Vernon Schryver’s FUSSP is still relevant since what, 2000 or so? --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-boun...@ripe.net> on behalf of Richard Clayton <rich...@highwayman.com> Sent: Friday, May 1, 2020 6:28:42 AM To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
In message <DB7PR10MB215431CFDAB4554CBF6F9E85D6AA0@DB7PR10MB2154.EURPRD1 0.PROD.OUTLOOK.COM>, Elad Cohen <e...@netstyle.io> writes > if I will have the honor of being > elected to the Ripe Board I will [...] > At the source BGP router, for any ip packet with a source address > that is from the network of the source BGP router (lets call it > original ip packet) - the source BGP router will create a new ip > packet (lets call it tracking ip packet) with a new transport layer > protocol and with the same source address and with the same > destination address and with the same IP-ID such as the original ip > packet. etc this appears to be a technically inferior adaptation of a 20 year old proposal from Steve Bellovin https://academiccommons.columbia.edu/doi/10.7916/D8FF406R it got zero traction then because it treats the issue as technical rather a complex security economics issue. Nothing, in my view, has changed in twenty years. > Automatic prventation of IoT botnet infections: > > - IoT botnets are based on default credentials, only some of them -- many exploit unpatched insecure protocol implementations > Automatic prventation of botnet C&C ip addresses: > > - Botnets C&C are also a problem in the internet. > - This problem can be overcome using the following technical > addition: the 5 RIR's will operate end-users honeypots machines all > over the world you should keep up with my academic work on detecting honeypots (we found around 3000)... yes they are valuable, no they are not a panacea (and they are mainly poorly deployed... and we also found that many were not patched up-to-date [shoemaker's children?]) > Very soon I will post a single solution to all the following > problems: (implementation is fast and easy and I'll be very happy > to manage the implementation in case I will be elected to the Ripe > Board) > * Spoofed ip traffic > * Spoofed amplification ddos attacks > * BGP&RIR hijacking > * IoT botnet infections > * Botnet C&Cs I'm disappointed that you aren't solving the spam problem as well -- Dr Richard Clayton <richard.clay...@cl.cam.ac.uk> Director, Cambridge Cybercrime Centre mobile: +44 (0)7887 794090 Computer Laboratory, University of Cambridge, CB3 0FD tel: +44 (0)1223 763570