dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
31

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger to EGeezer

MVM

to EGeezer

Re: Harden your router/AP in five steps

Changing the default password should be a standard practice for anything.

Disabling remote administration, what router has that enabled by default? Sure you better have a really good reason to enable remote administration, and given how powerful and easy it has become to use/implement a router, I often wonder if this isn't a feature that should simply be dropped from the consumer level product.

Apply updates again should be standard practice for anything you have.

Disable unused services, makes sense but then again I've often wondered about things like SNMP and if perhaps it hasn't outlived itself and if its really needed on a consumer level system. That said every service like this should be disabled by default. If you know how to use it then you know how to enable it, so why have it enabled by default.

More often then not these services are really marketing function list fillers, meaning the vendor can say they have it, but in reality its a badly crippled implementation, such that the user only really gets a security risk without any real benefit. Logging for example drives me crazy anymore as most router have horrible logging capabilities, in that they are often very limited (logging one direction only, or only selected events etc). So what is the point of a badly implemented service?

5. Change the default settings of the device. I have a problem with this in that I think most users will end up hooping themselves while trying to do this. If the router was secure by default why would this matter and if it was secure by default then making any changes would be by definition reducing the security level. WPA should be the wireless default and of course with as per point 1, passwords should be changed, but modifying the IP range, what is that going to do?

Blake

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan

Premium Member

said by Link Logger:

Changing the default password should be a standard practice for anything.

Disabling remote administration, what router has that enabled by default? Sure you better have a really good reason to enable remote administration, and given how powerful and easy it has become to use/implement a router, I often wonder if this isn't a feature that should simply be dropped from the consumer level product.

Apply updates again should be standard practice for anything you have.

Disable unused services, makes sense but then again I've often wondered about things like SNMP and if perhaps it hasn't outlived itself and if its really needed on a consumer level system. That said every service like this should be disabled by default. If you know how to use it then you know how to enable it, so why have it enabled by default.

More often then not these services are really marketing function list fillers, meaning the vendor can say they have it, but in reality its a badly crippled implementation, such that the user only really gets a security risk without any real benefit. Logging for example drives me crazy anymore as most router have horrible logging capabilities, in that they are often very limited (logging one direction only, or only selected events etc). So what is the point of a badly implemented service?

5. Change the default settings of the device. I have a problem with this in that I think most users will end up hooping themselves while trying to do this. If the router was secure by default why would this matter and if it was secure by default then making any changes would be by definition reducing the security level. WPA should be the wireless default and of course with as per point 1, passwords should be changed, but modifying the IP range, what is that going to do?

Blake
As an "average user", I agree. If an average consumer buys a SOHO router/modem and changes the password, etc, why should he or she have to bother with the rest ( e.g., a new address for the router which may entail changing the default addresses assigned by the router, possibly the "subnet" number) and increased chance of being unable to connect to the internet at all. Or connecting to the internet without realizing that the user's changes have negated the increased security the box was bought to provide.

Such things are not easily (correctly) done if one is truly an "average user".

EGeezer
Premium Member
join:2002-08-04
Midwest

1 edit

1 recommendation

EGeezer to Link Logger

Premium Member

to Link Logger
I agree that most if not all routers have remote admin disabled by default. the only way I see this as an issue is if someone acquires a used router with old firmware or user-configured remote admin enabled. Given the varying quality of consumer grade products, there may be an off brand out there someplace with crappy defaults, so checking won't hurt.

I agree, most home/SOHO routers don't really need SNMP. At least the manufacturers could change the community strings to, say, the serial number of the router to foil malware or MIB browsers/scanners that may look for "public" as a string.

I also agree wholeheartedly that logging and messaging are woefully inadequate for many routers and firewalls. The log formats and content vary widely, the marketing-inspired messages that call internet noise, orphaned packets etc "attacks" are horribly misleading to the nontechnical/semitechnical user.

I modify the IP range for a couple of reasons.

First, it's not difficult to do. Changing from 192.168.0.1/24 to, say, 10.91.101.1/24 (leaving the subnet mask at 255.255.255.0). The extra step the user would need to take would be to reboot the PC or release/renew DHCP and reconnect to the router after making the change. Depending on the router, thay may need to reboot the router then the PC. The "average user"'s PC is a DHCP client anyway. However, if they changed it to fixed, they were skilled enough to change the TCP properties and changing similar network settings in the router would not be beyond them.

