4 replies to this topic

[zeba]

Tonight my Zyxel router lost its connection and then went in and out. I discovered that the secure SSID I created was gone, the admin password was reset to the default and it was sending out the default Zyxel unsecure wireless signal. I also discovered that the primary and secondary DNS servers were changed by Comcast to 75.75.75.75 and 75.75.76.76 respectively. I looked up and found out about DNSSEC and I guess Comcast finally converted us to this without any notification. I had no idea about all this coming at all, so was caught off guard.

Would this DNS change cause this sort of disruption to the router?

http://blog.comcast....deployment.html

[TriRan]

zeba, on 04 February 2012 - 01:35 AM, said:

Tonight my Zyxel router lost its connection and then went in and out. I discovered that the secure SSID I created was gone, the admin password was reset to the default and it was sending out the default Zyxel unsecure wireless signal. I also discovered that the primary and secondary DNS servers were changed by Comcast to 75.75.75.75 and 75.75.76.76 respectively. I looked up and found out about DNSSEC and I guess Comcast finally converted us to this without any notification. I had no idea about all this coming at all, so was caught off guard.

Would this DNS change cause this sort of disruption to the router?

http://blog.comcast....deployment.html

its a router modem combo? they could have reset it remotely

[mudmanc4]

This is irritating as a rash in a dark place. They make it sound as if they are helping people , when in essence all there doing is controlling and logging what your doing when you use there paid service.

From the article ,

Quote

The first role is perhaps the most critical, which is validating DNSSEC as part of the DNS lookups performed for our customers. These lookups occur when a customer tries to access a site, such as www.comcast.com. Then, when a customer tries to connect to that website, a Comcast DNS server checks that domain name, and verifies that signature to ensure that it is valid and has not been tampered with by hackers or other criminals.

Ok , so now we have the ISP deciding what is legit and not ? One if not the largest ISP deciding where your allowed to visit ? Frackin sad as hell !

And I agree w/ TriRan , if it's an ISP owned device , they can do as they please with it. I would chuck it and grab myself something I know they don't simply have complete access to. That wont stop the DNS hijacking there doing though.

[zeba]

TriRan, on 04 February 2012 - 12:39 PM, said:

its a router modem combo? they could have reset it remotely

No, it's a Zyxel X-550 that I purchased myself and set up with the provided cable modem. I haven't had any more disruptions and the DNS servers set by Comcast are still set to 75.75.75.75.
The cable modem provided by Comcast is a Scientific-Atlanta WebSTAR DPC2100. We got it in 2004 when we first set up cable service. No idea what quality of connection this one provides.

As far as the DNS hijacking, should we switch to OpenDNS? I've read about it, but haven't tried it, yet. Pros and cons?
http://www.opendns.com/

[TriRan]

I use level3 dns servers I tried open dns for a bit but they are to consumerish for me though