I think it's more complicated than "prevent residential users from hosting servers".
You're right. As soon as we begin talking about what all ISPs should do, we are out of the realm of technical solutions and into the realm of psychology and politics. After all, we first have to convince all ISPs that something should be done and we have to demonstrate that there is a way to present the action to customers so that the customers will accept it. Customers generally don't like ISPs to tell them "you can't do this" unless there is a very well reasoned argument attached. I suggest that people should start thinking about ways to incorporate security services into their broadband access products and allow customers the choice of paying for the security services monthly to the ISP or paying up front one time by buying a broadband router. NANOG could help by collecting together some of the technical information about the various broadband routers so that ISPs have an exhaustive and definitive source to refer to. --Michael Dillon P.S. I have always used a router on my Internet connection even when it was only a dialup connection. Back then it was a FreeBSD box running TIS firewalls toolkit. Today it's a Speedstream 510 DSL router.