Slashdot Mirror
Major Aussie ISP Disconnecting Trojaned PCs
daria42 writes "Australia's largest ISP, Telstra BigPond, has started disconnecting customers that it suspects have excess traffic-causing trojans installed on their PCs. The trojans have been flooding BigPond's DNS servers and causing extremely slow DNS requests for around a month now. Despite nightly additions of DNS servers, BigPond appears to be unable to cope with the extra traffic on its network." Note that the article says the disconnections are temporary and accompanied by communication with the affected customers, not just a big yanking-of-carpet.
ISPs around the world have been doing this for a while now! I live in a house with 12 people and one person had a hijacked computer sending out mail and Adelphia cut us off. Although they never told us that they did (a quick call to customer support hooked us back up).
Seriously, why is this news?
I think my principles are reachin' an all time low
To expand on this, a lot of you non-australians should probably know that Telstra Bigpond is the ISP that people choose when they don't know any better.
:)
Value for money wise they rate very poorly compared to the opposition - for ADSL at least.
For those of you that don't know, Telstra is a part government owned company, which owns much of the telco infrastructure in Australia. They like to make life difficult for any competitors.
Also one of the few ISPs in Australia that charges traffic in both directions.
Just in case you guys care
My isp (plus.net) monitors any communications on port 135 etc and if it dedicates any when your connected. You get redirected to a Plus.net you may have been effected with MSBlast page etc. And give you the links to tools to fix it.
Very handy indeed.
Automation - The Car Company Tycoon Game
Look, I ALL for ISP's disconnecting "polluting" PC's. They just better make damn sure its not legit traffic.
My ISP does exactly this, if it suspects trojan traffic it shuts you down (and snail mail you). You subsequently call the helpdesk, they ask what you did to resolve the matters (The ISP provides FREE anti-virus and firewall software). If they rae happy with your counter measures, theyll reconnect you in a jiffy.
If you can explain you have a legit reason to hit DNS 9765 times per second, I suspect they'll unlock you too.
I love it.
Attempting to strangle ADSL adoption, killing the national BBS community when the Internet first became mainstream in Australia in order to force adoption of Big Pond, and a host of other offenses meant that after an extended period of shopping around, I finally stopped using Telstra as a carrier completely last year, and they can now consider themselves permanently boycotted as far as I'm concerned. They are one of the most short-sighted, destructive, and generally amoral corporations I've heard of. They were also vocally criticised by Bill Gates during one of his visits here, for their strangulation of broadband adoption.
Apart from the above, to some degree there are now price incentives to use other carriers as well, particularly for voice. If you've got a credit card, you also might want to check out TPG for ADSL...they probably have the best deals I've seen.
Except on most Linux dists:
1). the default user is not an administrator
2). 99.9% of malware cannot run. If it did, then it'd cause minimal damage (see 1.)
3). There is no ActiveX
4). etc, etc, etc
The average Linux (non root) user can be as clueless as he/she likes and won't get into trouble.
With most such set-ups your Internet connection is generally not totally blocked, just severely restricted. Any web request gets proxy-redirected to a page with instructions on how to clean your machine up, and download links from the ISPs local mirrors. Anything else is locked down.
I don't know if this is what bigpond are doing, but that's the usual way to handle this and it seems to work extremely well. My ISP uses a similar trick when users go over quota.