Re: [Nolug] Charter's DHCP (or DNS?) servers get hacked and poisoned

From: Scott Harney <scotth_at_scottharney.com>
Date: Fri, 20 Jun 2003 15:46:00 -0500
Message-ID: <87he6kfpfb.fsf@zenarcade.local.lan>

Ron Johnson <ron.l.johnson@cox.net> writes:

> http://ask.slashdot.org/article.pl?sid=03/06/19/2325235

One of my old coworkers sent me this. Actually, DNS and DHCP are combined
at charter in all the DOCSIS systems that I know of. Typically they use the Cisco
provided DHCP/DNS server which is a combined piece of software (it has it's pluses
and minuses. Overall, it makes sense for the Cable modem setup and has features
specifically designed to support that environment)

The thing is, I'm seriously doubting the DHCP/DNS servers were hacked. Read down
in the comments of the article. It looks a heck of a lot more like the user's
windows box was compromised by spywayre/adware and that his DNS requests were
being locally redirected. Feel free to google for tdko.com to see what
I'm talking about.

That said, the customer service reponse he received was really poor.
An abuse issue, especially one that appears at first blush to be an
attack on Charter-owned equipment should have been treated more
seriously.

http://ask.slashdot.org/comments.pl?sid=68266&cid=6255781

-- 
Scott Harney<scotth@scottharney.com>
"...and one script to rule them all."
gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5

___________________
Nolug mailing list
nolug@nolug.org

Received on 06/20/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST