Qwest Employs New Malware Security Infected broadband customers to be alerted of infection... Tuesday Oct 02 2007 16:50 EDT Qwest today announced that they've launched a new program designed to limit the spread of trojans and malware by notifying potentially infected broadband customers. Many ISPs have been doing nothing about infected systems on their networks, finding it's easier to swallow the cost of bandwidth they consume (as DDoS participants or spam relays) than to talk grandma through the PC cleaning process. "Most people don't even know when their computers become infected, so Qwest's goal is not only to help customers get rid of the infections, but also to make sure customers are armed with information to maintain strong levels of Internet security going forward," says Qwest's chief security officer Melodi Gates. From the company's press release: quote: The QwestŪ Customer Internet Protection Program (CIPP) notifies Qwest Broadband customers about viruses and malware that may be on their computers, informs them of safe Internet security practices and helps them clean viruses and malware from their computers. The CIPP is part of Qwest's ongoing commitment to make the Internet safer for customers and is available to residential and small-business Qwest Broadband ADSL(1) customers at no additional charge.
It's not clear if the system traps users in a security "walled garden" until they clean up, like successful systems deployed by companies like Cox do (more here). We requested more details this morning, but have yet to get a response. Can any Qwest employees offer additional technical specifics? |
81399672 (banned) join:2006-05-17 Los Angeles, CA |
81399672 (banned)
Member
2007-Oct-2 4:54 pm
They will lose customers soonQwest will soon learn that they will lose customers if they do anything beyond "notifying" customers of possible problem. Not only is that privacy concern, that isp is watching what users are sending but also bad pr when you trap users till they fix the computer to your standard | |
| | FFH5 Premium Member join:2002-03-03 Tavistock NJ |
FFH5
Premium Member
2007-Oct-2 4:57 pm
Re: They will lose customers soonsaid by 81399672:Qwest will soon learn that they will lose customers if they do anything beyond "notifying" customers of possible problem. Not only is that privacy concern, that isp is watching what users are sending but also bad pr when you trap users till they fix the computer to your standard I see you support anarchy instead of common sense. | |
| | | 81399672 (banned) join:2006-05-17 Los Angeles, CA |
81399672 (banned)
Member
2007-Oct-2 5:24 pm
Re: They will lose customers soonsaid by FFH5:said by 81399672:Qwest will soon learn that they will lose customers if they do anything beyond "notifying" customers of possible problem. Not only is that privacy concern, that isp is watching what users are sending but also bad pr when you trap users till they fix the computer to your standard I see you support anarchy instead of common sense. If i pay for service, i want to get that service. ISP are entering dangerous water when they start "monitoring" what their users are doing. Unless Qwest are the only ones in the market, people will jsut tell them goodbye and switch to other providers. Most people will not care why they can't surf the net, all they will care is that they can't surf the net. If that to happen they will not pay for service that they can't use | |
| | | | S_engineer Premium Member join:2007-05-16 Chicago, IL |
Re: They will lose customers soonYou'r both right..... it sets bad precedent, however most people don't want to get smartsearch just because they inadvertently click on a link! | |
| | | | | NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR
1 recommendation |
NOYB
Premium Member
2007-Oct-2 7:45 pm
Re: They will lose customers soonNo they're not both right. 'Worldvision' is dead wrong. PERIOD! | |
|
| | | NOYB 1 edit
1 recommendation |
to 81399672
said by 81399672:If i pay for service, i want to get that service. What service did you pay for? Did you pay for bot net member service so your computer(s) can be permitted to maliciously attack other peoples computer(s)? I pay for using driving on the roads, but I still have to obey the laws of the road. It is not an anything goes free for all. | |
| | | |
1 recommendation |
Hehe to 81399672
Anon
2007-Oct-2 7:57 pm
to 81399672
I guess if your house is on fire I should not tell you! | |
| | | | KrKHeavy Artillery For The Little Guy Premium Member join:2000-01-17 Tulsa, OK |
to 81399672
They don't have to monitor anything. The infected machine is transmitting and making itself obvious as a radio beacon.
