Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #61   Report Post  
Old September 29th 03, 03:22 AM
Roger Halstead
 
Posts: n/a
Default

On Wed, 24 Sep 2003 18:49:23 -0400, --exray-- wrote:

Henry Kolesnik wrote:

Any suggestions on a good ISP


On a more positive note than my last comment you can check to see which
ISPs in your area provide the ability to establish your own filtering at
the server so that if this ever happens again, and I'm sure it will,
then you can stop it (and other garbage) at the server based on your own
criteria.


I've been using a service like that which covers quite a few states.
They use filtering that has a core functionality and then you can add
your own choices on top of that.

If something slips through, I just forward the message back to the IPS
as an attachment and they add it to the blocked list.

It works pretty well and greatly reduces the load on my own filters.

Roger Halstead (K8RI EN73 & ARRL Life Member)
www.rogerhalstead.com
N833R World's oldest Debonair? (S# CD-2)

Just check the website homepages of the ISPs operating in your locale
and if they have such a feature surely they will tout it. More and more
are going in this direction.
As far as customer service, one of the ISPs I use has a fully automated
management system to add email accounts, change passwords, etc. There's
really no reason to ever have to call them.

-Bill M


  #62   Report Post  
Old September 29th 03, 06:27 AM
Robert Bonomi
 
Posts: n/a
Default

In article ,
Roger Halstead wrote:


On Sun, 28 Sep 2003 06:52:17 GMT, bonomi@c-ns. (Robert Bonomi) wrote:

In article ,
Roger Halstead wrote:


On thing about this thread:

Posting on a group to get users to check for viruses is unlikely to
accomplish much, although I do have to say this one at least generated
a lot of discussion. Some of it has been down right educational.

snip

There's no need to 'share' the information with anybody else. Just
disable their access, "temporarily", and don't let 'em back on until
they 'prove' that the problem has been fixed.


The sharing would prevent them from just getting on another provider
although that might not be necessary.

"I think" it would do far more in a few days than any
amount of education we could give those users.



*ABSOLUTELY* YES!!!


Monitoring for viruses at the source and terminating the user (or
just suspending their account) as soon as a sent message is detected
would keep the effect of viruses contained and the effect to a
minimum.



There's the rub. That "monitoring". First, you have to 'detect' the
problem. *WHATEVER* approach you take to that monitoring/detection,
it takes resources, and costs money. There are some relatively simple
approaches, but they involve 'adding inconvenience' to the 'non misbehaving'


I'm not even approaching the spam issue, but yes, it would have to be
something like Norton AV does. Scanning all outgoing mail


"Scanning all outgoing mail" *is* the difficulty. It's "easy" to do _at_the_
_originating_machine_ (which is what Norton AV does). Trying to do it at
some "upstream" location is a "whole 'nother can of worms". If the message
is 'relayed' through the ISP's outgoing mail servers, then it can be filtered
at that point. Unfortunately, a lot of 'non-passive' viruses have a _self-_
_contained_ mail-sending function, that does -not- forward to the ISP's mail-
server, but sends _directly_ to the victim network. Trying to filter _that_
kind of traffic is a much more difficult problem.

"Radio" equivalent: It's _easy_ to censor message traffic _before_ it gets
to the transmitter. Trying to do the same thing _after_ the message has left
the transmitting antenna is _qualitatively_ different. If you can enclose
the antenna in a Faraday Cage, along with a receiving antenna, then you can
do censoring on those 'recovered' messages, before feeding them to a 're-
transmitter' that is outside of the Faraday cage.

An ISP has precisely _three_ options, with regard to checking outgoing mail:
1) Put all customers in a Faraday-Cage equivalent, and require them to
'wire' all mail to the ISP's servers, which are outside the Cage.
2) The Faraday-cage equivalent, with the receiver/re-transmitter setup.
3) Simply 'monitoring' the customer-operated transmitters, and cutting the
power to anybody that sends "forbidden" content.

