On 20 Apr 2017, at 12:01, Jim Reid <jim@rfc1035.com> wrote:
But you probably would he offended if they do not cut off that spammer or the person that is sending your DNS server a few million queries a second.
Indeed. Though that's not the same thing as giving access providers some influence or stake in their CPE customers can install.
They should not have an opinion about connecting a webcam, but what about me hosting a Command & Control server?
Nuke it from orbit. Just to be sure. :-)
But suppose that webcam is the c&c server. And how would anyone know that?
Okay, so assume “notice and takedown” procedures would apply, once the ISP is notified about particular (illegal) behaviour that is harmful to others, they are assumed to take action? Under that umbrella, knowing that a particular class of devices is vulnerable and very likely to be compromised unless the user takes action (software upgrade, provided that is available), would it be allowable to take preventive measures such as filtering access to those devices? Alternatively, knowing these devices are a likely source of “bad things” should I wait for a 3rd party notice before I take them down, or should I be able to rely on my own monitoring (netflow, DPI) and make the call myself? Marco