[YLUG] DNS vulnerability - your ISP

Matthew Gates matthew at porpoisehead.net
Fri Aug 1 10:29:07 UTC 2008 

On Friday 01 August 2008, mike cloaked wrote:
> On Fri, Aug 1, 2008 at 10:46 AM, Stephen Patterson <steve at patter.mine.nu> 
wrote:
> > On 01 Aug 08, mike cloaked (mike.cloaked at gmail.com) wrote:
> >> Might be a good time to contact BT !!
> >
> > They'll only turn round in a few weeks and go "huh, whats DNS?".
>
> BT will likely respond positively  if you contact the appropriate
> level people. 

That's not so easy.  Consumer support drones cling tenaciously to their 
scripts.  I once had to contact them because the authentication credentials 
changed without notice.  After getting nowhere asking them directly for the 
new information, I gave up and pretended to reboot my computer and 
pretended I was checking the network settings in Windows etc.  It was like 
pulling teeth.

Unless you can get direct access to a real engineer, the chances of getting 
an action after reporting a potential DNS vulnerability is basically nil.

> I have had a good outcome a year and a half back after 
> emailing the previous BT CEO, and he passed my issue to his "HIgh
> Level Response Team" - I had return emails from the CEO himself on a
> Friday night at 11pm, and indeed the people in the Response Team
> phoned me every day to follow up until my issue was satisfactorily
> resolved. I can't imagine that this would be too much different with
> the new CEO provided you show you are knowleable and taking a
> professional approach to trying to resolve a real issue - though of
> course it would be interesting to see if you get the same service once
> you email him? If you just phone the usual BT contact numbers then you
> are only talking to people who are getting swamped with complaints
> from thousands of members of the public.

They are supposed to provide a service to me, not the other way round.  When 
they start paying me, I will start navigating their management hierarchy to 
sort out their problems for them.

Besides, I'm sure they know about this one (who doesn't?).  Most certainly 
they are working on a fix, but there is a lot of bureaucracy and testing to 
go through in such a large organisation.


Matthew
P.S. Mike, what's with the posting twice to the list?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://mailman.lug.org.uk/pipermail/york/attachments/20080801/f99caef7/attachment.bin

More information about the York mailing list