[91795] in North American Network Operators' Group
Re: mitigating botnet C&Cs has become useless
daemon@ATHENA.MIT.EDU (Danny McPherson)
Sun Aug 13 10:26:18 2006
In-Reply-To: <18ccbaee0608090304i453b5e33t41c8157924baced3@mail.gmail.com>
From: Danny McPherson <danny@tcb.net>
Date: Sun, 13 Aug 2006 08:27:09 -0600
To: NANOG <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
On Aug 9, 2006, at 4:04 AM, Arjan Hulsebos wrote:
>
> Maybe so, but that argument doesn't buy me more helpdesk folks. The
> same holds true for the bandwidth argument, especially now that
> bandwidth is dirt cheap.
>
> On the other hand, it shouldn't be too difficult to come up with a
> walled garden profile for subs that have infected PCs, basically
> allowing only access to a filtering proxy, so these subs can download
> their patches and antivirus updates through it.
In addition to "they still need to be able to download patches and
attempt to fix their system" you may not be able to shut off all
services
for the subscriber regardless - e.g., they've got voice services and
you're killing their emergency dialing capabilities?
As importantly, broadband SPs are trying to move to triple (quad)
play services, how tolerant do you think your average subscriber is
to losing cable television services because their kid downloaded some
malware?
Minimizing subscriber churn and targeting profitable services are
critical,
most of these solutions today only make the problem worse - when
something breaks with vanilla Internet access the first person the
subscriber calls is the SP, and the resources cost for fielding those
calls
exceeds even that of the amortized capital costs for the service -
tearing
deeper into losses.
I half believe that Net Neutrality itself wouldn't be an issue if
operators
were able to run profitable businesses in broadband service markets.
Adding security to the mix only compounds the problem.
-danny
