Crystal Web ADSL performance feedback thread Part 3...

Status
Not open for further replies.
Thanks for the info guys. Super useful.

snail112 said:
Bryn, try moving your cctv dvr to an offline router. They could be trying to access your cctv cameras to look what is going on in your house.

Just a thought.
Click to expand...

Not keen to complicate my setup here. The DVR requires a fairly safe password to access, and the cameras are aimed at areas that aren't sensitive to an invasion of privacy. They let me see both access points into the property, the main lawn in front of the main entrance and another area where thoroughfare is inevitable for anyone walking around outside. They're not IP cameras btw, but a Samsung all-in-one system.
 
Official Crystal Web ADSL performance feedback thread Part 3...

wingnut771 said:
It probably is a ddos attack, and by changing isp's you're changing your IP. You could also leave your router off for 20 mins to get a new IP.
Click to expand...

Then the ISP would surely be able to see the traffic originating from the outside?

Also by default you should be dropping/blocking all traffic from the outside which should make a DDOS not actually consume any data and definitely nowhere near the volumes you are seeing without killing the line.
 
Just sent off a bunch of AVG and Malwarebytes screenshots to CW support. I must commend their customer service - it's been nothing but great so far. I haven't had any data go off the Afrihost account today. When I have more CW data I'll switch over and see if it starts flying out again.

CW mentioned something about malicious software on a device in my home network sending our IP address with each session. Not sure how this is detected on their end, but I will be bewildered if some random malware can cause 500+GB of data to be downloaded in a few days. Surely this usage would reflect on one of the existing devices? The desktop PCs aren't downloading all the data, according to GlassWire. And where does all this data go? It sure isn't on any of our drives.

Anyway, hopefully a mystery that will be solved.
 
SauRoNZA said:
Then the ISP would surely be able to see the traffic originating from the outside?

Also by default you should be dropping/blocking all traffic from the outside which should make a DDOS not actually consume any data and definitely nowhere near the volumes you are seeing without killing the line.
Click to expand...
Doesn't matter if you drop the traffic. It still comes down your line.
 
Bryn said:
Just sent off a bunch of AVG and Malwarebytes screenshots to CW support. I must commend their customer service - it's been nothing but great so far. I haven't had any data go off the Afrihost account today. When I have more CW data I'll switch over and see if it starts flying out again.

CW mentioned something about malicious software on a device in my home network sending our IP address with each session. Not sure how this is detected on their end, but I will be bewildered if some random malware can cause 500+GB of data to be downloaded in a few days. Surely this usage would reflect on one of the existing devices? The desktop PCs aren't downloading all the data, according to GlassWire. And where does all this data go? It sure isn't on any of our drives.

Anyway, hopefully a mystery that will be solved.
Click to expand...

If there is a piece of software advertising the IP then the people performing the DDoS don't need to attack a device. They attack your IP. Free apps on Android with malicious advertising and browser addons occasionally do this but ordinary trojans and malware are also likely culprits.
 
Sanemoon said:
If there is a piece of software advertising the IP then the people performing the DDoS don't need to attack a device. They attack your IP. Free apps on Android with malicious advertising and browser addons occasionally do this but ordinary trojans and malware are also likely culprits.
Click to expand...

Weird. So much work and no clear profit motive. I also don't understand why the attack has relented today.

Could the service sending out my IP address not be an innocent one? Like something that checks in after boot, such as OneDrive, Evernote, AVG, UnoTelly Updater etc?
 
Bryn said:
Weird. So much work and no clear profit motive. I also don't understand why the attack has relented today.

Could the service sending out my IP address not be an innocent one? Like something that checks in after boot, such as OneDrive, Evernote, AVG, UnoTelly Updater etc?
Click to expand...

Highly unlikely unless those services themselves have been compromised. It is more than likely some other app.

As for profit motive there is none. What used to motivate this was sincere activism and their targets were corporates they felt had done wrong. Nowadays it is just a bunch of kids buying services on the darkweb or even unethical companies targeting their competition when it is a company hit. It's the digital equivalent of blowing someone's post box up for kicks.
 
I've postponed the hectic device-by-device testing CW is going to do on my connection to Wednesday, when I'll actually be at home long enough to ensure compliance to proceedings. It just involves starting with one device on the network, then adding more hour by hour. All devices have been scanned for viruses and malware. The only malware I thought I found (with Steam in its name, but in a sketchy location) turned out to be legit, as Steam complained when opened and did a quick repair on itself.

It might just be coincidence, but I haven't had any issues since starting on my replacement Afrihost account. Usage is totally normal. I've also been monitoring the wifi like a hawk and haven't seen any unrecognised users. This is without even changing the wifi password.
 
anyone heard of any price cuts from CW? I just checked Web Africa 20mb uncapped, it's R495. where CW 20mb uncapped basic is R995. That's a bit of a price difference.
 
Yup. The price differences are getting bigger and bigger...

While I certainly enjoy the service level and don't have reason to move yet...once the options become too good I might have to move.

Really dislike this lack of comms from CW on this forum post the DJ... ban :(
 
crackersa said:
anyone heard of any price cuts from CW? I just checked Web Africa 20mb uncapped, it's R495. where CW 20mb uncapped basic is R995. That's a bit of a price difference.
Click to expand...

:wtf: Joh...

Bloody hell. 8Mb/s with them is cheaper than my current 4Mb/s with them. I assume the service level must be bad then, that can be the only explanation as to why they're so cheap.
 
crackersa said:
I dunno. Don't see to many complain to from them.
Click to expand...

But there MUST be a reason, don't you think? Otherwise CW are basically pricing themselves out of the market.

What I do know, is that WA does not have any unthrottled packages, which I do with CW Home Premium, which is one reason I'll stay. But I see no reason (yet) why those on Basic accounts should really stay with CW if WA's service isn't shocking.
 
Orihalcon said:
Yup.

Hoping for some PR of ANY kind to tell us what is coming down the pike.
Click to expand...

I'm starting to as well. Last week I was still standing up for them, but that's when I thought it was only premium accounts that were so much more expensive. Now it's clear that like-for-like accounts are also quite pricey, comparatively speaking. Disappointing to see tbh.
 
Status
Not open for further replies.
Back
Top
Sign up to the MyBroadband newsletter
X