Quarantine your infected users spreading malware
Jason Frisvold
xenophage0 at gmail.com
Tue Feb 21 15:42:20 UTC 2006
On 2/21/06, Bill Nash <billn at odyssey.billn.net> wrote:
> If you're talking about a compulsory software solution, why not, as an
> ISP, go back to authenticated activity? Distribute PPPOE clients mated
> with common anti-spyware/anti-viral tools. Pull down and update signatures
> *every time* the user logs in, and again periodically while the user is
> logged in (for those that never log out). Require these safeguards to be
> active before they can pass the smallest traffic.
Cost prohibitive.. In order to do that you'll need licenses from the
AV companies..
> The change in traffic flow would necessitate some architecture kung fu,
> maybe even AOL style, but you'd have the option of selectively picking out
> reported malicious/infected users (*cough* ThreatNet *cough*) and routing
> them through packet inspection frameworks on a case by case basis. Quite
> possibly, you could even automate that and the users would never be the
> wiser.
And then the privacy zealots would be livid.. Silently re-routing
traffic like that.. How dare you suggest such a ... wait.. hrm..
The internet basically does this already.. I wonder if the zealots
are aware of that.. :)
> - billn
--
Jason 'XenoPhage' Frisvold
XenoPhage0 at gmail.com
More information about the NANOG
mailing list