Is it true your ISP (lets just say COX high speed internet)"records" your internet history?If so,how detailed is it?Particularly,if i'm on a P2P network do they "record" each thing i download or just log that i had connected to its server?
Printable View
Is it true your ISP (lets just say COX high speed internet)"records" your internet history?If so,how detailed is it?Particularly,if i'm on a P2P network do they "record" each thing i download or just log that i had connected to its server?
Why not call them and ask them? If they are recording your activity, surely they will tell you?
Listen kid, let me give you some advice............I will cut to the chase so to speak...............not only will they know what you jerk off to, they will give you points out of 10 for style ;)
Quote:
Originally posted here by nihil
Listen kid, let me give you some advice............I will cut to the chase so to speak...............not only will they know what you jerk off to, they will give you points out of 10 for style ;)
HAHAHAHA..........Nice :cool:
I did a quick web session with their online support...
Please contact them directly if you have any more questions.Quote:
Online Chat Support:
Status: Analyst jonathan is here and your issue status is: working Problem:I know ISPs are required to log customer internet usage. What type of information is logged? How much detail? How long is it stored? Is the customer allowed to view what information is logged about the customer?
user phishphreek has entered room
analyst jonathan has entered room
jonathan> Welcome to Cox Live Support, my name is Jonathan and I can help you.
phishphreek> hello, how are you tonight?
jonathan> Unfortunately, I do not have such information available. All that I know we track is what IP address you have and when you have it.
phishphreek> so, customers are not allowed to view what information is logged about them? Who do they have to contact to get such information?
jonathan> Just one moment Please. Thank you for your patience.
jonathan> I've been informed that the only logging we do is querying the modem for modem status and potentially hazardous open ports. You can send a request for this information to [email protected] if you wish.
phishphreek> thank you for the information
phishphreek> have a good night
jonathan> Again my name is Jonathan. Thank you for choosing Cox Communications. Have a nice evening.
They have the ability to monitor everything you do... maybe you have to "raise a red flag" for them to actually log detailed info? Logging such info about all users would surely use up quite a bit of resources?
I see that they monitor for "potentially hazardous open port"... meaning that they are scanning your for viruses, open relays, other servers? Their AUP says you can't operate any server...
http://www.cox.com/policy/#Acceptable_Use_Policy
http://www.cox.com/policy/#Subscriber_Agreement
Ok, first things first - since my brain is now officially beyond being offended:
Did you happen to mean "In Particular?"Quote:
Imparticularly
Now onto your help -
Reading between the lines of your question puts me in mind to translate it for everyone: "I'm thinking on doing something illegal, or have already done something illegal. Can my ISP see what I'm doing or have done?"
So I answer this way:
Yes, they record. Yes, they record EVERYTHING, even your piss poor diction in your AO posts, the porn you look at, the warez you download, the works. The catch is this - they don't have time to look at the EVERYTHING they record, and they won't tell you what they're looking at from one day to the next, if anything at all. Attempting to do anything illegal from your home system is a big gamble with the deck stacked against you; you might not get caught out, but odds are you will. The first trick in doing illegal activities is to BE your isp...or to know someone who is and how to get to them...
Hat tips to Phishy on this one, but just because they tell you they aren't recording doesn't actually mean they aren't, only that they're not telling you about it...
Or... someone elses ISP... ;) A laptop, power inverter and a wifi card will do wonders. :) LoLQuote:
The first trick in doing illegal activities is to BE your isp...or to know someone who is and how to get to them...
I'm not condoning illegal activities... just been seeing that more "criminals" are now using open APs to conduct their illegal activities. I warn my clients of such vulnerabilities if I see an open AP on their network.
Hi. The OP didn't say he was interested in doing anything illegal. There is also not very much to the post to read between the lines. We have to go by what was posted and reply according. One can assume all they want, but it's important to reply to what was posted. Inquiring about logging activities does not flag one a possible malicious user.
I am more interested and suspicious of those "free" "anonymous" proxy servers on the internet. If memory serves me correct, nothing is "free" and everything has a price.
I've found tor to be pretty effective when trying to stay annonymous.
http://tor.eff.org/
However, this will only make your activity annonymous to the remote site. Your ISP can still see what you're doing. You are using your ISP as your "first hop". They can capture anything between you and the first hop... (their router)
Some services such as http://www.anonymizer.com/ will let you encrypt the traffic between you and their proxy so your ISP can't see what you're doing. They supposedly don't log anything though... not sure if they can get away with that or not.
