howji
join:2002-11-30
Ashburn, VA
| Opneband Home Fiber Optic !?
We just moved to a new house in Louden county VA. A company called openband provides us a supposedly fiber optic high speed internet. The speed is not that good, it's around a 1.5Mbit connection. But what bothers me is that, in their website www.openband.net they say that they have a security system (firewall) on the internet. This is my experience with it:
I can host ftp, http and game servers and external people can easily join it. People can easily upload stuff to me in yahoo, msn, aim, irc and ..., which makes it not a secure firewall. This is not an important issue for me as i don't need their security. However i CANNOT PING ANY WEBSITE from command prompt and the Line Quality ping test fails. can any one please tell me what sort of firewall this is and anyway i can at least ping websites ?
Also some help on tweaking would be appreciated. |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX | To get tweaked, you need to answer the questions: »Tweaking FAQ »What information should I post with my question?
It sounds like they are blocking ping requests going both ways. |
|
howji
join:2002-11-30
Ashburn, VA
| »/speedtests/14···72237885
thats speed test.
Unfortanately my ISP made me not pingable to other tests wont really help. Also im using XP with a realtek 8139 NIC and the connection is set auto which connects at 100 Mbit/s |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX | I have to have a Tweak test. |
|
howji
join:2002-11-30
Ashburn, VA | but what should i use for the connection type and the speed caps. The connection is not capped, atleast thats what they say ?! |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX | Use Service=wireless; speed=1500; OS=WinXP; Connection=normal
That will get close enough so I can see the actual test results. |
|
howji
join:2002-11-30
Ashburn, VA | »216.254.95.40/tweak/block:45f035···a=normal |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX
 ·AT&T Southwest
| -Download Dr.TCP.
-Set the TCP Receive Window (RWIN) to 32120.
-Set everything with a pull down option/menu to Default.
-Blank/Clear all other fields.
-Save.
-Reboot.
-Post an up-to-date tweak test.
-Post the results of the speed test nearest you.
Go ahead and do a Line Quality test. Post the URL in the red box. I want to see what it looks like (as far as it will go). |
|
howji
join:2002-11-30
Ashburn, VA
| line quality test doesnt show any graphs cuz im not pingable. is it still worth posting. Can you please reffer to my First post and suggest on what sort of firewall they have on my connection, or is just NATingn or whatever its called. Also its amazing I cannot ping or tracert any website either!?
Thanks |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX
·AT&T Southwest
| Go ahead and post the Line Quality URL.
From your description, they are blocking all ICMP(8) (ping/tracert) commands. IM me with your public IP and let me see what I get when I try to tracert to you.
When you do a tracert (like to dslreports.com), how many "hops" do you get before it starts timing out? |
|
jazzman916
Life on the Upbeat
Premium,Mod
join:2001-09-01
Birdland
clubs:
 ·surpasshosting
Host:
Virtual Private Ne..
Satellite Radio
AT&T Southeast
Wireless Security
| reply to howji
said by howji  :
line quality test doesnt show any graphs cuz im not pingable.
Please try to become pingable (see Section 3 here ), then rerun the test.
--
| Tweak it | Secure it | Network it | Crunch with it | Crunch more with it | |
|
howji
join:2002-11-30
Ashburn, VA
| reply to howji
when i TRACERT ANY website it immediatly times out. never gets any ping. Technically i dont have any way of becoming pingable. Unless i find a way to configure the main router
The private IP assigned by the router using DHCP is 10.106.3.2 Also they have a home network running in our house to 8 outlets using a router. Does my private IP say anything about the brand or the config interface of the router. Just to remind I have tried hosting game servers, and etc and external poeple easily joined without any problem. My public IP using dslreports is 166.90.101.0
again just as a reminder i cannot ping any server, it all times out, aslo tracert to any server immedietly times out at the first hop, Thanks again for your concern |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX
·AT&T Southwest
| I looked at the web site for www.openband.net. They really don't want you to know any specifics. In fact, one of the pages says all that stuff is "proprietary".
The private IP address gives no useful information about the router.
The fact that anyone seems to be able to join any games, ftp to you, etc. tells me they don't really have any security in place. They are simply blocking the icmp packets that are used by ping and tracert.
Have you made the changes I suggested at "2003-12-23 23:32:10"? If not, please do so. When you have, please post new Tweak and Speed test URLs. |
|
howji
join:2002-11-30
Ashburn, VA
| reply to howji
ok i did what u said and this is a new tweak test:
»216.254.95.40/tweak/block:1bfc45···a=normal
and this a speed test i did with NJ server
»/speedtests/21···72289505
Meanwhile i discovered very new stuff. Using Cisco tools i figured out they are using cisco routers. I was able to also see every other machine and some were my neighbors that are connected to the router.The Cisco IP network tool gave a lot of information also about each persons computer: name of PC, account names, all net devices, ... and I could even monitor their bandwidth. I even tried retrieving the router config file but they had a community string(password) which prevented me from both reading and writing. |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX
·AT&T Southwest
| Does this give you a "funny feeling" about their security? It sounds to me like you're running "wide open", except they've blocked pings. Being able to see your neighbors like that is no good.
I hope you have good software firewall(s) running in your machine(s).
Because of the low latency (about 30 ms), the RWIN calculator gives low numbers. Try 14600 and post new Tweak and speed URLs. I'm guessing that your speed ought to be about 3000 kbps. Put that in as the speed when you do the Tweak test. |
|
howji
join:2002-11-30
Ashburn, VA
| reply to howji
ok new tests:
»/speedtests/20···72291210
»216.254.95.40/tweak/block:3cd666···a=normal
I also discovered I can monitor the CPU usage of all my neighbor PCs' using the cisco router tools. Now this is really bad ! |
|
McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Round Rock, TX
·AT&T Southwest
| The speed went down a little. Go back up to 32120 and let's call that it on the tweaks.
I'll let you and your neighbors worry about the security issues you have. You might want to utilize some of the security tools on this site, also. |
|
howji
join:2002-11-30
Ashburn, VA | reply to howji
thanks for the help  |
|
