nanog mailing list archives

Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking

From: Valdis.Kletnieks () vt edu
Date: Mon, 23 Jul 2007 14:01:29 -0400

On Mon, 23 Jul 2007 12:42:22 EDT, Sean Donelan said:

   b. terminate tens of thousands of user accounts (of users who are mostly 
"innocent" except their computer was compromised)


Given how often compromised computers have *multiple* installs of badware on
them, just cleaning off *one* bot that happens to be old enough to respond to
their cleaning script is not magically making their system actually safe.
There's probably *other* stuff on the box as well.

So just waving a mostly-ineffective magic wand at *part* of the problem isn't
doing anybody any favors.  Maybe you *should* be doing something drastic enough
to make the user sit up and take notice and *do* something...

(Disclaimer - I can get away with doing that, as "user bails for another
provider and takes his revenue with them instead of fixing the problem" isn't
an issue for my revenue stream. YMMV. :)

Attachment: _bin
Description:

Current thread:

RE: DNS Hijacking by Cox, (continued)
- - - RE: DNS Hijacking by Cox Raymond L. Corbin (Jul 22)
    - Multiple different ISPs respond to Bots (was RE: DNS Hijacking by Cox) Sean Donelan (Jul 22)
    - Re: Multiple different ISPs respond to Bots (was RE: DNS Hijacking by Cox) Matthew Sullivan (Jul 22)
    - Re: DNS Hijacking by Cox Joe Greco (Jul 22)
    - How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Leigh Porter (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Valdis . Kletnieks (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
    - Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)

(Thread continues...)