Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21
54 posts

Master Geek
+1 received by user: 1


  Reply # 1124862 9-Sep-2014 11:02
Send private message

andrew027:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device... 

...we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So the Spark website says "network traffic has returned to normal" and you say it's only "a very small number of customers" experiencing problems. I must be one of them, as I couldn't connect before I left home this morning.  Someone has said to me that it may indicate that I'm one of the people causing the problem.  How would I find out?



I was told by a technician that if you were blacklisted you would of been contacted and sent a new router. Not sure what to believe ATM. Feels like someone has market the ticket as resolved when there are still existing issues...

1243 posts

Uber Geek
+1 received by user: 530


  Reply # 1124881 9-Sep-2014 11:11
Send private message

martinjward: I was told by a technician that if you were blacklisted you would of been contacted and sent a new router. Not sure what to believe ATM. Feels like someone has market the ticket as resolved when there are still existing issues...

Thanks. I definately have not been contacted, so that's hopeful. Also, the Stuff article I read this morning said Spark thought it was "138 older modems on its network... [and] it appears that some of these modems may have been reconfigured".  My modem is the standard Thomson provided when I switched to VDSL less than two years ago and the only thing I have "reconfigured" on it is to block some devices after certain times (so my daughter isn't on Minecraft at 2:00am). It's just that after four days of pretty much no service I'm looking at all options at the moment.

3668 posts

Uber Geek
+1 received by user: 2191

Trusted
Spark NZ

  Reply # 1124892 9-Sep-2014 11:30
Send private message

andrew027:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device... 

...we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So the Spark website says "network traffic has returned to normal" and you say it's only "a very small number of customers" experiencing problems. I must be one of them, as I couldn't connect before I left home this morning.  Someone has said to me that it may indicate that I'm one of the people causing the problem.  How would I find out?


Firstly, try the workaround of setting the DNS settings on your end devices to confirm there aren't any other issues.

The 138/139/141 number that's been mentioned in many places is NOT the full extent of the problem - that reflects the specific number of devices we identified during a small period of time during the attack. The changes made to mitigate the issue will have affected more customers than that, and not all customers affected were part of the problem (But had the potential to be).

At the moment the best advice I can give is to try the workaround and phone the helpdesk to get a case at least logged.

Cheers - N


1243 posts

Uber Geek
+1 received by user: 530


  Reply # 1124935 9-Sep-2014 12:13
Send private message

Talkiet: At the moment the best advice I can give is to try the workaround and phone the helpdesk to get a case at least logged.

Cheers - N

Thanks Neil - I'll do that as soon as I get home...

36 posts

Geek
+1 received by user: 8


  Reply # 1125109 9-Sep-2014 15:27
Send private message

Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device (PC etc  - NOT on your router) (either our own servers 122.56.237.1 / 210.55.111.1 or the Google DNS server 8.8.8.8 / 8.8.4.4) in order to get DNS resolution working again. This will be a short term requirement (no I don't know how many hours/days) and is the result of a change made to protect the rest of the network and mitigate the recent attack.

There will be more information on this shortly, and we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So I appear to be one of these customers, can anyone elaborate to what's going on? I even setup the Google DNS servers in the router to try and avoid having to statically set static DNS to googles servers on the ~15 or so devices at home ( I live in a flat so somehow end up being everyone's personal sysadmin :P ). Are Spark blocking forwarded DNS requests from particular modems, but not requests directly from the various OSes behind the router? As that seems to be the behavior I'm seeing.

Yes my modem is a very old model, that has been solid for years. It's never been telecom supplied. And I'm 99% sure that there's no infected devices on our network.

'That VDSL Cat'
8473 posts

Uber Geek
+1 received by user: 1824

Trusted
Spark
Subscriber

  Reply # 1125114 9-Sep-2014 15:37
Send private message

toxicbubble:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device (PC etc  - NOT on your router) (either our own servers 122.56.237.1 / 210.55.111.1 or the Google DNS server 8.8.8.8 / 8.8.4.4) in order to get DNS resolution working again. This will be a short term requirement (no I don't know how many hours/days) and is the result of a change made to protect the rest of the network and mitigate the recent attack.

