Kee Hinckley [05/10/03 00:57 -0400]:
Bringing this back to the more relevant topic. Is there something that ISPs could do to notify users and get in their face more without shutting off their connection? Perhaps a custom piece of
I have seen corporate and university networks that make every PC have PC Anywhere or its equivalent as part of the standard install, for activity to be monitored. In the case of ISP, stuff could be set up in broadband routers that automatically quarantine a PC if they see any suspect traffic - restrict it to a subnet where antivirus and OS patches are about the only thing available, along with a chat window (messenger, or a java applet, or whatever) that opens up to put you in touch with an ISP tech support guy. Involves far less work in the long run, if infected boxes can get isolated or quarantined automatically, as soon as the problem starts. What is needed is a cheap and reasonably idiot proof IDS plugin - broadband "routers" anyway do just about everything else, DHCP, NAT, Port Forwarding etc. srs