Lee wrote:
If an ISP is involved with tracking down DDOS participants or
something, I can understand how they'd know a system was compromised.
But any kind of blocking because the ISP sees 'anomalous' traffic
seems .. premature at best. SANS newsbites has this bit:
On Thursday, October 8, Comca
Original Message-
From: Lee
Sent: Friday, October 09, 2009 19:41
To: nanog@nanog.org
Subject: Re: Dutch ISPs to collaborate and take responsibility
On 10/9/09, Rich Kulawiec wrote:
> On Wed, Oct 07, 2009 at 06:25:53AM -0700, Owen DeLong wrote:
>> Additionally the problems of DDOS
On 10/9/09, Rich Kulawiec wrote:
> On Wed, Oct 07, 2009 at 06:25:53AM -0700, Owen DeLong wrote:
>> Additionally the problems of DDOS sourced from a collection of
>> compromised hosts could be interfering with someone else's ability
>> to make a successful VOIP call.
>
> Much more than that: they c
On Wed, Oct 07, 2009 at 06:25:53AM -0700, Owen DeLong wrote:
> Additionally the problems of DDOS sourced from a collection of
> compromised hosts could be interfering with someone else's ability
> to make a successful VOIP call.
Much more than that: they could be interfering with the underlying
Gadi Evron wrote:
[snip]
This will be an interesting phenomenon to watch. If it is successful
perhaps it could work here too."
Comcast is launching a trial on Thursday of a new automated service that will warn broadband customers of possible virus
infections, if the computers are behaving as i
Looks like ISP-to-customer notification of possible infection is starting
on Comcast in the US now.
http://news.cnet.com/8301-27080_3-10370996-245.html
---
Peter Beckman Inter
> From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Wed Oct 7 06:18:24
> 2009
> Date: Wed, 07 Oct 2009 18:17:57 +0700
> From: Dave Temkin
> To: Alexander Harrowell
> Subject: Re: Dutch ISPs to collaborate and take responsibility
> Cc: nanog@nanog.org
>
> Alexan
> On Oct 6, 2009, at 4:27 PM, Joe Greco wrote:
> >> Someone else pointed out that if the system in question has been
> >> botted/owned/pwn3d/whatever
> >> you want to call it, then, you can't guarantee it would make the 911
> >> call correctly anyway.
> >
> > I realize that many NANOG'ers don't act
On Tue, 6 Oct 2009, Jeroen Massar wrote:
The problem with all of that boils down to what people have to
believe... and how to properly inform them of that...
How many people remember this oldie, but goodie?
3.3.2.1.1 Trusted Path
The TCB shall support a trusted communication path
between
On Oct 6, 2009, at 4:27 PM, Joe Greco wrote:
Someone else pointed out that if the system in question has been
botted/owned/pwn3d/whatever
you want to call it, then, you can't guarantee it would make the 911
call correctly anyway.
I realize that many NANOG'ers don't actually use the technologi
Alexander Harrowell wrote:
On Wednesday 07 October 2009 00:27:55 Joe Greco wrote:
Assuming that the existence of an infected PC in the mix translates to
some sort of inability to make a 911 call correctly is, however, simply
irresponsible, and at some point, is probably asking for trouble.
On Wednesday 07 October 2009 00:27:55 Joe Greco wrote:
> Assuming that the existence of an infected PC in the mix translates to
> some sort of inability to make a 911 call correctly is, however, simply
> irresponsible, and at some point, is probably asking for trouble.
>
> ... JG
Also, someone me
> Someone else pointed out that if the system in question has been
> botted/owned/pwn3d/whatever
> you want to call it, then, you can't guarantee it would make the 911
> call correctly anyway.
