Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: NANOG: users

Operation Ghost Click

 

 

First page Previous page 1 2 Next page Last page  View All NANOG users RSS feed   Index | Next | Previous | View Threaded


lathama at gmail

May 1, 2012, 9:17 AM

Post #26 of 46 (2154 views)
Permalink
Re: Operation Ghost Click [In reply to]

A write up here
http://dyn.com/dns-internet-web-truth-behind-the-fbi-computer-scare/

--
~ Andrew "lathama" Latham lathama [at] gmail http://lathama.net ~


Valdis.Kletnieks at vt

May 1, 2012, 12:19 PM

Post #27 of 46 (2151 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Tue, 01 May 2012 10:40:57 -0400, Rich Kulawiec said:

> Why haven't you cut these obviously-infected systems off entirely?

There's quite likely multiple systems behind a NAT-ish router, and Comcast
doesn't have any real option but to nuke *all* the systems behind the router.

This can be a tad troublesome if there's one infected box behind the router,
but the customer is also using VoIP of some sort from another box - you may
just have nuked their 911 capability. Or if they have multiple systems, you may
have killed their ability to transact basic business like contact their local
government or pay their utility bills from a box that's not infected.

(Hint - it's the same basic reason why 3-strikes laws for copyright
infringement that turn off the subscriber suck - the unintended collateral
damage tends to break things you really don't want to break...)


Jason_Livingood at cable

May 1, 2012, 12:41 PM

Post #28 of 46 (2151 views)
Permalink
Re: Operation Ghost Click [In reply to]

On 5/1/12 3:19 PM, "Valdis.Kletnieks [at] vt<mailto:Valdis.Kletnieks [at] vt>" <Valdis.Kletnieks [at] vt<mailto:Valdis.Kletnieks [at] vt>> wrote:

On Tue, 01 May 2012 10:40:57 -0400, Rich Kulawiec said:

Why haven't you cut these obviously-infected systems off entirely?

There's quite likely multiple systems behind a NAT-ish router, and Comcast doesn't have any real option but to nuke *all* the systems behind the router.
This can be a tad troublesome if there's one infected box behind the router, but the customer is also using VoIP of some sort from another box - you may just have nuked their 911 capability. Or if they have multiple systems, you may have killed their ability to transact basic business like contact their local government or pay their utility bills from a box that's not infected.

All of this above! Plus, the remediation tools to clean up an infection are insufficient to the task right now. Better tools are needed. (See also http://tools.ietf.org/html/rfc6561#section-5.4)


Jason


bicknell at ufp

May 1, 2012, 12:51 PM

Post #29 of 46 (2147 views)
Permalink
Re: Operation Ghost Click [In reply to]

In a message written on Tue, May 01, 2012 at 07:41:35PM +0000, Livingood, Jason wrote:
> All of this above! Plus, the remediation tools to clean up an infection are insufficient to the task right now. Better tools are needed. (See also http://tools.ietf.org/html/rfc6561#section-5.4)

Hey Jason, I'm going to put you on the spot with a crazy idea.

Many customers of the major internet providers also have other
services from them, like TV and Phone. Perhaps expanding the notice
to those areas would be useful? Turn on your cable box and get a
notice, or pick up the phone and get a notice?

It might really help in cases where one member of the family (e.g.
the children) are doing something bad that the bill payer (e.g. mom
and dad) doesn't know about. Hit them on a medium they know more
about.

--
Leo Bicknell - bicknell [at] ufp - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/


jcdill.lists at gmail

May 1, 2012, 1:56 PM

Post #30 of 46 (2151 views)
Permalink
Re: Operation Ghost Click [In reply to]

On 01/05/12 12:51 PM, Leo Bicknell wrote:
> In a message written on Tue, May 01, 2012 at 07:41:35PM +0000, Livingood, Jason wrote:
>> All of this above! Plus, the remediation tools to clean up an infection are insufficient to the task right now. Better tools are needed. (See also http://tools.ietf.org/html/rfc6561#section-5.4)
> Hey Jason, I'm going to put you on the spot with a crazy idea.
>
> Many customers of the major internet providers also have other
> services from them, like TV and Phone. Perhaps expanding the notice
> to those areas would be useful? Turn on your cable box and get a
> notice, or pick up the phone and get a notice?
>
> It might really help in cases where one member of the family (e.g.
> the children) are doing something bad that the bill payer (e.g. mom
> and dad) doesn't know about. Hit them on a medium they know more
> about.

