This article is more than 1 year old

The polluted Internet

Dirty, and getting dirtier

Comment I've spent a significant amount of time in New Delhi - which was, until a few years ago, one of the most polluted cities on the planet - and I've seen the effects of all those toxic fumes. A low cloud of fog lines the narrow streets at night, and the pollution seeps in through the windows while most people are fast asleep, breathing it in.

Forgive my analogy, but that's pretty much the state of the Internet today: more polluted than ever, and getting worse. Unlike the city of Delhi, which took some extraordinary measures a few years back to dramatically reverse this ugly trend, little or nothing is being done to stop the growing pollution that now plagues the Internet.

If you live in a major metropolitan city where high bandwidth connections are as common as your plain old telephone service, take a look at your firewall and IDS logs. It's not exciting at all, but you should do it. Compare the results with what you saw even just six months ago. Unwanted packets from worms and trojans are now hitting your network every second. New viruses, old viruses, mutated viruses, you name it. Big worms, fast worms, and worms that have been alive for years, they all reach my firewall and are silently stopped. Nothing new.

The only thing new about this is the magnitude of the problem.

Stare into the light

If you have a cable or DSL modem at home, pause and reflect for a minute as you look into the light. Let me explain.

Take a few short moments to watch the receive light on your modem or unfettered ethernet connection. Here in high bandwidth Canada, that flashing light now flashes almost solid. It's almost unbelievable. It's almost all malicious traffic.

I check my firewall connection status, in this case using 'pftop'. Everything's fine, no activity on my end. Yet the packets keep coming. Filtered, scrubbed and released, the LED light showing the packets that reach my home network barely registers a blip.

Aunt Fern's honeypot

I am finding it increasingly difficult to explain to laypeople about security on the Internet. The situation is only getting more complex, and worse. My Aunt Fern pulls her old computer out of the closet and plugs it in. Big mistake. She'd be better off with a typewriter, I tell you. In a few minutes her machine is already 0wn3d, and she just flipped it on. She looks at me with disbelief.

Worms, I tell her. She wrinkles her nose. She clearly doesn't like worms, so now we start talking about "compromised bots", but all I see is a newly puzzled face. Beyond the word 'worm', which was the extent of her comprehension, lays the rest of the World Wide Internet and Bill Gates' great vision of a computer on every desktop.

I bet he never envisioned how many of them would be crawling with worms.

How to help your aunt

There's nothing wrong with admitting you have a problem. The first step is admitting it to yourself, and the next step is to find a long-term solution or effective treatment that will rid yourself of the problem once and for all.

Instead of explaining to my Aunt Fern the myriad of ways she is hopelessly unqualified to be on the Internet, as I eat one of her excellent home-baked cookies I simply point at that little flashing light on her Ethernet card. I tell her it's just "pollution" on the Internet, and she needs some help. It's a concept she can understand -- and it has the added benefit that I don't have to tell her about the worms.

People shouldn't have to be computer experts to own a computer. But without a firewall, router, mega patches, anti-virus and anti-spyware, my auntie Fern has little hope.

There are many potential solutions that would benefit the Internet as a whole, but very few are being implemented, and for a multitude of complex reasons. Everyone must take their share of blame for the problem, but the biggest share of that belongs with your ISP. You can blame the uneducated user community, but that's entirely the wrong approach to take.

ISPs could start offering "filtered" accounts for their less technically-savvy users, but if it costs more people won't buy it. If it costs less, the gamers and power users wanting unrestricted access would complain. If it sells for the same price, it still costs the ISP money in added infrastructure and support.

ISPs could very easily track down the worst offenders, such as that evil SPAM-spreading, open-proxied malicious bot that my Aunt Fern used to keep her recipies on -- and some do. But many say it's not their problem. It's not their responsibility, and it would cost them money.

Power users and admins could write scripts that counterattack or tarpit the infected machines, removing the infection or simply powering the machine down. It love it. Simple, elegant... but illegal. The last thing you want is to be the nice guy who ends up in jail, just because you tried to help.

Monoculture isn't that bad

About 95 per cent of the world runs Windows on their desktop. That won't change in the corporate world to a significant extent any time soon. Deal with it.

The tiny 5 per cent of the world that's leftover and running something other than Microsoft, well, their owners have reason to rejoice. Those of you who use Linux/Gnome/Kde or X Windows on BSD, or the incredibly cute Mac OS X desktop... or Amiga or Atari or whatever, please keep quiet. For all intents and purposes, we've slipped under the radar. Let's keep it that way.

And in the meantime, I predict that in a year's time, that receive light on my cable modem will glow completely solid, even with no activity on my part at all. A stream of nasty pollution we call malicious traffic, that will never stop.

Copyright © 2004, SecurityFocus logo

Kelly Martin is the content editor for SecurityFocus.

Related stories

Watching the Net's background radiation
The Internet's background radiation - who pays? [Letters]
Watch out! Incoming mass hack attack
The Wi-Fi explosion: a virus writer's dream
Worms spread faster, blended threats grow

More about


Send us news

Other stories you might like