nanog mailing list archives
Re: Spitballing IoT Security
From: "Ronald F. Guilmette" <rfg () tristatelogic com>
Date: Wed, 26 Oct 2016 16:40:52 -0700
In message <CAF-Wqd5sO0x5muw6uPDxMXd+h1ebCCtL9Ke9uMEc7k364OfHLA () mail gmail com> Ken Matlock <matlockken () gmail com> wrote:
- End users need to have ways to easily see what's going on over their local networks, to see botnet-like activity and DDoS participation (among other things) in a more real-time fashion
This is an interesting point. I'm not actually an ISP guy, although I do play one on TV. Anyway, I hope nobody will begrudge me if I make a couple of brief points, and then ask a rather naive question. Point: I have a DSL line which is limited to 6Mbps down and 756Kbps up. My guess is that if any typical/average user is seen to be using more than, say, 1/10 of that amount of "up" bandwidth in any one given 10 minute time period, then something is really really REALLY wrong. Point: I am already signed up with various services which will send me automated emails whenever certain events occur, e.g. when the price of 2TB WD Black drives falls below my personal threshold value. Point: My ISP knows my email address. Question: Could ISPs set something up so that each customer broadband line is continuously and individually monitored, and so that an automated email would be automagically dashed off to the customer if that customer's "up" bandwidth in some time period exceeded a value which, for that ISP, is deemed "reasonable"? (I envision the hypothetical email messages in question would consist of a non-threatening warning to the customer which would include a link to a web page where there would be a list of common things end-lusers should check for in such circumstances, along with detailed and clear instructions for how to check for each, and also a "don't ever bother me with these warnings again" checkbox, and perhaps even a friendly slider where the end-luser could adjust his personal warning threshold value, for the future.) Of course, any ISP that desperately -never- wants to receive -any- end- luser support calls quite certainly won't like this scheme. But I'm not sure that that fact alone would utterly disqualify the idea from being useful in some contexts. The real question is: Is anything even remotely along these lines even possible with existing commonly used ISP infrastructure? (If not, then just forget I mentioned it.) Regards, rfg P.S. One possible big advantage to the kind of system described above is that if an ISP received a complaint about a given customer, alleging that the customer is running a bot, then the ISP could go and look at the warning settings for that customer. If that's already been set to "don't ever bother me', then the ISP can disconnect the customer, and when the customer inevitably saquaks about that, the ISP can respond and say "We told you so."
Current thread:
- Re: Spitballing IoT Security, (continued)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 27)
- Re: Spitballing IoT Security Mark Andrews (Oct 27)
- Re: Spitballing IoT Security Ca By (Oct 27)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 27)
- Re: Spitballing IoT Security Jon Lewis (Oct 27)
- RE: Spitballing IoT Security Emille Blanc (Oct 27)
- Re: Spitballing IoT Security Rich Kulawiec (Oct 28)
- Re: Spitballing IoT Security Geoffrey Keating (Oct 27)
- Re: Spitballing IoT Security John Levine (Oct 27)
- Re: Spitballing IoT Security Leo Bicknell (Oct 27)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 26)
- Re: Spitballing IoT Security Chris Boyd (Oct 26)
- Re: Spitballing IoT Security Mark Andrews (Oct 26)
- Re: Spitballing IoT Security Mel Beckman (Oct 26)
- Re: Spitballing IoT Security tim () pelican org (Oct 27)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 27)
- Re: Spitballing IoT Security knack via NANOG (Oct 27)
- Re: Spitballing IoT Security Leo Bicknell (Oct 27)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 27)
- Re: Spitballing IoT Security Ken Matlock (Oct 27)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 27)