Upthread Jason posted:

> At Comcast we have done the following:
> - Sent emails
> - Send postal mail
> - Left voicemail
> - Used automated outbound calling
> - Used increasingly persistent web browser notifications

Notice item #2 - postal mail - very unlikely the kids are checking the
postal mail daily and removing notices from the ISP to keep them from
Mom and Dad.


For all those who are using automated methods to contact their
customers, if you have a cell phone number for the customer also try
sending text to the phone. I find a significant number of people today:

A) Have a cell phone but no other phone;
B) Do not use voicemail on their cell phone. The VM box may be full,
may not be setup, may be setup but they never (or rarely) check VM;
C) Rarely check email!

For this group, text is the way to go. I have left repeated VMs which
are not answered, but send one text and get a reply back within
minutes. The younger the cell phone user, the more likely they are in
this group but I also have friends (including one who has worked
extensively in the ISP industry) who are in their 40s and older who are
taking up this habit.

jc


Jason_Livingood at cable

May 2, 2012, 7:37 AM

Post #31 of 46 (2142 views)
Permalink
Re: Operation Ghost Click [In reply to]

>Hey Jason, I'm going to put you on the spot with a crazy idea.
>
>Many customers of the major internet providers also have other
>services from them, like TV and Phone. Perhaps expanding the notice
>to those areas would be useful? Turn on your cable box and get a
>notice, or pick up the phone and get a notice?

We did the phone thing by dropping a voicemail to our voice customers (it
is IP voicemail so it kind of looks like an email server architecture).

Good idea on the TV notification as well and certainly not crazy! ;-)

- Jason


nicolai-nanog at chocolatine

May 2, 2012, 10:16 AM

Post #32 of 46 (2138 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Fri, Apr 27, 2012 at 11:14:40PM -0500, A. Pishdadi wrote:
> At some point in like 10 years when all the computer illiterate people are
> gone there will be no more excuses for not being educated on malware and
> viruses.

The "non-techies" I know would consider switching from IE to Firefox a
major change, one they think would qualify as a technical achievement.
If you ask people about the underlying technical aspects of the software
or hardware they use, most will know very little, if anything. Some
won't even understand the question.

On a weirdly related note, here's a story from a friend of mine who is a
high school teacher. He told me once that a significant number of his
students believe that the *original source* of food is a grocery store.
Not a farm, but the food literally comes into being on a shelf in the
produce section or meat counter.

It all comes down to a lack of interest in what's going on under the
hood, and this disinterest won't be gone in 10, 20, or 50 years. It's
actually deepening as time goes on.

Nicolai


jeroen at mompl

May 2, 2012, 12:13 PM

Post #33 of 46 (2139 views)
Permalink
Re: Operation Ghost Click [In reply to]

Livingood, Jason wrote:
> you may just have nuked their 911 capability.

Depending on your internet connection to be able to dial 911 is a bit
foolhardy, to put it nicely. It pays off to have a phone that's only
powered through the phone line itself, for emergencies (and your
everyday home phone calls *gasp*). Especially in a country where power
outages are as frequent as full moons. The good old land line hardly
ever goes down.

And you may find the audio quality is better too. While you're at it,
make it a rotary phone. :-)

Regards,
Jeroen

--
Earthquake Magnitude: 4.0
Date: Wednesday, May 2, 2012 12:33:29 UTC
Location: Vancouver Island, Canada region
Latitude: 50.6619; Longitude: -129.8861
Depth: 10.00 km


Valdis.Kletnieks at vt

May 2, 2012, 12:32 PM

Post #34 of 46 (2137 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Wed, 02 May 2012 12:13:56 -0700, Jeroen van Aart said:
> Livingood, Jason wrote:
> > you may just have nuked their 911 capability.

Actually, I said that, not Jason. Jason just used mail software that *can't get
quoting right* to reply to my message, so your quote of his message got the
attribution wrong.

