<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html;
      charset=windows-1252">
  </head>
  <body>
    "All the bgp routers will be upgraded if I will be elected, you can
    be sure of it, including EOL routers, there is and there will be
    solution for anything."<br>
    <br>
    ROFLMAO! Can we have immortality with infinite money as well on the
    go? :) Or is this the type of promise where RIPE membership annual
    fee balloons by approximately 9 zeroes for every member, preferrably
    paid directly to Netstyle?  .... I suspect the latter ;)<br>
    <br>
    <div class="moz-cite-prefix">On 5/1/20 12:04 AM, Elad Cohen wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:DB7PR10MB21546BE76D749A97FD93A664D6AA0@DB7PR10MB2154.EURPRD10.PROD.OUTLOOK.COM">
      <meta http-equiv="Content-Type" content="text/html;
        charset=windows-1252">
      <style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        Stuart,</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        All the bgp routers will be upgraded if I will be elected, you
        can be sure of it, including EOL routers, there is and there
        will be solution for anything.<br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        After it all internet users will enjoy from the end of:</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <span>Spoofed IP traffic, Spoofed amplification DDoS attacks,
          BGP&RIR hijacking</span></div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <span><br>
        </span></div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <span>And the dramatically reducing of:<br>
        </span></div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <span>IoT botnet infections and Botnet C&Cs</span><br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        Respectfully,</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        Elad<br>
      </div>
      <hr style="display:inline-block;width:98%" tabindex="-1">
      <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
          face="Calibri, sans-serif" color="#000000"><b>From:</b> Stuart
          Willet (primary) <a class="moz-txt-link-rfc2396E" href="mailto:stu@safehosts.co.uk"><stu@safehosts.co.uk></a><br>
          <b>Sent:</b> Friday, May 1, 2020 12:01 AM<br>
          <b>To:</b> Elad Cohen <a class="moz-txt-link-rfc2396E" href="mailto:elad@netstyle.io"><elad@netstyle.io></a>;
          <a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a> <a class="moz-txt-link-rfc2396E" href="mailto:members-discuss@ripe.net"><members-discuss@ripe.net></a><br>
          <b>Subject:</b> RE: Technical solution to resolve Spoofed IP
          traffic, Spoofed amplification DDoS attacks, BGP&RIR
          hijacking, IoT botnet infections and Botnet C&Cs</font>
        <div> </div>
      </div>
      <style>
<!--
@font-face
        {font-family:"Cambria Math"}
@font-face
        {font-family:Calibri}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
a:link, span.x_MsoHyperlink
        {color:#0563C1;
        text-decoration:underline}
a:visited, span.x_MsoHyperlinkFollowed
        {color:#954F72;
        text-decoration:underline}
p
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_msonormal0, li.x_msonormal0, div.x_msonormal0
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xmsonormal, li.x_xmsonormal, div.x_xmsonormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xmsolistparagraph, li.x_xmsolistparagraph, div.x_xmsolistparagraph
        {margin-top:0cm;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:36.0pt;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xmsonormal0, li.x_xmsonormal0, div.x_xmsonormal0
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xxmsonormal, li.x_xxmsonormal, div.x_xxmsonormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xxmsonormal0, li.x_xxmsonormal0, div.x_xxmsonormal0
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xxxmsonormal, li.x_xxxmsonormal, div.x_xxxmsonormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xxxmsonormal0, li.x_xxxmsonormal0, div.x_xxxmsonormal0
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif}
p.x_xxxmsochpdefault, li.x_xxxmsochpdefault, div.x_xxxmsochpdefault
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Times New Roman",serif}
p.x_xxmsochpdefault, li.x_xxmsochpdefault, div.x_xxmsochpdefault
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Times New Roman",serif}
p.x_xmsochpdefault, li.x_xmsochpdefault, div.x_xmsochpdefault
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Times New Roman",serif}
span.x_xmsohyperlink
        {color:#0563C1;
        text-decoration:underline}
span.x_xmsohyperlinkfollowed
        {color:#954F72;
        text-decoration:underline}
span.x_xxmsohyperlink
        {color:#0563C1;
        text-decoration:underline}
span.x_xxmsohyperlinkfollowed
        {color:#954F72;
        text-decoration:underline}
span.x_xxxmsohyperlink
        {color:#0563C1;
        text-decoration:underline}
span.x_xxxmsohyperlinkfollowed
        {color:#954F72;
        text-decoration:underline}
span.x_xxxemailstyle19
        {font-family:"Calibri",sans-serif;
