Covenant
Premium,MVM
join:2003-07-01
England
| reply to aryoba
Re: Let's say A is down
I will assume this is a typical xdsl environment, so all users connect to a dslam. The dslam contains linecards that have modem ports, not like dialup modems, but modems none-the less. This means that there is a dedicated connection or one-to-one ratio of client's to modems. The linecard usually has LEDs that indicated various status conditions on the ports. If you are doing ppp, they can verify your username and ip address as well at the datalink layer.
Now I have one question for you aryoba  :
Why the interest in authentication and line security???? |
|
aryoba
Premium,MVM
join:2002-08-22
| reply to rolande
With both PPP and static routing
said by rolande :
They use static routing to the physical interface. The only way you could reuse user A's configuration is if you were physically connected to the same circuit. The ISP controls what traffic routes to where by the routes they add to their network. As a customer, you do not have control of these routes just by adding another user's configuration to your own network.
In a dynamic config scenario, the user authenticates either via PPP or PPPoE or something similar and all of the settings are passed to the client via a control protocol. The ISP's upstream router then dynamically inserts the new route into its routing tables and announces it to the rest of the ISP network using the local routing protocol. In that case, if you knew user A's username and password you could potentially steal their configuration and reuse it on another physical circuit and interface, since it is dynamically configured as a part of authentication.
Some ISPs give out PPP settings to all their static IP customers. Does it mean the ISP router use static routing to physical interface AND authentication? |
|
rolande
Certifiable
Premium,Mod
join:2002-05-24
Powell, OH
clubs:
Host:
Linksys
AT&T Midwest
| reply to aryoba
Re: "Hard coded"
They use static routing to the physical interface. The only way you could reuse user A's configuration is if you were physically connected to the same circuit. The ISP controls what traffic routes to where by the routes they add to their network. As a customer, you do not have control of these routes just by adding another user's configuration to your own network.
In a dynamic config scenario, the user authenticates either via PPP or PPPoE or something similar and all of the settings are passed to the client via a control protocol. The ISP's upstream router then dynamically inserts the new route into its routing tables and announces it to the rest of the ISP network using the local routing protocol. In that case, if you knew user A's username and password you could potentially steal their configuration and reuse it on another physical circuit and interface, since it is dynamically configured as a part of authentication.
--
Remember what they say: "There are 10 types of people in the world.. those who understand binary, and those who don't." |
|
aryoba
Premium,MVM
join:2002-08-22
| reply to rolande
said by rolande :
If there is no authentication occuring then there is no dynamic configuration occuring. All of the user's configuration is hard coded on the ISP's side in this case.
When you said "hard coded"; did it mean that the ISP always check all customer's MAC address before routing their traffic?
Or maybe there is another checking method? |
|
rolande
Certifiable
Premium,Mod
join:2002-05-24
Powell, OH
clubs:
Host:
Linksys
AT&T Midwest
| reply to aryoba
Re: Let's say A is down
If there is no authentication occuring then there is no dynamic configuration occuring. All of the user's configuration is hard coded on the ISP's side in this case, so it is impossible for user B to steal user A's configuration. The ISP's router will not route user B's traffic because it is not configured for user A's settings on user B's interface.
--
Remember what they say: "There are 10 types of people in the world.. those who understand binary, and those who don't." |
|
aryoba
Premium,MVM
join:2002-08-22
| reply to Covenant
said by Covenant :
If customer B who "borrows" customer's A settings to connect to the Internet, customer B needs to connect his router to customers A line. So there is no way for customer B to use the same settings as customer A unless customer B connects his router at customer's A site.
What if A is not using his account; and B borrows at this time; would B be able to connect using A's account from B's location?
If yes, how would the ISP find out if B was using A's instead of his own? |
|
Covenant
Premium,MVM
join:2003-07-01
England
| reply to aryoba
Re: The authentication
In this case a DSL connection works like a dedicated line. If customer B who "borrows" customer's A settings to connect to the Internet, customer B needs to connect his router to customers A line. So there is no way for customer B to use the same settings as customer A unless customer B connects his router at customer's A site. |
|
aryoba
Premium,MVM
join:2002-08-22
|  reply to Covenant
said by Covenant :
Well if you understood PPP or any of the other data link protocols, you would know the advantages and disadvantages of each protocol and know when to apply it or not as the case maybe. You would also have been able to answer at least 2 of the questions you originally posted.
Maybe my questions weren't clear enough to open up the issues I'm sending. Let me see if I can rephrase the questions. OK, here it goes.
Let's say that there is an ISP that doesn't employ PPP to their DSL connection service. They only give their customers static IP address, gateway, subnet, and DNS. Using these settings, customer A successfully connects to Internet.
Let's say there is a customer B "borrow" the customer A settings to connect to the Internet. Without PPP employment (the authentication), how can the ISP find out that customer B is using customer A's settings instead of his own? |
|
