[179378] in North American Network Operators' Group
Re: Cisco/Level3 takedown
daemon@ATHENA.MIT.EDU (Chris Boyd)
Thu Apr 9 16:40:08 2015
X-Original-To: nanog@nanog.org
From: Chris Boyd <cboyd@gizmopartners.com>
In-Reply-To: <D14C507C.1F665%molney@cisco.com>
Date: Thu, 9 Apr 2015 15:39:59 -0500
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Apr 9, 2015, at 3:01 PM, Matt Olney (molney) <molney@cisco.com> =
wrote:
>=20
> In response to Sameer Khosla's comment that we should work with the =
entire
> service provider community:
>=20
> Talos is the threat intelligence group within Cisco. We absolutely
> welcome discussions with any network operator on how we can improve =
the
> state of security on the Internet. Please contact me directly via =
email
> and we can have a discussion about how we can work together going =
forward.
While I agree that the (at least temporary) mitigation of the threat was =
overall a good thing, I'm not really happy with the method used. =
Decisions to drop/block/filter traffic should be done locally. I would =
have appreciated Talos coming to the various *nog lists and saying =
something like "Hey, there's some really bad guys here. Here's the =
evidence of their bad behavior, you really should block them." That =
probably would have had a wider reach than just going to Level3.
--Chris
