FCC to push ISPs for zombie crackdown

TalkBack 28 of 29:: Next »; « Previous

Thread View
Flat View

wrong solution.: You are mixing outgoing and incoming port numbers. Blocking all outgoing ports would prevent users connecting to their legit POP3 account, they could not read news, could not discuss on IRC,etc... And they could no longer connect to HTTPS sites.

The main issue is outgoing connections to remote SMTP port 25. What an ISP can do is to block all outgoing connections to remote port 25 except to the regular SMTP servers of the ISP. It'sthe job of ISPs to operate STMP servers with good performance and connectivity, and then to detect and filter spams there, possibly adding delays above some reasonnable threshold for emails that exceed some limitation (this delay will allow easier detection of spam, because fingerprints can be computed and compared to detect infected user's PCs that are infected by spambots.

As well the ISP should block incoming connections to port 25 of the user's PC (so that these PCs won't be simple open-relays), however this has limited efficiency, given that spambots can receive emails to forward from another random listening port, also not necessarily using the SMTP protocol.

Users that don't wish such filtering should be given an option to unblock this port, and ISPs should offer assistance to their users to clean their PCs of known or detected spambots.
ISPs can/should work with antivirus vendors to provide cleaning agents. Once auser PC is cleaned (by running the agent online on the ISP's assistance website, the user can then unblock this port if they still really need it, but users should be warned that they need to keep their PC secured, and that any later reinfection may force the ISP to block this port again).

When the ISP blocks the port, he should send an email to its customerto inform him of the issue, and contianing a link to their user assistance website where updated cleaning agents are available.

Another thing that ISPs should consider is to implement and propose a full-featured firewall running at the ISP side, instead (or in addition to) of the user's site, or to have this firewall integrated (and managed remotely according to user's preferences, with a default profilewithmaximum security) in the broadband access modem-router they rent to their customer.

Clearly, ISPs must make more to assist their users, with much more options and services (and the most vital security services offered without additional fees, given that the ISP will save money by reduced traffic through their Internet peerings, and better performance and scalability of their DNS cache servercurrently affected by the volume of spam their users are originating).; Posted by: PhilippeV Posted on: 12/27/05 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Come on, it's just not that hard... No_Ax_to_Grind | 05/23/05

True.. Xunil_Sierutuf | 05/23/05

Bwahahahaha!!! Jeff Spicoli | 05/23/05

Window and Genious Should NOT Be Used In The Same Sentence itanalyst | 05/23/05

But... But... There was a whole line in between! Xunil_Sierutuf | 05/23/05

Take the childish rants somewhere else. No_Ax_to_Grind | 05/23/05

Yeah Jeff Spicoli | 05/23/05

I agree, Kids should be taught early not to use MS products! Xunil_Sierutuf | 05/23/05

I Agree Bitty! itanalyst | 05/23/05

PKB Yagotta B. Kidding | 05/23/05

Re: come on alterego_z | 05/23/05

Port 25 RestonTechAlec | 05/23/05

Re: Port 25 alterego_z | 05/23/05

?Amateur? admins.. Whose is the amateur? thetruth_z | 05/23/05

Agreed RestonTechAlec | 05/23/05

You forgot one Yagotta B. Kidding | 05/23/05

Re: Port 25 none none | 05/23/05

"have those countries strengthen their own laws" - start with ours! CobraA1 | 05/23/05

Yes! the most efficientlegalsolutions are in US PhilippeV | 12/27/05

sir spamalot pesky_z | 05/23/05

Re: FCC to push ISPs for zombie crackdown none none | 05/23/05

Eradicating Spam at the source. james4shari | 05/23/05

Chasing the source Hsbarney@... | 05/24/05

Isolating Spammers in China james4shari | 05/25/05

Block all ports except 80 osreinstall | 05/23/05

There is only one problem with that Been_Done_Before | 05/24/05

One problem is right osreinstall | 05/24/05

wrong solution. PhilippeV | 12/27/05

Emule got random ports and AltPorts, why not zombieware GreatInca | 12/27/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
Can your business work smarter? Learn more about Lotus Symphony
Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
Smarter ways to make smarter products Read the brief from IBM

Read the original story

FCC to push ISPs for zombie crackdown

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads