Date: Tue, 12 Nov 2013 06:35:51 +
From: Dobbins, Roland rdobb...@arbor.net
To: NANOG list nanog@nanog.org
Subject: Re: CPE dns hijacking malware
On Nov 12, 2013, at 1:17 PM, Jeff Kell jeff-k...@utc.edu wrote:
(2) DHCP hijacking daemon installed on the client, supplying
On Nov 12, 2013, at 10:57 PM, Matthew Galgoci mgalg...@redhat.com wrote:
It's probably more common than one would expect.
Concur 100%.
https://app.box.com/s/rblnddlhda44giwfa8hy
---
Roland Dobbins rdobb...@arbor.net //
was on That was probably not a great
idea, but you do what you have to sometimes.
On Tue, Nov 12, 2013 at 10:57 AM, Matthew Galgoci mgalg...@redhat.comwrote:
Date: Tue, 12 Nov 2013 06:35:51 +
From: Dobbins, Roland rdobb...@arbor.net
To: NANOG list nanog@nanog.org
Subject: Re: CPE dns hijacking
it have been easier to simply change your channel
setting?
-James
-Original Message-
From: Tom Morris [mailto:bluen...@gmail.com]
Sent: Tuesday, November 12, 2013 9:59 AM
Cc: NANOG list
Subject: Re: CPE dns hijacking malware
EXTREMELY common. Almost all Comcast Cable CPE has this same
On 11/12/2013 3:24 PM, Larry Sheldon wrote:
On 11/12/2013 12:12 AM, Dobbins, Roland wrote:
On Nov 12, 2013, at 12:56 PM, Mike mike-na...@tiedyenetworks.com
wrote:
It appears that some of my subscribers DSL modems (which are acting
as nat routers) have had their dns settings hijacked and
On 11/12/2013 3:54 PM, Larry Sheldon wrote:
On 11/12/2013 3:24 PM, Larry Sheldon wrote:
On 11/12/2013 12:12 AM, Dobbins, Roland wrote:
On Nov 12, 2013, at 12:56 PM, Mike mike-na...@tiedyenetworks.com
wrote:
It appears that some of my subscribers DSL modems (which are acting
as nat routers)
channel setting?
-James
-Original Message-
From: Tom Morris [mailto:bluen...@gmail.com]
Sent: Tuesday, November 12, 2013 9:59 AM
Cc: NANOG list
Subject: Re: CPE dns hijacking malware
EXTREMELY common. Almost all Comcast Cable CPE has this same login,
cusadmin / highspeed At least
Someone has to move. The defaults are really bad in dense deployments of
1,6,11. Always fun when we went to Japan in the early days and our equipment
could not see channel 13 :-)
Most need more fhss than single channel stuff.
Jared Mauch
On Nov 12, 2013, at 2:18 PM, James Sink
Hi,
It appears that some of my subscribers DSL modems (which are acting as
nat routers) have had their dns settings hijacked and presumably for
serving ads or some such nonsense. The dns server addresses are
statically programmed in and of the onces I have seen, they are not
currently
On Nov 12, 2013, at 12:56 PM, Mike mike-na...@tiedyenetworks.com wrote:
It appears that some of my subscribers DSL modems (which are acting as nat
routers) have had their dns settings hijacked and presumably for serving ads
or some such nonsense.
How do you think this was accomplished?
On 11/12/2013 1:12 AM, Dobbins, Roland wrote:
On Nov 12, 2013, at 12:56 PM, Mike mike-na...@tiedyenetworks.com wrote:
It appears that some of my subscribers DSL modems (which are acting as nat
routers) have had their dns settings hijacked and presumably for serving ads
or some such
On Nov 12, 2013, at 1:17 PM, Jeff Kell jeff-k...@utc.edu wrote:
(2) DHCP hijacking daemon installed on the client, supplying the hijacker's
DNS servers on a DHCP renewal. Have seen both, the latter being more
common, and the latter will expand across the entire home subnet in time
(based
12 matches
Mail list logo
