I have been having intermittant connectivity problems, so started trying to fix like an auto mechanic: replace a part at a time and see what works. Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 years old or more, so replaced that. Not much change, still lose connectivity at an odd time, nothing can get me back up, then some hours later, voila!, I am back on...so rush to get out emails, or questions like this while possible. New cable modem has new MAC address, which I registered with ISP, but am not sure how to re-set in SUSE 11. On the one hand, I am online now, but check with eth0 in YAST, Network Devices, shows old MAC address. I assume I can manually change in a file probably in /etc, but I did not find one that seemed obvious. Any suggestions? Thanks for any assistance, including other thoughts on the random outages. Cable company has been by and replaced lines, splitters, like that, assures that signal is good. Richard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Richard wrote:
I have been having intermittant connectivity problems, so started trying to fix like an auto mechanic: replace a part at a time and see what works. Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 years old or more, so replaced that. Not much change, still lose connectivity at an odd time, nothing can get me back up, then some hours later, voila!, I am back on...so rush to get out emails, or questions like this while possible. New cable modem has new MAC address, which I registered with ISP, but am not sure how to re-set in SUSE 11. On the one hand, I am online now, but check with eth0 in YAST, Network Devices, shows old MAC address. I assume I can manually change in a file probably in /etc, but I did not find one that seemed obvious. Any suggestions?
Thanks for any assistance, including other thoughts on the random outages. Cable company has been by and replaced lines, splitters, like that, assures that signal is good.
Richard
You don't have to reset the cable modem MAC address in Yast, unless you're filtering on it. The MAC address you're looking at is probably the one for the NIC in your computer. MAC addresses are for local networks only and have nothing to do with IP. When you try to connect to another device on your LAN, your computer will send out an ARP request, to determine the MAC address of that device and then all communications, over the local LAN are done via MAC address not IP. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun November 2 2008, James Knott wrote:
Richard wrote:
I have been having intermittant connectivity problems, so started trying to fix like an auto mechanic: replace a part at a time and see what works. Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 years old or more, so replaced that. Not much change, still lose connectivity at an odd time, nothing can get me back up, then some hours later, voila!, I am back on...so rush to get out emails, or questions like this while possible. New cable modem has new MAC address, which I registered with ISP, but am not sure how to re-set in SUSE 11. On the one hand, I am online now, but check with eth0 in YAST, Network Devices, shows old MAC address. I assume I can manually change in a file probably in /etc, but I did not find one that seemed obvious. Any suggestions?
Thanks for any assistance, including other thoughts on the random outages. Cable company has been by and replaced lines, splitters, like that, assures that signal is good.
Richard
You don't have to reset the cable modem MAC address in Yast, unless you're filtering on it. The MAC address you're looking at is probably the one for the NIC in your computer. MAC addresses are for local networks only and have nothing to do with IP. When you try to connect to another device on your LAN, your computer will send out an ARP request, to determine the MAC address of that device and then all communications, over the local LAN are done via MAC address not IP.
-- Use OpenOffice.org <http://www.openoffice.org>
Thanks James. I assume I am not filtering on the cable modem, as I don't know how to do that, or why I would. Maybe finally an instance of not being smart enough to get into trouble, a rare blessing. Richard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Richard wrote:
On Sun November 2 2008, James Knott wrote:
Richard wrote:
I have been having intermittant connectivity problems, so started trying to fix like an auto mechanic: replace a part at a time and see what works. Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 years old or more, so replaced that. Not much change, still lose connectivity at an odd time, nothing can get me back up, then some hours later, voila!, I am back on...so rush to get out emails, or questions like this while possible. New cable modem has new MAC address, which I registered with ISP, but am not sure how to re-set in SUSE 11. On the one hand, I am online now, but check with eth0 in YAST, Network Devices, shows old MAC address. I assume I can manually change in a file probably in /etc, but I did not find one that seemed obvious. Any suggestions?
Thanks for any assistance, including other thoughts on the random outages. Cable company has been by and replaced lines, splitters, like that, assures that signal is good.
Richard
You don't have to reset the cable modem MAC address in Yast, unless you're filtering on it. The MAC address you're looking at is probably the one for the NIC in your computer. MAC addresses are for local networks only and have nothing to do with IP. When you try to connect to another device on your LAN, your computer will send out an ARP request, to determine the MAC address of that device and then all communications, over the local LAN are done via MAC address not IP.
-- Use OpenOffice.org <http://www.openoffice.org>
Thanks James. I assume I am not filtering on the cable modem, as I don't know how to do that, or why I would. Maybe finally an instance of not being smart enough to get into trouble, a rare blessing.
Richard
MAC filtering is used as a weak security measure, to prevent unauthorized computers from connecting to your system, but it works only on the local network. I experienced this last week, when attempting to work on a customer's network. They had unintentionally turned it on, which meant that my computer couldn't connect to their network. Some people also think it adds to wireless security, but that's a delusion, as MAC addresses are easily spoofed. MAC filtering will not affect anything coming in over the internet, as MAC addresses are local only and not passed through routers. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
MAC filtering is used as a weak security measure, to prevent unauthorized computers from connecting to your system, but it works only on the local network. I experienced this last week, when attempting to work on a customer's network. They had unintentionally turned it on, which meant that my computer couldn't connect to their network. Some people also think it adds to wireless security, but that's a delusion, as MAC addresses are easily spoofed.
