lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri Jun 9 18:25:14 2006 From: rg.viza at gmail.com (neil davis) Subject: blue security folds > While I agree (mostly), getting the ISPs to do what you suggest will > never happen. If I, Joe Clueless User, have a bot running on my PC > spamming half the world, and my ISP notices this and shuts me off, what > will I do? Most people would call the ISP tech support and say "my web doesn't work any more". At that point they could be informed that they are part of a botnet and need to reinstall their OS, your personal information is possibly comprimised, call us when you are done and we'll switch you back on. I used to co-locate a server in an ISP and it got pwned. The ISP shut my port off. I called, and he told me what was going on, I came down, swapped out the box with a properly secured one(I was inexperienced at the time), and was back up in no time. > Assuming I'm like the majority of users and either a) don't know, or You'd know when your port got shut down and called tech support because they'd tell you. > b) don't care what they're talking about, You'd care if they cut you off. > I'll cancel my account and switch to another ISP (that won't shut me off). If ISP's all did the right thing, you'd get cut off again and again and maybe eventually follow their advice or go without internet until you did. > To do what > you suggest would be for the greater good of the whole "Internet > community", but would negatively affect $ISP's bottom line. Excess bandwidth usage doesn't? How about all the time spent tracking down complaints and begging to have your ISP pulled out of blacklists because your users' computers are spamming people? This line of reasoning doesn't work for me. It doesn't work for the internet either, as we can all see. ISP's need to start turning ports off for people that are part of botnets. If it kept happening to them, they'd wise up and stop running every attachment they received. -Neil
Powered by blists - more mailing lists