10s of millions
>of infected devices ? Or is that the dense smoke that points to IP
>spoofing ?
I haven't read the latest up-to-the-minute reports on this event, but
In message
Josh Reynolds wrote:
>And then what? The labor to clean up this mess is not free...
>...
>The ISPs won't do it because of the cost to fix... The labor and potential
>loss of customers.
Yes, and yes.
Unfortunately, the economics of the current situation are rather clearly
and rather
On 2016-10-23 15:46, jim deleskie wrote:
> Sure lets sue people because they put too many/bad packets/packets I don't
> like on the internet. Do you think this will really solve the porblem? Do
> you think we'll not just all end up with internet prices like US medical
> care prices?
If this wer
> On Oct 23, 2016, at 16:26, b...@theworld.com wrote:
>
>
> I'm not sure who you mean when you say "people". My reference was to
> manufacturers of IoT devices only.
The users are not going to be able to help. You're right, it's all about the
manufacturers. If you can remove or reduce profits
I'm not sure who you mean when you say "people". My reference was to
manufacturers of IoT devices only.
But as I said in the note which you quoted lawsuits might be helpful
but aren't necessary.
One just has to get underwriters of the manufacturers' product
liability insurance to acknowledge the
Sure lets sue people because they put too many/bad packets/packets I don't
like on the internet. Do you think this will really solve the porblem? Do
you think we'll not just all end up with internet prices like US medical
care prices?
On Sun, Oct 23, 2016 at 4:41 PM, wrote:
>
> >So once identi
>So once identified, how do you suggest this gets fixed?
Assuming these manufacturers who are culpable carry product liability
insurance go to their insurance companies and explain the situation.
Better would be someone launching a product liability lawsuit against
one of them but it's not neces
I think you make a very good point with the TRS80 etc comment, at
least implicitly: it's not just the vulnerable IoT devices, some sort
of infrastructure is needed to get the attack going at the volume
we've seen.
And perhaps therein lies an answer.
On October 22, 2016 at 16:47 jfmezei_na...@vax
Clinton,
On 10/23/2016 8:12 AM, clinton mielke wrote:
My question for you guys, since Im a theoretician and not a seasoned
operator: how feasible or legal is it to find telnet scanning activity or
any of these passwords in high-bandwidth netflows? If its feasible, then
this at least gets you t
Clinton,
This is excellent information. While it's not possible to see passwords in
netflows (only headers are included, not packet contents), it's a sure thing
that attacked victims could extract a list of infected machines from the IP
address scan and then run verification scans against just
A number of people are asking for advice on how to detect this bug. Here
are some thoughts. Im a mathematician, and not a network operator, so would
love feedback.
The source code of Mirai is here, and Ive had some fun taking it apart over
the last week:
https://krebsonsecurity.com/2016/10/hacked-
* Randy Bush:
>> What does BCP38 have to do with this?
>
> nothing technical, as these iot attacks are not spoofed.
How do you know? Has anyone disclosed specifics?
I can understand that keeping details under wraps is sometimes
required for operational security, but if the attacks are clearly
s
* Keith Medcalf:
> On: Saturday, 22 October, 2016 17:41, Jean-Francois Mezei
> wrote:
>
>> On 2016-10-22 19:03, Keith Medcalf wrote:
>
>> > This does not follow and is not a natural consequence of sealing the
>> little buggers up so that they cannot affect the Internet
>
>> Problem is that ma
* David Conrad:
> Maybe (not sure) one way would be to examine your resolver query logs
> to look for queries for names that fit domain generation algorithm
> patterns, then tracking down the customers/devices that are issuing
> those queries and politely suggest they remove the malware on their
>
>From Dyn's statement,
http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.html
we have
"After restoring service, Dyn experienced a second wave of attacks
just before noon ET. This second wave was more global in nature
(i.e. not limited to our East Coast POPs),
Ok, so this mailing list is a list of network operators. Swell. Every
network operator who can do so, please raise your hand if you have
*recently* scanned you own network and if you can -honestly- attest
that you have taken all necessary steps to insure that none of the
numerous specific typ
Modern medicine, sanitation, and sedentary lifestyles for the developed
world have effectively culled natural selection for most internet users.
