I think the cable modem service Road Runner, at least in Rochester, NY,
implements a similar schema. A sniff on my firewalls external NIC shows
nothing but local traffic.
This by no means stops people from trying my box any ways, but at least it
they can't see it in network neighborhood.
On the other hand a friend of mine in NYC uses optonline.net and a sniff on
his packet filters external interface shows LOTS of traffic, including IPX
stuff and 10.x.x.x, uggh.
Thus I use an old 486/50 as a packet filter.
Chad
At 05:52 PM 7/12/99 -0400, Laris Benkis wrote:
>I think you may have a bit of difficulty sniffing a cleartext password on
a typical (whatever that means) cable modem segment. To use a specific
example which I am familiar with, LANCity cablemodems are learning bridges,
therefore the only traffic you will see coming to you from the modem will
be broadcast traffic on the segment and unicast traffic to your PC. To see
all the unicast traffic on the segment which will contain all the
interesting cleartext passwords you would have to either hack into the
modem or decode the RF signal on the coax. Not impossible perhaps, but
certainly not as trivial as you suggest. My impression is that most people
think a cablemodem is a fancy ethernet repeater, this is not the case.
>
>Depending on the capabilities of the cable modem being used there are
things the cable operator can do to reduce a subscriber's exposure. Again
a specific example, on Rogers@Home the LANCity modems are configured to
block UDP 137 & 138, giving naive users a bit of protection.
>
>Laris
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
