botnets: web servers, end-systems and Vint Cerf

• Previous message (by thread): botnets: web servers, end-systems and Vint Cerf
• Next message (by thread): botnets: web servers, end-systems and Vint Cerf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 16, 2007, at 11:41 AM, J. Oquendo wrote:
>
> After all these years, I'm still surprised a consortium of ISP's  
> haven't figured out a way to do something a-la Packet Fence for  
> their clients where - whenever an infected machine is detected  
> after logging in, that machine is thrown into say a VLAN with  
> instructions on how to clean their machines before they're allowed  
> to go further and stay online.

"Umm, Mam, I'm sorry, but before you make that emergency
call we'll need to go to www.update.nnn and update the OS
on your machine, seems you've got some malware there at
home somewhere and you're going to need to take care of
it for me, OK?"

"Sir, before you can continue watching the World Cup or Super
Bowl you'll need to remove the spyware from your son's PC."

> If you ask me, traffic providers (NSP's/NAP's) and ISP's don't mind  
> this garbage coming out of their networks, if they did they'd  
> actually ban together and do something about it.

> Its obvious those charging for traffic will say little. Minimized  
> traffic means minimized revenue.

IIRC, most North America providers have fixed-rate broadband subscriber
plans.

> All I see is "No we despise that kind of traffic" along with a  
> shrug and nothing being done about it. I'm sure if some legislative  
> body somewhere started levying fines against providers, the net  
> would be a cleaner place. For comments on 100 million infected  
> machines... Doubtable. Anyone can play fuzzy math games, heck I  
> just strangely figured out that MS is costing me an arm and a leg!

While I understand your frustration, lest we not forget, providers  
are in
the business of making money, and solutions of this type today only add
to churn, additional operational expense and liability.  It's not  
quite so
black and white as you make it, unfortunately.

With that, as Sean points out, providers are trying to address the  
issues
in an business-savvy manner and some do seem to have reasonable (IMO)
solutions underway.  But be careful what you ask for, some of these
solutions you're mandating might very well resemble SiteFinder-style
schema's (or far worse) in order to justify the investment by the  
providers.

-danny

• Previous message (by thread): botnets: web servers, end-systems and Vint Cerf
• Next message (by thread): botnets: web servers, end-systems and Vint Cerf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]