How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox)

Leigh Porter leigh.porter at ukbroadband.com
Mon Jul 23 15:04:58 UTC 2007


Hiya,

Plenty of boxes can do redirection in the middle such as Redback,
Ellacoya etc.
We redirect customers who are infected to a web page when the first
connect. Then every few hours they get re-directed again, just enough so
it's a bit annoying.

If they ignore this for a few weeks, they get redirected more frequently :)

--
Leigh


Sean Donelan wrote:
>
> On Sun, 22 Jul 2007, Joe Greco wrote:
>> We can break a lot of things in the name of "saving the Internet."  That
>> does not make it wise to do so.
>
> Since the last time the subject of ISPs taking action and doing
> something about Bots, a lot of people came up with many ideas
> involving the ISP answering DNS queries with the addresses of ISP
> cleaning servers.
>
> Just about every commercial WiFi hotspot and hotel login system uses a
> fake DNS server to redirect users to its login pages.  Many
> universities use a fake DNS server to redirect student computers to
> cleaning sites.
>
> What should be the official IETF recognized method for network
> operators to asynchronously communicate with users/hosts connect to
> the network for
> various reasons getting those machines cleaned up?
>
> As far as I know, PPPOE is the only network access protocol that
> includes the feature of redirecting a host to a network operator's
> system; but Microsoft has decided not to implement it.



More information about the NANOG mailing list