Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Comcast Cable Setup Security Issue - Follow-up

From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Tue, 27 Jul 2004 14:53:42 -0500
<snip />


And on that note:
It seems that the DSL service in my area is less strict than the cable
providers in my area.


Could be - there's no standards.  Market place rules!


Is is a competition thing?


To the extent that they actually see each other as competitors, probably.


I have avoided using cable for security reasons. Is it correct that DSL
is PPP and with cable you are sharing the bandwidth with all your
neighbors?


The belief that you are some how sharing on Cable and not on DSL is largely
a myth.

YES, with cable, it's a shared medium from the modem to the CMTS (think of
that as the 1st router).  But while once upon a time, you might have seen
your neighbors traffic on a Cable system, with DOCSIS and modern systems
that doesn't happen - all you see is the broadcast traffic (ARPs, BOOTP).

YES, with DSL, you have your own (slower) pipe from the modem to the CO.

But once it gets to the CO/CMTS, both types of broadband delivery systems
are shared pipes.  The reality of the DSL environment is that it can be much
worse (less bandwidth).

Why?

Because from the CMTS to the Cable office to the POP (Point-of-presence),
traffic is back-hauled on a shared pipe.

Similarly, from the DSLAM at the CO to the POP, the traffic is also
back-hauled on a shared pipe.

The problem arises because many of those pipes are often just T1s leased
from the ILEC!!!  Yup, shared T1s.  Just because you lease the DSL equipment
to the subscriber via a co-location agreement doesn't mean you lease the
back-haul.  (i.e. not every DSL provider has fat pipes at each of the COs
they interconnect at)


-----Burton






Just curious.
Jeem



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: