[nSLUG] Eastlink cable modem access

linux at zdoit.airpost.net linux at zdoit.airpost.net
Thu Jan 31 22:10:26 AST 2008


On Thu, 31 Jan 2008 19:41:05 -0400, "Aaron Spanik"
<a.spanik at ns.sympatico.ca> said:
> > What an interesting situation this all is, starting with a hijack of a
> > perfectly good thread, continuing with top post after top post, and
> > rounded out with a smattering of incomplete information and
> > speculation.  Hooray for teh Intarnets!!1!!!

You caught me  :-) 

. . . .
> > Now, regardless of whether you're sending unicast DCHP REQUEST packets
> > to a particular server in order renew your lease on an existing IP
> > address or whether you're sending broadcast DHCP REQUEST packets, you're
> > sending them to Eastlink's network, NOT the Internet.  The chances of
> > someone being able to light up a rogue DHCP server on Eastlink's
> > network and serve you poisoned DNS Servers is slim enough to bring a
> > smile to my face just thinking about it.  The chance of your DHCP
> > packet finding its way out of Eastlink's network onto the Internet at
> > large where some other Internet-facing rogue DHCP server is responding
> > to it and somehow getting a DHCP OFFER packet back to you which will not
> > only provide you a valid address for your provisioning on Eastlink's
> > network, but will also pass you poisoned DNS information is, well,
> > completely absurd.

When I first got a pre-DOCSIS cable modem (not in NS) over ten years ago
you could see a lot of other people's traffic; promiscuous mode was as
good as a party line on the telephone. I suspect if a customer turned on
a DHCP server it would compete with the ISP's DHCP server. I'm glad to
see the technology has improved.

> > 
> > The only other possibility is that someone has lit a rogue DHCP server
> > on your network behind your cable modem or behind your router.  This
> > would also seem unlikely, but is theoretically possible.  Do you run
> > wireless?  Are there any strange cars in your neighborhood that haven't
> > moved in days?  Any signs that someone has broken into your house and
> > installed a small computer system?  Do you get along with your
> > neighbors?  Ping, traceroute, and your arp tables will likely rule this
> > out.

I own the strange cars that haven't moved for days. I was able to rule
out the rest.
 
. . . .
> > In short, I suspect you have nothing to worry about except the
> > possibility that you might be slightly more paranoid than the rest of
> > us.

I asked my doctor for a letter that says I am crazy, but I couldn't get
it. You see a sane person wouldn't ask for one.

> > 
> > Hope this helps,

Thanks for the help.

> > 
> > /a
> > 
> > -- 
> > Aaron Spanik
> > a.spanik at ns.sympatico.ca

--
Gerald

--
Gerald




More information about the nSLUG mailing list