michael.dillon@bt.com wrote:
You misunderstand. The problem of securing machines *IS* solved. It is possible. It is regularly done with servers connected to the Internet. There is no *COMPUTING* problem or technical problem. The problem of the 100 million machines is a social or business problem. We know how they can be secured, but the solution is not being implemented.
--Michael Dillon
After all these years, I'm still surprised a consortium of ISP's haven't figured out a way to do something a-la Packet Fence for their clients where - whenever an infected machine is detected after logging in, that machine is thrown into say a VLAN with instructions on how to clean their machines before they're allowed to go further and stay online. If you ask me, traffic providers (NSP's/NAP's) and ISP's don't mind this garbage coming out of their networks, if they did they'd actually ban together and do something about it. Its obvious those charging for traffic will say little. Minimized traffic means minimized revenue. All I see is "No we despise that kind of traffic" along with a shrug and nothing being done about it. I'm sure if some legislative body somewhere started levying fines against providers, the net would be a cleaner place. For comments on 100 million infected machines... Doubtable. Anyone can play fuzzy math games, heck I just strangely figured out that MS is costing me an arm and a leg! http://www.merit.edu/mail.archives/nanog/msg04755.html -- ==================================================== J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 sil . infiltrated @ net http://www.infiltrated.net The happiness of society is the end of government. John Adams