        color:#1F497D}
span.x_xxemailstyle25
        {font-family:"Calibri",sans-serif;
        color:#1F497D}
span.x_xemailstyle31
        {font-family:"Calibri",sans-serif;
        color:#1F497D}
span.x_EmailStyle38
        {font-family:"Calibri",sans-serif;
        color:#1F497D}
.x_MsoChpDefault
        {font-size:10.0pt}
@page WordSection1
        {margin:72.0pt 72.0pt 72.0pt 72.0pt}
div.x_WordSection1
        {}
-->
</style>
      <div link="#0563C1" vlink="#954F72" lang="EN-GB">
        <div class="x_WordSection1">
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D">Elad,</span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D">As
              repeatedly explained to you, it simply is not possible to
              go around updating EVERY piece of hardware and software
              used for BGP sessions.</span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D">I
              don’t know why you can’t comprehend this, so I am simply
              going to stop responding to you.</span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D">Respectfully,</span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D">Stuart
              Willet.</span></p>
          <p class="x_MsoNormal"><span style="font-size:11.0pt;
              font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
          <div>
            <div style="border:none; border-top:solid #E1E1E1 1.0pt;
              padding:3.0pt 0cm 0cm 0cm">
              <p class="x_MsoNormal"><b><span style="font-size:11.0pt;
                    font-family:"Calibri",sans-serif"
                    lang="EN-US">From:</span></b><span
                  style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif"
                  lang="EN-US"> Elad Cohen [<a class="moz-txt-link-freetext" href="mailto:elad@netstyle.io">mailto:elad@netstyle.io</a>]
                  <br>
                  <b>Sent:</b> 30 April 2020 21:59<br>
                  <b>To:</b> Stuart Willet (primary)
                  <a class="moz-txt-link-rfc2396E" href="mailto:stu@safehosts.co.uk"><stu@safehosts.co.uk></a>; <a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a><br>
                  <b>Subject:</b> Re: Technical solution to resolve
                  Spoofed IP traffic, Spoofed amplification DDoS
                  attacks, BGP&RIR hijacking, IoT botnet infections
                  and Botnet C&Cs</span></p>
            </div>
          </div>
          <p class="x_MsoNormal"> </p>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">Stuart,</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black"> </span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">The costs will be much much lower than the
                impacts of the following:</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black"> </span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">Spoofed IP traffic, Spoofed amplification
                DDoS attacks, BGP&RIR hijacking, IoT botnet
                infections and Botnet C&Cs</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black"> </span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">If you prefer to stay with all the above ok
                lets stay with it all.</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black"> </span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">If I will be elected you can be sure that I
                will do everything in my power to implement my solution
                that will resolve for all of it for all internet users.</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black"> </span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">Respectfully,</span></p>
          </div>
          <div>
            <p class="x_MsoNormal"><span
                style="font-family:"Calibri",sans-serif;
                color:black">Elad</span></p>
          </div>
          <div class="x_MsoNormal" style="text-align:center"
            align="center">
            <hr width="98%" size="2" align="center">
          </div>
          <div id="x_divRplyFwdMsg">
            <p class="x_MsoNormal"><b><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:black">From:</span></b><span
                style="font-size:11.0pt;
                font-family:"Calibri",sans-serif; color:black">
                Stuart Willet (primary) <<a
                  href="mailto:stu@safehosts.co.uk"
                  moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
                <b>Sent:</b> Thursday, April 30, 2020 11:54 PM<br>
                <b>To:</b> Elad Cohen <<a
                  href="mailto:elad@netstyle.io" moz-do-not-send="true">elad@netstyle.io</a>>;
                <a href="mailto:members-discuss@ripe.net"
                  moz-do-not-send="true">
                  members-discuss@ripe.net</a> <<a
                  href="mailto:members-discuss@ripe.net"
                  moz-do-not-send="true">members-discuss@ripe.net</a>><br>
                <b>Subject:</b> RE: Technical solution to resolve
                Spoofed IP traffic, Spoofed amplification DDoS attacks,
                BGP&RIR hijacking, IoT botnet infections and Botnet
