Ferris Research on ISPs and Zombies

Related Articles

• Ferris Research on IronPort's Bounce Control
• State of the Art: Cellphones That Track the Kids
• The MX Injection Attack

Subscription Options

Subscribe Magazine

Subscribe Newswire

Widgets & RSS Feeds

Richi Jennings has a nice piece on why ISPs need to pay attention to the zombie problem:

Why Should ISPs Fix the Zombie Problem?

Zombies (or bots) are PCs that have become infected with malware that allows malicious remote control of the PC. They are usually herded into botnets and sold to spammers or phishers for the purpose of quickly sending unwanted email. It’s a big problem, but ISPs are in a unique position to fix the problem and should be motivated to do their part. Here’s why:

An ISP can detect when one of its customer’s PCs starts sending spam, either by outbound content control or by spotting an unusual spike in volume. The ISP may even be able to detect the earlier signs of infection, such as connection to an IRC channel used to control the bots.

ISPs should be proactive in quickly fixing such problems. If they don’t, their reputations and the reputations of their customers may be damaged. The spam control industry is quickly waking up to the fact that reputation is a good way to filter incoming SMTP connections, without the expense of content scanning. As this view becomes more prevalent, ISP customers won’t want to be associated with an ISP that takes a cavalier attitude toward its reputation and that of its customers.