[191678] in North American Network Operators' Group
Re: Krebs on Security booted off Akamai network after DDoS attack
daemon@ATHENA.MIT.EDU (Eliot Lear)
Sun Sep 25 14:17:17 2016
X-Original-To: nanog@nanog.org
To: jtk@aharp.iorc.depaul.edu, nanog@nanog.org
From: Eliot Lear <lear@cisco.com>
Date: Sun, 25 Sep 2016 20:16:47 +0200
In-Reply-To: <20160925120021.79280a95@p50.localdomain>
Errors-To: nanog-bounces@nanog.org
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--LwqLN4ds5vqDTnF0ismj6hwFmWG2VTGvh
From: Eliot Lear <lear@cisco.com>
To: jtk@aharp.iorc.depaul.edu, nanog@nanog.org
Message-ID: <1774394c-d411-7446-6a80-cd247d12d587@cisco.com>
Subject: Re: Krebs on Security booted off Akamai network after DDoS attack
proves pricey
References: <20160924144757.6291.qmail@ary.lan>
<CAL9jLaY_7cHK0qqi19toe=vMzy6WzyeF_FDSzvP78eirrPh4fw@mail.gmail.com>
<20160924184332.GA45065@excession.tpb.net>
<CAL9jLabYEGXF8Ax3CrChDJfrpmXiTUA0MWQBqZkoZ=Px-6+1nw@mail.gmail.com>
<A2E6B904-F963-4536-9F19-C8187B0424AD@the-watsons.org>
<6CB7A90CA0C0D3CE.6E724E09-9FD0-4486-89BF-1A624A0F076A@mail.outlook.com>
<AD636CD0-DDEF-4B8D-9461-595F3EB12FBA@puck.nether.net>
<CAN414UcQK=xD3ESL8XBmquj9wLVPorrG9VPcLd6rbdvP9ysZsQ@mail.gmail.com>
<600470265.16530.1474778588492.JavaMail.zimbra@baylink.com>
<CAN414Uf-OK-B72AHVt8DtzsoH21QRqr=KLCYKA=LFCrejaKHjQ@mail.gmail.com>
<235cdefe042147e4a14be955177c2e70@XCASPRD01-DFT.dpu.depaul.edu>
<20160925120021.79280a95@p50.localdomain>
In-Reply-To: <20160925120021.79280a95@p50.localdomain>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Has anyone stopped to consider what a gift these hackers gave all of
us? They exposed their capabilities and nobody got hurt. We all had a
notion as to what sort of attacks were possible in theory. Now we have
reality. Business being what it is, customers may not be interested in
others' security, but IoT being what it is, they might be interested in
their own: in this instance, as I understand it, cameras were involved.=20
If a camera could be used to attack someone else, it could be used to
invade the privacy of the owner. If consumers come to see that as a
threat, that'd be a good first step to internalizing what was an
externality. At that point you can sell something.
Big if, though.
Eliot
On 9/25/16 7:00 PM, John Kristoff wrote:
> On Sun, 25 Sep 2016 14:36:18 +0000
> Ca By <cb.list6@gmail.com> wrote:
>
>> As long as their is one spoof capable network on the net, the problem =
will
>> not be solved.
> This is not strictly true. If it could be determined where a large
> bulk of the spoofing came from, public pressure could be applied. This=
> may not have been the issue in this case, but in many amplification and=
> reflection attacks, the originating spoof-enabled networks were from a
> limited set of networks. De-peering, service termination, shaming, etc=
> could have an effect.
>
> John
>
--LwqLN4ds5vqDTnF0ismj6hwFmWG2VTGvh
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
iQEcBAEBCAAGBQJX6BSPAAoJEIe2a0bZ0noznUIH+wUaaMKgMcOK/8Huq6ILO8zm
WZ2KsHMIAMMiCyGih76eVqSvxvdlBpDhQcJ/TC49tvueYUI2OPrH6Q1exCZcgLPh
pdVAIdNNmW3qiQ40RurnOg2K+L4fBUCDJ0TvIKnSNzMWi5iWHtI0OtV2WiTwnXbe
4aaAoc9c32urgQbMOTxiAVidSlq6zxjA9iO2lFuMWCItB0xCnv6TYBy4dxXTkF1O
V+zOoXs23vSitjIpJQISnXGC2VeU8sIXpjuyPHHQa6dOmsslEIWM8r5UsI/KyzR7
qJOF6qJYAAYIU0kDyWVoYmSQQRCmnGvLahVeXr7bzjMOPpAQy6QuboiNKncDhSY=
=H0yv
-----END PGP SIGNATURE-----
--LwqLN4ds5vqDTnF0ismj6hwFmWG2VTGvh--
