Distributive Worm Blocking

wdebruij writes "According to this source (unfortunately in dutch), a number of dutch ISPs are bundling their forces to fight the spread of worms. The technology, called virbl, blocks all accesses from IP addresses from which at least 2 worms were sent for 24 hours, naturally excluding known large email servers. Background info on the project can be found at the developers' project site. So, does anyone have useful remarks on why this may succeed or fail? It appears to me as a simple to implement yet powerful, albeit stopgap, solution."

Re:Security by shutdown?

[Roguelazer]

Or, you could just post a link on slashdot to all infected systems. Same end effect.

We already had this in the NL

We already have a system based on killing your internet access whenever you do something stupid. We call it "Chello" and being subscribed to it is considered very stupid/ A viscious, though effective, circle.

I don't hate my ISP. Not at all. I love my cable internet with upload speeds that would make an ISDN user laugh...

Re:a new denial of service attack

[AcidPhish]

a human should have to OK it

The amount of stupid people outnumber the amount of any sensible life form. Therefore it will be impossible for people to protect themselves against people by the utilisation of people.

Maybe if you get an army of well trained monkeys and begin breeding them, we'll have a chance. However, that also raises the question whether the people capable to train monkeys and their trained monkey throughput can compare with the amout of new worms and fake addresses.

Ahem

[waldoj]

I proposed this 3.5 years ago on Advogato.

Just calling it up, 'cuz I never get credit for nothin'. :)

-Waldo Jaquith