[Dshield] Interesting Zombie Data Graphs

Laura Vance vancel at winfreeacademy.com
Wed Nov 9 19:50:13 GMT 2005


Faraone, Joseph A. wrote:

>/* soapbox
>
>To follow up on Pete's idea.  The $300 bill might be Draconian, but try
>this on for size...
>
>I'd proposed an "Internet Driver's License" a while back in several
>forums I teach/speak/rant to.  This driver's license nothing that will
>get you thru security at an airport, but it's regulated by the ISP.
>
>All the new customer/subscriber has to do is take and pass a simple
>online test prior to being allowed out of the ISP's intranet/sandbox
>onto the big, bad Internet.  The test would consist of required reading
>followed by questions on safety tips --   think of your favorite
>"Security for Idiots" questions...   The new subscriber would then have
>to either have or download from the ISP freeware (or paid-up commercial)
>anti-virus, personal firewall, anti-spyware, etc. prior to being allowed
>out of the sandbox. (many offer this option today.)  
>
>Once successful, the customer's IP/MAC address is allowed to roam
>freely...
>
>If there's indications of infection or zombie behavior, the customer's
>IP goes into quarantine until cleaned. 
>
>Is this a simple concept?  Yep.  Polyanna? Probably.  It's not so "easy"
>for the Bellsouths/Comcasts of the world to implement simply because it
>costs money.
>
>soapbox */
>
>JF
>  
>
This and any other solution that requires the user to download some ISP 
supplied software is bad for Linux users.  I already have a hard enough 
time when I move to a new ISP.  For example, when I moved to comcast, 
they sent a CD that had to be installed that would send some data to the 
cable modem and make it active on their network.  This software is not 
available in Linux, so I had to build a windows machine for the sole 
purpose of getting the cable modem up and running.  In the almost 4 
years that I've been with them, I had to call a couple of times to check 
on a possible network outage, and their first question is "what OS are 
you using?"  When I answer "Linux", they won't even answer a question 
about their network status, so the second time I called, I just told the 
person that I was using Windows NT.  They always say "we don't support 
Linux," even when I tell them that my question isn't about my OS, 
because I know my OS extremely well.

I keep due diligence on my own machine on the comcast network, and it 
would be a shame if it became even harder for me to use an ISP because 
they don't support Linux.  I would; however, be in favor of a solution 
like the ones mentioned if the ISPs would at least understand that their 
networks are already being used by Linux users, and they would provide 
something to allow us to continue.

-- 
Thanks,
Laura Vance
Systems Engineer




More information about the list mailing list