Shutting Down Worm-Infected Broadband Users

disc-chord writes "Frustrated by Code Red and now Nimda, the DSL provider DSL.net (a CLEC and reseller of Covad) has shut off 800+ infected customers. They claim they cannot get in touch with all of their customers, so they're just shutting them all down, and waiting for the customer to call them. When/if the customer does call they are informed that they are infected with the Nimda virus and must remove it before they will be reactivated. But how are customers supposed to fix the problem when their internet connection is shut down? " I say tough beans: If you get infected, it's your responsibility to get yourself cleaned up. The Internet is a peer-to-peer system where one peer can piss in the public pool. These ISPs are doing a good thing by keeping this crap off the net. Sure, a nicer tactic would be to disable low port numbers for infected users (my provider doesn't let them through in the first place) but this would likely just confuse users. At least this way they know what's up. Flame if you will, but all these worms are going to only get worse since Microsoft will never fix the problem without making sure people have to pay a monthly subscription for their OS, and users are unaware that they have to patch their boxes. ISPs shouldn't have to be responsible for their users this way, but they are responsible for keeping their other users online, and a few infected boxes can cause a lot of havoc for the whole net.

Microsoft

[shaka]

"Microsoft will never fix the problem without making sure people have to pay a monthly subscription"

Taco, I really, really think you know that Microsoft posted a patch months before this hole was exploited.

Re:Yet Another Linux Bigot (YALB)

[GreyPoopon]

Asking a 75 year old senior citizen, who is just happy to read a few web pages and send mail to his grandkids to keep up an endless stream of patches because a bunch of hackers can disrupt the net is backwards.

Oh, that's just pathetic.... You would only use the "but what about the elderly and the children" argument to drum up emotion when you have no other logical argument. To respond in kind, what about the other 75 year old senior citizens who have a clean computer and can't read web pages or send mail to their grandkids because the network is so flooded that they can't get anything through. Do you think they'll understand why this "dang new-fangled contraption ain't workin'?"

I'm not a cold-hearted person, but you've got to look at the facts. Shutting down these connections is pretty much the only way to make sure people will clean up their machines. You can't forget that the Code Red II virus, and presumably nimda as well, opens up a nice little hole that can be used to turn your machine into a Zombie. If the zombies get used, an ISP will have machines on their network attacking corporate and government computer systems. That's an absolutely *massive* liability there, especially since it can be proved that the ISP was aware of the infected machines and did pretty much nothing to eliminate the problem.

The best idea I've seen yet is the one to set up a "private" network for the infecting machines and direct them there. For those ISP's that don't want that expense, maybe offering to send them a CD with the patches and instructions in the mail for a reasonable fee would be a better alternative.