Re: [pcgen] OT Phone line quality (was Re: file d/l size)
- On Fri, May 30, 2003 at 03:54:12PM -0400, Tommy Williams wrote:
> Another thing to try also (having worked for a rural ISP) is to run aNetwork topology.
> line temporarily from the computer to the NID (the little gray test
> box on the side of the house). It's there for customer testing and you
> are supposed to have entry access to the standard phone jack in it.
> This will bypass all your house wiring, which on occasion will cause a
> dial-up connection to behave like yours does. Friend of mine had a
> similar problem in his modular home, and when they made the
> connections after assembling the house, they screwed em up.
> And about cable, what privacy issues? If you get any other form of
> broadband, you're most likely going to have the same issues and will
> still need to run a firewall.
DSL setups are generally direct from the consumer to the switching
station; the only people who can monitor your traffic are with your
provider (or can tap the line in another fashion).
Cable, OTOH, runs through the entire neighborhood; everyone who shares
the loop can potentionally sniff your traffic. That's also part of the
reason cable performance degrades over time -- if you're one of the
first in the neighborhood, you get a big whack of the bandwidth. As
time goes on and more subscribers join, the bandwidth is chopped into
smaller pieces and there is more overhead involved (including higher
A B C station --- A --- B --- C
\ | / | |
\ | / | |
\ | / H --- G -- F -- E -- D
D ----- station ----- E
/ | \
/ | \
/ | \
F G H
Simplified diagrams, DSL and cable, respectively
Analogy: with cable, you have a big box of postcards going from house to
house around your neighborhood. At each house, if someone's home he
gets to look through the postcards for the ones that belong to him, then
they get passed along (if nobody's home -- the machine's off -- the box
skips that house). That person also has the option of looking at the
other postcards, if he knows what he's doing. With DSL, there's a dude
on a motorcycle hauling ass between your house and the switching
station. The only way to get the data is to either break into the
systems at either end or mugging the motorcyle rider.
A firewall will help secure the system at your end, but it does not
protect the data being transferred. Encryption can help, but is less
effective over cable because it is still possible (and relatively easy)
to sniff the packets and reconstruct the data. It almost always gets
easier to crack encryption as the sample set grows.
Basically, a firewall helps keep traffic you don't want, out (and
traffic you do want, in -- when I put up my firewall my internal
throughput when *way* up because it didn't have to bounce off my
provider's router... which also improved my external bandwidth because
there was less contention for the external line) but doesn't protect the
data being transferred. If the firewall is also a NAT, it can MASQ the
IP and identities of the machine protects, helping security (somewhat)
that way as well.
PCGen: <reaper/>, smartass
"You just can't argue with a moron. It's like handling Nuclear
waste. It's not good, it's not evil, but for Christ's sake, don't
get any on you!!" -- Chuck, PCGen mailing list
> Biggest file is only a little under 3 MB, it must be REAL twitchyIt can be. I've seen it drop me every 5 minutes for an hour's worth
> if you can't get that, it should only take around 15 minutes at
of attempt...real pain in the...ahem...not mentionable in polite
company (or else I fear the wrath of Kar).
Paul W. King
OGL/PL SB and BoD
Use Getright, that's what I do :)
> > And about cable, what privacy issues? If you get any other form ofYes and no. Most cable modem providers are configured to only accept
> > broadband, you're most likely going to have the same issues and will
> > still need to run a firewall.
> Network topology.
> Cable, OTOH, runs through the entire neighborhood; everyone who shares
> the loop can potentionally sniff your traffic.
input from a registered device. You can buy your own hardware but
have to call the carrier to get them to accept it. Mine didn't use to
be like that but they changed. (Course they could've changed back by
now, it's been a while since I've read the T&Cs or talked to the
techs). That means that while you could, in theory, sniff on the
network with an unregistered device you won't be able to do anything
while you are. Essentially it's a distributed switch, albeit one that
relies on end-user firmware. A good system would log the rogue device
and all the active devices on that loop to help find mr. sniffer.
Other carriers are more strict and pre-configure all the hardware.
Not that this means the system's secure, there was some major screw up
a few months back when a cable provider didn't reset the remote admin
password from factory default and every user's cable modem could be
hacked by anyone who'd read the manual, but it means someone's
Having worked at ISPs, I really don't worry about packet sniffing.
There's too much data out there to worry about getting noticed. If I
do something I don't want someone to know about I either don't do it
or use an encrypted connection to a remote machine. Someone can break
my SSH tunnel, but they're gonna have to want to. Of course sometimes
I'll encrypt connections to this board just to throw them off.
Usually right before I change all the keys again using sneakernet.
Which reminds me, time to re-key the WLAN.
- --- In email@example.com, "Paul W. King" <kingpaul@e...> wrote:
> 3) Don't want cable for privacy issues. Now, if I can convince myIf you're having problems with your phone line on dial-up, you will
> wife to get ADSL, that'd be great; dedicated line and high speed
> Paul W. King
> OGL/PL SB and BoD
probably still have touchy performance on DSL. Doubly so since most
DSL providers are going to pppoe. Have you thought about Sattelite
internet? It's got much worse ping times than even dial up, but if
you use it for surfing/downloading, it would be just fine. I'm not
exactly sure how they do it, but supposedly it's just as safe as
ordinary DSL (of course, cable is quite safe nowadays too, but if you
are concerned about it, then that's your choice).