[192213] in North American Network Operators' Group
Re: Death of the Internet, Film at 11
daemon@ATHENA.MIT.EDU (Mark Andrews)
Sat Oct 22 18:09:37 2016
X-Original-To: nanog@nanog.org
To: Peter Baldridge <petebaldridge@gmail.com>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Sat, 22 Oct 2016 14:45:13 -0700."
<CAM91edj=-RgiGTnzOGjUduqbn+P6XYfsxsP+pXuwWsPhQUJVvQ@mail.gmail.com>
Date: Sun, 23 Oct 2016 09:09:26 +1100
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
One way to deal with this would be for ISP's to purchase DoS attacks
against their own servers (not necessarially hosted on your own
network) then look at which connections from their network attacking
these machines then quarantine these connections after a delay
period so that attacks can't be corollated with quarantine actions
easily.
This doesn't require a ISP to attempt to break into a customers
machine to identify them. It may take several runs to identify
most of the connections associated with a DoS provider.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
