how-to block ads
|
Krispy
Premium,VIP
join:2001-12-11
the stix
| reply to Nightfall
Re: FCC
said by Nightfall:
Step 1 - Notify the user via email. Give one week for the computer to be cleaned.
A week?!?!?! Oh my, within 24 hours these machines can send out hundreds of thousands of messages, a week is FAR too long to wait. In some cases I suspend without warning, I don't like to do it but if it's a particularly busy worm/virus/trojan then it's in both the subscriber's and ISP's best interest to have that machine stop being abused ASAP.
quote:
Step 2 - Notify the user via email and snail mail or telephone. Give one week for the computer to be cleaned.
Another week?!? By now we're into the millions of messages and the machine is likely exploited by a few different groups/individuals. And snail mail is far too costly in the long run (costs more then just the cost of a stamp) and you know where those costs will eventually end up. Do you really want to have to pay for the fact that your neighbor consistently opens any attachment sent to them?
quote:
Step 3 - Cut users internet access and notify user. Until system is cleaned, access will not be reactivated.
How do you determine if the system is cleaned? Most ISP's legal departments would choke on their screams if they were told the company was accessing subscriber's PCs, registries, etc.
Subscriber security is the responsibility of the subscriber, sure ISPs have to occasionally take out the whacking stick to remind some people but in the end it's the subscriber's PC and ISPs cannot dictate what they can and cannot do/install/whatever on their PC, the best an ISP can do is say 'you're not going to do it on my network'.
In my opinion one of the biggest problems facing abuse departments right now is the overwhelming number of abuse reports and the lack of any type of standardized logs which makes automation near impossible. For every 100 abuse reports we receive about 80% are invalid (contain no info outside of 'STOP THIS OR I WILL CALL FBI') and the remaining 20% are valid (and that's being generous) but we need to trudge through the entire lot to find that 20%.
Also, it would help abuse departments and their management if network security was more of a selling point as far as the consumer was concerned, if marketing finds out they lost X number of subscribers because the competition responded to abuse reports in a more timely fashion and kept them off blacklists, etc then marketing would be advocating more resources for those departments. | |
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
 ·Site5.com
 ·AT&T Midwest
 ·Comcast
| I agree, a week is a little too long.
If I were in charge, it would be 4 hours or immediate suspension of internet access. However, as other posters have said, this is very labor intensive. How many network engineers are you going to have watching over these connections. The big question is, should have have to be spending hours policing all the computers on their network? I am a network manager and that is my job, but I also regulate what all the computers have on them in my network. On the broadband network, these engineers are going to have much much more to deal with.
Looks like a difficult situation to deal with.
--
My Domain
Nightfall's Hockey and Life Journal | |
|
