On Sun, 4 Oct 2009, Owen DeLong wrote:
* Provide a short period of time (3 days) after notification and before
disconnect to give an opportunity to fix the issue without service
interruption
Uh... Here I differ. The rest of the internet should put up with the abuse
flowing out of your network for 3 days to avoid disruption to you? Why?
Sorry, if you have a customer who is sourcing malicious activity, whether
intentional or by accident, I believe the ISP should take whatever action
is necessary to stop the outflow of that malicious behavior as quickly
as possible while simultaneously making all reasonable effort to contact
the customer in question.
Yeah, after a few people privately emailed me regarding the same, the
short period of time should be thrown out, for the good of the rest of the
'net.
The "short period" was initially intended for infections that were not
active or immediately impacting, but were detected to be infected
none-the-less. Assuming active "bad behavior" immediate disconnect is
prudent and wise.
As our ability to remotely detect virus and trojans improves, I suspect
such an ISP-provided service would as well.
* Offer a simple, automated way to get the connection re-tested and
unblocked immediately (within 15 minutes) using a web service
accessible even if the connection is blocked
Either a web interface or even a telephonic process. It doesn't necessarily
need to be automated, but, it shouldn't be a 3 day wait for a technician
to get back to you. It should definitely be a pretty rapid process once
the abuse is resolved.
Agreed. Another emailer mentioned that it's not always simple to
determine if the abuse is resolved or not, nor is it easy to explain this
to a non-technical customer in a way that makes them happy with their
service being cut off. However it is ignorance and lack of maintenance
that makes viruses and botnets so prevelant that it may just be time to
bite the bullet and force users to learn how to maintain their machines.
* Force the customer to call customer service to ask for a retest or
reconnect
I don't really see a problem with this, so long as customer service is
responsive to such a call.
I like self-service. If it is 3am and staff is not available, making the
process automated would be ideal. If the staff is 24/7, agreed.
Beckman
---------------------------------------------------------------------------
Peter Beckman Internet Guy
beck...@angryox.com http://www.angryox.com/
---------------------------------------------------------------------------