[Dshield] Interesting Zombie Data Graphs

mjcarter@ihug.co.nz mjcarter at ihug.co.nz
Mon Nov 7 22:31:39 GMT 2005

> > service. This way they can force the customer to take
> > action  and call the helpdesk, they can then pass the
> > customer on to  a service that specializes in these
> > things. Yes there would be a fee but users must take
> > some  responsibility in keeping their systems clean and
> up to date.
> What stops them from just signing up with a different ISP
> that is less strict (i.e. less responsible) ?

Nothing, except the pain of having to do so.

> Any approach that causes more responsible ISPs to lose
> customers to less responsible ones is a non-starter.  This
> issue (hassles caused by security measures causing
> customers to move to the least  "secure" company possible)
> is the reason for the almost non-existent security of
> online banks.

I’m talking specifically about the home user and SOHO
market, the majority of Zombie targets. Most if not all ISPs
in NZ enforce a broadband cap, which means that if a
customer exceeds that limit their connection is throttled
down to 64 kb or 128kb and some will charge for any
additional traffic per mb . With the high amount of traffic
that Zombies and the like generate many customers find their
connections have been throttled by their ISP but don’t
have a clue why they are constantly exceeding their
broadband limit.

With the amount of content these days requiring broadband
speeds this throttling down is similar to blocking. Would
you rather be constantly exceeding your limit rendering your
connection almost useless or would you rather the ISP
blocked you? Forcing you to take action and rectify the

> I'd call for educating users to recognize good security
> and demand it, but experience has shown that educating
> users is a highly impractical approach to ANY problem :-)

As always, multiple approaches to a problem will give us a
much better chance of solving it. :-)


More information about the list mailing list