Re: Death of the Internet, Film at 11

[Mike Hammett <nanog () ics-il net>]

"their" Whose addresses are known and who are they known to? I certainly don't know the addresses of anyone involved. 
Some work can produce Dyn allocations, I suppose. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Brandon Butterworth" <brandon () rd bbc co uk> 
To: nanog () ics-il net 
Cc: nanog () nanog org 
Sent: Saturday, October 22, 2016 9:22:55 AM 
Subject: Re: Death of the Internet, Film at 11 

> From: Mike Hammett <nanog () ics-il net> 
> "taken all necessary steps to insure that none of the numerous specific types of CCVT thingies that Krebs and others 
> identified" 
>
> Serious question... how? 

Well their addresses are now known so one way would be for each ISP to 
drop traffic from them. If people don't fix them why should these 
devices stay on the net? If say Comcast has a million of them it might 
be tricky to scale but not impossible 

It'd take a bit of effort and care to aggregate and disseminate the 
data to each responsible AS, there'd be risk of bad guys getting the 
data and false positives/people spoofing to attack others. They'd also 
be building a tool that some might try to hijack for other purposes. 

None of that is an excuse to do nothing as is usually the result with 
any suggested measure that involves doing work to fix a problem 

I know ISPs generaly don't want the support calls but they'll end up 
with them and a legislative burden with commerial liability if they 
don't sort it out themselves. 

brandon