Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should ISPs Cut Off Bot-infected Users?

Posted by CmdrTaco on from the excising-the-tumor dept.

richi writes "There's no doubt that botnets are a major threat to the safety and stability of the internet — not to mention the cleanliness of your inbox. After years of failure to act, could we finally be seeing ISPs waking up to their responsibilities? While ISPs can't prevent users getting infected with bots, they are in a superb position to detect the signs of infection. Contractually, the ISP would be reasonably justified in cutting off a user from the internet, as bot infection would be contrary to the terms of the ISP's acceptable-use policy."

4 of 486 comments (clear)

  1. Yes by grub · · Score: 5, Insightful


    Should ISPs Cut Off Bot-infected Users?

    Yes. Some ISPs already cut off P2P users. By comparison botnets are a real threat.

    --
    Trolling is a art,
  2. Re:Lets ask in different context by Yalius · · Score: 5, Interesting

    Because you've apparently never been blacklisted because one of your members sent comcast.net 250,000 spam emails in a 24-hour period. Because you've never had your SMTP server so overloaded with botnetted messages that delays of up to an hour were occurring for legit traffic. Because you've never had to block port 25 for out-of-area SMTP traffic because of complaints from other local partner ISPs. Yes, we disable access for identified botnet members and spammers. The infections of a handful of our members' PCs aren't going to ruin the experience for our other 6500 members.

  3. Re:Of course... by gunnk · · Score: 5, Insightful

    No. You have a DOCTOR cut it out. The question here is whether or not most ISP's are competent in determining what really is bot activity. A bunch of false positives will be miserable -- as will having to prove to some first-tier customer support person that your system is not infected (as in never was) or that it is actually cleaned and should be allowed back online.

    And pity the person that has their ISP connection blocked that uses voice over IP to call customer support. If the ISP blocks the MODEM life is going to be interesting.

    Oh, and you won't need to look up that phone number, will you?

    Overall, getting infected systems of the net is a wonderful idea, but one that could be a complete mess if done poorly.

    --
    Life is short: void the warranty.
  4. Slight hypocrisy. by CannonballHead · · Score: 5, Insightful

    So on one hand, ISPs should not regulate the type of traffic and should not sniff, etc...

    On the other hand, ISPs should cut off virus-infected computers. Apparently, they ARE sniffing or monitoring in some way in order to cut you off.

    Just wait for a company to decide that being a torrent feeder is being part of a botnet and thus torrent feeders must be cut off. Good luck getting back on again.

    If it is really botnet activity, why not just block the botnet activity but not the non-botnet activity? If you can't determine if it's botnet activity well enough, then how are you going to choose who gets cut off?

    (I am not necessarily decidedly against this, but at the moment, it seems to be somewhat hypocritical to be against ISP filtering and for ISP cutting off [on their own]. Enlighten me. :) )