FTC, Partners Launch Campaign Against Spam "Zombies"

Jerry Dixon jerry at jdixon.com
Tue May 24 23:29:35 UTC 2005


Whelp, can't recall who said it at one of the NANOG presentations  
last week but to recap, get involved to help point people in the  
right direction in USG or at least provide enough "ops perspective"  
to folks so they get a clue or more clue on some of the challenges of  
these proposals.  (not always an easy task but that one is also a two  
way street sometimes it seems)  Alternatives or other approaches need  
to be highlighted while insuring they're grounded in operational  
technical reality.

In other words, Hi I'm from Telecom or ISP X and we're here to help  ;)

This will go a long way to prevent the dreaded "R" word from coming  
up (regulate).  Just to add further perspective, several of us in USG  
get called down to the hill to discuss many topics of concern by  
lawmakers/staffers.  In a recent trip when they called us from US  
CERT they were concerned about peer 2 peer file sharing and some of  
the security challenges associated with it.  We spent some time  
educating them on third-party tools and techniques to tackle the  
issue and that corporations and agencies need to leverage the  
technology.  We also highlighted some of the things industry is doing  
to tackle these issues.  Of course depending on size and fiscal  
resources determines the level of mitigations being deployed.  Why we  
suggested they talk to those in the private sector that actually own  
these infrastructures and some of those companies that are providing  
mitigation solutions to provide further perspective.

However, as you know security awareness is always a good thing and  
user education goes a long way.  (always comes back to that end- 
user)  I know in recent emails from a couple of my providers they  
sent out emails and flyers in the monthly statement to point users to  
FAQ's on how to protect themselves and where to dload anti-virus,  
personal firewall software, and anti-spy/adware tools.

I think it was Vijay(AOL)  that also stated that one support call  
eats all of the profits from that user based on the expected life of  
that user utilizing the service.  Hence a financial motivator to  
focus on prevention or mitigating the risk factors to lower the  
number of those incoming support call volumes so that profit margins  
don't get eaten.  (I know this is preaching to the choir in some  
instances but still a valid point)

Lastly, we'll also relay some of the operational realities back to  
those folks but again, awareness and mitigation is the objective.   
Suggestions or perspectives welcome :)


Cheers,

Jerry
  (quickly putting on the flame retardant suit)





On May 24, 2005, at 6:27 PM, Joe Hamelin wrote:

>
> "The FTC said it would ask 3,000 Internet providers around
> the globe to make sure that their customers' computers haven't
> been hijacked by spammers who want to cover their tracks and
> pass bandwidth costs on to others."
>
> "Hi! I'm from the government.  I'm here to help."
>
>




More information about the NANOG mailing list