PaulDotCom mailing list archives
security concerns with cable splitters
From: NSweaney at tulsacash.com (Nathan Sweaney)
Date: Thu, 2 Apr 2009 15:10:18 -0500
All sensitive data is encrypted, but I'm concerned that if the attacker is able to intercept/inject packets, he could infiltrate the system using something like BeEF of any old exploit that would then let him pivot & attack the data from the inside before it gets encrypted. Also, while this particular occasion prompted the question, I'm also interested just in general. If I tap into my coax at home in front of my modem, can I see anything? How would I go about trying? Can my neighbors view my stuff? -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Chris Frederick Sent: Thursday, April 02, 2009 2:52 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] security concerns with cable splitters Nathan Sweaney wrote:
The crazy thing is that the customer actually considerd the security
implications and asked ahead of time. April 1st was yesterday. ;)
So my question is, if an intruder had uninhibited access to the coax that was split off upstream from the cable modem, is there anything they can do with it?
I would assume that anything that is plugged in front of the modem would be able to sniff all traffic going through the line. However, any router/server/firewall that the traffic goes through on the internet can also do this. This is why all the credit card processing is wrapped in ssl (I would hope). If you are worried about sniffed traffic, I would concentrate more on securing the traffic (ssl/vpn/etc...) rather than focus on any single point of compromise to the line. If you are worried about a DOS, if they DOSed your cable line it would probably affect a wide area (everyone connected to your feed at the end of the block) so it would probably be noticed and fixed within a few hours. That's my two cents... Chris P.S. I also have a funny story related to this. I have a MythTV box that had a failing capture card, rather than replace the card, I "pulled a Larry" and soldered two signal boosters directly to the coax lead on the card. I had to leave about inch and a half unshielded due to the narrow working space. The extra juice and the unshielded segment began broadcasting the signal over the air. After several months, I moved from suburbia, to a "small town". A few weeks later I had a semi-angry cable guy knock on the door complaining that the small airplanes landing a few miles down the highway were picking up the signal and were complaining about the interference. I asked why it wasn't an issue in the suburban location, and he said the noise ratio in the cities are a lot higher and more difficult to track down so they just adjust the tolerance to cope with the higher interference. So in a suburban/city environment, less then $30 at home depot can broadcast your cable signals several hundred feet, and go unnoticed for quite a while. ;) _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Josh Olson (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Chris Merkel (Apr 02)
- <Possible follow-ups>
- security concerns with cable splitters Vincent Lape (Apr 03)