Thread Rating:
  • 3 Vote(s) - 2.67 Average
  • 1
  • 2
  • 3
  • 4
  • 5
I am able to get SB 5101 to Boot but...
#31
(25-06-2012, 09:43 PM)mindreader Wrote: BS CVC is not that important than cert. So stop spreading that shit.

It is very important... What makes you think that it isn't? It may not be important to you right now, but in the future it will be very important.
Reply
#32
Some people think because they are in a no security area that things like ISP CO-CVC and BPI + mean nothing...He is only a Noob as he just registered...
Knowledge=Power
Reply
#33
http://www.cisco.com/en/US/tech/tk86/tk8...48db.shtml
Reply
#34
(14-06-2012, 12:36 AM)ABMJR Wrote:
(13-06-2012, 11:03 PM)Stoowyguy Wrote: So yeah... getting Config File where, how, do I get one because I am using like the default one or something and thats making me have like 50 kbps so yeah.. please help

Read this

http://www.cisco.com/en/US/docs/cable/cm...#wp1135031

Benefits

The Dynamic Shared Secret feature provides the following benefits to cable service providers and their partners and customers:

Improves Network Security

Service providers do not need to worry about users discovering the shared secret value and using it to modify DOCSIS configuration files to give themselves higher levels of service. Even if a user were to discover the value of a dynamically generated shared secret, the user would not be able to use that shared secret again to register.

In addition, if a manually configured shared secret is also used, the CMTS uses it to verify the DOCSIS configuration files that it receives from the TFTP server, providing MD-5 authenticated transactions between the TFTP server and the CMTS. This prevents users from bypassing the Dynamic Shared Secret feature by attempting to spoof the IP address of the provider's TFTP server.

The generic TFTP server performance and error handling on the Cisco CMTS routers has been greatly improved to support the high performance that is required for rapidly provisioning cable modems.

Flexibility in Dealing with Possible Theft-of-Service Attempts

Service providers have the option of deciding what response to take when a DOCSIS configuration file fails its CMTS MIC check: mark that cable modem and allow the user online, reject the registration request and refuse to allow the user to come online until a valid DOCSIS configuration file is used, or lock the cable modem in a restricted QoS configuration until the modem remains offline for 24 hours. Locking malicious modems is the most effective deterrent against hackers, because it provides the maximum penalty and minimum reward for any user attempting a theft-of-service attack.

No Changes to Provisioning System Are Needed



This is your issue....

Its really simple to fix....

Quote:lock the cable modem in a restricted QoS configuration

can exclude the dynamic shared secret of a cm?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)