                C&Cs</span>
            </p>
            <div>
              <p class="x_MsoNormal"> </p>
            </div>
          </div>
          <div>
            <div>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D">Elad,</span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D"> </span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D">Please show me the costing for your
                  solution.</span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D">In short, how much will it cost to
                  update every piece of hardware and software used in
                  BGP sessions.</span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D">How will you update all the END OF LIFE
                  hardware and software?</span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D"> </span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D"> </span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D">Stuart Willet.</span></p>
              <p class="x_xmsonormal"><span style="font-size:11.0pt;
                  font-family:"Calibri",sans-serif;
                  color:#1F497D"> </span></p>
              <div>
                <div style="border:none; border-top:solid #E1E1E1 1.0pt;
                  padding:3.0pt 0cm 0cm 0cm">
                  <p class="x_xmsonormal"><b><span
                        style="font-size:11.0pt;
                        font-family:"Calibri",sans-serif"
                        lang="EN-US">From:</span></b><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif"
                      lang="EN-US"> Elad Cohen [<a
                        href="mailto:elad@netstyle.io"
                        moz-do-not-send="true">mailto:elad@netstyle.io</a>]
                      <br>
                      <b>Sent:</b> 30 April 2020 21:50<br>
                      <b>To:</b> Stuart Willet (primary) <<a
                        href="mailto:stu@safehosts.co.uk"
                        moz-do-not-send="true">stu@safehosts.co.uk</a>>;
                      <a href="mailto:members-discuss@ripe.net"
                        moz-do-not-send="true">members-discuss@ripe.net</a><br>
                      <b>Subject:</b> Re: Technical solution to resolve
                      Spoofed IP traffic, Spoofed amplification DDoS
                      attacks, BGP&RIR hijacking, IoT botnet
                      infections and Botnet C&Cs</span></p>
                </div>
              </div>
              <p class="x_xmsonormal"> </p>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black">Stuart,</span></p>
              </div>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black"> </span></p>
              </div>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black">Not anyone can afford DDoS mitigation
                    service and many in the Internet don't have such
                    service including in the Ripe region, and even for
                    the ones that are paying for expensive DDoS
                    mitigation service -  DDoS attacks are using
                    internet traffic, are using electrical power,
                    interfering to access services, generating crime. If
                    I will have the honor of being elected then I will
                    implement it all for the best of everyone including
                    negative members like you.</span></p>
              </div>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black"> </span></p>
              </div>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black">Respectfully,</span></p>
              </div>
              <div>
                <p class="x_xmsonormal"><span
                    style="font-family:"Calibri",sans-serif;
                    color:black">Elad</span></p>
              </div>
              <div class="x_MsoNormal" style="text-align:center"
                align="center">
                <hr width="98%" size="2" align="center">
              </div>
              <div id="x_x_divRplyFwdMsg">
                <p class="x_xmsonormal"><b><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:black">From:</span></b><span
                    style="font-size:11.0pt;
                    font-family:"Calibri",sans-serif;
                    color:black"> Stuart Willet (primary) <<a
                      href="mailto:stu@safehosts.co.uk"
                      moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
                    <b>Sent:</b> Thursday, April 30, 2020 11:44 PM<br>
                    <b>To:</b> Elad Cohen <<a
                      href="mailto:elad@netstyle.io"
                      moz-do-not-send="true">elad@netstyle.io</a>>; <a
                      href="mailto:members-discuss@ripe.net"
                      moz-do-not-send="true">
                      members-discuss@ripe.net</a> <<a
                      href="mailto:members-discuss@ripe.net"
                      moz-do-not-send="true">members-discuss@ripe.net</a>><br>
                    <b>Subject:</b> RE: Technical solution to resolve
                    Spoofed IP traffic, Spoofed amplification DDoS
