Petri Helenius wrote:
How long until the next worm/virus/trojan would first disable this handshake and then attach to the network? Or you expect to terminate customers within the 24 hours new patches are out if they donĀ“t patch? or 72 hours?
I fully expect malicious code and even users to disable the handshake. That's fine. If a user happens to become infected, then they can be suspended or transfered to *must* perform handshake. Not everyone uses antivirus software. Not everyone will patch the security holes in their current software. Many would object to having to perform patches and delay their Internet surfing. Yet with such a protocol, a way could be provided for allowing a user to establish a connection which only allows them to fix their system without the outside world able to attack them and vice versa. Once patched, the system would recognize them as patched and allow full IP connectivity. Imagine how nice it would be if someone buying an XP machine this morning could actually connect to the Internet, patch their system, and be able to use the Internet without ever having their RPC exploited. If a user is infected with a virus, wouldn't it be nice if they could purchase A/V software and then be able to perform updates and clean their system without causing any harm to the network? -Jack