Telstra blames Swen worm for BigPond crisis

Telstra last night claimed officially the Swen virus/worm was largely responsible for the surge in e-mail traffic on its BigPond network.

The telecommunications heavyweight issued a statement claiming "Telstra understands that the virus/worm has been taking over customers' computers and causing them to send large amount of junk e-mails (spam). The carrier claimed its experience was "consistent" with that of other major Internet service providers, although it declined to name them.

"The virus/worm multiplies quickly and generates a vast [number] of e-mails, each in excess of 150 kilobytes (being the equivalent of an e-mail containing an image)," the Telstra statement said.

The carrier said its technical staff had been working "around the clock" to establish additional network capacity to cater for the "unexpected and unprecedented" increase in e-mail traffic of more than 20 percent.

"This additional capacity is expected to deliver gradual improvements to customers who may be experiencing delays with e-mail".

The surge in e-mail traffic -- which saw a network infrastructure capable of handling 10.5 million e-mails per day forced to cope with peak volumes of around 13 million -- has seen BigPond customers forced to wait several days to receive some messages, while recipients of messages sent via BigPond servers have also had to wait several days.

Telstra said it understood Symantec and Trend Micro concurred with its view.

Advertisement

Print feature brought to you by Adobe

Talkback 8 comments

    liar, liar, your pants on fire ...nik -- 17/10/03

    liar, liar, your pants on fire!!

    haha

    if you believe this story,

    well suckers are born every minute right?

    (Taken from my commentary on W ...Simon Cocking -- 17/10/03

    (Taken from my commentary on Whirlpool's similar story - http://www.whirlpool.net.au/article.cfm/1202?show=replies)

    Let's get something straight.

    Gibe-F, or Swen as it is also known, is not the problem Telstra make it out to be. We maintain ongoing, up-to-date statistics of viruses in Australia (since that is where most of our customers are) at www.mailguard.com.au/virus-stats.php. These are real world numbers, taken from our entire customer base which represents over 500 Australian businesses ranging from one to over 1,000 users.

    As I write this, Gibe-F is the most proliferent virus in Australia, with around one in every 167 email messages being infected with this worm (1 in 88 in the past 24 hrs). While that number may sound high, consider this: At its peak in late August, Sobig-F infections were discovered in one in seven emails that we received. ONE IN SEVEN.

    Here's an open question to Telstra: How do you know that Gibe-F / Swen is the cause of your current email grief? What systems do you have in place to measure this?

    I don't believe for a moment that any virus is the result of Telstra's current woes, nor do I believe their rubbish about an increase in spam. Our numbers (which are sadly not yet available on a web page.. stay tuned for that!) indicate that while spam is a generally increasing problem, there has been NO spike of the order of magnitude necessary to cause Telstra's problem. The worst day for spam recently was October 13, well after Telstra's problems began.

    So, Telstra: if you consider Swen/Gibe-F to be "terrifying", you really do have bigger problems. You're going to have to find another excuse, because your "it's a virus" lies just don't wash.

    Simon Cocking
    Network Operations
    www.mailguard.com.au

    Newsfalsh Telstra PR rings tec ...Anonymous -- 17/10/03

    Newsfalsh Telstra PR rings tech support.

    True swen began before the OTG, and I know the full story, the main issue is that Telstra PR department doesn't listen to Technical Support or the Server Team. Late in The week PR for telstra states that the email problem is fixed when if she herself rang her own Tech support department she would find it wasn't and isn't.

    Fact Swen began before the upgrade of the server software and it is true that this virus regenerating dead emails did have impact, that is verified by the other ISP's crashing.

    But the whole true story will only ever be known by a few, and Telstra PR will still be figuring out its hand from its arse.

    Yup, SWEN still continues to e ...Anonymous -- 17/10/03

    Yup, SWEN still continues to effect many ISPs and most likely is a significant factor of BigPonds problems.

    The volume of traffic generated by SWEN is enormous. ISPs are at fault for failing to apply simple filtering to weed out obvious virus emails and, by the same token, those customers stupid enough to run it.

    The best way to stop SWEN, and other bandwidth wasting viruii, is for ISPs to filter the most obvious infected emails. Saves their mail servers, saves their customers, saves bandwidth, and doesn't contribute to the spread of Viruii.

    The delays caused by mail scanning are insignificant compared to the time lost trying to fix the problem.

    Bold statements from Nik and S ...Anonymous -- 17/10/03

    Bold statements from Nik and Simon...

    I have suffered the effects of this problem and Blind Freddy could see that the Swen traffic is at least part (if not most) of the problem.

    Of course motherhood statements like "spam is increasing all the time" are not wrong but its a fairly weak analysis of the problem in my book.

    Basically my AV (suddenly) started reporting 6 to 10 Swen infected emails per day about 2-3 days before BP began to struggle. By my estimate that is probably a reasonable amount of time to see the unsuspecting public click on the attachment (some of which got thru the AV!) and zombie their PC into become a spamster.

