@home

[Daniel Pfile]

BTW, my cable modem is a CyberSURFER Wave Modem. The thin dark grey one.

If this thing about only newer modems blocking port is true, that means the 
modems have the ability to block ports. There's also a web interface on 
those modems.

So it seems like the logical sane solution for cox at home, the internet, and 
the users is to:

1: Cap upstream to 256k (done, used to be good enough...)
2: Disable incomming ports for known insecure services in the cable modem
3: Allow a user to re-enable these ports with the modem's web interface
4: Disable the ability to turn on ports if the user is using a huge amount 
of bandwidth. You don't have to monitor trafic, SNMP should suffice, just 
if the user is using 90% of their upstream for 7 days solid, contact them, 
let the know the problem (a warning), if they continue, kill their ports.
-- or --
4: If the machine is reported used in a DOS/DDOS attack, block the ports to 
stop the attack and let the user know.

Not perfect, but I just woke up from a nap and I'm a bit groggy, so feel 
free to correct me.

-- Daniel