[ale] The 12 Q's of Chrismas (Cable-DSL Modem Shopping)

Jason Day jasonday at worldnet.att.net
Thu Dec 19 13:56:18 EST 2002 

On Thu, Dec 19, 2002 at 10:17:20AM -0500, fgz wrote:
> Good morning. Long post of lots of questions follows:
[...]

I've never used any of the so-called "Cable/DSL" switches, so I can't
authoritatively answere questions about which one is better, etc.  But I
have used a cable modem for a couple of years now, and might be able to
provide some insight...

> 2). VPNs come on some of these. Why should I care 
> about VPN on a home LAN? Is there is a chance remote 
> config of a SOHO LAN PC might get out on the internet?
> 
> 3). Seimens mentioned 'VPN pass-through', for example, 
> to my corporate VPN. What is that and why do I care
> since I run VPN client sw on my a local PC to get to
> the corp LAN from home now?

Your cable or DSL provider will give you one IP address.  In order to
use more than one computer to access the internet, you will either have
to use a proxy server or a NAT router.  In either case, your home LAN
will use IP addresses reserved for private use (usually 192.168.xxx.xxx
or 10.xxx.xxx.xxx).  The DSL switches act as a NAT router, which
you can think of as a magic box that transparently makes each computer
on your LAN seem like it has a "real" IP address, instead of a private
IP address.  This is easy to do for things like web browsing, but is
more difficult for things like VPN traffic.  The "VPN pass-through"
feature will let you use a VPN client on your LAN to connect to a VPN
server on the internet.

That was a vastly simplified explanation that leaves out a lot of
details, but I'm trying to be brief :)

> 
> 4). Do these distribute bandwidth fractionally to each 
> device on the modem, or is it on-demand bandwidth? i.e. 
> will the PC casually browsing the web get less overall 
> bandwidth than the PC downing a 10MB file?

I doubt the DSL switches are that sophisticated, but I could be wrong.

> 
> 5). Can you truly hang a hub, or maybe more properly, 
> a switch (and maybe even a wireless 11MB hub), from 
> one of the modem ports, and expect to get an IP 
> properly assigned to each PC off the hub/switch? Does 
> the bandwidth get horribly cut at the hub/switch by 
> doing this?

Many DSL switches have both a DHCP client and server built-in.  This
means that it uses the DHCP client to get an IP address from your ISP.
The DHCP server is used to hand out private IPs to each computer on your
LAN.

You cannot, however, just plug any hub or switch into the cable or DSL
modem and expect things to work.  The hub or switch must have NAT
routing capabilities, or you must have a router between the modem and
the hub/switch.

Of course, you could also most likely pay your ISP for multiple IP
addresses, in which case you don't need a NAT router, but those extra
IPs don't come cheap.

> 
> 6). Specific to Linksys: I saw four (4) 4-port models
> at $59-$99, some with firmware VPN, firewall, AV, etc. 
> What do I really need for a SOHO LAN, since all PCs
> have at least AV anyway? Allegedly the modem firewalls
> allow port monitoring and blocking etc, but I'm skeptical.
> Is it best practice to run a f/w PC in front of the cable 
> modem, then DHCP out to the cable modem itself?

This is a personal choice, that depends on how secure you want your home
LAN to be.  The switch will probably stop the most basic attacks, but
not a clever or determined attacker.

> 
> 7). If these things are firmware (nobody knew), can 
> they be flashed with an upgrade like a PC BIOS?

Yes.  At least most of the models I've seen can be.

> 
> 8). Which Linksys model(s) had the web-config utility 
> vulnerability? Can it/those be flashed?

That information should be available on their web site.  Or you could
search bugtraq on securityfocus.com
> 
> 9). What is UPnP? Sounds like a Windows thing.

Universal Plug n Pray^H^H^H^HPlay.  It's a protocol that devices like
digital cameras or camcorders can use to discover other devices on a
network.  That's about the extent of my knowledge on the subject.

> 
> 10). Some have PPPoE. Why, since dialup goes away? Or 
> is this for direct serial connection over the internet?

PPPoE is a protocol used by some ISPs (BellSouth) to establish a
connection.  If your ISP uses it, you need it.

> 
> 11). Modem rent is $5.00/month, yet $99 purchases one. 
> Payout is obvious, yet will purchasing yield a better 
> quality product and if so, should I get it before the 
> installer comes to avoid any MAC changing hassles later 
> and billing snafu's when the cable co says I haven't 
> returned their modem? Which brand?

Another personal choice.  If you decide to buy, search ebay first.

> 
> 12). Is there any chance that a purchased modem will 
> be incompatible with their line sig? If so, what do I 
> look for?

Yes.  What to look for depends on who your ISP is and whether you go
with cable or DSL.

Hope this helps,
Jason
-- 
Jason Day                                       jasonday at
http://jasonday.home.att.net                    worldnet dot att dot net
 
"Of course I'm paranoid, everyone is trying to kill me."
    -- Weyoun-6, Star Trek: Deep Space 9
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list