New virus - VERY DANGEROUS!

[Bart Bailey]

Do you not have choice in the USA?

We do pretty much, here in the UK. Don't like a provider, tell them to
sling their hook and go buy someone else's service.

Is american culture such that you place litigation before choice?

I had contracted for a level of service that they chose to abridge with
not so much as any notification at all, yet they still continued to
charge the same rate. I'm not sure how much bending over and spreading
the other cheek you blokes are willing to do over there, but here it's
considered a tort of nonfeasance, and is indeed an actionable cause to
redress any losses, which in my case wouldn't have amounted to enough to
justify litigation.
And yes we're free to switch providers without any reason given.

 

[James Egan]

| Ah, Information. A property, too valuable these days, to give it away,
| just so, at no cost.

You describe Frquency Shift Keying (FSK) used on older DUN modems. However, in the case of
DSL and Cable modems they are NOT true modems (MODulators/DEModulators) and are network
bridges.

Perhaps you can explain something for me, Dave, since I'm not familiar
with cable modems and, like Gaby, I thought a cable modem was similar
to a dial-up modem?

Let's take as an example a standalone PC connected via a USB cable
modem to an ISP and compare it to an external (dialup) modem connected
to a PC via a serial cable.

My understanding is that in both cases, the PC's (virtual) network
adapter (ie the dialup adaptor or the virtual adaptor created by the
USB cable modem driver) receives the external ip address allocated by
the ISP. In other words, the PC receives the external ip address not
the modem. And the modem doesn't have it's own ip address since it's
just there to modulate/demodulate the signals?


Jim.

 

[James Egan]

In the case of port 25 outbound, if it were blocked at the modem, how
would the customer connect to the service providers smtp server? I
currently use port 25 to connect to rogers server, but they have now
blocked all outbound port 25 traffic, past their routers.

As an anti-spam measure, outgoing port 25 stuff is sometimes
re-directed to the ISP's mailservers irrespective of which SMTP server
is nominated by the sending client. Maybe blocking it is their way of
ensuring you only use their mailserver?


Jim.

 

[James Egan]

If the ISP can indeed communicate securely with the modem

Which will make it something more than a modem and not anything you
would want on your local network.

(which
almost always the ISP supplied to the subscriber, and which the ISP
orders in bulk from specific manufacturer according to it's
specifications) then the modem could, in theory, perform out-bound
packet blocking on a port-by-port basis. There ARE certain ports that
the ISP I'm sure would love to block at the modem level, such as ports
135/137/139/445 and 25. By blocking port 25 on a specific modem (or
ALL subscriber modems) then the computers belonging to those
subscribers would NOT BE ABLE to send spam directly from themselves to
the target or destination server (which is how the vast vast vast
majority of spam is sent from computers that are infected with
back-door access programs).

If port 25 is blocked to stop you running your own mail server, and
assuming you couldn't merely disconnect this device and replace it
with something a little less restrictive, there are plenty of services
eg. http://www.dyndns.org/services/mailhop/relay.html which will allow
you to bypass the usual SMTP port.

If this cable device is sophisticated enough to detect and block
inbound SMTP traffic irrespective of port, I'd choose a less
restrictive and intrusive ISP.

I'd also hazard a guess that such a device would cost quite a bit more
than a cheap and cheerful usb cable modem and thus be more appropriate
for use at the ISP's end rather than at the user end.


Jim.

 

[ComPCs]

In Message-ID:<[email protected]> posted on
Sat, 16 Jul 2005 01:04:58 +0100, ComPCs wrote: Begin

I had contracted for a level of service that they chose to abridge with
not so much as any notification at all, yet they still continued to
charge the same rate. I'm not sure how much bending over and spreading
the other cheek you blokes are willing to do over there, but here it's
considered a tort of nonfeasance, and is indeed an actionable cause to
redress any losses, which in my case wouldn't have amounted to enough to
justify litigation.

