Broadband routers and botnets - being proactive
admin at digibase.ca
Sun May 13 06:15:47 UTC 2007
On Saturday 12 May 2007 04:35, Fergie wrote:
> Suresh is right -- if you don't think CPE compromises are an
> operational problem, then I'm not sure what is. :-)
> [changing gears]
> I'll even go a step further, and say that if ISPs keep punting
> on the whole botnet issue, and continue to think of themselves
> as 'common carriers' in some sense -- and continue to disengage
> on the issue -- then you may eventually forced to address those
> issues at some point in the not-so-distant future.
> I understand the financial disincentives, etc., but if the problem
> continues to grow and fester, and consumer (and financial institutions)
> losses grow larger, things may take a really ugly turn.
> - ferg
I totally agree - the issue keeps getting delayed and nobody is adressing it
like it should be, People keep talking about the issue but it NEVER gets
Here's my own two cents:
Most end-users don't know and probably, don't care about what they subject
their systems to, therefore, systems get infected constantly.
There will be no resolution of these bandwidth-wasting botnets unless
something is done about the end-users who don't know/care about what they're
doing, Most end users just "want things to work" without knowing and probably
without wanting to know what actually is going on "behind the screnes".
Furthermore, as I posted on another list, Users depend too heavily on
their "security software" and think if they have a firewall and antivirus,
that they can do anything and won't be infected, But as we all (I hope) know,
that's not true.
It's true ISPs should be held in higher responsibility to security issues such
as botnets, but the end-users who end up with bots/trojans on their systems
should also be held accounable. Perhaps if users get the weight on their
sholders of keeping clean, they will instead of how it currently is where the
issue seems to get only talked about but really no collective enforcement
anything as I stated earlier.
And it's not just users and ISPs that should be dealing with this issue,
Datacenters should as well, I can't count how many servers I've seen infected
and being used in botnets.
I say kudos to those who already combat botnets on their networks, However, To
those who do nothing at the moment: I say it's time to start.
Oh, one more thing to the first reply to this thread calling this a
non-operational issue, Gadi's in the right here: It IS an operational issue
that's getting reposted because it's NOT getting solved.
More information about the NANOG