Attack of Comcast's Internet zombies
Posted by malebolgia on 25 May 2004 - 02:22 · 28 comments & 1534 views
About the Author
Full name: Unknown
Forum name:
malebolgia
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name:
malebolgiaContact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
#1 Posted by Mav Phoenix on 25 May 2004 - 03:18
- Damn, lol that's a lot of canned meat!
-
(2 replies)
#2 Posted by viserov on 25 May 2004 - 03:44
- Maybe they should do what Cox does... force you to use their SMTP servers?
-
#2.1 Posted by ThunderRiver on 25 May 2004 - 13:58
- No that's not how ISP service works. ISP allows you to use their SMTP service as long as you are within their specified IP range. Now if you want to use other SMTP, it should always be possible as long as the other SMTP server doesn't apply IP range check. Easy as that. There is no way ISP can restrict from using other SMTP. It is plain silly.
-
#2.2 Posted by YaddaMe on 25 May 2004 - 14:40
QUOTE There is no way ISP can restrict from using other SMTP. It is plain silly.
Sorry ThunderRiver, but you are incorrect here.
Consider Cox silly, as viserov is correct, Cox does NOT allow you to use any SMTP server other than their own. Well, technically, they block port 25 to other servers, so you could connect to SMTP via another port if the mail server in question accepted connections from other ports. Several hosting co's have specifically added port 26 to accept SMTP connections for ppl that use Cox as an ISP to allow them to send mail via their domain's own SMTP servers... However, if you use a port other than 25 to connect to an SMTP server you are in violation of Cox's TOS & risk your service being turned off, so it's a risky move.
This has been discussed ad nauseum around the net... again, viserov was correct, Cox forces you to use their SMTP servers.
Cox isnt the only one, as Bellsouth, Earthlink, Mindspring, Verizon, Mediaone, and MSN do as well. Expect Comcast to follow.
Last edited by 10547 on 25 May 2004 - 15:18
-
#3 Posted by incubusdaemon on 25 May 2004 - 03:51
- there is a very good discussion of the issue on slashdot right now
-
#4 Posted by DsnBehind on 25 May 2004 - 04:09
- Oh we're not spammers. Only the dumbasses.
-
#5 Posted by FuhrerDarqueSyde on 25 May 2004 - 04:09
- though it may be a 'privacy concern' perhaps they should check for smtp headers in packets and block them. So they cant change the ports and webmail will still work(allow smtp if sent to their servers).
-
#6 Posted by qoa on 25 May 2004 - 06:44
- Maybe that's the reason my connection is dog crap slow. After the "upgrade to service" I actually started getting less bandwidth than I had before.
-
(2 replies)
#7 Posted by MoRiA on 25 May 2004 - 07:03
- They should give you an option somewhere:
"Are you running a personal mail server?"
If you answer yes then port 25 is unblocked, if you answer no then port 25 is blocked to all but their own SMTP servers.
If all ISPs implemented a system like this then these zombie machines would be useless...
Here's to hoping XP SP2 will sort a few home users out with things like this...
-
#7.1 Posted by Jon on 25 May 2004 - 08:56
- Yes, it comes down to appropriate SLAs for users. One for home users, one for home businesses, one for enthusiasts (the latter maybe allowing port25 incoming but not outgoing, so hosting an MX for a personal domain is possible in a receiving capacity).
-
(2 replies)
#8 Posted by beardedwonder on 25 May 2004 - 10:05
- Now if there were less stupid people that didn't open up unknown attachments....
-
#8.1 Posted by darksoul on 25 May 2004 - 12:41
- Now if there were less stupid people that create these virii....
the fact is there will always be people who open all attachments and just don't understand why they shouldn't. It is time to accept that and find a solution that resolves the solution at a different level, like forcing customers to use there SMPT servers and limiting email to x number a day without prior approval. -
#8.2 Posted by markjensen on 25 May 2004 - 13:08
QUOTE (#8.1) It is time to accept that and find a solution that resolves the solution at a different level, like forcing customers to use there SMPT servers and limiting email to x number a day without prior approval.
I much prefer Microsoft's "sandbox" concept, or the *nix "attachments are not executeable" and "actions have limited permissions".
Don't restrict the user. Restrict the attachments.
-
#9 Posted by garymill234 on 25 May 2004 - 13:16
- I myself use comcast, and though their service is expensive, they now offer better than 3mb per second connections.
-
#10 Posted by IGx89 on 25 May 2004 - 13:31
- lol, this is funny: Comcast outlaws running "servers" on any of their connections, yet a large percentage of their users are doing just that, albeit not purposely .
-
(1 reply)
#11 Posted by dougkinzinger on 25 May 2004 - 13:47
- For the last two months, I have gotten about 750-900 spam messages a day sent to the Undeliverable admin inbox at a client. Checking the logs indicates that about 80% of them are from ComCast.
Here I thought I was the only one.... -
#11.1 Posted by ThunderRiver on 25 May 2004 - 14:00
- Sadly I use Comcast, but they never assigned me an email account, so I still use my college account. Nonetheless, I receive about 20 junkie a day, and none of them come from Comcast. In fact, most of them comes from Asia or Europe. Weird stuff.
