> On Sat, Oct 10, 2009 at 12:05:24PM -0400, Jon Kibler wrote: > > A *much* smarter move on Comcast's part would be to simply > null route > > any suspected infected computer until it is cleaned up. > > Absolutely. Infected systems should be walled off *in toto* > (not in part, as some on NANOG have recently suggested, not > grasping the true nature of the problem) until they're fixed.
And prevent their customers from some activity on the internet that may be extremely urgent and important? As much as I would prefer such an approach personally, I'm afraid this is not a realistic option in the real world. > Let us also not forget that Comcast is *finally* taking this > first, bumbling, feeble step most of a decade after the > problem was very well-known among the clueful portions of the > community. Any competent organization would have acted > within days, at most, even if that action was being scripted > on-the-fly. (Compare/contrast with the speed and efficiency > of the response to 11/2-3/1988.) And I'm sure they are open to suggestion how to solve this with the least negative impact on them and their customers. cheers, Toralv Firmensitz: Muenchen Amtsgericht: AG Muenchen Handelsregister: HRB 144340 Geschaeftsfuehrer: Emmet Russell, Keith Krzeminski, Douglas Rice Bankverbindung: ABN-Amro Bank N.V. Konto 671 211 9006 UST-ID: DE168122444 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
