As more home users sign up for broadband access and connect their computers to the Internet 24/7 they present a prime target for hackers. Home users are generally not security savvy and are lucky if they use Windows Update or update their AV software once a month.

Given unpatched, unprotected, relatively weak security and a high-speed connection you have a volatile mix for propagating viruses and worms of all types.

While running an Apache web server on a Redhat Linux box and logging my traffic I noted somewhere in the neighborhood of 40,000 to 50,000 hits a week from Nimda-infected computers that were on my ISP's subnet. I could go through, pick out the unique IP addresses and notify the ISP and hope they would do something, but since it had no affect on me (being that it was a Linux machine) I just ignored it.

My question is this- do you feel that ISP's should be somehow monitoring their networks for activity like that and shut down or notify the users? I realize they can't inspect every packet due to privacy and performance issues. But, couldn't they have an IDS somewhere or a honeypot of some sort just to pick up and deal with some of this traffic so it isn't out there waiting for the next unpatched / unprotected machine to infect and continue the cycle?