Getting tough with Trojans
In a unique move, Australian ISP, Telstra BigPond, is temporarily disconnecting
compromised computers from its network to stem a tide of malware swamping its
servers and delaying e-mail and Web site requests.
According to the ISP, the number of bogus requests to its DNS had on occasion
reached a level where some customers reported slow responses to legitimate requests
for Web sites or e-mail. Ongoing investigations identified Trojan-infected customer
PCs as the likely source of the false DNS requests.
BigPond had boosted the capacity of its DNS servers to reduce
the inconvenience to customers until a long-term engineering solution was developed.
The company was encouraging customers not to 'hard-code' DNS addresses in their
network settings so that users can be directed to an alternative BigPond DNS
server in case of further problems cropping up.