LeRoy Cressy on Wed, 23 Jul 2003 21:56:11 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Speakeasy Worldcom-to-Covad nightmare


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Comcast installer was a Linux user himself and told me that there are some loops that look for Linux and ban them. This was about 3 years ago, so if you connected a Windows box or a router to the Cable Router they both worked. But connecting a Linux box would not work and the installer told me that Comcast@home blocked Linux on some of their loops.

For instance the West Chester Loop had no problem with Linux while the Wilmington and Coatsville Loops would not allow a direct connection of a Linux Firewall.

Art Clemons wrote:
 >I tried connecting a Linux box as a firewall, but all traffic was
 >halted.  It seemed that when the saw a Linux system with a dhcp client
 >it would not assign an IP address.  So I bought a Belkin router and
 >connected her Linux box and her Windows box.

Actually, what probably went wrong was that the cable modem wasn't unplugged and recycled, the off button doesn't really turn it off. I have used several different Linux boxes as firewalls on Comcast and all worked. I've become paranoid and use a router as well as a 486 Linux box as a firewall though. As far as I can tell, Comcast's newer TOS do not ban routers and in fact in some locales, they even sell/rent one to customers. The cable modem incidentally only responds to one MAC address, that's why it has to be recycled when switching computers or NICs.

 >The Belkin router allows port forwarding so I can ssh into the Linux
 >Box

You might want to check for security holes in whatever version of ssh you're using, there always seem to be new holes opening up unexpectedly.

 >Comcast and Verizon do not allow any servers and they will not give you
 >a static IP

While Verizon makes it difficult with its DHCP to get a single IP address, Comcast is pretty lazy, for the most part if you use the same MAC address with a cable modem, you'll usually keep the same IP address unless Comcast upgrades things or changes its setup. There are also options like dyndns, or sending an email every hour with the present IP address.

_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug



- -- Rev. LeRoy D. Cressy mailto:leroy@lrcressy.com /\_/\
http://lrcressy.com ( o.o )
Phone: 215-535-4037 > ^ <


gpg fingerprint:  62DE 6CAB CEE1 B1B3 359A  81D8 3FEF E6DA 8501 AFEA

For info on enigmail:    http://enigmail.mozdev.org/download.html
For info on gpg:         http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQE/HzwzP+/m2oUBr+oRAqfGAJ9uBrbtPPgXKGl/7sUwjVzKFnVs/gCdH55+
ToIOx0AS1RT1M3xI2v/mSGA=
=UDDy
-----END PGP SIGNATURE-----

_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug