Reply to post: Re: Whose bloody computer?

FBI deletes web shells from hundreds of compromised Microsoft Exchange servers before alerting admins

Lee D Silver badge

Re: Whose bloody computer?

Hint:

Don't run computers that let unauthorised people run commands on them.

This stops not only these kinds of actions, but also the problem in the first place.

While I agree that the responsibility should be your own, I see no reason with, say, permanently cutting off the Internet of infected machines at the ISP level until they are showing no more malicious traffic.

PlusNet in the UK used to block your web etc. access if they detected an open Samba port on your Internet-side. I think this is perfectly reasonable. I think it should be extended to "you're running a business mail server that's known-compromised and hasn't been patched in years", they just block your IP access and replace all HTTP pages with "Your network has been compromised, and as your ISP we have blocked your access. Contact us for information on how to resolve this block".

Maybe then people would wake up and fix their stuff in a timely manner.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon