Australian ISPs To Disconnect Botnet "Zombies"

jibjibjib writes "Some of Australia's largest ISPs are preparing an industry code of conduct to identify and respond to users with botnet-infected computers. The Internet Industry Association, made up of over 200 ISPs and technology companies, is preparing the code in response to an ultimatum from the federal government. ISPs will try to contact the user, slow down their connection, and ultimately terminate the connection if the user refuses to fix the problem. It is hoped that this will reduce the growth of botnets in Australia, which had the world's third-highest rate of new 'zombies' (behind the US and China)."

P2P

[Anonymous Coward]

Will be the next "botnet" they'll fix.

Bad Precedent?

[Anonymous Coward]

I'd rather not have my ISP decide what is a "virus" or "inappropriate communications" thank you. If the users are consuming too much bandwidth then disconnect them on those grounds, but please don't set this precedent.

Free botnet removal support?

[Drethon]

Its not like everyone knows how to (and in some cases cannot afford to hire someone to) remove botnets from their machine. I hope the ISPs will provide this kind of support as part of standard service before they consider disconnecting users...

Who will fix the problem?

[ATestR]

if the user refuses to fix the problem

The users who are likely to be infected by a bot are the least likely to be able to "fix the problem".

Re:Stop tinkering with things they don't understan

[Anonymous Coward]

Quit trying to speak for the whole rest of the world. You are not qualifyied.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Privacy

[DavidTC]

Actually, it's more like your phone company disconnecting you for repeatedly making prank calls.

Which, in fact, they will.

Re:Who will fix the problem?

[MrMr]

Being unwilling to learn, or unwilling to ask someone who does know, would still qualify as refusing to fix the problem.
Here's a car analogy for you:
The users who are likely to crash by failing breaks are the least likely to be able to repair their own brakes...

Re:Stop tinkering with things they don't understan

[houstonbofh]

Seriously? This needed to be done for all countries 10 years ago.

Assuming you trust them to stop at botnets and not include p2p, vpn, uunet, private mail servers out of the country, list servers, and other legitimate traffic.

Sad, isn't it?

[bbbaldie]

Buy a computer and/or a supposedly secure operating system, and then, unless the customer proactively protects against security breaches, they won't be allowed on the internet. Pardon me, but isn't protection against security breaches the OPERATING SYSTEM'S JOB???

Re:Who will fix the problem?

[gad_zuki!]

Who cares? He owns it, its his responsibility to fix it. Pay someone if he cant figure it out and stop clicking on NAKED_PHOTOS.EXE or doesnt understand why he should be doing those Microsoft updates. Should we also coddle drivers with unsafe cars because they arent mechanics?

Its only when there's a financial incentive to keep a machine patched and thinking before clicking that people will begin doing so. Or switching to OSX or Linux. The status quo of not taking responsibility for your own computer isnt sustainable and isnt helping anyone.

Re:why not directly disconnect every Windows machi

[John Hasler]

> Of course I'm OK if that software isn't particularly Mac compatible ;)

So you wouldn't mind being required to switch to Microsoft Windows 7? Because that is what your proposal would lead to.

Re:Give a discount to those running clean systems.

[bickerdyke]

Goog Idea. But will end up with "Give discount for anyone who installs a closed-source, windows-only Punkbuster-lookalike"

so what?

[circletimessquare]

everyone talks about their rights, but few speak up about their responsibilities

if people don't live up to their responsibilities, they lose their rights. not as a matter of some government mandate, but as a simple logical, natural consequence of ruining things- the internet, safe roads, a healthy economy, etc., for other people

Re:Free botnet removal support?

[amorsen]

If they can't afford to keep their machine clean, they don't go on the Internet. Sucks to be them. They don't get to pass on the cost of their mistakes to everyone else, like they do if you just keep their connection alive.

Yes I work for an ISP. Yes that's in our terms and conditions.

Re:Open invite to hackers: Come steal our stuff!!

[imroy]

...will easily be able to trick people into giving personal information (ie account numbers, CC numbers, ect.)

I don't know why the emails would ask for personal information. I can however see this as a great opportunity for virus emails: The government has noticed your computer is infected and sending out spams. Now run this attached executable to remove it.

Criteria

[lattyware]

Botnet - Collection of computers using large amount of bandwidth.
Largest Botnet - BitTorrent
ISP - "Job's a good 'un lads, let's go home."

Re:Who will fix the problem?

