Sharing a broadband connection?
08 August 2001, 04:12 PM
#1
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
I'm about to have a Telewest/Blueyonder cable modem installed.
I know the connection to the back of the PC is an RJ45 connector, but how do I distribute this connection to other PC's int he house?
I've seen routers that you plug the connection to, and can then distribute out the connection.
As Telewest require a MAC address for the connection, I assume I'd use the one from the router.
Can anyone recommend a DSL/Broadband router? What other configuration needs to be done (either to the PC's or the router)?
Thanks in advance
Andy
I know the connection to the back of the PC is an RJ45 connector, but how do I distribute this connection to other PC's int he house?
I've seen routers that you plug the connection to, and can then distribute out the connection.
As Telewest require a MAC address for the connection, I assume I'd use the one from the router.
Can anyone recommend a DSL/Broadband router? What other configuration needs to be done (either to the PC's or the router)?
Thanks in advance
Andy
08 August 2001, 04:34 PM
#3
Scooby Regular
Join Date: May 2001
Location: Scotland
Posts: 4,580
Likes: 0
Received 0 Likes
on
0 Posts
Andy,
Have you been recommended BlueYonder by a friend? If so you get the installation done for £25 instead of £50.
I'm getting mine fitted up on the 18th, give me a shout if you want me to recommend you
and I'll get a free months rental aswell 
Cya
John
Have you been recommended BlueYonder by a friend? If so you get the installation done for £25 instead of £50.
I'm getting mine fitted up on the 18th, give me a shout if you want me to recommend you
and I'll get a free months rental aswell Cya
John
08 August 2001, 04:43 PM
#4
Scooby Regular
Join Date: Jul 2001
Posts: 464
Likes: 0
Received 0 Likes
on
0 Posts
I'm on TW in Bristol, I've got the LinkSys BEFSR41 4-way Cable/DSL Router, it's really good. (They're sold in PC World and the like)
It allows up to four PCs to share the Cable modem connection, you give the MAC address of the router to TW instead of the one for your PC.
It also doubles as a firewall and is safer than ZoneAlarm etc.
TW don't give you any support for it though
, so if you have any connection problems, you're on your own. 
With the latest firmware (downloadable from their site), you can now even use NetMeeting through it (only reason why I used to unplug it and go back to ZoneAlarm)
HTH,
Alex
08 August 2001, 05:03 PM
#7
Scooby Regular
Join Date: Feb 2001
Posts: 4,370
Likes: 0
Received 0 Likes
on
0 Posts
Andy,
I bought a RT311 cable modem router (£100), with a separate dual sensing eight port hub. Another alternative is the RT314 router (£130) with built in four port hub.
Register the Nic Mac address (WAN MAC) with Blueyonder, reset CM and away you go. I don't trust the internal firewall and use zonealarm as well.
Laptops and mates machines can then go on-line and share the connection very easily. The same configuration can be viewed in the Portcullis Hotel, Chipping Sodbury.
If you need any help setting the router up e-mail me and will sort it out.
Hope this helps.
Cheers Phill C
[This message has been edited by babber (edited 08 August 2001).]
I bought a RT311 cable modem router (£100), with a separate dual sensing eight port hub. Another alternative is the RT314 router (£130) with built in four port hub.
Register the Nic Mac address (WAN MAC) with Blueyonder, reset CM and away you go. I don't trust the internal firewall and use zonealarm as well.
Laptops and mates machines can then go on-line and share the connection very easily. The same configuration can be viewed in the Portcullis Hotel, Chipping Sodbury.
If you need any help setting the router up e-mail me and will sort it out.
Hope this helps.
Cheers Phill C
[This message has been edited by babber (edited 08 August 2001).]
Trending Topics
09 August 2001, 12:05 AM
#10
Scooby Regular
Join Date: Feb 2001
Posts: 4,370
Likes: 0
Received 0 Likes
on
0 Posts
BigGT3Fan,
Telewest lease an IP for twenty four hours to your equipment, but that's not to say you get a different IP address every twenty four hours. When the Router requests a new one, it's given the same IP your PC been using yesterday. Even if you switched the CM off for a few hours you'll probably get the same IP when the equipment is rebooted.
