North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
On Mon, 23 Jul 2007, Chris L. Morrow wrote: So, to back this up and get off the original complaint, if a service provider can protect a large portion of their customer base with some decent intelligence gathering and security policy implementation is that a good thing? keeping in mind that in this implementation users who know enough and are willing to forgoe that 'protection' (for some value of protection) can certainly circumvent/avoid it. Joe St Sauver covers some of these topics. http://www.uoregon.edu/~joe/zombies.pdf Should ISPs attempt to block Bot Command and Control connections (which is more general than just IRC C&C Bots), assuming ISPs try to avoid "legitimate" servers although mistakes might happen?
|