[192193] in North American Network Operators' Group
Re: Death of the Internet, Film at 11
daemon@ATHENA.MIT.EDU (Mike Hammett)
Sat Oct 22 10:50:22 2016
X-Original-To: nanog@nanog.org
Date: Sat, 22 Oct 2016 09:50:17 -0500 (CDT)
From: Mike Hammett <nanog@ics-il.net>
Cc: nanog@nanog.org
In-Reply-To: <201610221441.PAA13517@sunf10.rd.bbc.co.uk>
Errors-To: nanog-bounces@nanog.org
If they are easy to trace, then it should be easy for you to tell me how to find them on my network.
The addresses being known to them doesn't help me at all clean up my network or help other networks clean up theirs.
It would be rather difficult for me (and I'm sure many other operators) to distinguish normal Dyn traffic from DDoS Dyn traffic.
-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
----- Original Message -----
From: "Brandon Butterworth" <brandon@rd.bbc.co.uk>
To: nanog@ics-il.net
Cc: nanog@nanog.org
Sent: Saturday, October 22, 2016 9:41:52 AM
Subject: Re: Death of the Internet, Film at 11
> "their" Whose addresses are known
The "CCVT thingies" you refer to. Unlike spoof
attacks these are easy to trace
> and who are they known to?
Those who were attacked by them or worked on mitigation of
the attack. If not this time then they should next time
as there will be a next time.
> Some work can produce Dyn allocations, I suppose.
Indeed, that is what I was saying
brandon
