If you haven’t noticed, The Coffee Desk experienced some downtime over the weekend due to a possible security breach from comcast’s end. A few months ago, the comcast.net domain name was DNS hijacked, redirecting to a (script kiddie) web server where they broadcasted whom they were. Now, however, it appears as though someone has gained the master password to all Comcast-owned gateways (which are basically cable modems that are used to ensure YOU are using those static IPs you paid for), and The Coffee Desk experienced some downtime as a possible result.

From Friday afternoon (Eastern time) to Sunday night, The Coffee Desk and all other shared-hosted web sites under our servers were offline, yet the problem was unknown to administrators at the time since the rest of the immediate subnet was still able to access the websites. However, a writer at a remote location unable to access the site first brought the problem to attention, and troubleshooting began as a result.

After days of pinging, manually telnetting the HTTP protocol (for diagnosis) and, due to the nature of the problem, usage of cheap CGI proxies a call to Comcast, an internet service provider for The Coffee Desk, solved the problem. The root of the problem was (get this:) the Comcast business gateway firewall being “magically” enabled, though only one administrator has the password for it.

While we aren’t 100% sure that “hacking” is the cause of about 3 days of downtime, the only other possible causes would be either a Comcast employee “dropping in” for a checkup (illegal, by the way) and enabling the firewall “for our own safety”, or a firmware glitch in the modem software itself. The Comcast support technician said a log check indicated no login prior to that weekend, but did admit that every modem uses the same password, so a security breach is very possible thanks to the “know one, know them all!” strategy used to ensure that Comcast (or someone else?) would be able to log in to any modem in the event of a problem.

In any case, The Coffee Desk hosting team is keeping a close eye on things to ensure this doesn’t happen in the future, and as a result of this conducted an in-depth security audit during the downtime as part of the troubleshooting steps. On a less serious note, we decided to, err, do something with the keyboard at the page (finally). While we’d like to think that the keyboard connects to a Linux workstation, Mac users with a knowledge of keyboard shortcuts can discover a little easter egg accessible via the afore-mentioned keyboard, although fairly useless at this stage.

With less security breaches to come, expect more articles and reviews to surface here shortly.