Get tougher on botnet controlled customer PCs

Author	All Replies
TKJunkMail Enjoy the sun Premium join:2002-03-03 Avalon, NJ ·Sprint Mobile Broa.. ·Comcast	Get tougher on botnet controlled customer PCs Here is the part of the system that I think could work to really cut down on Spam - automatically blocking customer PCs from the ISP's network if they got owned by a botnet. Then make the customer prove their PC is clean before allowing them back on the network. »www.streamshield.com/index.php?o···temid=26 Content Forensics/Action: Automated facilities to quarantine and control infected botnet subscribers. The real question is - will any ISP's have the guts to actually implement that feature? -- -- Join Red Room Forum BLOG tkjunkmail.blogspot.com My Web Page
	to forum · permalink · · 2006-10-15 10:59:34 ·
Michieru2 zzz zzz zzz Premium join:2005-01-28 Miami, FL	ISP's should, but even if it where just blocked in the America's. You still have the rest of the world to deal with and that's where that solution fails. I won't make a suggestion either but in order to stop spam you got to always target the root problem and that's the scammers themselves.
	to forum · permalink · · 2006-10-15 13:50:23 ·
Skippy25 join:2000-09-13 Hazelwood, MO	reply to TKJunkMail They do implement secret caps and enforce those so I do expect they would do the same here. I just hope they are on to something that really helps.
	to forum · permalink · · 2006-10-15 20:05:31 ·
swhx7 Premium join:2006-07-23 Elbonia ·RoadRunner Cable	reply to TKJunkMail There have been some discussions of this idea here at DSLR and elsewhere in the past. The usual consensus seems to be that it has potential but would have to be implemented right. Possible problems: * Any cleanup requirement would impose tech-support costs. Just imagine all the people with infected PCs saying "How do I fix this?" and the cost of having TS people on the phone (or worse, on customer premises) removing all the trojans, etc. and trying to explain what the customer must do to prevent recurrence. This would make the cost/benefit ratio way in the red unless the external pressure for the ISP to clean up becomes a lot more expensive. * Forcing everyone to use software of the ISP's choice would be intolerable for any knowledgable customer. It would abolish security and privacy for the customer, distort the market and cause anyone with a clue to seek another provider. * The ISP taking on a cleanup role would be better off taking lesser measures such as blocking email ports other than thru its own email server unless the customer requests an unblock. The ones who request unblock will be those with more of a clue and they can be monitored. Search in the security forum for the prior discussions - there are a lot of pros and cons. -- This post was made with 100% recycled electrons.
	to forum · permalink · · 2006-10-15 21:41:18 ·
TKJunkMail Enjoy the sun Premium join:2002-03-03 Avalon, NJ ·Sprint Mobile Broa.. ·Comcast	said by swhx7 : There have been some discussions of this idea here at DSLR and elsewhere in the past. The usual consensus seems to be that it has potential but would have to be implemented right. Search in the security forum for the prior discussions - there are a lot of pros and cons. Thanks for reply. One solution I thought of that could address some of the problems is to refer them to a list of authorized PC cleanup services. The ISP disconnects them and won't reconnect them until the authorized cleanup service company certifies their PC to be clean. Also, the cost of doing this would make them more careful in the future. -- -- Join Red Room Forum BLOG tkjunkmail.blogspot.com My Web Page
	to forum · permalink · · 2006-10-15 21:50:31 ·
swhx7 Premium join:2006-07-23 Elbonia ·RoadRunner Cable	This would be OK as long as the customer could opt out of the services and do his own cleanup. The ISP's only legitimate concern is what they can detect on the network; inspecting the customer's PC is going too far. If the customer was required to use a commercial service, the potential for abuse would be too great. Getting on the ISP's approved-service list would become a kind of franchise and the requirement of using an approved service would create an incentive for scams (loosen the criteria for blacklisting, allow no appeals, collect dollars). The anti-virus vendors might get in on it too and then it would become a forced-purchase scheme. In addition there would be a gross violation of privacy, security and civil liberties in forcing customers to give root access to their PCs to some third party in order to get online. The self-cleanup option would avoid all these problems. Customers could use commercial services if they prefer, or have friends fix their PCs, or learn something about it themselves. -- This post was made with 100% recycled electrons.
	to forum · permalink · · 2006-10-15 22:10:40 ·


Thursday, 26-Nov 21:33:28	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF