I think you may have a bit of difficulty sniffing a cleartext password on a typical
(whatever that means) cable modem segment. To use a specific example which I am
familiar with, LANCity cablemodems are learning bridges, therefore the only traffic
you will see coming to you from the modem will be broadcast traffic on the segment and
unicast traffic to your PC. To see all the unicast traffic on the segment which will
contain all the interesting cleartext passwords you would have to either hack into the
modem or decode the RF signal on the coax. Not impossible perhaps, but certainly not
as trivial as you suggest. My impression is that most people think a cablemodem is a
fancy ethernet repeater, this is not the case.
Depending on the capabilities of the cable modem being used there are things the cable
operator can do to reduce a subscriber's exposure. Again a specific example, on
Rogers@Home the LANCity modems are configured to block UDP 137 & 138, giving naive
users a bit of protection.
Laris
-----Original Message-----
From: Lou Laczo [SMTP:[EMAIL PROTECTED]]
Sent: Monday, July 12, 1999 3:19 PM
To: 'Andy'; '[EMAIL PROTECTED]'
Subject: RE: Surprise, Surprise...
Disabling and/or password protecting shares would prohibit others from
easily looking at disk files on a PC. (via network neighborhood or direct
drive mapping) However, there's still the issue of packet sniffing. Anyone
on a cable segment can run an easily obtainable sniffer package and capture
all sorts of interesting information (i.e. cleartext passwords). Cable
modems are insecure by nature. I you choose to use them, the only way to
assure privacy is to encrypt all communications.
Best Regards,
Lou Laczo - FASTNET Corporation
[EMAIL PROTECTED] (888)321-FAST(3278) http://www.fast.net
FASTNET (R) - Business and Personal Internet Solutions
> -----Original Message-----
> From: Andy [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, July 12, 1999 2:13 PM
> To: Daemeon Reiydelle; Firewalls List
> Subject: Re: Surprise, Surprise...
>
> Daemeon Reiydelle wrote:
> >
> > This problem is endemic and inherent to ALL cable companies because each
> > segment (more or less a few block radius) is a common subnet.
>
> What about the claim in the article that all one need do is disable
> sharing, or, at least use good passwords on shares. Is this enough?
>
> -Andy
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
