Posted: 27th Aug, 2003 By: MarkJ
UK ISP
BTOpenworld has today sent us a more detailed response outlining the reasons why they recently took several security related port blocking measures. Some readers had felt this was overkill, while others sided with BT:
RE: Port Blocking
The recent wave of web viruses in circulation is causing an unusually high volume of web traffic. This is affecting the global Internet and is subsequently the cause of the intermittent capacity issues being experienced on the BT Openworld network.
The volume of traffic has increased because the viruses infect the user's PC and then use the internet to spread by sending out ICMP traffic*. It's important to note that the BT network is not itself infected, but the issue lies within user's computers. We strongly recommend customers to protect themselves by downloading anti-virus updates regularly and by investing in a personal firewall.
There are three viruses in operation, the details of which can be found via the following links:
Msblaster.
Nachi / Welchia.
Sobig.f.
BT's networks are working normally and to maintain quality of service for our customers we have taken the decision to implement selective port blocking on the BT Openworld network. This action may impact customers who are running certain virtual private network (VPN) applications.
We are also proactively contacting infected customers to resolve these issues, based on IP addresses that are sending high volumes of traffic.
We apologise for any inconvenience caused and would like to reassure our customers that we are doing everything possible to resume a normal service quickly. We will continue to monitor the situation with a view to removing these temporary blocks as the threat subsides.
In tackling this problem, we need our customers to take action and ensure that their machines are fully protected with anti-virus software and personal firewalls.
We recommend that customers run anti-virus and firewall applications, which are available from all leading suppliers, details of BT Openworld's offering can be found via the following links:
Home users.
Business users.
Service status lines:
0800 731 7777 (consumer narrowband products)
0800 169 0199 (business & consumer broadband products)
ICMP* - Internet Control Message Protocol (ICMP) is a required protocol tightly integrated with IP. ICMP messages, delivered in IP packets, are normally used for out-of-band messages related to network operation or mis-operation.