nanog mailing list archives
Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
From: "Chris L. Morrow" <christopher.morrow () verizonbusiness com>
Date: Tue, 24 Jul 2007 16:22:11 +0000 (GMT)
On Tue, 24 Jul 2007, Suresh Ramasubramanian wrote:
On 7/24/07, Chris L. Morrow <christopher.morrow () verizonbusiness com> wrote:Pleaes do this at 1Gbps, really 2Gbps today and 20gbps shortly, in a cost effective manner. Please also do this on encrypted control channels or channels not 'irc', also please stay 'cost effective'. Additionally,Right. However one consolation is that all this is edge filtering, outbound. And some of it can be pushed off onto the CPE (e&oe availability of patched CPE)
I'd love to see CPE dsl/cable-modem providers integrate with a 'service' that lists out 'bad' things. it'd be nice if the user could even tailor that list (just C&C or C&C + child-porn or C&C older not than X days/hours/minutes) ... I think it might even help, and be vendor agnostic (from a provide and hardware) perspective.
Outbound traffic volumes wont be as horrendously high as those inbound, and should be a bit easier to categorize than inbound traffic DNS and routing tricks are the silliest, to some - but well, they work for a lot of low hanging fruit. And as you say, they are cost effective.
and they are at the control of the provider, which I think is also somewhat important, people don't know or don't want to police themselves (in general). Also, the false positive issue will still exist, regardless of where this 'service' exists. So we'll have to learn to deal with it and provide workarounds that grandma can do on her own without calling her vendor (equipment or service). -Chris
Current thread:
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking, (continued)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Stephen Wilcox (Jul 24)
- RE: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Raymond L. Corbin (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Roland Dobbins (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Roland Dobbins (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Chris L. Morrow (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Suresh Ramasubramanian (Jul 24)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Chris L. Morrow (Jul 24)
- RE: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Raymond L. Corbin (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Suresh Ramasubramanian (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Stephen Wilcox (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Valdis . Kletnieks (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Chris L. Morrow (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Suresh Ramasubramanian (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Sean Donelan (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Suresh Ramasubramanian (Jul 23)