Broadband routers and botnets - being proactive

Chris L. Morrow christopher.morrow at
Mon May 14 01:18:35 UTC 2007

On Sun, 13 May 2007, Gadi Evron wrote:
> There is little to no financial incentive for ISPs to do something about
> this problem right now, even if it is currently under their direct
> control. Later on, when it is a problem - it will cost more.

So, out of curiousity, could you define: "under their control" for me/us?
I'm certainly think that weak CPE security is a problem, but I'm not sure
I agree that the CPE which is purchased as part of your service and
managed by you (you == random-customer in this example) is anyone's
problem except yours.

If you think that the lobbying groups inside consumer ISP's are going to
let through some set of regulations that gets them on the hook without
substantial rate increases you really need to re-evaluate that assumption

Some of this comes back to making people understand that computer security
is no different than anyother form of security (house, car, boat, wallet)
the only thing that is different is it's age.


More information about the NANOG mailing list