My second and more important reason is to present an additional hurdle to the automated malware. At present they malware looks for default everything, so a single hurdle would stop them. Working backwards from the access, they'd need to address changes in default remote admin policy(if/where applicable), default password, default community string, default access port(s), default services and default network settings. Adding one more hurdle adds the amount of complexity and effort needed to write code and overcome the various hurdles. If one is sending logs to a PC using Link Logger or a syslog daemon with alerts set up, then the noise will trigger alerts.

Personally, I also tailor the subnet mask to the maximum number of addresses I expect to use, but that's more a matter of standard practice to minimize internal broadcast activity rather than a security measure.

In the end, though, the assumptions of user skill and/or competence are subjective, so mileage will vary on the feasibility of making changes.

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan

Premium Member

said by EGeezer:

My second and more important reason is to present an additional hurdle to the automated malware. At present they malware looks for default everything, so a single hurdle would stop them. Working backwards from the access, they'd need to address changes in default remote admin policy(if/where applicable), default password, default community string, default access port(s), default services and default network settings. Adding one more hurdle adds the amount of complexity and effort needed to write code and overcome the various hurdles. If one is sending logs to a PC using Link Logger or a syslog daemon with alerts set up, then the noise will trigger alerts.

Personally, I also tailor the subnet mask to the maximum number of addresses I expect to use, but that's more a matter of standard practice to minimize internal broadcast activity rather than a security measure.

In the end, though, the assumptions of user skill and/or competence are subjective, so mileage will vary on the feasibility of making changes.
Well, that convinced me to change the router's default address. Taking "l33t" script-kiddies out of the picture ought to make this worth while. As for the subnetting part, well, my SOHO router gives error messages when I attempt to change that. On the other hand, what I know about subnetting could be written on the head of a pin with plenty of room left over for several novels. Probably something simple to someone who has a clue as to what they're doing.

EGeezer
Premium Member
join:2002-08-04
Midwest

1 edit

1 recommendation

EGeezer

Premium Member

Re: subnetting

There's a neat little subnet calculator that can help demonstrate how subnetting is configured. See »www.solarwinds.com/regis ··· ogram=92

Registration is required, but I don't think the information is validated..

Also a (relatively) "user level" explanation of the theory at

»www.solarwinds.com/regis ··· ogram=92

BTW most routers have a "save config" and "restore config" feature so you can back up your configuration to your PC prior to making changes - just in case you mess things up..

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan

Premium Member

said by EGeezer:

There's a neat little subnet calculator that can help demonstrate how subnetting is configured. See »www.solarwinds.com/regis ··· ogram=92

Registration is required, but I don't think the information is validated..

Also a (relatively) "user level" explanation of the theory at

»www.solarwinds.com/regis ··· ogram=92

BTW most routers have a "save config" and "restore config" feature so you can back up your configuration to your PC prior to making changes - just in case you mess things up..
Thank you for those links. Now to press my luck. I don't suppose you know of any good links that explain "broadcast" and the security implications for SOHO router users (simplified explanations, if possible), do you?

I'd be grateful.

EGeezer
Premium Member
join:2002-08-04
Midwest

1 edit

1 recommendation

EGeezer

Premium Member

Basically, broadcast is used to discover devices on a local network so they can be assigned IP addresses and communicate locally. Each ethernet adapter on PCs and routers have a hardwired (MAC) address. When the devices are physically powered up and connected, they send out broadcast packets to "discover" each other. From there, they can now communicate with the router's gateway address so TCP/IP communications between LAN devices, other LANs and the to the internet. That communications is secured using firewall and other security applications.

From the security standpoint, these packets and requests never get out of the local subnet since MAC addresses aren't routed to other subnets or networks(unless there are bridges, which is rare in SOHO implementations). They are a necessary part of the communications process.

Without these broadcast packets your PC would never connect to the router since to wouldn't know which ethernet adapter to communicate with.

Broadcast traffic is normally very small compared to the capacity of the LAN. You can reduce broadcast traffic by turning off protocols you aren't using like IPX or IPV6 which is turned off by default in Windows. Setting the subnet mask to the next value above the expected number of devices you will have on the net will reduce traffic. However, the performance will probably be unnoticed. I do it out of habit and personal preference.

