So I'm a network admin. I use strong passwords, alphas, numerics, etc.. keep a tight lid on what i install. AVs, spyware scans, etc.. no crap gets on my systems. Its been quite a number of years since I've had to clean out any of my systems.
Moving on...
My boss hands me a mini today from one of her family members - supposedly it has a bug and they didn't want to pay the geeksquad people.
Hearing that it has a bug, I didn't want to put it on the work network so I decided to hook it up to the wifi tether on my phone and download malware bytes via that. I figured - no windows bug is getting on my linux phone. I didn't think about any network-based attacks.
Few hours later, I turn my tether off and go to lunch when I visit my chiro twice a week. I'm laying down getting my back all jazzed up when my phone pops up with a "sign-in" error to my gmail. The password that I knew to be true didn't work. I hop on the bike and rush back to work.
I find all my googles signed out. I attempt to sign back in and get prompted with "suspicious activity detected, please verify". I did so through SMS and was prompted for my OLD password - which worked to my surprise (hacking 101: when you get in, first thing you do is change the pass). I was then prompted to change the pass which I did. I logged in to my gmail and saw a mobile login from an IP in peru. I also found quite a number of NDRs in my inbox (20 or so) with just a URL in it - so it was compromised for spam purposes.
Doing scans on all my systems, no sniffers or keyloggers running. They never had a chance to but just in case, i ran the scans anyway. My only thought is that mini connected to the net through my phone.
I'm thinking that since the phone presents itself as a wireless router and hands out DHCP, whatever local IP the phone sets itself to becomes the default gateway for the mini. If that mini is truly infected (at the moment, I'm not finding anything on it), and it does a network scan type of thing - could it have picked up some SMTP port that our android kernel keeps open? At that point, it wouldn't need my password (which would make sense that my old password worked). I didn't give it much thought at the time but I did think that a few hundred MBs of download was kinda high while the tether was connected.
So thats my question to anyone familiar with the kernel - network wise, are there any open, unsecured (smtp is unsecure in its nature..) services ran by the kernel? Once the phone goes into router mode and gives itself a local ipv4 address and a node (in this case the mini) hops onto the same subnet - those services would be readily accessible to that node.
IE: this bug scanned for port 25 or something.
Related
Hi. This happened to me twice on my Dopod 900 so I'm guessing something is wrong here. I have a 128bit WEP enabled home WiFi network. The Dopod works well on this network but I was asked on two occasions to enter the WEP key again. I enter it and it works for a few days and then all of a sudden it is asked of me again... Anyone else seen this behavior? Any ways to avoid it? Thanks
You're not the only one.
The Universal loses my access points (completely disappears from the list) and wants to re-pair my Bluetooth devices (GPS and headset) (sometimes they are listed, sometimes they disappear from the list, too) every so often. I'm surprised no one else has talked about this either.
I've seen it also. If your universal seems unusually slow to connect ot the access point, you better have to stop it, or it will loose your access poitn info. After a soft reset, everything goes back to normal.
This behaviour is appening rarely though, and is not a major bug to me, as it only appens once every 100 connections. It can also depend on your access point.
I connect my o2 Exec with my own and four different customer's ADSL-router/gateway/WiFi devices and have not experienced this, even when a couple of weeks elapse between my site visits. I normally configure full WPA-PSK/TKIP encryption, MAC address restrictions and use DHCP allocated addresses. A VPN is then used to connect from the wireless side through another firewall to the internal network.
Is there any correlation between the WiFi routers that have given you all problems. I use various ZyXEL models.
Getting really strange... All of a sudden, I'm getting prompted for my Exchange password that I connect to 4Smartphone.net... It seemed to have forgotten the password?
WTF?!?
lose wep
same for me
So it is not only my ****ty non -updated sfr rom ;-)
Are you getting a NO GSM message on your boot screen and/or is your IMEI missing from the Device Information applet?
I'm trying to see if the two issues are related.
I got the NO GSM message, and from that point forward, I lost the pairing of my Bluetooth devices and the wireless access points.
My theory: Any passwords or authentications are encrypted using the IMEI of the phone portion. When the IMEI is not present (shows a blank under Device Information) due to the NO GSM issue, the Windows Mobile OS instantly wipes out those "invalid" passwords or authentications or simply invalidates them, causing you to reauthenticate the device to other devices.