There is very little bending over, or spreading the other cheek;
although what I think you mean is bending over backwards (i.e. being so
much more accommodating) and turning the other cheek (I.e. looking the
other way)

Well, no, we don't. There is a phone, and usually someone at the other
end to talk to ... so, what we do, is we pick up the phone and we say
"excuse me old chap, but you appear to have removed port 25 from the
service without telling anyone - do you think I might have it back as I
rather need it?"

At which point, the point of actually having spoken to someone, you tend
to get some action to rectify your problem. If not, you then complain to
the customer service dept.

Litigation used to be the absolute last consideration, but, like so many
other things, American influence has 'washed' up on our shores, and now
litigation is, unfortunately, all too common.

I just find it 'amusing' that you couldn't send and email, and intended,
via your threat, of suing someone for it - this being your apparent
initial reaction over all others.

One wonders how much per month/year you were actually paying for this
service, and given you yourself have said you wouldn't have suffered
sufficient loss, why you threatened litigation in the first place
instead of picking up the phone and asking what was occurring?

Different culture I guess. Big cars, big roads, big ideas, narrow minded
ness?

And yes we're free to switch providers without any reason given.

But you'd rather sue first ... ;-)

 

[David H. Lipman]

From: "James Egan" <[email protected]>


|
| Perhaps you can explain something for me, Dave, since I'm not familiar
| with cable modems and, like Gaby, I thought a cable modem was similar
| to a dial-up modem?
|
| Let's take as an example a standalone PC connected via a USB cable
| modem to an ISP and compare it to an external (dialup) modem connected
| to a PC via a serial cable.
|
| My understanding is that in both cases, the PC's (virtual) network
| adapter (ie the dialup adaptor or the virtual adaptor created by the
| USB cable modem driver) receives the external ip address allocated by
| the ISP. In other words, the PC receives the external ip address not
| the modem. And the modem doesn't have it's own ip address since it's
| just there to modulate/demodulate the signals?
|
| Jim.

James:

With a DUN modem you have a limited bandwidth. The POTS line is designed for audio
comminications and not high fidelity as well. It is designed such that the common areas of
human speech can pass through a twisted pair transmission line. Therefore a DUN modem uses
FSK or the later ITU standardized protocol v.34[
http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci213936,00.html ] to allow a
digital signal to be transposed upon that transmission line and the modem will modulate and
demodulate the signals accordingly. It is upto the coputers at both end to use the Point to
Point Protocol (PPP) to assign an IP address and pass TCP/IP communications along the now
created path.

With Cable and DSL modems the modems (which is not an appropriate name) already are using
network protocols to pass along the transmision line.

In a cable modem the standard is DOCSIS (Data Over Cable Service Interface Specification)
use DHCP to assign an IP address on the PC. The devide acts as a Bridge of two dissimalar
networks to to allow TCP/IP to be used. In this case Cable and Ethernet.

In a DSL modem protocols such as; G.DMT, G.Lite, G.Test, G.AOM or G.HS allow didgital
signaling at high frequencies to be superimposed upon the POTS twisted pair transmission
line. The signaling is based upon , Discrete Multitone Modulation (DMT, Carrierless
Amplitude Modulation (CAP) or Quadtarture Amplitude Modulation (QAM) techniques. What is
applied will determioned if the DSL signal is or is NOT POTS compatible. That is whether it
can be used in conjunction with a audio telephone line or with a "dry pair" telephone line
where to telephone conversations will be used. What signaling will be used will also be
based upon if the DSL is Asyncnronous (different upload and download speeds -- ADSL) or
Synchronous (same upload and download speeds -- SDSL). My verizon DSL is Asyncronous DSL
with 1.5Mb/s download and 768Mb/s upload speeds. The modem bridges the this network with
Ethernet. DSL will either use DHCP to assign an IP address or us the Point to Point
Protocol over Ethernet (PPPoE) and a DHCP like protocol called Internet Protocol Control
Protocol (IPCP) to assign a an IP address. Note that PPPoE is a Tunneling protocol and
while standard Ethernet uses a 1500 byte packet for a Maximum Transmission Unit (MTU) the
overhead of PPPoE will consume 8 bytes of said 1500 bytes so the MTU is 1492 for for DSL
usiing PPPoE.

