I'm wondering what happens to botneted subscribers from which the attacks originate. Is any attempt made to locate them and contact their ISPs? I think there should be, and subscribers found to be participating in the attack (presumably unknowingly) should be disconnected immediately. After all it's the subscribers' responsibility to keep their computers botnet free. Launching a DOS attack, even unknowingly, is probably violating the contract they signed with their ISP.