BigPond disconnecting Trojan-infected customers

Telstra BigPond is temporarily disconnecting compromised computers from its network to stem a tide of malware swamping its servers and delaying e-mail and Web site requests.

In a statement provided to ZDNet Australia , BigPond said it had stepped up network monitoring to identify infected machines. "Customers with suspected compromised PCs are being contacted where possible to encourage them to rectify the issue and if necessary are being disconnected from the network while the issue is rectified".

The Internet service provider -- Australia's largest -- said the number of bogus requests to its domain name servers (DNS) had "on occasion" reached a level where some customers have reported slow responses to their legitimate requests for Web sites or e-mail.

"Ongoing investigations have identified Trojan-infected customer PCs as the likely source of the false DNS requests," BigPond said.

"Customers contacted by Telstra in recent weeks in relation to their PCs issuing large numbers of false DNS requests have been found to have PCs infected with various viruses and Trojans and lacking network security".

The service delays have sparked heated debate on the broadband community Web site Whirlpool. One forum participant, who claimed to be a BigPond customer, said on Monday: "I'm in Canberra and it's been almost unusable all afternoon. I'm snowed under at the moment and it is really driving me crazy. Three out of four links fail to load first time and sometimes take eight or nine tries before it does."

Another said: "I am having problems loading Web pages, I get the 404 [page not found] error. I have to retry five to 10 times to get some places."

Forum postings indicate the problems have been occurring for several weeks.

BigPond said it had boosted the capacity of its DNS servers to reduce the inconvenience to customers until a long-term engineering solution was developed.

It said it was encouraging customers not to "hard-code" the DNS in their network settings "so that they can be directed to an alternative BigPond DNS in the event of further problems".

The source of the difficulties raises questions as to the success of some of the measures put in place by BigPond to avoid the type of service level issues that occurred for several weeks in 2003. Then, a sudden surge of e-mail traffic -- attributed by the provider to spam and viruses -- exceeded the capacity of its systems to cope and caused extensive delays to message delivery. The carrier subsequently introduced network-based spam and virus filtering protection to complement retail offerings to its customer base. It also invested heavily in a new e-mail platform.

• Related stories

• Alerts

Sign up for an e-mail alert

ZDNet Australia Alerts is an e-mail alert service which provides personalised news, features and reviews to readers’ inbox on an hourly, daily and weekly basis.

Alert:

E-mail: *

Frequency: *

Hourly Daily Weekly

Add alert

Add your opinion

Add your opinion

All fields are required

Subject:
Comments:
Full name:
E-mail address:

Your e-mail will not be displayed

Posting options:

Display all details Do not display details

Security Code:

You must read and type the 6 chars within 0..9 and A..F

 

1. Too little. Too late. Too bad. I am churning to Internode. These problems have been going on for over four weeks now. Internode's DNS servers are working fine. Anonymous -- 13/04/05

   Too little. Too late. Too bad. I am churning to Internode. These problems have been going on for over four weeks now.
   
   Internode's DNS servers are working fine.

   • Reply to comment
   • Reply to story
   • Report offensive content

2. Linux users on Bigpond should run their own DNS servers to avoid these problems. Anonymous -- 13/04/05

   Linux users on Bigpond should run their own DNS servers to avoid these problems.

   • Reply to comment
   • Reply to story
   • Report offensive content

3. This might finaly get stupid jerk users to secure their PCs. The sooner these people get booted till their PCs are clean the better for every responsible user who has been affected by this. I'm glad I'm with iPrimus. All the required Anonymous -- 13/04/05

   This might finaly get stupid jerk users to secure their PCs. The sooner these people get booted till their PCs are clean the better for every responsible user who has been affected by this.
   
   I'm glad I'm with iPrimus.
   
   All the required protection and scanning software is available for free, but I bet telstra is pushing Norton Internet Security :) One of the worst bits of software I've ever had the misfortune to see.

   • Reply to comment
   • Reply to story
   • Report offensive content

4. By the time abuse escalates and their customers get problems due to the lack of abuse handling, the provider finally does something at it, it's a shame. telstra and bigpond are being blacklisted by us for a long time because they just don't seem to Anonymous -- 14/04/05

   By the time abuse escalates and their customers get problems due to the lack of abuse handling, the provider finally does something at it, it's a shame.
   telstra and bigpond are being blacklisted by us for a long time because they just don't seem to do anything to prevent spammers and criminals abusing their service. They don't even have a working abuse address, violating RFC2142 and the mail form on their website is vague and does not work. My advise: if you can please switch to another provider.

   • Reply to comment
   • Reply to story
   • Report offensive content

5. All ISPs sould block infected customers. If traffic from the customer indicates an infection, and the customer can not be contacted or can not give a good explanation for the traffic then that customer should be temporaily blacklisted and have their conne Anonymous -- 14/04/05

   All ISPs sould block infected customers. If traffic from the customer indicates an infection, and the customer can not be contacted or can not give a good explanation for the traffic then that customer should be temporaily blacklisted and have their connection cut off. I'd imagine that if each time an infection was noted the user got cut off got 6 hours that it'd greatly cut down on the number of infections spread and the suffering other users had to endure. At the same time being down a mere 6 hours (less if you call and ask for it to be reconnected) is unlikely to be to big of an annoyance to a user who fixes their computer.
   
