BSR 2000 Command Reference Guide | Release 1.0 |
|
|
host authorization
The host authorization feature is used for security purposes on the cable network. When enabled, host authorization denies access to any hacker who tries to take or “spoof” an IP address from any legitimate user on the same cable network. A hacker takes the IP address from this user to steal their data service. The hacker accomplishes this by changing the IP address on their PC to the IP address that the DHCP server assigned to a legitimate user’s CPE. Cable operators can create static entries to deny hackers from stealing service from users. Through static entries, cable operators can manually bind the CPE MAC (hardware) and IP address to a particular cable modem. This command may be used in circumstances when DHCP is not used to assign the CPE IP addresses
The host authorization command is used to enforce the bind of the CM and CPE MAC addresses to the IP address assigned to them (statically or through DHCP). The no host authorization command disables host authorization on the cable interface.
Group Access
ISP
Command Mode
Interface Configuration mode (cable interface only)
Command Line Usage
host authorization {<mac> {cpe <mac> <prefix> cpr <mac> <prefix>}} on}
no host authorization on {<mac> {cpe <mac> <prefix> cpr <mac> <prefix>}} on}
Command Syntax
mac | the cable modem mac address in the form of |
| xxxx.xxxx.xxxx |
cpe | specify customer premise equipment |
mac | the MAC address of the customer premises |
| equipment (CPE) or customer premises router |
| (CPR) |
prefix | the CPE or CPR’s IP address |
MGBI |