1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Can I split my cable Internet signal behind the modem?

Discussion in 'Networking' started by hhannam, Aug 13, 2016.

Thread Status:
Not open for further replies.
Advertisement
  1. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick
    I learned inadvertently a couple days ago that my Internet speed increased from 70 mbs thru my hardwired router connection up to 170 mbs when I connected the computer directly to the modem. I was astonished at the scale of increase.

    My question is, could I safely split the outgoing modem signal...one line to my computer and the other to my router?
     
  2. etaf

    etaf Moderator

    Joined:
    Oct 2, 2003
    Messages:
    64,891
    First Name:
    Wayne
    no, thats whats the router is there to do
    does the router have a 1Gb spec or 100Mb spec ?
    make and model
     
  3. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick
    Hello again Wayne,

    I couldn't find the spec on my Linksys WRT 160N in the user manual, but I found a CNET review that stated it's capacity was limited to 100 Mbs

    Sorry to here that I can't bypass the enormous 100Mbs router speed reduction with a splitter. On the other hand, would it be possible to have and use a LAN for data sharing only (computer to/from printer, for instance) w/0 the Internet signal input?.....(confine the modem output to the one computer via Ethernet cable only). I would lose the wireless Internet signal feature, but I rarely use a second computer or need the wireless capacity for more than one computer. I know I would lose my media streaming and my Roku 3 would be rendered useless, but the reality is that I don't use it anyhow.
     
    Last edited: Aug 13, 2016
  4. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,955
    Unless you are really good at security hardening any OS whether it be Windows or Linux, you're asking for some sort security breach issue. Exposing either OS, especially Windows directly to the Internet is extremely risky. That is what you are proposing to do.

    Also, a common misconception about any router or firewall is if it has 100 Mbps or 1 Gbps ports, it must be able to perform at those speeds. That is not the case. If the router/firewall were to act as a pure router just forwarding packets, then maybe it can perform at what we call in the network world as line rate. But once you add in additional complications which require that processor in that router/firewall to work harder, your performance begins to drop. When a router just routes packets, the processor has to do some route decisions which does consume some processing cycles and some memory as the route tables are either updated or examined. NAT functions can also consume processing cycles. The firewall function of a router will definitely consume processing and memory. As an example, I used to work a lot with Cisco's previous generation firewalls in their ASA line. The work horse in that lineup was the ASA 5520. That firewall has GigE ports on it but when pushed hard can only sustain 400 Mbps of throughput. That firewall was any where from $2 to 8,000 or more depending on the configuration.

    Unfortunately, many manufacturers in the SOHO segment don't openly publish performance numbers for their routers under full stress. If you do upgrade the router you have with the intention of trying to find one which can utilize all of your current ISP speed, make sure the place you buy your router from has a generous return policy.
     
  5. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick

    zx10guy - Thanks for your thorough reply. I'm a bit surprised, if not puzzled, to hear that removing of the router (and it's firewall) would present such a security risk. Unless I'm missing something here, are you not suggesting that anyone who connects to a cable modem and does not have a router is at considerably higher risk? Is it merely a matter that two firewalls is better than one? If not, from where else does the increased exposure to security breach come?
     
  6. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,955
    A modem is a layer 1 type device. All it does is to translate one type of connection to another. As an example, if you have a pure cable modem, the cable modem translates the cable signal over coax into Ethernet which is what your router accepts. Not I did not mention any routing, NAT, or firewall capabilities which are layer 3 and 4 type services. So when you connect a PC or any device directly to a pure modem, you are in essence connecting that device to the raw naked Internet. Now there are "modems" out there which do combine the traditional modem with a built in router.

    Router/firewalls are inserted between an ISP connection not only to allow more than one device to share the same circuit but to also place a firewall in between the wild wild west of the Internet and your devices. Router/firewalls are preferred for this as they are purpose built devices. The software used in these devices are typically some sort of stripped down Linux. The hardware is also optimized to do router/firewall efficiently for the given price point.

    An alternative to doing a trial and error on SOHO routers looking for one which will perform to the speeds you want is to use a purpose built firewall software such as pfsense or Astaro. These types of software just installs on a PC like you're loading a new Windows OS. You then have control over picking the hardware on which this software will run. But many people don't like to have a PC run 24/7 due to the power it uses. As an aside on this topic, many of the new business class networking products are now running with Intel x86 processors in them. So a network switch/router/firewall is really a PC with a bunch of NICs to provide physical connectivity. This is an oversimplification of what is in these types of devices such as the use of ASICs to speed up certain processing functions, but it still applies.
     
  7. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick
    Once again, thank your for another very thorough reply, but I wonder if you could come down a few technical levels for the benefit of a guy with very limited tech knowledge. For instance , it would be helpful if you could confine your reply to a brief and direct answer to my previous question "..... are you not suggesting that anyone who connects to a cable modem and does not have a router is at considerably higher risk? Is it merely a matter that two firewalls is better than one? I don't understand why the router firewall would be a superior protection to a computer firewall and other computer installed real time security software safeguards. In other words, why do you categorize a direct computer Ethernet connection to the modem as ...."you are in essence connecting that device to the raw naked Internet". Are you somehow presuming the considerable or total absence of computer installed security protections?
     
  8. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,955
    Yes, I'm saying connecting a Windows box directly to the Internet is a high risk regardless of whether you're running Windows Firewall or any other software firewall. There are two many variables which can factor in. When the desktop boots up, what exactly is the timing when that software firewall is going to come online in relation to your network connection getting established? How stable is that firewall under intentional buffer overflow attacks? Will one part of the Windows OS cause a compromise to Windows Firewall? There are many other attack modes which are made even more complicated when you're depending on a security software running on a full OS which will undoubtedly be running other applications which those apps could also have security vulnerabilities that can affect the overall effectiveness of your software firewall.

    As I said, purpose built routers/firewalls are inherently more secure than running Windows even with the built in firewall turned on. While this is something that will never happen with a SOHO router/firewall, there are industry certifications that set a baseline on how a firewall performs. One such certification is ICSA and looking on their website, I don't see anywhere that the Windows firewall has passed their testing whether it be running on Windows for the desktop or Windows Server.

    Your question about running multiple firewalls is an interesting topic and something that is probably out of scope for this discussion as to do it properly requires a good understanding of networking and the use of firewalls from different manufacturers. I run two firewalls on my home network (a SonicWall TZ400 and a Cisco ASA 5505.)
     
  9. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick
    zx10guy - To cite my question in an earlier post, "Unless I'm missing something here, are you not suggesting that anyone who connects to a cable modem and does not have a router is at considerably higher risk?" , apparently the concise answer would be "Yes". Thanks for your input. Perhaps the preferable solution would be to upgrade my router to a higher speed capacity unit in order to obtain the most increase of speed available from my provider. Appreciatively, Dick H.
     
  10. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    9,434
    The Windows firewall has holes in it by default to allow for things like Metro Apps in Win 10, File and Printer sharing, Network Discovery and others. Go to Control Panel > Administrative Tools > Windows Firewall with Advanced Security > Inbound rules to see the list of things allowed in. Whereas a router's firewall by default has none.

    In a perfect world, those items receiving inbound connections would have no security vulnerabilities, but the reality is that they have, and you wouldn't want to risk putting the Windows Firewall as a first contact point.

    If you insist on placing a Windows machine directly behind a modem, then at least set the network type to Public. That would then only enable those firewall rules which are slated to work in Public mode. Public mode is meant for situations like when your laptop is connecting to a insecure public hotspot at an airport or cafe.

    You may think that you can just disable some inbound rules, but MS has decided that PC owners don't understand security and will just re-enable those rules ( like the whole list of Metro Apps, Edge, AllJoinIn, and others like Xbox ) when it detects that the rules has changed. MS is a bit over confident when it comes to things they make. They fail to realize that security vulnerabilities will keep popping up, even though while another division in their company is busy releasing security patches for Windows on Windows Update every month.
     
    Last edited: Aug 16, 2016
  11. hhannam

    hhannam Thread Starter

    Joined:
    May 23, 2005
    Messages:
    481
    First Name:
    Dick

    Thanks for the info Luner Lander. Enhancing my knowledge is always a good thing. I should point out, however, that I don't use the Windows firewall. I've used others as well, but I'm currently using a Zone Alarm brand combo security package with their firewall.
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1176241

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice