How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox)
Leigh Porter
leigh.porter at ukbroadband.com
Mon Jul 23 15:04:58 UTC 2007
Hiya,
Plenty of boxes can do redirection in the middle such as Redback,
Ellacoya etc.
We redirect customers who are infected to a web page when the first
connect. Then every few hours they get re-directed again, just enough so
it's a bit annoying.
If they ignore this for a few weeks, they get redirected more frequently :)
--
Leigh
Sean Donelan wrote:
>
> On Sun, 22 Jul 2007, Joe Greco wrote:
>> We can break a lot of things in the name of "saving the Internet." That
>> does not make it wise to do so.
>
> Since the last time the subject of ISPs taking action and doing
> something about Bots, a lot of people came up with many ideas
> involving the ISP answering DNS queries with the addresses of ISP
> cleaning servers.
>
> Just about every commercial WiFi hotspot and hotel login system uses a
> fake DNS server to redirect users to its login pages. Many
> universities use a fake DNS server to redirect student computers to
> cleaning sites.
>
> What should be the official IETF recognized method for network
> operators to asynchronously communicate with users/hosts connect to
> the network for
> various reasons getting those machines cleaned up?
>
> As far as I know, PPPOE is the only network access protocol that
> includes the feature of redirecting a host to a network operator's
> system; but Microsoft has decided not to implement it.
More information about the NANOG
mailing list