Re: CR and Cable Modems

[Michel Arboi <arboi () yahoo com>]

 --- Mike <buggin () optonline net> a écrit : 
> Is it possible for the CR worm to affect the 
> performance of a cable modem if that modem has a 
> built in web based configuration tool that is accessed 
> via a 192 static ip?

The worm could probe the modem if the web server can be accessed from
outside.  (BTW, it seems it could generate the RFC 1918 address, as it
only skips 127.*, 224.* and its own current IP)

192.168.* should not be routed to Internet, but I could see that they
are often blocked deep into the network infrastructure, far from the
end users (try a traceroute, and you may have answers from a dozen of
gateways, depending on your ISP organization)
So if the worm attacks from another customer of the same ISP, it might
reach the modem.
Source routed packets do not go very far on Internet, and cannot be
used efficiently for TCP AFAIK. (And the worm is not known to use such
a feature) 

The performance problem looks odd: if the modem blacklists the
attacker, this should only block IP in the same block as yours, not
distant servers.

Just my EUR 0.0228



___________________________________________________________
Do You Yahoo!? -- Vos albums photos en ligne, 
Yahoo! Photos : http://fr.photos.yahoo.com