Re: Did Comcast.net get hacked or is it just down?

May 28th

Posted by evo in Uncategorized

No comments

Looks like things are on the move. Going to the WHOIS record, the Name Servers have been updated. Surprised to see that the registrant information has not been:

Registrant:
Comcast Corporation
1500 Market Street
Philadelphia, PA 19102
US

Domain Name: COMCAST.NET

————————————————————————
Promote your business to millions of viewers for only $1 a month
Learn how you can get an Enhanced Business Listing here for your domain name.
Learn more at http://www.NetworkSolutions.com/
————————————————————————

Administrative Contact:
Domain Registrations, Comcast kryogenicsdefiant@gmail.com
Defiant still raping 2k8 ebk
69 dick tard lane
dildo room
PHILADELPHIA, PA 19103
US
4206661870 fax: 6664200187

Technical Contact:
Comcast Corporation kryogenicsdefiant@gmail.com
1500 Market Street
Philadelphia, PA 19102
US
215-320-8774 fax: 215-564-0132

Record expires on 24-Sep-2008.
Record created on 25-Sep-1997.
Database last updated on 29-May-2008 00:35:38 EDT.

Domain servers in listed order:

DNS101.COMCAST.NET 68.87.64.204
DNS102.COMCAST.NET 68.87.66.204

What’s also interesting is that the name servers that were poisoned appear to be clearing their caches (Since I use OpenDNS, they allow you to clear the cache at the DNS level, so cool!):

Refreshed results for comcast.net
United States
New York, New York, USA Palo Alto, California, USA

* 205.178.189.131

* 204.127.195.15
* 204.127.205.8
* 204.127.228.15
* 216.148.227.202
* 63.240.76.72

Seattle, Washington, USA Washington, DC, USA

* 204.127.195.15
* 204.127.205.8
* 204.127.228.15
* 216.148.227.202
* 63.240.76.72

* 205.178.189.131

Europe
London, England, UK

* 204.127.195.15
* 204.127.205.8
* 204.127.228.15
* 216.148.227.202
* 63.240.76.72

Re: Did Comcast.net get hacked or is it just down?

May 28th

Posted by evo in Uncategorized

No comments

Checking on other forums, looks like the officials at Comcast have been woken up and action taken. Checkout the responses from the official forum moderator over at DSLReports:

http://www.dslreports.com/forum/r20555206-Comcast-hacked~start=40?r=111#20555482

Re: Did Comcast.net get hacked or is it just down?

May 28th

Posted by evo in Uncategorized

No comments

Seems that their Network Solutions account may have gotten hacked. The WHOIS shows:

Registrant:
Comcast Corporation
1500 Market Street
Philadelphia, PA 19102
US

Domain Name: COMCAST.NET

————————————————————————
Promote your business to millions of viewers for only $1 a month
Learn how you can get an Enhanced Business Listing here for your domain name.
Learn more at http://www.NetworkSolutions.com/
————————————————————————

Administrative Contact:
Domain Registrations, Comcast kryogenicsdefiant@gmail.com
Defiant still raping 2k8 ebk
69 dick tard lane
dildo room
PHILADELPHIA, PA 19103
US
4206661870 fax: 6664200187

Technical Contact:
Comcast Corporation kryogenicsdefiant@gmail.com
1500 Market Street
Philadelphia, PA 19102
US
215-320-8774 fax: 215-564-0132

Record expires on 24-Sep-2008.
Record created on 25-Sep-1997.
Database last updated on 29-May-2008 00:17:01 EDT.

Domain servers in listed order:

NS21.WORLDNIC.COM 205.178.190.11
NS22.WORLDNIC.COM 205.178.144.11

Re: Did Comcast.net get hacked or is it just down?

May 28th

Posted by evo in Uncategorized

No comments

Seems I’m not the only one that noticed:

http://digg.com/security/Comcast_Hacked_2

Did Comcast.net get hacked or is it just down?

May 28th

Posted by evo in Uncategorized

3 comments

So I bring to you a question that at first gave me a bit of shock and believe me at this time of night that’s something that I could do without!