BeyondtheTech said:
Are you getting a NO GSM message on your boot screen and/or is your IMEI missing from the Device Information applet?
I'm trying to see if the two issues are related.
I got the NO GSM message, and from that point forward, I lost the pairing of my Bluetooth devices and the wireless access points.
My theory: Any passwords or authentications are encrypted using the IMEI of the phone portion. When the IMEI is not present (shows a blank under Device Information) due to the NO GSM issue, the Windows Mobile OS instantly wipes out those "invalid" passwords or authentications or simply invalidates them, causing you to reauthenticate the device to other devices.
Click to expand...
Click to collapse
I don't know if it is relevant, but in the last 10 days I've come up with the PHONE OFF display without any reason. When this happens the phonepad appears out of nowhere, instead of my carrier's logo, it says Phone Off and the 9000 freezes.
Only soft reset solves the problem No I didn't have any problems YET with the WEP keys in my wifi connections...
Should I be worried though??? :roll:
I'm not getting a NO GSM message on my boot screen or my IMEI is missing not from the Device Information applet. Sorry for not being able to confirm your hunch. The only times this happened to me was when I was at an extreme edge of the WiFi coverage and signal was very low. I was flipping in & out of it and eventually the WEP key prompt popped up. Very strange. Moral of the story for the time being for me, stay near that AP... Oh by the way, its a Netgear for what its worth.
Save and Restore Wifi Settings
My understanding is if there is any problem connecting to Wifi, WM6 deletes the Wifi settings for that access point. I think my friends have come up with a quick solution to this problem. Wifi Hero is a little application you can get for $2 that saves and restores your wifi settings using standard Windows Mobile APIs. Search for "Wifi Hero" and you should find it or the direct link is http://www.wireless-apps.net/desc.php?d=d1&id=246823
The coders work for Implicit Software (www.ImplicitSoftware.com) if anyone is interested in a site licence for this tool you can contact them through their web page.
Have you guys tried going to start>settings>connections>wifi>power> and putting it at "best performance." I've heard of similar (also experienced) issues when the bar was at best battery.
Hi,
A newbie, dummy, etc to the WM5.0, o2 xda exec device and what not + great to see this resource out there. I have got no WiFi or BlueTooth setup, the device set me back heavily for a good little while ;-)
Meanwhile attempting to develop some apps at home, I am trying to avoid O2's call plan data usage and connect to desktop PC (ie. some custom TCP apps running on it) as well as attempt to use its internet connection via USB/ActiveSync.
Have looked around for hours, hit google and more, and all I could find is help topic in ActiveSync : 'Use ActiveSync to "pass through" this computer, which of course I can't see working. For example, pocket IE just comes back with 'address is not valid' for any IP address I specify.
I can see the IP addresses associated with ActiveSync, ping them etc. but for the life of me I can't figure out what's required to use the pocket IE or any TCP client on the device to see the desktop's IP address or use its internet connection.
Any help greatly appreciated.
Regards,
Andy
In ActiveSync, go to connection setting. At the box "This computer is connected to", choose "The Internet".
It suppose to work now.
Thanks for the prompt reply. Have tried that, and what it presents is 'automatic', 'work', and 'internet'. I would have imagined it would present an option to chose my dial-up connection but nope, only those three choices are there.
None of them work, my setup does use a USB modem but I suspect that might not be a problem (although ActiveSync (4.1) seeems to be touchy about other USB devices judging by some web searches).
What I do see is a new Local Area Connection in network control panel for the mobile device. All its IP properties are set to automatic (private IP is automatic too). Event Log on the desktop doesn't report anything wrong either.
I try to use IP adrresses as URLs in Pocket IE only, hence it eliminates DNS issues or similar. I've also wiped the firewall to make sure it is not interfering in any way but still no luck.
What I am wondering now is whether this automagically works for others, if they had to add new modem connection or something on the device, and whether they had to enable Internet Connection Sharing on their dial-up (which I tried and messed up IP addresses and DHCP to some extent so I reverted back).
Any hints where I could be screwing up appreciated.
Regards,
Andy
From what I understand reading all day long (won't give up easy, is that pass thru is achieved through layered LSPs but somehow it's not working (question being does it really work with an USB/Dial up broadband).
