Yes, it seemed like a database corruption issue to me as
well. I had one customer get the redirect and I went in
and looked and he was on a completely wrong IP (in a
subnet that I happened to be working on earlier that day
and the evening before). He hadn't even logged into the
customer portal. The logs didn't show any IP change, but
clearly his IP was changed in the database, as he was
working fine on the same IP for months and months. That
issue and the incorrect assignments when a customer
enters a new MAC seemed related to me.
On Sun, Mar 8, 2015 at 9:26 PM, CBB - Jay Fuller
<par...@cyberbroadband.net
<mailto:par...@cyberbroadband.net>> wrote:
----- Original Message -----
*From:* Jay Fuller - Cyber Broadband Inc
*To:* Powercode
*Cc:* Cyber Broadband Inc.
*Sent:* Monday, February 02, 2015 7:34 PM
*Subject:* Re: Ticket Updated [Ticket Number:5841] -
weird ip changes during customer portal equipment edits
Gentlemen:
It has happened again.
xxxxxxxxxxxxx, customer 1478, requested a public
routable IP address which is
in a different address class from what he was
assigned at installation.
Upon changing the address, he was assigned
104.152.40.91, which is an
available address in the "Cullman Public" address
range. However, when
looking at the ARP response (because the customer is
bridged to our main
router), I saw another network device already had
that IP address.
So, I searched for that MAC address, which was
78:24:AF:7B:49:38 , using
equipment search, which came back to customer
514, xxxxxxxxxxxxxxxxxxxxx, who had logged into the
customer portal on January 29 to
install a new router. Upon changing his MAC address,
powercode assigned him
104.153.191.25, which is not even in any of our
network address ranges.
It belongs to:
Source: whois.arin.net <http://whois.arin.net>
IP Address: 104.153.191.25
Name: IMDC-KC-LOOPBACKS
Handle: NET-104-153-191-0-1
Registration Date: 2/2/15
Range: 104.153.191.0-104.153.191.31
Org: Iron Mountain Data Center
Org Handle: IMIML
Address: One Federal Street
City: Boston
State/Province: MA
Postal Code: 02111
Country: UNITED STATES
This is very similar to our new public IP range
which is 104.152.40.0/22 <http://104.152.40.0/22>
Incidently, it appears this customer was assigned
104.152.40.91 before he
attempted to edit his equipment and was changed to
104.153.191.25. Also of
note, it appears this only affected the GUI/web
interface of powercode, and
the router/bmu continued to assign him 104.152.40.91.
I will now have to reassign xxxxxxxxx a new IP
address since the web/gui
gave his IP address to someone else.
I hope this information helps you to figure out what
is happening.
I am still concerned we have some kind of database
issue. Weird things like
this seem to be happening a lot.
Thanks.
----- Original Message -----
From: Powercode
To: Cyber Broadband
Sent: Thursday, January 22, 2015 2:15 PM
Subject: Ticket Updated [Ticket Number:5841]
---------------- Please reply above this line
----------------
Good afternoon Jay,
We were able to test from this customer's account,
and the same issue that
was originally reported to us persisted. We logged
into the customer portal,
changed the MAC address by one digit, and
immediately the customer was
issued an IP address of 192.170.241.173. After
changing the MAC address back
to his current valid one, we then had to manually
clear out his IP address
in Powercode in order for the BMU to hand out a
reservation for 192.168.3.36
via DHCP.
At this point, we are going to contact our network
engineers for assistance
in troubleshooting why this customer would receive a
192.170.xx.xx
reservation, as this IP does not fit within any
ranges defined in Powercode.
We will update you as soon as we've had a chance to
go over this with them.
--------------------------------------------------
Have you visited our knowledge base? The Powercode
knowledge base contains
data on all aspects of Powercode, including the BMU.
You may also find
useful information on our community forum.
We endeavor to respond to all tickets within two
business days. Our business
hours are Monday - Friday, 9AM to 5PM Central time.
Please contact us via
telephone at (920) 351-1010
<tel:%28920%29%20351-1010> or via Skype at
powercode_support with any
urgent needs.
--
John Mahnke
Powercode - The smart choice in ISP billing and OSS
powercode.com <http://powercode.com>
P: 920-351-1010 <tel:920-351-1010>
E: supp...@powercode.com <mailto:supp...@powercode.com>
----- Original Message -----
*From:* Jeremy <mailto:jeremysmi...@gmail.com>
*To:* af@afmug.com <mailto:af@afmug.com>
*Sent:* Sunday, March 08, 2015 9:25 PM
*Subject:* Re: [AFMUG] Powercode oddity -
Commerzbank Ip space
I also have a ticket in about this issue.
On Sun, Mar 8, 2015 at 2:10 PM, That One Guy
<thatoneguyst...@gmail.com
<mailto:thatoneguyst...@gmail.com>> wrote:
This is known to them? (powercode)
On Sun, Mar 8, 2015 at 3:00 PM, CBB - Jay
Fuller <par...@cyberbroadband.net
<mailto:par...@cyberbroadband.net>> wrote:
yes, they're aware of it. i pointed
this out to them weeks ago. :(
----- Original Message -----
*From:* That One Guy
<mailto:thatoneguyst...@gmail.com>
*To:* af@afmug.com
<mailto:af@afmug.com>
*Sent:* Sunday, March 08, 2015 2:06 PM
*Subject:* [AFMUG] Powercode oddity
- Commerzbank Ip space
I am able to replicate a small issue
we are having, trying to make the
decision of whether it looks like a
security issue or just a bug.
Through powercode, there are two
ways to update equipment, through
our interface, where we select all
the details and through the customer
portal where all the customers can
do is update their MAC address.
no problems with our end.
However, when a customer updates
their MAC address, it is assigning
IP space that apparently belongs to
this Commerzbank IP
space 208.74.54.100 and 208.74.54.99.
This IP space is absolutely not in
our system, and wouldnt route
naturally on our network
Net Range 208.74.52.0 - 208.74.55.255
CIDR 208.74.52.0/22
<http://208.74.52.0/22>
Name DKIB-USA
Handle NET-208-74-52-0-1
Parent NET208 (NET-208-0-0-0-0
<http://whois.arin.net/rest/net/NET-208-0-0-0-0.html>)
Net Type Direct Assignment
Origin AS
Organization Commerzbank AG
(COMMER-109
<http://whois.arin.net/rest/org/COMMER-109.html>)
My initial thoughts are this is some
bug in powercode.
Paranoid me is that our system is
somehow compromised and rerouting
illegitimate traffic somehow.
Customer is down, so not through
them. but something like TOR
rerouting or some other magician
script for the axis of evil.
Anybody have any ideas on this? I am
debating taking our billing server
offline, but would hate to take such
an extreme measure for what could
amount to nothing more than a fat
finger from a programmer.
--
If you only see yourself as part of
the team but you don't see your team
as part of yourself you have already
failed as part of the team.
--
If you only see yourself as part of the team
but you don't see your team as part of
yourself you have already failed as part of
the team.