Sometimes (rarely) an adapter will break and start sending out continuous streams of packets - we called them hot bits - and the network would slow down until the offending device was disconnected. I haven't heard of that happening for several years, though.

As for links, I don't have any specifically discussion security, but here is a link that explains broadcast. The subject is about 2/3 of the way down the page.

Maybe others have more - or corrections to my attempt at a layman's explanation, and will chime in.

EDIT - ARP is a broadcast you'll see in your subnet - a nice flowchart on ARP communications is here.

candyass365
@optonline.net

candyass365

Anon

"Hot Bits" very cute! A less sexier term is "a Broadcast Storm" Does this ring a bell? In the old days a failure of a NIC's transceiver or a very piss poor NIC driver design could bring down an entire LAN to its knees. Another point to mention is that some routers allow the user to specify an IP address for the router to send its logs instead of broadcasting the logs to all such as xxx.xxx.xxx.255.


EGeezer
Premium Member
join:2002-08-04
Midwest

EGeezer

Premium Member

said by candyass365 :

Does this ring a bell? In the old days a failure of a NIC's transceiver or a very piss poor NIC driver design could bring down an entire LAN to its knees.
Ah yes, I remember not-so fondly. Token ring cards were also prone to the storms, and the IBM Cabling system with those easily damaged hermaphroditic connectors didn't help either. Bridging Token ring to ethernet meant manually assigning canonical MAC addresses that read the same forward as backwards.

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan to EGeezer

Premium Member

to EGeezer
said by EGeezer:

Basically, broadcast is used to discover devices on a local network so they can be assigned IP addresses and communicate locally. Each ethernet adapter on PCs and routers have a hardwired (MAC) address. When the devices are physically powered up and connected, they send out broadcast packets to "discover" each other. From there, they can now communicate with the router's gateway address so TCP/IP communications between LAN devices, other LANs and the to the internet. That communications is secured using firewall and other security applications.

From the security standpoint, these packets and requests never get out of the local subnet since MAC addresses aren't routed to other subnets or networks(unless there are bridges, which is rare in SOHO implementations). They are a necessary part of the communications process.

Without these broadcast packets your PC would never connect to the router since to wouldn't know which ethernet adapter to communicate with.

Broadcast traffic is normally very small compared to the capacity of the LAN. You can reduce broadcast traffic by turning off protocols you aren't using like IPX or IPV6 which is turned off by default in Windows. Setting the subnet mask to the next value above the expected number of devices you will have on the net will reduce traffic. However, the performance will probably be unnoticed. I do it out of habit and personal preference.

Sometimes (rarely) an adapter will break and start sending out continuous streams of packets - we called them hot bits - and the network would slow down until the offending device was disconnected. I haven't heard of that happening for several years, though.

As for links, I don't have any specifically discussion security, but here is a link that explains broadcast. The subject is about 2/3 of the way down the page.

Maybe others have more - or corrections to my attempt at a layman's explanation, and will chime in.

EDIT - ARP is a broadcast you'll see in your subnet - a nice flowchart on ARP communications is here.

Well, I got it done. About the only difference I've noticed is that the 'dsl' LED on the router-modem seems to flash significantly less when I'm surfing and almost never when I'm not, which was not the case before making the changes. I've no idea if that's an indication or result of following your recommendations or not.

Those links were very useful, although I've go to admit that I'm still fairly sure that my understanding of subnetting remains rudimentary at best (thank God, for the trial program from your link). Still, an improvement over no understanding at all, certainly.

Anyway, thanks again.

P.S. perhaps you could find the time to post some links about MAC filtering in SOHO routers. Mine appears to have the capability but the menu is greek to me. The format of the information I'm to enter to enable the filtering bears no resemblance to a MAC address. I'm back to my normal state: confused. Hell, MAC filtering may be of no use to me as the only network I'm part of is the internet itself (one PC).

EGeezer
Premium Member
join:2002-08-04
Midwest

1 edit

EGeezer

Premium Member

Even though you have one PC, the router is handy to offload that traffic and provide a nice extra layer of security when updating your system's firewall and security apps. If they shut down during the updates, the router will still provide inbound firewalling.

What make and model router are you using? We could figure out the MAC filtering pages if we can get the manual. See »www.timeatlas.com/mos/Te ··· ltering/ for instructions on how to find your MAC(s).

