North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking

  • From: Valdis . Kletnieks
  • Date: Mon Jul 23 15:10:19 2007

On Mon, 23 Jul 2007 12:42:22 EDT, Sean Donelan said:

>    b. terminate tens of thousands of user accounts (of users who are mostly 
> "innocent" except their computer was compromised)

Given how often compromised computers have *multiple* installs of badware on
them, just cleaning off *one* bot that happens to be old enough to respond to
their cleaning script is not magically making their system actually safe.
There's probably *other* stuff on the box as well.

So just waving a mostly-ineffective magic wand at *part* of the problem isn't
doing anybody any favors.  Maybe you *should* be doing something drastic enough
to make the user sit up and take notice and *do* something...

(Disclaimer - I can get away with doing that, as "user bails for another
provider and takes his revenue with them instead of fixing the problem" isn't
an issue for my revenue stream. YMMV. :)

Attachment: pgp00010.pgp
Description: PGP signature