The important concept here is that in DUN modems networking protocols are NOT used between
the two points while with DSL and Cable there are network protocols and the so called modem
bridges the the two dissimalr network cabling types.

A good way to example this is that Cable and DSL can't directly use IPX/SPX since it the
wrong network protocol while TCP/IP is the right network protocol. Using a DUN modem you
can use IPX/SPX directly. The only way to pass IPX/SPX over a DSL or Cable network would be
to use an IPTunnel which creates a tunnel where IPX/SPX can be passed inside a TCP/IP
packet. Novell's IPTunnel uses TCP port 213. Thus a remote PC only using IPX/SPX as the
network transport can uses a DUN modem to connect directly to a Novell Server. You could
not use Cable or DSL networks without loading both TCP/IP and IPX/SPX on the remote PC.
IPX/SPX to access the Novell server and TCP/IP to allow IPX/SPX to be tunneled within TCP
port 213.

 

[David H. Lipman]

From: "David W. Hodgins" <[email protected]>


|
| You are correct. You got my curiosity up, so I did some digging. Docsis
| compliant modems conform to http://www.ietf.org/rfc/rfc2669.txt which
| include "3.3.1. Inbound LLC Filters - docsDevFilterLLCTable". Inbound
| in this case, means into the modem, from either side. It can be used
| to drop netbuei packets, for example.
|
| In the case of port 25 outbound, if it were blocked at the modem, how
| would the customer connect to the service providers smtp server? I
| currently use port 25 to connect to rogers server, but they have now
| blocked all outbound port 25 traffic, past their routers.
|
| For netbuei, they could drop the packets going in/out on the cable side,
| while still allowing the packets on the lan side of the modem. In my
| opinion, they should!
|
| Regards, Dave Hodgins
|
| --
| Change nomail.afraid.org to rogers.com to reply by email.
| (nomail.afraid.org has been set up specifically for
| use in usenet. Feel free to use it yourself.)

NETbeui is NetBIOS with its own network transport and thus is non-routable but can exist on
the LAN side of the Cable modem and acts on Layer 2 of the OSI model.

IPX/SPX, XNS and TCP/IP are examples of competing layer 3 network protocols. In the case of
DOCSIS only TCP/IP will be communicated and all other can not be used directly over the
cable network.

You posted a Request for Comment statement the Simple Network Management Protocol (SNMP)
Management Information Base (MIB) for DOCSIS compliant Cable Modems. The SNMP-MIB for DOCIS
described in RFC-2669 is used to access a collection of information that is organized in an
hierarchal fashion that can be; read from the Cable Modem, be set on the Cable Modem or
trap messages be sent from the Cable Modem to a Network Managemnt Station (NMS) used as a
"trap receiver" using UDP port 162 [ using such software as HP OpenView ]. The SNMP
communities are therefore "read", "Write" and "Trap". The common SNMP communitiy names are
"public" and "private". [ BTW: For security reasons, the SNMP community names should be
redefined such as "COMPANY_READ" and "COMPANY_RW" ]


Ther MIB object "docsDevFilterLLCTable" specifically refers to MAC address filtering and not
TCP or UDP filtering. Using a SNMP write command via UDP port 161, in
'docsDevFilterLLCTable' of the MIB, the modem can be set to ignore a MAC address using a
transport protocol such as NETbeui which "...may be disruptive to the network...".

Further it states that "The inbound LLC (or MAC or level-2) filters...", TCP/IP is layer 3
of the OSI model.

Sorry David, you misinterpreted the information. One must *always* refer back to the 7
layer OSI model when discussing networking.

 

[David H. Lipman]

From: "David H. Lipman" <[email protected]>

That should have been...

"NETbeui is NetBIOS with its own network transport and acts on Layer 2 of the OSI model and
is thus is non-routable but can exist onthe LAN side of the Cable modem."

 

[James Egan]

It is upto the coputers at both end to use the Point to
Point Protocol (PPP) to assign an IP address and pass TCP/IP communications along the now
created path.

