Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Comcast Cable Setup Security Issue

From: Gandalf The White <gandalf () digital net>
Date: Tue, 20 Jul 2004 20:41:53 -0500
Greetings and Salutations:

On 7/20/04 3:10 PM, "pingywon MCSE" <pingywon () gmail com> wrote:

While I agree that some ISP make things a little more difficult then
they need to be (in most cases AV doesn't need to be turned off)


Not only that, you shouldn't need to have special software to register your
system.  Just activate your account from that computer and viola, it reads
your MAC address from the router automagically.


...but its the better "un"safe then sorry mentality. I mean as far a
comcast is concerned .. I have NEVER used thier silly CD to set up
their cable Internet. What does it even really do ? .... make sure my
TCP/IP stack is conffiged to DHCP ?


That passed though my mind also.  What *IS* this software doing and what
personal information is it sending to Comcast?


All in all I feel you gentlemen are being a little overly zealous, I
mean how long was your PC really connected to the Internet without
AV/firewall ....should of only been minutes. If someone decided to go
surfing during that time ...then that is on them.



From slide 45:

http://www.blackhat.com/presentations/bh-usa-03/
bh-us-03-honeynet-project/bh-us-03-honeynet.pdf

"Fastest time honeypot manually compromised, 15 minutes"
"Its only getting worse".

With Microsoft XP vulnerabilities and the way that it readily broadcasts any
password information that it is asked for, please reassure me that I
shouldn't be concerned.


There is alot of software out there that tell yous you to disable AV
while installing. I have NEVER done this ...and I have NEVER had a
problem.
just my 2 cents
~pingywon MCSE


I would have LOVED to have no disabled the software but I had a live person
on the phone telling me that if I didn't then the setup wouldn't work.

Ken

---------------------------------------------------------------
Do not meddle in the affairs of wizards for they are subtle and
quick to anger.
Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC
WWW Page - http://digital.net/~gandalf/
Trace E-Mail forgery - http://digital.net/~gandalf/spamfaq.html
Trolls crossposts - http://digital.net/~gandalf/trollfaq.html



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: