North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Quarantine your infected users spreading malware

  • From: Robert E.Seastrom
  • Date: Thu Mar 02 08:02:11 2006

Jim Segrave <[email protected]> writes:

>> On Tue, 28 Feb 2006, Bill Nash wrote:
>>
>> > The simplest method is to issue a different gateway to a registry of known
>> > offenders, forcing their into a restrictive environment that blocks all
>> > ports, and uses network translation tricks to redirect all web traffic to
>> > a portal.
>
> You did think of contacting them and asking? You know, e-mail, fax,
> telephone, that sort of thing?

Yes, we did think of that sort of thing.  Those of us with even the
slightest notion of business and profitability constraints promptly
discarded the idea of getting a human into the loop.  Ideally you just
automatically add them to the broken stuff database, notify/incent
them to fix things (by adding them to the quarantine group), and have
them take care of themselves by following the directions found
therein, and NOT involving your call center.

                                        ---Rob