What *is* it with you people? This is *NANOG*. In *2012*. ;)

(The truly sad part is that based on the User-Agent: headers, Jason appears to
have used a *different* broken mail software package than the last person. So
at least 2 vendors are doing stupid stuff.)

</rant> ;)

> Depending on your internet connection to be able to dial 911 is a bit
> foolhardy, to put it nicely.

Foolhardy or not, it's probably unwise for an ISP to say "It's OK, *nobody* would
be that foolhardy" and snip the service...


morrowc.lists at gmail

May 2, 2012, 12:43 PM

Post #35 of 46 (2141 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Wed, May 2, 2012 at 3:13 PM, Jeroen van Aart <jeroen [at] mompl> wrote:
> Livingood, Jason wrote:
>>
>> you may just have nuked their 911 capability.
>
>
> Depending on your internet connection to be able to dial 911 is a bit

<chuckle>

> foolhardy, to put it nicely. It pays off to have a phone that's only powered
> through the phone line itself, for emergencies (and your everyday home phone
> calls *gasp*). Especially in a country where power outages are as frequent
> as full moons. The good old land line hardly ever goes down.

this is nice, but not everywhere has this capability, someplaces DID
have it until the new 'we bring fiber' people showed up, and clipped
the copper below the ground-level.

>
> And you may find the audio quality is better too. While you're at it, make
> it a rotary phone. :-)

wow, 1990 much? are you actually just trolling today perhaps?

> Regards,
> Jeroen
>
> --
> Earthquake Magnitude: 4.0
> Date: Wednesday, May  2, 2012 12:33:29 UTC
> Location: Vancouver Island, Canada region
> Latitude: 50.6619; Longitude: -129.8861
> Depth: 10.00 km
>


EWieling at nyigc

May 2, 2012, 12:52 PM

Post #36 of 46 (2141 views)
Permalink
RE: Operation Ghost Click [In reply to]

I doubt the g729 or GSM codecs used by VoIP and Cell phones can compare to a POTS line.

-----Original Message-----
From: Christopher Morrow [mailto:morrowc.lists [at] gmail]
Sent: Wednesday, May 02, 2012 3:43 PM
To: Jeroen van Aart
Cc: NANOG list
Subject: Re: Operation Ghost Click

wow, 1990 much? are you actually just trolling today perhaps?


jeroen at mompl

May 2, 2012, 12:52 PM

Post #37 of 46 (2143 views)
Permalink
Re: Operation Ghost Click [In reply to]

Valdis.Kletnieks [at] vt wrote:
> Actually, I said that, not Jason. Jason just used mail software that *can't get
> quoting right* to reply to my message, so your quote of his message got the
> attribution wrong.

Sorry, I don't keep track of who is unable to quote properly. But I do
always try to make an effort to quote properly. :-)

> Foolhardy or not, it's probably unwise for an ISP to say "It's OK, *nobody* would
> be that foolhardy" and snip the service...

I am not sure about IP phones, but there are laws regulating this for
mobile phones. So my unlocked simless android phones (I only use smart
phones as testing tools for development) still are able to dial 911.

Regards,
Jeroen

--
Earthquake Magnitude: 4.0
Date: Wednesday, May 2, 2012 12:33:29 UTC
Location: Vancouver Island, Canada region
Latitude: 50.6619; Longitude: -129.8861
Depth: 10.00 km


sean at seanharlow

May 2, 2012, 12:57 PM

Post #38 of 46 (2144 views)
Permalink
Re: Operation Ghost Click [In reply to]

Then you'll be happy to know that most VoIP phones default to and good VoIP providers gladly support G.711, the exact same codec used in all digital trunks in the POTS network. Also, an on-the-ball VoIP carrier will be pushing G.722 "HD Voice" devices which offer about double the audio bandwidth in the same data bandwidth (64kbit/sec/stream) as G.711.

If your carrier is forcing G.729 or GSM, they're a joke.
---
Sean Harlow
sean [at] seanharlow

On May 2, 2012, at 15:52, Eric Wieling wrote:

>
> I doubt the g729 or GSM codecs used by VoIP and Cell phones can compare to a POTS line.
>
> -----Original Message-----
> From: Christopher Morrow [mailto:morrowc.lists [at] gmail]
> Sent: Wednesday, May 02, 2012 3:43 PM
> To: Jeroen van Aart
> Cc: NANOG list
> Subject: Re: Operation Ghost Click
>
> wow, 1990 much? are you actually just trolling today perhaps?
>
>


jeroen at mompl

May 2, 2012, 12:58 PM

Post #39 of 46 (2139 views)
Permalink
Re: Operation Ghost Click [In reply to]

Christopher Morrow wrote:
> wow, 1990 much? are you actually just trolling today perhaps?

