On Mon, 19 Sep 2005, Florian Weimer wrote:
* Christopher L. Morrow:
I'm curious as to why people think that the problem isn't being addressed?
Do you see a business case for ISPs to help mass-market customers to clean up their infected PCs?
Nope, but I see a business case for software vendors to fix their problems, and for education of the people that are a problem. I'm not sure it'll fix the problem either, but blocking ports hasn't been wholey effective either, especially not when you consider RPC-over-http now :( hurray!
I still hear claims from the ISP folks that anything but prevention isn't viable, and all available data suggests that prevention is an
Mostly this is probably true. Consumer ISP's are in a rough battle of idiots/users versus 'next exploit against the most common platform deployed'. Sure there are stupidities committed by other than software vendors (how many routers have login passwd: cisco and no vty acl? How many cayman/dsl routers are out there with default userid/passwd and remove management enabled? How many wireless AP's are there with default admin setup? ... for fun, try the one at the Baron's Cove Inn in Sag Harbor... poor folks :( ) The issue of 'are consumer users getting better/worse/owned/deleted' isn't really the problem, the issue is "Is the Internet being treated as 'Critical Infrastructure' by some people in a position to make it 'better'?" I'd say that yes, there are lots of folks that consider their little piece of the Internet to be 'critical' and who are making steps where they can to ensure it's protected to the best of their ability. Just because folks aren't out beating drums daily doesn't mean the work isn't getting done. So, what leads you to believe it's NOT getting fixed/looked-at/worked/considered?
utter and complete failure. (Okay, maybe I'm exaggerating a bit, but you get the idea.)
I think Sean Donelan has some numbers about this... or we could google search the nanog archives :)