To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- One approach is to de-activate the customer's network access and hope they call the ISP customer support. When you de-activate, you put a notation against the customer account that they have a BOT/infection. Most ISP/business have decent CRM systems that allow you to put text notations against a customer account. We told the reps to have the customer install Anti-Virus software.
You control the deactivation rate, so you can control the flow of calls to the customer support team. It increases the cost of customer support but is a nice way of not having to call the customer. We did this and it works quite well at 10 customers a day. The problem is when the customer continue to get re-infected. Its a little frustating to the customer but the process seems to work. There is no compliance checking model, once the customer calls we re-activate their access. We deactivate after a couple of days if they still show signs of infection. Ashish -----Original Message----- From: Gadi Evron [mailto:[EMAIL PROTECTED] Sent: Monday, October 16, 2006 7:46 AM To: [email protected] Subject: [botnets] QoS and bot traffic ...... How can this be done using today's technology? Does it require re-design of hardware or new systems to be designed? I hope to find out and get a proposal ready, Gadi. _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
