Re: ISP reconfiguring cable modem?

• Previous message: Yvan Boily: "RE: ISP reconfiguring cable modem?"
• In reply to: Paul Kurczaba: "ISP reconfiguring cable modem?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 28 May 2004 21:19:13 -0400
To: Paul Kurczaba <paul@myipis.com>

Cable modems are programmed to grab a configuration file via TFTP (if
I'm not mistaken) from the HE (head end) upon gaining sync.

I work as a tech support rep for a local cable internet provider. We
shut off modems all the time for abuse such as spam, or virii infections.

We use a web-based OS to disable and enable, and reset modems. All we
do flip a switch to disable the modem, the OS writes a new config file
for that one customer to tell the modem to not transmit any traffic when
this config file is loaded onto the modem. After the config file is
ready, we send a remote command to the modem telling it to reboot, once
it reboots, gains sync, and gets the new (modified) config file it no
longer transmits any traffic in or out.

Since the modem grabs a new config file every time it sync's up to the
HE, and we have the ability to reset modems remotely.. We can disable
abusers internet traffic as needed, and not make any perm. changes to
the modem it self.. Thus if they can take their self-owned modems off
of our system while we have them disabled, plug into another cable inet
provider, and surf away because the other ISP is giving that modem a new
fresh config file when it sync's up.

Thats the basic gist of how the DOCSIS standard works, and how cable
modems don't need to be pre-configured by a cable internet provider like
some adsl modems.

The whole process is pretty secure. The point of failure would be with
the interface the employees use however, which can be exploited if the
ISP doesn't know how to secure itself properly.

-Ben

Paul Kurczaba wrote:

>On this ZDNet article
>(http://zdnet.com.com/2100-1107_2-5218720.html?tag=zdaresources), it
>mentions that to help prevent spam, comcast could remotely reconfigure the
>cable modem if it sees that user is sending out a bunch of spam. How is it
>possible to remotely configure the cable modem? Would it be a TCP/IP or
>cable signal that would reconfigure the modem? If it is TCP/IP, couldn't a
>hacker screw up the modem? If it is a cable signal, what happens if the
>cable user bought the modem at best buy or compusa (it wouldn't be ISP
>specific)
>
>-Paul Kurczaba
>
>
>
>---------------------------------------------------------------------------
>Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
>any course! All of our class sizes are guaranteed to be 10 students or less
>to facilitate one-on-one interaction with one of our expert instructors.
>Attend a course taught by an expert instructor with years of in-the-field
>pen testing experience in our state of the art hacking lab. Master the skills
>of an Ethical Hacker to better assess the security of your organization.
>Visit us at:
>http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>----------------------------------------------------------------------------
>
>
>
>
>
>

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Yvan Boily: "RE: ISP reconfiguring cable modem?"
• In reply to: Paul Kurczaba: "ISP reconfiguring cable modem?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: chaging your @home IP address... could you take a bunch ofthe m....probably... could you get som ... throttling cable modem bandwidth, though. ... Their network, last I heard, ... attempts to hack the config file and replace it with your own can ... (Vuln-Dev) Re: How to make phone call using modem in Linux ... just modify config file. ... Thang Kieu ... your modem and/or telephone host system if you want to do anything fancy. ... I have tried with minicom and looking around for some AT commands. ... (Debian-User) Re: move DSL modem and firewwall to another machine ... >I'd like to move the DSL modem to a spare, ... >modem, ... The spare machine already ... create another different config file. ... (comp.security.firewalls) Re: [SLE] wvdial instead of kinternet? ... > Until you get the permissions set you'll affect Kmail's ability to d/l ... command wvdial it states that reconnecting is disabled. ... My original config file looks like ... Modem = /dev/modem ... (SuSE) RE: A question about modem security ... Encryption is handled by the applications above the modem layer. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ... (Security-Basics)