RE: ISPs' willingness to take action

["Terry Baranski" <tbaranski () mail com>]

kenw () kmsi net wrote:
> As I see it, we're experiencing an ever-increasing flood of
> garbage network traffic.  While not all of it is easy or 
> appropriate to target, it seems to me there's some "low 
> hanging fruit" that could generate serious gains with
> relatively little investment.

I agree to an extent, though I think there are much more reasonable
places to start rather than adding IDS functionality to ISP routers and
moving to whitelist-only SMTP.  Anti-spoof/BGP filtering, DoS
tracking/sinkholing, working abuse@ addresses, etc.  But the problem is
with the end-hosts, so a common viewpoint is that this is where the
majority of the cleanup work needs to be done.  This was discussed at
length not long ago.

> A few things that make sense to me (as a non-ISP network 
> consultant) include:
>
> 1) Summarily fencing/sandboxing/disconnecting clients sending
> high volumes of spam, virii, etc.  You might politely contact 
> your commercial/static clients first, but anyone connecting a 
> "bare" PC on a broadband circuit is too stupid to deserve 
> coddling.  The great majority of your clients would thank you 
> profusely.

What if the great majority of your clients are bare PCs on broadband
circuits?

> So, the big question: why don't ISPs do more of this?  

What's the ROI?  The costs have to be offset somehow.  How easy is it to
convince clients to pay more to be your customer because you're more
strict on garbage traffic originating from your network relative to your
competitors?  Many feel that basic preventative measures like the ones I
mentioned are things that all ISPs "should" do for the sake of making
the Internet a better place, or however you want to phrase it.  But the
decision makers at a lot of ISPs seem to take a different viewpoint,
perhaps because their primary concern, as businesses, are dollar signs.

-Terry