Broadband routers and botnets - being proactive

Ross Hosman ross at
Thu May 17 02:34:01 UTC 2007


I appreciate your well thought out email but I sit here and wonder
what exactly you are trying to accomplish with it? Are you just trying
to shame the two ISPs listed publicly or are you trying to spark a
discussion about something that many people here can't fix?

Many businesses today are focused on driving revenue and fixing old
CPE equipment doesn't generate revenue, it only ties up money and
resources that can be used elsewhere to drive revenue. If I were you I
would try to spin this problem in a way where you can show large ISPs
by fixing CPE's it will free up network resources and staff which can
be used elsewhere.

The people that can fix these problems are usually unaware of them so
try to educate those people. Write CEOs/CTOs/CSOs educating them and
push the security teams for these companies to escalate these issues
to their upper management (on that note I would say this type of
discussion would be better suited for a security mailing list for the
reason I stated before, many people here can't fix these problems).

Simply stating that there is a problem and shunning ISPs with this
problem isn't a fix for the problem, it just makes them ignore you and
the problem.


More information about the NANOG mailing list