nanog mailing list archives
Re: botnets: web servers, end-systems and Vint Cerf
From: Simon Lyall <simon () darkmere gen nz>
Date: Sat, 17 Feb 2007 14:58:14 +1300 (NZDT)
On Fri, 16 Feb 2007, J. Oquendo wrote:
After all these years, I'm still surprised a consortium of ISP's haven't figured out a way to do something a-la Packet Fence for their clients where - whenever an infected machine is detected after logging in, that machine is thrown into say a VLAN with instructions on how to clean their machines before they're allowed to go further and stay online.
All very nice. This sort of things has been detailed a few dozen times by various people. Doing this is not hard from a technical point of view (which isn't to say it won't cost a lot of money to impliment). The hard bit is creating a business case to show how spending the money to impliment it and then wearing the cost of pissed off customers results in a net gain to the bottom line. If someone could actually do a survey to show how much each bot infested customer is costing their ISP then people might be able to do something. Right now AFAIK an extra 10,000 botted customers costs the average ISP no more than a dozen heavy p2p users. On the other hand Port 25 filtering probably is something that has low enough negatives vs the positives for people to actually do. -- Simon J. Lyall | Very Busy | Web: http://www.darkmere.gen.nz/ "To stay awake all night adds a day to your life" - Stilgar | eMT.
Current thread:
- Re: botnets: web servers, end-systems and Vint Cerf [LONG, sorry], (continued)
- Re: botnets: web servers, end-systems and Vint Cerf [LONG, sorry] Sean Donelan (Feb 20)
- RE: botnets: web servers, end-systems and Vint Cerf michael.dillon (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Mark Boolootian (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Roland Dobbins (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Niels Bakker (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf James Blessing (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Danny McPherson (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Valdis . Kletnieks (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf J. Oquendo (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Simon Lyall (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Petri Helenius (Feb 16)
- Re: botnets: web servers, end-systems and Vint Cerf Sean Donelan (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Sean Donelan (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Sean Donelan (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Sean Donelan (Feb 17)
- Re: botnets: web servers, end-systems and Vint Cerf Gadi Evron (Feb 17)