    It was quite a well crafted email - I had to look at it closely to pick its dodgy nature - so I guess we should not be surprised that it got past the average user.

    I agree that Telstra could/should have done more - except managing operations of this scale doesn't allow the SysOp to contemplate a change over morning tea and implement it before lunchtime!

    I had been on to them for the last few weeks trying to get port 135 shut down on all routers - as it seems they only shut it out on the border routers - which allowed reinfection to run rampant inside the Telstra 144.138/16 to 144.139/16 IP ranges (and still is).

    A couple of virus scanner serv ...Anonymous -- 17/10/03

    A couple of virus scanner servers hooked into the Big Pond email servers should surely be able to reduce the incidence of virii to almost nil. Why the hell isn't this being done within ALL ISPs? A couple of thousand dollars (or even a few tens of thousands) spent per year would save Telstra money in the long run and help protect their customers, especially considering the thousands Telstra will have to pay out to affected customers and businesses.
    I'm actually quite surprised that this sort of system isn't manditory, think of the savings in time and money both for the customer and the ISP, no more mail-virus related calls to tech support and no pissed off users demanding compensation.

    Hell in addition to a virus fi ...Anonymous -- 17/10/03

    Hell in addition to a virus filtering system, it wouldn't be too hard to add a limited SPAM filter to trash the most obvious spams(**** enlargement, free prescription medicines and get rich quick scams).

    Its the reason a Post Office d ...Anonymous -- 19/10/03

    Its the reason a Post Office doesn't open all your snail mail...
    1) Scale - there is almost certainly too much - BP is probably moving millions of emails daily, and
    2) Privacy - there will certainly be at least 1 person to object to an email being dumped or will blame non arrival of an expected email on the ISP.

    Its better if they devote effort to going after the sources - even if that means dumping customers who are too lazy or too dumb to manage their own affairs in a sociable way!

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • David Braue Can not-so-smart meters help the NBN?
    It was interesting to witness Conroy's recent enthusiasm to spruik the NBN's role in supporting the Smart Grid, Smart City initiative. What a pity that Conroy hadn't yet seen the damning report from the Victorian auditor-general about that state's smart-meter roll-out.
  • Array Can the Telco Reform Act be win-win?
    In the second of our two programs looking at the Senate Inquiry into the Telecommunications Legislation Amendment Bill, we hear from shareholders, bureaucrats and industry groups.
  • Array Has New Zealand's smiling assassin delivered?
    One year into its tenure, how has the new New Zealand Government performed on issues of technology and telecommunications?
  • More blogs »

Tags

  1. 488 articles are tagged with 3g
  2. 449 articles are tagged with accc
  3. 57 articles are tagged with accenture
  4. 237 articles are tagged with acquisition
  5. 40 articles are tagged with afact
  6. 140 articles are tagged with ato
  7. 1303 articles are tagged with broadband
  8. 666 articles are tagged with cio
  9. 62 articles are tagged with commonwealth bank
  10. 251 articles are tagged with conroy
  11. 391 articles are tagged with copyright
  12. 45 articles are tagged with david thodey
  13. 514 articles are tagged with dell
  14. 9 articles are tagged with feed
  15. 1040 articles are tagged with google
  16. 1030 articles are tagged with government
  17. 789 articles are tagged with hp
  18. 1304 articles are tagged with ibm
  19. 221 articles are tagged with iinet
  20. 350 articles are tagged with iphone
  21. 116 articles are tagged with legislation
  22. 13 articles are tagged with longhaus
  23. 35 articles are tagged with michael malone
  24. 1475 articles are tagged with microsoft
  25. 33 articles are tagged with mike quigley
  26. 50 articles are tagged with minchin
  27. 1125 articles are tagged with mobile
  28. 356 articles are tagged with mobile phone
  29. 210 articles are tagged with national broadband network
  30. 386 articles are tagged with nbn
  31. 198 articles are tagged with new zealand
  32. 27 articles are tagged with nick minchin
  33. 880 articles are tagged with optus
  34. 716 articles are tagged with oracle
  35. 2650 articles are tagged with security
  36. 53 articles are tagged with senate
  37. 68 articles are tagged with separation
  38. 178 articles are tagged with stephen conroy
  39. 57 articles are tagged with strike
  40. 174 articles are tagged with sydney
  41. 60 articles are tagged with telecom nz
  42. 2431 articles are tagged with telstra
  43. 137 articles are tagged with tender
  44. 49 articles are tagged with twitter
  45. 110 articles are tagged with union
  46. 147 articles are tagged with university
  47. 174 articles are tagged with victoria
  48. 201 articles are tagged with video
  49. 2 articles are tagged with win7au
  50. 88 articles are tagged with windows 7

Back to top

Featured