I've had my IP address now for a few months. Last time it changed was when the UBRs (Universal Broadband Router) were reconfigured. Hope this helps.
Cheers Phill C
Telewest lease an IP for twenty four hours to your equipment, but that's not to say you get a different IP address every twenty four hours. When the Router requests a new one, it's given the same IP your PC been using yesterday. Even if you switched the CM off for a few hours you'll probably get the same IP when the equipment is rebooted.
I've had my IP address now for a few months. Last time it changed was when the UBRs (Universal Broadband Router) were reconfigured. Hope this helps.
Cheers Phill C
09 August 2001, 09:22 AM
#12
Scooby Regular
Join Date: Jul 2001
Posts: 464
Likes: 0
Received 0 Likes
on
0 Posts
Andy - The linksys box was circa £100 but I'm not sure of the exact price anymore 
. It is very good, but the NetGear and others all do a comparable job...
as babber says, you just register the MAC address with TW/blueyonder and it all works swimmingly.
babber - The router uses NAT (Network Address Translation) to map the external internet IP address onto the internal network IPs and is much more secure than ZA.
IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble.
All professional organisations, companies etc protect their networks with h/w firewalls, not software products.
As dowser says tho' you need to be ultra careful when using a permanently connected setup as you're asking for it.
The best bet for any firewall config is to set it up, and then go to the ShieldsUp! web site and use that to attempt to attack your installation.
e.g. ShieldsUp! against my machine connected directly with ZA running shows a number of failed attacks (i.e. ZA is working, but someone might find a way in that it isn't aware of). Lots of scummy people out there doing nothing but port scanning - too much time on their hands
If I do the same thing with the firewall in place, my machine isn't even seen on the internet by ShieldsUp! and therefore completely safe from the scanner scum
HTH,
Alex
[This message has been edited by BigGT3Fan (edited 09 August 2001).]
. It is very good, but the NetGear and others all do a comparable job...as babber says, you just register the MAC address with TW/blueyonder and it all works swimmingly.
babber - The router uses NAT (Network Address Translation) to map the external internet IP address onto the internal network IPs and is much more secure than ZA.
IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble.
All professional organisations, companies etc protect their networks with h/w firewalls, not software products.As dowser says tho' you need to be ultra careful when using a permanently connected setup as you're asking for it.
The best bet for any firewall config is to set it up, and then go to the ShieldsUp! web site and use that to attempt to attack your installation.
e.g. ShieldsUp! against my machine connected directly with ZA running shows a number of failed attacks (i.e. ZA is working, but someone might find a way in that it isn't aware of). Lots of scummy people out there doing nothing but port scanning - too much time on their hands
If I do the same thing with the firewall in place, my machine isn't even seen on the internet by ShieldsUp! and therefore completely safe from the scanner scum
HTH,
Alex
[This message has been edited by BigGT3Fan (edited 09 August 2001).]
09 August 2001, 11:31 AM
#13
The easiest way is to buy one of those boxes that the posts above have talked about above.
However, if you're looking for something on the cheap and you have the kit then an old PC will do. All you need is two network cards (or one if its USB ADSL) and some routing software. I use NAT32 (www.nat32.com).
I use an old Pentium in the living room networked up to the other PCs in the house. Also means we can play MP3s in the living room across the network from my house mates 20+GB collection up staires (ahem!).
James
However, if you're looking for something on the cheap and you have the kit then an old PC will do. All you need is two network cards (or one if its USB ADSL) and some routing software. I use NAT32 (www.nat32.com).
I use an old Pentium in the living room networked up to the other PCs in the house. Also means we can play MP3s in the living room across the network from my house mates 20+GB collection up staires (ahem!).