When I went to the Comcast’s website here and here, I found something truly interesting. A message appeared to me:

KRYOGENIKS EBK and DEFIANT RoXed COMCAST
sHouTz To VIRUS Warlock elul21 coll1er seven

and

Error. Page cannot be displayed. Please contact service provider for more details.

now I thought I was out of my mind, but when I check with trusty old MegaProxy.com I got the same thing! So you can imagine before checking Megaproxy what my first reaction was–HOLY CRAP I JUST GOT HACKED! Now just for kicks, I call my buddy up to see what his computer gets, and he mysteriously states to me, “Dude, site came up fine”. I panicked! So I jump on my other boxes just to make sure and sure enough, same thing.

Now since I’m using OpenDNS as my DNS services instead of the ISP provided DNS (by the way, go to OpenDNS and signup!) and the IP address that came up when I tried to resolve comcast.net was:

205.172.189.131

Which resolved to some Vinson Supply Company. Weird. I did a cache refresh, and a new IP came up:

209.62.20.186

now this one resolves to ThePlanet. Again weird. I’d assume that for an ISP, they would use IP addresses that resolve to their own space. Checking comcast.com, I see that the IP resolves to 68.87.60.144, and that has a WHOIS to Comcast Cable Communications, which is what I would expect.

Checking the DNS, I see that the name servers are to Network Solutions? Weird again, seeing that comcast.com uses name servers ns1-auth.sprintlink.net through ns3-auth.sprintlink.net. Wouldn’t comcast.net use the same type of name servers?

At any rate, my panic attack has eased up a bit, but what’s truly frustrating is that I chatted with their online support and these were the responses that they provided:

Christine Marie(Wed May 28 2008 23:45:39 GMT-0500 (Central Daylight Time))>
Our comcast.net site is down as of this moment due to ongoing maintenance. Do not worry you will access our site once the maintenance is complete. We truly apologize for the current inconvenience.

Christine Marie(Wed May 28 2008 23:50:47 GMT-0500 (Central Daylight Time))>
Comcast.net site will be restored shortly once the maintenance is complete. We are truly sorry for the inconvenience but we do not have an estimated time when this will occur.

Christine Marie(Wed May 28 2008 23:54:15 GMT-0500 (Central Daylight Time))>
Because our higher fixed agency did not give us the estimate time when this will be done. But rest assured you will have your comcast.net services back on in no time if not tonight it will be back tomorrow morning.

What kind of responses are those! And what is a “higher fixed agency”? Come on now! For the money I pay to comcast each month, and they don’t get anything from me in terms of customer contacts each month, this ONE time I ask for something, you would think that they could be more upfront with me and just tell me that there is a problem, and they don’t know exactly what it is, nor an estimated time of repair and give me a months credit on my service. That will at least calm me down until someone gets to the bottom of this and confirms either something horrible went wrong and they were hacked, or this was just all a big misunderstanding!

Restarting Motorola Surfboard Cable Modem

May 19th

Posted by evo in Useful Information

No comments

So I noticed today that my internet was slow, and not only that, but the browser itself seemed very sluggish. So naturally I would just go to the back of my Surfboard and restart it; however, I thought to myself, there has to be a way to soft reboot this modem, and obviously this would be preferable than just pulling the power from it.

So after a minute or so of research I realized that you can go to the URL:

http://192.168.100.1/

and click on the Configuration hyperlink, and then click on the Restart Cable Modem button at the bottom of the screen. Doing this will restart your cable modem and assuming that nothing is wrong from the provider end, result in you having internet access restored in less than a minute.

Biodegradable Poop Bags – What you may not have known

May 18th

Posted by evo in Useful Information

8 comments

I was doing a bit of checking around today as my wife and I want to be more conscious of the fact that Momo, our Shiba, does a lot of number 2′s each week/month/year. And when considering how often and the size, that’s quite a bit of waste that is coming from such a little dog.

So we went to PetSmart and though that their biodegradable bags were worth while. But we came to a disclaimer at the bottom of these bags:

Bags are 100 biodegradable* (*except as defined by California).

