[95017] in North American Network Operators' Group
Re: botnets: web servers, end-systems and Vint Cerf
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sat Feb 17 19:42:21 2007
Date: Sat, 17 Feb 2007 19:38:54 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
In-Reply-To: <45D69F5A.4080001@he.iki.fi>
Errors-To: owner-nanog@merit.edu
On Sat, 17 Feb 2007, Petri Helenius wrote:
>> After all these years, I'm still surprised a consortium of ISP's haven't
>> figured out a way to do something a-la Packet Fence for their clients where
>> - whenever an infected machine is detected after logging in, that machine
>> is thrown into say a VLAN with instructions on how to clean their machines
>> before they're allowed to go further and stay online.
> This has been commercially available for quite some time so it would be only
> up to the providers to implement it.
Public ISPs have been testing these types of systems for over 5 years.
What sorts of differences can you think of that would explain why public
ISPs have found them not very effective?
Public ISPs have been using walled gardens for a long time for user
registration and collecting credit card information. So they know how to
implement walled gardens. But what happens when public ISPs use it for
infected machines?
