Dave, I realize your fond of punishing all of us to subsidize the ignorant, but I would rather see those with compromised machines pay the bill for letting their machines get compromised than have to subsidize their ignorant or worse behavior. Owen Sent from my iPad On Jun 8, 2010, at 1:12 PM, dlr@bungi.com (Dave Rand) wrote:
[In the message entitled "Re: Nato warns of strike against cyber attackers" on Jun 8, 16:03, "J. Oquendo" writes:]
All humor aside, I'm curious to know what can anyone truly do at the end of the day if say a botnet was used to instigate a situation. Surely someone would have to say something to the tune of "better now than never" to implement BCP filtering on a large scale. Knobs, Levers, Dials and Switches: Now and Then (please sir, may I have some more ?) is 7 years old yet I wonder in practice, how many networks have 38/84 filtering. I'm wondering why it hasn't been implemented off the shelf in some of the newer equipment. This is not to say "huge backbones" should have it, but think about it, if smaller networks implemented it from the rip, the overheard wouldn't hurt that many of the bigger guys. On the contrary, my theory is it would save them headaches in the long run... Guess that's a pragmatic approach. Better that than an immediate pessimistic one.
It's really way, way past time for us to actually deal with compromised computers on our networks. Abuse desks need to have the power to filter customers immediately on notification of activity. We need to have tools to help us identify compromised customers. We need to have policies that actually work to help notify the customers when they are compromised.
None of this needs to be done for free. There needs to be a "security fee" charged _all_ customers, which would fund the abuse desk.
With more than 100,000,000 compromised computers out there, it's really time for us to step up to the plate, and make this happen.
--