So I did a quick Google search and came across this the website for PoopBags and a few stats came to light:

  • 4 million tons – It is estimated that dog owners do not collect over 4 million tons of dog waste annually.
  • 20-30% of all pollutants in waterways attributed to dog waste – Pollutants originating from rainwater run-off via sewer systems, and dogs pooping near watersheds or beaches. Overall, it is believed dog waste is third or fourth on the list of contributors to bacteria in contaminated waters.
  • 4th highest generated waste – Plastics are the fourth highest generated waste in the U.S., originate from petroleum which is non-renewable, do not biodegrade, and take thousands of years to break down. Paper, yard trimmings, and food scraps are the top three generated. However, all of them come from renewable resources.
  • Bottom – Plastics are the least recycled with a 6.9% recovery rate. In 2006, the U.S. produced 29.5 million tons of plastic and only recycled 2.04 tons.

Now what’s really interesting is this part:

Various plastic bag manufacturers probably use the term “biodegradability” – shall we say – loosely and lightly. The ASTM D6400
specification puts a kabosh on all of that. Basically, the specification requires that the material is fully tested to ensure that it will degrade at
a similar rate as an apple, and that no large plastic fragments should remain.

More than likely, the loose and light manufacturers’ bags do not meet biodegradable standards of any sort, and are just regular plastic bags.
All in all, bag manufacturers – who claim their bags are biodegradable but do not meet the ASTM D6400 specification – are misleading
consumers and are acting negligently towards the environment.

California’s law, SB 1749, maintains that bags should meet the ASTM D6400 specification for biodegradable product claims. Several other
states are also instituting policies like California. PoopBags.com’s dog waste bags proudly meet this standard.

So basically it would seem that the good folks in California have been a bit more progressive than we would normally assume and in this, cause other manufacturers to not be able to certify that their products are as biodegradable as they would like people to think.

So lesson learned, if you are looking for poop bags and you want to do something good for the environment, look no further than PoopBags.com!

Password Protecting Directory in Ubuntu 8.04

May 18th

Posted by evo in Ubuntu

1 comment

To password protect a directory in Apache2.2 hosted on Ubuntu 8.04 (will probably be very similar as the versions change in Ubuntu), this is a two fold process.

Configuring Apache to use .htaccess files

The first is to configure Apache2.2 to allow access to use .htaccess files. To do this, you will want to first confirm that that within the apache2.conf file located in /etc/apache2/, that the following line exists:

AccessFileName .htaccess

I didn’t add this to my installation of Apache2.2 it was already there, so I’m assuming the same would be for everyone else. The second is to go into the /etc/apache2/sites-available directory and modify the virtual host configuration file for each site that you have hosted. For me, I only have 1 site hosted at the moment, so the only file I modified was /etc/apache2/sites-available/default.

To have Apache know that it should check for the .htaccess file, you will want to modify it by changing the two instances of:

AllowOverride None

to

AllowOverride All

Within the directory tags in the configuration file. There is a third directory tag going down that configuration file for /usr/lib/cgi-bin and you shouldn’t need to change this instance of the Allow Override directive. Once you do this, remember to restart Apache by:

sudo /etc/init.d/apache2 restart

Once this is done your Apache will be configured to check for .htaccess files.

Setting up your .htaccess file

Now that you have Apache configured, you will need to configure your .htaccess file. First create this by:

sudo joe /var/www/.htaccess

and add the following:

AuthUserFile /var/.htpasswd
AuthName “Private System–No Unauthorized Access!”
AuthType Basic

Require user username

I put the authentication file outside of the /var/www directory so that it’s not web accessible. The AuthName is simply the label that gets put on the popup box that appears when you are prompted to enter in a username/password. The last line for Require user is the username that you will be using to authenticate with. Each person who you want to give access to should have a require user entry in your .htaccess file.

After you save this file, you will need to setup a password for the user that you specified in the .htaccess file. To do this run:

cd /var/

and then run:

sudo htpasswd -c /var/.htpasswd username

Enter in the username that you put into the .htaccess file and it will ask you to enter your password and then reenter it. Once you do this, you should be able to go to the URL of the directory that you put your .htaccess file in and you should receive a username/password prompt!

