PDA

View Full Version : Cable modem question


chief52
02-21-2005, 08:24 AM
I have been renting a modem from Cox for $10/month which I know is crazy. I am looking to buy a new cable modem. Anyone have an idea as to what kind I should buy? Where to buy it? Cox does have a list of approved modems, but there are a bunch. I would like to get the best I can and am not that worried about the lowest price.

Thanks for any info.

Bob Dole
02-21-2005, 08:31 AM
Bob Dole bought a 3Com OfficeConnect model 4+ years ago and it has been bulletproof.

unlurking
02-21-2005, 08:38 AM
My only recommendation is to buy a "bridge" modem.

One that doesn't do the actual NATing itself. This way you can put whatever router/firewall device you want in place and change it out whenever you want.

I had a Motorola SBG1000 which I thought was really cool at the time (router/firewall/wireless/printer server/POTS networking/etc.) and I dropped it after a year because the firewall wasn't as customizable as I would have liked. I should have realized this since I was moving from a Checkpoint and Raptor combo, but I was just getting lazy.

chief52
02-21-2005, 08:41 AM
My only recommendation is to buy a "bridge" modem.

One that doesn't do the actual NATing itself. This way you can put whatever router/firewall device you want in place and change it out whenever you want.

I had a Motorola SBG1000 which I thought was really cool at the time (router/firewall/wireless/printer server/POTS networking/etc.) and I dropped it after a year because the firewall wasn't as customizable as I would have liked. I should have realized this since I was moving from a Checkpoint and Raptor combo, but I was just getting lazy.

I am very computer illiterate. I turn it on and do my thing. I would not be doing any customizing...altering...anything like that. Looking for a "plug it in and use it" type of modem. No idea what a "bridge" modem would be.

htismaqe
02-21-2005, 08:48 AM
If you want simple and easy, go with the Linksys WCG200.

It has a DOCSIS 2.0 cable modem built-in, and has a NAT router, firewall, 4-port switch, and wireless.

unlurking
02-21-2005, 09:05 AM
If you want simple and easy, go with the Linksys WCG200.

It has a DOCSIS 2.0 cable modem built-in, and has a NAT router, firewall, 4-port switch, and wireless.
I just moved away from a similar setup because most of those devices don't allow custom port/protocol rulesets, actual non-NAT'd public IPs on systems, and wireless repeating.

But, based on the "simple" thing, none of this may be relevant.

htismaqe
02-21-2005, 09:37 AM
I just moved away from a similar setup because most of those devices don't allow custom port/protocol rulesets, actual non-NAT'd public IPs on systems, and wireless repeating.

But, based on the "simple" thing, none of this may be relevant.

The WCG200 supports custom port and protocol rulesets, including static (1:1) NAT, hide-NAT (1-to-many NAT), PAT, and port triggering (listening on a port and translating that traffic to a different destination port).

The one thing it doesn't support is full routing (passing traffic to interior hosts that are not NAT'd) and I can't for the life of me figure out why the hell you'd want to do that, unless you're putting up a honeypot for people to hack.

unlurking
02-21-2005, 09:40 AM
The WCG200 supports custom port and protocol rulesets, including static (1:1) NAT, hide-NAT (1-to-many NAT), PAT, and port triggering (listening on a port and translating that traffic to a different destination port).

The one thing it doesn't support is full routing (passing traffic to interior hosts that are not NAT'd) and I can't for the life of me figure out why the hell you'd want to do that, unless you're putting up a honeypot for people to hack.

Or running security vulnerability detection tools.

NAT and PAT really screw up the results on those.

EDIT: I haven't tried the WCG200, but not supporting outside IP addresses means I need a bridge so I can use a hub AFTER the modem for a firewall and external device. Also, I've had trouble finding a device that supports multiple public IP addresses. On DSL I ran a ton of servers, ever since I moved to cable I've had to "jerry rig" external communications.

