[LINK] OzIT: 'ISPs could strangle zombies / disconnect subscribers'

Jan Whitaker jwhit at melbpc.org.au
Tue Sep 29 11:59:35 AEST 2009

At 11:17 AM 29/09/2009, Roger Clarke you wrote:

>That said, it might be quite reasonable that the 'graduated series of
>measures' be able to accumulate across multiple incidents of
>exploitation of the particular zombie (i.e. a device-owner's response
>to the effect of 'oh, it stopped last time, so I didn't bother fixing
>it' isn't good enough).

I agree. There must be some assistance and many of the reputable ISPs 
are quite patient and provide as best they can. Since some of these 
bots are intermittent, it is difficult to know what is going on. How 
many general users are aware that they can see what traffic is going 
from their computers? I'd say very few. And even if they do know the 
concept of 'logs', do they know what to do with them? How do they 
tell what is benign and intentional/normal traffic and that which is 
not supposed to be there? I've gotten myself in a pickle from time to 
time by putting in blocks to IP addresses that are quite normal and 
necessary for operation.

Then there is the issue of port blockage. Say what?

This sort of VERY simple information would be excellent for users to 
be able to find and use for making their systems safer. It's not good 
enough to say have a firewall and an antivirus program. There is a 
lot more to it than that, as you all well know.


Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com

Our truest response to the irrationality of the world is to paint or 
sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer

_ __________________ _

More information about the Link mailing list