Slashdot Mirror

← Back to Stories (view on slashdot.org)

FCC Chair Calls On ISPs To Adopt New Security Measures

Posted by samzenpus on from the do-better dept.

alphadogg writes "U.S. Internet service providers should take new steps to protect subscribers against cyber attacks, including notifying customers when their computers are compromised, the chairman of the FCC said Wednesday. Julius Genachowski called on ISPs to notify subscribers whose computers are infected with malware and tied to a botnet and to develop a code of conduct to combat botnets. Genachowski also called on ISPs to adopt secure routing standards to protect against Internet Protocol hijacking and to implement DNSSEC, a suite of security tools for the Internet's Domain Name System."

6 of 110 comments (clear)

  1. Re:How would they know you have a virus by chemicaldave · · Score: 4, Insightful

    They don't have to see the infection itself, just the symptoms. Frankly, ISPs could probably give a damn about viruses. It's botnets that are the problem. If they see traffic from your IP directed towards a known botnet command node then they can probably assume your machine was compromised.
    Unfortunately the issue of inspecting traffic is a tricky one, etc, etc.

  2. Customer Contact by Nethead · · Score: 4, Insightful

    Back in the late '90s that's how we worked at ISPs. If we notices weird traffic on an account or were getting spam complaints, we'd call up the customer. If we couldn't get a hold of them we would disable the account until they called. Some kid pumping out Make Money Fast emails, we'd call mom and have a chat.

    Then all the local ISPs got bought up by telco and cable companies. The price didn't go down, just the service.

    I'm glad I'm still on one of the last local Mom&Pop ISPs in the area, when I call support I get a guy that actually has enable to the routers. It costs about $15/month more but I'm willing to pay for the service I get.

    --
    -- I have a private email server in my basement.
  3. Re:Torrents by parlancex · · Score: 4, Insightful

    Actually, there are probably a lot of malware authors giddy at the thought of a legitimate malware notification service. There have already have already been large phone campaigns by botnet creators with the phony premise that the callee's computer is infected, with phony instructions to remove the infection (install new malware, obviously). Once there actually IS a legitimate service doing this it will be even harder for less tech savvy people to tell the difference.

  4. One Has To Wonder About Motivation by Jane+Q.+Public · · Score: 4, Insightful

    Given that most knowledgeable people seem to think it's a bad idea... I have to wonder why government keeps coming up with schemes that essentially require monitoring by the ISP.

    I mean, when you consider that as a practical matter, an ISP is (or at least should be) just a common carrier, like a telephone company. In fact the FCC originally -- and even very recently -- wanted to classify ISPs as common carriers. Which would preclude any monitoring. So what's up with all these monitoring ideas?

    Are they maybe just trying to get some kind of monitoring in place, so that they can expand it later?

  5. Re:Torrents by PopeRatzo · · Score: 5, Insightful

    I think what we need is to promote an awareness of just how important the Internet is, that screwing around with it for any reason other than good engineering is a bad idea.

    First, we might need to promote an awareness of just what the Internet actually is. How it works and why.

    We've got young people who don't recall a time before Internet, and don't know how and why it came into being and know nothing about it's potential. To many of them, it's just another shopping mall/arcade.

    For my money, the Electronic Freedom Foundation is currently doing the best work in this regard, so I send them money. But it also takes those of us who do have some awareness of these things taking the time to explain it. To advocate for it. To protect it. We have to make sure our shared memories, our shared culture, survives.

    There are a lot of powerful forces that would love to turn the Internet into the home shopping network on steroids. Into a one-way media outlet that tells us what's what. Into just another "cool" medium.

    We have to use the power of our oral tradition and our written tradition to spread the word on a person to person level. One to one and one to many. We must fight on the blogs, we must fight in the comment sections, we have to fight on the streets and on the beaches, We must never surrender. (OK, I got a little carried away at the end there, but you get the idea).

    --
    You are welcome on my lawn.
  6. Re:Torrents by fluffy99 · · Score: 4, Insightful

    I don't want the govt involved in the internet, and they have a crappy track record on dealing with botnets.

    If you're port scanning multiple IPs, then you fit the profile of an attacker and need to be looked at. Bulk mail is another issue. It would be reasonable to notify customers that their computers are sending large volumes of email. If the customer isn't aware of it, then they just got a clue that they might be infected. Sending bulk mail, especially not using the ISPs relay, is often against the TOS.

    I was talking about inbound as well as outbound. If your ISP sees someone port scanning through their address space looking for open ports, blocking them makes sense. It also makes sense to watch for users inside their space port scanning. It's no different than the cops stopping someone who is walking through the neighborhood checking the doors. Rate limiting stuff like icmp works just fine, as does ingress filtering stuff you shouldn't be seeing. If a connection is spewing 500 pings a minute for 10 minutes, it's pretty unlikely it's for a legitimate reason. Another example if dropping packets which appear to be from bogons. Or noticing clients that appear to be doing syn attacks or the like.

    Really, it's not hard to detect computers acting badly.