There will be more information on this shortly, and we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So I appear to be one of these customers, can anyone elaborate to what's going on? I even setup the Google DNS servers in the router to try and avoid having to statically set static DNS to googles servers on the ~15 or so devices at home ( I live in a flat so somehow end up being everyone's personal sysadmin :P ). Are Spark blocking forwarded DNS requests from particular modems, but not requests directly from the various OSes behind the router? As that seems to be the behavior I'm seeing.

Yes my modem is a very old model, that has been solid for years. It's never been telecom supplied. And I'm 99% sure that there's no infected devices on our network.


While i cant answer your question accurately, I will say...

Its probably about time to upgrade that modem anyway.. Might even be able to convince spark to send you out a new one if you ask nicely..




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


36 posts

Geek
+1 received by user: 8


  Reply # 1125117 9-Sep-2014 15:43
Send private message

hio77:
toxicbubble:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device (PC etc  - NOT on your router) (either our own servers 122.56.237.1 / 210.55.111.1 or the Google DNS server 8.8.8.8 / 8.8.4.4) in order to get DNS resolution working again. This will be a short term requirement (no I don't know how many hours/days) and is the result of a change made to protect the rest of the network and mitigate the recent attack.

There will be more information on this shortly, and we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So I appear to be one of these customers, can anyone elaborate to what's going on? I even setup the Google DNS servers in the router to try and avoid having to statically set static DNS to googles servers on the ~15 or so devices at home ( I live in a flat so somehow end up being everyone's personal sysadmin :P ). Are Spark blocking forwarded DNS requests from particular modems, but not requests directly from the various OSes behind the router? As that seems to be the behavior I'm seeing.

Yes my modem is a very old model, that has been solid for years. It's never been telecom supplied. And I'm 99% sure that there's no infected devices on our network.


While i cant answer your question accurately, I will say...

Its probably about time to upgrade that modem anyway.. Might even be able to convince spark to send you out a new one if you ask nicely..

 

 

 

You may be right, but I'm a little reluctant, as I had all sorts of issues with getting a stable DSL connection in the past. I've been in flats with terrible quality wiring, where the landlords don't care, and others where the copper runs were just way too long giving poor SNR. I've moved around a lot and had all sorts of issues getting a stable connection. I complained to the providers many times and they sent me quite a few different modems - all terrible, dropping multiple times a day and huge pings etc... Granted this was probably ~5 years ago and the line qualities were bad - just out of my control.

Did some research on high quality modems for bad quality lines and bought it myself, and this one has just been flawless for me for years.

'That VDSL Cat'
8473 posts

Uber Geek
+1 received by user: 1824

Trusted
Spark
Subscriber

  Reply # 1125149 9-Sep-2014 16:18
Send private message

toxicbubble:
hio77:
toxicbubble:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device (PC etc  - NOT on your router) (either our own servers 122.56.237.1 / 210.55.111.1 or the Google DNS server 8.8.8.8 / 8.8.4.4) in order to get DNS resolution working again. This will be a short term requirement (no I don't know how many hours/days) and is the result of a change made to protect the rest of the network and mitigate the recent attack.

There will be more information on this shortly, and we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So I appear to be one of these customers, can anyone elaborate to what's going on? I even setup the Google DNS servers in the router to try and avoid having to statically set static DNS to googles servers on the ~15 or so devices at home ( I live in a flat so somehow end up being everyone's personal sysadmin :P ). Are Spark blocking forwarded DNS requests from particular modems, but not requests directly from the various OSes behind the router? As that seems to be the behavior I'm seeing.

Yes my modem is a very old model, that has been solid for years. It's never been telecom supplied. And I'm 99% sure that there's no infected devices on our network.