                    attacks, BGP&RIR hijacking, IoT botnet
                    infections and Botnet C&Cs</span>
                </p>
                <div>
                  <p class="x_xmsonormal"> </p>
                </div>
              </div>
              <div>
                <div>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D">Elad,</span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D"> </span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D">I have not attacked you, just
                      pointing out the incredibly impossible task you
                      wish to be undertaken.<br>
                      As for costs, we currently use a DDoS mitigation
                      service.</span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D"> </span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D">Your solution is not feasible, full
                      stop.</span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D"> </span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D">Respectfully,</span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D"> </span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D">Stuart Willet.</span></p>
                  <p class="x_xxmsonormal"><span
                      style="font-size:11.0pt;
                      font-family:"Calibri",sans-serif;
                      color:#1F497D"> </span></p>
                  <div>
                    <div style="border:none; border-top:solid #E1E1E1
                      1.0pt; padding:3.0pt 0cm 0cm 0cm">
                      <p class="x_xxmsonormal"><b><span
                            style="font-size:11.0pt;
                            font-family:"Calibri",sans-serif"
                            lang="EN-US">From:</span></b><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif"
                          lang="EN-US"> Elad Cohen [<a
                            href="mailto:elad@netstyle.io"
                            moz-do-not-send="true">mailto:elad@netstyle.io</a>]
                          <br>
                          <b>Sent:</b> 30 April 2020 21:42<br>
                          <b>To:</b> Stuart Willet (primary) <<a
                            href="mailto:stu@safehosts.co.uk"
                            moz-do-not-send="true">stu@safehosts.co.uk</a>>;
                          <a href="mailto:members-discuss@ripe.net"
                            moz-do-not-send="true">members-discuss@ripe.net</a><br>
                          <b>Subject:</b> Re: Technical solution to
                          resolve Spoofed IP traffic, Spoofed
                          amplification DDoS attacks, BGP&RIR
                          hijacking, IoT botnet infections and Botnet
                          C&Cs</span></p>
                    </div>
                  </div>
                  <p class="x_xxmsonormal"> </p>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black">Stuart,</span></p>
                  </div>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black"> </span></p>
                  </div>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black">You are willing to sacrifice the
                        good of the community for a personal attack
                        against me. Regarding what you wrote: do you
                        know how many compute time is wasted for all the
                        current DDoS attacks that this solution will not
                        resolve ? do you know how many costs involved
                        for organizations and companies which are under
                        DDoS attacks ? when you compare the current to
                        the state of this solution then this solution is
                        by far better than the current state.</span></p>
                  </div>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black"> </span></p>
                  </div>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black">Respectfully,</span></p>
                  </div>
                  <div>
                    <p class="x_xxmsonormal"><span
                        style="font-family:"Calibri",sans-serif;
                        color:black">Elad</span></p>
                  </div>
                  <div class="x_MsoNormal" style="text-align:center"
                    align="center">
                    <hr width="98%" size="2" align="center">
                  </div>
                  <div id="x_x_x_divRplyFwdMsg">
                    <p class="x_xxmsonormal"><b><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:black">From:</span></b><span
                        style="font-size:11.0pt;
                        font-family:"Calibri",sans-serif;
                        color:black"> Stuart Willet (primary) <<a
                          href="mailto:stu@safehosts.co.uk"
                          moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
                        <b>Sent:</b> Thursday, April 30, 2020 11:39 PM<br>
                        <b>To:</b> Elad Cohen <<a
                          href="mailto:elad@netstyle.io"
