On Sat, 10 Oct 2009, der Mouse wrote: > > This is at least a step forward in network hygiene and I'm not > > impressed with the notion that this sets up spoof messages; you could > > say the same thing about any communications from an ISP. How else > > should Comcast notify users? > > I would suggest picking up the phone. I've worked at an ISP that _did_ > notify users who appeared to have pwn3d boxes, and that's what we did. >
If professional malware known to harvest data is confirmed present on the customer computer, and the ISP has knowledge, it could be considered in the customers' best interest if the ISP NOT allow them back on. Preventing ID theft and data theft is a valuable service. It might even come to be some day that there is a requirement of some kind not to allow PC that 'test positive' to connect. ID theft is rampant today. At some point the parties being harmed are going to expect that the loopholes start being closed. After-the-fact anti-virus is hit and miss at best. We will I believe see required traffic dropping for signature matches or some other confirmed metric. It could already be considered best practices. +------------------------- + Dave Dennis + Seattle, WA + Speakeasy, Inc. + d...@speakeasy.net + http://www.speakeasy.net +------------------------- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
