[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How insecure are cable connections, versus dialup?

On Mon, Dec 09, 2002 at 10:04:30AM -0600, Jamin W. Collins wrote:
> On Mon, Dec 09, 2002 at 09:25:51AM -0600, Jeffrey Taylor wrote:
> > Quoting Alvin Oga <aoga@Maggie.Linux-Consulting.com>:
> > > cable ... its you and all your neighbors .... watching/sharing that copper
> > > 
> > 
> > Can you provide evidence for this?  That cable modems run in
> > "promiscuous" mode?
> When I was using COX cable (Las Vegas, NV), I was able to readily view a
> large number of their customer's via SMB browsing.  I brought this to
> their attention and was told that it was "by design" and not viewed as a
> security risk.

Irrespective of whether the response you received was stupid, the fact
that you could "see" your neighbors via SMB browsing is due to the
broadcast nature of SMB, not the fact that your cable modem was in
some promiscuous mode.  It is very difficult to intercept unicast
traffic intended for your neighbor on a cabple network.

In my opinion, the real lesson from your anecdote is that everyone
connected to the Internet should be running some sort of firewall, and
that firewall should be a seperate entity between your workstation
(whatever OS it has isn't important) and the Internet access point.
Windows automatically broadcasts tons of crap onto the nearest
ethernet; that's poor design IMO.

Nathan Norman - Incanus Networking mailto:nnorman@incanus.net
  THEY planted The Lone Gunmen to MIND CONTROL the public into seeing

Reply to: