OT: ISP Security??

those hacking attempts, in all likelihood, were scripted and automated.

i

Could you create a fresh address and use that to remail their security..? If they are rough there's news.admin.net-abuse.email And the spamcentrals that register bad ip-blocks. Ie you can give them a harsh medicine.. ;)

Of course they were. But the origination point was a Cox-assigned IP address.

My point was that Cox seems to have a hole that spreads E-mail addresses.

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
I love to cook with wine.      Sometimes I even put it in the food.

I guess I could forward all that spam to security ;-)

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
I love to cook with wine.      Sometimes I even put it in the food.

I would not at all be surprised if that was true.

I doubt that they pay much attention to their customers' activity, such as spamming, automated hacking, etc. Even though they easily could detect all of that and turn them off quickly.

i

"Jim Thompson" wrote in message news: snipped-for-privacy@4ax.com...

You should have fun.

Ever since I told Boki to FUCK OFF my mailbox has got stuffed up with messages from his nipponese mates(?) saying stuff like....

ÅöÊý¤?¢½÷??¤òÃ?¤?½??¤µ¤?¥°¥?¥??ç¤?÷??¤ÎÊý¤ØÆü¤´¤í¤è¤ê ½??òÄ?·¤?ª¤ê¤?¹¡£Æü¡¹½÷??ÅÐ?¼??ô¤?¾¤ä?¢ÉÔÄê ´ü¡¦ÉÔÄê°÷¤ÇÃË??²ñ°÷¤òÊ?¤·¤?ª¤ê¤?¹¤¬¡¢¸½º?³¤??é¤ÎÅÐ?Ã?è (¾ðÊó·?¨ÈÄ)¤?÷??²ñ°÷¿?ÞÁý¤·¤¿»ö¤?¤?Ã?èÃË??¾Ò ²ð¼?ÎÎ?þÊ?¤?¤¤¦»ö¤??¥ëÇ?®¤µ¤»¤Æ?¤­¤?·¤¿¡£

And there are no nice titties!!!!

I mean, like I've seen better titties when I accidently downloaded an ASX LB from the appropriate newsgroup and you get a c*ck with one of them.

Obviously I stick with the Brazilian ones.... Better arses too.

DNA

snip...snip...]

Was your e-mail session secure or via normal POP3/SMPT? If the latter, is it possible that there's a sniffer sharing your cable? I'm not that familiar (= "not at all familiar") with the topology of cable ISPs and what may leak between customers but if each is not behind an individual switched port, is it possible to view unencrypted traffic from others?

--
Rich Webb   Norfolk, VA

POP/SMPT

I'm behind a Barricade Router

Sniffing? I doubt it. I more likely suspect "inside job" crap.

I have 100+ E-mail addresses I use to separate clients, web purchases, etc. These are routed inbound thru my website and forwarded to Cox, outbound thru Cox. I get NO spam on these addresses.

It just puzzled me that my Cox account address, generally unused, went ape-shit as soon as I sent a complaint via that address.

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
I love to cook with wine.      Sometimes I even put it in the food.

...

...

ISPs accused of ignoring botnet invasion

By Munir Kotadia, ZDNet Australia

24 May 2006 03:11 PM

Internet Service Providers are in the perfect position to kill vast armies of compromised computers -- or bots -- that are being used by cyber-criminals to launch the majority of spam and phishing attacks, according security specialists at the AusCERT 2006 conference.

Botnets are vast groups of Windows-based PCs that have been infected with a Trojan or virus that allows the computer to be illicitly controlled from a remote location. Bot armies comprising of between

10,000 and 100,000 bots are openly advertised for hire on newsgroups located in the darker corners of the Internet.

The majority of these bots are home computers that are connected to the Internet over a broadband link such as ADSL or Cable, which means all the malicious traffic initially passes through the network of each individual bots' ISP. ...

In another group I actually suggested that the monthly free download of Microsoft's Malicious Software Removal download exterminate these bots next month. The vast majority of the problem is Microsoft Windows connected to the net. These bots aren't hard to find. Microsoft could just collect up a few dozen or a few thousand examples, until they had most of the variants and next month's bomb would kill them. Then Microsoft could advertise the hell out of this.

The Microsoft MVP's were not amused and told me that Windows was doing just perfectly fine as it was thank you, and it wasn't Microsoft's responsibility anyway, you bought it, you are responsible for the problem.

Earlier I had suggested next month's bug patch download include a free mandatory firewall dongle, Windows just wouldn't boot without it between Windows and the net and it wouldn't let this crap in or out. That didn't get adopted either.

Talk about a Windows Genuine Advantage, that would be it! They would rate higher than Mother Teresa if they did either of these. I don't suppose we want to start talking about Microsoft aiding terrorism by providing security holes.

Jim, I have known you to make tons of such complaints, like in aother thread about a phone number. Why bother? No one cares at the ISP level. Best for SPAM just to report IP blocks of repeat offenders and use your built in SPAM servers. If I watched the hacking attempts here, I get many a day. If you have the firewall up and any decent security suite, they just aren't going to get in.

Point is, don't sweat it, man. Its a jungle out here. If people come out here unprotected, you can't help them anyway. All you get is a rise in your blood pressure. Spend the time instead setting up friends and family with proper protection, let the dumb masses fend for themselves. They are generally unappreciative anyway.

[snip]

You are an idealist/dreamer ;-)

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
I love to cook with wine.      Sometimes I even put it in the food.

......

It will be interesting to see what changes at Microsoft with Bill Gates "phased retirement". Perhaps Bill has been in denial.

What kind of attack? Ping, port scan? Do you have any open shares?

- YD.

I don't know what this is about since only this post in this thread appears on my ISP's server.

I can tell you assuredly that I've had accounts cancelled in pretty short notice if the right kind of complaint is made.

One idiot troll who wouldn't give up had to move ISPs 4 times before he got the message.

Graham

Jim, doesn't Cox have filtering you could use to advantage here? AT&T WorldNet offers users a "safelist". It's intended to be a Parental Control but I use it with my own account to keep out spam. You put on the safelist those addys from which you will accept mail. Stuff from addys not on the list never makes it to your Inbox.

--
Michael

Nah! When you are on cable internet, you are on a high bandwidth ethernet service. Every subscriber linked to your local pipe can see the traffic of every other subscriber on that pipe. You don't know it because your cable modem's software doesn't let you see it. (unless you ask it nicely) But hook up with a linux box, and snort, and it will all be there. It should be encrypted packets, but last time I did this, a few years back, it was all in the clear... security through obscurity is the usual mantra.

I suspect that fiber will work the same way, but I haven't checked it out yet... I will soon. I am ordering up a 15 Mbps fiber connection Monday.

-Chuck

sounds like they may have a spam program running on their end intercepting all incoming mails to the complaint department! simple solution !, stop complaining. :)

its also possible the user name you have for that account can be easly generated via automation of users on cox.net etc..

--
Real Programmers Do things like this.
http://webpages.charter.net/jamie_5

I'm the first to admit I don't have a chance in hell of ever having something work out, especially an idea as crazy as this.

Naa, he and they have simply painted themselves into a corner and there is unfortunately no way out of it, and they just have to keep painting as fast as they can.

Based on a decade of experience working on hw/sw projects, once you have project that is a "problem" you cannot ever patch it until it isn't a problem.

Remember the highly bemoaned year they took off from all development that was supposed to completely scour every line of code ever written with the sole purpose of finding and fixing of any and all the security holes?

Remember even older when "New Technology"=NT was supposed to be a ground up, immaculate conception that was supposed to be orders of magnitude more robust and leave all the old problems behind?