James
09 August 2001, 11:32 AM
#14
Scooby Senior
Join Date: Oct 2000
Location: Zurich, Switzerland
Posts: 3,105
Likes: 0
Received 0 Likes
on
0 Posts
Hi Alex
What's your external IP?
Just make it secure enough to make the buggers look elsewhere - in 99% of cases making sure a port scan returns nothing and that there's no trojans installed is good enough.
NAT is OK...as long as it's outbound only (ie; the NAT address is not bound to anything internal for incoming requests). But it's possible to intefere with a session you intitiated. Or install a trojan so that your PC initiates the request, alerts me, and allows me to take over the session...
It's like car security, if someone wants to breach your security bad enough, they will. In general, even if your PC is running a trojan, they're not *particularly* (that's not to say they wont look for anything) interested in your data - just the anonymity your IP gives them to attack somewhere else.
Richard
What's your external IP?
Just make it secure enough to make the buggers look elsewhere - in 99% of cases making sure a port scan returns nothing and that there's no trojans installed is good enough.
NAT is OK...as long as it's outbound only (ie; the NAT address is not bound to anything internal for incoming requests). But it's possible to intefere with a session you intitiated. Or install a trojan so that your PC initiates the request, alerts me, and allows me to take over the session...
It's like car security, if someone wants to breach your security bad enough, they will. In general, even if your PC is running a trojan, they're not *particularly* (that's not to say they wont look for anything
) interested in your data - just the anonymity your IP gives them to attack somewhere else. Richard
09 August 2001, 11:53 AM
#15
Scooby Regular
Join Date: Jul 2001
Posts: 464
Likes: 0
Received 0 Likes
on
0 Posts
dowser,
Telewest change it every day (DHCP lease) so no point in telling you, really
You're right I guess that people will get in if they try hard enough, though I've had my machine permanently connected to the net for a good few months with no issues so far <crosses fingers>
Yeah the port scan returns nothing - I would re-iterate that ShieldsUp! is great for reassuring you of that
Alex
09 August 2001, 02:21 PM
#16
Scooby Regular
Join Date: Mar 1999
Posts: 4,518
Likes: 0
Received 0 Likes
on
0 Posts
As said before - If you have the spare kit it can be done for nothing.
Personally use an old Cyrix 586 (Half 486Dx4 - half pentium thing) with linux to firewall my home network. The linux box has an ISDN card rather than 2nd Ethernet because Cable broadband hasn't found its way here yet. Also means I can SSH to home from work and manage my home boxes instead of doing anything useful
Deano
Personally use an old Cyrix 586 (Half 486Dx4 - half pentium thing) with linux to firewall my home network. The linux box has an ISDN card rather than 2nd Ethernet because Cable broadband hasn't found its way here yet. Also means I can SSH to home from work and manage my home boxes instead of doing anything useful
Deano
09 August 2001, 03:29 PM
#17
Scooby Regular
Join Date: Feb 2001
Posts: 4,370
Likes: 0
Received 0 Likes
on
0 Posts
I have loads old spare kit, but:-
a) Don't know linux
b) Did want to leave a machine running all the time
c) BY don't support Linux
If you understand Linux then go for that. If you don't understand it then read the blueyonder.discussion.hi-speed news group. There are plenty of people on there that might be able to help you.
Cheers Phill C
a) Don't know linux
b) Did want to leave a machine running all the time
c) BY don't support Linux
If you understand Linux then go for that. If you don't understand it then read the blueyonder.discussion.hi-speed news group. There are plenty of people on there that might be able to help you.
Cheers Phill C
11 August 2001, 11:32 AM
#19
Scooby Regular
Join Date: May 1999
Posts: 7,901
Likes: 0
Received 0 Likes
on
0 Posts
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by BigGT3Fan:
<B>IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble. All professional organisations, companies etc protect their networks with h/w firewalls, not software products.
[/quote]
Hang on a minute, a 'hardware firewall' is just some software running on a dedicated machine. ISTR Nokia firewall is just Checkpoint FW-1 running on a custom OS (I think it might be a hardened Linux kernel, but I'm not sure), in a box. And what do you mean by "all professional organizations use hardware firewalls, not software products"? Checkpoint FW-1 running on Solaris boxes is one of the most popular there is.
