Jump to content
Sign in to follow this  
sivatag

Comcast DNSSEC and my router foulup

Recommended Posts

Tonight my Zyxel router lost its connection and then went in and out. I discovered that the secure SSID I created was gone, the admin password was reset to the default and it was sending out the default Zyxel unsecure wireless signal. I also discovered that the primary and secondary DNS servers were changed by Comcast to 75.75.75.75 and 75.75.76.76 respectively. I looked up and found out about DNSSEC and I guess Comcast finally converted us to this without any notification. I had no idea about all this coming at all, so was caught off guard.

Would this DNS change cause this sort of disruption to the router?

http://blog.comcast....deployment.html

Share this post


Link to post
Share on other sites

Tonight my Zyxel router lost its connection and then went in and out. I discovered that the secure SSID I created was gone, the admin password was reset to the default and it was sending out the default Zyxel unsecure wireless signal. I also discovered that the primary and secondary DNS servers were changed by Comcast to 75.75.75.75 and 75.75.76.76 respectively. I looked up and found out about DNSSEC and I guess Comcast finally converted us to this without any notification. I had no idea about all this coming at all, so was caught off guard.

Would this DNS change cause this sort of disruption to the router?

http://blog.comcast....deployment.html

its a router modem combo? they could have reset it remotely

Share this post


Link to post
Share on other sites

This is irritating as a rash in a dark place. They make it sound as if they are helping people , when in essence all there doing is controlling and logging what your doing when you use there paid service.

From the article ,

The first role is perhaps the most critical, which is validating DNSSEC as part of the DNS lookups performed for our customers. These lookups occur when a customer tries to access a site, such as www.comcast.com. Then, when a customer tries to connect to that website, a Comcast DNS server checks that domain name, and verifies that signature to ensure that it is valid and has not been tampered with by hackers or other criminals.

Ok , so now we have the ISP deciding what is legit and not ? One if not the largest ISP deciding where your allowed to visit ? Frackin sad as hell !

And I agree w/ TriRan , if it's an ISP owned device , they can do as they please with it. I would chuck it and grab myself something I know they don't simply have complete access to. That wont stop the DNS hijacking there doing though.

Share this post


Link to post
Share on other sites

its a router modem combo? they could have reset it remotely

No, it's a Zyxel X-550 that I purchased myself and set up with the provided cable modem. I haven't had any more disruptions and the DNS servers set by Comcast are still set to 75.75.75.75.

The cable modem provided by Comcast is a Scientific-Atlanta WebSTAR DPC2100. We got it in 2004 when we first set up cable service. No idea what quality of connection this one provides.

As far as the DNS hijacking, should we switch to OpenDNS? I've read about it, but haven't tried it, yet. Pros and cons?

http://www.opendns.com/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...