[OLUG] Caution to @home users
John P McDaniel
jpmcdaniel at home.com
Sun Apr 9 04:31:34 UTC 2000
i get quite a few scans from 24.0.94.130 (resolves to
authorized-scan.security.home.net) on port 119. i doubt that they will
ever do anything with this data. especially since i started rejecting
traffic from them. :)
i asked the technician who installed my cablemodem a lot of questions
regarding how cox feels about servers and connection sharing,
etc. basically, don't eat up a lot of bandwidth and they couldn't care
less.
- john
--
cancer - cells with an ego problem
humans - a species with an ego problem
On Sat, 8 Apr 2000, David A Davidson wrote:
> I thought many of the @home subscribers might find this interesting. I
> am running
> zonealarm personal firewall on a windows 95 box (yuk I know). Lately
> I've
> been getting alerts regarding access to my computer from DNS host
> hda1.rdc1.ne.home.com. Well it turns out their looking for open SMTP
> ports or people running servers. Technically Linux is a server even if
> your not offering
> services over the internet. I though that everyone should be concerned
> about this
> intrusion. It may also be yet another attempt to prevent Linux being
> used by users. Below you'll find my email message to Cox at home and their
> reply. The
> best service is one of openness on the part of businesses to their
> customers. Hope
> you find this information useful. I also found it interesting that @home
> now suggests
> they scan their systems routinely when this activity has only started
> this week.
>
> My email message to Cox at home.
>
> To whom it may concern. I am running a personal firewall. About every
> ten minutes I am getting an SMTP request from address 24.2.4.66. DNS
> lookup shows the internet addres of hda1.rdc1.ne.home.com. I believe
> this server to be coming from your facilities. Could you please tell why
> this is so and please stop attempting to circumvent my system. This is a
> violation of my computer. Thank you. All names
> and places removed to protect the confused.
>
> Cox at home reply
>
> To answer your question: @Home routinely scans its network to ensure
> that it
> is not being used improperly. They scan for open ports that spammers
> could
> latch onto to send email from an unsuspecting user's account. They also
> scan
> for servers, as running any type of server is against the @Home
> acceptable
> use policy. If you are being queried on a regular basis it may be that
> @Home
> was alerted to possible server activity on your subnet. In this case
> everybody on the subnet would be scanned until it was determined who (if
>
> anybody) is actually running a server. @Home is not trying to access
> your
> computer, just trying to maintain quality of service for our
> subscribers.
> They are within their right to do so according to the Acceptable Use
> Policy.
> I apologize if the scans caused you any stress. However, @Home will
> continue
> to query users on its network on an ongoing basis, again, to ensure that
>
> subscribers are not violating the AUP and inconveniencing other
> subscribers
> in the process.
>
> thank you,
>
>
>
>
>
> -------------------------------------------------------------------------
> Sent by OLUG Mailing list Manager, run by ezmlm. http://olug.bstc.net/
> To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net`
>
-------------------------------------------------------------------------
Sent by OLUG Mailing list Manager, run by ezmlm. http://olug.bstc.net/
To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net`
More information about the OLUG
mailing list