Reply
Contributor
Posts: 7
Registered: ‎05-31-2006

Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

Hello, I've recently come across some information from a Comcast tech who was out here to repair a faulty CHN install and he said:
 
A) Port forwarding and blocking is actively discouraged, since it is all blocked on Comcast's end.  I should buy a new router.
:smileycool: Do not change the default admin password (even if its "1234"), so the techs can get in and out ASAP. 
C) Changing the admin password caused the firmware on my old (white) Netgear to fry and as a result he swapped it out for a black one.
D) Data on the partition of one hard drive can affect the data located on the other, after the partitioning has been done.
 
Is there any source at all to corroborate these very questionable words? I believe D) goes against "Basic Partitioning 101" and :smileycool: is just poor security practice. As for A) I'm not too sure about it, and I'll defer to the judgment of whoever can help me with this issue.  It didn't seem like they were filtering ports last week when I was able to play online games normally on TCP port 7777. 
 
My most important question is: If Comcast offers a Home Networking package,  and provides Port Forwarding/Blocking services, why do their techs claim Comcast does not support or allow it for users who wish it?   If you're going to support something, then go all the way.  Otherwise its just not worth it.
 
As for C). . .I just have no idea how changing a password can cause a modem to fry beyond what a reset via sticking it in the back with a pencil would do.  I'm all out of thoughts.
 
If it isn't against board etiquette to say this. . .thanks in advance to whoever replies to this thread with some useful info.
http://againsttcpa.com
Contributor
Posts: 7
Registered: ‎05-31-2006

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

PS: This tech also told me to not change ANYTHING in the set-up options.
http://againsttcpa.com
Recognized Contributor
AlisMan
Posts: 1,210
Registered: ‎10-31-2004

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

A) Forewarding ports does open them to the web, but thats the point. It is a slight security issue, but nothing serious.

:smileycool: Changing the password is extremely important. This tech really dropped the ball here. Call and report him to Comcast, he should be fired for being a moron.

C) No.

D) Data can be left over after partitioning, but this rarely affects new data. Basically, "format C:" isn't going to stop the athuorities from accessing all the data that you had on your hard drive.

Is this your router, or are you renting it from Comcast.

I think people who take the home networking package are wasting their money. You pay them hundreds of dollars for 5 minutes of work. Around here, 5 minutes of work gets me sixty three cents. Buy yourself your own router and hook it up, then you're in charge of everything and Comcast won't even touch your router during a service call. The router is in charge of port forewarding, there's really nothing Comcast can do to allow or disallow your router from doing that. Comcast only blocks the ports used in NetBIOS, this is to stop people's Windows file shares from being seen on the net.
Connection Expert
EG
Posts: 41,797
Registered: ‎12-24-2003

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

I thought that I heard some doosies, but this one takes the cake :smileysilly:
Most Valued Poster
BluegrassMan
Posts: 3,811
Registered: ‎08-06-2005

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

Oh Man........is that simply "COMCASTIC" or what??!!?? :smileylaugh:
Firefox 3
Contributor
Posts: 7
Registered: ‎05-31-2006

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

@AlisMan: I am renting this router.  Since these posts I've both changed the password and enabled the wireless access filter.  WEP was already in place but this guy changed the phrase from what it was when the first tech came over to actually install CHN. 
http://againsttcpa.com
Bronze Star Contributor
Posts: 168
Registered: ‎06-30-2003

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

[ Edited ]
A) Port forwarding and blocking is actively discouraged, since it is all blocked on Comcast's end.  I should buy a new router.
    If everything that should be blocked is blocked at Comcast's end, why does it matter if you block it too.
    Port forwarding may open a port on your PC to the net, but if Comcast blocks that port, where's the harm?  And if Comcast blocks all ports subject to known vulnerabilities at it's end, then shouldn't any open port that you can forward to a particular PC should be reasonably safe?
 
:smileycool: Do not change the default admin password (even if its "1234"), so the techs can get in and out ASAP.
  This is useful advice if you plan to keep your house unlocked or your door open so the tech can enter your house at a time or his or her choosing to work on your network even when nobody is home.  If your planning to do this, please let us know your address and where you keep your valuables.  Otherwise, I expect that somebody who knows the network password will be home and able to provide it to the Comcast tech when he or she arrives.
 
C) Changing the admin password caused the firmware on my old (white) Netgear to fry and as a result he swapped it out for a black one.
  Possible, as flash ram does go bad, usually after a considerable number of writes and rewrites (typically years of use), but sometimes before it's time.  On the other hand, I've had my car's starter motor die on me and need to be replaced because I switched on the ignition.  That incident won't stop me from turning my car on when I need to drive, and your incident shouldn't prevent you from changing your admin password whenever you deem it necessary.
 
D) Data on the partition of one hard drive can affect the data located on the other, after the partitioning has been done.
  I have no clue what your tech was trying to say.  But, given his track record, it was probably wrong.

Message Edited by edelbeb on 07-12-2006 11:33 AM

Recognized Contributor
AlisMan
Posts: 1,210
Registered: ‎10-31-2004

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?



edelbeb wrote:
And if Comcast blocks all ports subject to known vulnerabilities at it's end, then shouldn't any open port that you can forward to a particular PC should be reasonably safe?

Every port has a known vulnerability, so therefore Comcast doesn't block every "vulnerable port." Every port you open up through your router increses your chances of an attack. However, it is often nessicary to do so. With networks, you have to learn how to balence security and accessibility.
Email Expert
Posts: 18,241
Registered: ‎04-27-2004

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

Comcast doesn't block any ports involving vulnerabilities.  The ports they block are mainly the ones used for Windows file sharing.  Back when broadband was first becoming popular, people noticed that many broadband users had file sharing enabled, so their files could be accessed by anyone on the Internet.  This made the news, so most broadband providers started filtering the ports used for this.
Bronze Star Contributor
Posts: 168
Registered: ‎06-30-2003

Re: Why does Comcast Home Networking have questionable port forwarding/blocking use policy?

[ Edited ]

Sorry if anyone felt I was implying that Comcast DID block all vulnerable ports.  I was just pointing out the fallacy in the tech's reasoning that, because Comcast took care of blocking at their end, the customer would not need to block or forward ports.

Anyway, after I did some thinking (a task I save for rare occasions), I realized that I may have been a bit harsh on the Comcast tech.  If someone signs up for Comcast HNS, Comcast is responsible for maintaining that person's home network.  For troubleshooting purposes, if all HNS router are configured in a way that works with Comcast, Comcast can rule out a misconfigured router as the cause of a problem.  If an HNS user changed the settings of the router, the Comcast tech needs to check all settings and then rule out the changes settings as the cause.  Checking those settings would require more time and a more expensive, more experienced, and better trained tech, thus increasing Comcast's cost.

Message Edited by edelbeb on 07-13-2006 03:41 PM