I'm on Comcast and recently ran into incredible trouble with web connectivity.
With an on-site-engineer present we beat on the comcast provisioning system for some time. We were chasing our tails.
Finally I disconnected the Astaro box from the cable modem and directly connected my laptop. I noticed the ip address that was being given was a 192.168 address. This is the non-routing private address space. I asked the Senior Tech support on the phone if this was appropriate. He said, "No".
So there is a rogue DHCP server on Comcast's network which strongly suggests a man-in-the-middle attack.
I would like to hear of what technologies Sophos/Astaro might implement to prevent this sort of attack - or at least a monitoring system that could alert me to this sort of problem.
Thanks,
Doug
PS: I asked Comcast if they could provide me with the address space that would I should be connected to. They could not provide this information.
This thread was automatically locked due to age.