It was recenlty just advertised on "the screensavers" by that guy who used to do "the broken" videos... He said he asked the anonymizer company if they can see what you're doing and they say they don't keep logs. They were supposedly serverd suponeas and couldn't provide the info cause they "don't log". Who knows how true that is...
http://www.anonymizer.com/anonymizer2005/1.5/help/
Wow, wish I could green you for the Tor link but I keep getting a "spread your AntiPoints" message.
Yes. But I can give greens to poster for the Tor reference. Green given. :)
I got him Geek... also fed rowdy back his reds. Thanks rowdy - here's 10 times that many back. Next time let your post suffice please?
[edit]Actually, we DO have to read between the lines - that's part of being a security-oriented administrator. It didn't necessarily flag him as a possible malicious user, it just put him in that 'suspicious' category. In truth, I filed him as 'wanting to learn how,' and responded accordingly, giving little information, but a decent response nonetheless. Amazingly enough, I was somewhat 'out of character' in that particular response - my norm is to slam them completely - in this case I instructed...a bit.Quote:
We have to go by what was posted and reply according. One can assume all they want, but it's important to reply to what was posted. Inquiring about logging activities does not flag one a possible malicious user.
Now tell the class, young Rowdy, what did you actually contribute to this person's inquiry?[/edit]
Hi. Yes, I believe that the OP's question has been answered quite well by other contributors. I don't think I can add anything of value at this point.Quote:
Originally posted here by |3lack|ce
Now tell the class, young Rowdy, what did you actually contribute to this person's inquiry?[/edit]
Take care.
I seem to be regularly (almost exclusively) port scanned by addresses within the same range as me. I thought it might be the ISP checking on my "potentially hazardous open ports" . I asked my ISP for some explanation or if they were responsible for annoying alerts from my firewall and their response was that "no it must be another of our customers". Nice. Thanks.Quote:
I see that they monitor for "potentially hazardous open port"... meaning that they are scanning your for viruses, open relays, other servers? Their AUP says you can't operate any server...
Anyone have any ideas why they would all come from the same range as me?
Yup. Two possibilities. The most likely one is that your subnet neighbours suck at AV and are infected with worms that are looking for new places to propogate to. Hug your firewall. It's doing it's job by notifying you.Quote:
Anyone have any ideas why they would all come from the same range as me?
The second one is that you have subnet neighbours that have too much time on their hands and are playing with one or more of a variety of port/vulnerability scanners in hope that they find something vulnerable. Again, hug your firewall. It's doing it's job. :D
well i like a hug, but never been particularly neighbourly ;)
Excuse my naivety but is it common for these worms to attack IP's from the same ISP as their victim?
Yup. First one to do that, IIRC, was Code Red (way back when). It makes it easier to do a scan locally than trying to go across the internet.
Here's some links to help:
http://www.icir.org/vern/dimacs-large-attacks/gao.ppt
http://www.ieee-infocom.org/2003/papers/46_03.PDF
http://www.cs.berkeley.edu/~nweaver/worms.pdf
http://www.acsac.org/2004/papers/145.pdf
ISP is really watching us here in KSA
In my case, with the strict policy here (supporting the local customs and traditions), ISP here, together with the STRONG support of the Government is not only “WATCHING” the cyberspace activities but also “CONTROLLING” it.
It’s a BIG task for the Gov’t and ISP hand-in-hand doing this FILTERING activities. I have heard that they have the whole UNIVERSITY FACILITY to carry on the tasks and maintaining it. By this way, the students (who will be the future employees) of the FACILITY are learning the INS and OUTS of Network Security Infrastructure and the Internet.
I am just wondering although I get the BIG picture, but can you imagine how BIG their FACILITY is and their activities over there just to control and filter the NET here? I am not really sure but I could say that it will be BIG for the WHOLE COUNTRY to control it. And what may be the contributions of the ISP (maybe more than 10 major providers here).
The idea is, for an instance, you came across a BAD website (Porn or something against their CUSTOMS, TRADITIONS and RULES), after a couple of minutes, try to check the page again and VOILA – “ACCESS TO URL IS BLOCKED” message will show. I mean they are really that FAST!
Just an additional idea regarding what your ISP and the Government can do.
