PaulDotCom mailing list archives
security concerns with cable splitters
From: NSweaney at tulsacash.com (Nathan Sweaney)
Date: Thu, 2 Apr 2009 15:43:29 -0500
The sensitive data is encrypted, but if a user surfs to http://www.google.com, an attacker with the ability to inject packets could easily add an exploit to the page. Assuming the exploit payload was a reverse shell that connects over 443 back to the attacker's evil server, now that attacker has a foothold on the network. Even if our IDS caught an obvious exploit, the attacker could inject the BeEF code which wouldn't likely be detected. But that's only possible IF the attacker can intercept/inject packets over the coax. In other words, I'm not so much concerned about the data that's leaving. It's good. I'm concerned about allowing an attacker in which could eventually lead to gaining access to the data before it is encrypted. -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Josh Olson Sent: Thursday, April 02, 2009 3:17 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] security concerns with cable splitters On Thu, Apr 2, 2009 at 4:10 PM, Nathan Sweaney <NSweaney at tulsacash.com> wrote:
All sensitive data is encrypted, but I'm concerned that if the attacker is able to intercept/inject packets, he could infiltrate the system using something like BeEF of any old exploit that would then let him pivot & attack the data from the inside before it gets
encrypted. Maybe I'm misunderstanding what you're saying here. But it seems like the data should be encrypted before it reaches the cable modem on the way out. This based on the assumption that the cable modem is plugged into some sort of router, and all sensitive traffic is encrypted (through some other means) prior to routing. _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Josh Olson (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Nathan Sweaney (Apr 02)
- security concerns with cable splitters Chris Frederick (Apr 02)
- security concerns with cable splitters Chris Merkel (Apr 02)
- <Possible follow-ups>
- security concerns with cable splitters Vincent Lape (Apr 03)