Nathan,

in a former life i was a head-end engineer for COX out in VA. Basically the way 
the system works is the cable modem will signal over the wire to the CMTS. The 
CMTS will give said modem an IP query the billing system for a MAC match on an 
account, then a node match. (this prevents people from taking their cablemodems 
to a neighbors house a couple miles away and using the service). the modem will 
then query for a configuration package. The config file is sent via tftp to the 
modem based on the level of service subscribed. keep in mind all this is done 
unencrypted. If you were able to get the RF side of a DOCSIS modem to become 
promiscuous you could see all traffic on the cablemodem network for that node. 
It is in no way secure and really there is nothing you can do about it besides 
using secure protocols. 

now there are a couple other things to look at. If the splitter on the 
cablemodem was a single leg GZH splitter only one leg of that splitter could 
carry the signal for a cablemodem to obtain block sync. Another measure you 
could take is to request a hi-pas filter on the video side of the splitter. the 
hi-pas filter is something we used to keep the people who were going to compUSA 
and hacking cablemodems off the system. This filter (or trap) blocks the 
frequency range over the wire that the cablemodems use to communicate. 

Hope this helps. 

Vinny





On Thursday, April 02, 2009, at 02:42PM, "Nathan Sweaney" 
<[email protected]> wrote:
>I just received a question that I can't answer.  A customer has a cable
>internet service with COX that has only been used for internet.  The
>modem and all other networking equipment is locked away so that no one
>has access to it.  They've decided that they'd also like to have a TV in
>a public area for visitors to watch.  COX says to just add a splitter in
>front of the modem & run a cable to where they want it.  The crazy thing
>is that the customer actually considerd the security implications and
>asked ahead of time.  
> 
>So my question is, if an intruder had uninhibited access to the coax
>that was split off upstream from the cable modem, is there anything they
>can do with it?  I've been told by COX that it won't interfere with the
>connection and that adding a second modem to the connection wouldn't
>work because it wouldn't be setup on their end.  However my bigger
>concern is the potential to intercept traffic.  
> 
>I know from past experiences that if you plug your coax into your VCR or
>satellite the wrong way you can actually deliver content to your
>neighbors (or at least cause a lot of interference), so that suggests
>that the connection doesn't just flow one-way.  So can the
>coax-splitters determine which way traffic is supposed to be flowing?  
> 
>I understand that even if it's "possible" it may not be easy or likely,
>but this network is used for processing credit cards so I want to make
>sure I have a complete answer.
> 
>Any information or resources on this would be appreciated.
> 
>Thanks
> 
>- Nathan Sweaney
>
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Reply via email to