[Plug-security] Cable Networks: DOCSIS and MTS Security

Carter Hollingsworth tr13dg3001 at gmail.com
Fri Nov 28 15:08:08 MST 2014


This should be an interesting read. Thanks Lisa!

On Fri, Nov 28, 2014 at 3:06 PM, Lisa Kachold <lisakachold at obnosis.com>
wrote:

> In most of Cox Arizona DOCSIS 3.0 is has not been completely implemented.
>
> For these reasons a great many security issues still exist in the MTS
> Provisioning Process.
>
> For an overview of these threats, check out:
>
>
> http://books.google.com/books?id=75sp98IBgSoC&pg=PA100&lpg=PA100&dq=spoofing+dhcp+cable+modems&source=bl&ots=MfValJKgUs&sig=HO5ukCdk0JyTeLe3mK_aLcEu6_g&hl=en&sa=X&ei=Ze14VJegI4WrjAKW34GYCw&ved=0CDcQ6AEwBDgU#v=onepage&q=spoofing%20dhcp%20cable%20modems&f=false
>
> Anyone running a cable modem in diagnostic mode will see MTS information
> and TFTP source, and from there be able to recreate the provisioning
> process packets, spoof source addresses, etc.
>
> Disclaimer:  *It's not recommended that you actually try any of these
> concepts or exploits (2600 group has old tools that demonstrate these
> security issues) outside of your own cable network lab.*
>
> Happy ThanksGiving!
> --
> (503) 754-4452
> **
> it-clowns.com
>
>
> _______________________________________________
> Plug-security mailing list  -  Plug-security at lists.phxlinux.org
> To change settings or unsubscribe:
> http://lists.phxlinux.org/mailman/listinfo/plug-security
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-security/attachments/20141128/80aa4f30/attachment.html>


More information about the Plug-security mailing list