[OLUG] Caution to @home users

brian at bstc.net brian at bstc.net
Sun Apr 9 01:33:57 UTC 2000


1 liner cure for this invasion:

route add -host 24.2.4.66 gw 127.0.0.1


Brian Roberson
brian at bstc.net 

-----Original Message-----
From: da-davidson [mailto:da-davidson at home.com]
Sent: Saturday, April 08, 2000 6:21 PM
To: olug
Cc: da-davidson
Subject: FW: [OLUG] Caution to @home users


I thought many of the @home subscribers might find this interesting. I
am running
zonealarm personal firewall on a windows 95 box (yuk I know). Lately
I've
been getting alerts regarding access to my computer from DNS host
hda1.rdc1.ne.home.com. Well it turns out their looking for open SMTP
ports or people running servers. Technically Linux is a server even if
your not offering
services over the internet. I though that everyone should be concerned
about this
intrusion. It may also be yet another attempt to prevent Linux being
used by users. Below you'll find my email message to Cox at home and their
reply. The
best service is one of openness on the part of businesses to their
customers. Hope
you find this information useful. I also found it interesting that @home
now suggests
they scan their systems routinely when this activity has only started
this week.

My email message to Cox at home.

To whom it may concern. I am running a personal firewall. About every
ten minutes I am getting an SMTP request from address 24.2.4.66. DNS
lookup shows the internet addres of hda1.rdc1.ne.home.com. I believe
this server to be coming from your facilities. Could you please tell why
this is so and please stop attempting to circumvent my system. This is a
violation of my computer. Thank you. All names
and places removed to protect the confused.

Cox at home reply

To answer your question: @Home routinely scans its network to ensure
that it
is not being used improperly. They scan for open ports that spammers
could
latch onto to send email from an unsuspecting user's account. They also
scan
for servers, as running any type of server is against the @Home
acceptable
use policy. If you are being queried on a regular basis it may be that
@Home
was alerted to possible server activity on your subnet. In this case
everybody on the subnet would be scanned until it was determined who (if

anybody) is actually running a server.  @Home is not trying to access
your
computer, just trying to maintain quality of service for our
subscribers.
They are within their right to do so according to the Acceptable Use
Policy.
I apologize if the scans caused you any stress. However, @Home will
continue
to query users on its network on an ongoing basis, again, to ensure that

subscribers are not violating the AUP and inconveniencing other
subscribers
in the process.

thank you,





------------------------------------------------------------------------
-
Sent by OLUG Mailing list Manager, run by ezmlm.  http://olug.bstc.net/ 
To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net` 



-------------------------------------------------------------------------
Sent by OLUG Mailing list Manager, run by ezmlm.  http://olug.bstc.net/ 
To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net` 



More information about the OLUG mailing list