Home page logo

pauldotcom logo PaulDotCom mailing list archives

security concerns with cable splitters
From: vlape at me.com (Vincent Lape)
Date: Fri, 03 Apr 2009 13:04:52 -0400


in a former life i was a head-end engineer for COX out in VA. Basically the way the system works is the cable modem 
will signal over the wire to the CMTS. The CMTS will give said modem an IP query the billing system for a MAC match on 
an account, then a node match. (this prevents people from taking their cablemodems to a neighbors house a couple miles 
away and using the service). the modem will then query for a configuration package. The config file is sent via tftp to 
the modem based on the level of service subscribed. keep in mind all this is done unencrypted. If you were able to get 
the RF side of a DOCSIS modem to become promiscuous you could see all traffic on the cablemodem network for that node. 
It is in no way secure and really there is nothing you can do about it besides using secure protocols. 

now there are a couple other things to look at. If the splitter on the cablemodem was a single leg GZH splitter only 
one leg of that splitter could carry the signal for a cablemodem to obtain block sync. Another measure you could take 
is to request a hi-pas filter on the video side of the splitter. the hi-pas filter is something we used to keep the 
people who were going to compUSA and hacking cablemodems off the system. This filter (or trap) blocks the frequency 
range over the wire that the cablemodems use to communicate. 

Hope this helps. 


On Thursday, April 02, 2009, at 02:42PM, "Nathan Sweaney" <NSweaney at tulsacash.com> wrote:
I just received a question that I can't answer.  A customer has a cable
internet service with COX that has only been used for internet.  The
modem and all other networking equipment is locked away so that no one
has access to it.  They've decided that they'd also like to have a TV in
a public area for visitors to watch.  COX says to just add a splitter in
front of the modem & run a cable to where they want it.  The crazy thing
is that the customer actually considerd the security implications and
asked ahead of time.  

So my question is, if an intruder had uninhibited access to the coax
that was split off upstream from the cable modem, is there anything they
can do with it?  I've been told by COX that it won't interfere with the
connection and that adding a second modem to the connection wouldn't
work because it wouldn't be setup on their end.  However my bigger
concern is the potential to intercept traffic.  

I know from past experiences that if you plug your coax into your VCR or
satellite the wrong way you can actually deliver content to your
neighbors (or at least cause a lot of interference), so that suggests
that the connection doesn't just flow one-way.  So can the
coax-splitters determine which way traffic is supposed to be flowing?  

I understand that even if it's "possible" it may not be easy or likely,
but this network is used for processing credit cards so I want to make
sure I have a complete answer.

Any information or resources on this would be appreciated.


- Nathan Sweaney

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]