[nsp-sec] Question for the team - who would be willing to participate in a "exercise"
Krista Hickey
Krista.Hickey at cogeco.com
Tue Oct 31 16:52:29 EDT 2017
+1
And unsure if I missed it or not but which 'we're solving ddos' group is this we're talking about here if it's not a big secret? I know of another group or two that fit Chris' description from this year alone albeit maybe looking to ensure their org(s) stay relevant vs get the million bones from gov. I quite often push back on these folks but they all seem committed to their (non-existent) solution being THE solution and/or don't seem to understand how fragmenting the industry with people who don't know what they don't know is not a good thing.
Krista
Ce courriel provient de Krista.Hickey at cogeco.com . Pour assurer la livraison de futurs envois, veuillez inclure la presente adresse courriel a votre carnet
d'adresses ou votre liste d'expediteurs autorises.
Si vous ne souhaitez plus recevoir de messages promotionnels de la part de Cogeco, veuillez transferer ce courriel a desabonnement at cogeco.com. Merci!
Politique en matiere de protection des renseignements personnels de Cogeco et Engagement en matiere d'anti-spam - Contactez-nous
Cogeco Cable Canada, 5 Place Ville-Marie, Bureau 1700, Montreal, Quebec, H3B 0B3
--
This email is from Krista.Hickey at cogeco.com . To ensure the delivery of future emails, please add the current email address to your address book or safe senders list.
If you no longer wish to receive promotional emails from Cogeco, please forward this message to unsubscribe at cogeco.com. Thank you!
Privacy Policy and Anti-spam Commitment - Contact us
Cogeco Cable Canada, 5 Place Ville-Marie, Suite 1700, Montreal, Quebec, H3B 0B3
________________________________________
From: nsp-security [nsp-security-bounces at puck.nether.net] on behalf of Chris Morrow [morrowc at ops-netman.net]
Sent: Tuesday, October 31, 2017 4:36 PM
To: Smith, Donald
Cc: Nsp-Security List
Subject: Re: [nsp-sec] Question for the team - who would be willing to participate in a "exercise"
----------- nsp-security Confidential --------
On Tue, 31 Oct 2017 15:56:58 -0400,
"Smith, Donald" <Donald.Smith at CenturyLink.com> wrote:
>
> ----------- nsp-security Confidential --------
> > ――――――――――――――――8<――――――――――――――――
> >
> > - for a list of 1M attacking IPs, please prevent them from sending outbound traffic from your networks
> No, unsupported by many of the routers.
>
actually... the question to ask is: "Given a list of 1M bots, how
would you block them in your network?"
Your answer MIGHT be: "no way, sorry"
or: "I split the list of across my edge based on netflow data
collection / analysis"
or: "I put that in iptables on the host being attacked"
or: <something else clever>
The point shouldn't be a proscriptive: "hey, put this on your flarb
and bleep it north", it should be: "here's a problem that generally
seems normal to see for this sort of scenario, how do you react?"
I think GENERALLY the problem the people starting this (that barry is
reacting to) have is: "they are completely unfocused, they have no idea
how any of this works, and they have no idea what problem they are trying
to actually solve"
It seemed to me this was a case of: "Hey, the gov't is willing to fund
us to 'research' a 'policy paper' (or something) so why not go earn a
few million bones?"
I wasn't (and am still not) willing to help them unless they can
really get direction and concrete goals.
-chris
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list