With Cable and DSL modems the modems (which is not an appropriate name) already are using
network protocols to pass along the transmision line.

Before I got my dsl modem/router, I was supplied by my isp with an
Alcatel USB dsl modem which used the same ppp (win98 dun) negotiation
as other dun connections except there was no number ro dial up.

The important concept here is that in DUN modems networking protocols are NOT used between
the two points while with DSL and Cable there are network protocols and the so called modem
bridges the the two dissimalr network cabling types.

A good way to example this is that Cable and DSL can't directly use IPX/SPX since it the
wrong network protocol while TCP/IP is the right network protocol. Using a DUN modem you
can use IPX/SPX directly. The only way to pass IPX/SPX over a DSL or Cable network would be
to use an IPTunnel which creates a tunnel where IPX/SPX can be passed inside a TCP/IP
packet. Novell's IPTunnel uses TCP port 213. Thus a remote PC only using IPX/SPX as the
network transport can uses a DUN modem to connect directly to a Novell Server. You could
not use Cable or DSL networks without loading both TCP/IP and IPX/SPX on the remote PC.
IPX/SPX to access the Novell server and TCP/IP to allow IPX/SPX to be tunneled within TCP
port 213.

But my dsl uses ppp(oa) to connect, and ppp can directly convey
Netbeui, ipx/spx and(or) tcp/ip packets (as opposed to slip which is
limited to tcp/ip). I don't suppose ppp(oe) is any different?

Jim.

 

[Bart Bailey]

