[LINK] OzIT: 'ISPs could strangle zombies / disconnect subscribers'
Jan Whitaker
jwhit at melbpc.org.au
Tue Sep 29 11:59:35 AEST 2009
At 11:17 AM 29/09/2009, Roger Clarke you wrote:
>That said, it might be quite reasonable that the 'graduated series of
>measures' be able to accumulate across multiple incidents of
>exploitation of the particular zombie (i.e. a device-owner's response
>to the effect of 'oh, it stopped last time, so I didn't bother fixing
>it' isn't good enough).
I agree. There must be some assistance and many of the reputable ISPs
are quite patient and provide as best they can. Since some of these
bots are intermittent, it is difficult to know what is going on. How
many general users are aware that they can see what traffic is going
from their computers? I'd say very few. And even if they do know the
concept of 'logs', do they know what to do with them? How do they
tell what is benign and intentional/normal traffic and that which is
not supposed to be there? I've gotten myself in a pickle from time to
time by putting in blocks to IP addresses that are quite normal and
necessary for operation.
Then there is the issue of port blockage. Say what?
This sort of VERY simple information would be excellent for users to
be able to find and use for making their systems safer. It's not good
enough to say have a firewall and an antivirus program. There is a
lot more to it than that, as you all well know.
Jan
Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com
Our truest response to the irrationality of the world is to paint or
sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer
_ __________________ _
More information about the Link
mailing list