March 26th, 2003, 09:53 PM
Well, in my experiance, for the most part when you sign up for that alot of ISPs will actually give you a firewall if you dont have one, usually zone alarm, but still its something, im a home user to an extent (i dont work in a technology thingy) i think if you call them and tell them about it though they should at least check it out, i dont think they want anyone on there service spreading around infections.
March 26th, 2003, 10:01 PM
Because it affects their own systems and the systems of the rest of their customers.
Originally posted here by ZomBieMann77
my question is why should the isp worry about it if the user wants to screw up his system by not educating himself to the potential threats posed by a 24/7 connection.
Hopefully, if everyone else was patched and protected and there was just one moron who got infected, it would still be using up bandwidth needlessly and possibly a lot of bandwidth depending on the threat.
There are also the brand new systems. In most cases, even for the vigilent home user (is that an oxymoron?) there is a window of opportunity where the machines defenses are down. When it is first purchased and has the base install of all the software. It takes time to connect with each vendor's web sites and download and apply all necessary patches. It takes time to download the latest engine and virus definitions after installing your AV software off of your CD. It takes time to get everything to a relatively safe baseline.
During that time a user could very easily be infected by Nimda (or some similar threat). They aren't being lazy or ignorant or indifferent to the security of their computers- but it could take an hour or two to get everything up to speed.
The ISP can't block or filter everything, but I think the customer has a right to expect that the ISP would take whatever reasonable steps it could to identify and remediate threats from its own subnets.
It would also help in the event that a brand new threat is released. It would help if they were prepared to somehow identify and mitigate the brand new threat to help stem the tide of propagation and bring it under control as quickly as possible instead of sitting back and throwing up their hands and shrugging off responsibility.
March 27th, 2003, 01:32 AM
Back in the 80s most of my mates were into CB, it was a way of meeting girls. These days the puter is king, chat rooms & im have taken over.
Meating someone for the first time from a cb contact was a dangerous but exiting thing to do. Having said that, it didn;t stop ppl meating. The relavent authority that should have monitered this traffic & stop any unlawfull activity, didn't.
Why?. To listen in & monitor is a violation of 1s human rights.
Know i am sure that elligal activity did take place over the cb but most of the activity was legal & harmless.
So for isps to monitor all are traffic is a violation of are right to privay. Personal security is the responsility of the person.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
March 27th, 2003, 01:49 AM
I have said repeatedly that I am not in any way saying they should monitor ALL traffic. I agree that its an invasion of privacy and would severely impact the performance not only to their own customers but across the Internet as they bottleneck the packets for inspection rather than simply forwarding them on.
That does NOT however preclude them from having one or more HIDS or some other sort of Host to monitor and log the traffic incoming to THAT HOST only. Doing so would have no impact on the overall speed of passing packets on to their destination nor would it be an invasion of anyone's privacy since the Host would only be inspecting packets that were sent to it in the first place.
Doing so would allow them to identify the Nimda-infected machines on their subnets (or elsewhere) that are broadcasting on their networks to their customers. They could contact those users to notify them and / or shut down their network access until they confirm the issue has been addressed.
I use Nimda as the prime example, but this method could be used to identify a variety of malicious or suspicious traffic and try to proactively deal with it without invading anyone's privacy or impacting network performance. It requires a minimum of hardware and very little technical expertise so the investment would be negligible. Hell, if my ISP wants to give me free service I'll supply them with the list of IP's hitting my web server with infected or malicious traffic each week and they can take it from there.
