RE: I am able to get SB 5101 to Boot but... - SlowGrind6 - 26-06-2012
(25-06-2012, 09:43 PM)mindreader Wrote: BS CVC is not that important than cert. So stop spreading that shit.
It is very important... What makes you think that it isn't? It may not be important to you right now, but in the future it will be very important.
RE: I am able to get SB 5101 to Boot but... - ABMJR - 26-06-2012
Some people think because they are in a no security area that things like ISP CO-CVC and BPI + mean nothing...He is only a Noob as he just registered...
RE: I am able to get SB 5101 to Boot but... - modembricker - 26-06-2012
http://www.cisco.com/en/US/tech/tk86/tk89/technologies_tech_note09186a00800948db.shtml
RE: I am able to get SB 5101 to Boot but... - piposarcade - 12-10-2012
(14-06-2012, 12:36 AM)ABMJR Wrote: (13-06-2012, 11:03 PM)Stoowyguy Wrote: So yeah... getting Config File where, how, do I get one because I am using like the default one or something and thats making me have like 50 kbps so yeah.. please help
Read this
http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrdmic.html#wp1135031
Benefits
The Dynamic Shared Secret feature provides the following benefits to cable service providers and their partners and customers:
Improves Network Security
Service providers do not need to worry about users discovering the shared secret value and using it to modify DOCSIS configuration files to give themselves higher levels of service. Even if a user were to discover the value of a dynamically generated shared secret, the user would not be able to use that shared secret again to register.
In addition, if a manually configured shared secret is also used, the CMTS uses it to verify the DOCSIS configuration files that it receives from the TFTP server, providing MD-5 authenticated transactions between the TFTP server and the CMTS. This prevents users from bypassing the Dynamic Shared Secret feature by attempting to spoof the IP address of the provider's TFTP server.
The generic TFTP server performance and error handling on the Cisco CMTS routers has been greatly improved to support the high performance that is required for rapidly provisioning cable modems.
Flexibility in Dealing with Possible Theft-of-Service Attempts
Service providers have the option of deciding what response to take when a DOCSIS configuration file fails its CMTS MIC check: mark that cable modem and allow the user online, reject the registration request and refuse to allow the user to come online until a valid DOCSIS configuration file is used, or lock the cable modem in a restricted QoS configuration until the modem remains offline for 24 hours. Locking malicious modems is the most effective deterrent against hackers, because it provides the maximum penalty and minimum reward for any user attempting a theft-of-service attack.
No Changes to Provisioning System Are Needed
This is your issue....
Its really simple to fix....
Quote:lock the cable modem in a restricted QoS configuration
can exclude the dynamic shared secret of a cm?
|