| DDOS It appears to be under control now at BBR.
The thought I had is that the users who carry out random or unknown attacks on websites as a zombie computer should be held accountable.
Some may feel this is unreasonable considering the lack of understanding of a DDOS attack and an average users knowledge of what a DDOS really is.
The law has upheld the term Ignorance of laws doesn't make a person free from guilt.
----------------
Now to solve or help ease the congestion to a website per DDOS attack is to log the IP's that are causing this problem. Find out the domain and forward the individual ip's to the origin ISP.
After this, the ISP should alert the users on their network, letting them know they have participated in a massive attack on a specific website.
In turn the ISP should notify their customers by Letter that there computer has been infected by a virus that is making there computer act maliciously at a particular website.
In the best interest of the User the ISP should give the user options to rectify this so that the users computer does not participate in another DDOS attack in the future.
ISP should give an automated response to the complaints from the host server being DDOS'd to the user(s) and give them suggestions on how to get rid of the virus themselves since a good majority already offer anti-spy ware or anti-virus defense programs, briefly advise the user how to try and rid themselves of this problem.
If this cannot get resolved the ISP should tell them to try other methods including but not limited to having a re-install either by the user or by a certified computer professional.
---------------
What will motivate the user to make the necessary changes to fix their own computer?
A few warnings and note that if they don't respond to this threat they are a contributor to the problem either by choice or as a victim.
And the ISP should make policy like a 3 strike rule if they keep having the same issue with being a zombie computer after giving the users sufficient time to fix or address the issue on their end, then exercise a ISP policy that would temporarily suspend the users account for a few days or even a week depending on how many times this happens.
I think the user will get the point. Better fix the problem.
=------------------------------
Whether anyone thinks this is unfair or not going to work it can and at some point will be implemented once every website and ISP sees the joint interest in fixing problems like this.
The ISP's should have a method of delivery or try to assist in attempting to disable and remove the virus from the infected computer such as pointing the user to their websites FAQ or for a Fee help them get rid of the problem like tech support (fee based service, sure the ISP's like that revenue generator) or tell them to seek a local computer repair shop or a Generic Geek Squad if you will to rid the problem. If all else fails there is always a system reinstall or GO-back programs.
After going through this myself I learned quickly this is serious and nothing to mess around with.
Fair use policy is what all ISP's should try to implement and it wont be long before the Government sees the security implications and other websites that actually are loosing revenue because of a malicious attack.
-
I think its time to nip the problem in the head.
A hacker can't make you download malware but an ISP can enforce policy that makes users who fail to protect themselves from virus causing attacks like DDOS on corporate interests.
You are either part of the problem or part of the solution, its time for everyone including Gramps,Grandma and the computer illiterate users to get up with the program and start taking responsibility for what their property does.
If you own a car and it is a threat to others the law has a way of handling it, its the owners responsibility to fix issues with their car.
------------
On the other hand if the attacks are IP's that are out of the jurisdictional control of national carriers or otherwise international users (i.e. China) then for the time being the ISP or servers should be set to put a block on the ip addresses or if necessary a whole range block from what ever country is causing the problem until the ISP in question causing the problem gets pro-active in this matter.
-----------
Many would feel bothered if your TV reception was blocked because someone was talking on a Ham radio. Most likely you would get upset especially if you had nothing you could do about it.
Good thing there is and we don't have that problem.
The Key is everyone proactively getting involved and severely testing hackers by putting a leash on their activities or a restraint to some extent which would limit their ability to undermine the net in the case of DDOS.
No way you will rid all hacker activities but the DDOS is a serious threat and needs to be stopped now not later.
New hardware isn't the only answer users need to understand having access to the net is a privilege not a right.
Ask the infamous hacker Kevin Mitnick who lost his right to the internet for awhile.
- Sorry for the long post. If you don't agree be part of the solution and put some suggestions up on here that would help solve this issue if you think something different could be done to fix this other than what was suggested.
Thanks |