*All* of these approaches require that the ISP have enough processing power
to handle _all_ the messages that all their customers send, combined. In a
typical set-up, customers that send 'significant' amounts of mail _usually_
run their own 'transmitter', which does _not_ impact the ISP's mail-handling
capabilities *at*all*. Yes, the 'routers' have to handle the packets, but
they are _very_ specialized pieces of equipment, designed for 'passing the
packet', _without_ any awareness of the content. Adding _any_ check on
the 'content' -- even, for example, a check to see that the 'sender' IP
address is one that is part of _their_ network ( without regard to whether
that address is actually assigned to the particular customer that originated
that packet) -- can degrade router performance by two orders of magnitude.
Implementing the 'Faraday cage' equivalent (with or *without* the relay
transmitter) incurs similar performance penalties.

That's one h*ll of a 'performance hit'. With the *best* equipment on the
market. There is 'cheaper' stuff that doesn't have as big a 'penalty', but
it gets that because its 'optimum' performance is *much* lower.

If you're running even 'medium big' networks, and the current equipment is
running anywhere close to capacity, upgrades are _very_ expensive. You may
have to replace $30,000 devices with $100,000+ ones. A significant 'regional'
ISP will likely have a few -hundred- such devices that would need to be
replaces. One of the 'big boys' -- e.g. AOL, Earthlink, ATT, MSN, easily
has _thousands_. Let's use AOL for an example. Approx. 9 million US
customers. Assume they have physical facilities in the 500 largest U.S.
metro areas. with, say 3 routers requiring upgrades in each location.
1500 new machines at a net cost of $85,000-90,000 each (postulating a
$100k replacement cost, and that you can sell the 'used' $30k box for
33%-50% of 'new'). total cost: circa $130 _million. If they have
profits of $5/customer/year, that 'upgrade' costs them _all_ their
profits for roughly _three_ years. *OUCH*! Big time.


[[.. munch ..]]

The ISP business is rife with cut-throat competition, and, literally, $1 or
$2 per customer per month can make the difference between being in the black,
and bankruptcy.


Sometimes it's less than that. However they still have to have enough
positive cash flow to stay afloat.


True. A successful ISP might have profits of $3-4/customer *per*year*.

  #63   Report Post  
Old September 29th 03, 06:27 AM
Robert Bonomi
 
Posts: n/a
Default

In article ,
Roger Halstead wrote:


On Sun, 28 Sep 2003 06:52:17 GMT, bonomi@c-ns. (Robert Bonomi) wrote:

In article ,
Roger Halstead wrote:


On thing about this thread:

Posting on a group to get users to check for viruses is unlikely to
accomplish much, although I do have to say this one at least generated
a lot of discussion. Some of it has been down right educational.

snip

There's no need to 'share' the information with anybody else. Just
disable their access, "temporarily", and don't let 'em back on until
they 'prove' that the problem has been fixed.


The sharing would prevent them from just getting on another provider
although that might not be necessary.

"I think" it would do far more in a few days than any
amount of education we could give those users.



*ABSOLUTELY* YES!!!


Monitoring for viruses at the source and terminating the user (or
just suspending their account) as soon as a sent message is detected
would keep the effect of viruses contained and the effect to a
minimum.



There's the rub. That "monitoring". First, you have to 'detect' the
problem. *WHATEVER* approach you take to that monitoring/detection,
it takes resources, and costs money. There are some relatively simple
approaches, but they involve 'adding inconvenience' to the 'non misbehaving'


I'm not even approaching the spam issue, but yes, it would have to be
something like Norton AV does. Scanning all outgoing mail


"Scanning all outgoing mail" *is* the difficulty. It's "easy" to do _at_the_
_originating_machine_ (which is what Norton AV does). Trying to do it at
some "upstream" location is a "whole 'nother can of worms". If the message
is 'relayed' through the ISP's outgoing mail servers, then it can be filtered
at that point. Unfortunately, a lot of 'non-passive' viruses have a _self-_
_contained_ mail-sending function, that does -not- forward to the ISP's mail-
server, but sends _directly_ to the victim network. Trying to filter _that_
kind of traffic is a much more difficult problem.

"Radio" equivalent: It's _easy_ to censor message traffic _before_ it gets
to the transmitter. Trying to do the same thing _after_ the message has left
the transmitting antenna is _qualitatively_ different. If you can enclose
the antenna in a Faraday Cage, along with a receiving antenna, then you can
do censoring on those 'recovered' messages, before feeding them to a 're-
transmitter' that is outside of the Faraday cage.

