Bugtraq mailing list archives
RE: Motorola Cable Modem DOS
From: Chris Wilson <chris () qwirx com>
Date: Tue, 12 Nov 2002 20:01:02 +0000 (GMT)
Hi Dan,
Software Version: SB3100-3.2.6-SCM-NOSHELL Hardware Version: 2 MIB Version: II GUI Version: 1.0 VxWorks Version: 5.3
I wasn't able to reproduce this on my SB3100 with version 3.2.9: root@gcc(janitor)# lynx -source http://192.168.100.1/mainhelpdata.html | head -69 | tail -5 Software Version: SB3100-3.2.9-SCM-NOSHELL<BR> Hardware Version: 1<BR> MIB Version: II<BR> GUI Version: 1.0<BR> VxWorks Version: 5.3<BR> root@gcc(janitor)# nmap -sS -p 1-1024 192.168.100.1 Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ ) Interesting ports on (192.168.100.1): (The 1022 ports scanned but not shown below are in state: closed) Port State Service 80/tcp open http 513/tcp open login (* see below) Nmap run completed -- 1 IP address (1 host up) scanned in 6 seconds root@gcc(janitor)# lynx -source http://192.168.100.1/mainhelpdata.html | head -65 | tail -1 Software Version: SB3100-3.2.9-SCM-NOSHELL<BR> root@gcc(janitor)# ping www.google.com -c 1 PING www.google.com (216.239.37.101) from 80.4.125.123 : 56(84) bytes of data. 64 bytes from www.google.com (216.239.37.101): icmp_seq=0 ttl=45 time=97.407 msec
Scanning the external (internet) IP address has no effect (this is the first time I've heard of this).
Ditto for me. * Why does this modem have port 513 open? I can connect to it, but haven't yet succeeded in getting it to do anything useful, and I don't know what's listening, but it worries me, particularly as it's open on the HFC side too, which potentially exposes customers on the same network to each other's modems. Indeed, I can connect to port 513 on 60 modems in the same subnet as mine. This might possibly be due to lack of filtering by the ISP, since my test connections to those other modems were going via my default gateway. Alternatively, perhaps I am deceived and all these connections are being routed to a spy box somewhere, maybe in an attempt to prevent customers from using rlogin =). Somehow, that idea scares me even more. Cheers, Chris. -- _ ___ __ _ / __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK | / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer | \ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |
Current thread:
- Motorola Cable Modem DOS Ryan Sweat (Oct 31)
- Re: Motorola Cable Modem DOS Juraj Ziegler (Nov 05)
- RE: Motorola Cable Modem DOS Fulton Preston (Nov 08)
- Re: Motorola Cable Modem DOS Peter Jeremy (Nov 07)
- <Possible follow-ups>
- RE: Motorola Cable Modem DOS Jeroen Kessenich (Nov 01)
- Re: Motorola Cable Modem DOS Peter Arnts (Nov 09)
- RE: Motorola Cable Modem DOS Dan Taylor Jr. (Nov 11)
- RE: Motorola Cable Modem DOS Chris Wilson (Nov 13)
- Re: Motorola Cable Modem DOS Juraj Ziegler (Nov 05)