In Message-ID:<[email protected]> posted on
Sat, 16 Jul 2005 14:44:47 +0100, ComPCs wrote: Begin

~~~

Well, no, we don't. There is a phone, and usually someone at the other
end to talk to

You obviously haven't tried to navigate an American corporate automated
call option tree.
The other end in the case of SBC is somewhere in India, and that's where
the confirmation of p25 blocking eventually came from.

... so, what we do, is we pick up the phone and we say
"excuse me old chap, but you appear to have removed port 25 from the
service without telling anyone - do you think I might have it back as I
rather need it?"

If it weren't for exposure to Old English via the BBC and internet, your
usage of such archaic phraseology would be somewhat baffling, now it's
just amusing.

At which point, the point of actually having spoken to someone, you tend
to get some action to rectify your problem. If not, you then complain to
the customer service dept.

You're still basing your choices on having "someone" to do all this
conversing with.

Litigation used to be the absolute last consideration, but, like so many
other things, American influence has 'washed' up on our shores, and now
litigation is, unfortunately, all too common.

Same here, but with corporate policies designed to cut costs,
and maximize profits, the luxury of live customer service reps was
dispensed long ago, and the only language that gets their attention is
spoken in the syntax of a subpoena. (unfortunately, all too common)

I just find it 'amusing' that you couldn't send and email, and intended,
via your threat, of suing someone for it - this being your apparent
initial reaction over all others.

My initial reaction was irritation at the ruthless application of
service reduction, then came the frustration of having no one to voice
my complaint to, and only after exhausting other civil efforts did the
hint of litigation enter the scenario.
You appear indeed naive to American corporate procedures.

One wonders how much per month/year you were actually paying for this
service,

Irrelevant to the principle of dereliction of a contractual obligation.

and given you yourself have said you wouldn't have suffered
sufficient loss, why you threatened litigation in the first place
instead of picking up the phone and asking what was occurring?

Your abbreviation of the sequence of events is causing undue negativity
in your final opinion. There were interim efforts to effect a solution
prior to what eventually worked.

Different culture I guess. Big cars, big roads, big ideas, narrow minded
ness?

Yep, all those, along with narrow streets, smart cars, and many eclectic
thinkers, but you're free to indulge your prejudices regardless of their
lack of breadth.

But you'd rather sue first ... ;-)

That's an assumption, and rather hastily arrived at it seems.

Your trip through the days of live human-to-human interactions while
conducting commercial affairs with large multinational organizations has
been pleasantly nostalgic and I thank you.

 

[David H. Lipman]

From: "James Egan" <[email protected]>

| On Sat, 16 Jul 2005 14:11:33 GMT, "David H. Lipman"
|
| Before I got my dsl modem/router, I was supplied by my isp with an
| Alcatel USB dsl modem which used the same ppp (win98 dun) negotiation
| as other dun connections except there was no number ro dial up.
|
|
| But my dsl uses ppp(oa) to connect, and ppp can directly convey
| Netbeui, ipx/spx and(or) tcp/ip packets (as opposed to slip which is
| limited to tcp/ip). I don't suppose ppp(oe) is any different?
|
| Jim.

The DUN connector was because you use PPPoA (Point to Point Protocol over ATM) which is
very similar to PPPoE but they are not the same as a PPP connection.

As to the question....
"I don't suppose ppp(oe) is any different?" -- I don't know.

 

[Art]

You obviously haven't tried to navigate an American corporate automated
call option tree.

However, Bart, the general observation by the Brits of our
litigatation-happy situation here in the U.S. is well taken by
me. Physicians, surgeons, and other medical specialists are
leaving my State of Pennsylvania in droves because they can
no longer affort the cost of malpractice insurance here. Not
that they're leaving the country necessarily ... seems that
some States have put limits on the maximums that can be
awarded, and insurance costs are much lower in some
States than others.

Having to wait many days for needed heart bypass surgery,
etc., is the effect of the greed of a few, and it's absolutely
disgusting when the life of your loved ones are threatened
due to this greed, and that of the lawyers who oppose any
change in the status quo. IOW, it pisses me off!

Art

http://home.epix.net/~artnpeg

 

[Bart Bailey]

Having to wait many days for needed heart bypass surgery,
etc., is the effect of the greed of a few, and it's absolutely
disgusting when the life of your loved ones are threatened
due to this greed, and that of the lawyers who oppose any
change in the status quo. IOW, it pisses me off!

bit of a difference between a by-pass and ISP issues,
I'd bet even a Brit could make that distinction <g>

 

[Art]

bit of a difference between a by-pass and ISP issues,
I'd bet even a Brit could make that distinction <g>

Go ahead. Egg 'em on. Barbs exchanged across the pond
are sometimes very entertaining

Art

http://home.epix.net/~artnpeg

 

[David W. Hodgins]

Sorry David, you misinterpreted the information. One must *always* refer back to the 7
layer OSI model when discussing networking.

Thanks David.

Regards, Dave Hodgins

 

[David W. Hodgins]

Such blocking *should be* done at the network gateway by ISP's, and
some claim to do so, but I still get spam (ie port-25 traffic) from
the residential IP space of big players like comcast, road runner,
charter, shaw, etc, on my SMTP server at work.

Most of those isps are actually collections of many smaller systems,
some of which have implemented the port 25 outbound block, and
obviously some have not. Rogers just started the blocking July 1st,
but only in a few areas. When they'll be expanding it to cover the
