Re: blue security folds

["Gaddis, Jeremy L." <jeremy () linuxwiz net>]

nocfed wrote:
> And if the ISP's could get their act together then most of the botnets
> would be no more.  This _IS_ something that can be controlled, to an
> extent.  Many of the network administrators need a course in
> Networking 101 which will greatly assist in tracking down the source
> of attacks.  If botnets are required to use their own IP's then how
> hard would it really be to track them down and disable them?
> Disruption of the end users connection and a flag on their account
> should clean them up, although not 100%.  So if you want someone to
> blame, blame the ISP, blame the hosting service, and blame the end
> user.

While I agree (mostly), getting the ISPs to do what you suggest will 
never happen.  If I, Joe Clueless User, have a bot running on my PC 
spamming half the world, and my ISP notices this and shuts me off, what 
will I do?  Assuming I'm like the majority of users and either a) don't 
know, or b) don't care what they're talking about, I'll cancel my 
account and switch to another ISP (that won't shut me off).  To do what 
you suggest would be for the greater good of the whole "Internet 
community", but would negatively affect $ISP's bottom line.  Since we 
all know they only care about themselves, well, draw your own conclusions...

-j

--
Jeremy L. Gaddis
GCWN, MCP, Linux+, Network+
http://www.jeremygaddis.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/