DUX COMPUTER DIGEST

 

Site Search

Site Info

Home » Forums » Forum Archives » Networking and Internet Sharing » Topic # 446

SMC Barricade and SB3100
nkoebel Dec-09-00 09:55 PM
I just had cox@home cable modem installed. It is a Motorola SB3100. Since I am sharing the internet with 2 PC's I bought the SMC Barricade. The Motorola manual says to hook the modem to a hub with a crossover cable. Since I did not have one handy and figured that the crossover cable was for a hub and sharing by getting another IP from Cox, I just used a straight thru cable and everything seems to be working fine. I can access the internet from both PC's.
Did I do good? or should I still use a crossover cable?
By the way...I purchased the Barricade due to the posts praising it here and also because it was cheaper than the Linksys and had the printer port. I got it from Buy.com for less than $100.

1. RE: SMC Barricade and SB3100
lbyard Dec-10-00 06:22 PM
In response to message 0
You did well. The barricade WAN interface is the same as a PC. A straight thru cable works because the MODEM performs a crossover function. A hub (or Barricade LAN port) also performs a crossover function. If both interfaces do a crossover the net effect is to cancel each other, and a crossover cable is needed to connect Ethernet Transmitters to Receivers. If one interface does a crossover, than a straight thru cable is required. See http://duxcw.com/digest/Howto/network/cable/cable5.htm for a diagram. Larry

2. RE: SMC Barricade and SB3100
nkoebel Dec-11-00 01:43 AM
In response to message 1
Thanks for the info Larry. I figured that was the case but did not know for sure as I could not pull up any information on the Surfboard modem.
Norb

3. RE: SMC Barricade and SB3100
yayo Jan-26-01 04:40 PM
In response to message 2
I have the same modem. Go to IP 192.168.100.1 and you'll see the status page for your surfbaord modem.

Check this URL:

http://www.duxcw.com/digest/Reviews/Modems/cable/sb2100D_2.htm

I know it's for a different modem, but I tried it on the 3100 and it worked.


4. RE: SMC Barricade and SB3100
lbyard Jan-26-01 06:26 PM
In response to message 3
I have it set-up as the home page on our network. Larry

5. RE: SMC Barricade and SB3100
albutler Jan-28-01 05:16 AM
In response to message 4
Larry,
OK, I have the same setup here at home. What about the security of the Barricade Firewall?

Has anyone tested it? Good! Bad or indifferent??

Come on you fellow security ghosts, What do you think of the firewall vs BlackIce or Zone Alarm?

Thanks,

Snapshot


6. RE: SMC Barricade and SB3100
lbyard Jan-28-01 07:48 AM
In response to message 5
I tested it at Shields Up (http://grc.com/x/ne.dll?rh1ck2l2). I just did it again to obtain information for the record. Results follow:

"Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

Port Probe attempts to establish standard TCP/IP (Internet) connections on a handful of standard, well-known, and often vulnerable Internet service ports on YOUR computer. Since this is being done from our server, successful connections demonstrate which of your ports are "open" and actively soliciting connections from passing Internet port scanners.

Port Service Status Security Implications

21 FTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
23 Telnet Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
25 SMTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
79 Finger Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
80 HTTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
110 POP3 Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
113 IDENT Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
139 NetBIOS Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
143 IMAP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!
443 HTTPS Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!

If all of the tested ports were shown to have stealth status, then for all intents and purposes your computer doesn't exist to scanners on the Internet!
It means that either your computer is turned off or disconnected from the Net (which seems unlikely since you must be using it right now!) or an effective stealth firewall is blocking all unauthorized external contact with your computer. This means that it is completely opaque to random scans and direct assault. Even if this machine had previously been scanned and logged by a would-be intruder, a methodical return to this IP address will lead any attacker to believe that your machine is turned off, disconnected, or no longer exists. You couldn't ask for anything better."

Pretty stealthy, I would say. Larry


7. SMC Barricade and Shields UP
yayo Jan-28-01 01:53 PM
In response to message 6
I tried the Shields UP test but got different results. I had to download the IP Agent to identify the machine. It then came back with the message:

If our IP Agent brought you directly to this page, without offering you a choice of IP's, your machine has only this single private IP address and it is invulnerable to outside discovery, connection, and attack.

How do you get shields up to test the dynamic IP address assigned to the barricade?


