nanog mailing list archives
Re: IoT security
From: clinton mielke <clinton.mielke () gmail com>
Date: Wed, 8 Feb 2017 21:04:07 -0800
Having spent the last few months systematically scanning ~700k of these hosts, Im thinking the following could be considered: As an ISP, scan your customers netrange, and notify customers with known vulnerable devices. With regards to the current Mirai threat, theres only a handful of devices that are the most critical importance. IE, biggest fraction of the infected host pie. Maybe someday I'll get around to parsing my database and auto-emailing the abuse emails of the affected netranges. That was my intention..... but dayjob got in the way. This breaks down however when you look at the geographic distribution of infected devices. Most are in Asian countries, so there would need to be more cooperation among network operators there. On Wed, Feb 8, 2017 at 6:03 PM, Carl Byington <carl () five-ten-sg com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Wed, 2017-02-08 at 08:30 -0800, Damian Menscher wrote:So here's a modest proposal: log in as root and brick the device.I strongly suspect that when the problem gets bad *enough*, someone will do exactly that. Yes, it is illegal in many places. Since when has the fact that any particular act is illegal been sufficient to deter *everyone*? People still drive while drunk. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEAREKAAYFAlibzdIACgkQL6j7milTFsH/WgCdEvde+zMvm8lRUyx2ay3EltZT 97kAn3Hl2tjPe2eUqiagDXxlE75OO/Xg =W+Cq -----END PGP SIGNATURE-----
Current thread:
- Re: IoT security, (continued)
- Re: IoT security William Herrin (Feb 07)
- Re: IoT security Rich Kulawiec (Feb 07)
- Re: IoT security Randy Bush (Feb 07)
- Re: IoT security Richard (Feb 07)
- Re: IoT security Ed Lopez (Feb 08)
- Re: IoT security Rich Kulawiec (Feb 08)
- Re: IoT security William Herrin (Feb 08)
- Re: IoT security Damian Menscher (Feb 08)
- Re: IoT security William Herrin (Feb 08)
- Re: IoT security Carl Byington (Feb 08)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 08)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 09)
- Re: IoT security clinton mielke (Feb 09)
- Re: IoT security Marco Slater (Feb 10)
- Re: IoT security clinton mielke (Feb 10)
- Re: IoT security clinton mielke (Feb 10)
- Re: IoT security Rich Kulawiec (Feb 09)
- Re: IoT security William Herrin (Feb 09)
- Re: IoT security valdis . kletnieks (Feb 09)