BigPond disconnecting Trojan-infected customers

Telstra BigPond is temporarily disconnecting compromised computers from its network to stem a tide of malware swamping its servers and delaying e-mail and Web site requests.In a statement provided to ZDNet Australia , BigPond said it had stepped up network monitoring to identify infected machines.

Telstra BigPond is temporarily disconnecting compromised computers from its network to stem a tide of malware swamping its servers and delaying e-mail and Web site requests.

In a statement provided to ZDNet Australia , BigPond said it had stepped up network monitoring to identify infected machines. "Customers with suspected compromised PCs are being contacted where possible to encourage them to rectify the issue and if necessary are being disconnected from the network while the issue is rectified".

The Internet service provider -- Australia's largest -- said the number of bogus requests to its domain name servers (DNS) had "on occasion" reached a level where some customers have reported slow responses to their legitimate requests for Web sites or e-mail.

"Ongoing investigations have identified Trojan-infected customer PCs as the likely source of the false DNS requests," BigPond said.

"Customers contacted by Telstra in recent weeks in relation to their PCs issuing large numbers of false DNS requests have been found to have PCs infected with various viruses and Trojans and lacking network security".

The service delays have sparked heated debate on the broadband community Web site Whirlpool. One forum participant, who claimed to be a BigPond customer, said on Monday: "I'm in Canberra and it's been almost unusable all afternoon. I'm snowed under at the moment and it is really driving me crazy. Three out of four links fail to load first time and sometimes take eight or nine tries before it does."

Another said: "I am having problems loading Web pages, I get the 404 [page not found] error. I have to retry five to 10 times to get some places."

Forum postings indicate the problems have been occurring for several weeks.

BigPond said it had boosted the capacity of its DNS servers to reduce the inconvenience to customers until a long-term engineering solution was developed.

It said it was encouraging customers not to "hard-code" the DNS in their network settings "so that they can be directed to an alternative BigPond DNS in the event of further problems".

The source of the difficulties raises questions as to the success of some of the measures put in place by BigPond to avoid the type of service level issues that occurred for several weeks in 2003. Then, a sudden surge of e-mail traffic -- attributed by the provider to spam and viruses -- exceeded the capacity of its systems to cope and caused extensive delays to message delivery. The carrier subsequently introduced network-based spam and virus filtering protection to complement retail offerings to its customer base. It also invested heavily in a new e-mail platform.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All