I realize that many NANOG'ers don't actually use the technologies that
we talk about, so I'm just goi
>
> > -Original Message-
> > From: Eugeniu Patrascu [mailto:eu...@imacandi.net]
> > Sent: Tuesday, October 06, 2009 4:20 AM
> > To: Gadi Evron
> > Cc: NANOG
> > Subject: Re: Dutch ISPs to collaborate and take responsibility for
> bottedclients
mark [at] edgewire wrote:
> The end problem is still users and really, these users will click on
> anything that has a bright and shiny button which says, Ok. Really, does
> setting up a portal help? Perhaps a "sandboxed" area which has some
> information on securing their machine and keeping it c
Re: VOIP, 911, bots
Shape their bandwidth down to the minimum required to make a 911 call,
around 64Kbps, and capture their web accesses.
--
-Barry Shein
The World | b...@theworld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD|
The end problem is still users and really, these users will click on
anything that has a bright and shiny button which says, Ok. Really,
does setting up a portal help? Perhaps a "sandboxed" area which has
some information on securing their machine and keeping it clean may be
the way to go
On Oct 6, 2009, at 1:20 AM, Eugeniu Patrascu wrote:
Gadi Evron wrote:
Barton F Bruce wrote:
Stopping the abuse is fine, but cutting service to the point that
a family
using VOIP only for their phone service can't call 911 and several
children
burn to death could bring all sorts of undesira
> -Original Message-
> From: Eugeniu Patrascu [mailto:eu...@imacandi.net]
> Sent: Tuesday, October 06, 2009 4:20 AM
> To: Gadi Evron
> Cc: NANOG
> Subject: Re: Dutch ISPs to collaborate and take responsibility for
bottedclients
.
> >
> I think the need for som
Eugeniu Patrascu wrote:
Gadi Evron wrote:
Barton F Bruce wrote:
Stopping the abuse is fine, but cutting service to the point that a
family
using VOIP only for their phone service can't call 911 and several
children
burn to death could bring all sorts of undesirable regulation let
alone the
b
Gadi Evron wrote:
Barton F Bruce wrote:
Stopping the abuse is fine, but cutting service to the point that a
family
using VOIP only for their phone service can't call 911 and several
children
burn to death could bring all sorts of undesirable regulation let
alone the
bad press and legal expens
On 6/10/2009, at 3:04 AM, Justin Shore wrote:
Gadi Evron wrote:
Apparently, marketing departments like the idea of being able to
send customers that need to pay them to a walled garden. It also
saves on tech support costs. Security being the main winner isn't
the main supporter of the idea
On Mon, Oct 05, 2009 at 03:55:02PM -0700, Owen DeLong wrote:
>
> On Oct 5, 2009, at 11:23 AM, Barry Shein wrote:
>
> >
> >Perhaps someone has said this but a potential implementation problem
> >in the US are anti-trust regulations. Sure, they may come around to
> >seeing it your way since the int
On Oct 5, 2009, at 11:23 AM, Barry Shein wrote:
Perhaps someone has said this but a potential implementation problem
in the US are anti-trust regulations. Sure, they may come around to
seeing it your way since the intent is so good but then again "we all
decided to get together and blacklist c
Perhaps someone has said this but a potential implementation problem
in the US are anti-trust regulations. Sure, they may come around to
seeing it your way since the intent is so good but then again "we all
decided to get together and blacklist customers who..." is not a great
elevator pitch to an
Justin Shore wrote:
> Gadi Evron wrote:
>> Apparently, marketing departments like the idea of being able to send
>> customers that need to pay them to a walled garden. It also saves on
>> tech support costs. Security being the main winner isn't the main
>> supporter of the idea at some places.
>
>
Gadi Evron wrote:
Apparently, marketing departments like the idea of being able to send
customers that need to pay them to a walled garden. It also saves on
tech support costs. Security being the main winner isn't the main
supporter of the idea at some places.
