Skip to content
Skip to main content
U
user_7f0952

Contributor

 • 

13 Messages

Saturday, June 5th, 2021 6:37 PM

UDP port 53 intercepted

​I recently got Comcast Business service with static IP addresses. I specifically asked at installation that I not have any security services, firewalls, etc. "I just need pipes, no extras." Well, things started acting up from day 1, and I discovered (after many hours of troubleshooting) that outbound traffic to UDP port 53 to *any* address is being intercepted, modified, and redirected through IP address 208.111.35.107. This seems to be part of a "SecurityEdge" package that I had specifically asked not be deployed on my connection. This has serious, damaging repercussions as it has interfered with our own network monitoring and protection tools and left us vulnerable. We also do some security research, but are blocked from doing so by the traffic interception. We have a need to access alternative DNS spaces, but cannot do so. I am running a mail server at this site, and need to access DNS-based blocklists, but they often block access from 208.111.35.107.​

​I have searched the web site for a way to disable SecurityEdge, but all the links that appear to go to the SecurityEdge portal actually go to a page that purports to give instructions for accessing the SecurityEdge portal, and the instructions reference clicking a link on a page that does not exist.​

​Is there any way to stop my outbound UDP port 53 (DNS) traffic from being blocked, intercepted, and manipulated? It is a critical part of what I need this service to do.​

Question

 • 

Updated 

3 months ago

291

4

0

user_7f0952

Contributor

 • 

13 Messages

2 years ago

The problem now seems to be resolved. Thanks!

1

0

CC_PeterC

Problem solver

 • 

17 Messages

@user_7f0952 That's wonderful news! I'm really glad to hear that our Advanced Repair Team was able to assist in getting it disabled and that everything is working as it should be! Our peers are pretty great at being able to assist with issues that we may not have the resources for, so I'm glad our team was able to get that ticket submitted to get this taken care of! Did you have any questions or any other concerns that I may assist with today?

(edited)

I no longer actively support the Comcast Business Forum or work for Comcast. 

Like

Reply

2 years ago

0

user_7f0952

Contributor

 • 

13 Messages

2 years ago

Well, alas, after one blissful day of having my traffic routed as expected, I find that my traffic is once again being maliciously diverted by your "Security" Edge product. Is there no one there capable of disabling a "feature" that I specifically asked not to have when I ordered the service?

0

Hacked_Coder

New Contributor

 • 

1 Message

3 months ago

@markreinmuth @user_7f0952 

Happening to my residential Xfi Gateway xb7 model and xfinity mobile services as well. Port 53 being intercepted or manipulated.

0

0

user_7f0952

Contributor

 • 

13 Messages

3 months ago

A month or two ago, I needed to log into my Comcast account for unrelated reasons. On a whim, I clicked on a "Manage Internet" button and a "SECURITYEDGE" link. Another link took me to a "Comcast Business SecurityEdge" site in a new tab. There I clicked on a Settings link, and there was a page with a "web filters" switch at the top. That switch was there before, but it was disabled and now it wasn't. I switched it to off, and my DNS now works properly again. I don't know if it looks the same for residential accounts, but after two years of suffering and applying many ugly workarounds, I now have a working system. Hope this helps.

0

0