Adelphia's Cable Modems Compromised 182
texus writes "The Adelphia PowerLink Cable Modem Internet Service Provider, that serves 5.5 million customers nation wide, was found to be vulnerable of a major security flaw that allows cable modem subscribers to spy on each others traffic, as well as the ability to modify other users internet packets in realtime. The severity of a potential attack could allow a malicious subscriber to gain access to the customers private activity on the net, as well as the capabilities to hijack connections, intercept SSL/SSH/VPN encrypted sessions, hijack and poison dns servers, and perform a Denial of Service on the entire subnet. The advisory on BugTraq officially states that it didn't seem like Unix machines that logged onto the network were affected, but reports from other Adelphia subscribers indicate that this was inaccurate and Unix users are vulnerable as well."
Shit.... (Score:2, Interesting)
Thank $DEITY is do Linux on dialup, for once!
Hmmmm... (Score:5, Informative)
Problem Description:
A certain set of subnets on Adelphia's Powerlink network are treated as a HUB/SWITCH and therefore allow cable modem subscribers promiscuous monitoring of the subnet, and arp poisoning (man in the middle) attacks. Upon finding this flaw, it seems to only affect windows users dhcp requests, as for *nix it hands off an entirely different subnet ip address that is not vulnerable. This doesn't stop one from booting into *nix and manually configuring their ip to be on the vulnerable subnet. To review, with arp poisoning, one can do a tremendous amount of malicious activity on a subnet, from DoS'ing the network, to hijacking DNS servers, and even attacking/cracking SSL/SSH/VPN negotiations. Promiscuous mode, one can passively monitor all traffic on the subnet, obtaining private information, including logins/passwords, and private email.
Vulnerable Subnets:
please contact security@invisiblenet.com for info regarding specific subnets.
Solution:
The solution is varying on how the cable networks topology is handled, and arp poisoning, as we know is not a completely solvable issue without a physical/virtual separation of Layer 3 from Layer 2 in the OSI Model. For promiscuous mode, don't have the network in HUB mode.
Guess What (Score:2, Interesting)
Re:Guess What (Score:4, Informative)
Depends on the equipment. Some cable routers allow only a limited number of IP address to MAC address mappings per modem and refuse to override an ARP table entry in the cable router with a different IP address once it has been created. Packets that do not have MAC and IP addresses matching the entries for the modem session get dropped.
Re:Guess What (Score:2)
Yeah. If you can get at SNMP, you can pretty much do anything you want. Normally there is a separate network interface for the ISP's management network and SNMP is not directly accessible from subscriber equipment. However, if you manage to compromise one of the servers on the ISP's network chances are you can crack the network wide open.
You can reset the modem to get around that (you might need to hold the reset button down for 10 seconds to do a full reset). But MAC addresses are easy to change/spoof, so you could just make up a new MAC to go with each new IP.
True, but the point is you can't reset the modem whose IP address you're trying to hijack. This severely limits your window of opportunity (i.e., the other host has to be off-line long enough to release the address). In practise this means that hijacking TCP connections is not possible.
Re:Hmmmm... (Score:3, Interesting)
A guess (Score:2)
What with the internet being useless and all (Score:5, Funny)
Why is this not surprising.... (Score:4, Interesting)
I've being trying to find a competent person at Adelphia so I can get my cable internet service working. It's been weeks and they can't figure out why there's no return path for my signal. If they can't get that right, cable modem misconfiguration issues shouldn't be surprising either.
I'm beginning to question my decision to move from IDSL to cable.
Sheesh....
Re:Why is this not surprising.... (Score:2)
Well, at least they're giving you good security.
Re:Why is this not surprising.... (Score:2)
Good Security (Score:4, Funny)
Re:Good Security (Score:2)
Perhaps if the same exploits didn't keep showing up you wouldn't see bugteams mocking Vendors.
not all that new... (Score:4, Informative)
There are patches out there for linux that will secure the ARP table, I wrote one but there are better and I dont remember what they are called but search...you will find.
