Security Incidents mailing list archives

Re: Nimda et.al. versus ISP responsibility

From: Chip McClure <vhm3 () hades dnsalias net>
Date: Thu, 27 Sep 2001 10:59:49 -0700 (PDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 27 Sep 2001, Luc Pardon wrote:

I agree whole-heartedly with you on this issue. I believe it is the users
responsibility keeping their machines patched, up to date, and secure.
Whether they are technically minded or not. It is not the ISP's
responsibility to police all their users, however, given the high number
of infections, and network saturation of bandwidth, something has to be
done. Unfortunately, for the ISP's, they would bear the burden of
implementing filters (which I disagree with), or suspending accounts of
infected users' machines. If a customer is detected as having an infected
machine, give em a 24 hour shut-off notice. The ISP also looses money by
an infected customer. They need to pay the increased costs of bandwidth,
for the infected machines. I think the ISP wins in the long run, getting
rid of a few infected users.

A vulnerable machine left on the internet, is like leaving your wallet,
credit cards, and your front door wide open. Nobody else wopuld do that -
and it shouldn't happen here.

This also opens up a new door - what to do about the corporate systems on
the net which are infected / vulerable?

The Gartner group was right. Of course, this is just all my $0.02

Chip McClure

- -----
Chip McClure
Sr. Unix Administrator
GigGuardian, Inc.

http://www.gigguardian.com/
- -----

  I think we all agree that connecting an unpatched IIS machine to the
open Internet is acting irresponsibly. Most AUP's already prohibit
spamming, port scanning etc. (at least on paper). Why not include
"infection through negligence" as a reason for suspension? Maybe with a
reasonable grace period the first time.

  Problem is that one ISP can't go it alone. If they pull the plug, they
may loose the customer to a less responsible competitor.

  What do you all think ?


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.76

iQA/AwUBO7NpGIxq/3tb9j7EEQI6LwCfSAhkNpvdbSLubufIdNhW+Mm8+bMAoLn/
Oi9C+CE+PXsu6zZW7sctOfdj
=2DV+
-----END PGP SIGNATURE-----



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Nimda et.al. versus ISP responsibility Luc Pardon (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Chip McClure (Sep 27)
  - Re: Nimda et.al. versus ISP responsibility geoff (Sep 27)
- Re: Nimda et.al. versus ISP responsibility John Oliver (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Rich Puhek (Sep 27)
- Re: Nimda et.al. versus ISP responsibility terry white (Sep 27)
- <Possible follow-ups>
- RE: Nimda et.al. versus ISP responsibility John Campbell (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Adcock, Matt (Sep 27)
  - RE: Nimda et.al. versus ISP responsibility Tracy Martin (Sep 27)
    - RE: Nimda et.al. versus ISP responsibility Homer Wilson Smith (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Neil Dickey (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Michael B. Morell (Sep 27)

(Thread continues...)