James, given the number of possible MAC addresses, it would be virtually impossible to guess a single one for accessing somebodys wireless network, so surely those people are not _that_ delusional in thinking it adds to their wireless access security? /Per -- /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, 2 Nov 2008, Per Jessen wrote:- <snip>
James, given the number of possible MAC addresses, it would be virtually impossible to guess a single one for accessing somebodys wireless network, so surely those people are not _that_ delusional in thinking it adds to their wireless access security?
You don't need to _guess_ the MAC addresses. While MAC address filtering can provide some "protection" from systems or users that don't have nefarious intent, it provides no protection from those that do. All they need is something like aircrack-ng or airsnort[0], both of which will read the data packets being passed between a wireless router/access point and a connected computer, and easily extract the required MAC addresses. If the user is still using WEP, they can have the required encryption keys within a minute, or they can try using a dictionary attack a to try and find the WPA key. With the MAC address and WEP, they can have access to the network in minutes, whereas with WPA (probably) will take a while longer. As for those that don't have any encryption, they might as well install a flashing neon sign saying "free wireless connections here" [0] Both packages are dual-use. On the one hand, they can be used for penetration testing to help shore up network security. While on the other hand, they can be used for penetration testing to help break in to a (semi-)secured network. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s SUSE 10.1 32 | | openSUSE 10.3 32b | openSUSE 11.0 32b | openSUSE 10.2 64b | openSUSE 10.3 64b | openSUSE 11.0 64b RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC | RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
If the user is still using WEP, they can have the required encryption keys within a minute, or they can try using a dictionary attack a to try and find the WPA key. With the MAC address and WEP, they can have access to the network in minutes, whereas with WPA (probably) will take a while longer. As for those that don't have any encryption, they might as well install a flashing neon sign saying "free wireless connections here"
A reasonably secure WPA password can be obtained from www.grc.com (Click on Services > Perfect passwords), which is a 63 character string of random ASCII characters. That password should be fairly difficult to guess. That leave a brute force attack on the 256 bit WPA key. According to what I've read, neither WPA nor the underlying AES encryption have ever been broken. Incidentally a 256 bit key has 115792089237316195423570985008687907853269984665640564039457584007913129639936 possible combinations, so it'll take a while to try them all. ;-) -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
James Knott wrote:
MAC filtering is used as a weak security measure, to prevent unauthorized computers from connecting to your system, but it works only on the local network. I experienced this last week, when attempting to work on a customer's network. They had unintentionally turned it on, which meant that my computer couldn't connect to their network. Some people also think it adds to wireless security, but that's a delusion, as MAC addresses are easily spoofed.
James, given the number of possible MAC addresses, it would be virtually impossible to guess a single one for accessing somebodys wireless network, so surely those people are not _that_ delusional in thinking it adds to their wireless access security?
Monitoring WiFi MAC addresses is trivial, using utilities such as Kismet on Linux or Netstumbler on Windows. It's even easier than on a switched ethernet network. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Monitoring WiFi MAC addresses is trivial, using utilities such as Kismet on Linux or Netstumbler on Windows. It's even easier than on a switched ethernet network.
Good point, thanks. /Per -- /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I have been having intermittant connectivity problems, so started trying to fix like an auto mechanic: replace a part at a time and see what works. Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 years old or more, so replaced that. Not much change, still lose connectivity at an odd time, nothing can get me back up, then some hours later, voila!, I am back on...so rush to get out emails, or questions like this while possible. This should give you a clue, that unless you are actually doing something to get it working, the problem is not within your local equipment. New cable modem has new MAC address, which I registered with ISP, but am not sure how to re-set in SUSE 11. You mentioned you have a router, so I would assume Internet-->cable modem-->router-->local computer(s). This means your local computer has no direct connection to the cable modem, so it does know anything about
On 11/03/2008 12:30 AM, Richard wrote: the MAC address of the cable modem.
On the one hand, I am online now, but check with eth0 in YAST, Network Devices, shows old MAC address. Which would only be local NICs, not external ones. This is normal. I assume I can manually change in a file probably in /etc, but I did not find one that seemed obvious. Any suggestions?
