Steve Wright wrote:
IMO, ISPs who allow their customers to be part of the problem, are part of the problem themselves. Why are ISPs not scanning their customers machines, either as a service to the customer, or as a means to protect their network ?
My ISP operates as above - we scan for known exploits amongst machines on our network, and also scan and report open relays and open proxies that are used to spam our users. To maintain doing this consumes an enormous amount of time and effort, and involves a lot of abuse from people who operate open relays/open proxies who maintain it is their *right* to do so. More time and effort is spent in educating these users too. Given that the average Internet user doesn't give a rats about what their ISP does, they choose their ISP generally on price alone (providing their connection is otherwise robust), I could understand that many ISP's would or could not afford the time and cost of being proactive in regard to these issues. So, the answer may well be that until Internet users become more discerning in seeking service levels consistent with Best Practice from their ISP's, and don't mind paying a few bucks extra per month for additional protection and security, and until ISP's customers become sufficiently educated and familiar with Best Practice for the operation of their networked services, the problem is likely to get worse rather than better. Blaming the ISP, or expecting ISP's to carry the burden is not helpful. Keith Davidson