March 27th, 2003, 02:44 AM
To fully understand this you must first understand that an ISP is there to provide the Transport layer real basic service Transport as in place this packet to that place. What makes it diffcult are the likes of MSN and that pesky butterfly ad spot they push on TV and AOL's little play off the 6 million dollar man old TV show and well in short making the public think all of this stuff is simple and they take care of everything and both MSN and AOL do not say that pre 1996 or so they were a simple big what back then were called Bulleten Boards and there were thousands of them across the country. Throw in then a bunch of new kids and a bunch of dot coms (actually dot com) fresh out of school and a bunch of old farts wanting to pad the retirement accounts and you get this today world. ISP market a product like it is a telephone service provide nothing more then a dial tone really and make people think just plug in the computer like a phone only it's a bit more complex of a tool. Think does the phone company become accountable for all the telemarketing calls answer is NO they only provide the dial tone, take hits any one on-line does and most of it is totally automated and most infected users have no clue and if an ISP says anything then who would pay them for the service? Nimda, Code Red Slammer etc I get hit daily and I quit counting a few years ago, about the only place I have seen hold an ISP accountable is the EU calling M$ on the carpet for an ad ran there that implyed their software was secure. After some 25 years of networked computing I am now semi retired after all you young folks know it all. Just remember a BA in computer science and 25 years holds little value MCSE and CNE's are a dime a dozen now days and unless you want to work 24/7 have no life beyond your computer screen then go into computing it has become the mass marketing tool of this age. I've walked away almost a year ago as have many my age, I make simple flutes now days have a 24/7 connect and when I turn it on it has massive protection, never gave out my root email addy so no spam. And above all why waste Your time giving and ISP info for free, and what makes you even think they will listen? Transport layer is a huge problem as is there truth in the ads they run answer is not here but in laws and the real world and the power to vote write lays and make people aware of Marketing fluff.
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
March 27th, 2003, 08:25 AM
So, TonyBradley, what I think you propose is a honeypot (system setup to attract malicious users/apps) that can be used to log all scan/connect/intrusion attempts in order to track down infected systems on their own network or others? If it was that simple I would hope that all ISP's and major network providers would have that type of system already in place. From what I know the only major downside I can see would be the time required to review the logs and the time spent contacting the infected sites. The actual cost of the honeypot wouldn't have to be that high.
I don't feel that it would have anything to do with privacy either. The only information that would be gathered initially would be the actual intrusion attempt which would be an unsolicited attempt by another system to connect to the honeypot. Makes alot of sense to me.
March 27th, 2003, 10:50 AM
I quite agree with that but there some internet problem that only ISP may solve. IDS & NIDS and honeypot they do not care but one thing they may be worry about is the huge danger that represent DDOS and the only way to prevent that is the use of firewall or proper ACLs!
. Palemoon wrote:
Think does the phone company become accountable for all the telemarketing calls answer is NO they only provide the dial tone, take hits any one on-line does and most of it is totally automated and most infected users have no clue and if an ISP says anything then who would pay them for the service?
More precisely, the DrDOS attack bounce on ISP routers and servers. The only chance to prevent against this kind of massive attack is anti-spoofing conter measure from ISP.
DrDoS affects big ISP customers and may in the near future affect the ISP itself.
But in a first step Ithink that huge customer (like gov or majors) should put pressure on ISPs.
N.B. DrDoS (have a look on grc.com)
[shadow] SHARING KNOWLEDGE[/shadow]
March 27th, 2003, 02:49 PM
Hi ! who can help me
help me... i having a account to connect to internet free,i hacked , i needing have a software to connect to internet and this tool can help me hidden my phone number ....
March 27th, 2003, 02:55 PM
datahackervn, what do you mean exactly?
Do you mean that you want to be a Hacker?
You want to hide your phone number (VoIP????)?
I really think you couldn't have done a worst post than this one for your first!
Clarify your mind before you get flamed!
[shadow] SHARING KNOWLEDGE[/shadow]
March 27th, 2003, 09:37 PM
I hate major broadband ISP's, well at least major US cable providers. I brefily had a clabe intertnet, worked great for about a week and then code red hit. I was swamped by so many attempts to infect my system it accted like a DDos attack. When I called the ISp to complain they told me that all they could do was up my bandwith to compansate. Well I guess all of the code red infected people called to complain about slow conections, insted of telling them to get there systems cleaned the ISP uped there bandwith also, and I droped offline again. I was told by an ISP tech that they would not remove the infected users because they where paying customers, I informed him that up till that point I was a paying customer and cancled my account.