<div dir="ltr">This should be an interesting read. Thanks Lisa!</div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Nov 28, 2014 at 3:06 PM, Lisa Kachold <span dir="ltr"><<a href="mailto:lisakachold@obnosis.com" target="_blank">lisakachold@obnosis.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">In most of Cox Arizona DOCSIS 3.0 is has not been completely implemented.<div><br></div><div>For these reasons a great many security issues still exist in the MTS Provisioning Process.</div><div><br></div><div>For an overview of these threats, check out:</div><div><br></div><div><a href="http://books.google.com/books?id=75sp98IBgSoC&pg=PA100&lpg=PA100&dq=spoofing+dhcp+cable+modems&source=bl&ots=MfValJKgUs&sig=HO5ukCdk0JyTeLe3mK_aLcEu6_g&hl=en&sa=X&ei=Ze14VJegI4WrjAKW34GYCw&ved=0CDcQ6AEwBDgU#v=onepage&q=spoofing%20dhcp%20cable%20modems&f=false" target="_blank">http://books.google.com/books?id=75sp98IBgSoC&pg=PA100&lpg=PA100&dq=spoofing+dhcp+cable+modems&source=bl&ots=MfValJKgUs&sig=HO5ukCdk0JyTeLe3mK_aLcEu6_g&hl=en&sa=X&ei=Ze14VJegI4WrjAKW34GYCw&ved=0CDcQ6AEwBDgU#v=onepage&q=spoofing%20dhcp%20cable%20modems&f=false</a><br></div><div><br></div><div>Anyone running a cable modem in diagnostic mode will see MTS information and TFTP source, and from there be able to recreate the provisioning process packets, spoof source addresses, etc. </div><div><br></div><div>Disclaimer: <i>It's not recommended that you actually try any of these concepts or exploits (2600 group has old tools that demonstrate these security issues) outside of your own cable network lab.</i></div><div><div><br></div><div>Happy ThanksGiving!</div><span class="HOEnZb"><font color="#888888">-- <br><div><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8000001907349px"><a href="tel:%28503%29%20754-4452" value="+15037544452" target="_blank">(503) 754-4452</a></span></div>**<br><a href="http://it-clowns.com" target="_blank">it-clowns.com</a><div><br></div></div></div></div></div>
</font></span></div></div>
<br>_______________________________________________<br>
Plug-security mailing list - <a href="mailto:Plug-security@lists.phxlinux.org">Plug-security@lists.phxlinux.org</a><br>
To change settings or unsubscribe:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-security" target="_blank">http://lists.phxlinux.org/mailman/listinfo/plug-security</a><br>
<br></blockquote></div><br></div>