Forgot your password?
typodupeerror
Network Security The Internet IT

ISPs Sign On To FCC Anti-Botnet Code of Conduct 34

Posted by Soulskill
from the hey-guys-be-nice-ok dept.
Trailrunner7 writes "The U.S.'s leading Internet Service Providers signed on to a new FCC code of conduct to limit the impact of major cyber security threats, including botnets, attacks on the Domain Name System and Internet routing attacks. AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile and Verizon were among the ISPs that participated in the agreement. 'The recommendations approved today identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners,' said FCC Chairman Julius Genachowski." A fact sheet from the FCC provides details on the recommendations, but they're pretty vague: "The CSRIC recommended ISPs participate in a U.S. Anti-Bot Code of Conduct (PDF) that encourages ISPs to engage in: (1) end-user education to prevent bot infections; (2) detection of bots; (3) notification of potential bot infections; (4) remediation of bots; and (5) collaboration and sharing of information." They also recommend broader adoption of DNSSEC and the development of an "industry framework" to combat IP route hijacking.
This discussion has been archived. No new comments can be posted.

ISPs Sign On To FCC Anti-Botnet Code of Conduct

Comments Filter:
  • by Anonymous Coward

    This will be used too liberally to cut off and punish high traffic users.

    • by Anonymous Coward

      Cox never cuts me off or throttles me, and I'm on their 50 Mbps residential plan and use about 1.5 TB downstream a month. They also never have their name listed in support of copyright enforcement bills.

  • Oh good (Score:5, Funny)

    by Cornwallis (1188489) on Friday March 23, 2012 @03:04PM (#39455565)

    "...attacks on the Domain Name System and Internet routing attacks..."

    Something with teeth to finally stop the U.S. DOJ from shutting down websites arbitrarily.

  • WHY? (Score:3, Insightful)

    by Anonymous Coward on Friday March 23, 2012 @03:06PM (#39455583)

    Why does every little thing they do have to be for the CORPORATE networks and not the individuals?

  • by Anonymous Coward on Friday March 23, 2012 @03:16PM (#39455665)

    Doesn't this mean that in order to detect the bots the ISPs must perform deep packet inspection, which everyone fought so hard against a few years ago?

    • Short answer: no.
      All they need to do is monitor TCP and UDP on port 53 -- the traffic is all unencrypted and is by no means deep. In fact, they have to monitor this traffic for routing purposes already, so all they really need is a blacklist that triggers a notification script (which some ISPs --including Comcast-- already have in place).

      What I'm afraid of is that ISPs will use this as an excuse to crack down on running your own DNS, or using a third party DNS (such as OpenDNS or GoogleDNS or not-in-my-rep

  • Good. (Score:5, Insightful)

    by heypete (60671) <pete@heypete.com> on Friday March 23, 2012 @03:22PM (#39455737) Homepage

    Much of the abuse I see on the internet (such as spam, port scans, SSH login attempts, etc.) are from bots.

    Most of the individual users have no idea their computer is compromised, let alone any idea how to fix the problem. Having ISPs take a more active role in securing their networks and helping users secure their systems is a worthy endeavor.

  • end-user education to prevent bot infections

    Dear user:

    This email is to inform you that you're internet service is being temporary halted so you can be educated.
    Oh, and don't worry, you'll still pay full price for the next 3 months you are without internet.

    We know best,
    AT&T

  • by Shoten (260439) on Friday March 23, 2012 @04:06PM (#39456277)

    The focus is realistic (aiming on the US specifically, which is where most bot activity originates anyways) and measured. They don't prescribe specific draconian regimens, but instead offer approaches and support the use of as many as are feasible. But most of all it takes the approach of "this is good for all of us," and ensure that the measures described fit that as well. This is the kind of approach that works well for industry by providing guidance, goals and options so that business can tailor their methods to what works well within their own operational constraints.

  • "They also recommend broader adoption of DNSSEC and the development of an "industry framework" to combat IP route hijacking."

    Does this mean that ISPs will also stop hijacking DNS themselves? I choose to use OpenDNS partly because the local telco [MTS Allstream] does this.. in some cases, it's like OpenDNS where they'll catch a typo and suggest the actual intended site, but a lot of the time it's being served their advertising or redirecting you whoknowswhere without permission [even from major common wel
  • FCC == fail (Score:3, Insightful)

    by gavron (1300111) on Friday March 23, 2012 @06:34PM (#39457529)

    The FCC has no juris[my]diction on anything to do with the Internet other than the inter-lata circuits it may use.
    As to content, oversight, best practices, etc. they are not relevant.

    Botnets aren't necessarily bad (think SETI at home). Cloud computing isn't bad. Encryption isn't bad.

    You know what's bad? "Throttling", "N strikes", "watching your users' content". Those are all wrong.

    E

  • DNSSEC implementation has been dismal so far, so it's great that people are agreeing to progress, but there's relatively little that ISPs can do, other than upgrading their caching nameservers. Most of the bottleneck is client software and zone administrators.

"The Mets were great in 'sixty eight, The Cards were fine in 'sixty nine, But the Cubs will be heavenly in nineteen and seventy." -- Ernie Banks

Working...