On Oct 22, 2016 7:16 PM, "Keith Medcalf" wrote:
>
> On: Saturday, 22 October, 2016 17:41, Jean-Francois Mezei <
> jfmezei_na...@vaxination.ca> wrote:
>
On: Saturday, 22 October, 2016 17:41, Jean-Francois Mezei
wrote:
> On 2016-10-22 19:03, Keith Medcalf wrote:
> > This does not follow and is not a natural consequence of sealing the
> little buggers up so that they cannot affect the Internet
> Problem is that many of these gadgets want to be
> On Oct 22, 2016 5:11 PM, "Mark Andrews" wrote:
> One way to deal with this would be for ISP's to purchase DoS attacks
> against their own servers (not necessarially hosted on your own
> network) then look at which connections from their network attacking
> these machines then quarantine these
I was referring to your use case and it being a business, for residential I
agree with you.
Sent from my iPhone
On Oct 22, 2016, at 12:21 PM, jim deleskie
mailto:deles...@gmail.com>> wrote:
Sure, but now we put it outside the skill level of 99.99% of the people that
don't read and understand
VPNs can accomplish this without opening ports directly to devices.
Luke
Sent from my iPhone
On Oct 22, 2016, at 12:06 PM, jim deleskie
mailto:deles...@gmail.com>> wrote:
It is also likely the desired use case. In my office I like to be able to
login when needed when on the road, when the al
On 2016-10-22 18:35, Ray Van Dolson wrote:
> https://urldefense.proofpoint.com/v2/url?u=http-3A__hub.dyn.com_dyn-2Dblog_dyn-2Dstatement-2Don-2D10-2D21-2D2016-2Dddos-2Dattack&d=DQIBAg&c=n6-cguzQvX_tUIrZOS_4Og&r=r4NBNYp4yEcJxC11Po5I-w&m=iGvkbfzRJPqKO1A6YGa-c1m0RBLNkRk03hCjvVGTH3k&s=bScBNFncB3kt_cG0L3
One sec, starting a relationship with $CPEvendor...
I'll let you know how this goes.
"Yes, every customer I went to had malware. That's okay, right?"
;)
On Oct 22, 2016 5:56 PM, "Mark Andrews" wrote:
>
> In message mail.gmail.com>
> , Josh Reynolds writes:
> >
> > And then what?
>
> They get
In message
, Josh Reynolds writes:
>
> And then what?
They get in someone to clean up their network. When they say it
is clean you reconnect them. If this happens more often than once
a year you charge them a months fees per additional incident. Have
the year timer start when reconnect is re
ot;Jean-Francois Mezei"
> Cc: nanog@nanog.org
> Sent: Saturday, October 22, 2016 4:45:13 PM
> Subject: Re: Death of the Internet, Film at 11
>
> On Sat, Oct 22, 2016 at 1:47 PM, Jean-Francois Mezei
> wrote:
> > Generic question:
> >
> > The
I wish you luck with your plan, and please subscribe me to your newsletter
in digest format.
On Oct 22, 2016 5:32 PM, "Mark Foster" wrote:
> The person who owns the internet connection still has responsibility for
> what happens on it.
>
> So if the owners are educated to select reputable brands
org
> Sent: Saturday, October 22, 2016 4:45:13 PM
> Subject: Re: Death of the Internet, Film at 11
>
> On Sat, Oct 22, 2016 at 1:47 PM, Jean-Francois Mezei
> wrote:
> > Generic question:
> >
> > The media seems to have concluded it was an "internet of thin
The person who owns the internet connection still has responsibility for
what happens on it.
So if the owners are educated to select reputable brands in order to
prevent themselves from being implicated in a DDoS and liable for a fine
or some other punitive thing, they 'vote with their feet' a
And then what? The labor to clean up this mess is not free. Who's
responsibility is it? The grandma who got a webcam for Christmas to watch
the squirrels? The ISP?... No... The vendor? What if the vendor had
released a patch to fix the issue months back, and grandma hadn't installed
it?
