North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: botnets: web servers, end-systems and Vint Cerf

  • From: Sean Donelan
  • Date: Sat Feb 17 19:43:57 2007

On Sat, 17 Feb 2007, Petri Helenius wrote:
After all these years, I'm still surprised a consortium of ISP's haven't figured out a way to do something a-la Packet Fence for their clients where - whenever an infected machine is detected after logging in, that machine is thrown into say a VLAN with instructions on how to clean their machines before they're allowed to go further and stay online.
This has been commercially available for quite some time so it would be only up to the providers to implement it.

Public ISPs have been testing these types of systems for over 5 years. What sorts of differences can you think of that would explain why public
ISPs have found them not very effective?

Public ISPs have been using walled gardens for a long time for user registration and collecting credit card information. So they know how to
implement walled gardens. But what happens when public ISPs use it for infected machines?