You don't have to monitor your users. You need to just pick up their signals when they are blasting your network. | |
| | | | |
to 81399672
said by 81399672:said by FFH5:said by 81399672:Qwest will soon learn that they will lose customers if they do anything beyond "notifying" customers of possible problem. Not only is that privacy concern, that isp is watching what users are sending but also bad pr when you trap users till they fix the computer to your standard I see you support anarchy instead of common sense. If i pay for service, i want to get that service. ISP are entering dangerous water when they start "monitoring" what their users are doing. Unless Qwest are the only ones in the market, people will jsut tell them goodbye and switch to other providers. Most people will not care why they can't surf the net, all they will care is that they can't surf the net. If that to happen they will not pay for service that they can't use So, because you pay for the service, it's ok for your infected computer to waste their bandwidth for malicious purposes? If you keep your system clean, like you should, you shouldn't have any problems. So what's the big deal? | |
| | | | | 81399672 (banned) join:2006-05-17 Los Angeles, CA |
81399672 (banned)
Member
2007-Oct-2 10:21 pm
Re: They will lose customers soonsaid by ydoucare:So, because you pay for the service, it's ok for your infected computer to waste their bandwidth for malicious purposes? If you keep your system clean, like you should, you shouldn't have any problems. So what's the big deal? Isp violating my privacy but seeing what is coming out of my computer. Most ips do not monitor virusses, spywares. So what do u think most people will do? That is right switch to another isp and continue on surfing the net | |
| | | | | | NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2007-Oct-3 12:48 am
Re: They will lose customers soonEvery web site you visit sees what comes out of your computer. And many routers along the way. If ISP sets up a few "dummy" systems that log access and your system accesses them, either by bot or by you. It is not a violation of your privacy. Get a clue or shut up and stop fear mongering about something you obviously know nothing. | |
| | | | | | Jafo232You Can't Spell Democrat Without Rat. Premium Member join:2002-10-17 Boonville, NY |
to 81399672
said by 81399672:Isp violating my privacy but seeing what is coming out of my computer. Most ips do not monitor virusses, spywares. So what do u think most people will do? That is right switch to another isp and continue on surfing the net I hate to tell you this, but your every move is logged by your ISP, in fact, I believe regulation demands it. Your information is already there. Chances are, your TOS with your ISP allows this. 98% of those on the Net have no idea how to safely run their PC without it getting infected, and out of those, 99% would never know about the infection unless told. I'm sorry, but if your walking around in public with puss filled sores, delirious, with your skin turning pink, covered with a rash, I think the public has a right to quarantine you for smallpox.. No difference with electronic infections.. | |
| | | | | | | 81399672 (banned) join:2006-05-17 Los Angeles, CA |
81399672 (banned)
Member
2007-Oct-3 1:16 pm
Re: They will lose customers soonsaid by Jafo232:said by 81399672:Isp violating my privacy but seeing what is coming out of my computer. Most ips do not monitor virusses, spywares. So what do u think most people will do? That is right switch to another isp and continue on surfing the net I hate to tell you this, but your every move is logged by your ISP, in fact, I believe regulation demands it. Your information is already there. Chances are, your TOS with your ISP allows this. 98% of those on the Net have no idea how to safely run their PC without it getting infected, and out of those, 99% would never know about the infection unless told. I'm sorry, but if your walking around in public with puss filled sores, delirious, with your skin turning pink, covered with a rash, I think the public has a right to quarantine you for smallpox.. No difference with electronic infections.. You must be living outside us as i don't know of any regulation that requires ips to collect data on you. My isp is not collecting data, they have specifically stated that in the forum after at&t said they will | |
| | | | | | | | NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2007-Oct-3 1:35 pm
Re: They will lose customers soonsaid by 81399672:My isp is not collecting data, they have specifically stated that in the forum after at&t said they will Your ISP lied. You better go switch to another. Hey a technician was just running a network sniffer in the data center at your ISP while troubleshooting packet storm caused by a few thousand bots, and guess what, she captured some packets of that porn site you just visited. You probably should go switch to a different ISP right now so this does not happen again. | |
| | | | | | | | Jafo232You Can't Spell Democrat Without Rat. Premium Member join:2002-10-17 Boonville, NY |
to 81399672
said by 81399672:You must be living outside us as i don't know of any regulation that requires ips to collect data on you. My isp is not collecting data, they have specifically stated that in the forum after at&t said they will Inside the US.. See this: » www.news.com/My-brief-ca ··· 267.html» www.news.com/Your-ISP-as ··· 649.htmlBesides, ALL ISP's use logging just to protect themselves legally, and to protect their network. Seriously, if you don't understand that, you haven't a clue. And your ISP's AUP clearly states: quote: Using the Services for any activity which adversely affects the ability of other people or systems to use DSLExtremes services or the Internet. This includes "denial of service" (DoS) attacks against another network host or individual user. Interference with or disruption of other network users, network services or network equipment is prohibited. It is the customers responsibility to ensure that their network is configured in a secure manner. A customer may not, through action or inaction, allow others to use their network for illegal or inappropriate actions. A customer may not permit their network, through action or inaction, to be configured in such a way that gives a third party the capability to use their network in an illegal or inappropriate manner.
