ISPs' willingness to take action
Eric Kuhnke
eric at fnordsystems.com
Mon Oct 27 13:40:25 UTC 2003
This is definitely a business opportunity for any ISPs that wish to take
advantage of it... Hire clueful abuse desk people, set up a good IDS, run
spamassassin on your mail servers, and offer free antivirus software to the
broadband connected bare win32 PCs. I am sure midsize ISP marketing
departments will be able to brand this with a slick name and print brochure
or TV commercial.
"Tired of spam and junk on the internet? Sick of Pop-ups? Worried about
the spread of worms and viruses? We're better than the competition, and
here's why...!"
>We implemented an IDS system. The ROI comes from the inbound attacks
>being detected/prevented/shunned. But it's also listening to the
>outbound stuff, so when we see that a customer has the flavor of the
>week, we cut him off, give him a call and some friendly advice, and
>everyone's happy. When we see IRC joins and port scans from a customer
>server, we give him a call, advise him that he's been rooted, and offer
>to assist in his recovery (can you say business opportunity, folks?).
>
>Blocking ports is fine as long as you let people know what you're
>blocking and why, offer alternative solutions and offer to unblock if
>it's an absolute requirement. Often, once properly educated about the
>risks, a lesser experienced admin will be excited about the opportunity
>to do it the more secure way, and will begin preparations, so I've found
>the "unblock" is usually temporary.
More information about the NANOG
mailing list