Security Basics mailing list archives
RE: Comcast Cable Setup Security Issue
From: SMiller () unimin com
Date: Wed, 21 Jul 2004 12:40:08 -0400
The phone techs (even at level 1) need to be smart enough and knowledgeable enough to make a determination at least part of the time that the user is computer literate and that script may not apply. This business of employing near minimum wage, virtually untrained (I'm *not* implying that this described you:) "techs" to inflexibly follow scripts is nuts, and IMO increases costs the support company as well as the customer. Let me give you an example. I once used Verizon (then still Bell-Atlantic) as my ISP (well, everyone is entitled to be stupid occasionally and I did learn better). I had my home computer and my work computer set-up with dial-up access to 2 different POPs at 2 different phone numbers (different area codes, even). The OS at home was NT Workstation v4, and at work, Windows 95b. When I was at work, there was no one at home, and no computer was powered up. If I couldn't access from home before leaving for work, and could not access from work either, the environment differences obviously eliminated a whole slew of trouble possibilities, most of which were near the beginning of the Verizon script. How much time could have been saved at both ends by avoiding such stupidities as making certain the modem was powered up and plugged in? -Scott "Seth Hall" <seth@iotaenginee ring.com> To "'Gandalf The White'" 07/20/2004 06:20 <gandalf () digital net>, PM <security-basics () securityfocus com> cc Fax to Subject RE: Comcast Cable Setup Security Issue Sorry, but I think everyone needs to realize that this is just reality for effective phone troubleshooting. When you are troubleshooting an issue over the phone, it is all about identifying the core problem. When I was doing end user Windows XP/ME/98 support via phone, one of the first things we would do on just about ANY problem would be to disable -and sometimes even uninstall- the antivirus/firewall software. We were not trained to configure these 3rd party systems and were punished if we spent time attempting to do so. I cannot tell you how many "problems" this step has solved by itself. Zonealarm in its early days was a nightmare. Norton was a total pain. These programs can completely break critical functionality, and the only way to restore usability is to uninstall them (sometimes manually, meaning having to rip registry keys manually and delete files manually). Now that I have come over to a Network Admin position for a small-to-medium, I understand that one might think "But I -know- that my firewall/antivirus isn't the problem, because I thoroughly researched these things and have reasons X Y and Z why it couldn't be those things." Yes, that's true. But the phone tech doesn't know that, and you are calling him for help. He has to fix that problem and he doesn't know the things that you think you know, so he has to get rid of factors that have proven to be problem-causing in the past. That means dumping glitchy antivirus software and disconnecting misconfigured firewalls, among other things. You may not have either of those, but he doesn't know that and has to assume that you do have those things. He knows just as well as any of us that there are risks of infection. That said, it's not like he's asking you to get on IRC and download the latest warez while setting up your email account to get confirmation with a side of viruses. I know many here will "freak out" but the fact of the matter is if you are visiting official Comcast sites with a patched up box and are done and reconnected in under 10 minutes, your risk of infection is infinitesimally small. They aren't asking you to run forever without protection, just for now while they are on the clock and trying to get you up and running. If you're really concerned, keep a linux box nearby and hook that up. They need not know the details, as long as you can hook up a box and get on their site, they are happy. /Seth Hall -----Original Message----- From: Gandalf The White [mailto:gandalf () digital net] Sent: Sunday, July 18, 2004 7:14 PM To: security-basics () securityfocus com Subject: Comcast Cable Setup Security Issue Greetings and Salutations: I am beginning to get a feel for why Comcast is at the top of the list for zombie spam boxes. I just set up an account for a friend who had a connection on the Comcast cable network. The instructions on the included CD-ROM (as soon as the CD started up) was to turn off all Anti-Virus and Firewall software on the computer. I called up Comcast tech support and told them that I was I was nervous about doing this, but I was assured that my computer would *only* be talking to the Comcast activation server. Lets just ignore that the computer would be talking to all the other machines on my local cable segment also. I had a router with firewall in between the computer and the Comcast network so I went ahead and deactivated the anti-virus and firewall software on the computer. I got half way through the activation and all of the sudden the process dies. Claimed I could not reach the HTTPS server or that I had not activated within the time allowed. I tried everything to start up the process again with no success. Called Comcast tech support. The tech (he was very efficient and nice) told me to DISCONNECT THE COMPUTER FROM THE ROUTER AND PLUG THE COMPUTER DIRECTLY INTO THE CABLE MODEM. This made me EXTREMELY nervous. I now have a computer (that was patched and up to date of course) ... BUT ... The antivirus and personal firewall software was PURPOSEFULLY turned off. By Comcast instructions. He walked me through connecting to the Comcast website and finishing up the activation steps. I tried (in the middle of his instructions) to ask if I could hook back into my router for a modicum of protection and was told no, I had to finish the setup. When I finished the setup (again, he was very nice and pleasant) I rebooted, hooked the computer back to the router/firewall, verified my antivirus and firewall were working and indeed everything worked fine. Being a computer / security professional I was (of course) thinking about all the very bad things that could happen to this computer while following Comcast's instructions. I know (and I think it is almost criminal) that many cable companied hook PC's up to a cable modem *all the time* without antivirus / firewall / updates / any kind of protection. But you would think that an installation would not require you to take away any kind of protection that a computer has. I can see some overzealous PC owner deleting the anti-virus and firewall software just to get their cable modem working. Ken --------------------------------------------------------------- Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC WWW Page - http://digital.net/~gandalf/ Trace E-Mail forgery - http://digital.net/~gandalf/spamfaq.html Trolls crossposts - http://digital.net/~gandalf/trollfaq.html ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Comcast Cable Setup Security Issue, (continued)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue Burton M. Strauss III (Jul 21)
- Re: Comcast Cable Setup Security Issue Calvin Maready (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue Michael Cecil (Jul 21)
- RE: Comcast Cable Setup Security Issue Steve Hillier (Jul 20)
- RE: Comcast Cable Setup Security Issue mike (Jul 21)
- RE: Comcast Cable Setup Security Issue Burton M. Strauss III (Jul 21)
- RE: Comcast Cable Setup Security Issue Seth Hall (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- RE: Comcast Cable Setup Security Issue SMiller (Jul 22)
- RE: Comcast Cable Setup Security Issue Andrew Aris (Jul 23)
- RE: Comcast Cable Setup Security Issue roger . smith (Jul 22)
- Re: Comcast Cable Setup Security Issue Brett (Jul 21)
- RE: Comcast Cable Setup Security Issue Steve Bostedor (Jul 20)
- Re: Comcast Cable Setup Security Issue pingywon MCSE (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- Re: Comcast Cable Setup Security Issue pingywon MCSE (Jul 21)
- Re: Comcast Cable Setup Security Issue pingywon MCSE (Jul 21)
- Re: Comcast Cable Setup Security Issue Gandalf The White (Jul 21)
- Re: Comcast Cable Setup Security Issue John Harmon (Jul 21)
- RE: Comcast Cable Setup Security Issue tbishop (Jul 20)