Re: Nimda et.al. versus ISP responsibility

From: Neil Dickey (neilat_private)
Date: Thu Sep 27 2001 - 11:59:10 PDT

Next message: Marc Ducharme: "RE:Nimda et.al. versus ISP responsibility ---> a few thoughts"

Previous message: Greg Dotoli: "Re: [RE: Nimda et.al. versus ISP responsibility]"
Maybe in reply to: Luc Pardon: "Nimda et.al. versus ISP responsibility"
Next in thread: Michael B. Morell: "RE: Nimda et.al. versus ISP responsibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Luc Pardon <lucpat_private> wrote:

>  I think we all agree that connecting an unpatched IIS machine to the
>open Internet is acting irresponsibly. Most AUP's already prohibit
>spamming, port scanning etc. (at least on paper). Why not include
>"infection through negligence" as a reason for suspension? Maybe with a
>reasonable grace period the first time. 

While I might support this on first blush, there is the possibility of
unintended consequence to be considered.

Those of us who have developed a facility with computers easily forget
how steep the learning curve is for the inexperienced, and how genuinely
frightening the climb can be for some people.  It used to require
considerable competence to purchase a computer and get it running, but
nowadays all one has to do is buy it and plug it in.  This, of course,
the Clueless Computer User ( CCU ), is right at the core of the problem.
Not a few of them, literally, would freeze like a deer in the headlights
on receipt of such a notification, complete with threatened sanctions.

Further, if you suspend the network connection, you have just isolated
them from the help and the patch packages they need to fix the difficulty.
This is true regardless of the level of competence of the user, and really
isn't such a good thing to do in my opinion.  ( Personal experience here;
details upon request. )

Exactly what the ISP should do in order to effect a solution instead of
compounding the problem is not entirely clear to me.  Perhaps a package
of links to sources of help could be offered in the event of infection.
Perhaps also virus scanners and firewalls, like ZoneAlarm, could be bundled
with the connection package.  A tutorial, run as part of the setup and
required before the connection is enabled, could introduce neophytes to
the dangers of the internet, and particularly those inherent in e-mail.
If the infection is prevented, this is best of all.

Just my $0.02.

Best regards,

Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois
60115

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Marc Ducharme: "RE:Nimda et.al. versus ISP responsibility ---> a few thoughts"
Previous message: Greg Dotoli: "Re: [RE: Nimda et.al. versus ISP responsibility]"
Maybe in reply to: Luc Pardon: "Nimda et.al. versus ISP responsibility"
Next in thread: Michael B. Morell: "RE: Nimda et.al. versus ISP responsibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 12:51:18 PDT