9. RE: SMC Barricade and Shields UP
lbyard Jan-28-01 07:52 PM
In response to message 7
I did that also. Larry

15. SMC Barricade 7004BR Stability Test
yayo Jan-30-01 12:56 PM
In response to message 6
Well, my barricade has now been up for 36 hours solid. This is a first since I purchased the router. The only change that I have made which affected this performance was to route port 113, the IDENT port, to a non-existent IP address behind the barricade. Prior to this, the IDENT port was closed but not stealth check:

http://www.smc.com/smc/common/barricade_faq.cfm#20

Although the router's sevice pages at 192.168.123.254 are still sluggish when I access them first time in the morning, and though I still get partial pages served up from time to time, The server no longer hangs and I can get the complete pages served up by clicking the refresh button a couple of times. I have not had to reboot the router again which is great news.

I think I left a false impression earlier, that the problems with the router began with V1.90E of the firmware. Actually, prior to the firmware update the router was only staying up for a few minutes before having to reboot. After updating to V1.90E the router stayed up for hours before hanging, and now that I've hidden port 113 its staying up for a day and a half (and counting).

The only test left to do is to unhide port 113 again and see if the crashes return. I will try that test next weekend after I see how many more days the router can stay up under present conditions.

I'll post a follow up next week.


8. SMC Barricade and SB3100, Stability Problems
yayo Jan-28-01 02:12 PM
In response to message 4
I'm having stability problems with the Barricade and it's latest firmware, V1.90E. The router seems to go into the ozone after a few hours of service. The first sign of distress is that the Barricade service page at 192.168.123.254 becomes sluggish and unresponsive. I ping the IP address and it drops packets, sometimes one, sometimes all four. It also serves partial/broken status pages. If I manage to get the login portion of the web page to display, I can usually log in and reboot the router and it recovers its sanity (for a few hours more). If I wait too long, I lose complete contact with the router, requiring a power down cycle to get its attention. This morning I caugh it while it was still in its slugish state. I noticed that It had lost the connection to outside web, but otherwise it was still working. I pinged the surfboard at 192.168.100.1, and it also responded. I powered down the modem for the requisite 30 seconds, reconnected the modem and got all green lights. The Barricade, however, still said that it could not re-establish a connection. I rebooted the Barricade, and all-of-a-sudden everything was working fine.

Is anyone else having these kinds of problems?


10. RE: SMC Barricade and SB3100, Stability Problems
lbyard Jan-28-01 08:08 PM
In response to message 8
Maybe. I downloaded the firmware a few days ago and have had to power-cycle the Barricade two or three times since then. Before that, the Barricade would go weeks, 24-hours a day without a problem. I have not seen any packet drops. I am using the SB2100D cable MODEM on a one-way cable system (dial-up uplink, cable downlink), which has always had disconnect problems. It drops the connection two or three, maybe four times a day. It does it when the Barricade is not connected. Because of the flaky cable system, I have not yet determined that my Barricade or the firmware is at fault, and it may not be. Also, I use Microsoftís site very often and they have been having hacker and other technical problems. Today, everything has been working OK so far and the Barricade ran all day yesterday and all night without a problem. I would try downloading and reloading the firmware. It may have been corrupted. Is there anyone else having problems or good luck with V1.90E? Iíll take this problem to SMC if necessary. Larry

11. SMC Barricade stealthiness
yayo Jan-28-01 11:35 PM
In response to message 10
Thanks for the reply. I'm trying a different tack today. I remembered that port 113 of the barricade is not stealth, meaning that port scanners on the outside can tell there's a machine at the IP address, but is not taking any calls. Following the advice on the SMC FAQs, I'm routing port 113 to a non existent IP address. I tested with shields UP and it now says my IP address is totally stealth. This is on the hunch that my system may be the target of a D.O.S. attack (Once they know you're there, they can ping you to death). I'll see if it makes any difference.

I got a reply back from SMC to my earlier plea for help. They claim the stability problem is unique to my system, therefore it's probably a bad network card causing chatter behind the barricade. If the barricade goes down again tonight, I'll start disconnecting portions of the network to see if indeed there's a particular node that's causing the problem.

I'll post the results.


12. RE: SMC Barricade stealthiness
albutler Jan-29-01 04:10 AM
In response to message 11
Larry & yayo,
Those were Great tests results. I have also updated to V1.90E but it runs 24/7 for me with no problems. I use 3com eithernet III 10/100 cards all the way with no slowdowns.
Again many thanks for running the firewall test.

Snapshot


13. RE: SMC Barricade and SB3100, Stability Problems
yayo Jan-29-01 12:45 PM
In response to message 10
Well, after re-routing port 113 to a non-existing IP address, and checking with Shields UP to make sure that all ports were stealth, my barricade stayed up through the night and was perky and responsive this morning. This does not prove that the problem was caused by an outside attack, but it is compelling circumstantial evidence.

