DISCLAIMER:
I can't speak for all cable modem companies as I only work for one. Second,
our AUP is subject to interpretation by each engineer who may detect what
you're doing.
We don't do any filtering except for the standard stuff that is system
independant (braodcasts, reserved addresses, our IP's coming into our
network, etc). Traffic that you may consider undesirable, may be important
to someone else. We don't really babysit the network, but do watch our
equipment. However, if we get complaints about abuse (scanning, DoS,
bandwith, etc), we may check out waht's going on.
Cable service providers who provide video, data, and/or voice, fall under
much tighter restraints than regular ISP's due to the Cable Service Privacy
Act (or something like that). I'm sorry that I can't remember the exact
name or provide a URL, but my brain is much right now. I'll look it up next
week after SANS and post it if someone is interested and reminds me. There
are serious restrictions on what sort of monitoring and data collection that
we can do. Supposedly (i.e. fairly reliable hearsay), it even requires that
law enforcement notifies you that they are watching you before they start
tapping your connection. So how they (we) collect information on who's
doing what is tricky.
In most cases (my guess, 99%), we will not cancel you for running any web
services from your account even though it's against our AUP. Now, if you
draw our attention because of bandwith related to those services, your
service will be turned off. IMHO, there are a lot of people who download
all kinds of junk and use a lot more bandwith than someone's personal
website. Now, if you're doing both (downloading lots o' stuff and running
high bandwith web services), you're likely to show up on bandwith report on
a regular basis and we will investigate the source. Other than that, there
really isn't a lot we can do. I'm going to actually read the act, law or
whatever soon to really be sure of what we can and can't do. I was talking
to someone at USENIX today and they said that someone is trying to get this
law removed and or amended (maybe to make room for monitoring), but I can't
verify this. Like I said, what I have not personally read it, but I hope to
soon. If anyone else has info about this, please share.
Mike
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Tuesday, August 15, 2000 12:21 PM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: Cable Modem security
>
>
> We have one employee that uses a cable modem in California, and
> the provider states in their website that they are firewalled,
> etc... and yet, there are at least 5 attempts to breach the
> system daily.
>
> It is the responsibility of the provider to carry the IP packets
> and not bother with what the contents actually are. you have a
> right to have a secure connection and they (the provider) should
> provide that for you, after all, you are paying for it, aren't you?
>
> Sounds like the cable provider is getting ready to install a
> "Carnivore" based system and don't want any secure ip packets
> travelling across their network. <G>
>
> just my .02 cents worth.
>
> TJ
> ProTech Group, BWI
>
> I've seen alot of talk about cable modem security (or lack of) and I've
> got
> an interesting twist to the story. I'm curious if anyone else has run
> across this.
>
> I have cable modem service at home. I have a firewall set up and
> occasionally I connect through a VPN tunnel to a local office or to the
> corporate office to transfer files or to download email. Well....my
> cable
> modem provider just changed the subscriber agreement. Basically it says
> that if I use a VPN or a VPN tunneling protocol on their network my
> service
> will be terminated! I can't believe that I'm going to have to change
> providers because I'm protecting my data!
>
> Has anyone else run into this?
>
> Val
>
> Get a lifetime email address!
> http://www.privacy.nu/
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
