System information
BSR 64000 Configuration and Management Guide
6-6
Enabling Host Authorization for All CMs
The host authorization feature is used for security purposes on the cable network.
When enabled, host authorization denies access to any hacker who tries to take or
“spoof” an IP address from any legitimate user on the same cable network. A hacker
takes the IP address from this user to steal their data service. The hacker accomplishes
this by changing the IP address on their PC to the IP address that the DHCP server
assigned to a legitimate user’s CPE.
Follow these steps to enable the host authorization feature:
1. Enter the cable interface on which host authorization is enabled.
2. Use the host authorization on command in Interface Configuration mode to
enforce the bind of the CM and CPE MAC addresses to the IP address assigned to
them (statically or through DHCP), as shown below:
MOT(config-if)#host authorization on
3. To view all entries in the ARP authorization table, use the show host
authorization command in Interface Configuration mode, as shown below:
MOT(config-if)#show host authorization
Disabling Host Authorization for All CMs
Use the no host authorization on command to disable host authorization on the cable
interface.
Creating a Static Host Authorization Entry for a Specific CM
Cable operators can create static entries to deny hackers from stealing service from
users. Through static entries, cable operators can manually bind the CPE MAC
(hardware) and IP address to a particular cable modem. This command may be used in
circumstances when DHCP is not used to assign the CPE IP addresses.
Note: The host authorization feature is turned off by default.