And miserably failing at it, the network connection given to PC has following:
DHCP enabled
IP-Address : 169.254.2.2
Subnet-Mask: 255.255.255.0
Defeault-Gateway: (none specified)
DHCP Server is the Windows CE device and given address 169.254.2.1.
I would appreciate if someone can share their (working) Remote-NDIS Host settings from device in Settings/Network Cards/The Internet.
Thanks in advance.
Found and grabbed the settings off the web and some other forums, (169.254.2.1, and subnet mask of 255.255.255.0), things get "better".
"better" = another mega piece of nonsense.
R-NDIS Host now reconfigured, Pocket IE is still unable to use the USB dial-up broadband (no USB hubs involved on the desktop pc btw)
By some odd accident, started the MSN and while it refuses to check mail or similar (edit: it did allow it eventually), its chat features are working perfectly fine. Looking at desktop trace it goes off to :
ip48.hotmail-ppe.com via https
While that will return nothing to a browser based setup it certainly manages to use the desktop PC's connection as wireless is totally off on the device (called flight mode off is it, or similar?).
If anyone has seen or could explain this, or what on earth to do to get the IE (which consistently refuses with 'The address is not valid') to see the desktops connection from here, I'll be their slave for a week ;-)
Regards,
Andy
Matter solved, notified the networking and hopefully they pass it to IE team.
Put simply, write your own web-browser and it'll work
;-)
layman said:
Found and grabbed the settings off the web and some other forums, (169.254.2.1, and subnet mask of 255.255.255.0), things get "better".
"better" = another mega piece of nonsense.
R-NDIS Host now reconfigured, Pocket IE is still unable to use the USB dial-up broadband (no USB hubs involved on the desktop pc btw)
By some odd accident, started the MSN and while it refuses to check mail or similar (edit: it did allow it eventually), its chat features are working perfectly fine. Looking at desktop trace it goes off to :
ip48.hotmail-ppe.com via https
While that will return nothing to a browser based setup it certainly manages to use the desktop PC's connection as wireless is totally off on the device (called flight mode off is it, or similar?).
If anyone has seen or could explain this, or what on earth to do to get the IE (which consistently refuses with 'The address is not valid') to see the desktops connection from here, I'll be their slave for a week ;-)
Regards,
Andy
Click to expand...
Click to collapse
The fact that you can see the new Local Area Connection (Windows Mobile-based Device #..) proves that your Pocket is connected with your PC.
The “Remote NDIS Host” setting can be “IP address allocated by server” (then you may have an error message, but you should share the PC internet connection with the Pocket), or “Specific IP address” 169.254.2.1 (Subnet Mask 255.255.255.0).
So, your problem may come from the connection that PIE is trying to use.
The settings of “Parameter/Connections/Connections/Advanced/Select Networks” should be “Work Network” (réseau de bureau in French) in which :
General = parameters set name
Modem = “empty”
[VPN = “empty”]
Proxy parameters = “This network connecting to Internet” ticked
“This network connecting to Internet through a proxy server” NOT ticked (unless you are connecting to internet through a proxy server).
Sometimes, when you change from GSM/GPRS/UMTS networks, you must soft reset the Pocket to make sure that PIE will use the newly selected network.
In my case my PC is connected to the ADSL modem through a router, which is used as a DHCP server. Then my pocket is getting an IP address by the router in my local network range (different than 169.254.2.1). I don’t know if the connection of the modem on USB can be a problem, but I don’t think so.
You mentioned “some custom TCP apps running on” the PC, did you try without?
Good luck
Had similar Problem ....
Hi Layman,
Your problem sounds very similar to mine - except that I have a cable connection rather dial-up. Differences aside:
I had a machine at work where I plug-in my XDA and it works fine with the inernet.
It refused to work at home. To cut a long story short ... Check your settings are correct, and DO NOT SHARE THE INTERNET on your machine.
On my XP at home I had a bridge (or connection sharing). Once I deinstalled that everything worked. The symptoms were simialr to yours, I can ping local machines but cannot go to the interenet.
My setup at home,
XP Home Edition
USB connection
Activesync 4.1
CABLE modem connected to a wireless/wired switch router.
This machine is connected to the switch.
NO Internet connection sharing.
Hope thi shelps.
Hope this helps...
Thanks to both of you for reply, I pretty much took it as IE bug and slashed out under (real identity at MS guys but no harm meant etc. All a good thing.
