ISPs in the Netherlands have had a "botnet treaty" in effect since 2009, which calls for blocking, user notification, and inter-ISP information sharing. <http://ripe59.ripe.net/presentations/huijbregts-botnet-convenant.pdf> <http://www.darkreading.com/blog/227700601/dutch-isps-sign-anti-botnet-treaty.html> I don't have any data about how effective it's been, though. On Tue, May 1, 2012 at 8:26 AM, Livingood, Jason <Jason_Livingood@cable.comcast.com> wrote:
On 4/26/12 10:03 PM, "Jeff Kell" <jeff-kell@utc.edu> wrote:
And what about the millions of users unknowingly infected with "something else" ??
(We have enough trouble isolating/remediating issues among our relatively small user base, I'd hate to be facing a major ISP size support/remediation effort...)
Does anyone have a plan?
Well, there's the new botnet code of conduct think (Mike O'Reirdan can chime in with more info here). Plus ISPs like the one I work at (Comcast) have been doing bot notification and remediation for some time now. I know other ISPs have different approaches, and so different bot programs, but the majority of them are doing something (with a few exceptions).
Jason