Re:ARP poisoning (Score:5, Informative)
Zeno's paradox? (Score:2)
The overall impression I'm getting of electronic "security" is a bit like Zeno's paradox -- you know, you keep getting closer to the target in ever-finer increments but never quite reach it. (The paradox we know has an underlying flawed premise [deltalink.com]. Unfortunately, I'm not convinced the encryption race is winnable.)
Re:Zeno's paradox? (Score:2)
Good point. If you are limited to just reacting to known threats, I think Zeno's paradox very much applies. Keeping up with an unending supply of patches does not seem like a valid solution and seems like it adds new opportunities for exploitation which will not be seen by those supplying the patches.
The link seems to have an implicit assumption that there is only *one* infinity. You have an infinite sequence of t/2, 3t/4, 7t/8, etc. which approaches but never reaches t. Real time has t, 2t, 3t, etc., none of which are in that sequence. There are also "long line" thingees: 0,t/2, 3t/4,
OT. Infinity is a strange beast. There are *exactly* as many primes as there are rational numbers. There are *more* irrationals that rationals. In fact, for all sets, the power set (set of all subsets) has *more* elements. Then there are real wierdos like Peano's space filling curve (continuous image of unit interval into 2-space which occupies *area*), and Cantor's perfect set (uncountable set with measure zero).
Re:Zeno's paradox? (Score:2)
The way I understood it on quick perusal is that Zeno's problem is solvable so that the annoying infinity term drops out. I'm trying to think of another example. I've given my son some annoying ones like, if 2X=3X what is X? Of course it's very simple if you look at it right (or you can solve it pretty easily by brute force).
Perhaps perfect security is as impossibly distant as infinity. I don't mean security in the raw cryptographic sense, but in terms of resistance to 3rd party trickery.
I haven't met Mssrs. Peano or Cantor, and hope not to. I can't wait until my son exceeds my level of math. He's six, so I figure I have a few years left, perhaps a little beyond trig.
Re:ARP poisoning (Score:2)
For ssl, this is addressed by having the site present a certificate signed by an authority whose public key is compiled into the browser.
For ssh/vpn, you will receive warning that the key has changed (and your client may disconnect automatically), unless you've never connected to the particular host before. (Granted, people are pretty likely to just accept the new host key).
I'm not saying you're wrong about it being a threat, but let's be aware that there are ways to address it. At the very least, if you're establishing a vpn to your workplace and are warned that the key has changed, STOP right there are make a phone call before accepting the new key. And before connecting for the first time, transfer the key to the client by some other means if possible (even sending it by email would be pretty safe in practice)
Re:ARP poisoning (Score:3, Informative)
For SSH, where folks really *do* ignore the issue, yes, this is a problem. A good VPN? No, absolutely not.
Re:ARP poisoning (Score:2)
And before connecting for the first time, transfer the key to the client by some other means if possible (even sending it by email would be pretty safe in practice)
Ya know, it depends on what industry 'yer in.
I just recently ended up as sysadmin for a startup making medical software, and HIPAA makes some very specific requirements regarding how key exchange can be done -- not only is email out, but so is encrypted exchange not using hardware-token-based authentication.
Just allowing ssh or whatever to copy over the current key -- well, that's very, very out. Bonded courier, direct personal exchange, and telephone (where each party can verify the other's voice) are the only alternatives to going the hardware-crypto route. Anyone expecting to do a little ARP spoofing and pull a man-in-the-middle... well, let's say they're going to be disappointed.
..and what a bug it is... (Score:2)
Sniff SSL Connections?!? (Score:3, Interesting)
Re:Sniff SSL Connections?!? (Score:4, Informative)
Re:Sniff SSL Connections?!? (Score:3, Informative)
Re:Sniff SSL Connections?!? (Score:5, Insightful)
With SSL for websites the host's public key may be signed by some authority like Verisign. But even when it isn't, don't you just click OK automatically?
Re:Sniff SSL Connections?!? (Score:3, Insightful)
Re:Sniff SSL Connections?!? (Score:2)
The authenticity of host 'foo.bar.org (111.222.33.44)' can't be established. RSA key fingerprint is (some sequence of colon-separated 2-digit hexadecimals).
