North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking

  • From: Chris L. Morrow
  • Date: Mon Jul 23 17:12:45 2007


On Mon, 23 Jul 2007, Tuc at T-B-O-H.NET wrote:

>
> >
> > I would imagine that if we're talking about "unsophisticated" users,
> > the majority of them have no idea what IRC is anyway -- most of them
> > are using AIM, or Yahoo! IM, or....
> >
> 	Quite true. I do know of a small fraction, however, that when Yahoo
> stopped supporting the chats for their groups, that went over to a Java
> IRC client. Granted, they still don't know that its IRC, but they'll still
> end up running into something totally unexplained.

and the sympton TODAY is 'irc', but in reality if cox spoke up I'd bet
they are doing this with much more than just this one irc server (or set
of irc servers)...

So, to back this up and get off the original complaint, if a service
provider can protect a large portion of their customer base with some
decent intelligence gathering and security policy implementation is that a
good thing? keeping in mind that in this implementation users who know
enough and are willing to forgoe that 'protection' (for some value of
protection) can certainly circumvent/avoid it.

It's perfectly plausible that cox implemented some trend-micro-like (or
maybe trend micro actual) device to do this work for them... just to pick
on one vendor of solutions in this space.

-Chris