28 09, 2015
  • hacked

Hacked – Are You Sure You’re Secure?

2021-11-24T09:42:37-05:00September 28th, 2015|

Hacked - Are you sure you're secure? Security has the been a hot topic lately.  As I’m writing this article I think about all of the recent events that we hear about impacting our daily lives such as: Hacks of OPM databases compromised 22.1 million people Experts warn 2015 could be 'Year of the Healthcare Hack - reuters.com' Cost of a Potential Blackout From Cybercrime: $1 Trillion - CNBC These headlines are really quite scary.  I’m certain that some, possibly many of you have experienced security issues first hand.

1 08, 2010
  • Hacking DOCSIS Cable Modems

Hacking DOCSIS Cable Modems

2021-08-17T13:18:52-04:00August 1st, 2010|

Fundamental Precautions You Should Take to Secure Your Network DOCSIS security wholes are a serious problem, even if you are a major MSO (Multiple System Operator). Recently a reader contacted me and said that theft of service, especially uncapping cable modems via hacking, was still impacting his network. Not surprisingly, one vendor's CMTS was able to ward off the hacker's while another vendor's CMTS was unable to prevent the uncapping and subsequent theft of service. I will protect the vendor's identities because I believe that the CMTS is the first line of defense. Vendors have put into place very effective, CMTS specific techniques, such as Cisco's TFTP-Enforce which prohibits a cable modem from registering and coming on line if there is no matching TFTP traffic through the CMTS preceding the registration attempt. But often individual techniques are "hacked" (such as in the TFTP-Enforce bypass method found on hacker sites). What this indicates is that any reliance on a single point or method of hack-proofing your network WILL NOT WORK. You must implement a layered approach consisting of a number of CMTS, DHCP, TFTP and potentially SNMP and Kerbos related methods. The later would apply for MTAs and set top boxes. For now we will just focus on cable modems and the realm of CMTSs and DHCP/TFTP servers. Here are is the bare minimum of what you should be doing:

Go to Top