I would love to do this both for
> -Original Message-
> From: Christopher Morrow [mailto:morrowc.li...@gmail.com]
> Sent: Sunday, October 04, 2009 4:04 PM
> To: Peter Beckman
> Cc: NANOG
> Subject: Re: Dutch ISPs to collaborate and take responsibility for botted
clients
>
> On Sun, Oct 4, 2009 a
On Sun, Oct 04, 2009 at 08:07:00PM -0400, Barton F Bruce wrote:
>> Exactly correct. The number one priority, which trumps all others,
>> is making the abuse stop. Yes, there are many other things that can
>> and should be done, but that's the first one.
>
> Stopping the abuse is fine, but cutting
> > Exactly correct. The number one priority, which trumps all others,
> > is making the abuse stop. Yes, there are many other things that
> can
> > and should be done, but that's the first one.
>
> Stopping the abuse is fine, but cutting service to the point that a
> family
> using VOIP only fo
Barton F Bruce wrote:
Stopping the abuse is fine, but cutting service to the point that a family
using VOIP only for their phone service can't call 911 and several children
burn to death could bring all sorts of undesirable regulation let alone the
bad press and legal expenses.
While a legitima
Exactly correct. The number one priority, which trumps all others,
is making the abuse stop. Yes, there are many other things that can
and should be done, but that's the first one.
Stopping the abuse is fine, but cutting service to the point that a family
using VOIP only for their phone ser
Christopher Morrow wrote:
I would also point out that Qwest does this walled-garden approach for
their customers (have been for at least 5 years now? d...@qwest could
clarify) and they've seen success with it. Aliant in .ca also has some
fairly aggressive anti-malware works installed. There are
On Sun, Oct 4, 2009 at 2:55 PM, Peter Beckman wrote:
> service being cut off. However it is ignorance and lack of maintenance
> that makes viruses and botnets so prevelant that it may just be time to
> bite the bullet and force users to learn how to maintain their machines.
because this work
On Sun, 4 Oct 2009, Owen DeLong wrote:
* Provide a short period of time (3 days) after notification and before
disconnect to give an opportunity to fix the issue without service
interruption
Uh... Here I differ. The rest of the internet should put up with the abuse
flowing out of yo
On Sun, Oct 04, 2009 at 04:33:43AM -0700, Owen DeLong wrote:
> Uh... Here I differ. The rest of the internet should put up with
> the abuse flowing out of your network for 3 days to avoid disruption
> to you? Why? Sorry, if you have a customer who is sourcing malicious
> activity, whether intent
On Oct 3, 2009, at 3:18 PM, Peter Beckman wrote:
On Sat, 3 Oct 2009, Gadi Evron wrote:
The story is covered by PC mag:
Thanks for the article Gadi. Honestly, I wish both my personal ISP
and
one of my business ISPs would do this. Though I have the technical
ability to monitor my outgoin
Hi!
A major reason ISPs are hesitant to take deliberate measures against such
systems is that they are afraid that disconnecting users and making them
spend time and money cleaning up their systems will only drive them into the
hands of competitors. And the support process itself is expensive,
Hi!
Sounds great but who cover the costs?
If done right, such a treaty here in the US and elsewhere thing would be a
major win for the Internet.
The ISP's will pick up the costs. A cleaner customer base is also a win
for them.
First implementations wont be next week however but the sta
Sounds great but who cover the costs?
--Original Message--
From: Peter Beckman
To: Gadi Evron
Cc: NANOG
Subject: Re: Dutch ISPs to collaborate and take responsibility for bottedclients
Sent: Oct 3, 2009 7:18 PM
On Sat, 3 Oct 2009, Gadi Evron wrote:
> The story is covered by PC
On Sat, 3 Oct 2009, Gadi Evron wrote:
The story is covered by PC mag:
Thanks for the article Gadi. Honestly, I wish both my personal ISP and
one of my business ISPs would do this. Though I have the technical
ability to monitor my outgoing connections for such things, it's not a
trivial t
The story is covered by PC mag:
---
... major Dutch ISPs have agreed to share information and establish a
common set of rules for responding to users infected with malware,
especially those in botnets. The agreement, called a "treaty" by locals,
involves 14 ISPs covering 98% of the market.
42 matches
Mail list logo
