Vulnerability Development mailing list archives
Re: DOCSIS vulnerability
From: "Matthew S. Hallacy" <poptix () techmonkeys org>
Date: Tue, 12 Mar 2002 08:06:28 -0600
On Tue, Mar 12, 2002 at 11:49:22AM +0100, Rense Buijen wrote:
Maybe your posts were rejected because this is very old news. This is known for ages, I have such a cable modem and indeed you can get the config file by TFTP; decode, alter, encode and upload it, but the ISP's are not stupid and most of the time this is NOT how they cap your cable modem, they throw traffic into a packeteer or use other methods to squeeze your bandwidth.
Interesting, I did not find anything like the url below via google searches, as for the ISP's, this is how they're limiting bandwidth. I know for a fact that it's possible on AT&T's network, as well as Charter Communications. Then again, AT&T can't even figure out BGP or DNS. AT&T proudly implements the SVRP(Scenic View Routing Protocol).
All the info can be gathered by a tool like this: http://www.weird-solutions.com/_bin/bootpq.exe
It was much simpler for me, AT&T leaves the read community as 'public'.
And a simple google search shows up hundreds of articles explaining how you can "hack" DOCSIS cable modems, unfortunately (unless you have a completely clueless provider) all these tricks wont work. E.g: http://lists.wi2600.org/pipermail/2600/2001-October/008668.html
What search terms did you use?
Which dates from October 2001.
A few months after I found it =)
(I tried it but my isp squeezes on the other end of the pipe, some things that you can alter though is bypass restrictions of how many computers could be connected right into the modem)
I find it disgusting (again and again) that ISP's can be this stupid.
With kind regards, Rense
Current thread:
- DOCSIS vulnerability Matthew S. Hallacy (Mar 12)
- RE: DOCSIS vulnerability Chris Chandler (Mar 12)
- Re: DOCSIS vulnerability Matthew S. Hallacy (Mar 12)
- Re: DOCSIS vulnerability Mark (Mar 12)
- Re: DOCSIS vulnerability Matthew S. Hallacy (Mar 12)
- Re: DOCSIS vulnerability Dave Ahmad (Mar 12)
- Re: DOCSIS vulnerability Laurence Brockman (Mar 12)
- <Possible follow-ups>
- RE: DOCSIS vulnerability Rense Buijen (Mar 12)
- RE: DOCSIS vulnerability Justin Ellison (Mar 12)
- Re: DOCSIS vulnerability Rob Koliha (Mar 12)
- Re: DOCSIS vulnerability Matthew S. Hallacy (Mar 13)
- RE: DOCSIS vulnerability Justin Ellison (Mar 12)
- Re: DOCSIS vulnerability Matthew S. Hallacy (Mar 12)
- RE: DOCSIS vulnerability Chris Chandler (Mar 12)
- Re: DOCSIS vulnerability dana shetterly (Mar 19)
- Re: DOCSIS vulnerability Siegfried Loeffler (Mar 20)
- Re: DOCSIS vulnerability Adam Wheeler (Mar 21)
- Wireless device vulnerability? Meritt James (Mar 22)
- Re: Wireless device vulnerability? J Edgar Hoover (Mar 22)
- Re: DOCSIS vulnerability Rob Koliha (Mar 22)
- Wireless device vulnerability? Meritt James (Mar 22)