7 Oct 2010

All Computers May be Blocked to Connect to the Internet, Initially.


An idea to block malicious computers was presented by a senior researcher from Microsoft.  It follows that risky computers may be blocked from connecting to the internet due to threat that these present to the entire web infrastructure.

This idea is mainly intended to address the security issue that botnets - networks of infected computers present, subsequently acting like a drome under the control of internet organized criminal associations.  It follows that once these machines are spotted, they can be put in temporary quarantine in order to evaluate and prevent the spread of malicious software deployments.

"Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society," Senior Researcher at Microsoft.

The way these computers operate is by being recruited into a wider network as soon as they lose control of their instructions by becoming infected with malicious code.  Networks can consist of a few hundred to a few thousand Windows machines.  Furthermore, some can contain millions of PCs.  These networks once dominated by criminals have the capability of instructing others for various means including pumping out spam or mounting "denial of service" attacks against websites, as an example.

This idea of blocking computers to the internet was  presented at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, where it details that in order for a computer to first connect to the internet it must pass a "health test" to prove that it poses no threat to the whole internet infrastructure.

"Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware," As written in the accompanying paper.

Microsoft said that to make its plan work itwould need four steps, including defining a health computer, creating a trusted system for health certificates and finding a way for ISPs to process and act on them.

Search Keywords Here