Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - IETF Draft for Remediation of Bots in ISP Networks InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

IETF Draft for Remediation of Bots in ISP Networks

Published: 2009-09-16
Last Updated: 2009-09-16 19:07:04 UTC
by Raul Siles (Version: 3)
2 comment(s)

A new IETF draft document focused on how ISP's may detect botnet infections by their subscribers, how to notify customers, and end-user recommendations to remediate the infection, has been published today:

The document sets the current state-of-the-art, best practices for botnet detection, threat communications between parties, and specially notifications to Internet users via multiple methods: mail, phone, web portals, IM, SMS, etc.

The authors are looking for feedback from the community, so if you belong to an ISP or are interested in the topic, contact Nirmal Mody (one of the authors) by e-mail. The contact details are at the end of the IETF draft document.

UPDATE: Fellow handler Donald (Thanks!) shared a similar ISP initiative by the IIA (Internet Industry Association). It is also in draft state and open for comments. The IIA guide file is available at http://iia.net.au/index.php/initiatives/isps-guide.html. Time for the ISP's to contribute! :)

--
Raul Siles
www.raulsiles.com

Keywords: botnet IETF ISP
2 comment(s)
Diary Archives