[BALUG-Admin] Comcast Business apparently blocking 5353 UDP Re: linuxmafia.com "retry limit exceeded"

Michael Paoli michael.paoli@berkeley.edu
Mon Jun 3 16:57:13 UTC 2024 

And ...

Fine with moving it back to BALUG-Admin (does, after all, at least
overlap BALUG, notably BALUG.org DNS and Comcast Business
breaking the (5353) redundancy work-around for other things
Comcast Business has been known to break (notably with SecurityEdge)).

And Rick, your checks, etc., I don't think you're missing anything.
Let me know if, e.g., you need/want me to do anything on, e.g. the
96.86.170.229:5353 side of things.

On Mon, Jun 3, 2024 at 9:36 AM Rick Moen <rick@linuxmafia.com> wrote:
>
> Quoting Al Whaley (aw009@sunnyside.com):
>
> > That security edge feature is no longer optional on Comcast business
> > accounts. However you can log into your Comcast business website
> > portal as yourself and look at your options and very quickly turn
> > security edge off.
>
> Guys, I've moved this back to balug-admin, because I like the record
> that keeps, and we're not talking about anything that dannot be public.
> Is that alright?
>
> Good idea about that accursed SecurityEdge "feature".  I've now disabled
> that blasted thing in the Comcast Business account to the extent they
> permit, I think?
>
> Initial login takes me to
> https://business.comcast.com/account/dashboard/accounts/689906011127102015Comcast.IMS
> where I see Subscribed Services described as "Business Internet
> Essential 150 Mbps / 25 Mbps" and below that "SecurityEdgeTM", which is
> a link, following which goes to https://securityedge.comcast.com/#home ,
> showing tab Dashboard, which has nothing adjustable, but move on to tab
> Settings, page https://securityedge.comcast.com/#settings/profiles .
> Here, "Web Filters" had a predefined "protection level" of "Light", but
> one can select "None", which I did.
>
> Scrolling down the page, everything settable is Off, except that section
> Internet Security has "Malware & Phishing Protection" set to "On", which
> slide control is greyed out (unchangeable).  Subtitle is "Keeps user
> from compromising the network or their personal data if they
> accidentally or intentionally access infected web [sic] pages or click
> on phishing emails."  Select Save at the page bottom to implement.
>
> Slide control "Web Filters" at the top of the page now shows Off.
>
> The other tabs, "Block & Allow Lists", "Block Page Construction",
> "Domain Lookup", and "Scheduled Reports" don't appear to have anything
> useful for my purposes.
>
> Orange banner at the very top of the page now says:  "Web Filter
> Protection is now off.  To safeguarg your network, Malware, Phishing,
> and Botnet Protection remains on.  Learn More [link]."
>
> Following link goes to
> https://securityedge.comcast.com/#help/turning-web-filters-on-and-off ,
> which is a long documentation page including justifying preventing
> turning that part off:
>
>   Malware, phishing and botnet traffic is generated by malicious
>   software. Protection against this traffic is critical. This is why we do
>   not recommend disabling the Malware and Phishing setting for any user
>   profile. The setting remains enabled even if you turn off Web Filters.
>
> Also notable:
>
>   To turn Web Filters on or off, log in to Comcast Business SecurityEdge.
>   On the top right of any page, click the Web Filters toggle switch: from
>   On to Off to deactivate the Protection Level, Block & Allow Lists and
>   Off-Hours Internet Schedule, or from Off to On to activate them. The
>                                                                    ^^^
>   change is applied immediately.
>   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> Noting that final sentence, I now attempt another smoke test, to see if
> the problem is gone:
>
> $ dig -p 5353 @96.86.170.229 balug.org
> ;; connection timed out; no servers could be reached
> $
>
> Nope.
>
> Noting Al's wording "look at your options and very quickly turn
> security edge off", I try to see if there's another entry point into the
> account to do so.  What about "My Account" over on the far side of the
> navbar for
> https://business.comcast.com/account/account-details/689906011127102015Comcast.IMS
> ?
>
> I see:
>   SUBSCRIBED SERVICES:
>   Business Internet
>     - SecurityEdge
>
> Clicking "Business Internt" takes me to
> https://business.comcast.com/connectivity/internetdashboard/ , Where
> Item
>   SECURITYEDGEtm
>   Cybersecurity
> is shown as "Disabled".
>
> At some point, I tried toggling the "Web Filters" toggle from the Off to
> the On position, and then back to Off.  This resulted in my losing
> connectivity to my server for a few minutes, getting Network Unreachable
> on my ssh reconnection.  I infer that the "modem" device was resetting.
>
> I continute to get...
> $ dig -p 5353 @96.86.170.229 balug.org
> ;; connection timed out; no servers could be reached
> $
>
> Al, Michael, am I missing a trick, here?

More information about the BALUG-Admin mailing list