North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
> On Mon, 23 Jul 2007, Suresh Ramasubramanian wrote: > >> What should be the official IETF recognized method for network operators > >> to asynchronously communicate with users/hosts connect to the network for > >> various reasons getting those machines cleaned up? > > > > Most large carriers that are also MAAWG members seem to be pushing > > walled gardens for this purpose. > > Walled gardens also block access to external IRC servers. However, that would seem to be expected. > On a network protocol level, walled gardens also contain things like fake > DNS servers (what about DNSsec), fake http servers, fake (or forced) NAT > re-writing IP addresses, access control lists and lots of stuff trying to > respond to the user's traffic with alerts from the ISP. > > Although there seems to be a contingent of folks who believe ISPs should > never block or redirect any Internet traffic for any reason, the reality > is stepping into the middle of the user's traffic sometimes the only > practical way for ISPs to reach some Internet users with infected > computers. Then they should do that ... FOR the users with infected computers ... and not break DNS for other legitimate sites. > But, like other attempts to respond to network abuse (e.g. various > block lists), sometimes there are false positives and mistakes. When > it happens, you tweak the filters and undue the wrong block. Demanding > zero chance of error before ISPs doing anything just means ISPs won't do > anything. "Think before act." ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.