Security Basics mailing list archives
RE: Comcast Cable Setup Security Issue
From: mike () genxweb net
Date: Tue, 20 Jul 2004 13:51:44 -0400
Ok guys not to defend the ISP that ask you to break the common sense of security but their are reasons why they do this. I my self can't stand when they ask me to remove my router but it is totally logical why they do so. Not every out there is as tech savy as us and not everyone out there knowes how to configure a router. For instance last week I got a surge down my line and it blew out a port on my router. Happened to be the port the modem was plugged into. Of course the rest of the network was working fine. SO the first thing that comes into my head as it does for 99% of you out there that it is the ISP fault (believe it or not) I call the ISP. And of course the first thing they say is I can reach teh modem. So I played there game removed the router and it worked. Now I know it aint them, time to look deeper at the problem. Hey guess what my equipment is messed up ok easy fix, I configue another port on my router and I am back up and running. Now imagine I am some noob ( as you may want to call them) that has no idea about routers or computers I just want to surf the net get my daily dose of what ever that gets me going and my net dont work. No matter how many times the tech tells me I will still think it is them that are at fault. Until they embarse me by fully proving it to me, by eliminating all factors. That is why I think that moving the router out of the loop is a feasable request. If you are so scared of some one hacking you during those few minutes you are on the phone with the tech I suggest running a tcpdump monitor the packets and take action if you actually see a attack comming at you. Remember that router is only stoping those hackers or worms thats are going after ports. It will not protect you against a email virus malware or so on. Also if you practice proper patch management and keep your o/s up to date then you will have less of a chance of a hacker or worm getting in. Also if you are that worried I suggest using a more secure o/s that is less vuln to daily attack. As far as disabling Av products to install comcast softwae. I am a comcast customer and I have never had to do that. I run Norton Av keep it up to date as possible. This is just my 2 cents. Quoting Steve Hillier <securityfocus () mastermindtoys com>:
I have e3xperience similar problems here in Canada with Rogers Cable. Every time you deal with tech support, one of the first things they ask you is to disable any personal firewall software you have installed for the duration of the support call. I was also asked to make sure my computer was connected directly to the cable modem, not through my router. To add to their sins, Rogers has just recently teamed up with Yahoo! to provide mail and personal webspace services. This is all fine and good, except that you cannot access any of their services on-line unless you use Internet Explorer or Netscape. So poor Opera users like myself are stuck using an unsecure browser to view our email and maintain our accounts on the web. (Once I get a little less frustrated, I think I'll download Firefox and see if that makes a difference.) Needless to say, I'm not pleased with Rogers, their "technical" support, or their decision to alienate some of their more web-savvy users. I like to think that I do a good job keeping my machine secure from all the wee beasties on the Internet, but help like I get from Rogers doesn't make my job any easier. Guess I'll just have to switch ISPs. sph-----Original Message----- From: Gandalf The White [mailto:gandalf () digital net] Sent: Sunday, July 18, 2004 10:14 p To: security-basics () securityfocus com Subject: Comcast Cable Setup Security Issue Greetings and Salutations: I am beginning to get a feel for why Comcast is at the top of the list for zombie spam boxes. I just set up an account for a friend who had a connection on the Comcast cable network. The instructions on the included CD-ROM (as soon as the CD started up) was to turn off all Anti-Virus and Firewall software on the computer. I called up Comcast tech support and told them that I was I was nervous about doing this, but I was assured that my computer would *only* be talking to the Comcast activation server. Lets just ignore that the computer would be talking to all the other machines on my local cable segment also. I had a router with firewall in between the computer and the Comcast network so I went ahead and deactivated the anti-virus and firewall software on the computer. I got half way through the activation and all of the sudden the process dies. Claimed I could not reach the HTTPS server or that I had not activated within the time allowed. I tried everything to start up the process again with no success. Called Comcast tech support. The tech (he was very efficient and nice) told me to DISCONNECT THE COMPUTER FROM THE ROUTER AND PLUG THE COMPUTER DIRECTLY INTO THE CABLE MODEM. This made me EXTREMELY nervous. I now have a computer (that was patched and up to date of course) ... BUT ... The antivirus and personal firewall software was PURPOSEFULLY turned off. By Comcast instructions. He walked me through connecting to the Comcast website and finishing up the activation steps. I tried (in the middle of his instructions) to ask if I could hook back into my router for a modicum of protection and was told no, I had to finish the setup. When I finished the setup (again, he was very nice and pleasant) I rebooted, hooked the computer back to the router/firewall, verified my antivirus and firewall were working and indeed everything worked fine. Being a computer / security professional I was (of course) thinking about all the very bad things that could happen to this computer while following Comcast's instructions. I know (and I think it is almost criminal) that many cable companied hook PC's up to a cable modem *all the time* without antivirus / firewall / updates / any kind of protection. But you would think that an installation would not require you to take away any kind of protection that a computer has. I can see some overzealous PC owner deleting the anti-virus and firewall software just to get their cable modem working. Ken --------------------------------------------------------------- Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC WWW Page - http://digital.net/~gandalf/ Trace E-Mail forgery -http://digital.net/~gandalf/spamfaq.html Trolls crossposts - http://digital.net/~gandalf/trollfaq.html ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Comcast Cable Setup Security Issue, (continued)
- RE: Comcast Cable Setup Security Issue dave kleiman (Jul 20)
- Re: Comcast Cable Setup Security Issue James Kelly (Jul 21)
- RE: Comcast Cable Setup Security Issue BUGTRAQ (Jul 21)
- RE: Comcast Cable Setup Security Issue dave kleiman (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue Burton M. Strauss III (Jul 21)
- Re: Comcast Cable Setup Security Issue Calvin Maready (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue Michael Cecil (Jul 21)
- RE: Comcast Cable Setup Security Issue dave kleiman (Jul 20)
- RE: Comcast Cable Setup Security Issue Steve Hillier (Jul 20)
- RE: Comcast Cable Setup Security Issue mike (Jul 21)
- RE: Comcast Cable Setup Security Issue Burton M. Strauss III (Jul 21)
- RE: Comcast Cable Setup Security Issue Seth Hall (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue SMiller (Jul 22)
- RE: Comcast Cable Setup Security Issue Andrew Aris (Jul 23)
- RE: Comcast Cable Setup Security Issue roger . smith (Jul 22)
- Re: Comcast Cable Setup Security Issue Brett (Jul 21)
- RE: Comcast Cable Setup Security Issue Steve Bostedor (Jul 20)
- Re: Comcast Cable Setup Security Issue pingywon MCSE (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- Re: Comcast Cable Setup Security Issue pingywon MCSE (Jul 21)