> It is also trivial to acquire this hostname parameter, > since all it requires is 'host @HomeIPaddress' to determine > what the customer ID is. It is more trivial than that, in fact.. nslookup <random @home hostname> If the number is active, it will be in the @home DNS tables. (If not, it's not active.) You then have the IP address of the hostname. ping <@home hostname> If you don't get a reply, the IP address isn't being used, and you can steal it. This is, of course, very easy to automate and profile when a group of hostnames are typically on, pattens of usage, etc. > I have notified @Home of this problem twice in the last two > months. Not being an expert in DHCP, I do not know what > could be done to fix this. A problem I've often considered. However, it's right up there with the whole "anyone can walk into your building, jack a laptop into an active port, and set his IP address to be one of your servers" problem. How do you stop this aside from physically deactivating all your unused wall jacks? > I figure at least using something different than my actual > hostname for my hostname parameter would at least raise the > bar to sniffing for DHCP packets, instead of the trivial > hack it currently is. Actually, if the switches can be configured to only allow traffic from certain IP addresses from specific modems, then only your modem could get your IP addresses. Anyone else trying to use your IP would get blocked really fast. However, this would present the problem of not being able to go down the street to my friend's house with my laptop and plug in there and use my hostname. However, this approach would fix the above problem as well. This IP = This MAC address. Period. No one else can have it. Not being one who configures switches often, I'm not sure if this functionality even exists, but it might be something worth looking into. > Reason for this message: > I have had my @Home connection hijacked from me repeatedly > in the last six months. Given @Home's aparent lack of > concern for this problem, Are we surprised? Hell, they portscan their users on port 119 to try and contain any NNTP servers running. (Remember the Usenet debacle?) > and the current mood of ISPs shutting down users without > warning whenever the MPAA rattles it saber, Don't even get me started on that one. That has lawsuit potential written all over it. At least with TelCo, there has to be an investigation started and some paperwork filled out. All this takes is a certified letter... easy enough to forge. > I felt that the larger community needed to be aware of > this potential problem. It should not be this trivially > easy for someone to break the law in your name. Not to be cynical, but welcome to the wonderful world of the negacorps chummer. (Anyone here play Shadowrun? It's not just a game, it's becoming a way of life.) -- IIS = Intrinsically Insecure Server ~~ Matt Caron ~~
This archive was generated by hypermail 2b30 : Sun Aug 26 2001 - 01:05:10 PDT