                          moz-do-not-send="true">elad@netstyle.io</a>>;
                        <a href="mailto:members-discuss@ripe.net"
                          moz-do-not-send="true">
                          members-discuss@ripe.net</a> <<a
                          href="mailto:members-discuss@ripe.net"
                          moz-do-not-send="true">members-discuss@ripe.net</a>><br>
                        <b>Subject:</b> RE: Technical solution to
                        resolve Spoofed IP traffic, Spoofed
                        amplification DDoS attacks, BGP&RIR
                        hijacking, IoT botnet infections and Botnet
                        C&Cs</span>
                    </p>
                    <div>
                      <p class="x_xxmsonormal"> </p>
                    </div>
                  </div>
                  <div>
                    <div>
                      <p class="x_xxxmsonormal"><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:#1F497D">In fairness, I couldn’t even be
                          bothered reading further than the worlds BGP
                          routers needing a firmware update to DOUBLE
                          packet count whilst adding compute time at an
                          individual packet level.</span></p>
                      <p class="x_xxxmsonormal"><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:#1F497D">Another idea, slightly marred
                          by the unfathomable costs involved, along with
                          its logistic impossibility.</span></p>
                      <p class="x_xxxmsonormal"><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:#1F497D"> </span></p>
                      <p class="x_xxxmsonormal"><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:#1F497D">/me sits back and grabs the
                          popcorn…..</span></p>
                      <p class="x_xxxmsonormal"><span
                          style="font-size:11.0pt;
                          font-family:"Calibri",sans-serif;
                          color:#1F497D"> </span></p>
                      <div>
                        <div style="border:none; border-top:solid
                          #E1E1E1 1.0pt; padding:3.0pt 0cm 0cm 0cm">
                          <p class="x_xxxmsonormal"><b><span
                                style="font-size:11.0pt;
                                font-family:"Calibri",sans-serif"
                                lang="EN-US">From:</span></b><span
                              style="font-size:11.0pt;
                              font-family:"Calibri",sans-serif"
                              lang="EN-US"> members-discuss [<a
                                href="mailto:members-discuss-bounces@ripe.net"
                                moz-do-not-send="true">mailto:members-discuss-bounces@ripe.net</a>]
                              <b>On Behalf Of </b>Elad Cohen<br>
                              <b>Sent:</b> 30 April 2020 21:31<br>
                              <b>To:</b> <a
                                href="mailto:members-discuss@ripe.net"
                                moz-do-not-send="true">members-discuss@ripe.net</a><br>
                              <b>Subject:</b> [members-discuss]
                              Technical solution to resolve Spoofed IP
                              traffic, Spoofed amplification DDoS
                              attacks, BGP&RIR hijacking, IoT botnet
                              infections and Botnet C&Cs</span></p>
                        </div>
                      </div>
                      <p class="x_xxxmsonormal"> </p>
                      <div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black">Hello Ripe Members!</span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black">I will share the following
                              solution in the near General Meeting and
                              I'm interested to share the following
                              technical solution with you as well, it
                              will completely resolve: Spoofed IP
                              traffic, Spoofed amplification DDoS
                              attacks, BGP&RIR hijacking. And will
                              dramatically lower: IoT botnet infections
                              and Botnet C&Cs.</span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black">By a single update to any BGP
                              router, not any router needs to be
                              updated, only active BGP routers. If I
                              will have the honor of being elected to
                              the Ripe Board I will harness all the
                              power of Ripe and all of the 5 RIR's and
                              all of the LIR's in the 5 RIR's so routing
                              manufacturing companies will implement the
                              below processes and methods with a single
                              firmware update to their BGP routers.