» www.dslextreme.com/aup.php | |
|
| | | | | 1 edit |
to 81399672
said by 81399672:said by ydoucare:So, because you pay for the service, it's ok for your infected computer to waste their bandwidth for malicious purposes? If you keep your system clean, like you should, you shouldn't have any problems. So what's the big deal? Isp violating my privacy but seeing what is coming out of my computer. Most ips do not monitor virusses, spywares. So what do u think most people will do? That is right switch to another isp and continue on surfing the net lol, they're not sitting there in cubicles personally monitoring your traffic. This would obviously be an automated system that would only pick up malicious traffic, which is the entire purpose of the thing. I have to laugh at people who think everyone is out to get them. Seriously, think about it for 5 minutes. Personally, i'd rather be with an ISP that is at least taking a proactive approach at keeping their network clean, while also helping educate the person harboring the infected machine. | |
|
| | | NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR 3 edits |
to 81399672
said by 81399672:If i pay for service, i want to get that service. ... Unless Qwest are the only ones in the market, people will jsut tell them goodbye and switch to other providers. Most people will not care why they can't surf the net, all they will care is that they can't surf the net. If that to happen they will not pay for service that they can't use Good move to the competitor's service. Just another bot no longer on the Qwest network, making the Qwest service that much better. It will serve to further isolate the bot net infected machines at a few don't care ISPs, making it that much easier to block them (just block the entire ISP). Also the bot net machines can then all have at attacking each other unimpeded. When word gets around that ISP xyz is full of bots and they don't care no one will want their service. | |
|
| | |
to FFH5
said by FFH5 I see you support anarchy instead of common sense. [/BQUOTE :Common sense would to not use Windows. If you have platform x which is a cesspool for this junk and platforms y and z that are almost immune to it, you'd be a fool to stay on platform x. | |
|
| braynes Premium Member join:2005-03-14 Waterville, ME |
to 81399672
We can hope. Bruce | |
| | gaforces (banned)United We Stand, Divided We Fall join:2002-04-07 Santa Cruz, CA
2 recommendations |
to 81399672
said by 81399672:Qwest will soon learn that they will lose customers if they do anything beyond "notifying" customers of possible problem. Not only is that privacy concern, that isp is watching what users are sending but also bad pr when you trap users till they fix the computer to your standard It's not a privacy concern to monitor for traffic that degrades the network, or for otherwise illegal and harmful acvtivity. Isolating the problems should be sop for a network admin. Id think it would be good publicity to see an isp that takes care of its network and customers. Offering education and help in the form of tech support is a good thing. Its rediculous to consider that they would get bad pr for having a standard that doesnt allow worm infected pcs to send spam, ddos networks, and other worse things. Qwest is setting a good example of what ISPs should be doing to help the botnet problem. | |
| | | NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2007-Oct-2 7:48 pm
Re: They will lose customers soonsaid by gaforces:It's not a privacy concern to monitor for traffic that degrades the network, or for otherwise illegal and harmful acvtivity. Isolating the problems should be sop for a network admin. Id think it would be good publicity to see an isp that takes care of its network and customers. Offering education and help in the form of tech support is a good thing. Its rediculous to consider that they would get bad pr for having a standard that doesnt allow worm infected pcs to send spam, ddos networks, and other worse things. Qwest is setting a good example of what ISPs should be doing to help the botnet problem. Ditto that to the Nth degree. | |
|
| KrKHeavy Artillery For The Little Guy Premium Member join:2000-01-17 Tulsa, OK |
to 81399672
Personally, if I had some noob on my network spewing spam, viruses, and scanning for vulnerabilities, I'd want them to fix it.... and if they didn't... well, See ya.... wouldn't wanna be ya.
