North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox)

  • From: Leigh Porter
  • Date: Mon Jul 23 11:26:05 2007


Plenty of boxes can do redirection in the middle such as Redback,
Ellacoya etc.
We redirect customers who are infected to a web page when the first
connect. Then every few hours they get re-directed again, just enough so
it's a bit annoying.

If they ignore this for a few weeks, they get redirected more frequently :)


Sean Donelan wrote:
> On Sun, 22 Jul 2007, Joe Greco wrote:
>> We can break a lot of things in the name of "saving the Internet."  That
>> does not make it wise to do so.
> Since the last time the subject of ISPs taking action and doing
> something about Bots, a lot of people came up with many ideas
> involving the ISP answering DNS queries with the addresses of ISP
> cleaning servers.
> Just about every commercial WiFi hotspot and hotel login system uses a
> fake DNS server to redirect users to its login pages.  Many
> universities use a fake DNS server to redirect student computers to
> cleaning sites.
> What should be the official IETF recognized method for network
> operators to asynchronously communicate with users/hosts connect to
> the network for
> various reasons getting those machines cleaned up?
> As far as I know, PPPOE is the only network access protocol that
> includes the feature of redirecting a host to a network operator's
> system; but Microsoft has decided not to implement it.