New Computer? Six Steps to Safer Surfing

Scott Weeks surfer at mauigateway.com
Tue Dec 21 19:10:19 UTC 2004




On Tue, 21 Dec 2004, Suresh Ramasubramanian wrote:
: On Tue, 21 Dec 2004 07:09:35 +0000 (GMT), Christopher L. Morrow
: <christopher.morrow at mci.com> wrote:

: > I'm not such a fan of the auto-acting devices, I'd rather have a person
: > review the action prior to taking it.... Each security/network person
: > should determine how best to handle that themselves though.

: For most large networks with hundreds of thousands of end users
: (broadband providers, say), the sheer volume of trojaned or otherwise
: compromised hosts makes automation necessary.
:
: This should of course be subject to manual review once the traffic has
: been cut off..


Certain types of infections can be dealt with automatically (to preserve
network performance) and other types of infections/compromises don't lend
themselves to fully automatic action.  For large and small networks, there
needs to be a combination of both.

Further, the methods used need to be strictly defined in policy and
carefully carried out according to the resulting procedures.  This keeps
everyone consistent in how the network-performance-affecting problems are
dealt with, resulting in more efficient troubleshooting and a happier
customer base.

scott




More information about the NANOG mailing list