Re: KSR[T] Advisories #012: Hybrid Network's Cable Modems

[lars () BU EDU (Lars Kellogg-Stedman)]

>                      There is also another HSMP client located at:
>
>                      http://www.larsshack.org/sw/ccm/
>
>                      l0pht modified the above client and added
>                      the ability to spoof the source address, allowing
>                      for the anonymous reconfiguration of Hybrid cable
>                      modems). Their client is located at:
>
>                      http://c0re.l0pht.com/~sili/ccm-spoof.tar.gz

Howdy,

As the author of the above program, I'd like to mention -- in case Hybrid
tries to play innocent -- that I brought this to RCN's attention back in
April of this year.  The RCN folks spoke to the Hybrid folks, but as far
as I can tell nothing came of it.  I'm not sure they took the warning all
that seriously.

(RCN is a cable/cable modem/telephone provider out in here in MA [and
elsewhere in the northeast].)

After speaking with RCN about the problem, I was told that due to the
configuration of their network, the were unable to implement a block that
would be effective against machines on the same cable segment.  In this
case, port blocking offers only limited security -- even with HSMP blocked
at the organization level, it may still be possible to exploit other
security issues and gain access to a machine on your favorite local
segment and work from there.

In any case, I'm glad that someone has found my code to be...err, useful.
Be nice.

-- Lars

--
Lars Kellogg-Stedman * lars () bu edu * (617)353-5228
Department of Computer Science, Boston University