This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/members-discuss@ripe.net/
[members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
- Previous message (by thread): [members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
- Next message (by thread): [members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Töma Gavrichenkov
ximaera at gmail.com
Thu Apr 30 23:58:52 CEST 2020
Ah yes!! On Thu, Apr 30, 2020 at 11:31 PM Elad Cohen <elad at netstyle.io> wrote: > - The data field in an ip packet - will always > be the same for an access attempt to a IoT > device with default credentials - hence these > kind of "IP protocol data fingerprints" which > are related to specific "IP protocol numbers" > will be provided by ICANN backend > infrastructure to each BGP router through > the opened session with it. Everywhere except for China and, possibly, North Korea, border routers are *not* DPI devices. Hence they don't have an *ability* to *look* through the IP packet data, let alone apply any checksums or fingerprints. Otherwise, gosh, TCP with its checksums wouldn't have been necessary. A DPI device costs I think 500 times more than a typical border routing device in use in Europe. (this is a rough estimation based on the packet length, it might be slight less or a couple orders of magnitude more than that) And yes. This solution requires a complete *hardware* update to all the border routers. I think that's a concept for a PhD topic in economy (quite possibly also a Nobel prize) rather than for a members-discuss thread. P.S. I want to reiterate that those topics are relevant to secdispatch at ietf.org. Only after they are submitted as an I-D and dispatched to a working group, AND the working group accepts the I-D as a working group draft, they are on-topic in here. Otherwise, they are off-topic. Thank you in advance for understanding. -- Töma
- Previous message (by thread): [members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
- Next message (by thread): [members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]