Reader Comments on Aardvark Daily 28 April 2003
Note: the comments below are the unabridged
submissions of readers and do
not necessarily reflect the opinions of the publisher.
From: Tom Scott For : The Editor (for publication) Subj: Spam Busting I read your mid day update and to say the least I am mildly disappointed in you Mr Simpson. You have sunk to the levels of the tabloid press. Okay in the past you have exposed people etc. But never have you publicly admitted to hacking. I find this coloumn repolsive and makes me wonder how low you will go to get a story.Aardvark Resonds
Note: Tom informs me he's complained to Aardvark's sponsor in respect
to today's column.
From: Tony Levaggi For : The Editor (for publication) Subj: Paradise Cable modem IP Spoofing I don't know if anyone else has experienced this. I have Paradise Broadband via cable modem (not ADSL). I have a 10 GB monthly cap, but typically use a pathetic 60-200 MB. A quick look at the Paradise web site usage meter today showed that 'I' had used 2GB in the last 4 days, including 700+MB today whilst at work. You actually get an hourly breakdown, including IP addresses. I know what you're thinking, but my PC is not only turned off when not in use, but I actually have to pull the power cable and network cable out to close the desk lid. To add further intruige, I was actually redecorating that room this weekend, so for most of the weekend, whilst apparantly downloading 40-60MB EVERY hour (nearly the limit for a 128KB connection), the cable modem was unplugged from both the power and the coax cables. The PC was also unplugged from the power and network. So I am unusually sure that it is not a poorly configured PC or a virus/trojan. I phoned paradise and was assured that my cable modem was 'definitely' turned on and they quoted a MAC address of the PC currently connected to it: 10:08:0E:AA:BB:A0. I'm not sure that's even a valid MAC address. They also assured me there was no firewall by doing a port scan. I do have a firewall. Typically people using file sharing networks have difficulty getting that to work through firewalls. The traffic I have apparantly used is all to clients with dns names referring to dialup/dsl/cable. This tends to point to file sharing networks. I am pretty certain that someone has managed to impersonate the MAC address of my cable modem to get 'free' traffic for their file downloads. I don't think the cable modems, which Paradise configure, the home user doesn't have any access, are capable of being remotely exploited to act as open proxies etc. Anyway, it was definitely unplugged for long periods while this traffic was occurring. Paradise don't seem too keen to discuss this possibility, but will scrub the traffic and give me a new IP address. Has anyone else experienced anything like this? Would I even notice anything other than a slower connection if someone was using my cable modem's mac address? Is it possible to use crafted ARP broadcasts to poison the router tables, or would spoofing the MAC address on a configurable cable modem work in itself, or using a broadband router with a configurable MAC address? I don't think I'm ever going to get any answers from Paradise. If it is too easy to spoof a connection, it would probably be best not to publish the answers! From: John For : The Editor (for publication) Subj: Reply - Spam Busting Today - I only got 17 spam e-mails in my main account, all deleted and "Yes", I must be a boring friendless person! Years gone by - I never got a spam email, so I must have been even more boring! A few years ago - I am confident in my allegation that my ISP's mail server was hacked and whole groups of e-mail account details were harvested (I can almost remember the day), and my then daily spam intake slowly grew in volume as my account details were disseminated across the network of spam merchants. A year ago - I gave up in the challenge of trace / routing / dns lookup / reporting to their ISP of the offending spammers' mail as the volume consumed too much of my time. I gained some consolation in closing down a few spammer's ISP accounts, but the volume of my failed invalid retaliation attempts grew due to the increase in insecure systems being hacked (particularly Korean edcuation facilities using MS IIS... maybe a naive state trained MCSE regime?) Spam Busting - It must be emphasised that Aardvark has not disclosed any involvement in hacking (password guess) the mail accounts of today's subject alleged spammer (don't you love the legally / politically correct choice of words?). To whoever did, and then Aardvark for reporting it... "Good on ya!". I support anyone who seeks to rid us of the curse of unsolicited bulk mailing. Now... if we only had a forwarding address service that could effectively trace / route, report to insecure system / complain to ISP, and intelligently chase down and resolve the entry point of such spam... well there is a businmess opportunity! ...e-mail client add-in, automated trace, a few humans with passion... hmmm... how do you make it pay? Well... a big post for me.... I must be boring.Hit Reload For Latest Comments
Now Have Your Say
Home | Today's Headlines | Contact | New Sites | Job Centre | About