On Wed, 4 Oct 2006, Peter wrote:

Even if this were technically feasible with the kit that you have (or
would be willing to buy) - and subsequent discussions suggest not - I
am not convinced that it solves the problem. Many malwares
deliberately take advantage of the fact that most firewalls are open
to ports 80 and 443. As for DHCP, it's usually possible to configure
the ADSL router to be a DHCP relay, so that local hosts don't have to
talk directly to external DHCP addresses.

Have you considered running a nessus scan against the offending
machine, and showing the report to The Boy, with your appropriate
commentary on its implications for the ISP and the Internet?

Running a Windows PC without appropriate antivirus protection is
considered here to be justification for disconnection from the network
forthwith (i.e without warning). Of course I can't tell you how this
translates into your family situation, but the upshot would surely be
much the same. If there were complaints to your ISP then I'd expect
them to disable the whole of your connection. They don't know - and
don't really care - which of your PCs is responsible for the
misbehaviour.

h t h

Peter wrote:
I'm All Right Jack, Screw The Rest Of The World? A fine attitude, and
one I'm sure is worth instilling in your spawn. Oh, wait - he's already
learned that attitude. Good parenting, bucko; ever thought of writing a
book?

What's wrong with Avast! Anti-Virus? Totally free for home use.
Personally I'd be *encouraging* him to give copies of it to his friends
at school; perhaps he'll be sent fewer infected files that way.

If you succeed in your quest to inflict his malware-riddled system on
the internet community then there is no justice in the world.
Presumably if he was infected with various communicable diseases with
fatal outcomes you'd be paying for him to visit brothels too, so long as
he doesn't kiss you?

Grow a pair. Stand up to him (he's your *son*, FFS) and confiscate the
laptop until he learns a bit about being a responsible netizen (although
it's clear he'll have to learn it from someone other than your good
self). If he needs it for schoolwork, install a bare-bones Linux
distribution with OpenOffice. If he loses his saved files, tough;
you've just taught him a valuable lesson about backups.

Do *not*, under *any* circumstances, allow him to connect the laptop to
the internet until it has been thoroughly cleaned of infection (as in:
reformatted and re-installed). If you do, you'll only have yourself to
blame when your 'net connection gets pulled; ISPs *do* monitor traffic
for tell-tale worm and virus signatures, and they *do* disconnect users
until the problem has been solved.

--
Gareth Halfacree
http://gareth.halfacree.co.uk

Peter wrote:
Then do it, and stop looking for a Magic Device(TM) which will parent
for you.

No - their traffic analysers do it for them.

They block (by MAC address) any system which the traffic analysis
software flags as sending bad ju-ju. Sure, it's an imperfect system
(picking a new MAC is a single-line command in Linux, after all) but it
works for the short-term users they get. Plus switching MACs only works
until the analyser catches the ju-ju again, whereupon your new MAC is
blocked too.

I suggest that *you* do some research. Port blocking is far from the
only game in town.

--
Gareth Halfacree
http://gareth.halfacree.co.uk

On Thu, 5 Oct 2006, Peter wrote:

As others have pointed out, this is inadequate (to put it mildly).
While it rates to considerably reduce the chances of immediate local
infection, it by no means reduces the chances of The Boy causing your
whole Internet connection to be disabled for misbehaviour, or
otherwise getting into Internet blacklists of various kinds.

Please accept my apologies - at that point I seem to have been
posting on autopilot: I was reading and writing "DHCP", but I was
thinking "DNS". So scrub that part of my reply, please.

In message <sqvfi29gsmgadnk38ai21pk0pg0q3mm5bq@4ax.com>, Peter
<z123@nospam.com> writes

--
dave @ stejonda

On Sat, 07 Oct 2006 20:28:14 +0100, Peter <z123@nospam.com> wrote:


No need to 'find' a serial number, just register and they'll send you
one.

http://www.avast.com/i_kat_207.php?lang=ENG

On Thu, 5 Oct 2006, Peter wrote:

Some of them take appropriate measures (by automatic detection, and
some kind of suitable T&C which entitles them to cut off the customer
if they fail to respond); some ISPs, on the other hand, allow
themselves to get into blacklists.

I happen to know that the campus anti-spam system has, from time to
time, rejected all mail from certain UK ISPs on the basis that the ISP
is blacklisted for allowing spamming by their customers.

Researching the background to the blacklisting, it often turned out to
be caused by the presence of trojans at one or more customers, which
the ISP had failed to deal with.

The rejection report contains a clear indication of what an innocent
customer needs to do (email the postmaster address and ask to be
whitelisted), but many of them waste their time (and ours) by starting
an argument instead, blaming anything and everything except their own
ISP. Too bad.

Peter wrote:
Interesting. When I replaced Norton AV with Avast I found quite the
opposite, Avast picked up about a dozen nasties that Norton hadn't spotted.
YMMV of course.

BTW as others have said, you need to register for a free licence number,
they email it back to you within a couple of minutes. Otherwise you get a 60
day trial.


--
Mark
Please replace invalid and invalid with gmx and net to reply.

Peter wrote:
Problem Exists Between Keyboard And Chair. Care to name any of these
'trojans' that a fully-updated installation of Avast! misses? Thought not.

As has been pointed out to you elsethread, Avast! Home *is* completely
free. Registering for a serial number takes seconds and gives you a
code allowing you 13 months of updates (note the lack of anywhere on the
registration form to place payment details - BECAUSE IT'S FREE). When
that expires, re-register for another 13 months (Alwil software
*encourage* this behaviour, as evidenced by the FAQs on the site).

Care to offer any more erroneous statements? I'm sure you'd *dearly*
love to prove me wrong on *something*, simply to assuage your bruised ego.

--
Gareth Halfacree http://gareth.halfacree.co.uk
"If Ace Books ever came out with an edition of The Bible, both books
would be edited down to 40,000 words, and they'd be renamed "Master of
Chaos" and "The Thing With Three Souls." - Terry Carr