# Cable modem being installed. What to do for security?



## Maniacal1 (Apr 9, 2002)

I'm finally breaking down and having a cable modem installed next Wednesday. I'm too distant for DSL and satellite access doesn't seem to be getting any better very fast. 

I know I have to do something about security, but I don't know what. What do you guys recommend for security with a cable modem?

I'm nat particularly a geek when it comes to these things, so, after security, easy configurability would be nice. 

Thanks for your suggestions!


----------



## Chris Blount (Jun 22, 2001)

Zone Alarm Pro is the firewall of choice. Easily installed and configured. http://www.zonelabs.com/

There is also a free version of Zone Alarm standard here: http://download.com.com/3000-2092-10039884.html?part=zonealarm&subj=dlpage&tag=button

The absolute safest way to go is to purchase a Router. The linksys routers have built in firewalls that keep your computer completely invisible from the internet. I've had mine for 2 years now and not one single attack has ever gotten through. The 4 port models can be purchased for about $60 and allow future expansion to other computers in your house so they all can share one high speed connection.

http://www.linksys.com/Products/product.asp?prid=20&grid=23

This particular router is a snap to hookup and easy to configure right through your browser.


----------



## Neil Derryberry (Mar 23, 2002)

I would agree with Chris.... My linksys works great!


----------



## Maniacal1 (Apr 9, 2002)

Thanks, guys. I've downloaded the free version of ZoneAlarm, and I'll try that when the cable modem gets installed. 

I haven't decided yet what to do about a router. I'll let them do the basic installation and decide what to do from there. I'm contemplating a wireless router, since I do have a laptop in the house that I'm sure I'll want to connect to the network after I've gotten spoiled by the speedier access.


----------



## gcutler (Mar 23, 2002)

Wireless can leave some security holes as well. Be careful, there is a thread a few months old all about that. But if you are considering getting a wireless setup, the combo Router/Wireless access point is cheaper than a seperate wireless access point and router. So you may want to go with this

http://www.linksys.com/Products/product.asp?grid=22&prid=415

which is pretty much the router Chris mentioned, but with Wireless Access Point built in. It will probably cost you around $150. But seperate and you would probably pay over $200 for everything.


----------



## Bardman (Apr 23, 2002)

Again, Kudos to Chris....

I've got the same router and it has served me well for 9 months now. Hindsight being 20/20, I should have sprung for the one with wireless built in (for the laptop)

One other thing to remember, when the cable guy comes to install your modem, make sure he uses ethernet to connect the modem to your computer (not USB), then when you get the router, all you have to do is insert it between your computer and modem. Someone I know didn't do this and ended up with a DSL modem that only connects to the computer via USB.


----------



## James_F (Apr 23, 2002)

Not a big fan of Zone Alarm, causes some problems with some of the programs that I use.. Can't beat the price though. I just helped my brother install a Netgear RP-614. It auto detects your modem and sets all the settings for you. Pretty cool....

Link to Netgear RP-614

I have a a Netgear MR-314 802.11b Wi-Fi router. There is nothing like being able to carry your laptop out to the pool and listen to a baseball game over the internet. Works well for me! 

Any hardware router (D-link, Linksys, Netgear, Intel or other) is much better than Zone Alarm. A $80 router gives you piece of mind that you can't put a price tag on!


----------



## Steve Mehs (Mar 21, 2002)

I use Zone Alarm Pro for dial up, Im not really parinoid about hackers, but I use it when downloading huge files from Kazaa, just to be safe. I use to have ZA running all the time when Im on the net but now I have Norton Personal Firewall, that starts up when I boot up along with NAV, but ZA Pro is still pretty cool.


----------



## cnsf (Jun 6, 2002)

Actually, I'm partial to Black Ice Defender. It was shaky for a while, but they've really come back with a strong product recently. I run it along with Norton Personal FW and a NAT router.

Also, NAT is not great protection, but it does raise the bar enough for a script kiddie to move on.

Wireless has its issues if you don't enable WEP (even that has some holes), but if you're not a bank, don't worry. Just keep backing up your critical data, that's your biggest risk.


----------



## James_F (Apr 23, 2002)

That and make sure the file sharing is turned off. That is the largest hole in Win9x....


----------



## invaliduser88 (Apr 23, 2002)

I'm partial to the Nexland products. They have twice the power of Linksys products, work nicely with VPN products (even through PPOE), and for us that get DHCP assigned addressed from the ISP, allows for dynamic DNS updates for my mail and web server.


----------



## Steve Mehs (Mar 21, 2002)

Next months issue of PC World is dedicated to protecting your PC. They do comparisons on AV programs along with S/W firewalls. Sygate Pro and ZA Pro got the top honors.


----------



## Maniacal1 (Apr 9, 2002)

Well, the attempted cable modem installation was a failure. The modem won't connect to the network. "It may be the modem or it may be an issue in your area."

