Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

[Roland Dobbins <rdobbins () arbor net>]

On 27 Sep 2016, at 11:43, Mark Andrews wrote:

> Why not?  You call a washing machine mechanic when the washing machine 
> plays up.  This is not conceptually different.

Washing machines aren't a utility.  Internet is viewed as a utility.

> Actually I don't believe that.  They do know what machines they have 
> have connected to their home network.  Boxes don't magically
> connect.  Every machine was explictly connected.

First of all, not every devices was explicitly connected by the user.  
Think set-top boxes/DVRs.

Secondly, users connect things an then don't think about them, don't 
remember credentials, had a horrible ordeal (from their perspective) 
connecting said devices and then promptly forgot how to administer them.

Thirdly, expecting users to troubleshoot which of their devices is 
emanating bad traffic is unrealistic.

The only effective consumer remediation efforts we've seen to date have 
been broadband access ISPs proactively scanning their customer networks 
and contacting them when exploitable devices and compromised PCs have 
been found.  Although it's a lot of work, that kind of thing can be done 
for CPE broadband routers; it can't be done for the things sitting 
behind those devices, which are doing NAT/firewalling.  The partial 
exception is PCs, because everyone thinks of those when they think of 
'the Internet'.

And the fact that even their lightbulbs are being connected now - i.e., 
the huge proliferation of connected devices - militates against user 
troubleshooting, as well.

-----------------------------------
Roland Dobbins <rdobbins () arbor net>