CODA-4582 - Open Issues for Investigation

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
I Plan to Stick Around
Posts: 38

Re: CODA-4582 - Open Issues for Investigation

Dave:

Can you access my neighbourhood too and see if you can find reasons for my violent raise in GB consumption when my habits on internet have not changed one iota, OTHER than using speedtest.net about 60 measurements every day since early December 2016. ParticularIy perplexing are the numbers for the periods

Mar 8/17 - Apr 7/17

2351 GB

Feb 8/17 - Mar 7/17

   889 GB

And this month Days 8, 10 and 11. At this rate I wonder how disparaging will end up being the month's total by May 7, 2017

I do not find any reasonable explanation for the explosion of consumption downloads/uploads

 

This what i found in my account

QUOTE

 

Billing Period

Total Usage

Usage Allowance

Additional Usage

Usage Charge

Mar 8/17 - Apr 7/17

2351GB

Unlimited

0GB

$0.00

Feb 8/17 - Mar 7/17

889GB

Unlimited

0GB

$0.00

Jan 8/17 - Feb 7/17

184GB

Unlimited

0GB

$0.00

Dec 8/16 - Jan 7/17

345GB

Unlimited

0GB

$0.00

Nov 8/16 - Dec 7/16

267GB

Unlimited

0GB

$0.00

Oct 8/16 - Nov 7/16

105GB

320GB

0GB

$0.00

 

 

 

Daily Usage

Download Usage (MB)

Upload Usage (MB)

Daily Total (MB)

04/12/17

4,854

156

5,010

04/11/17

11,075

679

11,754

04/10/17

69,745

6,268

76,013

04/09/17

2,780

170

2,950

04/08/17

49,056

4,757

53,813

 

Total Usage (MB)

149,540MB

  

Total Usage (GB)

146.03GB

  

Usage Allowance

Unlimited

  

Additional Use

0GB

  

Usage

$0.00

 

The last frame is about the current month consumption now since the start of my monthly cycle on April 8, 2017

UNQUOTE

 

Thank you kindly

 

Note:

Will be checking my Prtvate Messages in the next few days in case you need to communicate with Me if further details are needed to deal with My request

 

 

I'm a Reliable Contributor
Posts: 338

Re: CODA-4582 - Open Issues for Investigation

@RogersDave

 

I have firmware 2.0.10.26T2 and still experience OFDM channels being dropped rendering my download speeds to be under 1 mb/s.  This issue is STILL not fixed with this firmware.

 

Loss of OFDM Channel Lock

Under some RF conditions, the modem fails to lock properly on the OFDM channel. This typically result in variable performance.

 

Update April 12: This problem is resolved in 2.0.10.26T2

 

 

 

Thanks

 

 

I'm a Reliable Contributor
Posts: 142

Re: CODA-4582 - Open Issues for Investigation


@Queoder wrote:

 

Mar 8/17 - Apr 7/17

2351 GB

Feb 8/17 - Mar 7/17

   889 GB

 

 


@QueJoder

The increase in your usage coincides with the dates that your modem's private info was shared publicly in February.

http://communityforums.rogers.com/t5/forums/forumtopicpage/board-id/Getting_connected/message-id/421...

 

Therefore, it appears someone else is spoofing your MAC address to associate usage to your account. 

You'll want to take your modem into Rogers & tell them the modem needs to be scrapped/destroyed due to the MAC address being in the public domain.  Wouldn't want them refurb'ing it & assigning to another customer.  You have no idea what the person is downloading, and it may be illegal content.

 

I Plan to Stick Around
Posts: 154

Re: CODA-4582 - Open Issues for Investigation


@Double_K wrote:

@Queoder wrote:

 

Mar 8/17 - Apr 7/17

2351 GB

Feb 8/17 - Mar 7/17

   889 GB

 

 


@QueJoder

The increase in your usage coincides with the dates that your modem's private info was shared publicly in February.

http://communityforums.rogers.com/t5/forums/forumtopicpage/board-id/Getting_connected/message-id/421...

 

Therefore, it appears someone else is spoofing your MAC address to associate usage to your account. 

 

 


I think it's more likely that someone is simply hitting his IP address. Once you have the MAC address you can use DNS to get the IP address.