Yves Rossy’s Jetman!

May 16th

Posted by evo in Uncategorized

No comments

Even though you can’t understand this unless you are Italian, this is one of the most fantastic things that I think one can do with creativity and freedom.

After seeing something as fantastic as IronMan, this just makes you want to spend $200,000 to get one for yourself!

Installing SSL Certificate on Apache2.2 installed on Windows 2003 Server

May 14th

Posted by evo in Windows 2003 Server

9 comments

This guide assumes that you have already installed Apache2.2 and OpenSSL on your server.

Once you have gotten the certificate file back from your CA, you will want to rename the certificate file to your commonname.cert.

You will then go to:

C:\Program Files\Apache Foundation Software\Apache2.2\conf

and create a directory called ‘ssl’. Then go into the directory:

C:\Program Files\Apache Foundation Software\Apache2.2\conf\ssl

Copy your *.key file and *.cert file into this directory. We then have to make changes to the httpd.conf file. You will need to add a few lines. The first will go towards the bottom of the configuration file before any or entries. The lines are:



Include conf/ssl.conf

Then you will want to browse to:

C:\Program Files\Apache Foundation Software\Apache2.2\conf\extra

and locate the httpd-ssl.conf file. Copy this into your:

C:\Program Files\Apache Foundation Software\Apache2.2\conf

directory and rename this to ssl.conf. In both the httpd.conf and ssl.conf, locate the lines:

ServerName

and make sure that they are formated as:

httpd.conf
ServerName commonname:80

ssl.conf
ServerName commonname:443

In the ssl.conf file, locate the following variables: SSLCertificateFile and SSLCertificateKeyFile. You will need to point these to the location of your *.cert and *.key. They should look like:

SSLCertificateFile C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl/commonname.cert

SSLCertificateKeyFile C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl/commonname.key

Save all your files, and start Apache from Start > Run > services.msc. All things being, this should work and you should be able to go to a command prompt and type in the following:

telnet localhost 80

and

telnet localhost 443

and each should return a blank screen with a blinking curser in the upper left corner. If you get any errors, make sure to check the Event Viewer > Application to see what Apache is reporting as being a problem. Also within the directory:

C:\Program Files\Apache Foundation Software\Apache2.2\log

there is an error.log file that will log out any errors that you might have.

Also you can also check your installation by going to Verisign’s Checker tool.

Known Issue 1

There is one know issue on Windows, if you get the error message in the error.log as:

Error: Init: SSLPassPhraseDialog builtin is not supported on Win32

This is because a password was entered while generating the key file via openssl. To fix this, you will first need to go to the ssl.conf file and comment out the line that contains:

SSLPassPhraseDialog

and save the file. Then you will want to go to your directory:

C:/Program Files/Apache Foundation Software/Apache2.2/bin

and run the following command:

openssl rsa -in commonname.key -out commonname2.key

Copy the commonname2.key file and then go to:

C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl

and delete the current commonname.key and replace it with commonname2.key. Rename commonname2.key to commoname.key.

Try to restart Apache from Start > Run > services.msc and see if that works for you!

Known Issue 2

If you are using a Verisign SSL Certificate, you may have a experienced a problem where pulling up the secure site will return an error indicating: Unable to verify the identify of commonname as a trusted site.

This is because with Verisign certificates, you now need to install an intermediate certificate. That can be found directly from Verisign. The key is that within the ssl.conf file you need to uncomment out the line:

SSLCertificateChainFile “C:/Program Files/Apache Software Foundation/Apache2.2/conf/ssl/intermediate.crt”

save, then restart Apache. Keep in mind that the name there is what you save the intermediate certificate that you get from the Verisign site, make sure that you save the file name in the ssl directory.

Once you do this, your cert should work fine. Use the Verisign checker to verify your findings.

Reference
Reference
Reference

First page ... 7 8 9 10 11 12 13 ... Last page (14)
Get Adobe Flash playerPlugin by wpburn.com wordpress themes