On Jun 27, 2013, at 10:50 AM, Frank Gadegast wrote:
I personally would start at the other end and force Microsoft legally to only have PCs connected to the Internet that have an AntiVirus solution installed and running ...
Not all computers run Microsoft software. Furthermore not all computers run *recent* Microsoft software. There's still a very fair share of, for instance, Windows XP machines out there. Compromise 50% of them and you'll get yourself a very nice botnet to play with. The fact that a machine ships with an anti-virus dos not imply that said AV will remain running, maintain effectiveness over time, etc. From past experience, a significant proportion of infected machines in an access ISP network did have an anti-virus installed by the time we had to pull the plug on the customer because they were spewing. Being proactive in this front will only get you that far. You still need to have a reactive mechanism to respond and mitigate. Best regards -lem