While i cant answer your question accurately, I will say...

Its probably about time to upgrade that modem anyway.. Might even be able to convince spark to send you out a new one if you ask nicely..
  You may be right, but I'm a little reluctant, as I had all sorts of issues with getting a stable DSL connection in the past. I've been in flats with terrible quality wiring, where the landlords don't care, and others where the copper runs were just way too long giving poor SNR. I've moved around a lot and had all sorts of issues getting a stable connection. I complained to the providers many times and they sent me quite a few different modems - all terrible, dropping multiple times a day and huge pings etc... Granted this was probably ~5 years ago and the line qualities were bad - just out of my control.

Did some research on high quality modems for bad quality lines and bought it myself, and this one has just been flawless for me for years.


i personally wouldnt put up with a flat with a bad line - although unless i move somewhere with ufb, ima be on vdsl so a spliter is a must anyway...


When moving into this place (first place where its just mine and the gfs name on the lease rather than flatting with people) we made sure it was perfectly find with the landlord and the agency that we put in a splitter.


For the cost of installing one, was not worth even trying to say they should pay half or whatever...


If your physical line is having issues, that would be your first step to sort it out..


As for huge ping times, in flats this often means someones belting the connection...




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


36 posts

Geek
+1 received by user: 8


  Reply # 1125166 9-Sep-2014 16:28
Send private message

hio77:
toxicbubble:
hio77:
toxicbubble:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device (PC etc  - NOT on your router) (either our own servers 122.56.237.1 / 210.55.111.1 or the Google DNS server 8.8.8.8 / 8.8.4.4) in order to get DNS resolution working again. This will be a short term requirement (no I don't know how many hours/days) and is the result of a change made to protect the rest of the network and mitigate the recent attack.

There will be more information on this shortly, and we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So I appear to be one of these customers, can anyone elaborate to what's going on? I even setup the Google DNS servers in the router to try and avoid having to statically set static DNS to googles servers on the ~15 or so devices at home ( I live in a flat so somehow end up being everyone's personal sysadmin :P ). Are Spark blocking forwarded DNS requests from particular modems, but not requests directly from the various OSes behind the router? As that seems to be the behavior I'm seeing.

Yes my modem is a very old model, that has been solid for years. It's never been telecom supplied. And I'm 99% sure that there's no infected devices on our network.


While i cant answer your question accurately, I will say...

Its probably about time to upgrade that modem anyway.. Might even be able to convince spark to send you out a new one if you ask nicely..
  You may be right, but I'm a little reluctant, as I had all sorts of issues with getting a stable DSL connection in the past. I've been in flats with terrible quality wiring, where the landlords don't care, and others where the copper runs were just way too long giving poor SNR. I've moved around a lot and had all sorts of issues getting a stable connection. I complained to the providers many times and they sent me quite a few different modems - all terrible, dropping multiple times a day and huge pings etc... Granted this was probably ~5 years ago and the line qualities were bad - just out of my control.

Did some research on high quality modems for bad quality lines and bought it myself, and this one has just been flawless for me for years.


i personally wouldnt put up with a flat with a bad line - although unless i move somewhere with ufb, ima be on vdsl so a spliter is a must anyway...


When moving into this place (first place where its just mine and the gfs name on the lease rather than flatting with people) we made sure it was perfectly find with the landlord and the agency that we put in a splitter.


For the cost of installing one, was not worth even trying to say they should pay half or whatever...


If your physical line is having issues, that would be your first step to sort it out..


As for huge ping times, in flats this often means someones belting the connection...


The problems were mostly in the past, and were definitely issues with bad lines, as tested during the initial setups when no one else was using in. Unfortunately, my experience of renting in Christchurch lately is that you can't really be fussy anymore, there's not enough housing to go around post-quake and landlords are still milking it. Thankfully, where I live now the copper quality seems solid, as we get great sync speeds. I just like the idea of having a modem that CAN deal with shoddy lines if need be, and seemed pointless to upgrade (already have a separate wireless AP) but I might look at getting something a bit newer anyway.

