North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: botnets: web servers, end-systems and Vint Cerf
On Fri, 16 Feb 2007, Eric Gauthier wrote:
I run the network for a University with about 12,000 students and 12,000 computers in our dormitories. We, like many other Universities, have spent the last five or six years putting systems in place that are both reactive and preventative. From my perspective, the issues are still there but I'm not sure that I agree with your implications.
Why do you claim broadband providers haven't picked up on what universities have done?
Couldn't broadband providers say the same thing > Do we still have "compromised" systems? Yes. > Is the number of "compromosed" systems at any time large? No. > Is the situation out of control? No.
If you compare infection rates of a broadband provider with 10 million subscribers, which probably translates to at least 30 million devices with NAT, WiFi and mobile devices; would its infection rate be significantly different from a university with 12,000 students with 1 computer each?
If your university's upstream ISP implemented a policy of cutting off the
university's Internet connection anytime a device in the university network was compromised; how many hours a year would the university
be down? What if the university's ISP had a three-strikes policy, would
the university have used up all of its three-strikes? What proof should
the univeristy's upstream ISP accept the problem is corrected?
Is there some infection rate of university networks that upstream ISPs should accept as "normal?" Or should ISPs have a zero-tolorance policy
for universities becoming infected repeatedly?
How is the "acceptable" infection rate for universities different than the infection rate of other types of networks?