If your PC is wired, the only one on and you don't consider someone sneaking to your router and hooking up another PC you don't want on the network, then there's not much use in adding MAC filtering. Of course you may want to do it as an exercise. If you do, be sure to back up your router config before adding MAC filtering just in case you have a fat finger issue and type in the wrong address. That way you can hard reset the router then connect and restore the good config.

If you have wireless activated, see my answer to altermatt See Profile on the topic. It may be of some value and one small layer in the security implementation. Also note NetFixer See Profile's observations. If you want to allow a guest or family to hook up their PC to use the connection, you'll need to add their MAC to the whitelist and remove it if you want to revoke access.

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan

Premium Member

said by EGeezer:

If your PC is wired, the only one on and you don't consider someone sneaking to your router and hooking up another PC you don't want on the network, then there's not much use in adding MAC filtering. Of course you may want to do it as an exercise. If you do, be sure to back up your router config before adding MAC filtering just in case you have a fat finger issue and type in the wrong address. That way you can hard reset the router then connect and restore the good config.

If you have wireless activated, see my answer to altermatt See Profile on the topic. It may be of some value and one small layer in the security implementation. Also note NetFixer See Profile's observations. If you want to allow a guest or family to hook up their PC to use the connection, you'll need to add their MAC to the whitelist and remove it if you want to revoke access.
The boldface is me. The only other thing on my telephone line is the "modem" for my satellite TV connection. I assume that presents no security problem whatsoever, right? Which is to say that connection being on the same telephone line couldn't possibly affect my DSL connection, right? I wonder because the I can pay my bills and play on-line games etc via the "TV" which kinda makes me wonder if it has other 'PC-like' features that could affect my real PC, if it has its own MAC address, etc.

If I'm correct in my assumptions and thus, as you said, don't need to consider MAC filtering for practical purposes, I'd still like to to implement MAC filtering just to learn how to do it and do a little reading just to further confuse the 'ol grey cells. BTW, what I have here is a Zyxel "660R-61 (over POTS)". I have the CD that came with it but, as I said before, its instructions for MAC filtering are beyond/greek to me.

Thanks for hanging in there with me. Now I'm off to bookmark your newest link and, er, hit the books again. They say a little knowledge can be dangerous. Watch out! I'm as dangerous as they come when it comes this stuff.

no_one
@PHNX.QWEST.NET

1 recommendation

no_one

Anon

Satellite TV is dial up connection.
Though I am sure someday they will connect it to DSL as an option with more features. The basic connection is dialup.
Bane75
join:2002-09-20
Parker, CO

1 recommendation

Bane75

Member

The directv HDDVR's can be hooked up to ethernet for guide updates and VOD. Other Directv boxes may have ethernet also, but I can only speak on the HDDVR's.

EGeezer
Premium Member
join:2002-08-04
Midwest

1 edit

EGeezer to GercekSeytan

Premium Member

to GercekSeytan
The dialup modem on your POTs can't inrterface with your DSL, so no problems with that.

Based on what I read in the user guide, your router doesn't provide a MAC filtering feature. At this point, I'd not worry about MAC filtering unless you want buy a router with the capability and put the router in stupid(bridge) mode. From what I see in the pictures, the router only has one ethernet port anyway.

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

1 recommendation

GercekSeytan

Premium Member

said by EGeezer:

The dialup modem on your POTs can't inrterface with your DSL, so no problems with that.

Based on what I read in the user guide, your router doesn't provide a MAC filtering feature. At this point, I'd not worry about MAC filtering unless you want buy a router with the capability and put the router in stupid(bridge) mode. From what I see in the pictures, the router only has one ethernet port anyway.
That manual contains many things mine doesn't but I suppose that is because mine is old, is for Europe, references different "firmware", and is probably outdated (I assume that because of the "C" identifier). Oh well. It does contain better explanations of somethings than the one that came with mine does.

Anyway, thanks for all your help with this. Looks like I've done all I can do with what I have.

altermatt
Premium Member
join:2004-01-22
White Plains, NY

altermatt to EGeezer

Premium Member

to EGeezer
said by EGeezer:

If your PC is wired, the only one on and you don't consider someone sneaking to your router and hooking up another PC you don't want on the network, then there's not much use in adding MAC filtering.
Hmm...while our wired network is only trusted computers physically hooked up to the router, I thought (it sounds like erroneously) that MAC filtering prevented someone REMOTE from hopping on, which would protect even a solo computer. Is that incorrect? Is it true if we are not afraid of someone physically hooking up a computer to the router that MAC filtering wouldn't prevent a remote intrusion?

