From the Associate Editor of Ulitzer New-Media Platform

Liz McMillan

Subscribe to Liz McMillan: eMailAlertsEmail Alerts
Get Liz McMillan via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: PC Security Journal, SEO Journal, Security Journal, Cloud Hosting & Service Providers Journal, Email Archiving Journal

News Item

New ISP Guidelines for Restoring Infected Machines

Bots, or malware running on users' computers without their knowledge, are responsible for generating up to 90 percent of spam

    - While protecting users' privacy, network operators can use various
      tools to detect infected end-user computers, including DNS, scanning 
      the IP space to identify vulnerable computers, and collecting IP 
      traffic information for known command and control addresses.

    - Email, phone calls to customers, postal mail and walled gardens are
      common notification tools, each with their own considerations. 
      In-browser messages are considered to be among the most effective 
      methods to alert customers but also can be technically challenging to 

    - ISPs need to maintain a well-publicized security portal that includes
      directions for end-user bot removal.

 The paper also includes sample end-user messages and a list of malware detection and removal tools. The best practices will continue to be revised to reflect new procedures and the evolution of new bots threats.

Users Under Estimate Bot Threat
A bot residing on a consumers' computer is usually part of a larger network of machines programmed to perform specific, clandestine operations under the control of a "botmaster." The malware is often installed on unsuspecting consumers' machines when they click on an infected email or download illicit code from a compromised Web site. Bots are designed to operate stealthily - for example, sending spam or recording passwords and personal information without their owners' knowledge - making it difficult for end-users to detect their machines are infected.

While about 80 percent of consumers are aware of bots, only 20 percent believe they will ever be infected, according to a survey MAAWG released in July (the survey and related news release are available at www.MAAWG.org). "ISPs need to take steps to protect users, but we also need to continually educate customers and work closely with them to contain bot propagation," O'Reirdan said.

The new bot mitigation best practices are part of the ongoing work at MAAWG to confront messaging abuse. Previously, MAAWG has published best practices for managing port 25, using walled gardens, sharing dynamic IP address space, email forwarding practices, and senders best communications practices, among other topics.

The MAAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks can be downloaded from the organization's Web site at www.MAAWG.org. The MAAWG consumer survey, published white papers and best practices also are available at the site.

More Stories By Liz McMillan

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.