Zombie Report By ISP 260
twitter writes "Information Week has a summary of a report by Prolexic detailing Zombie activity by ISP, country and population statistics. AOL, the largest provider, had the most zombies but lower rates than others. Fourth largest Earthlink was not in the top 20. The information is gathered from hundreds of customer sites." From the article: "Weinstein went on to say that Prolexic's numbers were actually good news for AOL. 'It's a demonstration that the tools we provide are keeping members safe. Our very aggressive actions -- we provide anti-virus, anti-spyware, and firewall services to our users -- make them measurably safer than those on other ISPs.'"
Turn turn turn ... (Score:5, Insightful)
They are basing that on 21.7 million total subscribers. I wonder what their rate would be if they only counted broadband subscribers?
Re:Turn turn turn ... (Score:4, Insightful)
Re:Still the worst offender (Score:4, Insightful)
A solution (Score:5, Insightful)
No amount of firewalls, switching to Mac or Linux, or anything else will stop people from having their computers taken over at the end of the day. Stupid users will always find a way to get infected dispite the best protection available.
Operating a computer should be like operating heavy machinary. You need to pass a test that says you're qualified to do it. Don't want to take the time to learn how to properly use a computer and avoid being just another zombie PC sending me emails about lowering my car payments or free nude pics of celebrities? Then don't use a computer at all.
If you think this is a little irrational, just remember that the financial damages caused by computer viruses are probably in the billions of dollars every year. Imagine how much trouble could be prevented.
Re:Good! (Score:4, Insightful)
So, let's summarize. If you live in the Philadelphia area, then you're stuck with the monopoly broadband company, and the commensurate extortionate prices, wretched customer service, frequent service interruptions...and now this.
I really loathe Comcast. And you just know there's no way they're going to clean up their act. Why would they? Where's the incentive or threat?
Re:Turn turn turn ... (Score:3, Insightful)
Re:Still the worst offender (Score:5, Insightful)
If eBay, playboy.com and espn.com blocked AOL users until AOL got rid of their zombies AOL would make absolute certain that the problem would be solved within 48 hours.
Re:Turn turn turn ... (Score:2, Insightful)
Re:Good! (Score:5, Insightful)
They're the 'cheap' local providers, not the 'evil' big boys like AOL, so they're what your grandmother will subscribe to when your idiot nephew convinces her she needs an 'Always On' connection to listen to NPR or check her email every five minutes.
Yeah, this *looks* like it's just the industry's problem, but it's not. It's mine and yours. Every time you or I answer 'Well, I need a computer and a cable modem to check my email, right?' with just a 'yeah sure', we're adding to it.
Go buy Grandma that $39.99 firewall from Best Buy, configure it for her, and tell her that she doesn't need to worry about it. It's like the extra deadbolt on her front door. It helps keeps the bad-guys out.
Re:Turn turn turn ... (Score:3, Insightful)
A person who's running AOL on another ISP's network and using the AOL client as a simple TCP app wouldn't (and shouldn't) be considered an AOL zombie for this study, otherwise the zombie would be counted twice.
Stupid AOL (Score:4, Insightful)
But according to the post, Earthlink (the fourth largest provider) wasn't even in the top 20, implying that their zombie percentage is far lower than AOL's.
Re:A solution (Score:4, Insightful)
Operating a computer should be like operating heavy machinary. You need to pass a test that says you're qualified to do it.
You need to pass a test because lives are at risk, not bandwidth. Realistically their should be some basic instruction, hopefully provided in schools, but at that same time most computers should be much, much, much, much, much harder to remotely take over and turn into a zombie. Windows is the worst of the bunch, but pretty much all OSs could be a lot easier to use securely. I imagine they would be too, except for the fact that since MS gained their monopoly, innovation has slowed to a crawl. I want default sandboxes for new applications, services off by default, and easy built in standards compliant encryption and authentication schemes.
I agree that there will always be really stupid users that will get their machines taken over and agree to the most ridiculous risks to see the little bunny cartoon, but at least make the user click a button that says "Let this program do anything it wants to my computer" right next to the "run it in a sandbox and give it no access to the internet or my files" button.
Comment removed (Score:3, Insightful)
Re:The fundamental zombie problem (Score:3, Insightful)
If you're upset about end-users ruining your ability to download new packages for your "boxen," then offer to help instead of bitching them out on Slashdot.
Re:Good! (Score:2, Insightful)
Re:Turn turn turn ... (Score:2, Insightful)
AOL is on crack. Here's why. (Score:4, Insightful)
Picture that you're a script-kiddie botnet owner looking for more zombie systems. You have a program that someone provided to you that scans netblocks for systems vulnerable to hundreds of various buffer overflow attacks. You get to pick what netblocks the scanner runs on.
Which would you pick:
1. AOL dialup netblocks, where the user's average 48 K/bps connection takes an average of 1 minute to scan and provides you with a wimpy 48 K/bps of DDoS power
2. Comcast Cable Modem netblocks, where the user's average 384 K/bps upstream bandwidth takes an average of 6 seconds to scan and provides you with a beefy 4,000 K/bps downstream DDoS power.
The numbers quoted above should be accurate enough to get the point. AOL hosts take far longer to compromise and provide far less "bang for the buck". No wonder they're compromised a smaller percentage of time.
You gotta be kidding (Score:5, Insightful)
Except that it wasn't just an appliance, was it? It was a bug ridden piece of manure that was delivered with known defects, to people who by and large don't have the wherewithal to work around those defects.
This is Microsoft's fault, plainly. Not the poor bastards who were taken in.
Punishing the victim (Score:1, Insightful)
It's like saying that everyone has to be a CPA, otherwise they could be the victim of fraud and use valuable police and bank resources.
We have to punish the criminals, not the victims.
Re:AOL is on crack. Here's why. (Score:3, Insightful)
Remember: most zombies involved in a DDoS attack are simply opening a connection, sending a malformed request then closing the connection. They aren't playing FPS games or downloading porn, so high bandwidth isn't really required. What is required is a vast diversity in IP address so that the firewall and server are overwhelmed trying to process every incoming request.
Re:The fundamental zombie problem (Score:4, Insightful)
Not meaning to sound flippant, but you're giving them too much credit.
For most people, that their computer might be part of a world-wide network of zombie slaves to an international cybermob is just not within their ability to fathom.
So no, they don't care, but it's on the level of caring that their Chinese-made desk lamp was made by people who can't read about democracy on MSN. That's not quite it, but the point is it's simply not part of their world.
People call me to fix their "broken" computers. When I remove the viruses and other crap and explain the problem, they *always* express outrage that someone would do that to innocent little them.
Until then they don't care because they don't understand. Anyone who does understand feels violated and tries to do something about it.
Re:Turn turn turn ... (Score:2, Insightful)
Re:Turn turn turn ... (Score:4, Insightful)
Firewalling is not the answer. (Score:3, Insightful)
See, the point of being connected to the internet is to get email and access external resources. If you visit a web site that exploits your buggy browser, your firewall won't help you. If you click on an email that exploits your buggy mail client, your firewall won't help you.
The primary means of infection for the most prevalent malwares is email. Firewalls don't prevent you from receiving email.
That being said, you still should have a firewall. But keeping your OS and apps patched is even more important.
Even patching+firewalling won't save you if you are stupid enough to run binaries from untrusted sources. A virus checker can help out with that, but it won't save you from brand-new virii.