                            </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black">I'm asking for your support
                              in electing me so I will be able to enter
                              the Ripe Board and then I will be able to
                              make everything which is written in this
                              post to come true.</span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black">Regarding the bgp-anycasted
                              infrastructure written below, ICANN is
                              written but the global bgp-anycasted
                              infrastructure can be managed by the 5
                              RIR's and/or by the ccTLDs registries (my
                              main point is that who will operate the
                              bgp-anycasted infrastructure is not
                              important for now, as long as it will be
                              an agreed authoritative non-governmental
                              non-commercial global entity/ies)</span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">With new tracking protocol
                                over ip, routers will be able to confirm
                                that source ip came from the network of
                                the announcing ASN, and hence spoofed
                                amplification DDoS attacks will be
                                completely annihilated.</span></p>
                          </div>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                        </div>
                        <div>
                          <p class="x_xxxmsonormal"><span
                              style="font-family:"Calibri",sans-serif;
                              color:black"> </span></p>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">The Process:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">At the source BGP router,
                                for any ip packet with a source address
                                that is from the network of the source
                                BGP router (lets call it original ip
                                packet) - the source BGP router will
                                create a new ip packet (lets call it
                                tracking ip packet) with a new transport
                                layer protocol and with the same source
                                address and with the same destination
                                address and with the same IP-ID such as
                                the original ip packet.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">In the new tracking ip
                                packet there will be a new transport
                                layer protocol (tracking protocol) with
                                the following fields:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">AS number of source BGP
                                router in clear text</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">AS number of source BGP
                                router encrypted with the private key of
                                the source BGP router</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">The destination BGP router
                                (a BGP router that the destination
                                address is in its network) whenever it
                                receive a 'tracking ip packet' will
                                check if its have the internal boolean
                                'Check tracking flag' in it - 'on' or
                                'off':</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">If 'off' then the
                                destination BGP router will drop that
                                'tracking ip packet'</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">If 'on' then the
                                destination BGP router will decrypt the
                                'encrypted AS number' with the public
                                key of the specific AS number</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">and after decryption the AS
                                number need to be the result:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">if not then to drop the
                                tracking ip packet and the original ip
                                packet related to it</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">if yes then to drop the
                                tracking ip packet and to forward the
                                related original ip packet to
                                destination but only if the source
                                address is originated from the specific
                                ASN (according to the local ASNs+ranges
                                table in the BGP router, such table will
                                be received from ICANN)</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">If the 'Check tracking
                                flag' is set to 'on' then any original
                                ip packet that arrive to the destination
                                BGP router will wait for the related
                                tracking ip packet (in case the related
                                tracking ip packet didn't already
                                arrived to the destination BGP router).
                                The destination BGP router will manage
                                such waiting for X number of seconds.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">The destination BGP router
                                will match between a tracking ip packet
                                and an original ip packet - based on
                                their source address and their
                                destination address and their IP-ID
                                which will all be identical.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">More Aspects:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- The end-devices will not
                                need to be updated, any router will not
                                need to be updated, only all the BGP
                                routers will need to be updated.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Any BGP router in the
                                routing path, which the original ip
                                packet and the tracking ip packet are
                                not destined to an ip address in its own
                                network - will not check the content of
                                the tracking ip packet and will forward
                                both the tracking ip packet and the
                                original ip packet as they are.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Each BGP router will have
                                all the public keys (of all the ASN's)
                                locally.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Each BGP router will have
                                a full list of all the ASN's and all the
                                route objects ranges which are related
                                to them locally.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">How BGP routers will
                                receive all the ranges in all the route
                                objects of all the ASNs (in the 5 RIRs)
                                and all the public keys of all the ASNs
                                (for decrypting the encrypted strings in
                                'tracking ip packets'):</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Each BGP router will
                                create a tcp session with ICANN backend
                                infrastructure (the backend
                                infrastructure of ICANN will use BGP
                                anycast and will be available from many
                                locations worldwide with automatic
                                syncing)</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- At this stage there will