How do I check that "fingerprint" against the contents of ~/.ssh/known_hosts/ which I presume is what's on your cheat sheet? Or to put it another way, how do you generate a cheat sheet of those RSA key fingerprints?
Re:Sniff SSL Connections?!? (Score:2)
Re:Sniff SSL Connections?!? (Score:2)
Re:Sniff SSL Connections?!? (Score:2)
Uh-oh (Score:5, Interesting)
Re:Uh-oh (Score:2, Interesting)
Re:Uh-oh (Score:5, Insightful)
IMHO, this is really a trivial problem, one that nearly all cable modem networks were always subject to. They can do some stuff to mitigate it on the network side, but really this isn't anywhere near the gravity that the Slashdot blurb makes it out to be.
Re:Uh-oh (Score:2, Funny)
No, just kidding, but really I doubt your company would appreciate you posting messages like that, should have went AC at least.
Re:Uh-oh (Score:1)
Re:Uh-oh (Score:2)
but I know who you are.
Re:Uh-oh (Score:2)
But maybe they can find this guy and can him so they can prove how competent they are at security and efficient management
Re:Uh-oh (Score:2)
But those three guys.... (Score:2)
most companies, the UNIX admin types and the Network
admin types are constantly at odds with each other.
Finger pointing, etc. This is a great example of
attempting to deflect the blame onto those UNIX
admin types that admin the actual modems and
their boot files, instead of blaming Sam, your
network overlord.
UNIX admins that admin the services have nothing to
do with the network hardware they are connecting to,
or how they are configured as they don't own the
network or it's hardware.
One of the things I really hated about
Adelphia when I was there. In contrast, at
MindSpring, the network and UNIX admin type
guys all worked on the same floor together on
peachtree street and were treated as equals, and
encouraged to work together.
Oh please... (Score:2, Informative)
BOOTP traffic should never leave the private UVR segment; period. In fact NO broadcast traffic of ANY sort should be allowed to leave the private network segment at all.
So, don't give me that "it's an non-issue because it is TCP/IP" crap. It is an architectural issue that YOU guys need to clean up on your own network, otherwise, someone needs to do some network technician house-cleaning (all the way up to the CIO, if necessary) and send some people back to flipping burgers at McDonald's.
While we are on the subject of security, why aren't you guys doing something about all the sequential IP scans that are going on in your network right now? Why isn't someone cleaning up THAT mess. Let's see, according to the firewall, I have 4 different scans going on right now; it has been as high as 12.
That, and I have been having fits with your mail server (and, no, this isn't the first time, either; it happens so often, I just switch over to my own until you guys eventually finish reading your sendmail HOWTO and get it fixed).
I realize that with Adelphia being more or less in bankruptcy right now, customer support is not very high on your list of things to take care of (just like network engineering), but don't come in here and tell us that it is a fundamental problem outside of your control when it is NOT. Get control of your network and stop making excuses.
Re:Oh please... (Score:2)
Is that what these are? They're being multicast to 239.255.255.250, which is reserved by ARIN (a multicast netblock?)
I've always regarded these as random garbage, but never as a security risk. (Although I can see why they would be.) Is this what the article is referring to?
Re:Oh please... (Score:2)
If you are seeing the packets on your own private network, then your broadband router is also passing them, and maybe you should filter it out.
No, what the article is referring to is the potential for spoofing responses to ARP and BOOTP/DHCP queries to setup man-in-the-middle attacks. You won't see these inside on your private LAN segment, but if you can somehow run a sniffer on the public side, you will see TUNS of ARPs / BOOTP requests.
Well, actually.. (Score:2)
You WILL see BOOTP/DHCP packets if you are using dynamic addressing, but again these are your own and are OK.
"These are not the packets you are looking for..."
Only if you ignore the warnings. (Score:5, Insightful)
However, this is nothing magical, from the initial bugtraq description it sounds like just plain ole' arp snooping. Which means for encrypted, authenticated traffic (SSH/VPN/SSL), it's only going to work if the user ignores the security warnings because of the wrong keys, or the keys themselves have been stolen (a whole other ball of wax).