BigMeatballDave
02-21-2005, 09:44 AM
Renting a modem? I'm glad TimeWarner doesn't do that. It's bad enough they charge me $45/Mo. for RR...

badgirl
02-21-2005, 10:15 AM
Well I kept my cable modem from the cable co when I moved since price doesn't really matter I'll make you a good deal :p

chief52
02-21-2005, 10:21 AM
Well I kept my cable modem from the cable co when I moved since price doesn't really matter I'll make you a good deal :p

You're all heart...:)

badgirl
02-21-2005, 10:23 AM
You're all heart...:)
I'll ship it to ya for free, thats the best I can offer , if of course you dish out enough dough ROFL

Thig Lyfe
02-21-2005, 10:44 AM
Of course, the QKC 25.7 modemizer needs to be backwards compatible with the rz9800-link operator.

htismaqe
02-21-2005, 10:51 AM
Or running security vulnerability detection tools.

NAT and PAT really screw up the results on those.

EDIT: I haven't tried the WCG200, but not supporting outside IP addresses means I need a bridge so I can use a hub AFTER the modem for a firewall and external device. Also, I've had trouble finding a device that supports multiple public IP addresses. On DSL I ran a ton of servers, ever since I moved to cable I've had to "jerry rig" external communications.

Exactly. If you're doing some kind of security testing, it makes sense to have machines fully exposed to the Internet (ie. no NAT). The best solution for that is to get a broadband modem and plug it into a standard IP router.

unlurking
02-21-2005, 11:23 AM
Exactly. If you're doing some kind of security testing, it makes sense to have machines fully exposed to the Internet (ie. no NAT). The best solution for that is to get a broadband modem and plug it into a standard IP router.
Which is what I had to do, but I was surprised there were no "combo" type units that could provide that functionality.

Spent $500 at CompUSA recently during the Netgear blow out and bought a new bridging modem, cheapo router, firewall appliance, and 4 wireless APs that can function as repeaters plus a wireless bridging AP for my outside IP addresses and some new g cards. I like being able to work from my back deck with a view of the mountains.

Sometimes I just tend to forget that most people don't need that kind of functionality and can get away with a simple setup.

Kerberos
02-21-2005, 11:28 AM
Don't know about where you are at ... but they sell Motorola surfboard 5100 at Wal-Mart here in KS for $64 + tax

3year warranty from motorola and lifetime warranty from Wal-mart!

:)

Cliff

chief52
02-21-2005, 11:41 AM
Don't know about where you are at ... but they sell Motorola surfboard 5100 at Wal-Mart here in KS for $64 + tax

3year warranty from motorola and lifetime warranty from Wal-mart!

:)

Cliff

There are no Wal-Marts in my area, but I see the 5100 from best buy is $79 with free shipping. I think that is what I need. The rental is a Motorola.

Barret
02-21-2005, 12:35 PM
The Cable modems we have been recommending to our customers has been the Motorola Surfboard 5100 or 5120. The are built like tanks and seem to work with a variety of signal levels that arent always the best.

Also they tend to work with those people that are trying to run the IP phones over their cable modem network.

BigMeatballDave
02-21-2005, 12:39 PM
Also they tend to work with those people that are trying to run the IP phones over their cable modem network.I'm using a Toshiba modem from RR. I have no problems with my VOIP phone...

Barret
02-21-2005, 01:07 PM
What model is that Toshiba? We seem to have problems with the 2500 and 2600 versions running ip phone over them. Now it could be user error also.

XXXshogunXXX
02-21-2005, 02:16 PM
you dont have to worry about cable modems with NAT, I've never seen one. It's only those shitty DSL modems that are modem/routers. Id go with a Surfboard.

Pants
02-21-2005, 02:20 PM
I'm using a Toshiba modem from RR. I have no problems with my VOIP phone...

