tag:blogger.com,1999:blog-8353696605063426251.post2645360696837329087..comments2023-09-23T10:44:35.234+03:00Comments on Techy Title Here: SPAM: Economics and PreventionMBHhttp://www.blogger.com/profile/07293824491909131393noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-8353696605063426251.post-67606547228546513432009-11-22T15:53:12.173+03:002009-11-22T15:53:12.173+03:00BloggyLife,
There are appliances that are deployed...<b>BloggyLife</b>,<br />There are appliances that are deployed when the network is "sane" to train the appliance of what is a good behavior of a network. Later on they're deployed & become fully functional, so that they could report or react to any odd traffic, that wasn't sense in the training period. Cisco has one of these. I'm sure there are other vendors that provide it as well.<br /><br />You don't need the data for proof for more than a week, because once you get infected and a worm is active, the traffic changes quickly.<br />This is nothing like a fileserver or important personal files. It's just data on your bandwidth usage.<br /><br />ISPs won't like it, but they'll get used to it eventually, for the benefit of all ;)MBHhttps://www.blogger.com/profile/07293824491909131393noreply@blogger.comtag:blogger.com,1999:blog-8353696605063426251.post-61454180285829268452009-11-22T14:11:54.633+03:002009-11-22T14:11:54.633+03:00even if it saves bandwidth, they'll just sell ...even if it saves bandwidth, they'll just sell it :P<br /><br />Define behavioural data, I know most of the data analysis are automated, but since you are detecting malicious behaviour won't you need to keep this data say for evidence.<br /><br />As for keeping activity data it's very tricky when you would need it or is it important, for example, say you lock down activities on a file server, actions on folders, sometimes deleting actions are legitimate sometimes people will come after a month's period, asking who did what! what you should you or shouldn't you audit. The point is, what data you need to keep and for how long.<br /><br />I agree it should be a law, but I think ISPs will frown upon.Bloggylifehttps://www.blogger.com/profile/04670091569680371008noreply@blogger.comtag:blogger.com,1999:blog-8353696605063426251.post-19668831675129618462009-11-19T05:11:17.029+03:002009-11-19T05:11:17.029+03:00BloggyLife,
Behavioral data shouldn't be store...<b>BloggyLife</b>,<br />Behavioral data shouldn't be stored for more than a week anyway. Any decent network admin/engineer can tell abnormal network traffic like sudden spikes on uploads on certain ports or to certain websites and relate them to incidents from other users. This can all be automated to not torture the admin/engineer.<br /><br />Remember, I said it should be a national law, so ISPs are mandated to do it and maintain it throughout the years. It will pay for itself since it will save the ISP bandwidth.<br /><br />That's my point of view. "I could be wrong, but I don't think so."MBHhttps://www.blogger.com/profile/07293824491909131393noreply@blogger.comtag:blogger.com,1999:blog-8353696605063426251.post-75679220908754597012009-11-19T05:04:07.827+03:002009-11-19T05:04:07.827+03:00I'm sure the monitoring level you are asking t...I'm sure the monitoring level you are asking the ISPs to do will end up hiking prices, it's just like asking for a service from the ISP to carry out, who will pay for equipment/man power needed to do so, end user.<br /><br />collecting data is not the issue, storing it, accessing it and what to do with it is :P<br /><br />I think some ISPs in some countries block sending emails, unless through their own email server, so your email server has to relay to theirs. This way it's some kind of verification and easy to monitor.<br /><br />*rarely* != 0, I mean people used to make a big deal when their client spam filter caught a spam, I'd be glad that it's doing the job, so what it passed our main filter, the client one caught it right! Something getting away is expected, many things getting away is not :)Bloggylifehttps://www.blogger.com/profile/04670091569680371008noreply@blogger.comtag:blogger.com,1999:blog-8353696605063426251.post-26811796021614468922009-11-18T12:39:24.810+03:002009-11-18T12:39:24.810+03:00BloggyLife,
I don't see why the subscription r...<b>BloggyLife</b>,<br />I don't see why the subscription rates would be increased.<br /><br />In fact, these laws should allow for more bandwidth to be available to the ISPs!<br /><br />I rarely *see* SPAM with my GMail account. It has awesome filtering capabilities!<br /><br />As for the users, maybe you should've used that user to classify SPAM rather buying equipment? :pMBHhttps://www.blogger.com/profile/07293824491909131393noreply@blogger.comtag:blogger.com,1999:blog-8353696605063426251.post-18246510875483982382009-11-18T10:45:01.007+03:002009-11-18T10:45:01.007+03:001st thing that came to mind, you want them to hike...1st thing that came to mind, you want them to hike up the Internet subscriptions!<br /><br />You reminded me when we installed a SPAM filter.<br /><br />User: "I'm not receiving emails today"<br />Me: "Everything seems to be fine, I can see you just received from external and internal"<br />User:"I used to receive over 1000 emails a day"<br />Me:"!!! Aha, what do you do with all of them, they are unwanted emails, we just installed a new filter to prevent such emails"<br />User:"Gives me something to do, I read and delete some, can you exclude me so I can receive them"<br /><br />Also, with our measures today, people should NOT expect to receive NO spam at all.Bloggylifehttps://www.blogger.com/profile/04670091569680371008noreply@blogger.com