[members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs

Ah yes!!

On Thu, Apr 30, 2020 at 11:31 PM Elad Cohen <elad at netstyle.io> wrote:
> - The data field in an ip packet - will always
> be the same for an access attempt to a IoT
> device with default credentials - hence these
> kind of "IP protocol data fingerprints" which
> are related to specific "IP protocol numbers"
> will be provided by ICANN backend
> infrastructure to each BGP router through
> the opened session with it.

Everywhere except for China and, possibly, North Korea, border routers
are *not* DPI devices.  Hence they don't have an *ability* to *look*
through the IP packet data, let alone apply any checksums or
fingerprints.

Otherwise, gosh, TCP with its checksums wouldn't have been necessary.

A DPI device costs I think 500 times more than a typical border
routing device in use in Europe.  (this is a rough estimation based on
the packet length, it might be slight less or a couple orders of
magnitude more than that)

And yes. This solution requires a complete *hardware* update to all
the border routers.  I think that's a concept for a PhD topic in
economy (quite possibly also a Nobel prize) rather than for a
members-discuss thread.

P.S. I want to reiterate that those topics are relevant to
secdispatch at ietf.org.  Only after they are submitted as an I-D and
dispatched to a working group, AND the working group accepts the I-D
as a working group draft, they are on-topic in here.  Otherwise, they
are off-topic.  Thank you in advance for understanding.

--
Töma