Unfortunately, if your cable company doesn't support encryption, and if this
is your only location, you're basically SOL. If this is a branch or remote
office, though, you can setup a VPN to your corporate network and access the
Internet that way. That's one thing we're considering with our end users
who are interested in cable modems and DSL: setting things up up so that
they can only access the Internet via the VPN. There are disadvantages to
this approach, too (bandwidth, multiple points of failure, possibly
end-users screwing with the system).
We're thinking of doing this by default for everyone; it's too hard to keep
track of which companies are doing what for which service areas. Plus, it's
a good idea to prevent all incoming traffic from reaching any of the
end-users' machines.
Jen
----- Original Message -----
From: Laris Benkis <[EMAIL PROTECTED]>
To: 'Daemeon Reiydelle' <[EMAIL PROTECTED]>; Phillips, Steven W (Steve),
GOVMK <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; Gary Maltzen <[EMAIL PROTECTED]>
Sent: Monday, July 12, 1999 11:34 AM
Subject: RE: Surprise, Surprise...
> ALL is a little too broad a categorization.
>
> Terayon cable modems - used by a number of @Home partners, build a PVC to
the gateway (headend) so no traffic is broadcast to neighbouring modems on a
segment.
>
> DOCSIS modems with baseline privacy enabled encrypt traffic between the
modem and CMTS (headend).
>
> Laris
>
>
> -----Original Message-----
> From: Daemeon Reiydelle [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, July 12, 1999 1:30 PM
> To: Phillips, Steven W (Steve), GOVMK
> Cc: [EMAIL PROTECTED]; Gary Maltzen
> Subject: Re: Surprise, Surprise...
>
> This problem is endemic and inherent to ALL cable companies because each
> segment (more or less a few block radius) is a common subnet. Some of
> the providers (@work but not for the @home service) provide VPN as an
> (extra cost of course) option. Those of you who support home offices et
> al need to be very carefull that your at-home workstations don't dial-up
> to your office while having a cable modem connection as well: I have
> reproduced bridging going on in some configurations of Win95 (I don't
> use 98, NT seems immune unless forwarding is enabled). We know that this
> is't supposed to happen but ...
>
> I guess the "easy to config/easy to reboot" Micro$oft platforms have
> some downside from that ease of use ... before we smirk too much,
> remember that Samba on UNIX has the same problems. Appletalk would have
> a similar problem but its use has been marginalized by TCP ubiquity and
> Micro$oft market shares (pun intended).
>
>
>
> "Phillips, Steven W (Steve), GOVMK" wrote:
>
> > Actually this is not much of a surprise. It's a side effect of the way
some
> > cable companies are implementing their Internet access offerings that is
> > just not highlighted. Sort of a "dirty little secret". Most cable
Internet
> > access is just one big LAN and anyone who can put their computer in
> > promiscuous mode or, at the very least, use Network Neighborhood can
find
> > out lots of interesting stuff. I've wanted to do the same thing for
some
> > time now, but my ethics keep getting in the way.
> >
> > > ----------
> > > From: Gary Maltzen[SMTP:[EMAIL PROTECTED]]
> > > Sent: Saturday, July 10, 1999 6:18 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Surprise, Surprise...
> > >
> > > Saturday Minneapolis Star-Trib has a front page article on how a local
> > > resident hooked his computer up to his cable provider and was able to
> > > browse 30-odd home AND BUSINESS machines before he raised a red flag.
> > > (Much to his dismay, he apparently discovered that one of his
neighbors is
> > > a "porn king")
> > >
> > > http://www.startribune.com/stOnLine/cgi-bin/article?thisSlug=cabl10
> > >
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> > >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
> --
> Daemeon Reiydelle
> Systems Engineer, Anthropomorphics Inc.
> [EMAIL PROTECTED]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