 

I don't think that you can simply "spoof" someone's MAC address to the internet and rack up usage on their account due to the way that the modems work.  If this was possible, you wouldn't need to actually find someone's leaked MAC address as all the MAC addresses are created sequentially and it wouldn't take long to brute force finding another valid MAC address on the Rogers' system.

 

Keep in mind that the Modem itself authenticates internally to the Rogers' network before providing you with your internet access.

I Plan to Stick Around
Posts: 207

Re: CODA-4582 - Open Issues for Investigation


@Telek wrote:

@Double_K wrote:

@Queoder wrote:

 

Mar 8/17 - Apr 7/17

2351 GB

Feb 8/17 - Mar 7/17

   889 GB

 

 


@QueJoder

The increase in your usage coincides with the dates that your modem's private info was shared publicly in February.

http://communityforums.rogers.com/t5/forums/forumtopicpage/board-id/Getting_connected/message-id/421...

 

Therefore, it appears someone else is spoofing your MAC address to associate usage to your account. 

 

 


 

I don't think that you can simply "spoof" someone's MAC address to the internet and rack up usage on their account due to the way that the modems work.  


Yes you can, it hapens all the time, and its a major problem for every single cable provider on the planet. 

I'd explain how to but I wont risk my account here. Use google you will see.  It's not even dificult. 

I Plan to Stick Around
Posts: 154

Re: CODA-4582 - Open Issues for Investigation


@Jeffj wrote:

Yes you can, it hapens all the time, and its a major problem for every single cable provider on the planet. 

I'd explain how to but I wont risk my account here. Use google you will see.  It's not even dificult. 

If you're referring to MAC address spoofing of your client end, this hasn't been possible since DOCSIS1.0.

 

Ever since then, the modem itself uses the built-in HFC MAC address along with (possibly) EAE (we don't use  on Rogers) and BPI (which is used by Rogers) to authenticate and encrypt, and this happens at a modem firmware level to the cable modem network, before any consumer devices are attached. Unless you have a hacked cable modem, I don't see how this can be bypassed or taken advantage of, certainly not easily. Furthermore, with BPI enabled, even if you have a hacked or completely dumb modem, you still won't be able to spy on neighbouring traffic to get any useful MAC addresses.

 

http://www.dslreports.com/faq/3455

 

Resident Expert
Resident Expert
Posts: 6,140

Re: CODA-4582 - Open Issues for Investigation

Fwiw, this was more of a problem two to three years ago on Rogers.  It was common to see complaints where the usage had skyrocketed for a day or two or users accounts, more commonly when the user was away.  In any event, it would seem that Rogers has done a lot of work in this area.  The current state obviously isn't perfect as this does come up from time to time now, but, the incident rate is much much lower than it was before. 



I Plan to Stick Around
Posts: 154

Re: CODA-4582 - Open Issues for Investigation

Keep in mind as well that another explanation is that some device in your network is infected, and being used externally.

Highlighted
I'm a Reliable Contributor
Posts: 142

Re: CODA-4582 - Open Issues for Investigation


@Telek wrote:

Keep in mind as well that another explanation is that some device in your network is infected, and being used externally.


Yes, this is also a possibility, and would be validated if the upload qty was higher/closer to the download qty.  Given the disparity between his/her download & upload, their personal devices don't appear to be used as a proxy.  2TB+ is a lot of movies to store somewhere.  However there could be a rogue device connected to his/her wifi doing the downloading.  

Just way too coincidental that his/her usage has increased around the same time as the MAC address was shared on this forum.

I Plan to Stick Around
Posts: 154

Re: CODA-4582 - Open Issues for Investigation


@Double_K wrote:
Yes, this is also a possibility, and would be validated if the upload qty was higher/closer to the download qty.  Given the disparity between his/her download & upload, their personal devices don't appear to be used as a proxy.  2TB+ is a lot of movies to store somewhere.  However there could be a rogue device connected to his/her wifi doing the downloading.  

Just way too coincidental that his/her usage has increased around the same time as the MAC address was shared on this forum.


I'll agree there -- however I noticed something else interesting in their message:

 

OTHER than using speedtest.net about 60 measurements every day

If this is true, that's a massive number of bandwidth tests. I assume that this is an exaggeration, however this could be a large contributing factor since this also happened around the same time as their bandwidth usage drastically increased.

 

On a gigabit connection, according to my modem, 60 tests per day would be about 3TB/month.