An ISP has precisely _three_ options, with regard to checking outgoing mail:
1) Put all customers in a Faraday-Cage equivalent, and require them to
'wire' all mail to the ISP's servers, which are outside the Cage.
2) The Faraday-cage equivalent, with the receiver/re-transmitter setup.
3) Simply 'monitoring' the customer-operated transmitters, and cutting the
power to anybody that sends "forbidden" content.

*All* of these approaches require that the ISP have enough processing power
to handle _all_ the messages that all their customers send, combined. In a
typical set-up, customers that send 'significant' amounts of mail _usually_
run their own 'transmitter', which does _not_ impact the ISP's mail-handling
capabilities *at*all*. Yes, the 'routers' have to handle the packets, but
they are _very_ specialized pieces of equipment, designed for 'passing the
packet', _without_ any awareness of the content. Adding _any_ check on
the 'content' -- even, for example, a check to see that the 'sender' IP
address is one that is part of _their_ network ( without regard to whether
that address is actually assigned to the particular customer that originated
that packet) -- can degrade router performance by two orders of magnitude.
Implementing the 'Faraday cage' equivalent (with or *without* the relay
transmitter) incurs similar performance penalties.

That's one h*ll of a 'performance hit'. With the *best* equipment on the
market. There is 'cheaper' stuff that doesn't have as big a 'penalty', but
it gets that because its 'optimum' performance is *much* lower.

If you're running even 'medium big' networks, and the current equipment is
running anywhere close to capacity, upgrades are _very_ expensive. You may
have to replace $30,000 devices with $100,000+ ones. A significant 'regional'
ISP will likely have a few -hundred- such devices that would need to be
replaces. One of the 'big boys' -- e.g. AOL, Earthlink, ATT, MSN, easily
has _thousands_. Let's use AOL for an example. Approx. 9 million US
customers. Assume they have physical facilities in the 500 largest U.S.
metro areas. with, say 3 routers requiring upgrades in each location.
1500 new machines at a net cost of $85,000-90,000 each (postulating a
$100k replacement cost, and that you can sell the 'used' $30k box for
33%-50% of 'new'). total cost: circa $130 _million. If they have
profits of $5/customer/year, that 'upgrade' costs them _all_ their
profits for roughly _three_ years. *OUCH*! Big time.


[[.. munch ..]]

The ISP business is rife with cut-throat competition, and, literally, $1 or
$2 per customer per month can make the difference between being in the black,
and bankruptcy.


Sometimes it's less than that. However they still have to have enough
positive cash flow to stay afloat.


True. A successful ISP might have profits of $3-4/customer *per*year*.

  #64   Report Post  
Old September 29th 03, 12:46 PM
David Stinson
 
Posts: n/a
Default


As has been written in this thread- there is no good ISP based solution
to this problem.

There really is only one real fix-
Make the penalty for creating one of these viruses so severe
that no one will ever do it again.
Twenty years without parole for the original creator,
ten for any "copy cats" sounds like a good start to me.
D.S.
  #65   Report Post  
Old September 29th 03, 12:46 PM
David Stinson
 
Posts: n/a
Default


As has been written in this thread- there is no good ISP based solution
to this problem.

There really is only one real fix-
Make the penalty for creating one of these viruses so severe
that no one will ever do it again.
Twenty years without parole for the original creator,
ten for any "copy cats" sounds like a good start to me.
D.S.
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wizard Radio in Seven Corners, VA, to receive WHFS in Annapolis-followup Doug Goncz Antenna 18 September 11th 04 06:06 PM
What Exactly is a Radio Wave? jj Antenna 25 November 3rd 03 01:14 AM
How to connect external antenna to GE Super Radio III Jim Antenna 2 October 18th 03 03:12 PM
Review: Amateur Radio Companion 3rd Edition Mick Antenna 0 September 24th 03 08:38 AM
Vintage radio books for sale OCEANRADIO Boatanchors 0 August 6th 03 12:09 AM


All times are GMT +1. The time now is 02:39 PM.

Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 RadioBanter.
The comments are property of their posters.
 

About Us

"It's about Radio"

 

Copyright © 2017