Security Basics mailing list archives
RE: ISP reconfiguring cable modem?
From: "Yvan Boily" <yboily () seccuris com>
Date: Fri, 28 May 2004 20:04:42 -0500
You really need to read the DOCSIS standards to get a handle on how cable modems work. Most cable modems are assigned a configuration via a file transferred from a TFTP server (At least they were a few years ago...) The cable plant runs on a separate address space and is not directly addressable (if configured properly) from the computer connected to the cable modem. When you agree to the terms of service you agree to the configuration provided by the service provider. Tampering with the provided configuration settings constitutes theft of service, and is punishable by heavy fines and possibly jail time depending on where you are. For more info see http://www.cablelabs.com
-----Original Message----- From: Paul Kurczaba [mailto:paul () myipis com] Sent: Thursday, May 27, 2004 2:12 PM To: security-basics () securityfocus com Subject: ISP reconfiguring cable modem? On this ZDNet article (http://zdnet.com.com/2100-1107_2-5218720.html?tag=zdaresources), it mentions that to help prevent spam, comcast could remotely reconfigure the cable modem if it sees that user is sending out a bunch of spam. How is it possible to remotely configure the cable modem? Would it be a TCP/IP or cable signal that would reconfigure the modem? If it is TCP/IP, couldn't a hacker screw up the modem? If it is a cable signal, what happens if the cable user bought the modem at best buy or compusa (it wouldn't be ISP specific) -Paul Kurczaba -------------------------------------------------------------- ------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- ISP reconfiguring cable modem? Paul Kurczaba (May 28)
- RE: ISP reconfiguring cable modem? Yvan Boily (May 31)
- Re: ISP reconfiguring cable modem? oni () omgsoleetyes com (May 31)