Slashdot Mirror

← Back to Stories (view on slashdot.org)

ISPs Sign On To FCC Anti-Botnet Code of Conduct

Posted by Soulskill on from the hey-guys-be-nice-ok dept.

Trailrunner7 writes "The U.S.'s leading Internet Service Providers signed on to a new FCC code of conduct to limit the impact of major cyber security threats, including botnets, attacks on the Domain Name System and Internet routing attacks. AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile and Verizon were among the ISPs that participated in the agreement. 'The recommendations approved today identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners,' said FCC Chairman Julius Genachowski." A fact sheet from the FCC provides details on the recommendations, but they're pretty vague: "The CSRIC recommended ISPs participate in a U.S. Anti-Bot Code of Conduct (PDF) that encourages ISPs to engage in: (1) end-user education to prevent bot infections; (2) detection of bots; (3) notification of potential bot infections; (4) remediation of bots; and (5) collaboration and sharing of information." They also recommend broader adoption of DNSSEC and the development of an "industry framework" to combat IP route hijacking.

7 of 34 comments (clear)

  1. Oh good by Cornwallis · · Score: 5, Funny

    "...attacks on the Domain Name System and Internet routing attacks..."

    Something with teeth to finally stop the U.S. DOJ from shutting down websites arbitrarily.

    1. Re:Oh good by gknoy · · Score: 4, Interesting

      I'm sure it will be corrupted with parts that make it illegal to use alternate DNS providers...

  2. WHY? by Anonymous Coward · · Score: 3, Insightful

    Why does every little thing they do have to be for the CORPORATE networks and not the individuals?

    1. Re:WHY? by bws111 · · Score: 3, Informative

      It says commercial, not corporate. The only reason the FCC (as part of the federal government) has any authority at all (constitutionally) is because of interstate commerce.

  3. Take a step back and look. by Anonymous Coward · · Score: 5, Interesting

    Doesn't this mean that in order to detect the bots the ISPs must perform deep packet inspection, which everyone fought so hard against a few years ago?

  4. Good. by heypete · · Score: 5, Insightful

    Much of the abuse I see on the internet (such as spam, port scans, SSH login attempts, etc.) are from bots.

    Most of the individual users have no idea their computer is compromised, let alone any idea how to fix the problem. Having ISPs take a more active role in securing their networks and helping users secure their systems is a worthy endeavor.

  5. FCC == fail by gavron · · Score: 3, Insightful

    The FCC has no juris[my]diction on anything to do with the Internet other than the inter-lata circuits it may use.
    As to content, oversight, best practices, etc. they are not relevant.

    Botnets aren't necessarily bad (think SETI at home). Cloud computing isn't bad. Encryption isn't bad.

    You know what's bad? "Throttling", "N strikes", "watching your users' content". Those are all wrong.

    E