Hello, I often capture all activity occurring on my network and analyze it to see who is trying what. Often there are lots of machines out there scanning and attempting to exploit known (but plugged) holes. I've been thinking about starting an effort to force ISPs to notify clients that are doing such things, that they are known and will be "cut-off" if any future activity occurs. The ISPs would make these notifications based on other clients indicating that inappropriate activity is being directed against their systems. This would accomplish two things: 1) Cut down on some of those people that are trying to compromise other peoples systems. And 2) Allow those people whose systems are being used without their knowledge to further spread viruses (such as the codered on IIS - many IIS managers didn't even know that their machines were actively spreading it), to be notified so they can more quickly do something about it. Comments are welcome, but please keep them short. If you think this is a good idea and would like to help push it forward, let me know. If you have some concerns why there might be problems with this, I'd be glad to hear from you also. But keep it short in either case. I have contacted Verizon's ISP department and suggested something similar to them, but have not heard back from them. GFry __________________________________________________ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:28:34 PDT