[63389] in North American Network Operators' Group
Re: ISP network registration virus scan
daemon@ATHENA.MIT.EDU (Ryan Dobrynski)
Sat Oct 4 00:05:40 2003
Date: Sat, 4 Oct 2003 00:01:48 -0400 (AST)
From: Ryan Dobrynski <ryan@viaccess.net>
To: Sean Donelan <sean@donelan.com>
Cc: Alex Lambert <alambert@quickfire.org>, <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.44.0310032051140.19567-100000@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
for most virus type stuff i find an acl on thier nearest interface to
both deny and log thier traffic patterns is helpfull. im not sure how
feasable that would be on a larger network. i've only got about 10k
users so the above is not yet unreasonable.
On Fri, 3 Oct 2003, Sean
Donelan wrote:
> Date: Fri, 3 Oct 2003 20:57:20 -0400 (EDT)
> From: Sean Donelan <sean@donelan.com>
> To: Alex Lambert <alambert@quickfire.org>
> Cc: nanog@merit.edu
> Subject: Re: ISP network registration virus scan
>
>
> On Fri, 3 Oct 2003, Alex Lambert wrote:
> > > The university netreg lists has a frequently asked question if its
> > > possible to perform a virus scan of new computers as part of the network
> > > registration process. So far, people have only been able to do a network
> > > scan (e.g. open ports), or some version of proxy check or nessus.
> >
> > The University of Florida has implemented something like this.
> > Apparently, they have a client-side app that detects malware...and P2P
> > apps. Interesting concept but it's understandably not being received well.
> >
> > http://yro.slashdot.org/yro/03/10/03/1643202.shtml
>
> That's just a normal network traffic flow monitor, it doesn't actually
> check the user's computer.
>
> The issue is how to check the computer is "fixed" after the user claims
> its fixed. Or do you just keep repeating the cycle of user claims the
> computer is fixed, enable the port, computer attacks other stuff, disable
> the port, user claims its fixed, repeat.
>
>
Ryan Dobrynski
Hat-Swapping Gnome
Choice Communications
Like the ski resort of girls looking for husbands and husbands looking
for girls, the situation is not as symmetrical as it might seem.
