[Dshield] Blackworm liability with ISPs?

Johannes B. Ullrich jullrich at sans.org
Thu Feb 2 15:50:39 GMT 2006

> We tell our users how to be safe and offer help in dealing with problems
> that may crop up.  We also try to detect (from the network) as many
> infected computers as we can.  But at the end of the day, what the user
> chooses to do is something we cannot be held liable for.

This is reasonble. The ISP should not have absolute responsibility for a
users security. Its just about everybody involved doing their part.

For an ISP (and .edu's are ISPs for the ResNet users), it means that you
provide help to users about how to secure their systems (e.g. a web
page, flyer...). You should also have a system in place to notify
problem users that are infected or that cause problems in other ways.

Users do have to be responsible as well. But remember that they usually
do not have CS degrees.

Johannes Ullrich                        jullrich at sans.org
Chief Research Officer                     (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS

"We use [isc.sans.org] every day to keep on top of
 security at our bank" Matt, Network Administrator.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060202/70f5e3a1/signature.bin

More information about the list mailing list