ISP Responsibilities [WAS: Re: Nato warns of strike againstcyber attackers]

Michael Painter tvhawaii at
Thu Jun 10 08:53:27 UTC 2010

>From recent article at MIT Technology Review:

How ISPs Could Combat Botnets
Focusing on the top 50 infected networks could eliminate half of all compromised machines.

Convincing Internet service providers to pinpoint infected computers on their networks could eliminate the lion's share of 
zombie computers responsible for churning out spam and initiating other online threats, according to a new analysis.

The researchers analyzed more than 63 billion unsolicited e-mail messages sent over a four-year period and found more than 
138 million unique internet addresses linked to sending out the spam. Typically such machines have been hijacked by 
hackers and are corralled into a vast network of remote-controlled system known as a "botnet."

By correlating the Internet protocol addresses of these spam-sending machines with the networks maintained by Internet 
service providers, the researchers found that about two-thirds of them were located in the networks managed by the 200 
largest ISPs from 40 countries. The top-50 networks responsible accounted for more than half of all compromised IP 
addresses. If these ISPs were to shut down, or block, the malicious machines on their networks, it could cut worldwide 
spam by half.

"Those 50 ISPs are not the [dubious] ones we hear about," says Michel van Eeten, professor of public administration at the 
Delft University of Technology in the Netherlands and one of the authors of a paper on the research, which will be 
presented next month at the Workshop on the Economics of Information Security at Harvard University. "They are the ones we 
deal with every day, and so are more approachable and are in the reach of government."

Rest here: 

More information about the NANOG mailing list