[126909] in North American Network Operators' Group
Re: Nato warns of strike against cyber attackers
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Jun 8 22:17:20 2010
From: Owen DeLong <owen@delong.com>
To: Dave Rand <dlr@bungi.com>
In-Reply-To: <m1OM59n-008hRXC@rdaver.bungi.com>
Date: Tue, 8 Jun 2010 13:33:46 -0700
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Dave,
I realize your fond of punishing all of us to subsidize the ignorant, =
but I would rather see those with compromised machines pay the bill for =
letting their machines get compromised than have to subsidize their =
ignorant or worse behavior.
Owen
Sent from my iPad
On Jun 8, 2010, at 1:12 PM, dlr@bungi.com (Dave Rand) wrote:
> [In the message entitled "Re: Nato warns of strike against cyber =
attackers" on Jun 8, 16:03, "J. Oquendo" writes:]
>>=20
>> All humor aside, I'm curious to know what can anyone truly do at the =
end
>> of the day if say a botnet was used to instigate a situation. Surely
>> someone would have to say something to the tune of "better now than
>> never" to implement BCP filtering on a large scale. Knobs, Levers, =
Dials
>> and Switches: Now and Then (please sir, may I have some more ?) is 7
>> years old yet I wonder in practice, how many networks have 38/84
>> filtering. I'm wondering why it hasn't been implemented off the shelf =
in
>> some of the newer equipment. This is not to say "huge backbones" =
should
>> have it, but think about it, if smaller networks implemented it from =
the
>> rip, the overheard wouldn't hurt that many of the bigger guys. On the
>> contrary, my theory is it would save them headaches in the long =
run...
>> Guess that's a pragmatic approach. Better that than an immediate
>> pessimistic one.
>>=20
>=20
> It's really way, way past time for us to actually deal with =
compromised
> computers on our networks. Abuse desks need to have the power to =
filter
> customers immediately on notification of activity. We need to have =
tools to
> help us identify compromised customers. We need to have policies that
> actually work to help notify the customers when they are compromised.
>=20
> None of this needs to be done for free. There needs to be a "security
> fee" charged _all_ customers, which would fund the abuse desk.
>=20
> With more than 100,000,000 compromised computers out there, it's =
really
> time for us to step up to the plate, and make this happen.
>=20
>=20
> --=20
