Rogers is making very lame attempts to handle zombied PC's and not directly doing anything about the actual PROBLEM in the first place, as seen in another thread here ... they have now set a 125 email a day limit for home users. Last week it was to not allow external SMTP server access (at least on port 25). Next week will it be no web access without using one of their proxy servers?
The big problem here it seems they are trying to combat is zombied PC's that spammers are using as gateways to send junk mail, and instead of suspending accounts for the infected machines until they can get their act together they just allow the zombied machines free roam of the network and instead limit _everyone_ . Also of note this doesn't help out in any way all the zombied machines that are warez software dumps/ftp servers, eggdropped machines used in DDoS attacks, or machines that are just infected and bent on infecting other machines on their WAN. In the grand scheme of things these last mentioned problems are more of a problem for most users than spam.
Lastly, Rogers has recently 'crippled' their network/internet access by putting into place a whole bunch of port filtering, network wide. This caused me problems already in that I regularly, as part of security audit's run port scanning on my own servers, to make sure nothing is open that should be, etc. I also do this as a service for some of my clients. With all of these 'filters' they now have in place you cannot get accurate information using their access any longer. Now it looks as though all kinds of ports are open on any machine that you scan, and in most cases they are the ports that you want to make sure are NOT open in the first place. Over the last week or so I've been watching them adjust these filters. In some cases I have seen them actually add filters that made it look like every single machine on Rogers was infected with the "subseven" and "elite" trojans. Also is some cases this is filtering/stopping legitimate network traffic for being able to run.
Does anyone else feel big brothered in this whole thing? I know that I do, our usage rights get worse every week from the ISP's that provide us our access. It is severely limiting the way I am able to use the internet for both work and personal usage and I'm not very happy about it.
Am I the only one not happy about this stuff? What can we do about this stuff I wonder... who is it that decides what services they are allowed to restrict in their offerings .. is it the ISP or is there a proper governing body that can slap their hand and tell them that this is not the right thing to do?
I mean I pay for "internet access", which in my definition includes the right to send emails as required (on either their SMTP or the one of my choosing!), port scan my servers and get correct information and not false information that is telling me that my servers have ports open that are impossible, or that they are trojan infected, and last but not least not be forced into using their (IMHO very poor) network services in order to gain access to the internet proper.
The problem is one that is very hard to fix.
At the moment, a lot of spam is originating from machines whose owner's have no clue they are spamming. Rogers is taking an approach it hopes will reduce the problem.
We offer hosting services and on our end we have many approaches to reducing spam. We block certain IPs, domain names, blacklist many user names, watch for malformed headers, watch and delete e-mails with viruses, do port filtering and yet it's not enough.
When we enforce rules a little too much clients complain yet at the same time complain of SPAM.
The other thing is that ISP do not want their IPs blacklisted.
We also send out mass emails from double opt-in list. This means that a person had to sign up, click agree, receives a confirmation mail and has to click on that. We register the IP, date and time that the end user agreed. Yet, we still get SpamCop complains. Now, from about 400 000 users we send out to, less than 6 complains is enough to terminate our mailings (it's happened).
If we wanted, we could get "bullet-proof" hosting but that would be unethical.
So you basically have end users responsible for a lot of Spam and what I call unethical Spamers.
Like yourself, I am bothered by the restrictions and "false positives" that you get.
I think that if they put more effort into it it would be simple enough for them to scan and block machines that are showing signs of infection. For me this is all about fair and valid usage of services and not getting false information and/or information via proxy or hacked environments.
With Rogers taking this sort of action, it's a roundabout way of saying that they don't mind if your machine is infected and on their network, and that end users really don't have to take any action or responsibility to fix the problems. It hurts everyone.
I mean I pay for "internet access", which in my definition includes the right to send emails as required (on either their SMTP or the one of my choosing!), port scan my servers and get correct information and not false information that is telling me that my servers have ports open that are impossible, or that they are trojan infected, and last but not least not be forced into using their (IMHO very poor) network services in order to gain access to the internet proper.
Your definition of what your rights should be has no bearing -- it is Rogers' definition in their contract with you that determines your service levels (not rights!)
They reserve the ability to alter their contract at any time by posting the notice on their Website. Your ability is limited to negotiating a separate contract with them, moving to a different service plan that gives you what you want, or moving to another provider.
FWIW it may be useful to examine your contract and your clients' contracts with Rogers and see if servers are permitted under your present agreements. I understand from your previous posts that Rogers refuses to sell you the higher level business service in your area. That leaves voting with your feet as an option.
It wasn't me that had those issues with not getting business services, etc.
I understand what you are saying about them being able to change their terms as long as they notify, but this is also a bit of a grey area I think right now. It seems to me that it's a lot like getting local telephone service that only allows you to place a limited number of calls every day or restricting your usage of another companies long distance services (like that 1010 number or whatever) by blocking their numbers in the head end system. Basically the phone stuff is governed and regulated, but currently it seems the ISP's are not.
Who knows, the next thing they may decide to do is to block all VoIP traffic, or all P2P clients (yes P2P has valid uses!). If they are allowed to start with seemingly trivial things and get away with it there are no limits after that. They do advertise that they provide internet access, not filtered, gatewayed, and potentially proxied access to the internet through a private network censored to what they deem as acceptable ports or protocols.
Agree, but how to you block infected machines? Are the IPs not dynamic?
They run a DHCP based system. It really wouldn't be that hard to incorporate something that also at least port scans their machine after it's been issued an IP to make sure they don't have any known open ports for this sort of thing, and if found revoke the IP address.
Cogeco used to do exactly this with their systems... I know as I had to disinfect several PC's that friends were using that were cut off in that manner so they could be allowed back onto the network. Of course this would mean they might have to turn off (at least some of) the lame filtering they have in place currently that returns all kinds of false positives when scanning
How do you feel about ISP's limiting your access?
Linear Mode
