On Sun, Feb 08, 2004 at 05:11:05AM +0200, Micha Feigin wrote: > > The cable modem's MAC address is unique and unchangeable (as the > > standard dictates), and it's your only form of authentication (proving > > Supposedly its that way, only AFAIK hardware suppliers reuse mac > addresses.
Cheap Ethernet cards can come with reused or default MAC addresses -- yes, I've heard of those cases too. But here we're talking about a specialized class of equipment, cable modems, where every manufacturer knows the MAC serves as a trustworthy security measure (dictated by the DOCSIS standard). You can't plug one of those cheap Ethernet cards into a cable RF socket, can you? .. And the only kind of equipment which you can plug into it, is carefully made to have unique MAC addresses. > > 1. Find a security hole in the modem. Find a way to upgrade firmware > > through it. > > Can be done with a few google searches for most modems. Depending on > the modem software used in the modem can occasionally be done using > telnet if you really know what you are doing. Tell me after you actually do it (that is - find a way to upload a custom firmware and crack that firmware to change the MAC address). For example, the Motorola SB4200's SNMP-based exploit is apparently impossible in the Israeli cable network. > Are there pci cable/adsl cards (I think there are at least adsl), would > probably be easier with those. There are DVB-C cards which could, in theory, receive the downstream of the cables, but AFAIK none of them have any provision for broadcasting into the network. Anyway, I know it all in theory. Would be happy to hear anyone with practical experience. Also, there's a concept of "Internal" cable modem, in form of a PCI card, but those things are a dying breed, and aren't necessarily more hackable than external modems. > Another solution for the OP would be to invest in a modem that can do > PPTP itself (do they exist? I know PPPoE/PPPoA/Bridge do) and then the > modem would keep the connection up and all the OP would have to do is > to connect to the modem and not start the tunnel to the ISP. Cable modems tend to be simple, unlike ADSL solutions, since so much of the security relies in the modem itself protecting the net from the customer. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
