Keith Davidson wrote:
My ISP operates as above - we scan for known exploits amongst machines on our network, and also scan and report open relays and open proxies that are used to spam our users. To maintain doing this consumes an enormous amount of time and effort, and involves a lot of abuse from people who operate open relays/open proxies who maintain it is their *right* to do so. More time and effort is spent in educating these users too.
Human nature being what it is ; Those who insist on taking others rights will complain about theirs being interfered with.. Customers don't care about their screwed-up virus-ridden system attacking others until they are forced to do something about it.. The bottom line is - ISPs are the leaders, and therefore the meat in the sandwich, and like all change, there will be a growing period for all while the 'offended' customers swap ISPs a few times. Unfortunate, but necessary. Everyone can see how the environment must be respected, and the Internet is no different. The public is already inclined in this direction viz the current fad<ducks> towards conservation.. perhaps this can be exploit^H^H^H^H^H used. <TIC>Perhaps a discounted package might be offered for nonwindows-based accounts, since they are less a liablity and generally have an experienced admin on board.
Given that the average Internet user doesn't give a rats about what their ISP does, they choose their ISP generally on price alone (providing their connection is otherwise robust), I could understand that many ISP's would or could not afford the time and cost of being proactive in regard to these issues.
What costs less ? To prevent the problem, or deal with the consequences.. <shrug>
So, the answer may well be that until Internet users become more discerning in seeking service levels consistent with Best Practice from their ISP's, and don't mind paying a few bucks extra per month for additional protection and security, and until ISP's customers become sufficiently educated and familiar with Best Practice for the operation of their networked services, the problem is likely to get worse rather than better.
Customers don't care - they just buy a better product from ms that prevents the symptom. They will not do anything different until it effects them - like having their account shut down after 3 warnings.
Blaming the ISP, or expecting ISP's to carry the burden is not helpful.
Like it or not, ISPs carry the can. Customers will not accept the problem is theirs, until the problem is theirs. Surely one of the larger monoliths could pull this off without decimating their customer-base (they seem to gotten away with far worse<ducks>) /sw