nanog mailing list archives
Re: Operation Ghost Click
From: Valdis.Kletnieks () vt edu
Date: Tue, 01 May 2012 15:19:27 -0400
On Tue, 01 May 2012 10:40:57 -0400, Rich Kulawiec said:
Why haven't you cut these obviously-infected systems off entirely?
There's quite likely multiple systems behind a NAT-ish router, and Comcast doesn't have any real option but to nuke *all* the systems behind the router. This can be a tad troublesome if there's one infected box behind the router, but the customer is also using VoIP of some sort from another box - you may just have nuked their 911 capability. Or if they have multiple systems, you may have killed their ability to transact basic business like contact their local government or pay their utility bills from a box that's not infected. (Hint - it's the same basic reason why 3-strikes laws for copyright infringement that turn off the subscriber suck - the unintended collateral damage tends to break things you really don't want to break...)
Attachment:
_bin
Description:
Current thread:
- Re: Operation Ghost Click Livingood, Jason (May 01)
- Re: Operation Ghost Click Rich Kulawiec (May 01)
- Re: Operation Ghost Click Andrew Latham (May 01)
- Re: Operation Ghost Click Valdis . Kletnieks (May 01)
- Re: Operation Ghost Click Livingood, Jason (May 01)
- Re: Operation Ghost Click Leo Bicknell (May 01)
- Re: Operation Ghost Click JC Dill (May 01)
- Re: Operation Ghost Click Livingood, Jason (May 02)
- Re: Operation Ghost Click Jeroen van Aart (May 02)
- Re: Operation Ghost Click Valdis . Kletnieks (May 02)
- Re: Operation Ghost Click Jeroen van Aart (May 02)
- Re: Operation Ghost Click Christopher Morrow (May 02)
- RE: Operation Ghost Click Eric Wieling (May 02)
- Re: Operation Ghost Click Sean Harlow (May 02)
- Re: Operation Ghost Click Rich Kulawiec (May 01)