I just stumbled across a blurb in a networking book that said that the
infrastructure for cable internet access is slightly insecure. The
allegation was that since all cable drops in an area trace back to a
distribution node (which in turn make their way to the head end)
someone on the same distro node could, with some "technical
prowess" (direct quote from the source) could eavesdrop on your
communications. Is this true? I couldn't get Google to cough up any
further info on the subject, but then again I couldn't seem to piece
together completely relevant search terms.

This is perturbing news for someone who tends to be
paranoid. ::glances nervously at the cable modem:: Is it time to go
back to tin cans and string?


Nonapeptide

On Wed, 03 Oct 2007 19:26:35 -0700, Nonapeptide@gmail.com wrote:
> I just stumbled across a blurb in a networking book that said that the
> infrastructure for cable internet access is slightly insecure. The
> allegation was that since all cable drops in an area trace back to a
> distribution node (which in turn make their way to the head end)
> someone on the same distro node could, with some "technical
> prowess" (direct quote from the source) could eavesdrop on your
> communications. Is this true?

How old is the network book. Since you are a Cincinnati area
RoadRunner customer, I assume your Motorola is set for encription.

As I misunderstand it, the cable modem to head end is encripted.
Since you are a Cincinnati area RoadRunner customer, I assume your
Motorola cable modem is set for encription.

If you were to look in the cable modem web page and see something like
Initialize Baseline Privacy Done, then it is encripted.

Guessing http://192.168.100.1 would be the cable modem web page.

On Wed, 03 Oct 2007 19:26:35 -0700, Nonapeptide@gmail.com wrote:

>I just stumbled across a blurb in a networking book that said that the
>infrastructure for cable internet access is slightly insecure. The
>allegation was that since all cable drops in an area trace back to a
>distribution node (which in turn make their way to the head end)
>someone on the same distro node could, with some "technical
>prowess" (direct quote from the source) could eavesdrop on your
>communications. Is this true? I couldn't get Google to cough up any
>further info on the subject, but then again I couldn't seem to piece
>together completely relevant search terms.
>
>This is perturbing news for someone who tends to be
>paranoid. ::glances nervously at the cable modem:: Is it time to go
>back to tin cans and string?
>
>
>Nonapeptide
You are forgetting that there are 300 MILLION people in the US alone
and almost 4 BILLION WorldWide! To try and track YOUR data thru the
internet is not just hard it is impossible. Now to put a trace from
your home thru your network to the head end, etc. is not impossible.
BUT it is jammed in that pipe along with everyone else in your area.
And of course as the article said your data flows into bigger and
bigger pipes as it flows towards that 'head end' mixing with all the
other people that are all headed to that same 'head end'. You are
being paranoid, to stop id theft etc, shred your papers at home and
only put the details of your account numbers, credit card stuff ,etc,
into sites that are https sites. The standard http is not a secure
site, as indicated by the 's' at the end.

The internet is a shared medium, regardless of how it is connected to
your home. In those regards, the only difference between the
technologies is the point at which the individual connections become a
shared connection.

Cable is no less secure than a T-1 line or dial-up or DSL or whatever.


CIAO!

Ed N.

Nonapeptide@gmail.com wrote:
> I just stumbled across a blurb in a networking book that said that the
> infrastructure for cable internet access is slightly insecure. The
> allegation was that since all cable drops in an area trace back to a
> distribution node (which in turn make their way to the head end)
> someone on the same distro node could, with some "technical
> prowess" (direct quote from the source) could eavesdrop on your
> communications. Is this true? I couldn't get Google to cough up any
> further info on the subject, but then again I couldn't seem to piece
> together completely relevant search terms.
>
> This is perturbing news for someone who tends to be
> paranoid. ::glances nervously at the cable modem:: Is it time to go
> back to tin cans and string?
>
>
> Nonapeptide
>

In article <1191464795.138725.206920@19g2000hsx.googlegroups.com>,
Nonapeptide@gmail.com writes:
>
> I just stumbled across a blurb in a networking book that said that the
> infrastructure for cable internet access is slightly insecure. The
> allegation was that since all cable drops in an area trace back to a
> distribution node (which in turn make their way to the head end)
> someone on the same distro node could, with some "technical
> prowess" (direct quote from the source) could eavesdrop on your
> communications. Is this true? I couldn't get Google to cough up any
> further info on the subject, but then again I couldn't seem to piece
> together completely relevant search terms.
>
> This is perturbing news for someone who tends to be
> paranoid. ::glances nervously at the cable modem:: Is it time to go
> back to tin cans and string?

There is some truth to the claim; however, most cable companies today
encrypt the last-mile data, which would make it difficult (perhaps to the
point of impossibility, except maybe for national intelligence agencies)
for somebody on the same cable node to decrypt your data.