[stirz]

Well, at least the intended mechanism will make sure that people notice that their PC is abused. Furthermore, it imposes pressure on people to care about some basic security measures. I think, many of them will soon take care - in whatever way. But if they refuse to realize that their data is in trouble and that they are (passively) involved in online crimes, why not shut down their net access? Someone who does not exactly know what to do will know the shop where (s)he bought the equipment or even a local shop that offers paid support - there is no excuse in that case.

I've made some similar experience on my own some years ago while living on campus connected to a network of about 1,000 machines. The admins enforced a "three strikes" directive: if someone's machine was spreading viruses via internet access or via FTP/SMB shares or misbehaved in other ways (disturbing the DHCP and break-in attempts on internal servers, mainly), (s)he got a notice in her/his (real life!) post box to stop misbehaving/to fix the computer. As I recall, the note contained a paragraph offering help in case people weren't able to cope with the problem themselves. They only had to block less that 10 Machines during the time I lived there (4 years, approx.), as people really reacted quickly and we could even observe a (small) learning curve because new inhabitants mostly were briefed by their neighbours shortly after they had moved in.

So: Go ahead, Aussie ISPs! That's definitely the way to go - and to further sysadmin appreciation, but that's a different piece of.....

Re:Sad, isn't it?

[arotenbe]

Pardon me, but isn't protection against security breaches the OPERATING SYSTEM'S JOB???

Partially, but it isn't the operating system's job to stop the user from being an idiot. If you want to run executables from suspicious websites, that's your right. And if the rest of the world wants a device to stab you in the face over the internet, that's their right, too.

yes sir mister policeman

[troll -1]

Sounds like another case of politicians regulating something they don't understand. Define botnet.

Good idea if implemented properly

[russotto]

ISPs should be disconnecting zombied machines. The catch is they need a test which catches most zombie machines while not catching any non-zombies, and most ISPs are neither competent enough nor interested enough to do so. If their procedure has systemic problems which disconnects non-zombies, then the cure is worse than the disease.

Re:Give a discount to those running clean systems.

[dc29A]

I've never heard people suggest that before, but the idea of "using open source = discount on your internet bill" is a good idea.

Do it in a very simple way: if you're not running windows or OSX, you get a 5% discount your bill. Some might differ on whether to put OSX in the "Do not run" category.

The rest is too discriminatory and too extreme.

There are people out there who are able to configure Windows to be as secure as *Nix or Mac OS. Why penalize them? Penalize the retards who run Windows/*nix/Mac OS as administrator. Penalize the retards who are infected with the botnet zombie 'du jour'. Penalize the retards who mindlessly click on every 'OMGZ YOU WIN IPOD TOUCH CLICK HERE PLZ!111!!!!!!oneoneeleventy!~one!' banners.

Re:Free botnet removal support?

[gmuslera]

Then don't disconnect zombies. Redirect any request from those IPs to a web page that explain the situation and why that computer shouldnt be in the net for their own good, and have as direct download most typical cleaning and other essential at that stage applications, and maybe listing local companies that do the cleaning if the person dont want to fresh format.

Block the abused ports first, or firewall them

[davidwr]

Don't disconnect them. First, only block the ports being abused. If that doesn't work, confine them to a "walled garden" that tells them who to call and fix the problem. Then when the do call, help them fix the problem.

Re:Who will fix the problem?

[Syberz]

OK, I just had to jump in here. I'm tired of the people who say "Switch to linux and the spam/virus/worm problem will be solved!". It wouldn't solve sh*t! The spammers and virus/worm makers would just develop for the new platform, and the only reason that Linux is so secure is that the malware devs aren't developping payloads that attack it.

Go away.....NOW!

[tacokill]

Oh god, no. This is a very very bad idea. We do not need to have our PC's "certified" by a Ministry, Department, or any 3rd party for that matter. Yes, they have done that for cars for pollution testing but it makes no sense for computers.

Do you seriously want some twithead bureaucrat telling you what a "safe" PC is and what a "dangerous" PC is?

I want you to choose a number from 1 to 60. This number represents the amount of seconds before Linux (or some other disliked-by-those-in-power application) goes onto the "dangerous" list. This number also represents how many days you have to install a properly maintained OS, such as those produced by Microsoft, onto your PC. Within 10 days, please bring us proof that you have made the correct repairs and we will waive your fine. Oh, but court costs are 200 euro. Thank you, drive through.


I am deadly serious when I say this: This is one of the all-time worst ideas I have ever read on Slashdot.