Those are free with the service, aren't they?

lardass
02-21-2005, 02:26 PM
Don't know about where you are at ... but they sell Motorola surfboard 5100 at Wal-Mart here in KS for $64 + tax

3year warranty from motorola and lifetime warranty from Wal-mart!

:)

Cliff

Surfboards are really good modems, I have owned two now and have had 0 problems. I think the current one I have is either a 5100 or a 5200 and it has performed flawlessly for quite a while now.

unlurking
02-21-2005, 02:36 PM
you dont have to worry about cable modems with NAT, I've never seen one. It's only those shitty DSL modems that are modem/routers. Id go with a Surfboard.
Any cable modem that has router/firewall built in uses NAT. There are actually a ton of these out there. I used a a Motorola SBG1000 (which yes, is a surfboard) for over a year.

XXXshogunXXX
02-21-2005, 02:41 PM
but which cable modems have NAT?...ive never seen one.

unlurking
02-21-2005, 02:56 PM
but which cable modems have NAT?...ive never seen one.
Any cable modem that is listed as a cable modem\router or advertises a firewall feature utilize NAT.

Motorola uses an SB designation for non-NAT devices, and SBG for multiple device support (NAT) units.

For non Motorola products, if it says router/gateway/firewall/etc on the box, it means it uses NAT. I was in BestBuy a few weeks ago and these were the types of cable modem that dominated the shelves.

Kerberos
02-21-2005, 05:24 PM
but which cable modems have NAT?...ive never seen one.

If ya want NAT then I "Personally" would rather have a Motorola Surfboard and a good Firewall/Router/Gateway like D-Link, Linksys or alike.

If it were "ME" and I was going to spend some money on HOME network security then I would use the Motorola SB 5100/5120 with a D-Link

http://www.dlink.com/products/?sec=0&pid=354

http://www.dlink.com/products/?sec=0&pid=141

this last one is my personal choice!

http://www.dlink.com/products/?sec=0&pid=66

You can't go wrong with a good Firewall and these all have NAT if that is you main goal !

Cliff

unlurking
02-21-2005, 05:37 PM
Personally I'd recommend the Zyxel product for a good cheap standards based security device.

http://www.zyxel.com/product/category1.php?indexcate1=1085450410&indexFlagvalue=1021873683

htismaqe
02-21-2005, 06:06 PM
Interesting recommendation of D-Link.

I've never bought anything from D-Link that wasn't absolute junk.

chief52
02-22-2005, 07:12 AM
I bought the Motorola Surfboard 5100 for $75 delivered to my door step. Thanks for the input. About time I quit giving cox an extra $10 a month.

XXXshogunXXX
02-22-2005, 09:18 AM
so cable modems do not have NAT, especially the motrola surfboard. To test it, hook a switch to the surfboard. if it doesnt connect 2 computers at the same time, then it doesnt have NAT. You can call your ISP to provide you two IP address (more money) Their NAT server will go through the modem and connect more than 1 device to the internet.

routers have NAT, cable modems do not. Most DSL modems are modem/routers, = NAT.

Lzen
02-22-2005, 10:16 AM
The one thing it doesn't support is full routing (passing traffic to interior hosts that are not NAT'd) and I can't for the life of me figure out why the hell you'd want to do that, unless you're putting up a honeypot for people to hack.

Are you talking about something like a DMZ? Because it's funny you mention that. I use my router's DMZ for my Playstation 2. And really, who would want to try and hack a PS2?

And speaking of D-Link. I used to have a D-Link DI-604 router. It had a DMZ but that damn thing would not function like a true DMZ. I could not host games on certain games like Call Of Duty:Finest Hour or Madden or even hook up to the host of a game at least half the time. I called their tech support and the dude I got had a middle eastern accent. Their support is probably located in India or Pakistan. :cuss: And the tech didn't even know what a DMZ is. :shake:

htismaqe
02-22-2005, 11:45 AM
Are you talking about something like a DMZ? Because it's funny you mention that. I use my router's DMZ for my Playstation 2. And really, who would want to try and hack a PS2?