Anyway sorry for taking the thread OT a bit. I was just interested in what was going on at Sparks end, seems interesting to block certain devices?


48 posts

Geek
+1 received by user: 4

Trusted

  Reply # 1125171 9-Sep-2014 16:42
Send private message

Talkiet:
andrew027:
Talkiet: In the short term a very small number of customers will need to manually set DNS servers on their end device... 

...we are working right now to get this tiny minority of customers connected without them having to make any changes.

Regards
Neil G


So the Spark website says "network traffic has returned to normal" and you say it's only "a very small number of customers" experiencing problems. I must be one of them, as I couldn't connect before I left home this morning.  Someone has said to me that it may indicate that I'm one of the people causing the problem.  How would I find out?


Firstly, try the workaround of setting the DNS settings on your end devices to confirm there aren't any other issues.

The 138/139/141 number that's been mentioned in many places is NOT the full extent of the problem - that reflects the specific number of devices we identified during a small period of time during the attack. The changes made to mitigate the issue will have affected more customers than that, and not all customers affected were part of the problem (But had the potential to be).

At the moment the best advice I can give is to try the workaround and phone the helpdesk to get a case at least logged.

Cheers - N



So can I ask a very simple question. Was the "issue" talkiet refers to the result of a vulnerability or misconfiguration of certain models of telecom supplied modems.





M

133 posts

Master Geek
+1 received by user: 41


  Reply # 1125213 9-Sep-2014 17:52
Send private message


So can I ask a very simple question. Was the "issue" talkiet refers to the result of a vulnerability or misconfiguration of certain models of telecom supplied modems.



the only telecom supplied modem which can do this afaik is the DLINK DSL-302, which is only if they mess up the configuration. The default configuration doesnt have this flaw.
Other than that, they are 3rd party modems. I remember about 18 months ago, there was a Tenda modem that did this. There were threads on GP and I think GZ about it.

8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 1125226 9-Sep-2014 18:09
Send private message

There are a lot of old vulnerable consumer routers out there, unlikely to be specific to one brand or model.  

I would not be surprised if some Thomon/Techincolor models were involved... and you'd expect to see some Linksys, Netgear, TP Link, Dlink, Tenda too...




14292 posts

Uber Geek
+1 received by user: 1849


  Reply # 1125229 9-Sep-2014 18:13
Send private message

Do the manufactures of modems have back door entry to their modems to install OTA updates? What if their system had been hacked?

3668 posts

Uber Geek
+1 received by user: 2191

Trusted
Spark NZ

  Reply # 1125234 9-Sep-2014 18:24
Send private message

mattwnz: Do the manufactures of modems have back door entry to their modems to install OTA updates? What if their system had been hacked?


There's no 'back door' for this... There is a supported standard that allows providers to update modems remotely but it has to be setup and enabled when the router is first sent out (or manually configured later)

I haven't heard of such a system being hacked.

There are occasional vulnerabilities in some routers that allow remote code execution and can result in extra code being loaded onto the routers. It's pretty rare.

We're certainly not concerned about Spark having sent out routers that are suspect in the recent issue.

Cheers - N


11 posts

Geek
+1 received by user: 2


  Reply # 1125572 10-Sep-2014 09:20
Send private message

From Spark this morning ... it looks like you may be using a Netcomm router, is that correct? If so, some of these modems have been
blocked from checking DNS due to being vulnerable to attacks like we had on the weekend. Applying DNS to each device
should still allow each device to get online.

My problem with Spark is  they haven't published that they have blocked users and provide more detailed information. Instead they have just left users not working and announce in the media all is good.
Setting Google DNS in the router rather than Spark ones does not resolve the problem as it would appear the router itself is blocked from DNS however setting up your own internal DNS or setting DNS on each device does work.

1 | ... | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.