Re: dumb. Comcast pop-ups)

[RandallM <randallm () fidmail com>]

> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > .


Message: 4
Date: Sat, 10 Oct 2009 12:42:04 -0400
From: Rich Kulawiec <rsk () gsp org>
Subject: Re: [funsec] dumb. Comcast pop-ups
To: funsec () linuxbox org
Message-ID: <20091010164204.GA25408 () gsp org>
Content-Type: text/plain; charset=us-ascii

On Sat, Oct 10, 2009 at 12:05:24PM -0400, Jon Kibler wrote:
> A *much* smarter move on Comcast's part would be to simply null route any
> suspected infected computer until it is cleaned up.

Absolutely.  Infected systems should be walled off *in toto* (not in part,
as some on NANOG have recently suggested, not grasping the true nature
of the problem) until they're fixed.

> Yes, that would put a
> greater load on Comcast's support staff, but maybe they could do it smarter --
> like limit access to only the Comcast and legit AV vendor's web sites. Not a
> 100% cure, but I would think it would create less problems than pop-ups that get
> ignored and spawn rogue pop-ups that create even more malware infection.

> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > .


How are they going to propose to CLEAN them up? Redirects, tainted dns, etc.
We brought this subject up before a few months ago. Big boys need to
provide something
similar to fastfluxing for help sites with tools are they will stay
infected unless the neighbors kid,
jonny, comes over.

-- 
been great, thanks
a.k.a System

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.