------------------------------------
Glaps, cheers, have tried that on number of occasions and what was weird is that it kept coming back checked, or that everything would be unchecked. I just did the tests again
As per earlier posts I switched to purely flight mode (no wireless), so soft reset wasn't required. Having said that and looking at it, I can confirm the My Work connection to use Internet (not proxy) gets unchecked
on every soft reset (perhaps another bug? Yep, it's a BUG ).
Even in a single boot, when I triple, quadruple checked the proxy was not on and that the setting was still unchecked, and that IE was available on Work connection PIE wouldn't connect. I think I did a hard reset about 100 times as well and none of it helped. I've tried probably 20 variations on the theme with many settings. The fact remained IE-irony was the only app unusable.
(This pretty much makes the Connection/Settings on ActiveSync4.1 to use pass through for work or internet irrelevant, it should be all automatic. I think the idea of it all was that RNDIS and that DTLP feature is intelligent enough to figure out what's local network (work) or internet. Frankly I think it was a mistake taking that route for one scenario at least, but time will tell, no point speculating and certainly off topic..)
------------------------------------
RedJupiter, cheers. I can confirm the above holds for the disabling of Internet Conn Sharing too. It is not a deciding factor for the device or more correctly Pocket IE. With or without ICS, all applications apart from IE work.
To add to this (and encourage the debate perhaps, at least others/I can learn more from other experiences), in the last 3 days I've seen numerous posts on how to configure ActiveSync 4.1 'correctly' (heck even the install is labeled wrong, 4.0, speaks volumes). Suggestions ranging to enable IP routing in registry on desktop XP box, to enable NetBios over TCP/IP, to configure WINS, DNS etc. All of which I just don't see affecting much at all (at least in my own setup)
Here it is a USB modem, no routers, simple Dell 9100 box. So two USBs used: one for device and one for broadband modem. (will post the ROM versions and other stuff later). Ops, add another one for keyboard but surely that shouldn't do interrupts or something ;-
Custom app HTTP requests succeed with no problem at all, all other apps work with internet too. Pocket IE stands out.
Hope I am proven 'wrong', it really don't matter on that front. It's just that I can't test with Pocket IE and must give money to provider just to use the browser with settings (MyISP) that will probably make it work (which btw, I haven't setup yet; and will be surprised if that solves this problem instead . Call it avoiding O2's 'mega-bloat-software' install that smashes the device effect, so I am even scared to set the ISP up since that freezing cold experience lol.
( was an intro, but consider it ignorable as it is just early experience:
Above all together only part of the story because the whole thing is as unstable as it gets, the device (OS really) can get really shaken when running low on memory. Files get deleted as you watch them, ActiveSync can return consistent 0x8007000E error on the device (wonder if anyone is checking this really) although plenty of free RAM is on it. Google just solidifies all this with the number of hits and problems related, but things ActiveSync can do (like add files) are just beyond any bug reason; it needs to be scrapped really and alternatives are available so no more moaning from me there).
Ok just one more , what's more things get far more messy when you involve VS 2005, bugs in all OS-es with SSL usage, cert handicaps, you name it. I guess that tells what I am doing with the desktop, simply
trying to do a full roundtrip and test my own server running on desktop. Turned out a web client was required so went down the route to host the browser and pump the HTTP/S myself. Of course, turns out there are issues with the TCP/IP Winsock interface and limitations not only related to authentification and certificates but more, but it's a start. Besides, I am glad I can hit websites from the device (not just desktop debugging)
Eventful 4 days, and all I can conclude is that coming back to software+hardware, jack changed in last 6 years of software 'advances'. Yet you'll see new AKUs, new issues and what not before all the other important bits are resolved first.. But .NET adoption will keep smashing those devices until they figure out it's not sensible having it at all if all software that will run on it would use it like its Free Money Monday every day; not until they sort out the desktop GUI and RAM eating experience first; and it will still all be classified as 'vis ta bloat' OS. )
Rant over
------------------------------
Device : O2 EXEC DELETE * O2 FROM [CABs]
ROM version: 1.13.82 WWE (ROM Date: 11/30/05)
Radio version: 1.04.02
Protocol version: 42.37.P8
ExtROM version: 1.13.188 WWE
OK, I don't knkow what else to try here, hence the post!
I'm trying to get my XDA exec (Universal?) to connect to my work VPN. I've entered all the details exactly the same as they are on my laptop (which works) and yet when I try to connect, I get an error message saying "VPN Server problems. Verify your username and password, and try again. If the problem persists, turn the device off and try again." This message appears instantly, as though it is not even trying, and my GPRS connection terminates, without an error message, without a warning. What I think is happening is that as soon as I ask to activate the VPN, it disconnects the GPRS, and then the VPN won't work because of that. Which seems rather stupid.
I've tried rebooting, I've tried changing every setting in the VPN connection, I've tested the GPRS connection by visiting websites, I don't know what I can possibly be missing. Any advice would be greatly appreciated.
This has absolutely killed my faith in this device. It stops synchronising my mail at least once a day, without warning, it has crashed in the past, destroying mails I was writing at the time, and I find it generally unreliable, unfriendly and considerably less useful than a BlackBerry. Sorry, but I had to say that, I'm tearing my hair out here...
im not sure if you can do VPN over GPRS you may require a wifi connection for that.
Hello faethor, fancy meeting you here!
I know on the XDA IIs it worked over GPRS, so it would surprise me if it didn't on the Exec, but perhaps you're right...
I don't care any more, fed up with the damn thing for today...
This is possible, but there are various possible problems.
It could be something as basic as you need to add your company web-site in the 'exceptions' list (Start, Setting. Connection (tab), Connections (icon) advanced, exceptions). e.g *.companyname.co.uk.
It is worth checking with your IT people if certain IP address ranges are also blocked (e.g. for extra security).
Network tech support are quite rubbish on this, and it took me, my former MD and our IT company several hours to get it sorted last time we tried this!!
The queston is do you need VPN for document view / transfer or is it just for email / contacts on the move (you mentioned Blackberry)?
If your company has MS exchange 2003 the exec sync's straight in using yout outlook web access settings (a tick box also needs to be enabled in the server) or you could use something like www.seven.com which I have had both personally and corporate which works brilliantly.
If it is full VPN you need, I can provide documentation or contact numbers which may help.
It may be that your VPN connection needs to be the GPRS settings (and using the APN vpn.o2.co.uk (you said you were using an XDA which is an o2 branded HTC device) and your conx to your server via proxy is your home server details?
A bit frustrated at the moment - I can't get past the checking connection stage on my phone. I live behind great CHinese Firewall. When I first got the phone I set it up at work which has a VPN-ized network. I waited until my holidays (now) to unlock, root, etc.
However, I do not have access to vpns that are router based - only computer based. I can't seem to share these connections to get the Nexus to register and check a connection - phone times out rather than taking suggested 2 minutes. I can't seem to skip the process either. I CAn't get back to work at the moment so I am left with 'Couldn't connect to the Internet' message and of course LTE won't work either as it's behind the great firewall.
ANy suggestions on how to gain access to my phone? Help would be appreciated.
I guess when nobody can help, you help yourself -OK - I am back in business For those few people/souls in my situation who are behind the GFW of China without enough Chinese, this may assist. While I know that my work can normally be relied on as it has a network with VPN, we are on holiday for a couple of weeks and so its network is running, but without VPN ... so ... Trying to share a vpn connection from either a mac or PC wasn't working to open the phone either. However, good old local Starbucks came to the rescue. I guess it has a VPN of sorts to access all the google framework and so forth (certainly can't access facebook there though).
Long story short - you can get the process going by visitng a big western shopping centre or chain store if you are stuck at the beginning screen and enduring the whole two minute 'connecting' wait/time out fiasco.
Cheers
Hi all - first off apologies if this was asked/answered, I tried searching several different ways and kept getting search errors for some reason.
I am running Android N on my Nexus 6p, and have been for some time. I love it so far, and have had no issues minus one- whenever I try to connect to a wireless network (at my place of employment for example) that requires you to log in via a web portal (to agree to their terms etc) I cannot seem to get it to do so. It fluctuates between "obtaining IP address" and "connected no internet" and if and when it stays connected long enough to pull up the browser, whatever address I type in, it pulls up, but only because it falls back to LTE.
I've browsed the wireless settings themselves and cant seem to get around this. Any suggestions?
the same here i don;t know what causes that problem. the problem started after update patch october 2016
I haven't encountered that issue yet, am on the October update, and have used this feature a few times.