Yo!
MrMarbles:
My ISP port scans me on a regular schedule, thou i doubt is has anything to do with "Hazardous" Ports. I get about a gillion portscan log enties a month from them hitting my firewall.
Back to the orginal question:
I am unsure why everyone is so sure that your ISP CARES about your internet activity. Or why they would both retaining or reviewing a log of whatever you are doing, especially if you are a home user. Unless another ISP or party complains about your activities, why bother? Does everyone really think that Internet America (example) has the time or the energy to browse thru the logs of all 500,000 users? (I picked them because I get a number of exploits/attacks from their dialup accounts).
I worked for a mid sized ISP and with a second small ISP, and between support calls comming in and all the general confusion that goes hand in hand with any large network (and your ISP is nothing more then a LARGE network when you think about it) do you not think that the Admins dont have better things to do with their time?
The level of detail you are talking about ...... it is possible, but WHY? Unless you are 1) a drain on their resouces and they want to know WHY, or 2) They can find a reason to charge you more (say move you from personal to business class). or 3) you are causing complaints. (Which falls under their AUP I am sure)
While some ISP's maybe track every move you make (The two I worked at didnt as far as I ever knew) it seems like it would be a lot less then cost effective for ANY business model for that kind of a manpower to results ratio.
Again, I am trying to think of this as ISP Admin or Owner, and how I want to use my resources and manpower. Why do I CARE if you are downloading Debbie Does Data or Windows XP or The Moody Blues Greatest hits? My AUP is going to say expressly that those activities are not allowed, so the ISP is covered legally.
I can see logging of activities, but reviewing them without a cause? Not likely.
Hey guys,
Filtering the web is not easy task to undertake. As we all know the Internet should be open to all people to access any website they want, At least it should be so, regardless of what IPSs do.
Filtering the web has no meaning whatsoever. Its just like fooling people to generate some meaningless fears inside peoples. This is too bad practice, guys.
Partialy, I don't agree.Quote:
Originally posted here by scratchONtheBOX
Just an additional idea regarding what your ISP and the Government can do.
Yo! [/B]
They are trying to do so "But they could not do that YET". Internet is a "Freedom-reign body" no one can deny this. Always FREEDOM shall WIN.
For me, I can access any website I want, regardless of what my ISP might use to prevent me.
Filtering the web works only with Internet novices. Ask any one who used the Internet, say 1 year now, Does the ISP proxy prevent you from any website you wish to visit? The answer will be NO
Always FREEDOM REIGNS
Just my $0.02
Cheers
I understand your sympathy with FREEDOM, Black Cluster. But you have to consider also the TRADITIONS, CUSTOMS AND RULES of the location you are on. In my case (that is why I mentioned in the subject), I am currently in the KSA where the RULE applies to all people currently residing or working here.
And I know there are ways of breaking such STRICT RULES if I wanted to, but take it from me, YOU DON'T WANT TO MESS AROUND WITH THE POLICY just to prove you can, there are consequences to such actions, especially here in KSA. And for me, I'd rather not try it until I go to my own land where FREEDOM (in my opinion) exists.
That's my .02 also.
Peace!
Yo!
- Yes! In fact, the ISP & the Gov't. were exercising their RULES even in the materials you read/watch/access from CYBERSPACE.Quote:
Does the ISP proxy prevent you from any website you wish to visit?
Like I told you, yes, you can access it for the first time, second, third, but the moment they came across with the logs and review it, expect the site will be inaccessible (even the whole domain/URL they can block if they have to).
BTW, freedom has limits and differs in many views. Consider this way, it’s their territory and they have the right to do such thing. I don’t like this to be a discussion about FREEDOM, RULES, TRADITION or CUSTOMS, just pointing out that there are certain RULES that you may not be familiar of.
FYI.
Yo!
Hey Scratch,
I understand you arent talking about a local, USA based ISP in your stamements. I was just thinking about the level of logging, review and automation that filtering ALL the TRAFFIC from an ENTIRE country would require. Thats quite a piece of work your refering too.
In some area's of the world, I guess big brother is still trying to "protect" it's citizens from being able to make up thier own minds on what is acceptable and what is not. I read somewhere that some 80% of the internet traffic is SPAM, so I guess some 80% of the traffic in KSA is filtering....
:)
It does pose some interesting questions about exactly how the filtering is done and by whom.
