General discussion

Locked

Cable Modem

By Chadburgard ·
I have heard a rumor that other subscribers might actually be able to peek into my computer when using a cable modem. Is this true or a myth, and if it is true dose anyone know where to find information about this subject? Thanks

This conversation is currently closed to new comments.

24 total posts (Page 2 of 3)   Prev   01 | 02 | 03   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by mrafrohead In reply to Hey Tom

J - keep the nick. Don't change it

Collapse -

If nothing else

by LordInfidel In reply to Listen to TheChas and Tim ...

And I bring this up because Tom mentioned it.

Is if you are using DSL/Cable. Go out and buy yourself a external DSL router. I'm not talking about the modem.

The reason is, if you have absolutely NO idea how to install or set-up even a basic firewall to route your traffic thru. By using a external device to make the connection, that device now takes on the public IP.

It will then hand out a pvt address to your machine. This is one of the "good" points about NAT. It has built in natural protection.

If your machine has a public address assigned to it, it then becomes visible to anyone on the net.

If your machine has a pvt address and then connects to a dsl router, which in turn connects to your dsl/cable modem. You at least have some sort of natural protection.

I'm not advocating NO firewall, (most of you know me better then that). I'm just saying at the bare min., this is what you want to do.

Collapse -

At home

by LordInfidel In reply to Listen to TheChas and Tim ...

And I don't care who know's, your not getting in even if you tried.

I reverted back to my cisco1600 as my router w/acl's. And my handy dandy trusty "new" linux firewall. (IPtables on RH8, 2.4.18-27.7 kernel)

I say new, because I used to run FreeBSD and then tried out BBIAgent (fwl on a floppy), then just switched to RH8 when it came out.

And I know tricks to bypass simple packet-filtering firewalls.

Although last week when I was doing "penetration" testing and connected directly to the hostile nasty net from my machine. I accidently left it connected for a couple of hours. By time I get back, I had a plethera of root kits and trojans.

I got some new stuff out of it though, before I killed the connection and cleaned my machine. Script-Kiddies are stupid.

Collapse -

It's all infonography anyway...

by admin In reply to Stream Capture

and most peoples boxes are boring but a trend I have noticed on cable is that if someone seeks access to different "branches" beyond theirs one of your 200 or so cable "neighbors" may have been so kind as to attach an open wap to your branch.

~

Collapse -

Firewall suggestions

by ferosspublic In reply to Cable Modem

If you have a spare junk computer you can try one of the many *nix firewall distributions. I would suggest smoothwall.org for beginners but it does not do masquerading or NAT just proxy. I'm currently working on getting an OpenBSD firewall done.

If you don't like *nix or don't care to learn, try 602 LAN Suite. You can do firewall and proxy. Great free program too. 602software.com.

If you don't have a spare computer, try outpost firewall. It works great while I get the OBSD up. http://www.agnitum.com/download/outpostfree.html

Just to be on the safe side, also turn off file and printer sharing. If you are not doing any windows networking, take it out of the network properites of the connection. You don't need it. All you need is TCP/IP. If you have Windows Networking on, computers that have cable in the same node that you are on will be able to connect to your computer if they get it's name.


Have Fun, hope this helps

Collapse -

Something better then smoothwall

by LordInfidel In reply to Firewall suggestions

Even though I am a advocate of writing firewalls by hand. I really love my checkpoint style interface.

So one day as I was surfing the net, I found this site called fwbuilder.org

yes you need the gui to run it, (at least it is a linux based program).

You can create your ruleset, as custom as you want and with as many rules as you want. It will also do nat with pre/post routing.
Basically anything that the firewall you are trying to build supports.

Then, here is the beautiful part, you choose your platform/kernel (2.2 2.4) and what flavor of firewall (ipchains, iptables)

Compile it, mark it for execution, move it to init.d, create a sym link in rc3 (just like you would a normal fireawall script) and execute it.

I always change the start up of it to right after iptables loads up. On redhat it is usually S08 so I make it S09.

But You can save your rulesets as an xml file, so you can pull it back up and work on it later. And if you support multiple firewalls, each one can be it's own xml file.

Oh yeah, it's free.

Collapse -

Silly Question?

by vegatecgroup In reply to Cable Modem

Is this site really for the IT professional. I see so many really common questions that any IT professional should know the answers. It is very common knowledge that a cable/DSL connection to the internet allows for illicit activity to be performed on the computer it is attached to. It is basically a dedicated line to the internet, like a T1, T2, T3, Frame Relay, ISDN etc. connection. There are numerous security and firewall products on the market. An IT professional should already know this.

Collapse -

pay attention

by ghstinshll In reply to Silly Question?

Notice that only the experienced people are the ones tho really offer the advice though. We're playing mentor while the Jr. level people suck our minds.

Collapse -

Another answer

by areets In reply to Cable Modem

Cable modems with DOCSIS 1.1 specification had vulnerabilities which was removed in version 2.0. If your cable internet access provider is of quality, then you are completely safe from attacks unless you run client-server applications that are permitable and hackers find a backdoor via that application service. So if that is the case use a firewall. DSL home users should always use a firewall since the PC initiates the connection link. If you have a router, maybe filtering might do the job, otherwise, rule of thumb, once you are on the internet protect your self.

regards

Collapse -

Any Suggestions?

by rsanchezp In reply to Another answer

I have a SMC Barricade 7004ABR router. I went to https://grc.com/x/ne.dll?bh0bkyd2 and probed my port and found my 113 port open which I use for IMAP, SMTP, POP3 and IRC. Would anyone happen to know how to let my 113 port to connect to certain servers? I've tried looking all over the net for information but nothing. Any suggestion would be great.

Back to Security Forum
24 total posts (Page 2 of 3)   Prev   01 | 02 | 03   Next

Related Discussions

Related Forums