And the SMC Barricade config screens made setting the MAC filtering so easy (click yes and enter the MAC addys, and it helpfully gives you the MAC addys of all computers currently hooked up) that it seemed wise to enable it, thinking it would protect from remote intruders, too.

Sorry if this is a really clueless question; networking is NOT my forte by a long shot !

EGeezer
Premium Member
join:2002-08-04
Midwest

EGeezer

Premium Member

I think it depends on the router or switch whether MAC filtering blocks wired and/or wireless.

One way to quickly check, try to attach a PC to the wired or wireless network that has a MAC address not in the allowed list.

koma3504
Advocate
Premium Member
join:2004-06-22
Granbury, TX

koma3504 to EGeezer

Premium Member

to EGeezer
WindowsInstaller-KB893903-x86.exe any chance ya know what this is??

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

2 edits

NetFixer

Premium Member

said by koma3504:

WindowsInstaller-KB893903-x86.exe any chance ya know what this is??
WindowsInstaller-KB893803-x86.exe is a Windows installer update (The current release is WindowsInstaller-KB893803-v2-x86.exe). I could not find any information in the MS Knowledge Base on KB893903.

»www.microsoft.com/downlo ··· ylang=en

How does this relate to EGeezer's thread on securing SOHO routers and APs? Did running that file somehow clobber your router or did it come bundled with some router upgrade utility?

EGeezer
Premium Member
join:2002-08-04
Midwest

2 edits

EGeezer to koma3504

Premium Member

to koma3504
N/M - Netfixer said it all don't trust the exe.

koma3504
Advocate
Premium Member
join:2004-06-22
Granbury, TX

2 edits

koma3504 to NetFixer

Premium Member

to NetFixer
said by EGeezer:

There's a neat little subnet calculator that can help demonstrate how subnetting is configured. See »www.solarwinds.com/regis ··· ogram=92

Registration is required, but I don't think the information is validated..

Also a (relatively) "user level" explanation of the theory at

»www.solarwinds.com/regis ··· ogram=92

BTW most routers have a "save config" and "restore config" feature so you can back up your configuration to your PC prior to making changes - just in case you mess things up..
Well from this post i was gonna check out the SolarWinds Advanced Subnet Calculator! and it started installing with it and as well could not find refferernce to it @ microsoft. on second attempt to run the subnet calculator. it could not acces the windows installer. And i do find it odd that the exe acted as it was installing a program instead of exicuting as a exe.
mikenolan7
Premium Member
join:2005-06-07
Torrance, CA

mikenolan7

Premium Member

There are a number of useful online subnet calculators that don't require installing anything. I have found this one to have a lot of features, and be easy to use.

»www.subnet-calculator.com/

It does require that you enable java, but does not require javascript.

koma3504
Advocate
Premium Member
join:2004-06-22
Granbury, TX

koma3504

Premium Member

Thanks
koma3504

koma3504 to EGeezer

Premium Member

to EGeezer
I dont know what came along with that subnet calculater but it is sinaster. I cannot open any outlook messeages have trouble installing programs my wireshark will not start up now. Installing the update to flash took 2 tries.

something keeps kicking my local area connection offline.

you might consider editing out your links to it.

GercekSeytan
Absinthe makes the heart grow fonder.
Premium Member
join:2001-10-19

GercekSeytan

Premium Member

said by koma3504:

I dont know what came along with that subnet calculater but it is sinaster. I cannot open any outlook messeages have trouble installing programs my wireshark will not start up now. Installing the update to flash took 2 tries.

something keeps kicking my local area connection offline.

you might consider editing out your links to it.
Worked fine for me. Of course, the installer stopped the first time and told me I needed to install Microsoft's Net 2.0. After that triple install (2.0, the security update to 2.0, and the program itself), I had no problems. I;ve since uninstalled it. Ran CrapCleaner to be certain; it found a few (two or three) files which are now gone.

