Page 1 of 3 123 LastLast
Results 1 to 15 of 36
  1. #1
    2 Star Lounger
    Join Date
    Oct 2009
    Location
    Shoreline, Washington, USA
    Posts
    147
    Thanks
    0
    Thanked 1 Time in 1 Post





    TOP STORY

    Should your personal computer be quarantined?


    By Robert Vamosi

    A hot topic at last week's RSA Conference in San Francisco was how to stem the flood of botnet-infected PCs.

    The controversial solution posed by a Microsoft security executive? Quarantine them.

    The full text of this column is posted at WindowsSecrets.com/2010/03/11/02 (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.


    Last edited by revia; 2011-01-20 at 15:58.

  2. #2
    New Lounger
    Join Date
    Dec 2009
    Location
    New Zealand
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts
    A 'Wild West' analogy is useful to show how passively awful your stance is.

    The anti-spam & security industry is busy selling defences and tools for monitoring attacks. No-one has yet got around to calling in the Marshall, the Sheriff, or anyone else who will mount a good offense. There is no win, in simply counting how many bullet holes we are receiving.

    I agree with the Microsoft stance - we need to go onto an active process to hold ISPs and purveyors of spam to account for their anti-social behaviours. If someone is stupid enough to continue to run a zombie computer, then it is entirely appropriate to defend oneself from it with an effective offense.

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    Wales
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    To quarantine a PC, your ISP doesn't need access to it, just the traffic it sends. The ISP already has access to this because it is transmitting and routing the traffic.

    Microsoft do this sort of thing all the time at conferences where all network traffic from delegates' PCs is routed through ISA Server and inspected for signs of infection in real-time. If any signs of infection are detected, requests from that PC for an Internet page is redirected to a page on the ISA Server which says "your PC appears to have a problem - please come to the IT Support booth". The technicians there then help the delegate clean their machine and install/update anti-malware. This kind of service works very well in a conference environment, protecting all delegates from cross-infection by the infected PC but also protecting the bandwidth from abuse by the malware so it is available for the other delegates.

    Scaling this scenario up to the ISP level makes sense and it doesn't matter that not every ISP in the world is doing it. It would be an extra layer of protection for all the customers of the ISP that does and so a reason to take that ISP's service over another that doesn't offer that protection.

    Simon Jones

  4. #4
    Lounger
    Join Date
    Dec 2009
    Location
    Manitoba, Canada
    Posts
    31
    Thanks
    0
    Thanked 4 Times in 2 Posts
    My first thought was "good idea". But then I realized it was simply a MS scam. They peddle bug ridden software and expect everyone else to fix their problem.

    The problem I have with it is the follow through. Sure it is easy enough for ISP to identify suspicious traffic and block it, then what. The ISP has to pay the cost of the support call to fix the problem? Works well for the M$ bottom line.

    OK, granted MS isn't the only one with buggy software but they have the market by a long shot.

  5. #5
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    966
    Thanks
    19
    Thanked 4 Times in 4 Posts
    I think quarantine is a good idea. YOU are responsible for your computer. If it is not safe, then it should not be allowed to mingle with other computers.

    Alternatively, they could charge the computer owner a higher fee that increases regularly until the computer is certified fixed.

    And consider the economic benefits - this would increase the opportunities for computer consultants,which would be good given the large number of unemployed people.

  6. #6
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Some mixed feelings about this, but overal more favorable than not.
    Software makers don't deserve the full blame for this. If you can't manage to keep your computer clean for any length of time,
    then maybe you should suffer the inconvienience of being singled out and quarentined now and then. Negative reinforcement
    can be a good teacher for some folks.
    Obviously I don't have a whole lot of sympathy for those who by ignorance or apathy, help perpetuate botnets on their personal computers.
    There ought to rightfully be a way to protect the rest of us from them. Removing the botnet problem can go along way in terms of thwarting many professional attacks.
    I don't like the idea of a draconian style control and regulation of the internet either.

    No real solution to this except time, general education, and conscientious software makers.
    And most importantly; Open & fair international regulations.
    Maybe the next generation will be more tech suave and security concious.
    Hopefully.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  7. #7
    New Lounger
    Join Date
    Mar 2010
    Location
    Tegal, Jawa Tengah, INDONESIA
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It's a difficult situation. Since I'm not an expert in the field, just an ordinary PC User. So, I'll not able to solve the problem. Just to add comment about your suggestion to use ZoneAlarm Free Firewall. AFAIK, the free version of Zone Alarm is the worst of firewall programs based on many reviews. I suggest to use the free version of COMODO Internet Security ( http://download.comodo.com/cis/downl..._installer.exe ). It include the AV. It's not perfect and for average users often frustrating due to pop up windows. But it's one of the best free firewall. Or better use Outpost Firewall - the free version ( http://free.agnitum.com/ ). Further, it's wise to run two AVs in one PC as you suggested "Together, these products can do a good job of eliminating malware without the expense of annual subscription fees"? IMHO, running two AVs in one PC is troublesome. Thanks.

