Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
how do isp's block configs?
#1
I was just wondering, exactly what does the isp look for when processing the config (forced) that determines whether or not it is allowed on the network? Basically, how did they blacklist that 50/5 that was whored out?

Is there a certain identification string that each config has thats unique?
Reply
#2
The HFC MAC of the device defines what service tier.

CM's are bridges and the bridge can be 2 lanes or 8 lanes
Knowledge=Power
Reply
#3
I see what you're saying but say for instance that a user is in "candyland" and can force configs and change macs just to get online and all the good pre-2011 stuff that people were able to do, how is it that the isp kills their forced config. There must be some sort of identification check of the config itself, no?

Specifically, that 50/5 cfg thast was floating around SBH, that was killed last October I believe. How did they do that? Was it as simple as changing the requirements of the configs, then issuing new cfg's to all users with these "new" requirements thus disabling those that did not meet these new requirements?
Reply
#4
If you were the ISP there are any number of ways to kill a config like that, perhaps start enforcing expiry dates, co-signing, or dynamic generation.
Reply
#5
(01-04-2013, 09:46 PM)GraFfiX Wrote: If you were the ISP there are any number of ways to kill a config like that, perhaps start enforcing expiry dates, co-signing, or dynamic generation.

Here's an idea. Use a provisioned modem, running Haxorware or other to grab and download its current config file to a PC. Upload that same config file to that same modem to save it to the list of configs available to push, like we used to could do pre/security that disabled that Haxorware push; now that you have it uploaded and saved as an available config to choose, select this config file, which is the same as the one that your modem is currently using, then select BPI+Bypass, save and restart. See if that answers any questions for you.. Should your modem come back online or should it continue into a boot-loop.. (Some statements are redundant for clarity).
(Some statements are redundant for clarity).
Reply
#6
There are sooo many ways available to them. New security implemented a standalone tftp cfg server that only takes orders from the cmts. The cm has no access to this server. That was the most effective security that they implemented IMHO...Once you are ripped out of your dreamy sleep in Candyland you're gonna have a really bad day! Since you can run bpi bypass try testing bpi+ and see what you need for that while security is minimal. You're gonna want to get off the force/serve tit before the ISP goes bpi+ so you're not so "suddenly fucked after 2 long great years"! lol
Reply
#7
I am on BPI +, I think my question was not clear, or I am not understanding the answer. I guess I should have asked "How does an ISP (Invalidate) a specific config. Namely the 50/5. Im guess it's much simpler than I am thinking. Maybe they just pull it from the pool.
Reply
#8
Ok. Well,yeah. that is one way. CC used to have a cfg called "showcase" When we could force EVERYONE ran a 6120 showcaser on whatever d2 cm they had. LOL. CC pulled it from the servers and renamed everything.


Your answer is going to be at cisco if you want the absolute specifics on cfg files...

I haven't been able to force/serve in over 2 years so TBQH I do not even think about cfg's anymore. CC is very set on what you can get away with and cfg's is definitely NOT one of them! Jr's little gem allows that if my info is correct, but none of my methods do!

http://www.cisco.com/en/US/tech/tk86/tk1...0f11.shtml

Poke around in this section...see what you come up with.
Reply
#9
'southernyankey1970 Wrote:http://www.cisco.com/en/US/tech/tk86/tk1...0f11.shtml

Poke around in this section...see what you come up with.

Thank You kind Sir, thats exactly the kind of info I was looking for. It's so damn boring around here I may as well read. I am also scanning for certs again, but strangely, all I ever seem to come up with nowadays is a shitload of SB5120 modems. Im guessing those are the only ones someone left the door open on.
Reply
#10
So....

get a 5120 or two off Ebay and a NT and get to it! lol. I cannot stress enough that cisco is THE source for me now. Might as well get it before they lock it down. I don't give out specific links for that...you should be able to find what you need there with minimal frustration as the site is laid out by engineers!
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)