Forwarded from: Chad W. Didier <cdidier@private> Why not quarantine individual computers or networks at the ISP level then redirect them to a proxy that does nothing but tell the users/admins their network is compromised and quarantined and will remain so until the problem is solved? The ISP could even offer an online virus scan as a possible means to clear up their machine and allow them access to the internet. All internet data funnels through an ISP at some point. If virus threats are as serious as the industry moans and groans about then how come we haven't seen serious attempts to quarantine infected individuals or entire networks thereby preventing continued spread of the virus and driving home the seriousness of that individual or organization's failure to protect their own systems. A doctor will quarantine a person or group if he believes them to be infectious with a serious illness. Why then are we not quarantining our digital selves? Obviously, the expectation that an individual or organization is going to do what is right and follow best practices isn't working. -=- Forwarded from: Kurt <kurtbuff@private> Ya know, someone could do the world a large favor if they actually wrote what a lot of people have speculated about - a MyDoom variant that spreads, but after some period of time formats the local hard drive. I'm no fan of viruses, nor especially of virus writers, but if someone did this, it would actually help reduce a lot of problems, including spam. -=- Forwarded from: "Henderson, Dennis K." <Dennis.Henderson@private> How about simply not allowing SMTP direct to the Internet? Geez, that's a no-cost solution for companies with firewalls.. Dennis -----Original Message----- From: William Knowles [mailto:wk@private] Sent: Tuesday, February 03, 2004 5:50 AM To: isn@private Subject: [ISN] MyDoom sparks talks of security's future http://news.com.com/2100-7349_3-5152165.html By Robert Lemos Staff Writer, CNET News.com February 2, 2004 The virus, which has combined many old attack techniques into a successful package, was hardly blunted by antivirus programs during the first few hours of its exponential spread. That's a problem, said Shlomo Touboul, CEO of security software maker Finjan Software. "The MyDoom attack should never have propagated so far into the Internet," he said. "It is obvious that we need another layer (of software) to protect during the first hours of attack." - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Feb 04 2004 - 04:17:45 PST