And speaking of D-Link. I used to have a D-Link DI-604 router. It had a DMZ but that damn thing would not function like a true DMZ. I could not host games on certain games like Call Of Duty:Finest Hour or Madden or even hook up to the host of a game at least half the time. I called their tech support and the dude I got had a middle eastern accent. Their support is probably located in India or Pakistan. :cuss: And the tech didn't even know what a DMZ is. :shake:

No, a DMZ is a sandbox that sits between the trusted network (your LAN) and the untrusted network (the Internet). It's generally used for hosts or services that need to be exposed to the outside world, but in a way that is slightly more secure (traffic still passes through a firewall).

DMZ's generally use NAT.

What he's talking about is exposing machines fully to the Internet, ie. plugging your DSL modem right into your PC with no personal firewall or anything running.

htismaqe
02-22-2005, 11:48 AM
FYI for this thread:

A "modem" is a modulator/demodulator in strictest terms. It takes in a signal (analog POTS, DSL, cable) and demodulates it into another signal (USB, ethernet, etc.).

A modem is not a router or a firewall. It's really just an electrical device.

That's why Motorola designates their router SurfBoards with the "SBG" designation. "G" stands for gateway. A gateway is a device that connects two separate physical networks, using the same protocol, together. In other words, it's a router.

Lzen
02-22-2005, 12:21 PM
Since we're on the subject and I'm just curious about something. What do you guys think of a Speedstream DSL modem?

htismaqe
02-22-2005, 12:42 PM
Since we're on the subject and I'm just curious about something. What do you guys think of a Speedstream DSL modem?

Never used one.

But keeping in mind what I just posted, it doesn't really matter what kind of modem you get as long as it's JUST a modem...

I used an Actiontec Home DSL modem for the longest time - paid $6 for it. It worked just fine connected via USB to a server running Checkpoint FW-1...

Lzen
02-22-2005, 02:53 PM
Never used one.

But keeping in mind what I just posted, it doesn't really matter what kind of modem you get as long as it's JUST a modem...

I used an Actiontec Home DSL modem for the longest time - paid $6 for it. It worked just fine connected via USB to a server running Checkpoint FW-1...

Yeah, I thought about that after I posted. I was just curious anyways. I have a Speedstream but, I didn't pay for it. SBC supplied it.

XXXshogunXXX
02-22-2005, 08:00 PM
DMZ, de militarized zone.

Exposes one computer to the internet, free of firewalls, etc.

htismaqe
02-22-2005, 08:06 PM
DMZ, de militarized zone.

Exposes one computer to the internet, free of firewalls, etc.

It's not just one computer necessarily. And it's not completely free of firewalls, it's just more open than the internal LAN.

XXXshogunXXX
02-22-2005, 08:30 PM
with a Dlink router, its only 1 computer, by it's LAN IP. And it is free of the router's firewall.

htismaqe
02-23-2005, 08:03 AM
with a Dlink router, its only 1 computer, by it's LAN IP. And it is free of the router's firewall.

Then it's not a true DMZ - it's doing NAT passthrough for all services.

A true DMZ is just that - a demilitarized zone. It's neither fully trusted nor full untrusted. It's afforded protection by the firewall ruleset but services are allowed through to it's hosts.

Enterprises that host their own web or mail services almost always have those servers exposed to the internet in a "DMZ". Those services are allowed through to those hosts but they're also inspected by the firewall.

For example, you may have a firewall ruleset for a web service that has 2 services associated with it - a front end web interface that customers connect to, and a back end data service that retrieves info from a SQL database.

That ruleset would contain a rule that allows, from the internet, HTTP (port 80) through to the web server and nothing else. A second rule would allow SQL (port 1453 I believe) through from the web server to the SQL server. Then a third rule would explicitly deny ALL TRAFFIC, from anywhere to the LAN.

That is the definition of a DMZ.