rest of their network - who knows<g>. The only notification they
gave was an update to their online help, in the trouble shooting
section for sending email.

Which is a good thing. Do they do it to be better net.citizens, or to
keep out of various e-mail black lists?

I agree it's a good thing. According to senderbase.org, rogers.com is
now down to around 4700 zombied computers sending spam. I wish they'd
get the blocking across the rest of their network now!

Do you mean netbuei, or netbios (ports 135/137/139/445) ???

I used netbuei as the example, only because that was the one mentioned
as an example, in the rfc. As David Lipman has pointed out, I
misinterpreted the rfc, and it doesn't appear the modem can block
specific ports.

Well, like I said in another part of this thread, Sympatico is either
unwilling or unable to (remotely) configure subscriber modems to block
the netbios ports (because I see connection attempts on those ports
hitting my router all the time from IP addresses within the sympatico
IP address range). If you have a similar router setup on Rogers,
your logs would tell you if such port activity was there - or not.

It is. My understanding, is that the port 25 blocking is done on the
gateway routers, that connect rogers to their upstreams/peers. I don't
think it blocks connections between rogers subscribers, though I haven't
tested this.

Something else to think about - it could be that there are groups of
people (ie teenagers, hackers, file-sharers) that use the netbios
ports to connect to each-others computers and share files (presumably
as long as they all subscribe to the same ISP). Assuming there is

You can use a firewall to limit which ip addresses are allowed to
connect to p2p ports, on your computer to achieve the same effect,
using current p2p software.

Regards, Dave Hodgins

 

[David W. Hodgins]

As an anti-spam measure, outgoing port 25 stuff is sometimes
re-directed to the ISP's mailservers irrespective of which SMTP server
is nominated by the sending client. Maybe blocking it is their way of
ensuring you only use their mailserver?

It is. I've modified my postfix configuration to relay through their
server. The only difference between sending direct, and sending through
their server, is that they add a received header (@ changed to <at> by me ...

Received: from unknown (HELO hodgins.homeip.net)
(dhodgin1661 <at> [email protected] with login)
by smtp102.rog.mail.re2.yahoo.com with SMTP; 10 Jul 2005 01:07:17 -0000

that shows which id I used to authenticate with their smtp server.

The blocking does not cause a problem for me, and I wish they'd
hurry up an implement it across the rest of their network.

Regards, Dave Hodgins

 

[Lew/+Silat]

In

..

However, Bart, the general observation by the Brits of our
litigatation-happy situation here in the U.S. is well taken by
me. Physicians, surgeons, and other medical specialists are
leaving my State of Pennsylvania in droves because they can
no longer affort the cost of malpractice insurance here. Not
that they're leaving the country necessarily ... seems that
some States have put limits on the maximums that can be
awarded, and insurance costs are much lower in some
States than others.

Having to wait many days for needed heart bypass surgery,
etc., is the effect of the greed of a few, and it's absolutely
disgusting when the life of your loved ones are threatened
due to this greed, and that of the lawyers who oppose any
change in the status quo. IOW, it pisses me off!

Art

If this were a political group I would post the facts about malpractice
insurance. Lawsuits account for 1% of the cost of health insurance. Its the
admin/profits that account for the most costs. The states that have limited
awards have not lowered rates and have only taken away the victims/us power
to wield some power over the drs.

 

[Art]

If this were a political group I would post the facts about malpractice
insurance. Lawsuits account for 1% of the cost of health insurance.

Those two sentences don't jibe. You switched from malpractice
insurance to health insurance.

admin/profits that account for the most costs.

Not for malpractice insurance.

The states that have limited
awards have not lowered rates and have only taken away the victims/us power
to wield some power over the drs.

I know for a fact about the exodus I described, and the fact that
doctors are leaving to areas which have much lower malpractice
insurance rates. I have little doubt that Pa. will also place limits
on awards in order to stem the exodus, as well they should.

Art

http://home.epix.net/~artnpeg

 

[Virus Guy]

(someone wrote):

As an anti-spam measure, outgoing port 25 stuff is sometimes
re-directed to the ISP's mailservers irrespective of which
SMTP server is nominated by the sending client.

(cross-posting this to alt.spam)

This can be a *very bad* thing for the ISP - unless it doesn't apply
to zombie computers that are using viral SMTP engines and doing
direct-to-mx sending.

If the spam being sent by zombies (with their own SMTP engines) is
somehow intercepted by the (sender's) ISP and routed through the
(sender's) ISP's own SMTP server, then what you've got is spam that
the recipient will trace back to the legit server of the sender's
ISP. If that server is not checking (somehow) to make sure the e-mail
is not spam, then it will soon be black-listed.

On the other hand, if we're talking about an e-mail client that is
configured for out-bound SMTP server is not the ISP's server (but any
e-mail being sent by the client software is intercepted by the ISP and
routed through the ISP's e-mail server) then that is a transparent way
to deal with people who have an external out-bound SMTP setting and
still prevent rogue port-25 packets to eminate from the ISP's network.

It is.

It's not that any given ISP *wants* you to use their SMTP server for
sending e-mail. If they want to stop the flood of spam leaving their
network then they have no choice but to block port-25 traffic from
getting to the internet. That means the only port-25 packets that are
allowed out are those that come directly from their own SMTP servers.