nanog mailing list archives

RE: IBM report reviews Internet crime

From: "Frank Bulk" <frnkblk () iname com>
Date: Thu, 14 Feb 2008 20:20:15 -0600


Hear-hear: most of our customer's e-mail problems are resolved when we turn
off in the in and outbound scanning offered by their favorite AV vendor. =)
I bet we've had more support calls about e-mail scanning than the number of
viruses that feature has ever trapped for them.  

And another anecdote: we experienced a rash of malware-infected subscribers
spewing out spam last weekend.  Most of them had some kind of AV, but of
course that AV didn't prevent them from getting infected.  Many of them
update their definitions and scanned and thought they were clean, but
because the virus/Trojan was so new, they started spewing spam again.  In
this case, their AV software gave them a false sense of assurance.

Frank

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Mark
Radabaugh
Sent: 2008-02-13 17:35
To: nanog list
Subject: Re: IBM report reviews Internet crime


JC Dill wrote:


I'm really surprised that ISPs haven't banded together to sue
Microsoft for negligently selling and distributing an insecure OS that
is an Attractive Nuisance - causing the ISPs (who don't own the OS
infected computers) harm from the network traffic the infected OSs
send, and causing them untold support dollars to handle the problem.

If every big ISP joined a class action lawsuit to force Microsoft to
pay up for the time ISPs spend fixing viruses on Windows computer,
Microsoft would get a LOT more proactive about solving this problem
directly.  The consumers have no redress against MS because of the
EULA, but this doesn't extend to other computer owners (e.g. ISPs) who
didn't agree to the EULA on the infected machine but who are impacted
by the infection.

jc


I think I would rather see a class action against Symantec for the
hundreds of hours ISP's waste fixing customers mail server settings that
Symantec sees fit to screw up with every update.   We can always tell
when they have pushed a major update - hundreds of calls from mail users
who can no longer send mail.

It's 2008.   How bloody hard is it to notice that the mail server SMTP
port is 587 and authentication is turned on?   Why do they mess with it?

--

Mark Radabaugh
Amplex
419.837.5015 x21
mark () amplex net

Current thread:

Re: IBM report reviews Internet crime, (continued)
- Re: IBM report reviews Internet crime Owen DeLong (Feb 12)
  - Re: IBM report reviews Internet crime Florian Weimer (Feb 12)
    - Re: IBM report reviews Internet crime Owen DeLong (Feb 12)
    - Re: IBM report reviews Internet crime Florian Weimer (Feb 13)
  - Re: IBM report reviews Internet crime Valdis . Kletnieks (Feb 12)
    - Re: IBM report reviews Internet crime Jim Popovitch (Feb 12)
  - Re: IBM report reviews Internet crime Andre Gironda (Feb 12)
    - Re: IBM report reviews Internet crime JC Dill (Feb 13)
    - Re: IBM report reviews Internet crime Andre Gironda (Feb 13)
    - Re: IBM report reviews Internet crime Mark Radabaugh (Feb 13)
    - RE: IBM report reviews Internet crime Frank Bulk (Feb 14)
  - Re: IBM report reviews Internet crime Tony Finch (Feb 13)
- Re: IBM report reviews Internet crime J. Oquendo (Feb 12)
  - RE: IBM report reviews Internet crime michael.dillon (Feb 12)
    - Re: IBM report reviews Internet crime J. Oquendo (Feb 12)
- Re: IBM report reviews Internet crime Paul Ferguson (Feb 12)
- RE: IBM report reviews Internet crime Scott Weeks (Feb 12)
  - Re: IBM report reviews Internet crime John Dupuy (Feb 13)