republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Security Absurdity: A long-overdue wake up call
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Spycar suite of free Exploit Tests »
« Is there a harmeless virus that I can sent to myself to test  

N O Y B
St. John 3.16

join:2005-12-15
Forest Grove, OR

Re: Security Absurdity: A long-overdue wake up call

Apathy is right. Especially on the part of ISPs that could very easily automate such things as bot detection and automatically shutdown the connection. They could also automate detection and blocking of certain automated types of email address harvesting.

Even if you pull the logs from your firewall and send your ISP major offenders nothing is likely to be done. Shutting down the easy to detect high offending bots would go a long ways toward protecting the ignorant computer operator. At least maybe for more the 4 minutes. With all the bots hitting my firewall it’s easy to see how an unprotected computer could be taken control of in a matter of minutes.

There are some other things ISPs and corporations need to do as well. Like untying account number and/or login ID from publicly used things such as email address and web space URL, etc. And make all authentication via secure methods, even for SMTP/POP and NNTP, etc.
permalink · 2006-05-16 00:53:25 · Print · Reply to this

Khaine

join:2003-03-03
Australia

Re: Security Absurdity: A long-overdue wake up call

said by N O Y B See Profile :

Apathy is right. Especially on the part of ISPs that could very easily automate such things as bot detection and automatically shutdown the connection. They could also automate detection and blocking of certain automated types of email address harvesting.

Even if you pull the logs from your firewall and send your ISP major offenders nothing is likely to be done. Shutting down the easy to detect high offending bots would go a long ways toward protecting the ignorant computer operator. At least maybe for more the 4 minutes. With all the bots hitting my firewall it’s easy to see how an unprotected computer could be taken control of in a matter of minutes.

There are some other things ISPs and corporations need to do as well. Like untying account number and/or login ID from publicly used things such as email address and web space URL, etc. And make all authentication via secure methods, even for SMTP/POP and NNTP, etc.
And what happens when a new bot comes out that the ISP doesn't scan for and a customer gets infected and sues the ISP for failure to do its job? You know someone would do it.

Currently ISP's are common carriers and don't have any liability for traffic that passes through their network. Buy forcing them to scan users or whatever you could change their legal status and their liability.
permalink · 2006-05-17 03:52:29 · Print · Reply to this

N O Y B
St. John 3.16

join:2005-12-15
Forest Grove, OR

Re: Security Absurdity: A long-overdue wake up call

said by Khaine See Profile :

And what happens when a new bot comes out that the ISP doesn't scan for and a customer gets infected and sues the ISP for failure to do its job? You know someone would do it.

Currently ISP's are common carriers and don't have any liability for traffic that passes through their network. Buy forcing them to scan users or whatever you could change their legal status and their liability.
I don’t think you understand how to detect a bot. You don’t target each specific type. You target by activity. Ex: set up a firewall and start logging unsolicited traffic. Then shutdown the ones that are obviously bots.

They are liable if they know of illegal activity and do not take action stop it. You can not provide service to someone knowing they intend to using for conducting illegal activity and claim innocents. It would be like a gun shop selling a gun to a person all the will knowing they intend to us it to commit a crime (armed robbery, murder, etc).

There are certain illegal activities taking place on ISP networks by their very on customers and the ISP know it. And I know they know it because I know it too. In the case of bots it does not require scanning all traffic. Bot detection and shutdown is much simpler than that.

What I don’t understand is why there are so many in support of the apathetic status quo. Are that many of you actually bot operators and spammers?
permalink · 2006-05-17 13:14:34 · Print · Reply to this
Forums » Up and Running » Security » SecuritySpycar suite of free Exploit Tests »
« Is there a harmeless virus that I can sent to myself to test  

Sunday, 29-Nov 02:35:48 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [122] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [80] TiVo Sees Record Customer Losses
· [73] Weekend Open Thread
· [70] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [62] Thanksgiving Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Using AirMax to provide triple play services? [Wireless Service Providers]
· [Newsgroups] Newzleech down? [Filesharing Software]
· Windows 7 boot manager editing questions [Microsoft Help]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· [Future9] Future9 status [VOIP Tech Chat]
· Comcast Clear QAM Basic Cable $12.99/month [Comcast Cable TV]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]