PaulDotCom mailing list archives
security concerns with cable splitters
From: vlape at me.com (Vincent Lape)
Date: Fri, 03 Apr 2009 13:04:52 -0400
Nathan, in a former life i was a head-end engineer for COX out in VA. Basically the way the system works is the cable modem will signal over the wire to the CMTS. The CMTS will give said modem an IP query the billing system for a MAC match on an account, then a node match. (this prevents people from taking their cablemodems to a neighbors house a couple miles away and using the service). the modem will then query for a configuration package. The config file is sent via tftp to the modem based on the level of service subscribed. keep in mind all this is done unencrypted. If you were able to get the RF side of a DOCSIS modem to become promiscuous you could see all traffic on the cablemodem network for that node. It is in no way secure and really there is nothing you can do about it besides using secure protocols. now there are a couple other things to look at. If the splitter on the cablemodem was a single leg GZH splitter only one leg of that splitter could carry the signal for a cablemodem to obtain block sync. Another measure you could take is to request a hi-pas filter on the video side of the splitter. the hi-pas filter is something we used to keep the people who were going to compUSA and hacking cablemodems off the system. This filter (or trap) blocks the frequency range over the wire that the cablemodems use to communicate. Hope this helps. Vinny On Thursday, April 02, 2009, at 02:42PM, "Nathan Sweaney" <NSweaney at tulsacash.com> wrote:
I just received a question that I can't answer. A customer has a cable internet service with COX that has only been used for internet. The modem and all other networking equipment is locked away so that no one has access to it. They've decided that they'd also like to have a TV in a public area for visitors to watch. COX says to just add a splitter in front of the modem & run a cable to where they want it. The crazy thing is that the customer actually considerd the security implications and asked ahead of time. So my question is, if an intruder had uninhibited access to the coax that was split off upstream from the cable modem, is there anything they can do with it? I've been told by COX that it won't interfere with the connection and that adding a second modem to the connection wouldn't work because it wouldn't be setup on their end. However my bigger concern is the potential to intercept traffic. I know from past experiences that if you plug your coax into your VCR or satellite the wrong way you can actually deliver content to your neighbors (or at least cause a lot of interference), so that suggests that the connection doesn't just flow one-way. So can the coax-splitters determine which way traffic is supposed to be flowing? I understand that even if it's "possible" it may not be easy or likely, but this network is used for processing credit cards so I want to make sure I have a complete answer. Any information or resources on this would be appreciated. Thanks - Nathan Sweaney
Current thread:
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Josh Olson (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Chris Merkel (Apr 02)
- <Possible follow-ups>
- security concerns with cable splitters Vincent Lape (Apr 03)