Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Xfinitywifi?


  • Please log in to reply
8 replies to this topic

#1 Captain_Chicken

Captain_Chicken

  • BC Advisor
  • 1,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 28 January 2016 - 12:32 PM

Hello,

It seems wherever I am there is a wifi named "xfinitywifi". What is this wifi? I connected to it and here is an ASCII text dump of the MDNS UDP streams.

............._pgpkey-hkp._tcp.local.................._ipps._tcp.local......_ipp..................._pgpkey-hkp._tcp.local.................._pgpkey-hkp._tcp.local.................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp...................0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa............griffin-terminator.local..`..................v.8..byp............._services._dns-sd._udp.local............_workstation._tcp.#.4.........)&griffin-terminator [74:da:38:62:79:70].4.............0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa......griffin-terminator.local......164.178.242.10.in-addr.P....&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.m.....Z.......x..
....x.......x...Z.Z.
.....x.
.X86_64.LINUX...!.....x.........Z..............Z.......x..........v.8..byp.........x...Z............._ipps._tcp.local......_ipp...................0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa......griffin-terminator.local......164.178.242.10.in-addr.P....&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.m.....Z.......x..
....x.......x...Z.Z.
.....x.
.X86_64.LINUX...!.....x.........Z..............Z.......x..........v.8..byp.........x...Z.............0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa......griffin-terminator.local......164.178.242.10.in-addr.P....&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.m.....Z.......x..
....x.......x...Z.Z.
.....x.
.X86_64.LINUX...!.....x.........Z..............Z.......x..........v.8..byp.........x...Z.............0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa........x...griffin-terminator.local..`.......x..
....164.178.242.10.in-addr.P.......x...`.`.
.....x.
.X86_64.LINUX&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.s.!.....x.........`..............`.......x..........v.8..byp............._services._dns-sd._udp.local............_workstation._tcp.#.4.........)&griffin-terminator [74:da:38:62:79:70].4............._ipps._tcp.local......_ipp...................0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa........x...griffin-terminator.local..`.......x..
....164.178.242.10.in-addr.P.......x...`.`.
.....x.
.X86_64.LINUX&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.s.!.....x.........`..............`.......x..........v.8..byp............._services._dns-sd._udp.local............_workstation._tcp.#.4.........)&griffin-terminator [74:da:38:62:79:70].4.T............T.!.....x.........griffin-terminator.#.........x..........v.8..byp.........x..
................_ipps._tcp.local......_ipp...................0.7.9.7.2.6.e.f.f.f.8.3.a.d.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa........x...griffin-terminator.local..`.......x..
....164.178.242.10.in-addr.P.......x...`.`.
.....x.
.X86_64.LINUX&griffin-terminator [74:da:38:62:79:70]._workstation._tcp.s.!.....x.........`..............`.......x..........v.8..byp............._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp..................._ipps._tcp.local......_ipp......

This is 10.242.178.164:5353 -> 224.0.0.251:5353


Computer Collection:

Spoiler

Spoiler

Spoiler

Spoiler

BC AdBot (Login to Remove)

 


#2 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:43 PM

Posted 28 January 2016 - 12:36 PM

In the US, anyone with a Comcast-branded modem has a secondary broadcasted wireless network called "xfinitywifi". This is supposed to allow anyone else who has a Comcast account, to connect to it, login with their Comcast account, and enjoy free wireless. It's a way of making public hotspots all over basically.

 

It is "supposed" to be separate and not interfere with your personal network, but I never liked it. I disable it on any modem I get my hands on.

 

If you connect to it and try to goto a website, it should throw you to a "firewall garden" page that has you login to your Comcast account in order to continue.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#3 Captain_Chicken

Captain_Chicken
  • Topic Starter

  • BC Advisor
  • 1,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 28 January 2016 - 12:42 PM

It's curious how many times it mentions my computer, griffin-terminator...

Computer Collection:

Spoiler

Spoiler

Spoiler

Spoiler

#4 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:09:43 PM

Posted 28 January 2016 - 12:59 PM

In the US, anyone with a Comcast-branded modem has a secondary broadcasted wireless network called "xfinitywifi". This is supposed to allow anyone else who has a Comcast account, to connect to it, login with their Comcast account, and enjoy free wireless. It's a way of making public hotspots all over basically.

 

 

 

That only applies if the Comcast modem is a gateway unit. (modem/router combo)

 

I have a Comcast gateway. The first thing I did when after installation was disabling the hotspot so others cannot connect to it.

I pay Comcast for my internet connection. I don't pay for others to use it. 

 

How to disable it can be found here http://customer.xfinity.com/help-and-support/internet/disable-xfinity-wifi-home-hotspot

 

IF someone has a gateway and IF they put the unit in bridge mode so they can use their own router (mine is in bridge mode so I can use my router) the gateway will still broadcast YOUR Xfinity wifi to the world and if you don't want anyone else leeching off what you pay for disable it. 

 

For what it's worth, NON-Comcast customers can connect to it as a "free trial" OR they can buy access packages with varying rates and length of time it allows them to connect. 


Edited by Queen-Evie, 28 January 2016 - 12:59 PM.


#5 Captain_Chicken

Captain_Chicken
  • Topic Starter

  • BC Advisor
  • 1,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 28 January 2016 - 01:11 PM

 

In the US, anyone with a Comcast-branded modem has a secondary broadcasted wireless network called "xfinitywifi". This is supposed to allow anyone else who has a Comcast account, to connect to it, login with their Comcast account, and enjoy free wireless. It's a way of making public hotspots all over basically.

 

 

 

That only applies if the Comcast modem is a gateway unit. (modem/router combo)

 

 

Unfortunately it is. The router has good connectivity but is unreliable and needs frequent restarts.

I'm going to disable that...


Computer Collection:

Spoiler

Spoiler

Spoiler

Spoiler

#6 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:43 PM

Posted 28 January 2016 - 01:14 PM

Unfortunately it is. The router has good connectivity but is unreliable and needs frequent restarts.
I'm going to disable that...

 

I don't expect disabling the public one will help that, but it certainly doesn't hurt.

 

I've had Comcast's technicians themselves tell me in person that their routers suck... I always recommend the setup Queen-Evie described, with using Comcast's equipment only as a bridged modem and hooking up your own router. It tends to be way more stable.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#7 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:09:43 PM

Posted 28 January 2016 - 01:16 PM

Disabling the hotspot may not have any affect on the frequent restarts. 

 

What is the manufacturer/model of your Comcast gateway?

 

(I have some errands to do and will check this topic when I get back home)



#8 Captain_Chicken

Captain_Chicken
  • Topic Starter

  • BC Advisor
  • 1,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 28 January 2016 - 01:45 PM

By frequent I mean 1-2 times a week which doesn't really bother me. Thanks for the tips!

Computer Collection:

Spoiler

Spoiler

Spoiler

Spoiler

#9 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:43 PM

Posted 28 January 2016 - 02:00 PM

That's still pretty frequent for needing to power cycle a modem. It shouldn't be required more than maybe once every few months, which even then is a bit much honestly.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users