                                be a handshake process between the BGP
                                router and the ICANN backend
                                infrastructure in order for ICANN to
                                know the correct ASN which is operating
                                the BGP router - the BGP router will
                                send its ASN in cleartext and also its
                                ASN encrypted with its
                                ICANN-communication-private-key , ICANN
                                will know the related public key for the
                                specific ASN from the specific ASN
                                object in the RIR (the public key for
                                communication with ICANN will be
                                displayed there) - after decryption
                                ICANN will compare the decrypted string
                                to the AS Number for successful
                                authentication.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- After successful
                                authentication, all the communication
                                will be encrypted, ICANN will notify the
                                BGP router about its public key and
                                ICANN will use the public key of the ASN
                                for the communication with ICANN - from
                                the ASN object in the RIR.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- The BGP router will send
                                over the session its public key to be
                                used by other BGP routers in order to
                                decrypt the encrypted string in the
                                tracking ip packets that it will
                                originate (that private key and public
                                key will be managed in the BGP router
                                GUI or CLI).</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- ICANN will notify all the
                                other BGP routers through the sessions
                                with them about a newly updated such
                                public key of any other BGP router.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- ICANN will also receive
                                in real-time any route object
                                creation/modification/deletion
                                notification from any of the 5 RIRs and
                                will then update all the BGP routers
                                through all of their sessions.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- In case a BGP router
                                doesn't have an active session to ICANN
                                backend infrastructure (for any reason,
                                might be due to networking issue) - then
                                temporarily the internal 'Check tracking
                                flag' of it will be set to 'off'. After
                                the session with ICANN backend
                                infrastructure will be re-established
                                and the BGP router will receive all the
                                meantime updates - the boolean value of
                                'Check internal flag' will return to
                                initial state.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Any update from ICANN
                                backend infrastructure to a BGP router
                                (such as a public key of another BGP
                                router, or a routing object update) -
                                will be confirmed that the update was
                                received well by the BGP router side.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">'Check tracking flag' in
                                BGP Routers:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- BGP routers, in their GUI
                                and CLI interfaces - will not allow the
                                end-user to set the boolean value of
                                'Check tracking flag', in order to avoid
                                misconfiguration.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- The ICANN backend
                                infrastructure through the session with
                                the BGP router - will be able to set the
                                boolean value of the 'Check tracking
                                flag'.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- The reason for it, is
                                that if 'Check tracking flag' will be
                                set on some destination BGP routers
                                while some other source BGP routers
                                weren't upgraded yet (and will not send
                                the 'tracking ip packet' due to it) -
                                then 'tracking ip packet' will never
                                reach the destination BGP router and the
                                internet will break.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Central setting of 'Check
                                tracking flag' through ICANN backend
                                infrastructure - will allow ICANN to
                                inform all the BGP routers at once to
                                switch 'on' the 'Check tracking flag'</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- ICANN, in the session to
                                any BGP router, will also receive the
                                percentage of ip packets that were
                                destained to that BGP router network -
                                that also had ip tracking packets, in
                                this way ICANN will know when all the
                                BGP routers were properly globally
                                updated and when it is time to enable
                                the 'Check tracking flag' in all the BGP
                                routers.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- ICANN will know if all
                                the BGP routers in the world were
                                upgraded based on keeping the full BGP
                                table and comparing it to all the BGP
                                routers that did and that did not open a
                                session to ICANN backend infrastructure.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">Automatic preventation of
                                IoT botnet infections:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- IoT botnets are based on
                                default credentials, if we can block
                                default credentials of IoT devices then
                                these kind of botnets (such as
                                Mirai-variants and similar) will stop to
                                have an impact in the internet.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- The data field in an ip
                                packet - will always be the same for an
                                access attempt to a IoT device with
                                default credentials - hence these kind
                                of "IP protocol data fingerprints" which
                                are related to specific "IP protocol
                                numbers" will be provided by ICANN
                                backend infrastructure to each BGP
                                router through the opened session with
                                it.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- There are two issues with
                                matching incoming ip packets to the
                                "locally stored IP protocol data
                                fingerprints" - the first one is that ip
                                packets can be sent by fragments (so not
                                all the data field will be sent at once
