[geeks] FBI vs. bandwidth thieves

Greg A. Woods woods at weird.com
Thu Jun 27 17:18:09 CDT 2002 

[ On Thursday, June 27, 2002 at 17:31:36 (-0400), Dave McGuire wrote: ]
> Subject: Re: [geeks] FBI vs. bandwidth thieves
>
> On June 27, Kurt Huhn wrote:
> > The users managed to alter their cable *bridges* (It's not a friggen modem
> > people!) to get more bandwidth.
> 
>   I'm sorry but I have to disagree.  Technically they ARE modems.  The
> MOulate and DEModulate carrier signals that are sent along an analog
> medium.  Certainly a modem by any accepted definition.

Indeed they certainly are!  :-)

And they're not all "bridges" either.  Some of them, for example the
proprietary Terayon variants, are more like ATM edge devices than
bridges...  :-)

The original reason they call them "broadband" devices is exactly
because they do use a carrier in a broadband medium.  (DSL isn't really
"broadband" as far as I know, for instance, either.)

BTW, bandwidth uncapping on DOCSIS (non-proprietary, bridges from an
Ethernet perspective) cable modems is only possible if the operator has
failed to follow standard operating procedure and lock them down with
proper filters.  The CPE device(s) should never be able to see anything
on the inside of the modem, and nor should they ever be able to see the
RF interface on any other customer's modem.  Indeed the RF interfaces on
the network should be assigned private addresses and be managed on a
firewalled network so that user's can't even TFTP the boot config, let
alone address packets to any modem.

Of course when the company I consult to asked their Terayon support
rep. how to implement such filters in their DOCSIS models the guy just
got a blank look on his face and asked why anyone would ever want to do
such a thing.  They apparently hadn't even tried uncapping their own
modems in their own lab!  Mind you because they were indeed standards
compliant they seem to have implemented all the necessary filtering
features even if they hadn't tested them properly and so far as I know
they can actually be locked down properly.

You have to be pretty careful configuring almost all of the proprietary
bridge-like modems, such as the LANcity models.  It's pretty easy to
block CPE devices from hitting the modem's SNMP agent, but if you're not
really careful you won't block one customer from hitting another's SNMP
agent, so co-operating customers can adjust each other's parameters.

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods at acm.org>;  <g.a.woods at ieee.org>;  <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; VE3TCP; Secrets of the Weird <woods at weird.com>

More information about the geeks mailing list