North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: mitigating botnet C&Cs has become useless
--On August 8, 2006 4:03:36 PM +0200 Arjan Hulsebos <[email protected]> wrote:
That's a nice idea, except how? How do you prove a user has gotten the malware off and patched? And further how can they do that without internet access? Hint, FWIR, it's not legal for us to distribute MS's patches to our subs. So how do you propose that? Some customers will fix themselves, some will just cancel and find an ISP that doesn't care they're spewing spam and worm traffic all the while complaining about how slow their internet service is. I'm really seriously interested, and I'm not trying to be a flaming troll-bait here. This is a *huge* problem. You can turn off a user sure enough, but how do you know it's OK to let that user back on. And besides doing that, we should educate our subs on how to properly maintain their PC (installing and keeping up-to-date antivirus software, patch the OS on a regular basis, you know the drill). And how is it our responsibility to educate users? I don't think it necessarily is. However because noone else is and we're all the ones most hurt by it we're forced to.
|