Cheers!
- to give you an idea, well I just read it now, since I am curious too, the way they do it (the filtering thing) is actually documented. Read some...Quote:
so I guess some 80% of the traffic in KSA is filtering....
source - http://cyber.law.harvard.edu/filtering/saudiarabia/Quote:
As with most filtering regimes, whether implemented at the client, ISP, or government level, no list is made available of the sites blocked... ...Taken as a whole, the Saudi government's stated blocking criteria are quite broad, making it difficult to assess whether the blocking of a given site is consistent with the criteria. However, a look at the list beyond sexually explicit content yields some insight into the particular areas the Saudi government appears to find most sensitive.
I am currently searching more recent info about it.
*
OK, here is a more better source:
Internet Filtering in Saudi Arabia in 2004
- http://www.opennetinitiative.net/studies/saudi/
How they filter it and who filters it
- http://www.isu.net.sa/saudi-internet...-mechanism.htm
- http://www.isu.net.sa/index.htm
And finally, here is the filter tool they use - SMARTFILTER
- http://www.securecomputing.com/index.cfm?skey=85
*
:D
Yo!
Hi scratchONtheBOX,
N.B: I am not talking about filtering or preventing traffic to Porno or Highly-rated websites, becuase this is another subject altogether.
Well, Have you ever heard about tradition or custom prevents its fellowers from gaining knowledge???? Or even from having a wider view at the world or what's going on around you??? I think Not.
FREEDOM, RULES, TRADITION or CUSTOMS are all there to make the human being happier with thier life {Under the belt of thier own societies}.
A rule, tradition or custom that prevent a human being from gaining knowledge would rather be NONSENSE, and I won't bother following it.... And these customs would be taken place in order to make those people totally shielded and close-mided.. to keep them under the tyrannical fist {IRON-FIST}.
I didn't hear about any socity that prevent its members to gain knowledge. did you????
IMHO, gaining knowledge should know no bounds and limitations or even traditions.... The best should be followed.....
I hope you did get my point Scratch.... :)
Cheers
Black Cluster,
I understand your point fair enough.
That's why soon, I'm going back to my country and experience the best that knowledge can offer, without the boundaries of TRADITION/CUSTOM.
Cheers!
Yo!
Ok... A couple of thoughts....
Countries filtering content: China does it all the time.... That's why the group from Canada(?) wrote the secure proxying system that I haven't heard about for a long time... so that people can see stuff from outside the country. All China really did was tell their population that they can connect to the internet... It's an intranet enforced by the ISP's that are "managed" and audited by the government.... mess with the system and you aren't an ISP any more and will probably be in a really nice jail, (do they have the "country clubs" we have in the USA in China? Don't think so). Simple DNS Poisoning and a block on port 53 to DNS servers outside the ISP effects that little gem....
Tor: This came to my attention a few weeks ago through ISC, IIRC... This is wonderful in the hands of a Security Professional.... It's something of a pain _for_ a Security Professional too.... While I'm sure it will come to the attention of the crackers and skiddies it probably won't be used by your average problem user.... If you find someone playing with it and want a Snort rule to detect it I'll take a look if you like... But I have a feeling that someone more talented than me is already looking at it and will come up with a good rule soon.
Your ISP scans you: Yeah they might... But mine doesn't seem to.... I've been running my own mailserver for 5 years or more.... I have to use my work server as an outbound relay because of the SPF records stating that the internal IP's of Comcast aren't valid mailservers but inbound is unblocked. Funny though.... they have port 53, (DNS), inbound blocked so I have to host my DNS at work too.
Your ISP logs you: In the Good Ole USA I think this only occurs when the LEO's get involved.... It's a huge cost that they don't need and have no use for since, in most cases, it breaches their own privacy policy. A good clue is that you have to complain to [email protected] to get any response when you want to report a blatently hacked/wormed box.... and they do **** about it.... They don't log, they don't monitor unless forced and they don't care... it's not their business...
Just wanted to point out that if you are a home user with a "@home" connection, they consider other ports hazardous, such as port 80 and 21. I haven't had a problem with Cox as far as this is concerned, but I heard that if there is a LOT of activity on port 80, then they'll shut it down for you. They want you to pay for your webserver bandwidth :)Quote:
I've been informed that the only logging we do is querying the modem for modem status and potentially hazardous open ports.
-ik