BSR 2000 Command Reference Guide

Release 1.0

 

 

host authorization

The host authorization feature is used for security purposes on the cable network. When enabled, host authorization denies access to any hacker who tries to take or “spoof” an IP address from any legitimate user on the same cable network. A hacker takes the IP address from this user to steal their data service. The hacker accomplishes this by changing the IP address on their PC to the IP address that the DHCP server assigned to a legitimate user’s CPE. Cable operators can create static entries to deny hackers from stealing service from users. Through static entries, cable operators can manually bind the CPE MAC (hardware) and IP address to a particular cable modem. This command may be used in circumstances when DHCP is not used to assign the CPE IP addresses

The host authorization command is used to enforce the bind of the CM and CPE MAC addresses to the IP address assigned to them (statically or through DHCP). The no host authorization command disables host authorization on the cable interface.

Group Access

ISP

Command Mode

Interface Configuration mode (cable interface only)

Command Line Usage

host authorization {<mac> {cpe <mac> <prefix> cpr <mac> <prefix>}} on}

no host authorization on {<mac> {cpe <mac> <prefix> cpr <mac> <prefix>}} on}

Command Syntax

mac

the cable modem mac address in the form of

 

xxxx.xxxx.xxxx

cpe

specify customer premise equipment

mac

the MAC address of the customer premises

 

equipment (CPE) or customer premises router

 

(CPR)

prefix

the CPE or CPR’s IP address

2-12

MGBI

526363-001-00 Rev. B

Page 216
Image 216
Motorola BSR 2000 manual Host authorization, Cpe