Hello All, A friend is using 3web as an ISP, which, in his case, is a reseller of Rogers Cable. (http://www.get3web.com/splash.jsp) He was recently cut-off as Rogers (not 3web) claims that he is downloading excessively, either because of his own activities, because of a virus, or because someone is free-riding on his wireless network. I do not think this is possible since: He is using Kubuntu Dapper Drake and is pretty much up-to-date on his updates; He is not running any servers; He is not doing any p2p (he does little more than light surfing and email); Using a LiveCD (the latest Helix) and chrootkit reports no sign of a rootkit; and His wireless network is using WPA/TPIK with a 128 random character pass-phrase. I've checked the logs on the router; unfortunately they were wiped when he recently powered cycled. I think the problem is on the Roger's side. Can anyone out there either offer more advice about what might be wrong that I should investigate for him, or suggest what ammunition he might use in arguing with 3web/Rogers? For example, I vaguely recall that cable networks were susceptible to session hijacking through arp poisoning or packet sniffing, but I don't recall the details and I haven't been able to come up with a good search query for google that filters out all the noise. Reports of similar problems with Rogers would be most useful. I set him up as he is a complete computer neophyte. I'd love to switch him away from 3web/Rogers, but DSL seems to be out for him (too far from the CO). Many thanks in advance. Michael (A very, very, very happy Magma client. Did I say I was happy with Magma? I am. Very.)