nanog mailing list archives
Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey
From: Sam Silvester <sam.silvester () gmail com>
Date: Tue, 27 Sep 2016 14:47:16 +0930
On Tue, Sep 27, 2016 at 1:35 PM, Roland Dobbins <rdobbins () arbor net> wrote:
It call comes down to the network operator, one way or another. There's no separation in the public mind of 'my network' from 'the Internet' that is analogous to the separation between 'the power company' and 'the electrical wiring in my house/apartment' (and even in that space, the conceptual separation often isn't present).
Not sure I agree with this. To my knowledge, when somebody loses power, they go out and check circuit breakers and stuff, then either call an electrician (if a breaker doesn't stay on or the like), or call their electricity retailer/distributer. I'm not talking about IT / technically savvy people either. Now, I appreciate what you are saying though - end users are (generalisation incoming, and I am not having a go / being a dick toward end users) non-technical, busy and not willing to spend money on experts to help out. They don't understand that their ISP is not responsible / in control end to end etc, but yeah - not the best analogy above. As a second comment...I think there is something also to be considered in Mark's thoughts. NAT obviously breaks visibility from a network operator's perspective. As far as we can see, once a user is sending something flagged as abuse, the best we can tell is the public IPv4 address. This sucks, as it basically means suspend the user, who gets shitty as a result, and costs money and time on the phone to helpdesk as a result. In IPv6, it's not the case that all traffic is sourced from the same public IP, which is interesting, especially if the network operator's abuse desk has appropriate tooling to be able to marry that up to a device (probably with the end user involved of course, but maybe with less effort). I do also like the idea of IPv4 CPE having a menu displaying DHCP client ID, in/out bps/pps counters, especially if that is able to be exposed to the ISP helpdesk / abuse desk if needed. It's a nice to have, but not sure it'd ever get meaningful deployment in a timeframe that makes it useful. Food for thought. Sam
Current thread:
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey, (continued)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Keith Stokes (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Peter Beckman (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Sam Silvester (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John R. Levine (Sep 26)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 26)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Florian Weimer (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 27)
- Message not available
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John Kristoff (Sep 25)