Lary, I noticed in your prior message that your test with Shields Up showed that port 113, the IDENT port, was stealth. Did your barricade come up that way, or did you also have to change server settings to hide that port?

Several things bothered me about the reply I got from SMC to my plea for help.

1).- Their explanation that the problem could be caused by a chattering network card behind the barricade generating corrupt packets, is to my way of thinking an admission that the barricade is vulnerable to corrupt packet attacks. Microsoft recently posted an update for Windows95/98 to protect against this kind of attack. "Malformed IPX Ping Packet Vulnerability -August 3, 2000". Depending on the pedigree of the TCP/IP S/W running inside the barricade, it could be subject to the same problem.

2).- If the barricade can't tolerate corrupt packets from a chattering network card, it likely can't tolerate corrupt packets coming from the web either.

3).- There are two points to each network connection, one in the PC network card, and the other inside the network switch. Therefore, SMC's conclusion that the problem is on the PC card, and not in the router, is premature.

I'll post again if the situation changes, but for the moment it looks like the barricade is stable now.


14. RE: SMC Barricade and SB3100, Stability Problems
lbyard Jan-29-01 06:19 PM
In response to message 13
I am not doing anything with ports... I do have the Barricade setup to clone my network adapter's MAC address. My ISP's configuration of the cable MODEM requires it. I have not had any Barricade problems since my last post. Oh, yes, I can believe, I think, the bad network adapter logic, but why would that all of a sudden happen right after a firmware upgrade? I donít see where the Barricade would be any less robust than any other box with an Ethernet capability. Itís done with a chip. I wouldnít worry about. If my Barricade were having problems with packets, I would certainly know it and it would have found its way to the trash can a long time ago. Larry

16. RE: SMC Barricade and SB3100, Stability Problems
iamjemhadar Jan-30-01 10:13 PM
In response to message 14
I called SMC technical support last night regarding firmware 1.90E and problems with "wrong password" error message I was getting trying to install the firmware. Well the Tech said that I should not upgrade to 1.90E because of problems with the web service page and that I should wait a couple of weeks for the new firmware update to come out. Hopefully the forthcoming version will fix things.

17. RE: SMC Barricade and SB3100, Stability Problems
yayo Jan-31-01 12:22 PM
In response to message 16
Thank you, thank you, thank you!

This fits very well with what I'm seeing. I'm able to go out on the web, but as soon as I go to the reouter's server pages, the problems begin. Partial pages are served, response is extremely sluggish, and eventually the router crashes. After staying up for almost two days, my router went down last night forcing a power cycle.


18. RE: SMC Barricade and SB3100, Stability Problems
lbyard Jan-31-01 03:41 PM
In response to message 17
My Barricade with v. 1.90E of the firmware has been running for days without a problem. Speed is excellent, no partial pages. What I thought might be a Barricade problem last week, apparently was not. Larry

19. RE: SMC Barricade and SB3100, Stability Problems
yayo Feb-05-01 11:58 AM
In response to message 18
My Barricade stays up for days too, so long as I avoid the Barricade's administration pages. As soon as I bring up the administration pages to look at the log or check the DHCP tables etc., all ##### breaks loose. The partial pages that are served are the administration pages only. The stuff from the web looks fine.

20. RE: SMC Barricade and SB3100, Stability Problems
lbyard Feb-05-01 04:43 PM
In response to message 19
I have not seen that problem. Admin pages work just fine on my Barricade with R1.90e. Larry

21. RE: SMC Barricade and SB3100, Stability Problems
yayo Feb-05-01 06:27 PM
In response to message 20
Just got off the phone with SMC Technical support. They confirmed that there is a problem with the server pages on V1.90E, and that they are working on it and expect to release an update "in the next few weeks". Tech support confirmed that they are getting a lot of calls on this problem, but also said that not all systems are necessarily affected. I asked about a firmware roll-back, but tech support indicated they stopped doing a roll-back to an earlier firmware because in some cases installing the old firmware over the new made things worse rather than better. The tentative designation for the next firmware release is V1.90H

I am glad that your system was not affected by the V1.90E upgrade, but the problem is real and some of us are experiencing problems.

Yayo


22. RE: SMC Barricade and SB3100, Stability Problems
lbyard Feb-05-01 07:09 PM
In response to message 21
Maybe it is because I am using a one-way cable system, but I do not see how that would be a factor. It could also be because I may have an older version of the hardware.

An asideÖ My Son (http://fat2sday.com/) and I ran the LAN and phone cables (using CAT 5 cable from a small punch-down block for three phone lines) for my Son's office and my Wife's office yesterday (yes, we have three people and three home offices in our home). I am out in a converted garage (office and shop) with the Barricade, cable connection, and NT server. My son is about 100 cable feet away in the basement, and my Wife's office is in one of the bedrooms on the first floor at the same end of the house as my Son. We had to run the LAN cables through the basement, through an adjoining crawl space, up through a closet to the attic above the house, through the attic above the breezeway between the house and our 3-car garage, into through the attic above the 3-car garage, down from the attic and through the wall of the 3-car garage to my converted 2-car garage, which is behind it. At my end the cable plugs directly into the Barricade. At the other end we have a surface-mounted box (Cannel Master Surface Housing Model 7305) with a faceplate with four RJ11/RJ45 cutouts for the LAN jack and three RJ11 jacks for the phone lines. Connected the cables to the jacks, put an RJ45 plug on my end of the LAN cable, plugged-in the LAN cable, spent a few minutes installing a D-Link 530TX+ NIC and network software, checking the LEDs on the NIC and Barricade, and setting-up shortcuts to the Barricade and cable MODEM. Everything went well except I had redo the phone jacks because I had polarity backwards (thanks, Rob). The LAN worked right away without a glitch. Guess I had better finish my Wife's hookup today if I want supper. Larry


23. RE: SMC Barricade and SB3100, Stability Problems
yayo Feb-05-01 08:43 PM
In response to message 22
Maybe you're right, it could depend on what firmware is installed on the Barricade when installing V1.90E on top of it. It could be that it works going from 1.90 to 1.90E, but not directly from an older firmware version (or vice-versa)

Also an aside. I have an SB3100 modem connected to the barricade. From the Barricade I have one PC connected directly, the second line goes to a wall plug. From there to the basement where I have a Dlink DSS-5+ installed in the basement. From the DSS-5+ there two connections going to upstairs bedrooms, one is a 50ft run, the other a 30ft run. A third connection from the Barricade goes to an Orinoco RG-1000 wireless gateway configured as a pass through switch, with DHCP and NAT disabled. From the RG-1000 I have one wireless link to an Orinoco silver card on an ISA adapter plugged to my old 100Mhz Aptiva in an upstairs bedroom that is not yet accessible via hard line (to get to it I will have to wire via the attic and I'm tired of drilling holes and fishing wires :<) The one thing I was not able to do was configure the modem on the Orinoco RG-1000 to access those sites at AT&T Worldnet that are only accessible when you log on directly to that ISP. I finally gave up and discontinued my service to Worldlnet and kept just the Roadrunner service via cable modem.


25. Network Home Run Location
lbyard Feb-05-01 09:27 PM
In response to message 23
Quite a setup! I thought of putting the barricade and cable MODEM down in the basement near my Son's office. The cable TV enters the house there. And, later, I thought of putting a DSS 5+, which I have, down there after having the RG6 coax cable run all the way out to the 2-car garage. I decided to put the cable MODEM out here because it drops-out 3 or 4 times a day and many times I canít get at it with the browser interface (not a Barricade problem), and I didnít want to run all the way down to the basement to power cycle it. The cable company ran the cable through the basement, crawl space, attic, etc. at no charge. I decided to run more cables directly from the Barricade instead of one cable to the DSS 5+ because I didnít want to leave both the Barricade and DSS 5+ on all of the time. It was more work running more cables, but it is done, shouldnít have to be repeated, and I can control everything from my office where I spend most of the day. So, contrary to what many books, etc. recommend, the location of the home run closet, hub, etc. may not always the best physical location, but rather the best location for monitoring and maintenance. I never did like the closet idea for small networks anyway. Let me see those LEDs blinking... Larry

26. RE: Network Home Run Location
yayo Feb-06-01 01:34 PM
In response to message 25
I forgot to mention that the Barricade, the Orinoco RG-1000, the Cable modem, and a surge protected power strip are all installed on the underside of a large oak table that I use as the work desk for the downstairs PC in the family room. They are held in place by Z-brackets banged to the right shape using hammer and table vise. So all of the blinking LEDs and power switches are visible on the underside of the table. The DSS 5+ on the basement I don't worry about. I haven't had a problem with it since I installed a surge protector there too (I fried it's predecessor during a lightning storm). I have become a great believer in surge protection since that incident.

I saw a recent SMC announcement of a combination router/switch/ and wireless access point:

http://www.smc.com/smc/data_sheets/7004WBRds.pdf

If I had waited a little longer, I could've used this instead of the Orinoco RG-1000 and SMC7004BR combination. Oh well.


| Home | Guides | How to | Reviews | Online Store | FAQ | Forums | Forum Archives |
| Links | News | Newsletter | About Dux | Advertising | Contact Info | Privacy |