Won't fix it? Well then, too bad. | |
|
FFH5 Premium Member join:2002-03-03 Tavistock NJ
1 recommendation |
FFH5
Premium Member
2007-Oct-2 4:56 pm
All ISPs should wall off infected machines & assist cleanupIt is in their own interest to do so and it also will help drastically cut down on botnets controlled by criminals. I hope this is something the other major ISPs do as well. | |
| | braynes Premium Member join:2005-03-14 Waterville, ME |
braynes
Premium Member
2007-Oct-2 5:23 pm
Re: All ISPs should wall off infected machines & assist cleanup"It is in their own interest" That and that alone will be the reason not the crap about they care etc., But why am I answering you anyway, your reply speak for themself. Bruce | |
| | | Andyg1Will Work For Bandwidth join:2001-12-23 New Rochelle, NY |
Andyg1
Member
2007-Oct-2 5:39 pm
Re: All ISPs should wall off infected machines & assist cleanupWhy did I listen to my friend about this stock 2 years ago??? He was wrong when he introduced me to my X why did I think he was gonna be right this time!!! | |
| | | | ewth8tr Premium Member join:2005-04-03 Salt Lake City, UT |
ewth8tr
Premium Member
2007-Oct-3 8:30 am
Re: All ISPs should wall off infected machines & assist cleanupsaid by Andyg1:Why did I listen to my friend about this stock 2 years ago??? He was wrong when he introduced me to my X why did I think he was gonna be right this time!!! LOL, that is the funniest thing I have ever read on this site, and that is saying a lot I am guessing you are either lying about buying the stock , or have never checked the stock prices. In October 2005, the low for Qwest stock was $3.92. It closed last night at $9.18........ » finance.yahoo.com/q/hp?s ··· 2007&g=m | |
|
| | |
to braynes
A few wireless ISP do that -- like Tiamet Communication in Virginia. The innovative ones get it | |
|
| 81399672 (banned) join:2006-05-17 Los Angeles, CA |
to FFH5
said by FFH5:It is in their own interest to do so and it also will help drastically cut down on botnets controlled by criminals. I hope this is something the other major ISPs do as well. You know that is not going to happen, most ips will not follow them. You can dream but likely that is all it will be a dream. It cops ISP more in business to get custgomers to clean up then to ignore the problem | |
| | | TransmasterDon't Blame Me I Voted For Bill and Opus join:2001-06-20 Cheyenne, WY 1 edit
1 recommendation |
Can't have it both waysIn the years I have been posting on BBR over and over again I have read people bitching about the ISP's failing do anything about Botnets, Zombies, and what not. Now that Qwest is going just that you are bitching about an ISP doing something about it. So what do you want? It is very unlikely I will ever get high jacked but if it does happen I sure would like to know about it so I can fix it. More importantly it will notify people who don't have a clue about this sort of thing. The fact Qwest will help such users clean up their computers is great. I really don't see the problem here. | |
| | | | 81399672 (banned) join:2006-05-17 Los Angeles, CA |
81399672 (banned)
Member
2007-Oct-2 6:12 pm
Re: Can't have it both wayssaid by Transmaster:In the years I have been posting on BBR over and over again I have read people bitching about the ISP's failing do anything about Botnets, Zombies, and what not. Now that Qwest is going just that you are bitching about an ISP doing something about it. So what do you want? It is very unlikely I will ever get high jacked but if it does happen I sure would like to know about it so I can fix it. More importantly if will notify people who don't have a clue about this sort of thing. The fact Qwest will help such users clean up their computers is great. I really don't see the problem here. If person is computer knowledgible then they would love to know about it. If all they using computer is to surf and check their email, they will not care and will not bother cleaning up. They will tell isp to mind own business and will cancel service, and switch ( assuming they have service to switch to). The people that bitch about the botnetz and zombies and knowledgible who are tired of getting "attacked". If qwest want to satisfy those users, that is fine but it likely will be at cost of them losing less experience users who really "need help" | |
| | | | | MeKuN join:2004-07-21 Eugene, OR
1 recommendation |
MeKuN
Member
2007-Oct-2 7:33 pm
Re: Can't have it both waysPeople that are knowledgeable will like this? People that are knowledgeable dont let there system or systems be part of a bot net to begin with. Its the people with no knowledge who are infected with some trojan, the same people who never update there AV program. Dont tell me this is good for me thx.
