Having sat up until the wee hours of the AM last night cleaning up virus traffic on one of my private nets (an inhouse private net at that) i was giving this some thought. It seems that as with all things, knowledge is power. While all of the machines on the floor where the net op's team lives where fine (mostly windows), the entire call center was infected (entirely windows). When i went downstairs and spoke with them i was suprised (ok not really) to find that none of them knew how to run windows update or had ever heard of the xp firewall feature. They are in the process of being jailed behind thier own nat with heavy ACL's. It's something of a difficult spot. Modern society does not hand out cars to every Tom that can afford one. They make you pass a test and obtain a license first. Why? Because if you don't know what your doing and understand some basic safety procedures, you are a danger to other people. But any Joe with $400 can get on the internet and cause havok. Now understand me here, I'm not trying to start a "we should license internet users" war here. That would be silly. The trick here lies in this: the gvmt (im speaking of US roadways here) has something to the effect of a monopoly on roads. Don't want to get thier lisence? Don't drive on thier roads.. The internet doesn't have that simplicity. So the question is: how to convince "the users" that there are things they really should know and practice in the interest of everyone's safety? Unfortunatly like everyone else, I don't have the answer. Just another way of looking at it. I have learned however that trying to fix a behavioral problem with technology generally doesn't work. Untill "the users" in general get a little smarter about thier new toy, things won't get much better. That said someone made an interesting comment pertaining to whom it was that was selling the vulnerable machines. While not particularly usefull for much, it might be amusing to get some nice granular data on infected hosts brandnames. Be entertaining to see who's default config is the least virus prone. Anyway. Just a thought i had been muddling with hehe. Sorry to clutter the list with it. If anyone wants to chat about it drop me a line off list.
Er... two or three obvious reasons - there might be more.
# Users not updating their virus / firewall definitions, not paying for new definitions after their year of free definitions is done.
# Users leaving open windows shares, clicking on random windows attachments etc
# Viruses keeping one step ahead of antivirus vendors
Ryan Dobrynski Hat-Swapping Gnome Choice Communications Like the ski resort of girls looking for husbands and husbands looking for girls, the situation is not as symmetrical as it might seem.