[AusNOG] Telstra manipulating DNS to block botnets

[David Hooton]

On 19/06/2012, at 6:59 AM, Damien Gardner Jnr wrote:

> Oh, and I should have pointed out earlier..  This 'quarantining' will still need to allow the customer to still use things like remote desktop, teamveiwer, logmein, etc to contact their regular remote support..   

There are "spook" style appliances starting to rear their heads in enterprise world that can "restore" quarantined PC's back to a "compliant" state.  This is obviously not something that the Aussie ISP market is ready for yet, but I would hazard a guess that something like that could become a product vendors will be tapping on our doors to flog in the not too distant future to offer customers as a managed service.

Again, as I said earlier - the key to any "value added network behaviour" is communication - the customer has to be aware you're doing it and be willing to participate.  All the RFC's, utopian tech concepts and best practices in the world don't matter much if they aren't serving a legitimate customer requirement. Lets face it, in this market we are more often than not spending the majority of our time helping the market catch up with what they actually need, the ways we do this ARE important but lets not rule out legitimate options just because they lack technical purity.

Cheers

Dave