Is This a Conspiracy?

Linux users getting ignored--things are looking a little suspicious.

Is This a Conspiracy?

Yeah, I'm sick of conspiracy theories too. But, this is starting to bother me.

I live in Seattle making me a neighbor of a large software marketing company in Redmond. I do my best to ignore that company and just get my real, Linux-based work done. But sometimes I think someone "out there" is going out of its way to make my job just a little harder.

I have DSL at home. While I went with a Linux-friendly ISP (oz.net), the connectivity is supplied by Qwest, a new name for U.S. West, one of the Bell ROCs. All has been well and very reliable. I have my Linux network hooked to a Cisco 675 router (which really is just a bridge for what I am doing). The ISP was very willing to talk ifconfig, route and all that other Linux stuff when I got up and running.

The problem, or maybe non-problem, started about two years into using this setup. I received a message that I should upgrade the OS in my Cisco router to Cisco Broadband Operating System (CBOS) version 2.4.3. I was pointed to a web site.

On the web site I find three options: PC, Mac and order a CD. Well, I have a PC--lots of them--but I find that PC means something running software from that Redmond marketing company. Ok, I admit it, I wasn't surprised. So, I opted for the CD putting in the comment field that I run Linux.

A few days later the CD arrives along with a page of instructions. They contain the surprising statement "Now, to protect your modem from the effects of [the Code Red] virus, we are enclosing a CD-ROM containing Cisco's 'long-term solution' software".

Ok, what gives? My understanding is that Code Red infects systems whose names start with MS, not Cisco. I can't believe that CBOS is an MS operating system--if for no other reason that it has run for over a year without needed a reboot.

Well, on to installation. Or, on to installation instructions for a "PC" or for a MAC. Yup, only a PC running a particular OS. Fortunately, there is a tech support phone number. I call it. I get a message telling me that this number doesn't work and I need to call another one. On the second one I am offered eight choices--none of them come close to installation support for non-"PC", non-Mac systems.

At this point I have invested enough time in what appears to be an unnecessary upgrade. Then I remember that those who picked Qwest for their ISP got railroaded into becoming an MSN user complete with a change in their e-mail address. When I called that first tech support phone number did the system sense that I had a Linux box on my DSL line and divert the call? Naw, couldn't be. After all, that would start to sound like a conspiracy.

email: phil@ssc.com

______________________

Phil Hughes

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: Is This a Conspiracy?

Anonymous's picture

Worse, I've been subjected to ISPs whose TOS explicitly forbid "multi-user operating systems" -- and I think we can all figure out where OSes like *Linux and *BSD fit in in this picture.

And am I the only one that's annoyed that, now that our numbers (desktop user numbers) are approaching MacOS numbers, we're being largely ignored by commercial software vendors? Or that, while are numbers are growning and MacOS users are falling, mainstream tech press is still swooning over how damned pretty OS X is, and thinks that we have a thing or two to learn from Apple about making a "good" desktop OS?

Re: Is This a Conspiracy?

Anonymous's picture

I don't know where you people get your information but I think you are all a little freaked out about "that little Redmon company" as you call it and Qwest (not Quest - learn how to spell).

The Code Red was a Cisco issued alert that Qwest simply responded to since they have the majority of their DSL customers using a Cisco 675 or 678.

That is it. If you have a problem with Cisco not offering a auto updater for Linux .. get over it.

Get the manual download and use a simple linux telnet or other app to manually upgrade the Cisco CBOS.

This has to be the worst conspiracy theory ever conceived since none of the information you people rant is accurrate.

The software does disable the web port which was affected by Code Red (not only IIS as you stated earlier). You can do this in any previous version by adding a couple of commands and randomly setting a port.

Oh .. and the Qwest instructions tell you to randomly select a port. If they are suggesting random - it is not to be able to access your computer.

If Qwest.net wants to access your 675/678 they would need to know your exec and/or enable passwords which if you are all so smart - you would of set to something other than your userid or Qwest.net password. And you would use Linux quality passwords - which I very much doubt any of you do.

Even with the web port enabled and knowing the port .. Qwest would still need your passwords.

You people need to get a life or at least learn what you are talking about before you rant.

BTW - I am hardcore Unix and Cisco user .. have nothing to do with Qwest or MSN or Microsoft. I just know what I am talking about vs. the rest of you and your baseless claims.

Re: Is This a Conspiracy?

Anonymous's picture

Well, that'd mean they wouldn't allow Win2K either...

I think it's more a case of them wrongly saying "NO SERVERS!"...

Re: Is This a Conspiracy?

Anonymous's picture

Hmm. The TOS prevents using multi-user OS's?

Then they won't allow Macs to run OS X either? (It's built on a BSD multiuser core.....)

Re: Is This a Conspiracy?

