nanog mailing list archives

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

From: Ca By <cb.list6 () gmail com>
Date: Sun, 25 Sep 2016 10:27:01 -0700

On Sunday, September 25, 2016, John Kristoff <jtk () depaul edu> wrote:

On Sun, 25 Sep 2016 14:36:18 +0000
Ca By <cb.list6 () gmail com <javascript:;>> wrote:

As long as their is one spoof capable network on the net, the problem

will

not be solved.


This is not strictly true.  If it could be determined where a large
bulk of the spoofing came from, public pressure could be applied.  This
may not have been the issue in this case, but in many amplification and
reflection attacks, the originating spoof-enabled networks were from a
limited set of networks.  De-peering, service termination, shaming, etc
could have an effect.

John


Ok, sorry for the not being exact. I am trying to be practical.

My point is, a lot of access networks will respond to public pressure if
the data is exposed on the offending real ips of the iot crap, and they
will enforce their AUP.

We have seen comcast do just that, on this list a few months back. That
path has legs.

Google also blocks service to certain hacked networks as well, we have seen
that on this list too. That is an interesting angle in the krebs case. Will
google block service to folks sharing ip with the iot  ddos mess ?

Current thread:

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey, (continued)
- - - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John R. Levine (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 27)
    - Message not available
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John Kristoff (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Ca By (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey jim deleskie (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Ca By (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Alexander Lyamin (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mark Andrews (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ryan landry (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Patrick W. Gilmore (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Livingood, Jason (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Dale W. Carder (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eygene Ryabinkin (Sep 27)

(Thread continues...)