   I think software providers and users that don't make a reasonable effort at providing security so that they don't negatively impact others should be fined. Let all those infected Windows users, and Microsoft, pay for the damage they are doing. Why should everyone have to pay?

   • Reply to comment
   • Reply to story
   • Report offensive content

6. We've been long time BigPond ADSL clients here at home, and in the last week or so it's been difficult at times even to get email from the BigPond account. Webpages don't load, IRC (chat) does not work ... and tonight even when using an IP address for a d Anonymous -- 15/04/05

   We've been long time BigPond ADSL clients here at home, and in the last week or so it's been difficult at times even to get email from the BigPond account. Webpages don't load, IRC (chat) does not work ... and tonight even when using an IP address for a direct link to a server, I've been getting "No route to host" instead of "Could not resolve server". Maybe more than the DNS servers are broken ... again.

   • Reply to comment
   • Reply to story
   • Report offensive content

7. Response to Mike Caddick ... Mike, in response to "This might finaly get stupid jerk users to secure their PCs." I've been trying to help people sort out and secure their PCs for some years, and have been insistent on the nee Anonymous -- 15/04/05

   Response to Mike Caddick ...
   Mike,
   in response to
   "This might finaly get stupid jerk users to secure their PCs."
   I've been trying to help people sort out and secure their PCs for some years, and have been insistent on the need for antivirus and firewall software. I tell them there is no substitute for spending some money. It's working slowly, but it's working. Instead of insulting them, could you try offering practical advice on what they need?
   
   in response to
   "I bet telstra is pushing Norton Internet Security :) One of the worst bits of software I've ever had the misfortune to see"
   I've seen this attitude elsewhere : surely that product would be better than nothing at all? Recently I persuaded people to buy Trend Micro on price, but I use Norton Internet Security myself. It works for me ... including killing a steady influx of Netsky.Z in emails over the last two months or so.

   • Reply to comment
   • Reply to story
   • Report offensive content

8. Finally Got this article thruough my provider Schilling.net.au which uses Veridas then Telstra It abhorrs me that only one company like Telstra has the land line control, being a brit have had same issues with BT in UK - no such issues in the US Anonymous -- 16/04/05

   Finally
   Got this article thruough my provider Schilling.net.au which uses Veridas then Telstra
   It abhorrs me that only one company like Telstra has the land line control, being a brit have had same issues with BT in UK - no such issues in the US when living their
   Between the 10th March and 30th March I could not get anything outside of Aus no downloads nothing - went back to using Dial up with another provider that kept me alive.
   It show that as usual all the money goes back to the ruddy share holders and not to better improving systems for end users.
   3 weeks is a disgrace and even now their are many page not found errors still overseas where most of my traffic is.
   Am running Visualware and tests from US - the traffic from Bne to Syd with Telstra is nearly as slow to the 1st DNS hop overseas. Telstra's techinicians should stand up and take a bow for their incompitance and sluggishness at not being able to stop a bit of malware. It is not as if someone has blown up the exchnages
   When T is privatised or we get open competition like in the US over the land lines we would already be getting higher speeds 3mb's per normal and lower prices. Friends in the US are getting 7mb's for cable now at same price of 512 services here - with no limits either
   Another friend got a free upgrade from 512 to 3mb's for no cost either
   We in the this country are following typical british mentality poor slow services and high prices no wonder both country are becoming like the 3rd world
   The main issue also is that to compete when a country is so far away from the rest of world we should be at the pinnacle of new technologies not still selling ISDN at prices higher than broadband - when the regulators and government deal with Telstra and it total lack of true concern for customer services only then will the system change
   Thanks and keep up the good work
   Peter

   • Reply to comment
   • Reply to story
   • Report offensive content

9. Don't blame Customer if your server is inadequate to handle it. Anton -- 17/08/05

   Customer already paid for maximum bandwidth and usage depend on their contract. Either it used by customer itself or by their 'pet' (Virus/Trojan).
   Sometime customer need to overload their network for testing purpose, and if BigP0nd's server Dying cause of it. Then better take another competitor's ISP.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. BigPond disconnecting Trojan-infected customers Anonymous -- 21/10/05

      Too many people expect too much from computer technology. If a customer is dissatisfied with what is available, then maybe customer should do a coarse in IP and help stamp out Internet related issues. The more they learn the more the IP systems techs have to learn. Sometimes the issue has to be an event to learn how to disfuse it. Be patient, it will always be like a rally race unfinished, every mile there is always a new lead.

      • Reply to comment
      • Report offensive content

• Just In

• Most Popular

• Most Discussed

Login

E-mail Password (forgot?)

Login Remember

Like 124,000 other people join the community and get the latest news from the IT industry.

Reader Services

Popular Topics

Essentials