[ale] mediaOne modem

Jerry Z. Yu z.yu at Ptek.com
Wed May 9 10:09:40 EDT 2001 

Jason, it would be interesting and informative if you can share more
details about this hack story: how you notice/detect it, how you trace down the
track of the intruders and how you recover.
My neighbor's RH-62 is up on the net for 2 days then his eth0 was switched
to prosmiscous mode. He is a linux newbie so I believed him it is not him
who did it on purpose. We didn't try to trace the hacker. I suggested him
do a reinstall since it was a fresh install anyway, then helped him build
a ipchains firewall and ssh replace telnet/ftp.

On Tue, 8 May 2001, Jason Lynn wrote:

#Sage,
#
#I also live in Duluth and I just got MediaOne (now ATT, but I still have a
#mediaone.net email addie) cable modem just last week.  I absolutely LOVE
#it... that may be because I have been using 56k dialup for so long though...
#
#The guy came to install it (I provided the NIC card), it took about an hour.
#  As soon as he left, I rebooted into my Linux partition and set eth0 to
#DHCP, restarted the network, and everything worked perfect.  I have since
#yanked that NIC out and made a gateway / firewall box that took SOME
#tweaking, but is seemingly working fine now.  Well, fine enough to get
#hacked by some guy in an internet cafe in Moldova last night (thankfully he
#wasn't good at covering his tracks!).  Seems I need to learn to patch up my
#Distribution a little better!
#
#If you have any questions, feel free to email me...
#
#Jason
#
#
#>From: Sage <morrigu_irm at springmail.com>
#>Reply-To: morrigu_irm at springmail.com
#>To: ale at ale.org
#>Subject: [ale] mediaOne modem
#>Date: Tue, 08 May 2001 13:36:16 -0400
#>X-Originating-IP: 209.86.28.78
#>Received: from [130.205.99.162] by hotmail.com (3.2) with ESMTP id
#>MHotMailBCC179AF000E4004375182CD63A2404F0; Tue May 08 10:36:48 2001
#>Received: (qmail 3322 invoked by alias); 8 May 2001 17:52:06 -0000
#>Received: (qmail 3319 invoked by uid 30); 8 May 2001 17:52:05 -0000
#>Received: (qmail 3314 invoked from network); 8 May 2001 17:52:04 -0000
#>Received: from blount.mail.mindspring.net (207.69.200.226)  by
#>130.205.99.162 with SMTP; 8 May 2001 17:52:04 -0000
#>Received: from smui02.slb.mindspring.net (smui02.slb.mindspring.net
#>[199.174.114.25])by blount.mail.mindspring.net (8.9.3/8.8.5) with ESMTP id
#>NAA32574for <ale at ale.org>; Tue, 8 May 2001 13:35:41 -0400 (EDT)
#>Received: by smui02.slb.mindspring.net id NAA0000026698; Tue, 8 May 2001
#>13:36:16 -0400 (EDT)
#>From owner-ale at ale.org Tue May 08 10:38:14 2001
#>Delivered-To: ale-outgoing at ale.org
#>Message-ID: <Springmail.105.989343376.0.06148800 at springmail.com>
#>Sender: owner-ale at ale.org
#>Precedence: bulk
#>
#>We are about to go with MediaOne Broadband. Unfortunately, NOTHING decent
#>is available (ie, Telocity, Speakeasy) in Duluth, so we're stuck with that
#>or Bell South.
#>
#>Question; This docsis modem they use; anyone had any experience, good or
#>bad with it? We use Slackware and RedHat, and, of course, nobody supplying
#>fast Internet access out here supports Linux.
#>
#>Anything we ought to know?
#>
#>Thanks.
#>
#>Sage
#>--
#>To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
#>body.
#
#_________________________________________________________________
#Get your FREE download of MSN Explorer at http://explorer.msn.com
#
#--
#To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
#

Jerry Z. Yu					+1-404-262-8544 (O)
Systems Engineer				https://punch
IS Support, Voicecom,				www.voicecom.com
A business unit of PTEK Holdings, Inc.		www.ptek.com
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
Manage all your important communications ==\
and information in one place using	 ===>	www.orchestrate.com
Voicecom's Orchestrate service.		 ==/

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list