[Dshield] Interesting Zombie Data Graphs

Luke Dudney ldlist at westnet.com.au
Wed Nov 9 01:16:03 GMT 2005

mjcarter at ihug.co.nz wrote:
> I started a company with this problem in mind; ISPs do have
> the ability to identify Zombies and other infections. But
> most would not have the resource to handle the cleanup
> themselves. Most of the time you won't be able to talk a
> user through cleanup without spending hours on the phone and
> there is always the danger of ending up with a dead system
> due to miss interpreted instructions, language barriers,
> wrong diagnosis, etc.
> It is also resource intensive to have the customer "bring it
> in". Do ISPs have the room or the staff to handle this? I
> doubt that also especially during a major event, so I
> believe that their (ISPs) best option is to shut off access
> to their service. This way they can force the customer to
> take action and call the helpdesk, they can then pass the
> customer on to a service that specializes in these things.
> Yes there would be a fee but users must take some
> responsibility in keeping their systems clean and up to
> date.
> Regards
> Mike

The Australian government recently (Monday) launched a trial with a 
number of local ISPs to crack down on zombie infections within 
Australian IP space. I think this industry/government approach is an 
excellent way to deal with the issue, as governmental participation adds 
an extra sense of legitimacy to the ISP's actions from the customer's 
point of view. It also streamlines the process for the ISP and cuts out 
a certain amount of duplication of effort.. If more governments around 
the world took a similar approach I believe infection rates would improve.

More info here: 


More information about the list mailing list