EGeezer
Premium Member
join:2002-08-04
Midwest

3 edits

EGeezer to koma3504

Premium Member

to koma3504
Rather odd, since I've used that program for years, and have downloaded to WIN98, ME and XP from the Solarwinds site to several systems with no issues. I also use wireshark on XP, and all works fine with the subnet calculator installed.

I just now removed and reinstalled it through the control panel with no issues. Based on the lack of details with your issues, I have no idea what would be causing the problems.

I do scheduled AV/AT scans of two PCs here as well as on other PCs on which it is installed have never discovered problems anywhere. The AV/ATs include currently updated Symantec CE, AVG free, Spybot Search & Destroy.

EDIT - I did a Google search on the product to see if there are malware complaints and came up empty on that issue. However, I notice that BARTPE has the Solarwinds advanced subnet calculator in the plugin list. See »www.bootcd.us/BartPE_Plu ··· tor.html
Application: SolarWinds Subnet Calculator Website: »www.solarwinds.net Description: Subnet Calculator Download location: »www.solarwinds.net/Tools ··· et_Calc/ Instructions: 1. Create a folder called "SolarWinds" in your plugins folder 2. Decompress the plugin into the above named folder. 3. Download and install the SolarWinds Subnet Calculator 4. Copy the Solarwinds folder from your "Program Files" to the \plugin\solarwinds folder: 5. This plugin is dependent on Visual Basic so download the VB plugin from »www.veder.com/nwdskpe/#download Run PEBuilder and enjoy. Supplemental notes: This plugin was developed with a considerable amount of help from RickJ
I wouldn't expect BARTPE to incluide malware in its plugins, so suspect your issues are ones relating to application conflicts, not something "sinister". To guess more specifically, it may have something to do with Visual Basic...

I suggest you submit the install file you used to Jotti. If there's malware in it, I'd expect Jotti to flag it. If anyone finds specific malware issues with the program, please post here.

EDIT2 - Jotti's scanner seems to be busy or unavailable as of this post...

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer to koma3504

Premium Member

to koma3504
I just downloaded the SolarWinds program and installed it with no problems.

The downloaded file SolarWinds-Subnet-Calculator.exe is an InstallShield self extracting archive, and that is not really an unusual method of distributing over the Internet.

I suspect that I had no problems because I already have the WindowsInstaller-KB893803-v2-x86 update installed on all of my systems. I also suspect that it may have tried to install the WindowsInstaller-KB893803-x86 upgrade on your PC (not WindowsInstaller-KB893903-x86). That original Windows Installer update had some problems, hence the "v2" release.
said by MS :

WindowsInstaller-KB893803-v2-x86.exe is the redistributable package for installing or upgrading Windows Installer. This revised package replaces the previously released redistributable package named "WindowsInstaller-KB893803-x86.exe" and addresses the issue discussed in KB Article 898628: Windows Installer fails silently after you upgrade to Windows Installer 3.1.
If you really want to try the SolarWinds program, go to the MS download link I provided in my earlier post and install the WindowsInstaller-KB893803-v2-x86 update first.

koma3504
Advocate
Premium Member
join:2004-06-22
Granbury, TX

2 edits

koma3504 to EGeezer

Premium Member

to EGeezer

Well i was finally able to login.
Posting anon as for some reason it appears this site is being dossed or somthing i have tried getting here by both cable and dsl service and to no avail.

I have had no problems what so ever installing anything else i have ever installed. is the bad windows installer pre Sp2???

SolarWinds-Subnet-Calculator.exe
version 12.0.0.58849
14.1 MB (14,809,536 bytes)

Jotti and virustotal both have up load limits of 10 mb so i cannot upload for file anylization.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

1 edit

NetFixer

Premium Member

For the current DSLR access problems, try using »www2.dslreports.com , that works for me (although I think you do have to have a stored dslreports.com cookie for that url to work).

The MS download link I previously provided contains additional links to explain some of the official acknowledged problems with the previous MS installer, although there were other symptoms similar to yours experienced by some users (including me) that MS does not document.

The WindowsInstaller-KB893803 update applies to every Windows release from Windows 2000 SP3 to Windows Server 2003 (as is also documented in the supplied link).

The SolarWinds-Subnet-Calculator.exe is the same one that I downloaded and installed less than an hour ago, it is not infected, and installed on my Windows XP SP2 workstation with no problems.