RE: Newspaper Article about Cable Modem security / Solutions?

[Jeff B Boles <jboles () libfungrp com>]

I hate to bring this thread up again since the dead horse has already been
bludgeoned beyond recognition -- but I'm curious if anybody else has noticed
fairly extensive visibility of this issue to consumers?  During the past
couple of weeks since this came up on this list, I've encountered 5
different people/families (including relatives), pretty much novices, that
have encountered this article and decided not to pursue cable/dsl access.
Considering how few people (other than my wife) I have regular discussions
with, I'm well amazed by the sudden visibility of the issue.  Further amazed
that there seem to be no 'good' solutions for home users, i.e. under $200
solutions.  Not a market I think much about, but other than the ISP ethical
issues, I'm not sure that there was anything in the way of a good solution
generated via this discussion?  The barely win9x savvy folks in this market
certainly aren't capable of supporting a linux box, aren't amused by my
recommendations for pix/fw1/etc, find some emerging products such as the
beadlenet box too expensive even at $300, and I've yet to find a two user
shareware proxy such as wingate acceptable.  Searching the history of this
discussion I see no recommendations for better solutions.  What are list
members currently using on DSL/cable setups?  We come in through the
corporate network (still happy with Texas flat rate ISDN), so this has never
been a personal issue.  Anyone encountered better products for the average
home user?

Seems I can get some cheap ISDN 'routers' capable of doing basic NAT (i.e.
don't some older ISDN ascend pipeline units support NAT?), even this would
satisfy some.  Anything similar available in DSL/cable units? - West Texas
guy is ignorant of DSL/cable given recent arrival in this 'third world'
market.



> -----Original Message-----
> From: Holger Heimann [mailto:hh () it-sec de]
> Sent: Tuesday, November 09, 1999 3:40 AM
> To: firewall-wizards () nfr net
> Subject: Re: Newspaper Article about Cable Modem security 
>
>
> I just loosley followed the discussion, because we've already been
> demonstrating the thread even for users of conventional 
> modems using dial-in
> ISPs (with changing IPs) in 1998. I wondered what's new with this.
>
> Since then we offer a free little online "Netbios 
> vulnerability check" which
> should be suitable for cablemodem users also, I think it's 
> time to throw it
> in now:
>
>     http://www.it-sec.de/vulchke.html
>
> We did a survey in 1998 where we found more than 12 percent 
> of the people
> using dial-in ISPs and having file sharing enabled offering 
> their disks to
> the world. By using hashes over the service characteristics a 
> computers
> shows to the net, we were even able to recognise computers, 
> when they dialed
> in again and got a different IP number.
>
> Highlight: a police department's disk ad no passwords, was 
> even writable and
> connected to the internal network.
>
> so long,
> Holger
>
> -----Ursprüngliche Nachricht-----
> Von: Steven Osman <sosman () terratron com>
> An: <firewall-wizards () nfr net>
> Gesendet: Montag, 8. November 1999 14:46
> Betreff: Re: Newspaper Article about Cable Modem security
>
>
> > Saso, and everyone on this thread...
> >
> > One thing that the ISP invonving themselves in security CAN gain is
> this...
> > Lawsuits galore!
> >
> > If you claim to help secure people's networks -- better do 
> a good job of
> it.
> > If you do a half-ass job (which is what the ISPs will be 
> able to do at
> > best), people will eventually get hacked, and go to their ISPs for
> answers.
> > One of the wonderful things about living in the United 
> States is the legal
> > system and how easy it is to sue someone.  You can sue them 
> even if your
> > contract explicitly said you don't hold them liable for security
> violations.
> > Nobody said you'll win every time, but if you don't, it 
> will sure be one
> > hell of a headache for the ISP.
> >
> > Furthermore, this issue of liability raises an interesting 
> point.  Which
> ISP
> > would YOU choose:
> >
> > 1. I'll filter out some things you can do with your 
> internet connection.
> If
> > you get hacked, don't look at me
> > 2. I will let you do anything you want to with your 
> internet connection.
> If
> > you get hacked, don't look at me
> >
> > Case #1, you need to take extra steps to secure your home.  
> Case #2, you
> > need to take extra steps to secure your home.  In this 
> case, some people
> may
> > opt to "leave their options open" and go with #2.
> >
> > Steven Osman
> > Terratron Technologies Inc.
> >
> >
> > ----- Original Message -----
> > From: Saso <Saso () vsecureit net>
> > To: <firewall-wizards () nfr net>
> > Sent: Thursday, November 04, 1999 4:02 PM
> > Subject: Re: Newspaper Article about Cable Modem security
> >
> > > ISP involving themselves in security issues can't gain a 
> thing. And
> quite
> > > frankly, I don't think ISPs should do anything more than 
> they can if a
> > > customers asks them to.
> > >
> > > If a customer wants port 139 to be closed for his xDSL 
> line, why not.
> But
> > if
> > > they don't want it to, it's their own decision and they 
> should be well
> > aware
> > > of that.