No, what is wrong with using a land line, a rotary phone and enjoying a
reliable service? Plus a superior audio quality as opposed to the
compressed to hell quality of mobile phones.

Not withstanding that, according to you, in some places the landlines
"clipped the copper below the ground-level" I believe that vast majority
of the country has working copper phone lines that continue to work
during a power outage.

I fail to see why you must call me a troll for saying such a thing,
alas, maybe it can be attributed to a bad hair day.

Regards,
Jeroen

--
Earthquake Magnitude: 4.0
Date: Wednesday, May 2, 2012 12:33:29 UTC
Location: Vancouver Island, Canada region
Latitude: 50.6619; Longitude: -129.8861
Depth: 10.00 km


cmadams at hiwaay

May 2, 2012, 1:02 PM

Post #40 of 46 (2144 views)
Permalink
Re: Operation Ghost Click [In reply to]

Once upon a time, Jeroen van Aart <jeroen [at] mompl> said:
> Christopher Morrow wrote:
> >wow, 1990 much? are you actually just trolling today perhaps?
>
> No, what is wrong with using a land line, a rotary phone and enjoying a
> reliable service? Plus a superior audio quality as opposed to the
> compressed to hell quality of mobile phones.

As others pointed out, there are many digital codecs that are superior
to the audio quality of a rotary phone.

> Not withstanding that, according to you, in some places the landlines
> "clipped the copper below the ground-level" I believe that vast majority
> of the country has working copper phone lines that continue to work
> during a power outage.

Not so much. As has been pointed out here many times before, many
people now get POTS lines from remote cabinets that have limited battery
life and fail in a power outage lasting more than a few minutes.

--
Chris Adams <cmadams [at] hiwaay>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


jeroen at mompl

May 2, 2012, 1:10 PM

Post #41 of 46 (2142 views)
Permalink
Re: Operation Ghost Click [In reply to]

Sean Harlow wrote:
> Then you'll be happy to know that most VoIP phones default to and good VoIP providers gladly support G.711, the exact same codec used in all digital trunks in the POTS network. Also, an on-the-ball VoIP carrier will be pushing G.722 "HD Voice" devices which offer about double the audio bandwidth in the same data bandwidth (64kbit/sec/stream) as G.711.

Technical specs aside I believe you are mistaken with regards to the
actual every day reality. My experience (and anyone else I talked to)
calling to and from mobile phones has been 100% a bad one with regards
to audio quality. I know the bandwidth allows for better quality, but
carriers don't do it, they do the opposite.

Why else would a mobile phone carrier feel the need to advertise an "HD"
(shouldn't it be "HIFI"?) quality line (i.e. a quality that's standard
with every land line and already suboptimal):

http://www.pcmag.com/article2/0,2817,2402598,00.asp

"Sprint Brings HD Voice Calls to U.S."

Whatever...

--
Earthquake Magnitude: 4.0
Date: Wednesday, May 2, 2012 12:33:29 UTC
Location: Vancouver Island, Canada region
Latitude: 50.6619; Longitude: -129.8861
Depth: 10.00 km


morrowc.lists at gmail

May 2, 2012, 1:18 PM

Post #42 of 46 (2141 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Wed, May 2, 2012 at 4:02 PM, Chris Adams <cmadams [at] hiwaay> wrote:
> Once upon a time, Jeroen van Aart <jeroen [at] mompl> said:
>> Not withstanding that, according to you, in some places the landlines
>> "clipped the copper below the ground-level" I believe that vast majority
>> of the country has working copper phone lines that continue to work
>> during a power outage.
>
> Not so much.  As has been pointed out here many times before, many
> people now get POTS lines from remote cabinets that have limited battery
> life and fail in a power outage lasting more than a few minutes.

yes, this.

