funsec mailing list archives
Re: dumb. Comcast pop-ups)
From: RandallM <randallm () fidmail com>
Date: Mon, 12 Oct 2009 12:41:48 -0500
.
Message: 4 Date: Sat, 10 Oct 2009 12:42:04 -0400 From: Rich Kulawiec <rsk () gsp org> Subject: Re: [funsec] dumb. Comcast pop-ups To: funsec () linuxbox org Message-ID: <20091010164204.GA25408 () gsp org> Content-Type: text/plain; charset=us-ascii On Sat, Oct 10, 2009 at 12:05:24PM -0400, Jon Kibler wrote:
A *much* smarter move on Comcast's part would be to simply null route any suspected infected computer until it is cleaned up.
Absolutely. Infected systems should be walled off *in toto* (not in part, as some on NANOG have recently suggested, not grasping the true nature of the problem) until they're fixed.
Yes, that would put a greater load on Comcast's support staff, but maybe they could do it smarter -- like limit access to only the Comcast and legit AV vendor's web sites. Not a 100% cure, but I would think it would create less problems than pop-ups that get ignored and spawn rogue pop-ups that create even more malware infection.
.
How are they going to propose to CLEAN them up? Redirects, tainted dns, etc. We brought this subject up before a few months ago. Big boys need to provide something similar to fastfluxing for help sites with tools are they will stay infected unless the neighbors kid, jonny, comes over. -- been great, thanks a.k.a System _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: dumb. Comcast pop-ups) RandallM (Oct 12)