[88807] in North American Network Operators' Group
Re: Quarantine your infected users spreading malware
daemon@ATHENA.MIT.EDU (Gadi Evron)
Mon Feb 20 18:00:08 2006
Date: Tue, 21 Feb 2006 00:57:15 +0200
From: Gadi Evron <ge@linuxbox.org>
To: surfer@mauigateway.com
Cc: nanog@merit.edu
In-Reply-To: <43fa4008.296.3e50.1577874282@mauigateway.com>
Errors-To: owner-nanog@merit.edu
Scott Weeks wrote:
> ----- Original Message Follows -----
> From: Gadi Evron <ge@linuxbox.org>
>
>>Many ISP's who do care about issues such as worms,
>>infected users "spreading the love", etc. simply do not
>>have the man-power to handle all their infected users'
>>population.
>
>
>>Some who are user/broadband ISP's (not say, tier-1 and
>>tier-2's who would be against it: "don't be the
>>Internet's Firewall") are blocking ports such as 139 and
>>445 for a long time now, successfully preventing many of
>>their users from becoming infected. This is also an
>>excellent first step for responding to relevant outbreaks
>>and halting their progress.
>>
>>Philosophy aside, it works. It stops infections. Period.
>>
>>Back to the philosophy, there are some other solutions as
>>well. Plus, should this even be done?
>
>
>
>
> Oh geez, here we go again... Search the archives and read
> until you're content. It's a non-thread. This horse isn't
> only dead, it's not even a grease spot on the road any more.
> :-(
I quite agree, which is why I trived to cover the philosophical part
from both sides. Now, how about some solutions that came about since our
last discussion that was nothing BUT philosophy?