Making gra
One way to deal with this would be for ISP's to purchase DoS attacks
against their own servers (not necessarially hosted on your own
network) then look at which connections from their network attacking
these machines then quarantine these connections after a delay
period so that attacks can't be c
That's what VPNs are for.
On 10/22/2016 10:04 AM, jim deleskie wrote:
> It is also likely the desired use case. In my office I like to be able to
> login when needed when on the road, when the alarm company calls me at 2am
> for a false alarm so I don't have to get someone else out of bed to have
anog@nanog.org
Sent: Saturday, October 22, 2016 4:45:13 PM
Subject: Re: Death of the Internet, Film at 11
On Sat, Oct 22, 2016 at 1:47 PM, Jean-Francois Mezei
wrote:
> Generic question:
>
> The media seems to have concluded it was an "internet of things" that
> c
On Sat, Oct 22, 2016 at 1:47 PM, Jean-Francois Mezei
wrote:
> Generic question:
>
> The media seems to have concluded it was an "internet of things" that
> caused this DDoS.
>
> I have not seen any evidence of this. Has this been published by an
> authoritative source or is it just assumed?
Flash
> Vast majority of homes are behind NAT, which means that an incoming
> packet has very little chance of reaching the IoT gizmo.
UPNP exposes many IoT devices to the Internet, plus they're always exposed on
the LAN, where many viruses find them and use backdoors to conscript them.
Several bad a
Generic question:
The media seems to have concluded it was an "internet of things" that
caused this DDoS.
I have not seen any evidence of this. Has this been published by an
authoritative source or is it just assumed?
Has the type of device involved been identified?
I am curious on how some hac
Mike,
On October 22, 2016 at 8:09:34 AM, Mike Hammett (na...@ics-il.net) wrote:
How can I as a network operator seek out and eliminate the sources of these
attacks?
Maybe (not sure) one way would be to examine your resolver query logs to look
for queries for names that fit domain generation al
Sure, but now we put it outside the skill level of 99.99% of the people
that don't read and understand this list.
-jim
On Sat, Oct 22, 2016 at 2:09 PM, Luke Guillory
wrote:
> VPNs can accomplish this without opening ports directly to devices.
>
> Luke
>
>
> *Sent from my iPhone*
>
> On Oct 22,
t-IX
http://www.midwest-ix.com
- Original Message -
From: "Chris Boyd"
To: "Elizabeth Zwicky via NANOG"
Sent: Saturday, October 22, 2016 11:42:05 AM
Subject: Re: Death of the Internet, Film at 11
> On Oct 22, 2016, at 7:34 AM, Mike Hammett wrote:
>
&g
It is also likely the desired use case. In my office I like to be able to
login when needed when on the road, when the alarm company calls me at 2am
for a false alarm so I don't have to get someone else out of bed to have
them dispatched to check on the site.
-jim
On Sat, Oct 22, 2016 at 1:42 PM
> On Oct 22, 2016, at 7:34 AM, Mike Hammett wrote:
>
> "taken all necessary steps to insure that none of the numerous specific types
> of CCVT thingies that Krebs and others identified"
>
> Serious question... how?
Putting them behind a firewall without general Internet access seems to work
al Message -
From: "Brandon Butterworth"
To: na...@ics-il.net
Cc: nanog@nanog.org
Sent: Saturday, October 22, 2016 10:02:42 AM
Subject: Re: Death of the Internet, Film at 11
> From nanog-boun...@nanog.org Sat Oct 22 15:51:34 2016
> If they are easy to trace, then it
> From nanog-boun...@nanog.org Sat Oct 22 15:51:34 2016
> If they are easy to trace, then it should be easy for you to
> tell me how to find them on my network.
Not sure if you're trolling now, apologies if what I wrote
wasn't clear.
If you did want to find them before they attack then you coul
.org
Sent: Saturday, October 22, 2016 9:41:52 AM
Subject: Re: Death of the Internet, Film at 11
> "their" Whose addresses are known
The "CCVT thingies" you refer to. Unlike spoof
attacks these are easy to trace
> and who are they known to?