  8. #8
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Hartford, WI, USA
    Posts
    370
    Thanks
    153
    Thanked 62 Times in 37 Posts
    Quarantining? Will never happen, too many players IMHO.

    I strongly object to "recommending" AVG, ZoneAlarm and so on. I am out working with customer's computers every day; by far most people have medium old (4 years plus) single cpu machines with limited RAM. AVG bogs such machines down to nowhere.

    ZoneAlarm once, many years ago, was a good firewall. But hey, don't you know that since August 2004 (release of SP2 for XP) the Windows firewall runs efficiently and reliably _without_ bugging grandma/-pa with techie questions they don't understand? Boy oh boy, reality in the field is so much different from all these office desk chair discussions.

    I would not mind my ISP virus checking all my traffic; Google Docs doesn't even allow me to store a zipped (known virus free) exe file!

    I think it is simply a sign of the right hand not knowing what the left hand does that a MS Big shot talks of quarantining zombie computers but Hotmail accounts distribute spam with known malicious links and viral attachments. What a joke.

    Sorry for the rant.
    Eike J Heinze
    What I am about
    SE Wisconsin

  9. #9
    Star Lounger
    Join Date
    Dec 2009
    Location
    Kingston, ON, Canada
    Posts
    91
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Pro-active measures to stop the illegal use of facilities, including individual's PCs, is a laudable effort. Taking measures to stop spam is not. Spam may be repugnant but it is not illegal. One can make the argument that it is a valid form of business enterprise. If the terms of service that the spammer enters into with his service provider allows spam, then it is safe to assume the spammer has paid for the right to send spam. Unless and until spam becomes illegal, nobody has the right to impose a ban because they find it repugnant. It is analogous to the individuals right to use the Post Office to send junk mail provided they pay the postage.

    As for the "free" security measures suggested, I suggest they are only appropriate for individuals who have the knowledge and capability to understand how to configure and use them along with a host of other administrative practises that are part of running a sound and safe system. Such capable individuals are likely the type who appreciate how much work is involved and are likely to elect to spend $20 on a comprehensive commercial security package that does everything pretty well automatically in a seamless integrated package. For the huge number of not-so-capable individuals, the appropriate recommendation is to spend $20 for a comprehensive commercial security package that does everything pretty well automatically in a seamless integrated package.

  10. #10
    New Lounger
    Join Date
    Mar 2010
    Location
    Los Angeles
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='Andrew Ollivier' date='2010-03-11 00:02' timestamp='1268294556' post='829998']
    A 'Wild West' analogy is useful to show how passively awful your stance is.

    The anti-spam & security industry is busy selling defences and tools for monitoring attacks. No-one has yet got around to calling in the Marshall, the Sheriff, or anyone else who will mount a good offense. There is no win, in simply counting how many bullet holes we are receiving."


    Yay! I'm very happy to hear someone echo my thoughts on this! I sure wish our youth would put a little time into helping develop a counter-offense. We've been playing "rope-a-dope" with these bozos for too long. There must be some way for our cpu's to take an attempted hack and turn it into a counter-weapon - sort of like cyber-jiu-jitsu...

    But no to quarantines - except in cases of regional or national security. BTW - I'm using a 5yr old mach. running XP; I recommend Eset's NOD32, which I use in combo with NoScript(free), Ad-Aware(free), WinDefender(free), Firefox(free), and my router. Might be over-kill, but a layered defense is a good defense.

  11. #11
    New Lounger
    Join Date
    Dec 2009
    Location
    Southwest Michigan
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by ron007 View Post
    My first thought was "good idea". But then I realized it was simply a MS scam. They peddle bug ridden software and expect everyone else to fix their problem.

    The problem I have with it is the follow through. Sure it is easy enough for ISP to identify suspicious traffic and block it, then what. The ISP has to pay the cost of the support call to fix the problem? Works well for the M$ bottom line.

    OK, granted MS isn't the only one with buggy software but they have the market by a long shot.
    I realize this forum is for users running Windows, but if you were to take the second hand smoke analogy to the logical conclusion, then the answer is to ban machines running Windows software from the internet. This would be a great boost for Macintosh and Linux.

