Strange problems with Barclays Bank web access.

Strange problems with Barclays Bank web access.

Post by Chris Evan » Fri, 25 Jun 2004 00:36:52


On Tuesday of last week (and since) I couldn't get through to barclays
online banking log in page
https://ibank.barclays.co.uk/fp/1_2n/online/1,13863,logon,00.html
I get past 'looking up remote host name" it then says "connecting to remote
host" then a 30 sec wait and errore message:
"no data could be fetched from this url" with a blank screen

I get the same results on Fresco & Oregano 1 or 2
I'm using the ant suite
All other sites seem to be working o.k. including another HTTPS site

Last Wednesday one of the other computers here connected o.k. It also now
errors like the other computer!

On one occasion http://www.yqcomputer.com/ worked, then clicking a link for
personal banking which takes you to http://www.yqcomputer.com/
didn't!

A PC we have here connected to the same router allows access fine!
Barclays claim they haven't changed anything.

Any ideas it does seem very strange.

All our computers including the windows XP machine are
1.x.y.z mask 255.0.0.0 i.e. standard 'ShareFS' IP addressing

Our static WAN IP is 194.106.46.76 connected via f2s.com

Chris Evans

--
CJE Micro's / NCS / Fourth Dimension 'RISC OS Specialists'
Telephone: (01903) 523222 Fax: (01903) 523679
XXXX@XXXXX.COM http://www.yqcomputer.com/
78 Brighton Road, Worthing, West Sussex, BN11 2EN, UK.
 
 
 

Strange problems with Barclays Bank web access.

Post by Michael M » Fri, 25 Jun 2004 01:33:22

In article < XXXX@XXXXX.COM >, Chris Evans









I'm getting the same problem here with Oregano 1 and 2 also Fresco they
told me at there helpline that there is no problems at their end, Just
tried it on my lap top and got in with no problems what so ever.

Best Regards, Mick

--
|^^^^ Michael Martin ^^^^^ XXXX@XXXXX.COM ^^^|Using Kinetic RiscPC|
| * http://www.yqcomputer.com/ *| Email and News by |
| ^^^ http://www.yqcomputer.com/ ^^^| !Pluto |
|====== Risc OS immune to email Virus ======|===With RISC OS 4===|

 
 
 

Strange problems with Barclays Bank web access.

Post by James Burs » Fri, 25 Jun 2004 04:19:33

I'm also seeing this problem with ibank.barclays.co.uk (and also
www.barclays.co.uk). I've investigated, and the problem appears to be a
feature of the RISC OS TCP/IP stack.

In summary: (some versions of) the RISC OS stack implement an extension to
TCP/IP called T/TCP < http://www.yqcomputer.com/ ;, and this is
presumably now considered an error by some router or machine at Barclays.
T/TCP is apparently experimental and now obsolete.

The short-term solution is to ask Barclays to reconfigure their system to
accept this. In the long-term, it would probably be better to modify the
RISC OS stack to stop using T/TCP. I've just seen one case of this before,
but there may be more.

Detail: using a packet sniffer shows that there is no response to the
initial SYN sent by RISC OS. I disassembled the packet, and using sendip
under Linux reproduced the problem. The cause is the T/TCP "CC.NEW" TCP
option which RISC OS includes in the SYN. To reproduce under Linux / Unix
using sendip < http://www.yqcomputer.com/ ;:

sendip -v -p ipv4 -is 10.0.0.20 -p tcp -ts 1490 -td 80 -tomss 1460 -tonop
-towscale 0 -tonop -tonop -tots 299013:0 -tonop -tonop -tonum 0c000001d4
62.172.239.139

replacing 10.0.0.20 with your IP address. You'll see that no SYN,ACK is
received. Remove "-tonop -tonop -tonum 0c000001d4" and a SYN,ACK arrives as
expected.

James
 
 
 

Strange problems with Barclays Bank web access.

Post by Chris Walk » Fri, 25 Jun 2004 04:33:52

In article < XXXX@XXXXX.COM >, Chris Evans


Oregano 1 here won't connect and yet my PC running Opera under Linux goes
straight in to both of them.


Barclays are telling porkies?

--
_ .-----------------------------------------------.
__ __| |_ __ __ | NB: When replying, please remove "invalid" |
/ _/ _` \ V V / | in the address. I am trying more and more |
\__\__,_|\_/\_/ |__ suggestions to foil spammers ___|
 
 
 

Strange problems with Barclays Bank web access.

Post by druc » Fri, 25 Jun 2004 05:50:18


You need to notify Castle and ROL about this.

---druck

--
The ARM Club Free Software - http://www.yqcomputer.com/
The 32bit Conversions Page - http://www.yqcomputer.com/
 
 
 

Strange problems with Barclays Bank web access.

Post by Justin Fle » Fri, 25 Jun 2004 05:57:10


If that is, indeed, the fault, then turning it off is pretty simple.

sysctl -w net.inet.tcp.rfc1644=0

Simple sniffing shows that this has disabled that option as it is meant
to.

--
Gerph
< http://www.yqcomputer.com/ ;
... All I want is to break my circle of regrets.
 
