HEY WEBSITEPROS... YET ANOTHER UNHAPPY PERSON!This is a discussion on HEY WEBSITEPROS... YET ANOTHER UNHAPPY PERSON! within the Net Objects Fusion forums in Application Servers & Tools category; "Mark Reed" <mreed @ reedassociates.com> wrote in message news:Xns92DB5C2E2B0E7mreedreedassociatesc @ 209.224. 185.150... > Loss of connectivity... and when I talked to my ISP they kept saying > everything was ok on thier end. > > So after checking all the physical areas and logical setup areas... and > they all tested out fine...and the modem was connected to the cable > company segment.... I decided to setup a secondary PC on another cable > modem I had and to set a static IP and forced a lease renew on it.. (I > probabbly took someone elses IP for a short ... | ||||||||
| | ||||||||
| ||||||||
| Register | FAQ | Calendar | Search | Today's Posts | Mark Forums Read |
|
#11
12-05-2002, 10:04 AM
| |||
| |||
 Re: HEY WEBSITEPROS... YET ANOTHER UNHAPPY PERSON! "Mark Reed" <mreed@reedassociates.com> wrote in message news:Xns92DB5C2E2B0E7mreedreedassociatesc@209.224. 185.150... > Loss of connectivity... and when I talked to my ISP they kept saying > everything was ok on thier end. > > So after checking all the physical areas and logical setup areas... and > they all tested out fine...and the modem was connected to the cable > company segment.... I decided to setup a secondary PC on another cable > modem I had and to set a static IP and forced a lease renew on it.. (I > probabbly took someone elses IP for a short period of time..Oh well).. in > order to run a sniffer and see what kind of data was flowing out there > when my primary PC and cable modem was trying to establish connectivity. > > (I had to modify the cable modem defaults in order to see all the traffic > and to run a sniffer on the segment) > > From that I saw DHCP errors for a duplicate IP address - mine. There > were packets being sent to my MAC and IP addresses. These were valid IP > sessions with various websites etc...so I knew someone had my IP and > changed thier MAC address to mine in order to aquire my IP on the lease > renew. > > The nice thing is ... email sends its authentication in plain text... so > I was able to find out everything about this joker... his username and > email password when he checked his own personal email while spoofing me. > > I wont say where I went from there... <grin> > > I did however purchase a static IP from my ISP so that I do not have to > deal with leasing issues liek this in the future... plus I wanted a > static anyways for personal server use. > > > > mmr Nice detective work! thx  |
|
#12
12-10-2002, 02:48 AM
| |||
| |||
| Mr. Reed - I have a freind! His name is "Guido" 'Nuff said! Good luck! "Mark Reed" <mreed@reedassociates.com> wrote in message news:Xns92DB5C2E2B0E7mreedreedassociatesc@209.224. 185.150... > Loss of connectivity... and when I talked to my ISP they kept saying > everything was ok on thier end. > > So after checking all the physical areas and logical setup areas... and > they all tested out fine...and the modem was connected to the cable > company segment.... I decided to setup a secondary PC on another cable > modem I had and to set a static IP and forced a lease renew on it.. (I > probabbly took someone elses IP for a short period of time..Oh well).. in > order to run a sniffer and see what kind of data was flowing out there > when my primary PC and cable modem was trying to establish connectivity. > > (I had to modify the cable modem defaults in order to see all the traffic > and to run a sniffer on the segment) > > From that I saw DHCP errors for a duplicate IP address - mine. There > were packets being sent to my MAC and IP addresses. These were valid IP > sessions with various websites etc...so I knew someone had my IP and > changed thier MAC address to mine in order to aquire my IP on the lease > renew. > > The nice thing is ... email sends its authentication in plain text... so > I was able to find out everything about this joker... his username and > email password when he checked his own personal email while spoofing me. > > I wont say where I went from there... <grin> > > I did however purchase a static IP from my ISP so that I do not have to > deal with leasing issues liek this in the future... plus I wanted a > static anyways for personal server use. > > > > mmr > > > "Robert Oschler" <Oschler@earthlink.net> wrote in news:asmue1$o9j5 > @news01.netobjects.com: > > > > > "Mark Reed" <mreed@reedassociates.com> wrote in message > > news:Xns92DB70766704mreedreedassociatesc@209.224.1 85.150... > >> That would be the politically correct thing to do... > >> > >> however I prefer more guerilla type tactics > >> > >> One can always get another ISP...<grin> > >> > >> Plus it allows me to sharpen my own skills hahaha. > >> > >> mmr > >> > >> > >> > > Mark, > > > > How did you discover what this guy was doing? That is, what > asymptomatic > > net behavior and clues led to your discovery? > > > > thx > > > > > > > > > > > > -- > --------------- > Mark M. Reed > mreed@reedassociates.com > > "DaVinci never slept..." |
 |
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
All times are GMT -5. The time now is 05:30 AM.