                                in order to be able to be compared with
                                the locally stored data fingerprints)
                                and the second is that usernames (or
                                url's) or any other textual data in the
                                incoming ip packet data field can be in
                                uppercase or in lowercase. In order to
                                overcome the possibility of the
                                existence of a single data fingerprint
                                in multiple incoming ip packet fragments
                                - then in case the BGP router is
                                recognizing the incoming fragmented ip
                                packet data value as part of an existing
                                fingerprint data in its local database
                                then it will keep track of the arrival
                                ip packet fragments based on their
                                specific IP-ID identifier and the BGP
                                router will not forward the last ip
                                packet fragment if the last ip packet
                                fragment will cause all the related ip
                                packet fragments to match a specific ip
                                fingerprint data (last ip packet doesn't
                                have to be the last fragmented part but
                                it is the last ip packet that arrived
                                with that IP-ID identifier, so the BGP
                                router will keep track of the specific
                                fragmented IP packets that arrived and
                                their indexes in order to know when the
                                last one of them arrived). Regarding the
                                second issue - the stored data
                                fingerprints in the local BGP router
                                will be stored in a way that some bytes
                                of them (in specific indexes) will not
                                be compared and in case all the other
                                bytes will match - then the bytes in
                                these indexes - will first be lowered
                                case - and only then comparison will be
                                made to the specific indexed bytes in
                                the specific ip packet data fingerprint.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- In case a IoT device
                                behind a BGP router will be infected
                                somehow (for example when a specific
                                fingerprint data with default
                                credentials for a specific device wasn't
                                updated yet through ICANN backend
                                infrastructure), it will be able to
                                infect all the other IoT devices in the
                                local network when the connectivity to
                                them is not through the BGP router, that
                                kind of impact will be much much lower
                                than infected IoT device which can
                                infect any other IoT device in the
                                internet and then massive botnets in the
                                internet are created which are being
                                used for DDoS.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">Automatic prevention of
                                botnet C&C ip addresses:</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Botnets C&C are also
                                a problem in the internet.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- This problem can be
                                overcome using the following technical
                                addition: the 5 RIR's will operate
                                end-users honeypots machines all over
                                the world (it will be implemented by a
                                single physical machine in each
                                location, for example in each datacenter
                                and in each major ISP, each single
                                physical machine will emulate a virtual
                                router and virtual VM's, the virtual
                                VM's will emulate many different kinds
                                of 'real world machines', any kind of
                                automatic updating (in the operating
                                system configurations) will be disabled,
                                these honeypots machines are not
                                intended to make any outgoing
                                connection, the virtual routers will
                                monitor if any outgoing connection is
                                made and if yes then it is to a botnet
                                C&C, the virtual router will update
                                the ICANN backend infrastructure
                                regarding it and the ICANN backend
                                infrastructure will update all the BGP
                                routers (in their open sessions)
                                regarding it to completely block any
                                communication to that botnet C&C ip
                                address. There will be a web-based
                                system and only the related Law
                                Enforcement Agency of that C&C ip
                                address region - will be able to remove
                                that C&C ip address from being
                                blocked after their manual check.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">- Honeypot machines will be
                                deployed using 'templates' - these
                                templates must be signed and not anyone
                                can create them, they should be created
                                and signed by an agreed Law Enforcement
                                Agency such as Interpol in order to make
                                sure that these templates are by-design
                                not making any outgoing connection. The
                                templates will be deployed in an
                                automatic way (major ISP's and
                                datacenters will be able to easily add a
                                'physical honeypot' server in their
                                network, that will be shipped to them),
                                the re-initiation of a compromised
                                'virtual machine' that made  an outgoing
                                connection - will also be automatic
                                through the system in the physical
                                server.</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black"> </span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">Respectfully,</span></p>
                          </div>
                          <div>
                            <p class="x_xxxmsonormal"><span
                                style="font-family:"Calibri",sans-serif;
                                color:black">Elad</span></p>
                          </div>
                        </div>
                        <p class="x_xxxmsonormal"><span
                            style="font-family:"Calibri",sans-serif;
                            color:black"> </span></p>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
members-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a>
<a class="moz-txt-link-freetext" href="https://mailman.ripe.net/">https://mailman.ripe.net/</a>
Unsubscribe: <a class="moz-txt-link-freetext" href="https://lists.ripe.net/mailman/options/members-discuss/aleksi%40magnacapax.fi">https://lists.ripe.net/mailman/options/members-discuss/aleksi%40magnacapax.fi</a>
</pre>
    </blockquote>
  </body>
</html>