Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:No way to cut the problem at the root? (Score 1) 74

I wonder if some security boffin might publish on github some iptables rate limiting rules in the same vein as dropping inbound ssh connections, but for any outbound IOT device traffic. Perhaps an ISO/ECMA mandated IOT ID byte in the MAC address after vendor ID [FE]? It appears iptables wont match against a MAC Regular Expression in filters.The manpage seems to require requires a fully qualified MAC. In lieu of revising the source code, the logic can be inverted and limit all addresses that aren't specifically allowed, pretty cumbersome, might easier & quicker to revise. Is there a list of vendor MAC ID for the offending devices (dont really care if there are collateral hits on other products from the same vendor, its just a rate limit not a total block, adjust the limit case by case). I wonder how feasible it would be for Cisco, et al. to provide DDOS mitigation access control lists/processors to block such at the source site or ISP.

Slashdot Top Deals

We will have solar energy as soon as the utility companies solve one technical problem -- how to run a sunbeam through a meter.

Working...