nanog mailing list archives
Re: Death of the Internet, Film at 11
From: Josh Reynolds <josh () kyneticwifi com>
Date: Sat, 22 Oct 2016 18:01:31 -0500
One sec, starting a relationship with $CPEvendor... I'll let you know how this goes. "Yes, every customer I went to had malware. That's okay, right?" ;) On Oct 22, 2016 5:56 PM, "Mark Andrews" <marka () isc org> wrote:
In message <CAC6=tfYKBWBXMFHJo617q_qOMuOjEtoTDGK2pepfrMw3CybFuw@ mail.gmail.com> , Josh Reynolds writes:And then what?They get in someone to clean up their network. When they say it is clean you reconnect them. If this happens more often than once a year you charge them a months fees per additional incident. Have the year timer start when reconnect is requested. You give them what data you have to backup the claim.The labor to clean up this mess is not free. Who's responsibility is it? The grandma who got a webcam for Christmas to watch the squirrels? The ISP?... No... The vendor? What if the vendor had released a patch to fix the issue months back, and grandma hadn'tinstalledit? Making grandma and auntie Em responsible for the IT things in their house is likely not going to go well.Making the vendor responsible might work for the reputable ones to apoint,but won't work for the fly by night shops that will sell the sameproductsunder different company names and model names until they get sued or "one starred" into oblivion. Then they just change names and start all over. The ISPs won't do it because of the cost to fix... The labor andpotentialloss of customers. So once identified, how do you suggest this gets fixed? On Oct 22, 2016 5:11 PM, "Mark Andrews" <marka () isc org> wrote: One way to deal with this would be for ISP's to purchase DoS attacks against their own servers (not necessarially hosted on your own network) then look at which connections from their network attacking these machines then quarantine these connections after a delay period so that attacks can't be corollated with quarantine actions easily. This doesn't require a ISP to attempt to break into a customers machine to identify them. It may take several runs to identify most of the connections associated with a DoS provider. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org --94eb2c030b6c594dc5053f7b994f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <p dir=3D"ltr">And then what? The labor to clean up this mess is notfree. =Who's responsibility is it? The grandma who got a webcam forChristmas =to watch the squirrels? The ISP?... No... The vendor? What if the vendorha=d released a patch to fix the issue months back, and grandma hadn'tins=talled it?</p> <p dir=3D"ltr">Making grandma and auntie Em responsible for the ITthings i=n their house is likely not going to go well.</p> <p dir=3D"ltr">Making the vendor responsible might work for thereputable o=nes to a point, but won't work for the fly by night shops that willsel=l the same products under different company names and model names untilthe=y get sued or "one starred" into oblivion. Then they justchange =names and start all over.</p> <p dir=3D"ltr">The ISPs won't do it because of the cost to fix...The l=abor and potential loss of customers.</p> <p dir=3D"ltr">So once identified, how do you suggest this getsfixed?</p><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On Oct 22,2016 5=:11 PM, "Mark Andrews" <<a href=3D"mailto:marka () isc org">marka=@isc.org</a>> wrote:<br type=3D"attribution"><blockquoteclass=3D"quote"=style=3D"margin:0 0 0 .8ex;border-left:1px #cccsolid;padding-left:1ex"><b=r> One way to deal with this would be for ISP's to purchase DoSattacks<br=against their own servers (not necessarially hosted on your own<br> network) then look at which connections from their network attacking<br> these machines then quarantine these connections after a delay<br> period so that attacks can't be corollated with quarantineactions<br>easily.<br> <br> This doesn't require a ISP to attempt to break into a customers<br> machine to identify them.=C2=A0 It may take several runs to identify<br> most of the connections associated with a DoS provider.<br> <font color=3D"#888888"><br> --<br> Mark Andrews, ISC<br> 1 Seymour St., Dundas Valley, NSW 2117, Australia<br> PHONE: <a href=3D"tel:%2B61%202%209871%204742"value=3D"+61298714742">+61 2=9871 4742</a>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=C2==A0INTERNET: <a href=3D"mailto:marka () isc org">marka () isc org</a><br> </font></blockquote></div><br></div> --94eb2c030b6c594dc5053f7b994f---- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: Death of the Internet, Film at 11, (continued)
- Re: Death of the Internet, Film at 11 Jean-Francois Mezei (Oct 22)
- Re: Death of the Internet, Film at 11 Ronald F. Guilmette (Oct 23)
- Re: Death of the Internet, Film at 11 Valdis . Kletnieks (Oct 23)
- Re: Death of the Internet, Film at 11 Rich Kulawiec (Oct 24)
- Re: Death of the Internet, Film at 11 sthaug (Oct 23)
- Re: Death of the Internet, Film at 11 Mark Andrews (Oct 22)
- Message not available
- Message not available
- Re: Death of the Internet, Film at 11 Josh Reynolds (Oct 22)
- Re: Death of the Internet, Film at 11 Mark Foster (Oct 22)
- Re: Death of the Internet, Film at 11 Josh Reynolds (Oct 22)
- Re: Death of the Internet, Film at 11 Mark Andrews (Oct 22)
- Re: Death of the Internet, Film at 11 Josh Reynolds (Oct 22)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 jim deleskie (Oct 23)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 Martin Hannigan (Oct 23)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 Jean-Francois Mezei (Oct 23)
- Re: Death of the Internet, Film at 11 Aaron C. de Bruyn via NANOG (Oct 23)
- Re: Death of the Internet, Film at 11 Jean-Francois Mezei (Oct 23)
- Re: Death of the Internet, Film at 11 Eric S. Raymond (Oct 23)
- Re: Death of the Internet, Film at 11 Ronald F. Guilmette (Oct 23)