in the last 2 neighborhoods I've lived in... near/around ashburn, va
(home to verizon, mci, lots of telco/bell-shaped-heads) I've always
been serviced from a remote terminal, that has often failed when the
power has cycled... There's a slew of places in the US where you don't
actually go all the way back to the CO on a single copper pair :(

never mind the places where the mini-co bundles you up on some
mpls/ccc/etc link ...

anyway :)


Valdis.Kletnieks at vt

May 2, 2012, 1:20 PM

Post #43 of 46 (2140 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Wed, 02 May 2012 13:10:28 -0700, Jeroen van Aart said:

> Technical specs aside I believe you are mistaken with regards to the
> actual every day reality. My experience (and anyone else I talked to)
> calling to and from mobile phones has been 100% a bad one with regards
> to audio quality.

I look at my Samsung cell phone, and the tiny speaker squeezed in up over the
screen at one end, and then I think of the large speakers in the handset of an
old-school Bell system rotary phone. Then I think about the fact that my
laptop has pretty damned good sound quality when I plug in a good pair of
Kenwood KPM-410 headphones, and sounds totally crappy over the tiny built-in
speakers that Dell provided.

It may not be the codec that sucks...


joe at nethead

May 2, 2012, 5:40 PM

Post #44 of 46 (2127 views)
Permalink
Re: Operation Ghost Click [In reply to]

On Wed, May 2, 2012 at 1:20 PM, <Valdis.Kletnieks [at] vt> wrote:
> It may not be the codec that sucks...

Yeah, it is. Sit on hold with some music that is at a low volume and
you'll hear part that turn into white noise at times. Mobile operators us
codecs that are tuned for human voice. Get sounds away from voice and they
turn to mush. Back in a past life when I was a broadcast engineer we would
use dial-up lines for remotes. If the remote was in the same CO and it was
an analog (mechanical) office we could get 8-10kHz audio through a pair,
and flat if we used a bit of equalization. S/N was good enough to play
records for an AM station. Of course, now in the day of cell phones the
term "broadcast quality" has lost all meaning. Field reporters using cell
phones for live broadcast! There is a reason that the FCC set aside 30kHz
channels for electronic news gathering (ENG.) At least some stations still
order up ISDN lines for remotes.

--
Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474


frnkblk at iname

May 2, 2012, 6:42 PM

Post #45 of 46 (2124 views)
Permalink
RE: Operation Ghost Click [In reply to]

Many states have regulations regarding how long dial tone needs to last
during a power outage. Iowa's PUC (the IUB) requires at least two hours of
backup power. We design ours for eight hours.

Frank

-----Original Message-----
From: Chris Adams [mailto:cmadams [at] hiwaay]
Sent: Wednesday, May 02, 2012 3:03 PM
To: NANOG list
Subject: Re: Operation Ghost Click

<snip>

Not so much. As has been pointed out here many times before, many
people now get POTS lines from remote cabinets that have limited battery
life and fail in a power outage lasting more than a few minutes.

--
Chris Adams <cmadams [at] hiwaay>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


cmadams at hiwaay

May 2, 2012, 6:44 PM

Post #46 of 46 (2120 views)
Permalink
Re: Operation Ghost Click [In reply to]

Once upon a time, Christopher Morrow <morrowc.lists [at] gmail> said:
> in the last 2 neighborhoods I've lived in... near/around ashburn, va
> (home to verizon, mci, lots of telco/bell-shaped-heads) I've always
> been serviced from a remote terminal, that has often failed when the
> power has cycled... There's a slew of places in the US where you don't
> actually go all the way back to the CO on a single copper pair :(

Here in Huntsville, AL, I'm not sure if BellSouth/AT&T has anybody left
on copper. They rolled out a lot of fiber in the 1990s, slowed down for
the merger, and then picked back up.

Just over a year ago, the whole area lost power when tornadoes nearly
hit the nearby nuclear plant and took out a majority of the high-voltage
transmission lines and towers. Over the hours after the power failed,
my DSL died, then POTS dialtone died, and then cell service died.
Suprisingly my cable TV stayed working the longest. My cell phone also
returned to service first.

--
Chris Adams <cmadams [at] hiwaay>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

First page Previous page 1 2 Next page Last page  View All NANOG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.