Sean Donelan <sean@donelan.com> wrote:
Do people find "self-certification" by end-users actually fixes anything?
depends on how badly they want to get back on that interweb-thing...and how clueful they are (or can be made to be). if the penalties for not being clean are steep enough (no interweb privileges for a semester), then i think they will do it right.
Or do users keep on clicking on the "Yes, I'm Clean" button?
In the meantime, you still have to carry the traffic from the infected computer if only on your quarantine "network." Usually the quarantine LAN is some type of virtual network, so the underlying bandwidth is still consumed by the traffic. Its amazing what happens to a registration server when an infected computer tries to register tens of thousands of times a minute. Redirecting the user traffic to a quarantine server, results in that server getting whalloped.
i would hope that you are filtering and rate-limiting upstream traffic, and that you have built the server with sufficient horsepower and self-preservation hooks that it would survive. ftp or http don't require too much upstream, and you probably don't need to allow much else from the users computers /joshua "Walk with me through the Universe, And along the way see how all of us are Connected. Feast the eyes of your Soul, On the Love that abounds. In all places at once, seemingly endless, Like your own existence." - Stephen Hawking -