At some point in like 10 years when all the computer illiterate people are gone there will be no more excuses for not being educated on malware and viruses. While I understand the ISP doesn't want to possibly cut into there profit margins they could easily put in place monitoring tools that can detect network traffic that is malware bound and reach out to the customer by email, phone and if need be by person. How much of tax payer money is spent to pay these FEDERAL (F.B.I.) agents to sit here and baby sit these computer ignorant and illiterate people for 6 months? So for the big ISPs like comcast i should pay out of my tax money because they cannot properly enforce a network policy that would require them to actually give a crap what is coming out of there network? There is always going to be viruses and malware, they will find ways to get them through but for heavens sake why would we if identified leave millions of compromised machines online with an attempt to do a cleanup? YOU as a network operator have a responsiblity to the other 40,000 AUTONOMOUS network to make sure your not polluting our private network infrastructure with garbage coming from your users and network. Clean up your mess. Like we will not tolerate spammers being housed on 'hosting' networks why should tolerate malware and infections coming from ISP's??? How much money is spent cleaning up hacked word press servers and udp.pl scripts... This is much bigger issue then at any cost making sure a user can get on to facebook to upload a picture of there cat sleeping upside down. If we enforced a proper policy and held network activity to certain standards the ISP's would fix the issue of ignorant users themselves by #1 educating there users , #2 implementing network monitoring on there outbound traffic to identify sources of infected and compromised machines, #3 implementing a cleanup policy, #4 letting the end user know they have a responsibility to make sure the machines they access the network from are clean and to do checks and to do there antivirus updates and os updates. Oh yah, and if we got all these 'supporting' DNS servers up why not just direct ALL users of it, who are clearly infected to a temporary page that will enlighten the customer that they are infected and give them instructions on clean up and give them a deadline of when there service will stop......... How hard is that? On Fri, Apr 27, 2012 at 10:55 PM, <Valdis.Kletnieks@vt.edu> wrote:

On Fri, 27 Apr 2012 21:39:20 -0500, you said:

...

Is it not detected by the common anti-virus software vendors? If the

This assumes that the computer hasn't been hit by something *else* that disables the user's AV software. Remember, multiple infections are *common*.

...

internet stopped working on my computer i would reach out to someone who knew how to fix it, keeping these people online and spreading the malware helps how??

The point is that the internet *didn't* stop working, so they have no reason to reach out yet.

And no, you can't just blindly cut the users off and make them call the ISP for several reasons:

1) At that point, the ISP incurs an expense to fix a problem they didn't cause. Remember that margins on most consumer-grade Internet accounts are pretty thin, and one long support call can wipe out the profit. So explain why the ISP wants to cut off a user who makes them $10/year profit, and spend $30 or more handling the support call, when they aren't in the business of providing security services to end users?

2) If the user has no POTS, cutting them off may have just cut off their 911 service. You want to take that risk?

3) Many times, there are multiple customer computers behind a NAT. Do you really want the hassle of an irate user calling in because you just broke the dad's VPN to work, because one of their kids has some cruft on their computer? (And no, don't try to tell them they should have bought business class service or similar crap, that *will* lose you a customer).

So explain why the ISP wants to cut off the user, when it will cost them money, and possibly a customer?