Re: Nimda et.al. versus ISP responsibility

From: Brian Cervenka (brian@zerobelow.org)
Date: 09/28/01 

Date: Thu, 27 Sep 2001 15:56:28 -0700 (PDT)
From: Brian Cervenka <brian@zerobelow.org>
To: <incidents@securityfocus.com>
Subject: Re: Nimda et.al. versus ISP responsibility
Message-ID: <Pine.LNX.4.33.0109271547480.3500-100000@abalone.zerobelow.org>

I really think we need to have two classes of internet service. One for
technically savvy users, and one for my grandfather, and the millions of
users like him.

Most ISPs already offer this differentiation of service as a "personal"
account vs. a "business" account. There is a cost difference between them,
as there should be. The "personal" internet accounts should have somewhat
severe limits put onto them, such that they can not run servers, etc. The
business class accounts should not have the limits, or if they have the
limits by default, the ISP should allow the user to fill out a form or
check a box at signup which removes those limits. The AUP for many ISPs
(cable for example) states that a residential user is not allowed to run a
server -- so the legal issues of this are in place already.

While many users have the need to run their own servers, from what I hear,
the vast majority of CR and Nimda hosts are people who don't know they are
running a service -- such limitation would be a boon to those people.

Some ISPs actually have an option where they will install (and manage?)
some level of firewall service for their users. This is the way it should
be done.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Relevant Pages

  • Re: Dedicated service servers
    ... Most ISPs I know will have a dedicated web server and ... Most ISPs need you to explicitly choose to use their free webspace or not. ... option triggers the setup of an actual account on the webserver ... ... I think the NFS mount will fail in that instance, ...
    (Fedora)
  • Re: Fully spam/virus filtered mail, and reliable outbound relay
    ... > account. ... > servers/services as such. ... and my ISPs mailserver's IP). ... behaving people like me have to fork out the money for a "business class ...
    (sci.electronics.design)
  • Re: Fully spam/virus filtered mail, and reliable outbound relay
    ... > account. ... > servers/services as such. ... and my ISPs mailserver's IP). ... behaving people like me have to fork out the money for a "business class ...
    (comp.security.misc)
  • Re: OE6 on XPSP2 Deletes Email
    ... > ...Most ISPs ... > is the Primary account email and the other is a Sub Account email ... >> If your email addresses are all "aliases" for one mailbox, ... >> need Message Rules when using separate Identities/User Profiles. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Time for a change.... Any ideas?
    ... >one of the cheapest, and there is no limit to downloads. ... There's no written limit, but like most ISPs, including even Metronet, which ... peanuts on a 20 quid a month account... ...
    (uk.telecom.broadband)