They're offering to send out a technician on Saturday, but I don't know if I'm willing to wait that long. I may be staying with dial-up after all.


----------



## gcutler (Mar 23, 2002)

At a minimum of 10 times the speed. I would wait. As long as they don't charge you anything if you can't get the service, go for it.

You may hear people complaining about Price, down time, even speed not as good as they expected, but you rarely hear about someone happy to go back to Dialup.


----------



## Maniacal1 (Apr 9, 2002)

I certainly understand what you're saying, gcutler. We temporarily have an appointment on Saturday morning for them to try to rectify the problem. 

I'm a little leery because of a couple of things that happened during the attempted installation. There's a point in the process where I have to call in with the necessary information. All I got was a busy signal for an hour. I then called the main support line and someone took the information. I continued the installation and couldn't connect after that.

I guess I'll give them a chance to see if they show up on time on Saturday. If they're late, they won't find me because of previous plans.


----------



## gcutler (Mar 23, 2002)

Who is providing the service. Where I am I have a choice (Bell South, or BellSouth via Mindspring). I went the Mindspring route.

Chances are the DSL is owned by your phone company, but there are DSL intermediaries which can give you a better choice. Except for the physical wire from the "Central Office" to my House, Earthlink is responsible for just about everything (Logins, password, mail/news servers) Only when it is determined to be the wire does Bellsouth get involved.


----------



## Maniacal1 (Apr 9, 2002)

It's AT&T Broadband here, and it's my only choice (except for satellite). No DSL available. 

As unimpressed as I am with their elleged service so far, I guess I'll wait and see what happens on Saturday morning when they try to rectify the problem.


----------



## gcutler (Mar 23, 2002)

DUH, I guess my reading your original note might have answered that :grin:

Yes, you pretty much are going to get the same service as you would with their cable. But a friend had AT&T broadband and we wanted to install a Cable/DSL router and needed to call AT&T Broadband support to get the system to be recognize the router and not the net card in the PC. We were on hold about 15 minutes and on with tech support for 15 minutes. I wasn't tooo bad. I think once you are setup you will deal with a different # than the Billing or Cust service #???


----------



## Maniacal1 (Apr 9, 2002)

Yes, it's a different service number. On Wednesday, once I was able to get to the tech folks, they were pretty good. 

I'll see what happens tomorrow morning. Supposedly, their sending out a technician and "a network technician will also be on call". If the technician thinks he's just going to hook up a modem to the cable and leave, the deal will be off. If he stays at it until I'm connected, we're on.


----------



## Bogy (Mar 23, 2002)

I'll be interested to find out what happens tomorrow morning. It might be something as simple as a missing protocol. While I am not an expert, and don't do networking on a regular basis, I have done a fair amount of it. Sometimes it goes without a hitch, and other times it seems like I'm chasing my own tail. Then it either suddenly works when nothing seems to have been changed, or I go, "Well Duh, of *course* I need to change that setting." So good luck tomorrow.


----------



## Maniacal1 (Apr 9, 2002)

The technician just left, and he completed the installation successfully. Apparently, when I gave them the MAC address, they typed it in wrong. They had an F where a D should be. (If it was something like a D for a 0 or a B for an 8, I'd suspect I read it to them wrong.)

The modem, as we suspected, was fine.


----------



## Bogy (Mar 23, 2002)

I figured it was something real complicated like that.  Most times its a name typed in wrong or a box unchecked.


----------



## gcutler (Mar 23, 2002)

> _Originally posted by Maniacal1 _
> *The technician just left, and he completed the installation successfully. Apparently, when I gave them the MAC address, they typed it in wrong. They had an F where a D should be. (If it was something like a D for a 0 or a B for an 8, I'd suspect I read it to them wrong.)
> 
> The modem, as we suspected, was fine. *


And enjoy the fact that the MAC address is unique only to the device you have. Take pride in it


----------



## cnsf (Jun 6, 2002)

Actually, most routers have the function of being able to clone your MAC address on your PC, avoiding typo issues.


----------



## gcutler (Mar 23, 2002)

> _Originally posted by cnsf _
> *Actually, most routers have the function of being able to clone your MAC address on your PC, avoiding typo issues. *


But what are the chances you know what the typo is at the other end, to change your router mac address to??? Lots of combinations to guess to get it right. Quicker to just have the ISP re-read it back to you and have them get it right.

The real purpose of the Router MAC address change is so that you can take the MAC address off your PC's NIC and make the router's mac the same so you don't have to call up your cable company for the change.

But then you have to make sure the PC NIC isn't used on the same network as your "Customized" router (but you could customize the PC NICs Address). And you would have to retype it if the router gets reset.

Better to get your ISP to get the MAC address right and leave everything as is


----------

