|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Quarantine your infected users spreading malware
On 2/21/06, Bill Nash <[email protected]> wrote: > If you're talking about a compulsory software solution, why not, as an > ISP, go back to authenticated activity? Distribute PPPOE clients mated > with common anti-spyware/anti-viral tools. Pull down and update signatures > *every time* the user logs in, and again periodically while the user is > logged in (for those that never log out). Require these safeguards to be > active before they can pass the smallest traffic. Cost prohibitive.. In order to do that you'll need licenses from the AV companies.. > The change in traffic flow would necessitate some architecture kung fu, > maybe even AOL style, but you'd have the option of selectively picking out > reported malicious/infected users (*cough* ThreatNet *cough*) and routing > them through packet inspection frameworks on a case by case basis. Quite > possibly, you could even automate that and the users would never be the > wiser. And then the privacy zealots would be livid.. Silently re-routing traffic like that.. How dare you suggest such a ... wait.. hrm.. The internet basically does this already.. I wonder if the zealots are aware of that.. :) > - billn -- Jason 'XenoPhage' Frisvold [email protected]
|