Re: Sudden trouble logging in to my ISP

Subject: Re: Sudden trouble logging in to my ISP
From: Mike Bishop (mrb@alaska.net)
Date: Mon Sep 09 2002 - 14:47:00 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Chris Hamilton: "Re: Can ISC bind do this?"
• Previous message: Matthew Schumacher: "Re: Can ISC bind do this?"
• In reply to: James David Bruchie: "Sudden trouble logging in to my ISP"
• Reply: Mike Bishop: "Re: Sudden trouble logging in to my ISP"
• Reply: Mike Bishop: "Re: Sudden trouble logging in to my ISP"

>
> I've been running Linux on my home machine for several years now.
> I've been using Internet Alaska as my ISP for about as long. Sometime
> between 13:00 and 17:45 last Thursday something changed, and I could no
> longer log in to my ISP account. Shortly after my login script sent the
> password, the send/recieve lights on the modem would start flickering
> and would stay that way, I never got my IP addresses. If I waited long
> enough I got a message somethig like "invalid login id".
>
> I called tech support and they changed my password, but could not fix
> my problem. Eventually I enabled pppd debug messages, and noticed the
> server was sending <auth pap> in the LCP messages, and my system was
> rejecting it. I tried setting up a pap-secrets file with my ISP user ID
> and password, that got me logged on. In looking at the debug output my
> system is sending my ID and password a second time embedded in the LCP
> messages.
>
> I had a laptop with a windows 2000 partition left on it. I set it up to
> dial in with its internal modem, it worked fine. Tech support tried
> logging in with a MAC on a serial line with my ID, it worked fine.
>
> Has anyone else noticed this happening?
>
> In looking for the problem I noticed things going on with my logs:
>
> /var/adm/messages started thursday morning (sept 5) at 4:40
> with several lines of "syslogs 1.4.1: restart"
> A new file, /var/adm/messages.1, stopped at 4:22:08
> This was apparantly my original messages file.
> I noticed several other files with .1 suffixes
> I reloaded my system (I was upgrading anyway) from cdroms.
>
> If I got hacked, I certainly left the door open. I was in the middle of
> loading slackware 8.1 on new hardware (athlon 2200+). I had not yet
> cleaned up inetd.conf and friends, then decided to down load the new
> slackware 9.0 beta over night. Not my most brilliant move.
>
> I'm not sure how this could have affected how I log in to my ISP, unless
> it some how wiped out an existing pap-secrets file I did not realize I
> had. However I do not remember ever creating a pap-secrets file before,
> and I've been at this for several years and half a dozen system upgrades.
>
>

I saw the same thing and spent some time on the telephone with
tech support. What has happended is that alaska.net no longer
accepts "expect-send" logins (as near as I can determine).

In my case--I use wvdial for dial-on-demand capabilities--I had to
set a parameter (STUPIDMODE=Y) to have the connection script start
ppp immediately then respond with PAP authentication. I took my
*hours* to find this out.

HTH,

-- 
Mike Bishop              907/495-5737    907/495-5738 (fax)   mrb@alaska.net
Willow, Alaska
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Chris Hamilton: "Re: Can ISC bind do this?"
• Previous message: Matthew Schumacher: "Re: Can ISC bind do this?"
• In reply to: James David Bruchie: "Sudden trouble logging in to my ISP"
• Reply: Mike Bishop: "Re: Sudden trouble logging in to my ISP"
• Reply: Mike Bishop: "Re: Sudden trouble logging in to my ISP"

This archive was generated by hypermail 2a23 : Mon Sep 09 2002 - 14:52:05 AKDT