-
(3 replies)
#12 Posted by Gary_Player on 25 May 2004 - 15:32
- You have to take tests before you can get into schools or get government jobs, they should add a test before you can breed and a test before you can own a computer...otherwise the computer pwns you
-
#12.1 Posted by markjensen on 25 May 2004 - 15:40
- The test would be pretty simple...
Can you run Windows Update regularly?
-
#12.2 Posted by Grappa on 25 May 2004 - 15:42
- Agreed! A basic test before you can use the Internet. One of the questions could be:
You've just received an e-mail from someone you don't know. The Subject line reads 'Important info about your account!'
Do you
a) open the e-mail
b) forward the e-mail to your friend, who doesn't know any more about computers than you do, hoping that he/she has some idea what to do
c) delete the e-mail without opening it
d) call your ISP and badger their helpdesk about the e-mail
-
#13 Posted by neomilan on 25 May 2004 - 19:33
- that pic of spam makes me hungry
-
#14 Posted by dotRoot on 25 May 2004 - 23:00
- Its been pretty well known that ComCast has been an "Infected Host". At least that's the case in some of the big channels I've admined for on IRC. Also ComCast's bandwidth sucks from what I wouldn't put it passed them lying about it and that "3 mb/s" is shared between a couple local connections. Also ComCast is also known for trojan/port scanning and open wingates/proxies. I'd never use them, they don't even seem to a gateway server set up to monitor suspicious things such as these.
-
(3 replies)
#15 Posted by Bwizzel-B on 26 May 2004 - 00:11
- Non business DSL and cable accounts have no business running mail servers or connecting to nonencrypted, non provider SMTP servers (IE most people that have access to work mail servers from home use VPN connections).
I say, force them all to connect only to their providers SMTP server. Screw the 2% who feel they have the right to do whatever they want- here's a news tip- you don't. You'll get whatever your ISP says you can have access to through *their* network, and that's it.
I always laugh my butt off when I see people comment like "I have the right to do this with my Net connection, or that, or.....". STFU already. You have no rights, you have privileges, privileges that can be taken away any time your provider chooses to do so.
ISP's have always had the full legal authority to do whatever they deem necessary to prevent crap like this, and now it's time for ALL ISP's to step up to the plate and take responsibility for the traffic coming over the wire from their networks.
Comcast should be counting their lucky stars that nobody is suing them over someone admitting that they knew about it and did nothing.
-
#15.1 Posted by Jon on 26 May 2004 - 10:51
- Exactly. The smart people have been saying this for ages now, but no one seems to have the balls to implement it. Shame!
-
#15.2 Posted by dms350 on 26 May 2004 - 15:56
- With your "Force them to..." and "Screw them" and "You have no rights" BS, you would make an excellent dictator for a communist nation. Please go start your own. Freak.
-
#15.3 Posted by GuardianAtomos on 26 May 2004 - 15:57
- I agree with Bwizzel-B: the day you create your own Internet with your own hardware is the day you can bash your ISP...now, on the flipside, it IS an ISP's obligation to provide decent service that isn't monopolized -- which is what a WHOLE bunch of ISPs do. I have Cox where I live, and I like it a lot...speeds are decent, and they have good service. But, overall, I believe that most ISPs do a good job with providing high speed service given the limitations and security risks that they have to deal with. ... my first post. Hope I don't get blasted!
Now someone from Comcast is confirming it. "We're the biggest spammer on the Internet," network engineer Sean Lutner said at a meeting of an antispam working group in Washington, D.C., last week. Lutner said Comcast users send out about 800 million messages a day, but a mere 100 million flow through the company's official servers. Almost all of the remaining 700 million represent spam erupting from so-called zombie computers--a breathtaking figure that adds up to six or seven spam-o-grams for each American family every day.
Zombie computers arise when spammers seize on bugs in Microsoft Windows--or from naive users who click on attachments--to take over PCs and transform them into spambots. No hard numbers exist, but some estimates say that about one-third of spam comes from zombie computers with broadband connections. The owners of the zombie PCs typically don't even notice what's happening. Because home computers are more likely to be infected than business PCs, and because Comcast has about 6 million high-speed customers, it may have been inevitable that the cable provider became a haven for remote-controlled zombies that churn out junk e-mail.
The Benefits
-As a Related Community, your site or service will receive contextually relevant placement (a link and description) on the No. 1 corporate site and fourth largest Web site on the planet (according to Jupiter Media Metrics, 2003).
-You will have the opportunity to engage with a Microsoft Community Lead. A community lead is your personal, direct contact with Microsoft who can help you find answers to difficult questions, learn about upcoming events, and gain more insight into the product life cycle.
-You have the opportunity to include the Microsoft® Related Community logo on your community site or service.
-Your community site has the potential to be promoted to a Featured Community, receiving elevated exposure across Microsoft Web sites with your community site logo, link, and description. This is a great way to bring new traffic to your community site or service.
To Qualify
This program is open to contextually relevant community Web sites that meet all of the following base-level participation guidelines*:
-Predominantly devoted to peer-to-peer community features. Example: Newsgroups, discussion boards, chats, blogs, etc.
-Supports Microsoft products and/or services and technologies
Provides a visible reciprocal link back to the contextually relevant Microsoft community site home page
* If at any time your site does not meet all of these requirements, it may be pulled from the program. Microsoft will not include links to sites with inappropriate language, nudity/sexual content, violence, gambling/drugs/alcohol, etc.