 
 

Strange problems with Barclays Bank web access.

Post by Dave Higto » Fri, 25 Jun 2004 06:25:20

In message < XXXX@XXXXX.COM >




*** y 'ell, Justin - how were we supposed to know that any such
command exists in RISC OS?

But it sure appears to work - I'm impressed, and I thank both James
and yourself for this solution.

Dave
 
 
 

Strange problems with Barclays Bank web access.

Post by Justin Fle » Fri, 25 Jun 2004 08:05:34

n Wed, 23 Jun 2004, Dave Higton wrote:


It's been documented in the TCP/IP releases since version 5 of the
Internet stack. See the documentation in the StubsG distribution (which is
merely an update to the original documentation you can find on the
acorn.riscos.com site).

As for how I knew that was there; well, you learn one or two things when
you've used RISC OS this long. Just one or two.


A (very quick) refresh read up on T/TCP doesn't show up any particular
reports of it being dangerous, but there are issues with security because
the connection can be set up without the full handshake with the
originating host (ie it's whole purpose). For clients, the operation
should (AFAICT) be transparent (except where routers, etc misinterpret it,
etc - or explicitly block it due to issue it may cause for those that
the router serves). For servers, T/TCP won't be used unless the TCP_NOPUSH
or MSG_EOF option/flags are used.

And I've just seen a typo in that library document. I'm sure I spell
checked it.

In any case, James spotted the distinct difference and did the research so
I defer all credit to him.

--
Gerph
<http://homepage.ntlworld.com/justin.fletcher/>
... Highest branch on the apple tree, was my favourite place to be.
 
 
 

Strange problems with Barclays Bank web access.

Post by New » Fri, 25 Jun 2004 08:19:33

In article < XXXX@XXXXX.COM >,




Amazing. ;-)

Thanks, Justin. I use Barclays regularly and it would have been a pain to
have to use the PC card for that too.

--
*I don't have a license to kill, but I do have a learner's permit.

Dave Plowman XXXX@XXXXX.COM London SW
To e-mail, change noise into sound.
 
 
 

Strange problems with Barclays Bank web access.

Post by Chris Evan » Fri, 25 Jun 2004 18:42:38

In article < XXXX@XXXXX.COM >,




Great, thanks Justin & James.

I've put it into an obey file in tasks

To supress the message returned by the command I've added a redirect

sysctl -w net.inet.tcp.rfc1644=0 { > NULL: }

n.b. the spaces appear important!

I could have saved a lot of wasted time if I'd asked last week!

I've emails barclays suggesting they read this newsgroup!
Bush web TV owners presumably will be haveing the same problem
but can't easi;y use an obeyfile work around!

Chris Evans

--
CJE Micro's / NCS / Fourth Dimension 'RISC OS Specialists'
Telephone: (01903) 523222 Fax: (01903) 523679
XXXX@XXXXX.COM http://www.yqcomputer.com/
78 Brighton Road, Worthing, West Sussex, BN11 2EN, UK.
 
 
 

Strange problems with Barclays Bank web access.

Post by The Docto » Fri, 25 Jun 2004 19:14:45

In message < XXXX@XXXXX.COM >


[mega snip]
Oh nonsense ;-)
Thankyou both very much indeed!
Cheers!
--
Graham
The Main Control Room - www.thedeathzone.free-online.co.uk
Deathzone Emulation - www.thedeathzone.free-online.co.uk/emulation
 
 
 

Strange problems with Barclays Bank web access.

Post by Michael M » Fri, 25 Jun 2004 19:42:28

In article < XXXX@XXXXX.COM >, The




Yes I would also like to Thank James, and Justin.

Mick.

--
|^^^^ Michael Martin ^^^^^ XXXX@XXXXX.COM ^^^|Using Kinetic RiscPC|
| * http://www.yqcomputer.com/ *| Email and News by |
| ^^^ http://www.yqcomputer.com/ ^^^| !Pluto |
|====== Risc OS immune to email Virus ======|===With RISC OS 4===|
 
 
 

Strange problems with Barclays Bank web access.

Post by druc » Sat, 26 Jun 2004 02:04:21


The best place to put that line is kin the internet user options file.

On RO4/RO5 use !Configure->Networking->TCP->User Options to edit the file.

On Select use !Configure->Networking->Routing->Routes file to bring up
the routes file, then adjust close it to reveal the user file in the
same directory.

---druck

--
The ARM Club Free Software - http://www.yqcomputer.com/
The 32bit Conversions Page - http://www.yqcomputer.com/
 
 
 

Strange problems with Barclays Bank web access.

Post by Stewart Br » Sat, 26 Jun 2004 02:45:40


Alternatively, you could just add a -e option:

sysctl -ew net.inet.tcp.rfc1644=0

In command with all the other IP utilities, Acorn added a -e option to make
errors get placed in Inet$Error instead of throwing them normally.


Yes, the spaces are important - the redirection capabilities are documented
in the PRMs. C programs support UNIX-style redirection of stdout and stderr
too.


--
Stewart Brodie