Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8913

Number 9-8-8913
Priority Critical
Description Maintain Methods to Detect Bot/Malware Infection:
ISPs should maintain methods to detect likely malware infection of customer equipment.
Detection methods will vary widely due to a range of factors. Detection methods, tools, and processes may include but are not limited to: external feedback, observation of network conditions and traffic such as bandwidth and/or traffic pattern analysis, signatures, behavior techniques, and forensic monitoring of customers on a more detailed level.
Network Type(s) Internet/Data
Industry Role(s) Service Provider
Keyword(s) Cyber Security;Intrusion Detection;
Reference/Comments More information can be found at:
http://teamcymru.org
http://shadowserver.org
http://abuse.ch
http://cbl.abuseat.org

Note that the Best Practices in this grouping are primarily aimed at ISPs that provide service to consumer end-users on residential broadband networks, but may be applicable to other users and networks as well.