|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: botnets: web servers, end-systems and Vint Cerf [LONG, sorry]
[email protected] wrote: This will not happen. Not even remotely.And you'll need to de-install IE and Outlook, I concur with ISP's looking for IE as some form of guideline. Stupid story... So I call Cox because for the 8mb down I am supposed to be getting, I was maxing out at 2mb, not a big deal.Thus ensuring that Firefox/Thunderbird will be the main target of the malware people. Is this necessarily any better? Note that Windows provides an extensive series of hooks which can be used by an application which wishes to subvert the normal operation of the OS. That subversive application could be the security monitor which is required by the ISP for Internet access because it is recommended in your guidelines. TechGirl: Can you go to your start menu... Me: No I don't use Windows TechGirl: Please hold TechGirl: (five minutes later) Are you using OSX? Me: No. Using Solaris, what would you like me to do? TechGirl: Please hold TechGirl: (minutes later) We don't support Solaris Me: What does an operating system have to do with lousy bandwidth... TechGirl: Please hold TechGirl: (minutes later) I have to escalate this to my manager TechGirl: Please hold Manager: Please go to your start menu... Me: No. As stated I'm not on Windows nor OSX. I use Solaris and I AM CONNECTED the service is horrible Manager: Well we only support Windows and OSX Me: (*ponders what this has to do with cruddy connectivity) Forget it... (Plugs in Windows laptop to make things easier). ISP's have come to rely on the bane of their client's issues. Asking someone to remove IE only to have their support group look for it is a nightmare in itself. Too many people have become so overdependent on Windows. The issue of security folks dealing with complexities is, they shouldn't have to when it comes to 65% of the problems which lead to incidents. Why should an ISP have to deal with issues that have nothing to do with their networks. I get calls day and night from VoIP customers: "My service is down your service sucks...."We live in a complex world. Computers are more complex than they were. OSes are more complex. Apps are more complex. Networks are more complex. And SOLUTIONS are more complex. But if the designers of computers, OSes, apps and networks can deal with the complexity, why can't security folks do likewise? 2007-02-19 00:23:36 '212XXX6428' at [email protected]:5060 for 3600 2007-02-19 07:59:43 '212XXX6428' at [email protected]:5060 for 3600 2007-02-19 10:58:44 '212XXX6428' at [email protected]:5060 for 3600 2007-02-19 12:58:05 '212XXX6428' at [email protected]:5060 for 3600 This client goes up and down like a see-saw at least 8 times a day. Their provider is horrible. Why should I spend resources trying to fix what has nothing to do with my company. Same applies to anyone in the security industry to a degree. A security engineer can only do so much given parameters most work with. "We're a Windows only shop!" touted the MCSE with glee as he wondered why he spent so much time rebooting. That actually sounds like an answerable question, if a company took it They won't because they haven't been pressed to do so, and it is rare that someone will take it upon themselves to do a good deed when it comes to situations like this. Roland Dobbins wrote: > NATting firewalls don't help at all with email-delivered malware, browser exploits, etc. Antivirus and ad-aware like programs almost often do when used appropriately. It boils down to education which won't happen. If forced however it is a different story so again I will point to customer sandboxing. And yes firewalls do help if configured properly on the business side of things. I use the same brute forcing script to create firewall rules to block IN AND OUT those offensive networks. So even if say a machine were to get infected, its only momentarily before I catch it, but this is my network(s) and those I manage/maintain. I have zero tolerance for junk and don't mind blocking a /8 if needed. People want to complain then I point out logfiles with information on why their entire class is blocked. [email protected] wrote: None of this is rocket science. The hardware available today can do this. This hardware is not expensive. It does, however, require systems vendors to have a bit of imagination and that seems to be in rather short supply in the modern world. Why would a vendor put all their eggs in one basket. "Brand New AntiVirus software... Guaranteed to stop hackers! Only $49.99 per year...", "Brand New AntiMalware software... Guaranteed to stop hackers! Only $19.99 a year!", "Brand New Intrusion Detection Prevention Dissemination Articulation software... Guaranteed to stop nuclear weapons of mass destruction... Guaranteed to keep you off of the Internet..." A vendor isn't going to do much, its truly not in their best interest to halt this garbage... So the irony goes out to again, Microsoft for selling security products that should be implemented beforehand. Attachment:
smime.p7s
|