[172057] in North American Network Operators' Group
Re: Large DDoS, small extortion
daemon@ATHENA.MIT.EDU (Merike Kaeo)
Thu May 22 18:17:51 2014
X-Original-To: nanog@nanog.org
From: Merike Kaeo <merike@doubleshotsecurity.com>
In-Reply-To: <21374.24658.3602.618224@world.std.com>
Date: Thu, 22 May 2014 15:17:40 -0700
To: Barry Shein <bzs@world.std.com>
Cc: NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--Apple-Mail=_7B960C98-670D-4F4A-84F5-11C7C67DA0EC
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
I will use this opportunity to solicit real world experience and use =
cases that
could be discussed at the Security Track at NANOG 61. While I've been
soliciting talks in operational security specific groups, this thread =
also
peaked my interest.=20
Nothing beats sharing the good, the bad, the ugly and how collectively =
we
can improve on how we mitigate against varying attacks.
Please respond to me in unicast and let me know if you'd be willing to =
share=20
some experiences. The Security Track is not recorded nor streamed and
you do not need a formal presentation.
- merike
On May 22, 2014, at 1:38 PM, Barry Shein <bzs@world.std.com> wrote:
>=20
> You know what would be nice? Some real life experience and results,
> case studies.
>=20
> I see the "common sense" and "logic" to a lot of these suggestions but
> that and $1.75 plus tax will get you a venti coffee of the day at
> Starbucks.
>=20
> Victim: I'd be very wary of these suggestions unless there's some
> good, solid reason to believe they're based on reality not just "I've
> simulated all of human psychology in my head and here's what I think
> you should do..."
>=20
> I think it's interesting that the guy asks for such small amounts,
> under US$1000.
>=20
> Maybe that's a lot of money for him.
>=20
> Maybe he thinks it won't be worth investigating such a small amount.
>=20
> Maybe he thinks it's not a very big crime so if he gets caught he's
> more likely to walk.
>=20
> Maybe he thinks he's poor/broke and this money is deservedly his to
> demand, it's such a modest demand.
>=20
> Note: He could be factually/legally wrong but that's why I prefaced
> with "maybe he thinks..."
>=20
> Maybe he's a sadist and gets a kick out of making you squirm and the
> money is just his way of keeping score, making you do something
> tangible, kind of like "kiss my boots!"
>=20
> Maybe he's insane which voids all of the above.
>=20
> Maybe it's some sort of penetration exercise by terrorists, a govt,
> etc.
>=20
> Maybe all I've said and $1.75 plus tax...
>=20
>=20
> --=20
> -Barry Shein
>=20
> The World | bzs@TheWorld.com | =
http://www.TheWorld.com
> Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, =
Canada
> Software Tool & Die | Public Access Internet | SINCE 1989 =
*oo*
--Apple-Mail=_7B960C98-670D-4F4A-84F5-11C7C67DA0EC
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCgAGBQJTfneEAAoJEA7gPO9LJuahOaEH/31jj7kFfaf2zOnBrdkU/+Z5
CA1fhDVmSZL0EGhsd38+RJLB1zpWimgOeGmBOKT/1v9wb9Voct37GDog8jIhWjhx
XCyLSjD81f+8l4zhPNXZngeALnCBW/d92R6UShXzAsxB3Sd5Dr4OlcwBCZVoCNcz
hNnVfh07ViKE35MPxrq7oAp5zFTNmzcYLKFMzyMLxcyjTCgxZnWTBOof6xlCMvn4
SjhS/8WjHLl1SavbfLxSkv+pa3wcHv+0+zTGpLZcQ9Z+1jRruTNb2aHlWsOr9pNQ
gB1BBmgQ6fxG7FE6av633g9xh3Tt6ZBlhQUOuXsLxAgvu6Vta/SxmchFgLl49co=
=ZURN
-----END PGP SIGNATURE-----
--Apple-Mail=_7B960C98-670D-4F4A-84F5-11C7C67DA0EC--
