ISPs Still Ignoring Zombie Botnets

Last year we discussed such "walled gardens" with a network engineer for Canadian cable provider Cogeco. The practice limits the Internet access of an infected customer -- only allowing access to ISP-hosted cleanup tutorials, patches and other resources. The practice lowers an ISP's call volume (as opposed to just cutting them off) while protecting other users on the network. Cogeco also offer free FSIS to all its subscibers, so they not only "wall" you, they also give you the tools to clean up your mess.

 

On the cogeco website, they link to articles about other ISP's (that are setting up walled gardens ) offering FSIS 2008 for free, from Asia to SouthAmerica. Becoming a bit of a trend, and helps keep customers too!

 

IMO, a decent ISP should:
- Check mails for spam, executables filetypes (they should be banned from mail) and viruses.
- Filter traffic on ports 135-139, 445, 1025 and the likes.
- Restrict (don't know how) port 25 usage.
- Ensure that their assigned IP block isn't used to host malware/phish sites.
- Provide a NAT+SPI unit w/instructions (i.e. change the default password, disable remote admin, etc) and a security suite for free.
- Blacklist bad sites through DNS (like OpenDNS)

 

And they supply filtered-webmail, but I bought my own router rather than a monthly-fee for theirs....

 

And 10mBps/s dLo speed for $30/month, I wish...

 

I'd be in heaven with 2M/256K and a quality connection (latency, DNS lookups, etc) for that amount of money

 

This ISP matter smells familiarly similar to Microsoft's Windows releases.

"IF" $M hired a global contingent of the sharpest programmers for each & every of their O/S's then where would that leave all the new spinoff businesses that the holes in it's O/S has created.

In like manner, i can't help but feel that MOST isp's do just enough to filter "some" malicious incomings & spam and let the rest ride their course.

Think about it though. If ALL isp's invested & implimented the best defense programs against such problems that make us the end user always jockying for more and more security purchases, a lot of companies would be sharply reduced to just a handful and others would cease to exist.

Then security programs for the end user would be limited to a scant few to ward off downloads that contained potential viruses and the like.

Whats your take on this?