From: Dave Rand (no email)
Date: Tue Jun 08 2010 - 16:12:18 EDT
[In the message entitled "Re: Nato warns of strike against cyber attackers" on Jun 8, 16:03, "J. Oquendo" writes:]
> All humor aside, I'm curious to know what can anyone truly do at the end
> of the day if say a botnet was used to instigate a situation. Surely
> someone would have to say something to the tune of "better now than
> never" to implement BCP filtering on a large scale. Knobs, Levers, Dials
> and Switches: Now and Then (please sir, may I have some more ?) is 7
> years old yet I wonder in practice, how many networks have 38/84
> filtering. I'm wondering why it hasn't been implemented off the shelf in
> some of the newer equipment. This is not to say "huge backbones" should
> have it, but think about it, if smaller networks implemented it from the
> rip, the overheard wouldn't hurt that many of the bigger guys. On the
> contrary, my theory is it would save them headaches in the long run...
> Guess that's a pragmatic approach. Better that than an immediate
> pessimistic one.
It's really way, way past time for us to actually deal with compromised
computers on our networks. Abuse desks need to have the power to filter
customers immediately on notification of activity. We need to have tools to
help us identify compromised customers. We need to have policies that
actually work to help notify the customers when they are compromised.
None of this needs to be done for free. There needs to be a "security
fee" charged _all_ customers, which would fund the abuse desk.
With more than 100,000,000 compromised computers out there, it's really
time for us to step up to the plate, and make this happen.