Re:Only if you ignore the warnings. (Score:2)
If the spoofed host and my VPN box do not share the same key, then the connection will not initiate.
For SSL, the same is true (as the CA Signing key wouldn't make sense.)
It's only for SSH with password authentication, that this becomes an issue -- because then the user will accept the security warning and still enter their password. Yet another reason why you shouldn't use plaintext passwords with SSH alone.
Is this really anything new? (Score:3, Interesting)
Security (Score:5, Funny)
Oh, there's much more... (Score:3, Funny)
Your car, for instance, can be bugged and tracked by a Nav positioning satellite so that the baddies will know where you are every minute of the day! I could go on, but now I think you see...it's *horrible*!
2 remote exploits in 6 years! (Score:2, Funny)
Re:2 remote exploits in 6 years! (Score:2)
OpenBSD is Uber secure. They didn't say that OpenBSD was secure.
Security is *hard*. OpenBSD has nothing to be ashamed of.
Nothing that new.. (Score:2)
At least it'a easy enough to build your own (Score:1)
At least if happen to hear about such a vulnerabilty I can build a linux box to do the same. but dedicating a noisy big old pc to this task...who would want to? Already my house is never really quiet.
RG
Hmm.. (Score:5, Funny)
I've said this to cable customers for years. (Score:3, Insightful)
This is just one of the reasons why I suggest to people I know that they buy DSL. Better security, assuming competent admins.
Wasn't this obvious before? (Score:2)
Re:Wasn't this obvious before? (Score:3, Informative)
When I run tcpdump on my household server (acts as the gateway for our LAN), I can see traffic destined for us, and ARP who-has messages from the CMTS. The ARP messages are Ethernet broadcasts that have to be bridged. If users at Adelphia can see all the traffic, and it's a DOCSIS system, something (probably the cable modem configuration file) is really screwed up.
Not credible (Score:5, Informative)
Now, this does not rule out ARP spoofing, but the only really interesting ARP to spoof would be the one for the default gateway on the network. Since the gateway for the network is living on the CMTS and since any ARP request must pass through the CMTS before getting to our spoofer, I would expect the spoofed replies to arrive after the legitimate ones from the CMTS. Additionally, I would not be surprised to find out that the CMTS suppresses attempts to ARP spoof it's addresses ( and if it doesn't now, it will in the near future ).
Re:Not credible (Score:4, Informative)
Bull pickles. I recently got Adelphia cable modem service myself. First thing I did, practically, was to plug the cable modem into my Mac OS X box and run "tcpdump" on it, to see whether or not they had secured the local network against sniffing. Sure enough, I could not see any of the other customers' actual traffic -- but I certainly could see:
It seems pretty trivial that someone with the right mildly altered software could easily set themselves up as a DHCP server and hand out fake gateway information, or as an ARP-poisoning proxy. Good reason to check your network settings for suspicious things if you use DHCP.
Re:Not credible (Score:2)
A bridge will broadcast all ethernet broadcast packets to all hosts on the network. I don't know what kind of IGMP you were seeing, but I'd be astounded if it wasn't either bound for the ethernet address of something behind your cable modem or the ethernet broadcast address.
Re:Not credible (Score:2)
Yup ... and it won't stop my host from responding to one of those with a phony DHCP or ARP response. Hence, forgery; hence, the problem noted in the article.
Re:Not credible (Score:2)
Unix boxes NOT secure (Score:5, Funny)
It seems to only affect windows users dhcp requests, as for *nix it hands off an entirely different subnet ip address that is not vulnerable. This doesn't stop one from booting into *nix and manually configuring their ip to be on the vulnerable subnet.
Does anyone else find that funny? Windows users are vulnerable to a security flaw by default (as usual). But, (if they feel left out) Unix users can configure their box to be vulnerable too!!
