[ale] OT: What the hell is XSS in Comcast land?

Alex Carver agcarver+ale at acarver.net
Mon Aug 12 15:47:22 EDT 2013 

On 8/12/2013 10:01, Ron Frazier (ALE) wrote:
> I cycle power to my routers every week for
> stability.  I used to pull the battery from the comcast box as well
> as the power.  But, any more, I just pull the power and reconnect 20
> seconds later.  This seems to keep out the internet gremlins.  If the
> box is really locked up or if I'm having phone trouble, I'll go to
> the trouble of pulling the power and battery and completely depriving
> the box of all power sources.

*boggle*  Power cycling every week?  Just replace the firmware on your 
routers and be done with it.

AT&T U-verse terminal uptime 73 days, 18:37
First router (Linksys WRT54G, OpenWRT White Russian) uptime 125 days, 20:47
Second router (Linksys WRT54G, OpenWRT Kamikaze) uptime 36 days, 23:34

I was tinkering with the second one a month ago that required power 
cycling to change the switch configuration, it would otherwise have 
almost the same uptime as the first.  The U-verse router had a firmware 
update come down the pipe and needed a reboot.


The first router is the primary device with a public IP on the WAN, full 
iptables running for port forwards and for drop lists (currently sitting 
at 450 CIDRs).  It also takes care of the primary house network (where 
most of my servers sit.)  The second router is to isolate another set of 
machines (Wii, Xbox) and gives a Mac, a WinXP desktop and a Win7 laptop 
their own private wireless network.  Keeps them from snooping around the 
main house network unless I give them a pass via iptables.

Maybe at some point I'll reflash them to the Backfire version of OpenWRT 
(Attitude Adjustment won't run on these older Linksys WRT's) or I might 
upgrade to a newer router.

Given the topic in this thread with bridging having been brought up I 
will hand it to 2-Wire for the U-verse terminal design, there's no need 
to switch between NAT mode and bridge mode.  It handles both 
simultaneously.  You can have all the devices you want hanging off it 
using its own internal DHCP (that includes the AT&T TV boxes if you have 
them, I don't).  I also have static public IPs which pass right through 
the box by simply informing the box that a particular IP range should 
pass through unaltered and then inform it which devices will possess 
that range.  I don't have to specify what IP they will have, just that 
they shall be declared external devices.

More information about the Ale mailing list