REVIEW: "Hacking the Cable Modem", DerEngel

["Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>]

BKHKCBMD.RVW   20061110

"Hacking the Cable Modem", DerEngel, 2006, 1-59327-101-8,
U$29.95/C$37.95
%A   DerEngel (Ryan Harris) www.tcniso.net/Nav/NoStarch
%C   555 De Haro Street, Suite 250, San Francisco, CA   94107
%D   2006
%G   1-59327-101-8
%I   No Starch Press
%O   U$29.95/C$37.95 415-863-9900 fax 415-863-9950 info () nostarch com
%O  http://www.amazon.com/exec/obidos/ASIN/1593271018/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1593271018/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1593271018/robsladesin03-20
%O   Audience s- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P   290 p.
%T   "Hacking the Cable Modem"

Chapter one outlines the author's experiments with early cable modems,
and something of the development of the current cable modem standard
(Data Over Cable Service Interface Specification/Systems Industrial
Standards, or DOCSIS).  General cable modem features, and a lineup of
common models, are in chapter two.  Chapter three reviews and compares
the two major high speed Internet services, cable modem and digital
subscriber line (DSL).  The DOCSIS standard, in chapter four,
describes the details of the actual data transfer and communication. 
Hardware components inside the cable modem unit are illustrated in
chapter five.  Chapter six provides some addresses in order to start
exploration of the SURFboard cable modems.  The various limits and
restrictions that may be placed on a modem are outlined in chapter
seven.  Chapter eight describes the concept of and tools for reverse
engineering cable modem hardware.  A number of security features built
into cable modems are listed in chapter nine.  Chapter ten relates the
story of how the author used a buffer overflow in order to execute
code on a cable modem.  SIGMA (System Integrated Genuinely Manipulated
Assembly), discussed in chapter eleven, is a tool that can be used to
provide an interface in order to submit and execute material on some
cable modems.  Chapter twelve explains three ways to modify
configurations (in the examples given, in order to reset the modem
frequencies to the European standard).  Helpful software tools for
experimenting with cable modems are listed in chapter thirteen.  Ways
to obtain information from the modem itself are examined in chapter
fourteen.

A hardware device for reprogramming the firmware on a specific modem
is detailed in chapter fifteen.  Chapter sixteen describes the full
process for changing the modem configuration in order to remove
throughput limits.  Instructions and illustrations for creating a
hardware cable that can be used to command the cable modem's console
port directly are included in chapter seventeen.  Chapter eighteen
recounts various methods of changing firmware on the modem.

A number of specific models of modems are described in some detail,
with pictures of the inner hardware, and instructions on enabling or
commanding certain functions.  The RCA Broadband Cable Modem is in
nineteen, the Webstar model DPC2100 in twenty, the SURFboard models
SB3100, 4100, and 4200 in twenty-two, and the D-Link DCM202 in twenty-
two.

Chapter twenty-three suggests steps cable providers can take in order
to secure their networks, and prevent people from hacking cable
modems.

Certain chapters provide clear and explicit directions that can be
used by anyone.  Others give tips and hints that can be helpful--but
only if you already know certain facts that your cable provider is
unlikely to be willing to deliver.  Some sections could get the
hobbyist cable hacker started, although useful results are unlikely to
be achieved without a lot of experimentation and work.

The book, while it contains a great deal of fascinating information,
can be frustrating at times.  Buried in the introduction is the
statement that much of the material in this work started out as
separate files giving isolated guides to specific activities.  This
explains a lot about the disorganized state of the volume.  The
chapters are extremely short, and vary in technical depth and quality. 
There is no logical thread through the text, and topically related
chapters may be separated from each other by completely unrelated
subjects.  In addition, as you read through the book you will find
that a few topics are repeated many times, while others seem to be
implied, but never appear.

While the author tends to speak as if the book can be used with all
cable modems, much of the detailed content is specific not only to one
particular brand and model, but to a particular level of firmware that
is unlikely to be currently prevalent.

For the home hobbyist, wanting to delve into both the hardware and
software of the cable modem, this can be a valuable introduction.  For
others, the book may be a tad disappointing.

copyright Robert M. Slade, 2006   BKHKCBMD.RVW   20061110


======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
Freedom is not worth having if it does not connote freedom to
err. It passes my comprehension how human beings, be they ever so
experienced and able, can delight in depriving other human beings
of that precious right.                - Mahatma Gandhi, (1869-1948)
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.