I'm about to have a Telewest/Blueyonder cable modem installed.

I know the connection to the back of the PC is an RJ45 connector, but how do I distribute this connection to other PC's int he house?

I've seen routers that you plug the connection to, and can then distribute out the connection.

As Telewest require a MAC address for the connection, I assume I'd use the one from the router.

Can anyone recommend a DSL/Broadband router? What other configuration needs to be done (either to the PC's or the router)?

Thanks in advance
Andy

 

Andy,

 

Andy,

Have you been recommended BlueYonder by a friend? If so you get the installation done for £25 instead of £50.

I'm getting mine fitted up on the 18th, give me a shout if you want me to recommend you
and I'll get a free months rental aswell

Cya

John

 

I'm on TW in Bristol, I've got the LinkSys BEFSR41 4-way Cable/DSL Router, it's really good. (They're sold in PC World and the like)

It allows up to four PCs to share the Cable modem connection, you give the MAC address of the router to TW instead of the one for your PC.

It also doubles as a firewall and is safer than ZoneAlarm etc.

TW don't give you any support for it though , so if you have any connection problems, you're on your own.

With the latest firmware (downloadable from their site), you can now even use NetMeeting through it (only reason why I used to unplug it and go back to ZoneAlarm)

HTH,

Alex

 

Thanks Neil, that answered a lot of questions!

Only thing now is which one to buy?

 

John,

Already ordered - Doh!

Alex,

How much is the LinkSys box?

Cheers
Andy

 

Andy,

I bought a RT311 cable modem router (£100), with a separate dual sensing eight port hub. Another alternative is the RT314 router (£130) with built in four port hub.

Register the Nic Mac address (WAN MAC) with Blueyonder, reset CM and away you go. I don't trust the internal firewall and use zonealarm as well.

Laptops and mates machines can then go on-line and share the connection very easily. The same configuration can be viewed in the Portcullis Hotel, Chipping Sodbury.

If you need any help setting the router up e-mail me and will sort it out.

Hope this helps.

Cheers Phill C

[This message has been edited by babber (edited 08 August 2001).]

 

Or you could use Windows 2000 - it's got internet sharing software.
The Bay Networks 8-port router + switch would be my choice of hardware tho.

 

Cracking (and very verstaile) internet sharing that I use with my cable modem...

wwww.wingate.com

 

BigGT3Fan,

Telewest lease an IP for twenty four hours to your equipment, but that's not to say you get a different IP address every twenty four hours. When the Router requests a new one, it's given the same IP your PC been using yesterday. Even if you switched the CM off for a few hours you'll probably get the same IP when the equipment is rebooted.

I've had my IP address now for a few months. Last time it changed was when the UBRs (Universal Broadband Router) were reconfigured. Hope this helps.

Cheers Phill C

 

Andy

As I'm sure you're aware - make sure whatever you do is secure

Always on internet connections are gold-dust to some

Regards
Richard

 

Andy - The linksys box was circa £100 but I'm not sure of the exact price anymore . It is very good, but the NetGear and others all do a comparable job...

as babber says, you just register the MAC address with TW/blueyonder and it all works swimmingly.

babber - The router uses NAT (Network Address Translation) to map the external internet IP address onto the internal network IPs and is much more secure than ZA.

IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble. All professional organisations, companies etc protect their networks with h/w firewalls, not software products.

As dowser says tho' you need to be ultra careful when using a permanently connected setup as you're asking for it.

The best bet for any firewall config is to set it up, and then go to the ShieldsUp! web site and use that to attempt to attack your installation.

e.g. ShieldsUp! against my machine connected directly with ZA running shows a number of failed attacks (i.e. ZA is working, but someone might find a way in that it isn't aware of). Lots of scummy people out there doing nothing but port scanning - too much time on their hands

If I do the same thing with the firewall in place, my machine isn't even seen on the internet by ShieldsUp! and therefore completely safe from the scanner scum

HTH,


Alex


[This message has been edited by BigGT3Fan (edited 09 August 2001).]

 

The easiest way is to buy one of those boxes that the posts above have talked about above.

However, if you're looking for something on the cheap and you have the kit then an old PC will do. All you need is two network cards (or one if its USB ADSL) and some routing software. I use NAT32 (www.nat32.com).

