[88804] in North American Network Operators' Group
Re: Quarantine your infected users spreading malware
daemon@ATHENA.MIT.EDU (Scott Weeks)
Mon Feb 20 17:18:25 2006
From: "Scott Weeks" <surfer@mauigateway.com>
Reply-To: surfer@mauigateway.com
To: nanog@merit.edu
Date: Mon, 20 Feb 2006 12:17:44 -1000
Errors-To: owner-nanog@merit.edu
----- Original Message Follows -----
From: Gadi Evron <ge@linuxbox.org>
> Many ISP's who do care about issues such as worms,
> infected users "spreading the love", etc. simply do not
> have the man-power to handle all their infected users'
> population.
> Some who are user/broadband ISP's (not say, tier-1 and
> tier-2's who would be against it: "don't be the
> Internet's Firewall") are blocking ports such as 139 and
> 445 for a long time now, successfully preventing many of
> their users from becoming infected. This is also an
> excellent first step for responding to relevant outbreaks
> and halting their progress.
>
> Philosophy aside, it works. It stops infections. Period.
>
> Back to the philosophy, there are some other solutions as
> well. Plus, should this even be done?
Oh geez, here we go again... Search the archives and read
until you're content. It's a non-thread. This horse isn't
only dead, it's not even a grease spot on the road any more.
:-(
scott