<B>IMHO hardware NAT style firewalls will always be more secure as they hide the machines from the outside world, they physically don't appear, software firewalls are fine until someone finds a way through via a bug etc and then if you don't have the latest version you're in trouble.
All professional organisations, companies etc protect their networks with h/w firewalls, not software products.[/quote]
Hang on a minute, a 'hardware firewall' is just some software running on a dedicated machine. ISTR Nokia firewall is just Checkpoint FW-1 running on a custom OS (I think it might be a hardened Linux kernel, but I'm not sure), in a box. And what do you mean by "all professional organizations use hardware firewalls, not software products"? Checkpoint FW-1 running on Solaris boxes is one of the most popular there is.
13 August 2001, 09:27 AM
#20
Scooby Senior
Join Date: Oct 2000
Location: Zurich, Switzerland
Posts: 3,105
Likes: 0
Received 0 Likes
on
0 Posts
The distinction should be made on the ability to look at the contents of a packet (or the header).
A router running access lists does not provide the same protection as firewall software capable of checking packet header information (sequence numbers, flags, etc).
Alex was talking about personal PC firewalls such as Zone Alarm, I thought. I'd assume these cannot view header information....but I've been wrong before
Richard
[This message has been edited by dowser (edited 13 August 2001).]
A router running access lists does not provide the same protection as firewall software capable of checking packet header information (sequence numbers, flags, etc).
Alex was talking about personal PC firewalls such as Zone Alarm, I thought. I'd assume these cannot view header information....but I've been wrong before
Richard
[This message has been edited by dowser (edited 13 August 2001).]
21 August 2001, 10:03 PM
#23
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
Thanks for all your help again!
I finally got round to wiring up the house!
Ended up buying a Linksys cable/DSL router.
The ethernet cable from the cable modem plugs into the back of it. The box claims to have a firewall, and also a 4 port hub.
After cloning the MAC address from the NIC I was up and running with no problems! Didn't even need to bother Telewest with a new MAC address!
I'm dead chuff, although it wasn't the cheapest way of doing it (£150), it's all up and running!!
Cheers
Andy
I finally got round to wiring up the house!
Ended up buying a Linksys cable/DSL router.
The ethernet cable from the cable modem plugs into the back of it. The box claims to have a firewall, and also a 4 port hub.
After cloning the MAC address from the NIC I was up and running with no problems! Didn't even need to bother Telewest with a new MAC address!
I'm dead chuff, although it wasn't the cheapest way of doing it (£150), it's all up and running!!
Cheers
Andy
21 August 2001, 10:28 PM
#24
Scooby Regular
Join Date: May 1999
Posts: 7,901
Likes: 0
Received 0 Likes
on
0 Posts
Don't know about Telewest but the way it works with NTL is the MAC address you give them is that of the cable modem, not the NIC. I think the cable modem binds to the NIC's MAC address though, which means if you want to swap NICs you have to power cycle the cable modem.
I'm thinking of doing the same thing, but using Wingate on a PC. Anyone got experience of this? (I want to try to avoid Windows Internet Connection Sharing)
I'm thinking of doing the same thing, but using Wingate on a PC. Anyone got experience of this? (I want to try to avoid Windows Internet Connection Sharing)
21 August 2001, 11:21 PM
#25
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
I had the inital connection to my NIC (apparently NTL use USB connections, rather than NICs) but they need the MAC address for the NIC.
Since then I've added the router, and it has a clever feature of cloning MAC addresses. If it didn't, I could have asked Telewest to add the routers MAC address to the list.
Sorry about the confusion.
Andy
Since then I've added the router, and it has a clever feature of cloning MAC addresses. If it didn't, I could have asked Telewest to add the routers MAC address to the list.
Sorry about the confusion.
Andy
Thread
Thread Starter
Forum
Replies
Last Post