of ISPs and routers

On Sat, 11 Sep 2010 08:28:18 +0100, John wrote:

> Using the frog also makes you more vulnerable and open to hacking or
> other attacks [1] because the frog has just one IP address - something
> like, for instance, 86.123.157.25. Hackers are constantly scanning the
> internet and if they find that address, they find your computer on the
> end of it. A modem/router has two (usually more) IP addresses: an
> _external_ address like the one above and an _internal_ address that
> connects to your computer, something like 192.168.1.100. In this case,
> if a hacker finds your external address he only finds your router, not
> your computer.

Finding the router (which is trivial) is useful enough thanks. It is
usually trivial to get into it, from there you can abuse the trust the
average stupid twonk has with the device.

Allow me to expand. Once into a router changing the DNS servers to those
controlled by a miscreant - or redirecting all traffic with a static
route, is trivial. It's also often trivial to put any given internal
client into a DMZ or open ports to the world, leaving them just as
'vulnerable' as having a public IP on a frog modem.

Given the 'always on' nature of dom-groutems, and the usually poor
logging/admin of the devices - most miscreants can hammer away all night
with something like Hydra without having to worry about detection because
of the users lack of understanding and false sense of security.

I estimate about 5-10% of users in the UK with consumer router/gateway/
modems have them open to the outside world - either by http or telnet.
TalkTalk customers seem to be the worst for it.

Don't assume that having such a device makes you any more secure. Piss
poor administration and ignorance will always be bliss.


--
BT Openreach Engineers - all they need to supply for work is their own
socks and pants

On Mon, 13 Sep 2010 00:37:30 +0100, Brian Gregory [UK] wrote:

>> BT need long periods of ADSL to collect the statistics on the line and set
>> the nose margin amd BRAS to what they consider to be the best customer
>> experience.
>
> They do not need to, it's a way a bodgeing their old system designed for
> fixed speeds to work well with variable speeds.
>
> They choose not to do it the proper way to save a few pennies and because
> they don't care about customer inconvenience.
>
> Anyway once the initial training period is over you can switch off and on
> without causing problems.
>
> Change to an ISP that doesn't use BT equipment at the exchange and you'll
> probably find it's done properly with their equivalent of BRAS instantly
> tracking your connect speed.

That's how it /should/ be, IMO.
Even my washing machine 'remembers' it last settings!
--
Peter.
The gods will stay away
whilst religions hold sway

On Mon, 13 Sep 2010 17:06:18 +0100, Brian Gregory [UK] wrote:

> "Comtroll" <(E-Mail Removed)> wrote in message
> news:i6d47p$2tl$(E-Mail Removed)...
>> On Fri, 10 Sep 2010 10:58:31 +0000, Bob Eager wrote:
>>
>>> On Fri, 10 Sep 2010 07:17:33 +0000, Comtroll wrote:
>>>
>>>
>>>> No, but you can expect a telco not to be that retarded and
>>>> environmentally unfriendly that you get penalised for saving power.
>>>>
>>>> Given they send 50v down the line to power the telephone, let them
>>>> power the router too if they want it left on to best match *their*
>>>> line to *their* DSLAM.
>>>>
>>>> Don't just accept the status quo for the sake of it. It makes good
>>>> economical and environmental sense to turn off things you are not
>>>> using.
>>>
>>> You wouldn't like the fact that I leave my roputer on all the time
>>> then. And nine PCs.
>>>
>>> Yawn.
>>
>> Why? I'm no eco-pikey. I'm just pointing out that it is a retarded
>> system, created by retarded chimps, that requires an EU to leave a
>> device they are not using *on* or be penalised for it.
>>
>> I won't waste your time with an analogy because I can see from your
>> yawning you are tired (probably cant sleep because of the noise from
>> all you little toy hobby systems in that poky terraced house of yours),
>> and - quite frankly - you are a bit of a bore.
>
> Just ignore him.
>
> He's wrong anyway. Once the inital training/assessment period is over
> there is no problem at all with switching on and off.

Don't see anything 'wrong' about what I said. I don't leave my router on
all the time because of training. I leave it on because I'm using it (or
it's in use).

--
Use the BIG mirror service in the UK:
http://www.mirrorservice.org

*lightning protection* - a w_tom conductor

On Mon, 13 Sep 2010 17:06:18 +0100, Brian Gregory [UK] wrote:

> He's wrong anyway. Once the inital training/assessment period is over there
> is no problem at all with switching on and off.

My feeling is that I might try a router if the PCI card doesn't get 3M, but
only if necessary.

Bit worried about t'other thread re. IDnet.
--
Peter.
The gods will stay away
whilst religions hold sway

Meanwhile, at the uk.telecom.broadband Job
Justification Hearings, Brian Gregory [UK] chose the
tried and tested strategy of:

> Once the inital training/assessment period is over
> there is no problem at all with switching on and off.

ICBW, but I don't think that's right. I think the line
management is continuous, not just for the first 10
days; line conditions aren't set in stone and it would
make sense for DLM to reflect that, if it's to serve
it's purpose of keeping connections stable and support
costs down.

--
<http://ale.cx/> (AIM:troffasky) ((E-Mail Removed))
13:37:01 up 79 days, 20:44, 1 user, load average:
0.14, 0.23, 0.18
Qua illic est accuso, illic est a vindicatum

Mark <(E-Mail Removed)> writes:

> BTw will lower your BRAS/IP profile if your router syncs at a low
> enough speed even for a short period of time. If your router is
> syncing at around the same speed all the time there is no reason for
> BTw to lower your profile. Of course when your speed recovers it can
> take them ages to increase your profile :-(

Which is, IMHO, one of the worst aspects of the BTw ADSL system. If your
line is normally good and syncs at a reasonable speed, but occasionally
(say no more than once every 2 or 3 days) there is a short (less than 1
minute) burst of externally induced 'noise' which causes your router to
resync at a much lower rate, even if you manually reboot the router
almost immediately and resync back at your normal high speed your BRAS
will be almost permanently much lower than your line can support for
99.99% of the time.

Graham Murray wrote:
> Mark <(E-Mail Removed)> writes:
>
>> BTw will lower your BRAS/IP profile if your router syncs at a low
>> enough speed even for a short period of time. If your router is
>> syncing at around the same speed all the time there is no reason for
>> BTw to lower your profile. Of course when your speed recovers it can
>> take them ages to increase your profile :-(
>
> Which is, IMHO, one of the worst aspects of the BTw ADSL system. If your
> line is normally good and syncs at a reasonable speed, but occasionally
> (say no more than once every 2 or 3 days) there is a short (less than 1
> minute) burst of externally induced 'noise' which causes your router to
> resync at a much lower rate, even if you manually reboot the router
> almost immediately and resync back at your normal high speed your BRAS
> will be almost permanently much lower than your line can support for
> 99.99% of the time.

OTOH the implications of dropping packets at the DSLAM when the ADSL
line can't handle the rate..is somewhat worse.

I've generally found the BRAS comes up fairly quickly after a *major*
speed increase on the line.

And it is something you can ask to be reset upwards if its a one off event.

The worst case is the line subject to random bursts of untraceable high
noise..