Gee and i wondered why my connection slows down everyday at the same time, na quest isnt doing anything. Why do i have to get the news here instead of from them. | |
|
|
no_one
Anon
2007-Oct-2 5:49 pm
Qwest does not block portsQwest does not block any ports. Now if they do monitor any traffic they would probably just monitor the major security risk ports. Most of those ports are not usually connected to the net and if so not used to a significant degree. I think monitoring for infected computers would be easy enough. Think mynetwatchman etc. Probably would not even have to capture the traffic just know a computer is talking on bad port etc. every second or more. Then ask the user if they know what is going on. If yes fine, if no well maybe they should find out. Still Qwest does not block any ports. If they start a little monitoring instead I may have to say ok. I again doubt if they have to capture the traffic just know x port that is a known malicious port is talking way too much. Just by looking at my incoming logs I see there is a very strong likely hood of many infected computers In Phoenix on VDSL. | |
| NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR 4 edits |
NOYB
Premium Member
2007-Oct-2 6:36 pm
Know Before You Speak A few points for those of you who think this requires monitoring what the customer is doing.
1) Stop Being a SPAMer, or at least SPAMer friendly 2) Stop talking until you know what youre talking about. It just amounts to fear mongering. 3) This does not require monitoring of customer activity.
Did you know if your vehicle does not meet certain safety requirements it is illegal to drive it on the roads? And if you do and get in an accident you can be held liable and negligent. Should be same for computers. If your computer is creating a safety hazard for others it should not be permitted on the information highway (internet).
Did you know it is illegal to ATTEMPT to burglarize or rob people. That is exactly what many of these bot net controlled systems are doing.
Did you know if you know of such illegal actions and you do nothing you may be an accomplice. ISP have ability to detect and wall off these bots with very low overhead (can easily be automated). And since they know they exist, and in fairly significant quantities, not doing so amounts to being an accomplice to an attempted crime.
If they (ISP) knowingly permit use of their private network for illegal activity and do not take reasonable action to prohibit such activity they can and should be held liable as an accomplice (it is their private network under their direct control and responsibility).
It is very easy to detect these infected systems, and without infringing on the privacy of customers. Just look at your own NAT/Router/Gateway log. You can see and detect them very easily. All an ISP has to do is set up a few dummy systems to log such attempted accesses and use an algorithm to weed out the ordinary inadvertent access attempts from the bots.
I am sure there are even more effective means, but this is just to illustrate the point that 'spying' on the customer is not required. Those such arguments are probably put forth by SPAMers and/or BOT NET operators engaging in fear mongering to protect their illegal operations.
I for one would like to see the rest of the ISP's follow suite. Especially the big cable and telecom operators. You know who you are Comcast and Verizon. How about it, can you match the challenge?
| |
| | |
Re: Know Before You SpeakMy only reservation is that these are the same people who when I called in to advise them that a workman with a trencher had severed their cable, advised me to reboot my pc.
Simply put, I deeply mistrust the technical abilities of any isp, and I don't want my service impacted because some junior tech somewhere thinks that he knows normal activity from my network better than I do.
It's a good idea in theory, but I suspect that it will fail miserably due to poor execution. | |
|
| |
|
|