Comcast cutting off spam 'zombies'

Found on Info World on Tuesday, 09 March 2004

Internet service provider Comcast Corp. is cutting off Internet service for some customers whose computers are being used to relay spam messages, according to a company spokeswoman.

"Comcast is one of the favored networks of spammers, because Comcast customers have a lot of bandwidth and are usually not secured against common (software) vulnerabilities," Ullrich said.

At the same time, Senderbase records show what appear to be the Internet Protocol addresses of more than 40 Comcast customers who have sent out more than 100,000 e-mail messages a day, with many sending close to 1 million daily e-mail messages. ( http://www.senderbase.org/?searchString=comcast.net&searchBy=domain.)

Ullrich said the Internet Storm Center tells Comcast when it finds infected hosts by sending a message to a Comcast e-mail address set up to receive complaints about abuse. Typically the company does not respond directly to such reports, but it has moved to shut down infected hosts after receiving complaints, he said.

If users don't care about the security of their systems, then ISP's will. Perhaps cutting users off completely is too drastic, since it also makes it impossible to download the latest virus patterns, malware scanners and updates. Block outgoing connections to all ports, except 80/http and 110/pop3 so they can email users to update their machine.

Browse all articles« Previous « » Next »