Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Aussie ISP Disconnecting Trojaned PCs

Posted by timothy on from the sorry-fella-you're-wetting-the-sandbox dept.

daria42 writes "Australia's largest ISP, Telstra BigPond, has started disconnecting customers that it suspects have excess traffic-causing trojans installed on their PCs. The trojans have been flooding BigPond's DNS servers and causing extremely slow DNS requests for around a month now. Despite nightly additions of DNS servers, BigPond appears to be unable to cope with the extra traffic on its network." Note that the article says the disconnections are temporary and accompanied by communication with the affected customers, not just a big yanking-of-carpet.

7 of 388 comments (clear)

  1. My 1st Thoughts by reezle · · Score: 5, Insightful

    "Thank God"

    "It's about Time"

    "Glad somebody is finally taking an interesting in keeping the neighborhood cleaned up"

    "Oh crap, is this the first chink in the armor, ISP's can disconnect people based on their traffic... Virus, Trojan, P2P, Torrent"

  2. This is a good thing by kasperd · · Score: 5, Insightful

    More ISPs should handle compromised computers this way. Just leaving them around to harm the internet for the rest of is is irresponsible.

    --

    Do you care about the security of your wireless mouse?
    1. Re:This is a good thing by Anonymous Coward · · Score: 5, Insightful

      If you don't disconect the offending computer, how will the idiot who owns it know they've been an idiot? Disconecting it totally is a great way to handle the problem, because it forces the idiot to call customer services to find out why their connection no longer works, at which point you can lart them for being an idiot and force them to clean up their idiot-box before you reconnect them. Just silently droping the offending packets does nothing to educate the idiot involved.

    2. Re:This is a good thing by FireFury03 · · Score: 5, Insightful

      Disconecting it totally is a great way to handle the problem, because it forces the idiot to call customer services to find out why their connection no longer works

      Even better is to block all access and redirect web requests to a server that explains what's going on and provides patches, etc. That way people (with more than one brain cell) don't _have_ to phone customer support.

      --
      http://blog.nexusuk.org
  3. Hmm... makes sense to me! by PDA_Boy · · Score: 5, Insightful
    Despite nightly additions of DNS servers, BigPond appears to be unable to cope with the extra traffic on its network."

    Right- I can smell a cake burning. Let's add more flour! Come on- more flour!

    Oh- right- let's take the cake out the oven...

    Seems a sensible thing to do to me- tackle the computers causing the problems, rather than trying to react to the problem itself.

    Although, tackling the writers of the infecting programs would be good too, if somewhat harder.
  4. Best Practice by MrNonchalant · · Score: 5, Insightful

    Send the effected customers (better yet, all customers) a CD with a free anti-virus, free anti-spyware, a free firewall, an alternative browser, and the latest updates for all of the above plus Windows and Office (including support for ME, NT, 2000, 98 SE, 98, and 95). With it include a letter explaining courtiously and simply why security is important. Sure, you'd probably have to get permission from a dozen different legal departments to do distribution of nominally free software on a wide scale like that, but some companies I know would jump at having their demo version shipped.

    Back this up with your regular tech support. Yes, some users will be too clueless but a good deal won't. A fair percentage of the clueless ones will catch on quickly when their internet gets shut off and stays off. I can guarentee you the network traffic they'd get would drop to a third of the levels seen before.

    Actually, in this perspective AOL's lackluster virus and spyware protection make perfect sense.

  5. Shut up by Hrothgar+The+Great · · Score: 5, Insightful

    I really hate you "WHY IS THIS NEWS?!!!!" crybabies. It's news because this particular ISP is doing something which it previously was not. See how that works? Something HAPPENS, and then someone REPORTS that it happened, and then the story gets posted here because its subject matter appeals to a large portion of this site's readership. Are you so blindingly stupid as to actually need this explained to you? It's the fucking dictionary definition of news.

    By the way, most ISPs still are NOT doing this. Time Warner's Road Runner, for instance, never even looks in the direction of a trojaned machine on their network - at least in my area.