Ian Perry wrote: > Its a pity those people are so lame and irresponsible that they are not > doing anything about it.
A lot of them are dialup or PPPOE (cable/DSL) machines owned by Joe Consumer, who probably doesn't even know that Windows NT/2000 came with a free web server. He also doesn't know what a firewall is, or why he should want one. > I actually began looking at the web pages, and emailing the web admin or > contact point but with a packet coming in every few minutes it became > impossible. It also seemed to be a waste of time as most of these sites are > still online and attempting to spread the virus. The other fact that when > the IP is looked up there is absolutely no record of where or who it is > makes it almost impossible to alert them of their predicament. I just got a hit from a machine that the 'host' command identifies as "dsl081-023-031.sea1.dsl.speakeasy.net". Hmm, I see "DSL" twice in there. Another home user, I bet. > Don't these people have a legal and moral responsibility to ensure that > their system is free from spreading the virus and damaging other systems ? > Where is their duty of care. Blame Microsoft for bundling tons of crap into their OS and installing it all by default. Blame the ISPs for not filtering this stuff out once it hits the headlines, and for not telling their subscribers about firewalls. The end users really don't know what's going on, and they shouldn't have to; they're not computer professional for the most part, or particuarly technically literate. They're just home computer users who like using the Internet. If they've heard about Code Red at all, they probably still have no idea it could have anything to do with them. I'm a DSL user too, but as a professional software engineer with experience in developing network management tools, I knew what I was getting into. I bought a Linksys DSL router before my DSL line was even installed. But you can't expect the average computer user to do that. > If they initiate an attack on me, don't I have a right to defend my site, a > commercial enterprise, against them to stop THEIR attacks on my network ? Well, aside from your firewall, what are you going to do? You can complain to their ISPs if you like. Craig
