[Discussion] What are we making? - Target User
David Glosser
david.glosser at gmail.com
Sun Oct 19 17:13:06 UTC 2008
This is why I asked earlier about something that runs on desktops or
via browser plug-in, for the home user.....
There are so many home router types out there, would approaching each
vendor be feasible? Or is this something to be run at the ISP-level?
There are several reputation services out there (siteadvisor, finjan,
WOT, etc), how would this differ? Or just partner with those
companies to provide data to help the end user?
>
> Very well put. We've always left the home user to fend for themselves
> because it's just too complicated to run IDS unless you're a security
> professional. Thus in the botnet world we chase command and control
> servers and leave the bots infected. Not the best approach.
>
> So if we were to make this tool capable of being run "out of the box" as
> a simple install and it'll do the rest on it's own, what would that mean?
>
> Would we need it to run on a WRTG style router OS?
>
> Would we need to approach the home router makers about a plugin?
>
> Would we want to go desktop stuff? (not my preference as the fox can't
> be trusted to watch the henhouse IMHO)
>
> Or do we go with just pushing reputational data to the home user? What I
> mean is if we build this engine to generate and act upon IP reputation
> data could we know enough about the Internet collectively to simply push
> a blacklist to the home user's router/firewall?
>
> On the more sophisticated devices where software could be installed
> maybe it does run a stripped down detection engine and help feed IP data
> back to the group. But overall it's still primarily benefiting only from
> the blacklisting and whitelisting of the whole?
>
> How many false positives would we encounter that might actually affect a
> home user?
>
More information about the Discussion
mailing list