Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

security concerns with cable splitters
From: cmerkel at gmail.com (Chris Merkel)
Date: Thu, 2 Apr 2009 15:04:51 -0500

Based on my understanding of how cable modems work on Time Warner and
Charter in the midwest, all they do validate if a device can talk on
their network is via cable modem. It's conceivable that a person could
clone a MAC address on a cable modem to gain internet access via the
unprotected coax, but that wouldn't get them anything other than a
public IP.

- Chris Merkel

2009/4/2 Nathan Sweaney <NSweaney at tulsacash.com>:
I just received a question that I can't answer.??A customer has a cable
internet service with COX that has only been used for internet.? The modem
and all other networking equipment is locked away so that no one has access
to it.? They've decided that they'd also like to have a TV in a public area
for visitors to watch.? COX says to just add a splitter in front of the
modem & run a cable to where they want it.??The crazy thing is that the
customer actually considerd the security implications and asked ahead of
time.

So my question is, if an intruder had uninhibited access to the coax that
was split off upstream from the cable modem, is there anything they can do
with it?? I've been told by COX that it won't interfere with the?connection
and that adding a second modem to the connection wouldn't work because it
wouldn't be setup on their end.? However my bigger concern is the potential
to intercept traffic.

I know from past experiences that if you plug your coax into your VCR or
satellite the wrong way you can actually deliver content to your neighbors
(or at least cause a lot of interference), so that suggests that the
connection doesn't just flow one-way.? So can the coax-splitters determine
which way traffic is supposed to be flowing?

I understand that even if it's "possible" it may not be easy or likely, but
this network is used for processing credit cards so I want to make sure I
have a complete answer.

Any information or resources on this would be appreciated.

Thanks

- Nathan Sweaney
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
- Chris Merkel


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]