    However if you take Microsofts prefered solution that the ISP only permits Windows machines with specified patches, what an easy way to kill the competition from Macs and Linux.

    I like a machine that just works, and I don't have to futz with patches and constantly updating ant-malware, and having to babysit to make sure it doesn't automagically decide to reboot for this excuse or that while I'm in the middle of work. Running Windows does not provide this ease of use experience.

    I understand that NOT USING WINDOWS, is not a fix for people trying to run Windows and solving the problems presented with Microsoft's products, and for that I apologize. But the proposal from a Microsoft executive that tries to force Microsoft policies on all users of the internet for the benefit of Microsoft was just too much.

  12. #12
    New Lounger
    Join Date
    Mar 2010
    Location
    Greensboro, NC
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Time warner Cable has been doing this for years, at least in the South Eastern U.S. You send out enough malware and they will send you a letter giving you 30 days to clean up your act. Listen, computers have been around long enough for people to know how to take care of them responsibly. I would use the car anology. You have to maintain your vehicle to a certain minimum saftey standard in order to drive on the public roads. Brakes, emissions, lights, etc. 99% of the drivers cannot maintain their automobiles themselves so they go out and hire a mechanic.

    Computers are no different. They are just as vital today to our lives, and the lives of others. They can also cause just as much harm when not maintained properly. Just ask anyone who has ever had their identity stolen. We all pay for cyber crimes one way or another, even those of us who maintain our systems.

    Also would everyone stop recommending people use free protection software! AVG AV is a great prodcut but it does not provide real time protection from spyware. As computer professional we need to alert computer users that there are more threats than just viruses. There are whole catagories of Malware that virus scanners do not protect from. People need to get into the mind set that computer ownership is serious and that owning a computer has an ongoing cost to it.

  13. #13
    New Lounger
    Join Date
    Mar 2010
    Location
    Mars
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    As a computer user:

    * I am an adult.
    * I use linux.
    * I don't need babysitting.
    * the freeware you mention is bloated beyond recognition. I suggest Comodo FW and Antivir AV.
    * the idea of a tax is unthinkable.


    As a long-term computer professional:

    The problem, as I see it, is education. Even going so far as to babysit the voluntarily stupid is only putting a bandage on the problem.
    People *need* to learn the very basics about their computers or the problem is only going to get worse. If they can learn the basics about their automobiles, they can learn about their computers. It's a responsibility that goes along with a privilege (we're not big on responsibility these days). Maybe Americans Idle can do a special on computer use.

    This begs the question of who is going to teach them and we're back to Nanny State again.

    This is one tough problem.

  14. #14
    New Lounger
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Firda Yasmin View Post
    It's a difficult situation. Since I'm not an expert in the field, just an ordinary PC User. So, I'll not able to solve the problem. Just to add comment about your suggestion to use ZoneAlarm Free Firewall. AFAIK, the free version of Zone Alarm is the worst of firewall programs based on many reviews. I suggest to use the free version of COMODO Internet Security ( http://download.comodo.com/cis/downl..._installer.exe ). It include the AV. It's not perfect and for average users often frustrating due to pop up windows. But it's one of the best free firewall. Or better use Outpost Firewall - the free version ( http://free.agnitum.com/ ). Further, it's wise to run two AVs in one PC as you suggested "Together, these products can do a good job of eliminating malware without the expense of annual subscription fees"? IMHO, running two AVs in one PC is troublesome. Thanks.

    Yes, I agree. Those security products recommended (AVG's Anti-Virus Free Edition 9.0, Checkpoint's ZoneAlarm Free Firewall, and AVG's LinkScanner) aren't that great. AVG and ZoneAlarm have a lot of leaks, and are fairly slow. Most of the infected computers I seen were running AVG.

    Use Comodo Internet Security, maybe Norton Internet Security 2010, or Outpost Firewall.

  15. #15
    New Lounger
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by ibe98765 View Post
    I think quarantine is a good idea. YOU are responsible for your computer. If it is not safe, then it should not be allowed to mingle with other computers.

    Alternatively, they could charge the computer owner a higher fee that increases regularly until the computer is certified fixed.

    And consider the economic benefits - this would increase the opportunities for computer consultants,which would be good given the large number of unemployed people.

    The thing is that someone could be cut off just when they really needed their connection. Or, now they don't know what to do about the infection and cannot go download a security program.

    What if ISP make mistakes too? It could cause quite unwanted hassle...

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •