Oh, yeah, list e-mail usually just gets skimmed through. No time for reading in detail or links. ;-)
Sorry. :-\ ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Hugo Slabbert" <h...@slabnet.com> To: "Mike Hammett" <na...@ics-il.net> Cc: nanog@nanog.org Sent: Monday, October 24, 2016 5:21:48 PM Subject: Re: Spitballing IoT Security It's possible you might have wanted to read the link for the context that pointed this out as sarcastic hyperbole, though the text as-is could (unfortunately) have been read as serious. -- Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com pgp key: B178313E | also on Signal On Mon 2016-Oct-24 17:17:43 -0500, Mike Hammett <na...@ics-il.net> wrote: >There's a buffer overrun in some software, so let's just remove all passwords >(and keys), since they can get in anyway. > > > > > >Just pointing out flawed logic. > > > > >----- >Mike Hammett >Intelligent Computing Solutions >http://www.ics-il.com > >Midwest-IX >http://www.midwest-ix.com > >----- Original Message ----- > >From: "J. Oquendo" <joque...@e-fensive.net> >To: "Steve Mikulasik" <steve.mikula...@civeo.com> >Cc: nanog@nanog.org >Sent: Monday, October 24, 2016 3:53:25 PM >Subject: Re: Spitballing IoT Security > >On Mon, 24 Oct 2016, Steve Mikulasik wrote: > >> if we automatically blackholed those IPs as they get updated it could put a >> big dent in the effectiveness of Zeus. >> > >That would involve someone lifting a finger and implement >a config change. Much easier to implement BCP38 or was it >RFC 4732? Would never work the moment someone has to lift >a finger. > >/* >I think I'll change my position on BCP38. It's pointless to try >blocking spoofed source addresses because: > >* It doesn't solve every single problem >* It means more effort for service providers >* It requires more CPU processing power >* Using it will generate smarter "black hats". > >https://www.nanog.org/mailinglist/mailarchives/old_archive/2004-10/msg00132.html > > >*/ > > >-- >=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ >J. Oquendo >SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM > >"Where ignorance is our master, there is no possibility of >real peace" - Dalai Lama > >0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463 >https://pgp.mit.edu/pks/lookup?op=get&search=0xFC837AF59D8A4463 >