You’ve been served!

Telus blocks residential customers from using home computers as servers
by Ian King
Feb, 24 2005

Telus high-speed Internet customers found themselves crimped by new security measures for much of last year when the telecommunications giant began blocking selected Internet connection to home computers. The blocking is invisible to most users, but all it takes is a cruise around message boards frequented by tech-savvy users–or a chat with a local geek–to know that Telus high-speed service isn’t what it used to be.

High-speed Internet users are normally connected to the Internet at all times. While this is convenient and allows people to serve files and content from their home computers, it also leaves them vulnerable to crackers.

To protect themselves from attacks, high-speed users often put their machines behind a firewall that only allows certain types of Internet traffic through to their computer, blocking the rest. If they want to allow certain connections, they open the ports to incoming connection.

But Telus took that choice out of residential users’ hands when it began blocking selected ports–regardless of their customers’ security preferences–in May 2004.

Blocked ports include those used to listen for incoming email, FTP (file transfer), Telnet (remote login), and Internet Relay Chat client traffic, as well as incoming World Wide Web connections. Users can access other servers providing those services, but cannot provide them from their own computers. In other words, a Telus customer can be a client, but not a server.

Some peer-to-peer file sharing applications, including BitTorrent and eMule, work best when users are able to accept incoming connections. However, despite the controversy over Internet file sharing, none of the ports used by those two applications are part of the Telus port blockade.

According to the company’s online help section, the port blocking is to fend off viruses, spammers, and crackers who would attack Telus customers’ computers if those ports were left open. “These security measures are designed to reduce illicit traffic, as outlined in the TELUS User Agreement and the Acceptable Use Policy,” reads a bulletin from the company outlining the new measures.

For most home users, the changes aren’t a big issue. Most people don’t use their computers as servers. But for hardcore users, or those using their home machines to learn how Internet server software works, the changes present a problem.

Incoming Internet connections are not the only ones being blocked. Telus customers who use an outgoing email server other than Telus’s–usually because they are using a different email provider–are also finding their connections blocked. According to Telus’s technical bulletins, this is done “to reduce the amount of spam created on our network which prevents service degradation and possible outages as well as to reduce the amount of spam you receive in your e-mail.” To send email from outside accounts, a Telus customer has to send the mail through Telus’s own servers, which can lead to cascade of problems on the recipient’s end—the server that sends the mail and the sender’s email address do not match.

Shaw, the other major high-speed Internet service provider, does not block ports for residential customers. Users connecting with Shaw can accept incoming connections as long as they set up their hardware and software to allow them and accept the risk to their own computers.

Telus customers who want to run servers at home have to upgrade to a business Internet package offering static Internet addresses. The cheapest of those packages is $84.95 per month, compared to the $29.95 that most residential users pay. The premium service does not, however, buy extra security—all it means is that the ports become unblocked.