[Dshield] Commentary on how to deal with infected users who fail to clean up their acts! [Fwd: [NANOG] Even you can be hacked

Tony Earnshaw tonye at billy.demon.nl
Sun Jun 13 17:37:56 GMT 2004

Jon R. Kibler wrote:

>>If you leave your lights on, the electric company will send you a bill.
>>If you leave your faucets running, the water company will send you a bill.
>>If you leave your computer infected, ???
> Sorry about the forward, but I thought that this was a very interesting commentary on how to deal with users who fail to clean up their infected computers! More ISPs should adopt the same approach...
> Just my $0.02 worth!

An interesting point of view. My ISP, Demon Internet in the Netherlands, 
runs an extremely tight ship. Demon has thousands of subscribers, by far 
and away most of them Windows (97-98%?), yet I see from my nightly 
firewall logs (I run RedHat Linux with a Netfilter/iptables firewall) 
that around 5-6 of them are obviously infected and within 2-3 days the 
infected IPs have "gone away", to be replaced by new ones.

Demon works together with its Windows customers - and smtp open relay 
customers, http proxy customers to educate them, help them and eliminate 
problems caused by them. The net result is satisfied and knowledgeable 
customers, a maintained revenue and absence of a bad taste in the mouth 
on all sides.

Which of the ISP's attitudes is to be preferred? And no, I have no 
shares in Demon, I'm not a Demon employee nor is any friend of mine, and 
there are some things Demon could do a lot better.



We make out of the quarrel with others rhetoric
but out of the quarrel with ourselves, poetry.

mail: tonye at billy.demon.nl

More information about the list mailing list