[126890] in North American Network Operators' Group
Re: Nato warns of strike against cyber attackers
daemon@ATHENA.MIT.EDU (joel jaeggli)
Tue Jun 8 17:17:09 2010
Date: Tue, 08 Jun 2010 14:14:25 -0700
From: joel jaeggli <joelja@bogus.com>
To: "J. Oquendo" <sil@infiltrated.net>
In-Reply-To: <4C0EA203.8050504@infiltrated.net>
Cc: nanog@merit.edu
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2010-06-08 13:03, J. Oquendo wrote:
> Jorge Amodio wrote:
>
> All humor aside, I'm curious to know what can anyone truly do at the end
> of the day if say a botnet was used to instigate a situation. Surely
> someone would have to say something to the tune of "better now than
> never" to implement BCP filtering on a large scale. Knobs, Levers, Dials
> and Switches: Now and Then (please sir, may I have some more ?) is 7
> years old yet I wonder in practice, how many networks have 38/84
> filtering. I'm wondering why it hasn't been implemented off the shelf in
> some of the newer equipment. This is not to say "huge backbones" should
> have it, but think about it, if smaller networks implemented it from the
> rip, the overheard wouldn't hurt that many of the bigger guys. On the
> contrary, my theory is it would save them headaches in the long run...
> Guess that's a pragmatic approach. Better that than an immediate
> pessimistic one.
The bots don't need to spoof source addresses... and therefore the
filtering associated with preventing that while a solid belt and
suspenders exercise is by no means a panacea.
