Quarantine your infected users spreading malware

Robert E.Seastrom rs at seastrom.com
Thu Mar 2 12:57:14 UTC 2006


Jim Segrave <jes at nl.demon.net> writes:

>> On Tue, 28 Feb 2006, Bill Nash wrote:
>>
>> > The simplest method is to issue a different gateway to a registry of known
>> > offenders, forcing their into a restrictive environment that blocks all
>> > ports, and uses network translation tricks to redirect all web traffic to
>> > a portal.
>
> You did think of contacting them and asking? You know, e-mail, fax,
> telephone, that sort of thing?

Yes, we did think of that sort of thing.  Those of us with even the
slightest notion of business and profitability constraints promptly
discarded the idea of getting a human into the loop.  Ideally you just
automatically add them to the broken stuff database, notify/incent
them to fix things (by adding them to the quarantine group), and have
them take care of themselves by following the directions found
therein, and NOT involving your call center.

                                        ---Rob




More information about the NANOG mailing list