[193682] in North American Network Operators' Group
Re: IoT security
daemon@ATHENA.MIT.EDU (clinton mielke)
Sat Feb 11 04:49:19 2017
X-Original-To: nanog@nanog.org
In-Reply-To: <A7001028-C869-4B07-A2E0-45FA2E2A5FC8@marcoslater.com>
From: clinton mielke <clinton.mielke@gmail.com>
Date: Fri, 10 Feb 2017 14:00:34 -0800
To: Marco Slater <marco@marcoslater.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
That being said, I think if other ISPs took virgins lead then we can start
getting this population of devices reduced. The hard part is getting
overseas ISPs to help with the problem.
Most inbound infectious scanning traffic appears to come from China and
Vietnam. I need to create some better aggregate statistics.
On Feb 10, 2017 5:48 AM, "Marco Slater" <marco@marcoslater.com> wrote:
>
> > As an ISP, scan your customers netrange, and notify customers with known
> > vulnerable devices. With regards to the current Mirai threat, theres
> only a
> > handful of devices that are the most critical importance. IE, biggest
> > fraction of the infected host pie.
>
> Virgin Media in the UK do this for Mirai-infected or susceptible devices
> already.
>
> What they send out: https://twitter.com/2sec4u/status/825337376692121601
>
> Quite interesting approach. If more consumers were aware of this, they may
> do something about it.. although.. people are lazy. :(
