[98029] in North American Network Operators' Group
Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
daemon@ATHENA.MIT.EDU (Joe Greco)
Mon Jul 23 18:14:49 2007
From: Joe Greco <jgreco@ns.sol.net>
To: sean@donelan.com (Sean Donelan)
Date: Mon, 23 Jul 2007 15:52:58 -0500 (CDT)
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.64.0707231638530.4648@clifden.donelan.com> from "Sean Donelan" at Jul 23, 2007 04:49:07 PM
Errors-To: owner-nanog@merit.edu
> On Mon, 23 Jul 2007, Joe Greco wrote:
> >> Please enlighten me.
> >
> > Intercept and inspect IRC packets. If they join a botnet channel, turn on
> > a flag in the user's account. Place them in a garden (no IRC, no nothing,
> > except McAfee or your favorite AV/patch set).
>
> Wow, you are recommending ISPs wiretap their subscribers.
>
> I suspect some privacy advocates will be upset with ISPs doing that.
"Some privacy advocates" will be upset with ISP's doing what Cox is doing.
Maybe you missed that. If we assume that it is okay for Cox to actually
intercept the IRC sessions of their users, we're wayyyy far into that
mess anyways. I'm saying "do it right" if you're going to do it at all.
Personally, I'd prefer that they didn't do it, but that set of solutions
is more complex.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
