DOCSIS Archives

20 08, 2012

DOCSIS Security | Mac Address Cloning

Mia Colabrese2021-08-18T10:07:01-04:00August 20th, 2012|

Theft of Service via Cloning DOCSIS Security - If only cloning your favorite pet was as easy as cloning a MAC address on a cable modem. There are dozens of websites out there giving subscribers or hackers step by step instructions on how to clone a MAC address. Each cable modem, regardless of brand, is uniquely identified by its Cable Modems ID, or MAC address - short for Media Access Control. This address is programmed into a writable memory address of the hardware in the cable modem, and is associated with a

14 08, 2012

DOCSIS Security | Uncapping Cable Modems

Mia Colabrese2012-08-14T10:57:21-04:00August 14th, 2012|

So what is uncapping cable modems? Uncapping cable modems refers to activities performed to alter a DOCSIS cable modems settings. Plain and simple someone is messing with the cable modem's configuration file to get what they want. So what do they want? Greater bandwidth (the need for speed), wanting more than one public IP, or any other configurable options a DOCSIS modem can offer. Maybe they just want to prove they can do it and or feel they are getting the shaft from their cable provider. Really the psychology of people is

6 08, 2012

DOCSIS Network Security | Theft of Service

Mia Colabrese2021-11-24T09:10:08-05:00August 6th, 2012|

DOCSIS Network Security - It Matters! My next few posts will focus on the security issues associated with DOCSIS networks including, but not limited to theft of service, uncapping modems, illegal wire-tapping by unauthorized citizens, viewing of operating internal network infrastructure and more. These security issues are an increasing threat as the number of DOCSIS subscribers increase, economic drivers cause subscribers to reduce costs, and un-ethical web sites provide easy step-by-step solutions for how to hack your network. While the posts will provide a reality check for everyone

5 07, 2012

Subscribers get lower data rates than provisioned?

Mia Colabrese2020-06-09T09:36:58-04:00July 5th, 2012|

Why do my DOCSIS subscribers and their Cable Modems get lower speeds than what my DOCSIS config file says they should get? This is a common question that I am asked and it has more than one answer. All too often the RF plant is the first to blame for low DOCSIS cable modem speeds, but in many cases the root cause of the problem can be traced back to the cable modem configuration file and/or the lack of appropriate speed test applications in the headend. Also, some

21 09, 2011

Cable Modems init(r1) init(r2) Why are they stuck?

Mia Colabrese2021-08-20T09:21:27-04:00September 21st, 2011|

Cable Modems init(r1) init(r2), DOCSIS Cable Modems going offline? DOCSIS Cable Modems init(r1) init(r2) are stuck or offline! Many of us have been there before - one or more DOCSIS cable modems init(r1) init(r2) stuck in one of numerous "init()" conditions - how do we interpret these messages and what do we do? A recent reader wrote in and had just this problem. DOCSIS cable modems going offline and getting stuck in "R1" or "R2" condition, or Cable Modems init(r1) init(r2), because these are the status conditions displayed on the DOCSIS CMTS

15 09, 2011

Which is Best CMTS or EOC – Ethernet over Coax?

Mia Colabrese2011-09-15T18:24:40-04:00September 15th, 2011|

Interesting post from fellow DOCSIS technologist on CMTS vs. EOC (Ethernet over Coax). Check out the post and his blog.

5 09, 2011

Top 10 DOCSIS 3.0 Terms You Need to Know

Mia Colabrese2021-08-17T13:31:08-04:00September 5th, 2011|

This is the speak you need to know when talking DOCSIS 3.0 to any DOCSIS Engineer or specialist. It is important that you learn the full name, in many cases the acronym and also what value the particular terminology plays in a DOCSIS 3.0 network as it will likely be crucial in troubleshooting tough-to-diagnose DOCSIS impairments.

24 06, 2011

DOCSIS T1, T2, T3, and T4 Timeout Descriptions

Mia Colabrese2022-06-20T20:55:33-04:00June 24th, 2011|

This is a handy summary of the various timeout errors you will find in a DOCSIS network. T3 and T4 timeouts are described in much more detail elswhere in this blog, however this post provides a high level overview of the various timeouts as a reference.

5 01, 2011

New Updates to Library

Mia Colabrese2023-02-18T11:34:36-05:00January 5th, 2011|

After some requests, I've updated the library with a few examples of DOCSIS config files and a CMTS running config. You'll need a DOCSIS config editor to view the config files, but the running configs for the CMTS are in text. Also, check out the ANSI document on Digital Transmission I posted. It is a good read on QAM - free from Google if you are interested. Happy New Year everyone.

1 08, 2010

Hacking DOCSIS Cable Modems

Mia Colabrese2021-08-17T13:18:52-04:00August 1st, 2010|

Fundamental Precautions You Should Take to Secure Your Network DOCSIS security wholes are a serious problem, even if you are a major MSO (Multiple System Operator). Recently a reader contacted me and said that theft of service, especially uncapping cable modems via hacking, was still impacting his network. Not surprisingly, one vendor's CMTS was able to ward off the hacker's while another vendor's CMTS was unable to prevent the uncapping and subsequent theft of service. I will protect the vendor's identities because I believe that the CMTS is the first line of defense. Vendors have put into place very effective, CMTS specific techniques, such as Cisco's TFTP-Enforce which prohibits a cable modem from registering and coming on line if there is no matching TFTP traffic through the CMTS preceding the registration attempt. But often individual techniques are "hacked" (such as in the TFTP-Enforce bypass method found on hacker sites). What this indicates is that any reliance on a single point or method of hack-proofing your network WILL NOT WORK. You must implement a layered approach consisting of a number of CMTS, DHCP, TFTP and potentially SNMP and Kerbos related methods. The later would apply for MTAs and set top boxes. For now we will just focus on cable modems and the realm of CMTSs and DHCP/TFTP servers. Here are is the bare minimum of what you should be doing: