North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: IBM report reviews Internet crime

  • From: Frank Bulk
  • Date: Thu Feb 14 21:32:58 2008

Hear-hear: most of our customer's e-mail problems are resolved when we turn
off in the in and outbound scanning offered by their favorite AV vendor. =)
I bet we've had more support calls about e-mail scanning than the number of
viruses that feature has ever trapped for them.  

And another anecdote: we experienced a rash of malware-infected subscribers
spewing out spam last weekend.  Most of them had some kind of AV, but of
course that AV didn't prevent them from getting infected.  Many of them
update their definitions and scanned and thought they were clean, but
because the virus/Trojan was so new, they started spewing spam again.  In
this case, their AV software gave them a false sense of assurance.


-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Mark
Sent: 2008-02-13 17:35
To: nanog list
Subject: Re: IBM report reviews Internet crime

JC Dill wrote:
> I'm really surprised that ISPs haven't banded together to sue
> Microsoft for negligently selling and distributing an insecure OS that
> is an Attractive Nuisance - causing the ISPs (who don't own the OS
> infected computers) harm from the network traffic the infected OSs
> send, and causing them untold support dollars to handle the problem.
> If every big ISP joined a class action lawsuit to force Microsoft to
> pay up for the time ISPs spend fixing viruses on Windows computer,
> Microsoft would get a LOT more proactive about solving this problem
> directly.  The consumers have no redress against MS because of the
> EULA, but this doesn't extend to other computer owners (e.g. ISPs) who
> didn't agree to the EULA on the infected machine but who are impacted
> by the infection.
> jc

I think I would rather see a class action against Symantec for the
hundreds of hours ISP's waste fixing customers mail server settings that
Symantec sees fit to screw up with every update.   We can always tell
when they have pushed a major update - hundreds of calls from mail users
who can no longer send mail.

It's 2008.   How bloody hard is it to notice that the mail server SMTP
port is 587 and authentication is turned on?   Why do they mess with it?


Mark Radabaugh
419.837.5015 x21
[email protected]