Anonymous's picture

Well... This is not a "conspiracy" per say, but it is a convienent side tact to marginalize those other operating systems. I have a Cisco 678 with Qworst as my line provider and a local ISP. The 678 and the 675 are almost exactly the same, so here's the facts:

First, the Code Red virus is not "infecting" the Cisco routers, just causing many of them to hang. Code Red indiscrimenantly sends out infection attempts to port 80s all over the web. On Windows machines, this exploits a buffer overflow and propagates the virus. On the Cisco's, it causes a different buffer overflow that tends to hang the router, but is not otherwise infectious (completely different CPU/OS architectures). *nix machines just laugh at Code Red and record bad requests for AAAAAAAAAAAAAAAAAAAAA in the web log. Since this is directed at port 80, only Ciscos with an external IP (router/NAT mode as opposed to bridging) and running the web configuration interface (the default setting) are directly vulnerable. (Of course, there are lots of other ways to hang a Cisco.)

Second, now for the upgrade. The PC/Mac only options are just the typical non-support brush off you ought to be used to by now. There is nothing special about upgrading Cisco 67* that requires a Windows machine. Your a Linux user man! Use your prowess and superior techinical ability to do it yourself.

The Cisco upgrade is actually quite easy and is possible thru far more ways than the Windows/Mac utilities allow. Basically, it's just a transfer of the CBOS bin image to the router. The simplest routine is probably (from memory, read the CBOS operating system manual for the exact commands):

DISCLAIMER - Flashing BIOS is inherently dangerous, procede at your risk

But, I've done it myself (twice) with no problems... ;-)

1) Download the CBOS image file (generally name something like 675cbos2.4.3.exe, not the Windows update utility) Follow the links from here for your router models proper image:

http://www.qwest.com/dsl/customerservice/modemsupport.html

2) Unzip the .exe and locate the CBOS bin.

3) Use minicom to connect to the router via the serial port (you must use the serial port).

4) Disable external traffic, NAT, etc. Then set the router for download.

cbos> enable

cbos/ set int wan0 down

cbos/ set tftp enable

--Downloading...

5) Now, in a different term, use a tftp client to upload the new bin image. Something like:

linux> tftp -i 10.0.0.1 put nsrouter.c675.2.4.3.bin

6) Upon transfer completion, your minicom terminal should show something like:

Image downloaded successfully.

Wait a minute or two, the Cisco 67* should flash the new image and then reboot. If it doesn't reboot, but does give you command prompt, do a:

cbos/ reboot

Alot of startup messages later, your Cisco should be up and running the new CBOS version. You'll need to reset your router passwords and check the general config. You can also do new CBOS downloads in lots of other ways, reverse tftp (local tftp server, client from the router), serial modem transfer, etc. Again, read the CBOS manual... there's all sorts of ways to screw-up^H^H^H^H^H^H^H^H reconfigure the Cisco 67*.

Adrian

choprboy@hotmail.com

Re: Is This a Conspiracy?

Anonymous's picture

Sir, I have the same setup and even run a Web server based on static IPs built on a Redhat install. The 675 was effected, it evidently was tied to it's genericly defined listening port. I hit Quests Web site when my service went down and applied their fix which was to redefine the port to a random number which I did. I have since recieved calls and letters instructing me to install their permenent fix which I assume will redefine the listening port to another generic but different port. I have not done this and have had no problems. My thoughts are they would like to define that port so they can access my router at their convienence. I also do have concerns with Quests relationship with the little boys in Redmond. So far it has not impacted me. When it does though I will look for another ISP if I don't decide to anyway.

Re: Is This a Conspiracy?

Anonymous's picture

Same deal for flashing a modem or a PC BIOS. It's gotta be That Other Sucky OS. But maybe, in the case of non-BIOS flashing, would WINE work?

As for ISP's, BrightNet in Ohio does have a CSR that speaks Unix/Linux. That was nice when my mother's connection was failing. (Yes, my mother runs Mandrake Linux...)

Re: Is This a Conspiracy?

detroit_dan's picture

Before you do anything, take a look at

http://www.oz.net

which features in big red letters

Caution for Qwest DSL Security Update

The story, at

http://info.theriver.com/TheRiver/notices/n0017.html

says in part

"we strongly discourage any attempt to perform this

unnecessary upgrade".

Not that this pertains in any way to conspiracies.

It does pertain to what a Qwest/Oz customer

might consider doing about this circumstance,

conspiracy or none.

--

Dan Wilder

Re: Is This a Conspiracy?

dmarti's picture

Phil, were you able to reload the Cisco's OS from Linux?

Re: Is This a Conspiracy?

Anonymous's picture

The cisco routers with CBOS was actually affected by Code Red. Code Red tries to detect which webserver software there is running on the device, and the result of that is you would have to turn off and on your router. The newer version of CBOS fix that.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState