[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A couple of questions
Peter,
You sent your message only to me instead of (this is my guess, sorry if
I am wrong) sending it only to the list. Anyway, I am re-sending it to
the list, wiht my further comments.
On Thu, 12 Feb 1998, Peter L. Peres wrote:
> On Thu, 12 Feb 1998, Dr Andy Tsouladze wrote:
>
> > On Thu, 12 Feb 1998, Daniel Baum wrote:
> >
> > > Secondly, does anyone have any personal experience of Actvnet's Internet
> > > connection system? It looks quite tempting, but I would like to know the
> > > downside before I fork out my money. Also, are there any other companies
> > > offering a similar package for a comparable (hopefully smaller) price?
> >
> > I talked to them a lot, and finally decided against going for this
> > business. My main problems with them were:
> >
> > 1. They do not promise a fixed IP. Instead, they are going to work with
> > NAT.
> >
> > 2. They close most of the ports "one way". That is, you can reach outer
> > HTTP servers tunning on port 80 but you cannot serve your Web pages on
> > using this port. Same is true for most standard ports.
> >
> > 3. They say they are going to check all user activities by analyzing
> > inbound and outbound packets. This is a bit difficult to believe but...
> >
> > 4. Installation time is two months.
> >
> > There was more but I do not quite remember the details.
> >
> > Regards,
> >
> > Andy
> >
> I have talked to them too, gotten their 10 metre account/contract
> description fax, and read the whole thing this summer. Also talked to a
> sales rep of theirs who was trying to sell actvnet representation in
> computer installation shops.
>
> I can confirm fully what Andy has said, plus the fact that they will not
> only filter packets and have a firewall that stops any incoming web
> requests, but they will enforce a NO SERVERS policy for all their users,
> so you can't even serve for actvnet customers. I don't know what the
> status of multi-player net-aware games is.
I do not play 'net games myself, but I am sure the games use ports above
1024. Actvnet cannot close these ports simply because Unix clients grab
these ports at random when they request a connection.
> Also, there are some strings attached, such as sharing a 64k line with up
> to 10 other people, or a 128k line with 30. Paying in advance for at least
> 1 year, and/or joining their shopping mall, by depositing a sum in advance
> and obliging oneself to buy for a certain sum each month.
When I talked to them the max was 5 users per 64k. However, this is not
an issue. Users will feel each other's presence _only_ if all of them do
something like ftp transfer simultaneously. This does not happen in real
life.
> I suppose that if routing is set up to funnel any request from any actvnet
> member for port 80 outwards to an extrenal gateway, you can't do nothing
> about it.
Like I said above, ports above 1024 cannot be safely closed, so one can
run an HTTP server on port 8000, and this should work fine. Of course,
you cannot run SMTP server this way... But even then, you cannot do
any real work if your IP changes. Even if you run your computer 24/7,
NAT can force disconnection after a certain time of inactivity. On the
other hand, one can ping Actvnet server every 10 min from cron, thus
simulating life ;-)
> >From other cable provider deals abroad, it seems that they enforce their
> policies *very* promptly and will not just terminate anyone caught
> (including innocent users whose email addresses were used for spam
> propagation - at least one case in the US last year), but will keep you
> off *permanently* and apparently set up some sort of blacklist system
> against caught people, which means that getting in with another cable
> provider may be impossible. (source: usenet archives).
One more detail I recall. Actvnet does not allow to use more than one
computer, to say nothing of connecting several PCs via a Linux box. They
said they would check it constantly. However, how they can
_conclusively_ detect extra computers behind a properly firewalled Linux
is beyond me. There are ways to do it inconclusively though.
Regards,
Andy
Dr Andy Tsouladze
Unix System Administrator
Motorola Communications Israel
mailto:andyt@mcil.comm.mot.com
mailto:andy@spl.co.il (old)
mailto:andy@environment.negev.k12.il
http://www.spl.co.il/~andy