HOWTO cook, fry and toast people with IP... (Score:5, Insightful)
The submission shown here may look, partially innocent for house wifes and the common guy in the street. They have lived with so many hacks, virus and trojans, that there is not much to worry about that. Unfortunately, many people do not know that such silly big providers also support someone who is not so simple and humble like your personal computer. They may be segments of corporate networks, departments that are too remotely located, that it is far cheaper to link them to some provider, rather than spending money to create an isolated channel. You may understand this, and still think that the biggest problem for the majority is the fact that information can be stolen. Correct rationale, if we consider the "majority", but again, bullshit. The big problem can be one or two clients of this provider. Clients that, if something goes wrong there, no one of us may have time even to say "shit". And no one will care to put you in a shinny wooded coffin. The best you may expect is a few tons of concrete and a mixture of chemicals so that your body quickly decomposes... Or that your body is quickly turned into ashes...
The problem between big providers and such clients, is that, being a provider with reputation, dimension and emphasis, clients tend to forget some simple rules of the trade. They think that this huge provider does his homework and maintains a minimal level of protection. Meanwhile, these same clients, do not only forget to check the security of such links, but also forget about isolating such channels from their own critical sectors of activity. In the result, a malicious hacker may break-in in minutes into some critical zone. This may be a control station of some distribution system, an industrial zone, or the control room of the corporate network.
Such situations happen and happen too frequently to consider it mere incidents. Thankfully, many of these break-ins are made by people who still have the shoulders in their head. Thankfully, breaking into the majority of corporate networks still demands some art and skills. However, this situation may change, if we all start considering that such problems, like the one described on the submission, are mere "features" that one may live with. If you consider that it should be that way, then don't be admired to see some big factory dropping tons of shit into the air or water. Don't be admired that suddenly a whole communication network goes fool and even 911 doesn't work in the middle of some critical situation. Don't be admired that your company produces things that blast or short-circuit at first use. Don't be admired that the lights go off every 5 minutes and all your home electronics are burning out. These are not stories taken from the hat. These are very concrete scenarios of real holes found somewhere around.
These things do not happen now so frequently because Internet is in its very early age (and still many people, like engineers, do not trust it). But some of these holes are already there, waiting right around the corner for the first maniac script kiddie (yes, there are already holes that such lamers may exploit). If we keep this mood, of not caring about security, we will have all guarantees that something will seriously go wrong in the future.
Re:Solution seems simple to me... (Score:2)
I wished to be so optimist like you... Unfortunately, while I have not seen anyone putting critical systems directly accessible through the Internet, there are enough "backdoor" channels to see very important things linked to Internet. Or corporate network so badly installed and maintained, that a small link to Internet will be enough to give huge problems to many people.
Re:Solution seems simple to me... (Score:2)
Re:Solution seems simple to me... (Score:2)
I don't. We shouldn't be, but should and does are different things.
With such as "To keep your system secure, [paraphrased a bit] download the latest security patches". With the idea that a secure connection somehow secures the systems connected. IPv6, where every traffic light has its own ip address.
People are not built to always be looking at what they're exposing. Most people, that is.
I guess Adelphia really does suck (Score:5, Informative)
Please, don't mod this down as a troll, it isn't, it may be blatant advertisement for a sucks.com web site, but it's not a troll
j
another one (Score:2, Insightful)
There seems to be a rather large number of pissed off customers.
Adelphia transmissions (Score:4, Funny)
FROM AN ADELPHIA USER: (Score:4, Informative)
More info as I get it...
Re:FROM AN ADELPHIA USER: (Score:2)
Re:FROM AN ADELPHIA USER: (Score:2)
With a SWITCH, Ethernet frames go from the source node to the destination node directly; no other node connected to the SWITCH can ever see the packets unless they are broadcast/multicast packets.
With a HUB, ALL Ethernet frames that are sent through the hub from any particular node also go to ALL of the other nodes.
THUS, what I think you mean to say is HUB, not SWITCH. However, I am willing to concede that your anecdote about being able to sniff a private non-broadcast conversation between two nodes from a third is making you think about the problem incorrectly, since it means that a) you don't REALLY have a SWITCH, but instead have a HUB, or b) your SWITCH is broken, as another user suggested. I have several switches here and have installed plenty elsewhere. On none of them can a third party sniff and capture directed non-broadcast packets from the network segment.
