[Dshield] Commentary on how to deal with infected users who fail to clean up their acts! [Fwd: [NANOG] Even you can be hacked
tonye at billy.demon.nl
Sun Jun 13 17:37:56 GMT 2004
Jon R. Kibler wrote:
>>If you leave your lights on, the electric company will send you a bill.
>>If you leave your faucets running, the water company will send you a bill.
>>If you leave your computer infected, ???
> Sorry about the forward, but I thought that this was a very interesting commentary on how to deal with users who fail to clean up their infected computers! More ISPs should adopt the same approach...
> Just my $0.02 worth!
An interesting point of view. My ISP, Demon Internet in the Netherlands,
runs an extremely tight ship. Demon has thousands of subscribers, by far
and away most of them Windows (97-98%?), yet I see from my nightly
firewall logs (I run RedHat Linux with a Netfilter/iptables firewall)
that around 5-6 of them are obviously infected and within 2-3 days the
infected IPs have "gone away", to be replaced by new ones.
Demon works together with its Windows customers - and smtp open relay
customers, http proxy customers to educate them, help them and eliminate
problems caused by them. The net result is satisfied and knowledgeable
customers, a maintained revenue and absence of a bad taste in the mouth
on all sides.
Which of the ISP's attitudes is to be preferred? And no, I have no
shares in Demon, I'm not a Demon employee nor is any friend of mine, and
there are some things Demon could do a lot better.
We make out of the quarrel with others rhetoric
but out of the quarrel with ourselves, poetry.
mail: tonye at billy.demon.nl
More information about the list