[oclug] Rogers or Bell?

Ross Jordan rjordan at student.math.uwaterloo.ca
Mon Mar 5 17:36:25 EST 2001 

> 	When a failure occurs on ADSL, You (client) call your ISP, they in turn > open a ticket With nexxia (MTTR =<48hrs) and that is how it's done.  Your
> RP-PPPOE works, your mac is fine, but for some wierd reason frame-synch
> dissapears.  Also Temprature playes a role, the warmer it is outside the
> more likley a failure of service will occur (or bandwidth degrade). So if
> the trouble isni't with BELL then they will tell your ISP that their private
> network is causeing the problem. And the circle of blame that ensues may
> take a while to reslove as the NET-OP's of both sides involved battle over
> who is smarter.  (I've seen it happen, growen men acting like children it's
> a horrible sight, both convinced of the others wrong doing.)
I would have been happy to get resolution on problems in under a week
on Rogers. For all but the simplest problems, Rogers takes forever for
results, often ignoring you altogether. There might be less red tape,
but from my experience, it hasn't made them any faster.

As far as the encryption you were talking about earlier... I don't know
how true that is. Case in point, I tested (about 2 months ago), whether
I could sniff my friend's (who was on the same cable segment) telnet
connection. I turned on the sniffer, and at first saw no traffic but my
own. This led me to beleive the environment was switched (or similar).
So I did an ARP spoof of the default gateway, and relayed the traffic.
Immediately, my friend's traffic was visible. I then watched *all* his
traffic. It was cleartext, as telnet is supposed to be. I know my actions
probably violated the TOS (almost certainly did), but I was ethical and
had my friend's permission (who was the only person I sniffed). I think 
it is more important to know what is possible on the network, then to 
blindly accept that "all the data is encrypted" or somesuch. Perhaps 
I've misunderstood where the encryption takes place -- but I don't know 
how useful it is, if I can sniff the local segment. What is more upsetting,
is that (as far as I know) no one noticed.  Now people may be thinking, 
"That's ok, I can just encrypt any sensitive data... who uses telnet
anymore anyways...". The relay position, however, can be used to execute 
Man-In-the-Middle attacks and decrypt the ssh or ssl sessions, unless the
user is actively watching machine fingerprints.
The point being, cable is non-private.

-Ross

More information about the OCLUG mailing list