Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Internet Security Initiative (ISI) The problem

advertisement 
Internet Security Initiative (ISI)
John Haydon
Executive Manager, Consumer Branch
Australian Communications and Media Authority
(ACMA)
GSR November 2005
The problem
Around 80% of the world’s spam is sent via compromised
machines
• Most compromised machines are from ‘home users’
•
•
These machines are compromised because of:
•
Lack of firewall
•
Incorrectly configured
•
Users not caring enough !
•
ISPs to act to strengthen or enforce their Acceptable Use
Policies and act in their own interests.
•
Encourage industry to complement legal action against
spammers (SpamMATTERS)
1
The solution
Goal:
Reduce number of compromised and vulnerable
computers on the Internet
How?
•Work in partnership with ISPs
•Address security of both business and personal
computers
•Restrict or close computers if they are compromised.
•Encourage security (as society reduces driver speeding)
•Educate the public: ‘secure your computer’
Enter: The ISI project
• When a compromised machine sends spam the IP address of
that machine is sent with the spam message.
•Separately, systems exist that scan Internet for IP addresses of
both compromised machines and machines that could be
compromised
• Info sent to database which validates, sorts & sends data to
ISPs
• ISP sends problem alert to owner
• ISP takes action:
• advise person ‘secure your computer’; or
• disconnect computer (if serious)
• can only reconnect when secured
2
ISI diagram
APNIC
database
1
International
Scanning
network
Database
Of Australian
IPs
Real time list of
detected open
proxy/relays &
Compromised
hosts
ISI
Database
System
2
3
Manual
Submission of IP
Ranges by
Infrastructure
ISPs
Confirm
List of Australian
Open proxy/relays
& Compromised hosts
ISP A
ISP B
ISP X
Email ISPs
With request
To fix hosts
Australian
Australian
Internet
Internet
‘Australian Internet security initiative’
Public Education
•
Public education vital to project
•
Teach them about dangers of compromised
(‘infected’) machines
•
Create attitude change:
• ‘Computer security is my responsibility’
• ‘I can help reduce spam’
3
Benefits for ISPs
•
Less likely to be ‘black-listed’
•
Build reputation as ‘responsible’ ISP
•
Improved public profile
•
Offer customers security products + services
•
Create greater sense of value for customers
Benefits: MoU partners
• ACMA can offer output data or source code,
if partners wish
•
System can be expanded + adapted
•
Chance to build cooperation with local ISPs
•
Reduce spam in an economy
•
Reduce spam across our region
4
Related documents
National Honor Society Individual Service Project (ISP) Form Project Evaluation
National Honor Society Individual Service Project (ISP) Form Project Evaluation
Introduction to Oregon ISP (.ppt)
Introduction to Oregon ISP (.ppt)
Lab 2 Part 2 due this week in lab
Lab 2 Part 2 due this week in lab
Update from Spring and the IT Team:
Update from Spring and the IT Team:
Student Technical Requirements for Online Courses
Student Technical Requirements for Online Courses
Online Copyright Infringement – Draft Code
Online Copyright Infringement – Draft Code
STAT 503X Assignment 3 Email and SPAM
STAT 503X Assignment 3 Email and SPAM
Australia’s Spam and Zombie Initiatives: Economic Drivers
Australia’s Spam and Zombie Initiatives: Economic Drivers
M3AAWG Compromised User ID Best Practices
M3AAWG Compromised User ID Best Practices
Download
advertisement