[192295] in North American Network Operators' Group
Re: Spitballing IoT Security
daemon@ATHENA.MIT.EDU (J. Oquendo)
Mon Oct 24 16:53:30 2016
X-Original-To: nanog@nanog.org
Date: Mon, 24 Oct 2016 15:53:25 -0500
From: "J. Oquendo" <joquendo@e-fensive.net>
To: Steve Mikulasik <Steve.Mikulasik@civeo.com>
In-Reply-To: <CY1PR17MB0425BAFA02B4CC1A3F962463FAA90@CY1PR17MB0425.namprd17.prod.outlook.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Mon, 24 Oct 2016, Steve Mikulasik wrote:
> if we automatically blackholed those IPs as they get updated it could put a big dent in the effectiveness of Zeus.
>
That would involve someone lifting a finger and implement
a config change. Much easier to implement BCP38 or was it
RFC 4732? Would never work the moment someone has to lift
a finger.
/*
I think I'll change my position on BCP38. It's pointless to try
blocking spoofed source addresses because:
* It doesn't solve every single problem
* It means more effort for service providers
* It requires more CPU processing power
* Using it will generate smarter "black hats".
https://www.nanog.org/mailinglist/mailarchives/old_archive/2004-10/msg00132.html
*/
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama
0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463
https://pgp.mit.edu/pks/lookup?op=get&search=0xFC837AF59D8A4463
