Should ISPs start requiring their users to install Windows XP SP2?
nope. especially since, according to bill gates, linux would have the same reputation if it was a popular a platform (and therefore a target of more virii.) now, you could go further, and say "if you emit streams of wierd(*) looking traffic we'll shut your line down and wait for you to call us and give us an explaination" but then you're just going to be on the phone all the time and that's no good for anybody -- especially since cleanup costs are high, and reinfection "costs" are low, and phone time is really expensive. so why not just disallow all that bad junk all the time, instead of waiting for it to be seen in flight? [(*) "wierd" could mean streams of tcp/syn or tcp/rst, or forged source addresses, or streams of unanswered udp, or streams of ourbound tcp/25, or udp/137..139, or who knows what it'll be by this time next month?]
Let's face it -- this shouldn't have to be the ISP's problem.
you're right, and it won't be for very much longer. access isp's cannot take responsibility for the health of their customers' computers, they just need to work harder to ensure that access is all they provide, and that servers don't work, udp/137..139 doesn't work, and outbound e-mail is via tunnel or proxy. since access isp's aren't able to do even that much (for fear of their customers wraith, or due to lack of technology inside the headend, or whatever), it's going to get done by the dreaded giant merciless monster known as "market forces". -- Paul Vixie