Re:FROM AN ADELPHIA USER: (Score:2)
Today's lesson: why is it possible to see unicast packets not sent to you on a switch using ARP poisoning? The answer is because switchs forward data based only on the MAC address in the frame. ARP poisoning makes the computer (full computer, not microprocessor in the switch) believe that an IP belongs to a different MAC address than it really does. So the computer sends the frames to your MAC address instead of the other ones once the ARP table has been poisoned. The switch is all along performing the proper duties as it should of sending packets to the proper port based on the MAC address.
So, in summary, I can see packets flying around in the same manner as if I were on a switch. That means broadcasts and packets directed to me. I assume based on my knowledge that I might be able to use ARP poisoning on Adelphia's net to confuse computers into sending unicast packets to me so I can sniff them in a man-in-the-middle style attack. It is certainly possible that Adelphia has a setup where the bridging of the cable modem is smarter than to allow this attack, but I can't confirm either way (unwilling to try it - I like having service).
I said what I meant, and I meant what I said. You just tried to read a little more into it than what was there. I really did see packets in the same manner as I would on a switch. Of course, I could have been more specific, but hey...
For reference, most ISP connections don't even allow you to see broadcast traffic (think dialup via PPP or DSL modems - no broadcasts from other machines). Also, you might want to check out Ettercap, or any other tool of that variety. Makes ARP spoofing easy. Grab one of your switches and try it out.
Re:FROM AN ADELPHIA USER: (Score:2)
With Adelphia, there are hundreds if not THOUSANDS of broadcasts per minute, many of which are not even FOR your subnet. I also still get a number of misdirected unicast packets and the occasional directed broadcast packet.
Re:FROM AN ADELPHIA USER: (Score:2)
Check out the DOCSIS specs. (Score:2, Interesting)
Adelphia is Garbage (Score:5, Interesting)
1. Adelphia recently declared bankruptcy. Their CEO was the Number 1 CEO in the whole US for taking insider loans. Above Tyco, Enron, or Worldcom. The crooked bastard took an insider "loan" for OVER a quarter BILLION dollars. His reason for the loan was "Unspecified personal business".
2. Their service sucks. I'm on the phone with their help desk at least once a month because the internet connection is down. Their tech support people are a bunch of brain-dead bozos reading from an "if: then" style troubleshooting manual - plus, it usually takes 45 minutes or more of waiting on hold to get through to a real human. Definitely some of the worst customer service in the industry.
3. They are not complying, or planning to comply with the federal regulation passed in October that prevents cable providers from forcing customer to purchase service "bundles" to get a particular channel. The regulation states that a cable provider must provide, upon the customers request, the premium channels they ask for in an a-la-carte style manner.
As an example, if I wanted to get the HBO channel at my house, Adelphia requires my to "upgrade" to their digital cable service for an additional $9.95 a month, plus $7/mo per TV (I have 3) plus pay $25.99 a month for the HBO bundle. Do the math - that equals a additional $57 per month just to get one premium channel. This practice is strictly forbidden by the recently passed legislation.
And to top it off, the lying bastards told me that they don't have the technology to provide a single premium channel (no bundles) to a home, and that they don't have the technology to send certain premium channels to their analog cable subscribers - that they must "upgrade" to digital cable. The reason that they are lying bastards is that I have a friend who used to get just HBO (w/o a bundle) to his analog cable home (back when they offered this option). He canceled that channel but they never turned it off for him. Right now today he gets a single premium HBO channel to his analog cable home.
My advice is to avoid this sleezy bunch at all costs - unless you like paying out the nose to support their insider lending (Yes, I know GWB thankfully just passed legislation making corporate insider loans illegal.) habbits and unfair business practices.
Re:Adelphia is Garbage (Score:2)
Docsis cable modem can prevent this (Score:2)
if you want all the dirt on how these modems work, go see the documentation at Cable Labs [cablemodem.com] , they're the people who certify the equipment.
