IETF forges botnet clean-up standard
Shooting zombie PCs in the head
The IETF is developing a standard for how ISPs should go about cleaning up subscriber botnet infections.
A draft standard from the net standards body covers techniques for identifying compromised machines, how to notify affected customers and what advice to give them on the best way to clean-up infections - a sometimes tricky process. The IEFT's Recommendations for the Remediation of Bots in ISP Networks can be found here.
The document covers such thorny subjects as best practices for botnet detection and how to direct users towards an infection clean-up portal containing disinfection tools and information. As a technical standard, the proposals omit consideration of how clean-up operations might be financed. Possible punishments for users who leave their machines infected despite clean-up advice is also outside the scope of the standards. The IETF is inviting feedback on its proposals.
The initiative ploughs much the same ground as an independent proposal by Australia's Internet Industry Association (IIA), also in the draft stage, on how to purge spam-relaying zombie clients from ISP networks Down Under. ®