How should ISPs notify customers about Bots (Was Re: DNS Hijacking

• Previous message (by thread): How should ISPs notify customers about Bots (Was Re: DNS Hijacking
• Next message (by thread): How should ISPs notify customers about Bots (Was Re: DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Mon, 23 Jul 2007, Joe Greco wrote:

> > Intercept and inspect IRC packets.  If they join a botnet
> > channel, turn on
> > a flag in the user's account.  Place them in a garden (no IRC,
> > no nothing,
> > except McAfee or your favorite AV/patch set).

> Wow, you are recommending ISPs wiretap their subscribers.
>
> I suspect some privacy advocates will be upset with ISPs doing that.

Suppose I add a firewall rule to my router to block traffic to a particular
port. Does my router thereby "wiretap" every packet passing through it
because it needs to find out its destination port in order to determine if
the rule applies or not?

It is sometimes a tricky issue when you filter through legitimate traffic to
stop illegitimate traffic. But a rule that this is always wiretapping of
anything subjected to the automated inspection leads to ridiculous results.

DS

• Previous message (by thread): How should ISPs notify customers about Bots (Was Re: DNS Hijacking
• Next message (by thread): How should ISPs notify customers about Bots (Was Re: DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]