My comments were based on a situation I'm aware of regarding a local ISP.
I'm not sure what type of equipment they were using, but I believe it was a
fancy repeater as you describe. The ISP's own production servers were
compromised using sniffed passwords. (Employees were using cablemodems to
work from home.) Perhaps this was old out-dated equipment? The scenario you
describe sounds much more secure, though short of an encrypted tunnel as
described elsewhere in this thread, I'd still have serious misgivings.
Best Regards,
Lou Laczo - FASTNET Corporation
[EMAIL PROTECTED] (888)321-FAST(3278) http://www.fast.net
FASTNET (R) - Business and Personal Internet Solutions
> -----Original Message-----
> From: Laris Benkis [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, July 12, 1999 5:52 PM
> To: 'Lou Laczo'; 'Andy'; '[EMAIL PROTECTED]'
> Subject: RE: Surprise, Surprise...
>
> I think you may have a bit of difficulty sniffing a cleartext password on
> a typical (whatever that means) cable modem segment. To use a specific
> example which I am familiar with, LANCity cablemodems are learning
> bridges, therefore the only traffic you will see coming to you from the
> modem will be broadcast traffic on the segment and unicast traffic to your
> PC. To see all the unicast traffic on the segment which will contain all
> the interesting cleartext passwords you would have to either hack into the
> modem or decode the RF signal on the coax. Not impossible perhaps, but
> certainly not as trivial as you suggest. My impression is that most
> people think a cablemodem is a fancy ethernet repeater, this is not the
> case.
>
> Depending on the capabilities of the cable modem being used there are
> things the cable operator can do to reduce a subscriber's exposure. Again
> a specific example, on Rogers@Home the LANCity modems are configured to
> block UDP 137 & 138, giving naive users a bit of protection.
>
> Laris
>
>
>
> -----Original Message-----
> From: Lou Laczo [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, July 12, 1999 3:19 PM
> To: 'Andy'; '[EMAIL PROTECTED]'
> Subject: RE: Surprise, Surprise...
>
> Disabling and/or password protecting shares would prohibit others from
> easily looking at disk files on a PC. (via network neighborhood or direct
> drive mapping) However, there's still the issue of packet sniffing. Anyone
> on a cable segment can run an easily obtainable sniffer package and
> capture
> all sorts of interesting information (i.e. cleartext passwords). Cable
> modems are insecure by nature. I you choose to use them, the only way to
> assure privacy is to encrypt all communications.
>
>
> Best Regards,
>
> Lou Laczo - FASTNET Corporation
> [EMAIL PROTECTED] (888)321-FAST(3278) http://www.fast.net
> FASTNET (R) - Business and Personal Internet Solutions
>
> > -----Original Message-----
> > From: Andy [SMTP:[EMAIL PROTECTED]]
> > Sent: Monday, July 12, 1999 2:13 PM
> > To: Daemeon Reiydelle; Firewalls List
> > Subject: Re: Surprise, Surprise...
> >
> > Daemeon Reiydelle wrote:
> > >
> > > This problem is endemic and inherent to ALL cable companies because
> each
> > > segment (more or less a few block radius) is a common subnet.
> >
> > What about the claim in the article that all one need do is disable
> > sharing, or, at least use good passwords on shares. Is this enough?
> >
> > -Andy
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