Do not worry too much about your side, it sounds like the problem is external to you. In a cable modem connection, you are on a subnet along with other users. My guess is one of the other users (or a number of other users) has gotten infected (or worse) and is flooding the network with traffic that effectively gives you a DOS. If it is as intermittent as you mentioned, that is my first guess. If the cable company is responsive, when it happens again, you should call their tech support, which should be able to determine if this indeed is the problem, and they can take steps to regain control over their network. HTH. -- Joe Morris Registered Linux user 231871 running openSUSE 10.3 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard さんは書きました: | I have been having intermittant connectivity problems, so started trying to | fix like an auto mechanic: replace a part at a time and see what works. | Router is linksys, fairly new so not suspicious. Cable modem was maybe 5-6 | years old or more, so replaced that. Not much change, still lose | connectivity at an odd time, nothing can get me back up, then some hours | later, voila!, I am back on...so rush to get out emails, or questions like | this while possible. New cable modem has new MAC address, which I registered | with ISP, but am not sure how to re-set in SUSE 11. On the one hand, I am | online now, but check with eth0 in YAST, Network Devices, shows old MAC | address. I assume I can manually change in a file probably in /etc, but I | did not find one that seemed obvious. Any suggestions? | You did not mention whether or not you are using wireless router. Doesn't much matter, really... The method of replacing things one at a time doesn't really work well for this kind of stuff. Most car parts aren't configurable and don't have firmware, etc. So replacing the hardware does not necessarily mean that the programming and setup will also change. For such stuff, observation, snooping, divide and conquer, experimentation, programming, research and a bit of skull sweat works better and generally costs less. What do the status lights on the cable modem indicate? Is there a change when the problem occurs? Are your using clean, preferably new RG6 or better coax to your cable modem? Does the entire house have RG6, from the drop or poe (point-of-entry) and to every single point in the house? Is there any coax that is being bent into a sharp turn, especially at connectors? Are you using high-quality F-connectors? Are there any cheap connectors or fittings anywhere--including any that _look_ cheap? Are any fittings or connectors loose? What happens if you shake any loose cables anywhere in and around the house? Is it more likely to occur when the TV is on? Perfect cabling is not essential but it helps a great deal. Ready-made cable tends to be poorer quality than the average, custom-made-on-the-spot hand-terminated cable, though you can buy good or better quality ready-made cable at insanely excessive prices. Your cable modem is connected to the router? Then you don't need to change anything on your box. Unless you are not using dhcp and have it set up on your router, or haven't set a default route, set up /etc/resolv.conf, etc., etc. How do you know it's not your router? Is your router correctly configured for the cable modem, including MAC cloning? Or does your cable modem not require MAC cloning? Is dhcp working properly and consistently? Does your router have the latest firmware version? Have you checked with Linksys to see if your router has any known bugs or problems? Even new routers have problems. You can probably find out more by trying a different router--different brand and model--or by by looking at the traffic between the router and modem. Do you have other boxen on the LAN that have the same problem? If you connect your box directly to the cable modem, with it correctly configured, can you see any packets coming from the cable modem using wireshark? Normally you would see lots of arp and broadcast traffic. If you can't connect directly to the cable modem, do you have a hub that you can put between the cable modem and router? (Using a hub this way will help tell you whether or not both the cable modem and the router are working.) If so, you can plug in your box (or another) and use wireshark to look at the traffic between the router and cable modem. This requires a _hub_, /not/ a switch. A couple things to look for are 1) that there actually is traffic, 2) that the cable modem's dhcp requests, if any, are being replied to. If there is no traffic, there is no signal or the cable modem can't sync up with the network and if the status indicators say otherwise, they're lying. Some cheap modems lie. If you see a bunch of dhcp requests coming from your router that are not getting any response then you will not have any access to anything. This could mean that your modem is too weak or is out on the fringe of the network, too far away to connect reliably. It could also mean that there is a problem, perhaps with a signal attenuator or amplifier that should not be there or is the wrong type, or a directional coupler upstream somewhere in the cable system. If everything looks fine, try pinging a known host by it's ip and by it's name. If there is a response pinging by ip but no response when pinging by name then there is a problem with talking to nameservers. Note the times and duration when the problem occurs, note whatever else in the house is in use at the time. If possible, note what neighbours are doing. You will be looking for patterns and coinciding events. If the problem occurs at regular times, or when certain other devices are on, off or whatever, then there is a good chance that there is interference. Whatever the problem, keeping track of times and so on will help solve it or narrow down and eliminate possibilities. Without details, such as any error messages you get, any errors from the router log, et cetera, I can offer no other suggestions. Unfortunately cable companies are not entirely trustworthy so don't simply take them at their word. While most do care about more than just taking your money, there could be personnel or training problems. Some companies are too shorthanded to be helpful and experienced people are frequently replaced because companies invest and depend too much on useless knowledge bases to "solve" problems. If you are still having trouble and can't find the problem, see if it's possible to take it up with a higher level in the cable company, where the more experienced people are. Consider every possibility. Don't get frustrated or something obvious may be overlooked. Have fun. == jd It shall be unlawful for any suspicious person to be within the municipality. ~ -- Local ordinance, Euclid Ohio - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFJDyWohpL3F+HeDrIRAs1mAJ0d9EzP4lp/MrgH36iNp8cDSRroTwCZATIY Nw2h7Cdvrq/miXBBHMIsfJE= =pKTA -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (7)
-
David Bolt -
j debert -
James Knott -
Joe Morris -
Per Jessen -
Richard -
Richard