Thee's a reason I call myself broadbandbradley, I couldn't think of a good handle
Yay! More Slashdot Hype! (Score:2)
So what if the user intercepts SSL/SSH/VPN traffic from hosts behind the cable modem? The entire purpose of those protocols is to prevent man-in-the-middle attacks, and encrypt traffic so that the security of the transport (as seen here as entirely untrustable) is no longer an issue.
This type of fear mongering is what drives daily stories on the front page of slashdot, and has become entirely too irritating to deal with.
Re:Yay! More Slashdot Hype! (Score:3, Informative)
Also... many routers/firewalls and access devices that have ssh only have ssh 1 capability.... so there goes that protection.... since ettercap can intercept those... (Yes... the fingerprint presented would not match.... but then how many would know to check the fingerprint?)
Re:Yay! More Slashdot Hype! (Score:2)
That's probably the advertised behavior (Score:2)
I've heard a number of stories about people finding Windows printers they didn't own when they got their cable modem connection...
Re:Adelphia != Bad Peoples (Score:2, Interesting)
Smoothwall IPCop (Score:2, Informative)
Now, with 100% less rudeness than smoothwall!
IPCop [ipcop.org]
Re:Adelphia != Bad Peoples (Score:2)
Cause it's quite obvious that Adelphia has had a whole horde of Bad People in it, who are of course under indictment, at least.
Yes, Adelphia can have some pockets of clue amongst the cable guys who poke and prod cluelessly at RF disrupting cable modems and put up insecure websites, et al. Glad to see you're in one of the clueful areas that hasn't (yet) been completely oversold).
j
Re:Adelphia != Bad Peoples (Score:2)
I had recently set up a home network for a freind of mine, and he kept blaming the disconnects on me, until another freind called in and complained about disconnects while playing his MMORPG.
Re:Adelphia != Bad Peoples (Score:2)
Re:Adelphia != Bad Peoples (Score:1)
They are seriously oversold here, with no relief expected for 6 weeks according to the newspaper. Considerably longer according to unofficial word from some of the their techs.
Re:Adelphia != Bad Peoples (Score:2)
Re:Adelphia != Bad Peoples (Score:2)
"What version of Windows are you running"
"X11R6 with the icewm front end, what difference does that make. I can ping the gateway but half the hosts after it die somewhere around hop 7. Problems in galveston?"
"whatwhatWHAT?"
Now adays I just call Tony down the local office. He's a funny guy. Always says "Well, we appreciate you, we like UNIX users on the network."
Nice way to show it.
Re:Adelphia != Bad Peoples (Score:2)
Re:Adelphia != Bad Peoples (Score:2)
Ergh.
I need to find this mystical *NIX person who works in Buffalo.
Re:Adelphia != Bad Peoples (Score:2)
You don't seem as if you're going to sue, but what do you think they can do? Press the 'Magic Button' and change their network infrastructure to be safer?
Escalate the call up to the president if possible. Tell him about it. And don't be technical. Nothing I hated more than someone calling up and acting all badass because they use Linux or some alternative operating system.
If your goal is to confuse the less informed, its obviously not to get legitimite help. In which case, go ahead, but don't complain about not getting any help when you have to explain what 'Megadin God icewn distro tcp/mp3 with OS2 kernal' is for three hours.
Re:Hype (Score:1)
Leaving your clients on an open, unsecured network like Adelphia has is just plain negligent.
Re:This indicates one of the problems with Unix (Score:5, Interesting)
You're kidding/trolling right? At the university where I work Windows 2000 machines are constantly being hacked for things like DoS attacks, pirated video servers, etc. The actual user typically does not find out until the IP is tracked down by the victim and the school is notified (usually including the threat of a lawsuit)...
Re:OF course Unix users are affected (Score:2)
Re:OF course Unix users are affected (Score:2)
The NY Times link is a redirect to http://goatse.cx, which some people think should be modded as "Troll", when it is really just "Redundant" or "Offtopic" (though some may find goatse.cx "Interesting").
Re:Ettercap (Score:2)