I use an old Pentium in the living room networked up to the other PCs in the house. Also means we can play MP3s in the living room across the network from my house mates 20+GB collection up staires (ahem!).

James

 

Hi Alex

What's your external IP?

Just make it secure enough to make the buggers look elsewhere - in 99% of cases making sure a port scan returns nothing and that there's no trojans installed is good enough.

NAT is OK...as long as it's outbound only (ie; the NAT address is not bound to anything internal for incoming requests). But it's possible to intefere with a session you intitiated. Or install a trojan so that your PC initiates the request, alerts me, and allows me to take over the session...

It's like car security, if someone wants to breach your security bad enough, they will. In general, even if your PC is running a trojan, they're not *particularly* (that's not to say they wont look for anything ) interested in your data - just the anonymity your IP gives them to attack somewhere else.

Richard

 

dowser,

Telewest change it every day (DHCP lease) so no point in telling you, really

You're right I guess that people will get in if they try hard enough, though I've had my machine permanently connected to the net for a good few months with no issues so far <crosses fingers>

Yeah the port scan returns nothing - I would re-iterate that ShieldsUp! is great for reassuring you of that


Alex

 

As said before - If you have the spare kit it can be done for nothing.

Personally use an old Cyrix 586 (Half 486Dx4 - half pentium thing) with linux to firewall my home network. The linux box has an ISDN card rather than 2nd Ethernet because Cable broadband hasn't found its way here yet. Also means I can SSH to home from work and manage my home boxes instead of doing anything useful

Deano

 

I have loads old spare kit, but:-

a) Don't know linux

b) Did want to leave a machine running all the time

c) BY don't support Linux

If you understand Linux then go for that. If you don't understand it then read the blueyonder.discussion.hi-speed news group. There are plenty of people on there that might be able to help you.

Cheers Phill C

 

Is this any good to you? I have it with my ADSL connection and it works great, all for about £35

 

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by BigGT3Fan:
<B>IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble. All professional organisations, companies etc protect their networks with h/w firewalls, not software products.
[/quote]

Hang on a minute, a 'hardware firewall' is just some software running on a dedicated machine. ISTR Nokia firewall is just Checkpoint FW-1 running on a custom OS (I think it might be a hardened Linux kernel, but I'm not sure), in a box. And what do you mean by "all professional organizations use hardware firewalls, not software products"? Checkpoint FW-1 running on Solaris boxes is one of the most popular there is.

 

The distinction should be made on the ability to look at the contents of a packet (or the header).

A router running access lists does not provide the same protection as firewall software capable of checking packet header information (sequence numbers, flags, etc).

Alex was talking about personal PC firewalls such as Zone Alarm, I thought. I'd assume these cannot view header information....but I've been wrong before

Richard

[This message has been edited by dowser (edited 13 August 2001).]

 

Thanks for all the advice guys!

I'll let you know how I get on!

Andy

 

I think the distinction you need to make is between stateful packet inspection firewalls and application-layer firewalls.

 

Thanks for all your help again!

I finally got round to wiring up the house!

Ended up buying a Linksys cable/DSL router.

The ethernet cable from the cable modem plugs into the back of it. The box claims to have a firewall, and also a 4 port hub.

After cloning the MAC address from the NIC I was up and running with no problems! Didn't even need to bother Telewest with a new MAC address!

I'm dead chuff, although it wasn't the cheapest way of doing it (£150), it's all up and running!!

Cheers
Andy

 

Don't know about Telewest but the way it works with NTL is the MAC address you give them is that of the cable modem, not the NIC. I think the cable modem binds to the NIC's MAC address though, which means if you want to swap NICs you have to power cycle the cable modem.

I'm thinking of doing the same thing, but using Wingate on a PC. Anyone got experience of this? (I want to try to avoid Windows Internet Connection Sharing)

 

I had the inital connection to my NIC (apparently NTL use USB connections, rather than NICs) but they need the MAC address for the NIC.

Since then I've added the router, and it has a clever feature of cloning MAC addresses. If it didn't, I could have asked Telewest to add the routers MAC address to the list.

Sorry about the confusion.

Andy

 

To clarify -- with NTL you can use USB or Ethernet. Let me think....USB, new protocol, Ethernet, been working for 30 years. No prizes for guessing how mine's connected.