Those who were attacked
On Sat, Oct 22, 2016 at 03:22:55PM +0100, Brandon Butterworth wrote:
> Well their addresses are now known so one way would be for each ISP to
> drop traffic from them. If people don't fix them why should these
> devices stay on the net?
Bingo. The manufacturer of these decided to build them as ch
> "their" Whose addresses are known
The "CCVT thingies" you refer to. Unlike spoof
attacks these are easy to trace
> and who are they known to?
Those who were attacked by them or worked on mitigation of
the attack. If not this time then they should next time
as there will be a next time.
> Some
.midwest-ix.com
- Original Message -
From: "Brandon Butterworth"
To: na...@ics-il.net
Cc: nanog@nanog.org
Sent: Saturday, October 22, 2016 9:22:55 AM
Subject: Re: Death of the Internet, Film at 11
> From: Mike Hammett
> "taken all necessary steps to insure that none
> From: Mike Hammett
> "taken all necessary steps to insure that none of the numerous specific types
> of CCVT thingies that Krebs and others identified"
>
> Serious question... how?
Well their addresses are now known so one way would be for each ISP to
drop traffic from them. If people don't
On 10/22/2016 05:34 AM, Mike Hammett wrote:
> "taken all necessary steps to insure that none of the numerous specific types
> of CCVT thingies that Krebs and others identified"
>
> Serious question... how?
>
Network operators can only do so much. By the time traffic enters into
an ISP's traf
In a message written on Sat, Oct 22, 2016 at 07:34:55AM -0500, Mike Hammett
wrote:
> "taken all necessary steps to insure that none of the numerous specific types
> of CCVT thingies that Krebs and others identified"
From
https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-ma
- Original Message -
From: "Ronald F. Guilmette"
To: nanog@nanog.org
Sent: Saturday, October 22, 2016 12:53:42 AM
Subject: Re: Death of the Internet, Film at 11
Laszlo Hanyecz wrote:
>What does BCP38 have to do with this?
Your're right. That's not specifically
Then, again, Ayn Rands idea of "sex" was to get slapped around first.. I
am not sure I would
acquire my "life philosophy" from her
and, as *proudly* *independent* as she was, in the end, she relied upon
American Social Security
to get by
talk is cheap.
On 10/21/2016 09:02 PM, James D
Laszlo Hanyecz wrote:
>What does BCP38 have to do with this?
Your're right. That's not specifically related to *this* attack. Nobody
needs to spoof anything when you've got a zillion fire hoses just lying
around where any 13 year old can command them from the TRS 80 in his mom's
basement. (I'
7:52:42 PM
Subject: Re: Death of the Internet, Film at 11
On 2016-10-22 00:39, Ronald F. Guilmette wrote:
> P.S. To all of you Ayn Rand devotees out there who still vociferously
> argue that it's nobody else's business how you monitor or police your
> "private&
>>> What does BCP38 have to do with this?
>> nothing technical, as these iot attacks are not spoofed.
>> think of it as a religion.
> I'm going to save this e-mail forever!
no extra charge
we deploy it more than most. we talk about it less than most. and
every time something untoward happens on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/21/2016 8:08 PM, Randy Bush wrote:
>> What does BCP38 have to do with this?
>
> nothing technical, as these iot attacks are not spoofed.
>
> think of it as a religion.
>
I'm going to save this e-mail forever!
Cheers,
- - ferg
- --
Pau
> What does BCP38 have to do with this?
nothing technical, as these iot attacks are not spoofed.
think of it as a religion.
> On Oct 21, 2016, at 17:39, Ronald F. Guilmette wrote:
> P.S. To all of you Ayn Rand devotees out there who still vociferously
> argue that it's nobody else's business how you monitor or police your
> "private" networks, and who still refuse to take even minimalist steps
What does Ayn Rand ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/21/2016 5:52 PM, Laszlo Hanyecz wrote:
>
> On 2016-10-22 00:39, Ronald F. Guilmette wrote:
>> P.S. To all of you Ayn Rand devotees out there who still
>> vociferously argue that it's nobody else's business how you
>> monitor or police your "
1 - 100 of 101 matches
Mail list logo
