[ale] OT: What the hell is XSS in Comcast land?

Don Kramer donkramer at gmail.com
Mon Aug 12 11:44:27 EDT 2013 

The battery in the box is just for the VOIP, a tech once told me says it's
just to keep Digital Voice working for up to eight hours in event of power
failure.


On Mon, Aug 12, 2013 at 11:34 AM, Lightner, Jeff <JLightner at water.com>wrote:

> I'll admit I haven't read the other 300 emails in this thread so forgive
> me if this has already been covered.
> I want to note that last week we'd had a cable outage in our area for
> several hours.   When it came back up I was able to get my network service
> back by power cycling my old Motorola Surfboard (docsis 2.0 compliant)
> cable modem.
>
> My neighbor however lost phone and internet.   (Phone went away because it
> relies on internet.)
> She had the Comcast all in one box.  Findings from my work and call to
> Comcast:
> 1)  There is a batter in this box.  It can be removed from the bottom to
> completely power cycle it as simply removing power doesn't help.
> 2)  There is a reset button on the back of the box (on hers it was covered
> by a little green sticker that said something like verified or checked that
> I had to remove).   After power cycling (including removal of the battery)
> I had to do this.
> 3)  Even after doing the above they had to send a signal to reset from
> their side.
> 4)  The default SSID and password for the router came back after the
> reset.  It is recorded on a label at the bottom of the box.
>
> Using the default SSID and password I was able to get in to do admin to
> change both.
>
> What was really disturbing to me was that this admin page is available via
> WiFi connection rather than requiring direct wired connection.   I'd rather
> prefer people with cantenna's not be able to not only steal WiFi but
> actually be able to lock out the real user by changing security
> information.   (It of course drops the currently connected WiFi session
> when you do the change of SSID but then you log back in with the new SSID
> and password you set.)
>
>
>
>
>
> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of JD
> Sent: Monday, August 12, 2013 11:13 AM
> To: ale at ale.org
> Subject: Re: [ale] OT: What the hell is XSS in Comcast land?
>
> On 08/12/2013 09:49 AM, Ron Frazier (ALE) wrote:
> > That leads to an interesting question.  I wonder how the telephony
> > traffic gets mixed in and what ip it has when it exits.  I wonder if
> > it even uses ip to get to the comcast data center.
>
> I don't know what Comcast does, but I know how I'd architect this.
> Voice is on a guaranteed bandwidth IP channel and provided with the
> highest QoS possible on the network. It uses a different subnet than normal
> IP traffic and it is probably tagged to a specific VLAN to get higher QoS
> across the entire Comcast WAN.  DOCSIS 3 has some great features that
> DOCSIS 2 and lower didn't support. v3 makes bandwidth management much
> easier for cable network providers - dynamic QAM hops are the coolest -
> well, with more channel bonding support too and IPv6 support. DOCSISv2
> doesn't do those things. As long as anyone uses a v2 device, it makes
> taking advantage of the v3 capabilities much harder.
>
> I'm positive that U-Verse does something very similar. Bandwidth is
> reserved on different DSL frequencies just for VoIP, just for TV, and then
> ISP traffic gets whatever is left for that specific run. It all uses IP
> from the main u-verse box.
>
> The goal for all the service providers is that any extra service you
> specifically think of as "Comcast" or "TPC" work as well as possible. With
> internet, they can blame upstream providers for the experience sucking.
> Hard to shift blame for TV or phone service that are 100% internal
> services, right?
>
> I had Comcast phone service for a year or so. It had issues:
> * Service outages almost every Thursday afternoon at the same time for an
> hour.
> TV and internet still worked, just VoIP didn't. An hour outage wouldn't
> normally be an issue, except this happened at the specific time when a
> weekly business meeting was scheduled.
> * Couldn't call certain numbers on TW and other VoIP services.
> * Call quality sucked about 20% of the time. I think that was related to
> the very long run from the curb to my demarcation point. Even with huge
> coax, they couldn't get a signal that met specs in the room where I wanted
> service. It was close enough that it worked most of the time, so I left it.
>
> When the 12 months of cheap phone service was up and comcast had re-run
> new, larger, coax to my home, I canceled the VoIP. Bought a $5/month
> wholesale plan and never looked back.  About a year later, I switch the
> internet from residential to business - got another new coax - needed 2
> lines for some reason
> - residential TV can't share business lines, I guess.  About 6 months
> later, killed the residential TV completely. OTA I receive about 70 TV
> channels using a home-built $20 DB4 antenna.
>
> It seems that the trick to getting new coax run for free is to add a new
> service and if there is **any** issue at all, have them fix it in the first
> 30-60 days.
> If they can't, cancel.
>
> On the SMC business class modem - Comcast owns it - I plug my routers into
> it with the static IPs configured.  If I attach a non-static IP device, the
> SMC provides a 10.1.x.x IP automatically.  According to the tier 3 guy,
> Comcast changes the root password on these routers daily to ensure that
> fired router configuration techs can't do anything bad 1 day later.
>  Setting a local-admin password on the router has never worked correctly. I
> won't bore you, but after an hour with a teir3 person, we couldn't solve
> it. They refused to replace it without a truck roll for $90.  I treat that
> router as a hostile network now.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
>
>
> Athena(r), Created for the Cause(tm)
> Making a Difference in the Fight Against Breast Cancer
>
> ---------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you
> are not the intended recipient, any disclosure, copying, distribution, or
> use of the contents of this information is prohibited and may be unlawful.
> If you have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you.
> ----------------------------------
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
Don Kramer
donkramer at gmail.com - email / 404-213-7738 - cell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130812/72145654/attachment-0001.html>

More information about the Ale mailing list