Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:No way to cut the problem at the root? (Score 1) 74

I wonder if some security boffin might publish on github some iptables rate limiting rules in the same vein as dropping inbound ssh connections, but for any outbound IOT device traffic. Perhaps an ISO/ECMA mandated IOT ID byte in the MAC address after vendor ID [FE]? It appears iptables wont match against a MAC Regular Expression in filters.The manpage seems to require requires a fully qualified MAC. In lieu of revising the source code, the logic can be inverted and limit all addresses that aren't specifically allowed, pretty cumbersome, might easier & quicker to revise. Is there a list of vendor MAC ID for the offending devices (dont really care if there are collateral hits on other products from the same vendor, its just a rate limit not a total block, adjust the limit case by case). I wonder how feasible it would be for Cisco, et al. to provide DDOS mitigation access control lists/processors to block such at the source site or ISP.

Slashdot Top Deals

If you are good, you will be assigned all the work. If you are real good, you will get out of it.