Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ISP terrorism


  • Please log in to reply
4 replies to this topic

#1 arogue

arogue

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 31 March 2014 - 12:19 PM

I use Charter.com as my isp.  I also use a paid VPN.  Charter does not like vpn's so they continually slow me down to @ 3mps,

even though I pay for 30mps.  Yes I have complained. 

 

With all that said, I found ways to beat their system and now they came into my computer and installed malware.  I was able to

clean it out with the help of Malwarebytes support.  I also have Zone Alarm installed.

 

They have now come back into my computer and installed a wan and have corrupted and locked me out of the internet.  I looked around and found out that they had even erased the tracking logs to cover their tracks.  How do I know it is Charter.  This only

happens when I am able to get around their vpn security block.  No problems otherwise.

 

I have tried a restore, frst, adwcleaner, jrt, and tweaking.com.  Nothing has repaired my internet access.

Questions

1.  What can I use to track "ALL" activity:  ip, code, etc. on my computer and hide it to stop them from erasing tracks.

2.  How can I keep them out of my computer?

3.  After  capturing the traffic, who can I send it to for analysis?

4.  Now, how do I fix this?

 

Frustrated and mad as hell  !!!!!

 

thanks for any help

 



BC AdBot (Login to Remove)

 


#2 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:26 PM

Posted 08 May 2014 - 12:26 AM

I doubt that your ISP has installed any malware to your computer. That would be kind of bad for business. As little as I know about VPN I say only based on assumption that since its sort of shared network the traffic might be traveling through slower path than without VPN. About capturing your traffic there are programs for that. Personally I prefer Wireshark(http://www.wireshark.org/) which is even used in industry level. If you want to monitor your computers running programs  there is procmon(http://technet.microsoft.com/fi-fi/sysinternals/bb896645.aspx) program for that. Those both programs log data in realtime.



#3 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,837 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:26 AM

Posted 08 May 2014 - 12:57 AM

I too doubt its your ISP, They would not play game's, If they did not want or allow VPN's they would warn you once  then disconnect you.



#4 arogue

arogue
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 08 May 2014 - 09:50 AM

Thanks for the replies.  I began logging  the blocked attempts on my computer.  I had @ 100 in 2 hours.  I called Charter and told them I was logging the ip's.  I them gave them several of the ip/s and hashes.  The number of attempts immediately went down to 8 in the next 4 hours.  I tracked several of them using Cports.cmd.  Several of them were from Amazon, Akmai Industries, etc.  However, there were a few that i couldn't track to a site, but I did track them back to a university in Canada that they were probably using as a proxy.

Here is what was going on.  Charter told me that they don't support VPN except on a business isp.  I challenged them on that and told them I pay for my vpn and they were blocking my access to it.  They were also throttling me back to 2-4 mps download when I started the vpn and I was paying for 30mps.  I began stacking several vpn's to prevent access.  I believe that it became a game of one upmanship.  They didn't want me to use my vpn, and me taking steps to stop them from stopping me.  Customer service sent a repairman out to check out my claims.  He said that he had never seen anything like it before and that he would put his finding in his report.  They then gave me credit for one month of service.

 

Strange, but the rate of access attempts has stayed very low since my discussion with them. 



#5 wing987

wing987

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Payette, ID
  • Local time:07:26 AM

Posted 08 July 2014 - 01:58 PM

I doubt your ISP has installed malware on your system.  That being said, I recommend that you look into the DOCSIS 3.0 standard and learn about it.  simply put in one short sentance, by using cable that is DOCSIS 3.0 supported you give up all access and privacy to the ISP, who can control your network in every detail (including pinpointing where a file is saved at if they so choose) unless you have a legitimate, non-business appliance to seperate your network from theirs. I fought this with Cable One and lost, Comcast as well but I didnt make a big stink with them.  The problem is of course that we cannot find another ISP, as they are the only ones in your neighborhood.  and you do not move into a house ONLY because of the ISP, in fact it is rarely considered.

 

What you need is a firewall that you control, and they legally cannot pass. This would also mark every attempt to do so.  I use Sophos installed on an appliance, operating on the line.  The ONLY way into my network is through that firewall. This keeps my information MY information, and my network setup MINE without their "need to know" since they dont need to know. However, my outbound traffic is still up to them to let pass, once you put data on their network it technically belongs to them (Microsoft proved this when they looked up private emails of a customer to give to lawyers in a lawsuit against a former employee who was emailing said customer....this was morally illegal and against the US Bill of Rights for privacy, but technically legal because it was their network and hardware), this means that if they see VPN traffic they are legally allowed to throttle it (look up the abolishing of the free internet policy), and can technically block or throttle whatever they wish whenever they wish. Adding the firewall only keeps what is yours...yours.  It creates the physical and network boundry that is missing in most home networks that forces them to recognize it as the limit on their control of the network.  Nothing more (in this case). If they pass it you can take them to court. additionally, if it was not them, as I suspect, you are now just that much more secure.


Edited by wing987, 08 July 2014 - 01:58 PM.

-- Windows 7 Ultimate on custom built system, Windows 10 on under powered laptop. Sophos UTM 9, Ubuntu Server and Windows Server 2008 R2. HyperV Virtualization --

 

"The hottest places in hell are reserved for those who in a period of moral crisis maintain their neutrality," John F. Kennedy





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users