That said, most Internet traffic is not encrypted, and there are lots and
lots of places on the Internet that it can be intercepted. If you're just
concerned about your nosy neighbor knowing that you've been reading all
the latest Star Trek rumors, this isn't a big deal, since your nosy
neighbor probably doesn't have ready access to all the routers between you
and the Star Trek sites. OTOH, if you're concerned about Big Brother
snooping on your activities, that's another matter. Likewise if you're
concerned about shady characters acquiring a profile on you and using it
against you (for identity theft, say). Data passed over the Internet is
compromised every day. Often this is a matter of theft of credit card
numbers, but these are typically stolen from retailers' computers, not
while they're in transit. If criminals were to compromise a router,
though, they could sift through the data it manages and grab some of yours
-- passwords or other personal information, say. There have been
allegations that the US government is doing this for data to and from
foreign countries, the difference being that the feds are alleged to have
the cooperation of the data carriers, or at least some of them, and of
course they claim to be doing it in the interests of national security --
or they would if they admitted they were doing it.

The bottom line is this: Whether you're using a cable modem, DSL, a T1
line, a dial-up telephone modem connection, or anything else, you
shouldn't consider your Internet transactions secure. If you pass anything
sensitive over the Internet, you should ensure that you're using an
encrypting protocol to do it. Fortunately, most Web retailers employ
encryption on their order pages, or at least on the ones that ask for
credit card numbers -- but as noted, data thieves manage to steal CC
numbers from the retailers' servers. (Local CC transactions are also at
risk in the same way or by waiters or whatnot copying the information by
hand, so don't swear off Internet purchases for this reason.) If you
routinely log into remote systems (getting a command prompt or desktop to
use it as if it were local), use an encrypting protocol such as SSH. For
sensitive sites, such as a bank, use a unique password, and don't store it
on your computer. (With all the Trojans and viruses out there, passwords
stored by your browser might not be secure even on your own computer.)
Particularly if you're using Windows, run anti-virus software, and keep it
updated. Use a NAT router, if your cable modem doesn't incorporate that
functionality, to help protect your home system. These basic steps will
minimize the risks, but security isn't an all-or-none thing. The only way
to be 100% sure that your Internet data won't be snooped is to not use the
Internet, and the only way to be 100% sure that your computer's data won't
be compromised is to not use a computer. In today's world, neither of
these is a practical approach, so you'll have to accept some degree of
risk.

--
Rod Smith, rodsmith@rodsbooks.com
http://www.rodsbooks.com
Author of books on Linux, FreeBSD, and networking

On Oct 4, 11:01 am, rodsm...@nessus.rodsbooks.com (Rod Smith) wrote:
> In article <1191464795.138725.206...@19g2000hsx.googlegroups.com>,
> Nonapept...@gmail.com writes:
>
>
>
> > I just stumbled across a blurb in a networking book that said that the
> > infrastructure for cable internet access is slightly insecure. The
> > allegation was that since all cable drops in an area trace back to a
> > distribution node (which in turn make their way to the head end)
> > someone on the same distro node could, with some "technical
> > prowess" (direct quote from the source) could eavesdrop on your
> > communications. Is this true? I couldn't get Google to cough up any
> > further info on the subject, but then again I couldn't seem to piece
> > together completely relevant search terms.
>
> > This is perturbing news for someone who tends to be
> > paranoid. ::glances nervously at the cable modem:: Is it time to go
> > back to tin cans and string?
>
> There is some truth to the claim; however, most cable companies today
> encrypt the last-mile data, which would make it difficult (perhaps to the
> point of impossibility, except maybe for national intelligence agencies)
> for somebody on the same cable node to decrypt your data.
>
> That said, most Internet traffic is not encrypted, and there are lots and
> lots of places on the Internet that it can be intercepted. If you're just
> concerned about your nosy neighbor knowing that you've been reading all
> the latest Star Trek rumors, this isn't a big deal, since your nosy
> neighbor probably doesn't have ready access to all the routers between you
> and the Star Trek sites. OTOH, if you're concerned about Big Brother
> snooping on your activities, that's another matter. Likewise if you're
> concerned about shady characters acquiring a profile on you and using it
> against you (for identity theft, say). Data passed over the Internet is
> compromised every day. Often this is a matter of theft of credit card
> numbers, but these are typically stolen from retailers' computers, not
> while they're in transit. If criminals were to compromise a router,
> though, they could sift through the data it manages and grab some of yours
> -- passwords or other personal information, say. There have been
> allegations that the US government is doing this for data to and from
> foreign countries, the difference being that the feds are alleged to have
> the cooperation of the data carriers, or at least some of them, and of
> course they claim to be doing it in the interests of national security --
> or they would if they admitted they were doing it.
>
> The bottom line is this: Whether you're using a cable modem, DSL, a T1
> line, a dial-up telephone modem connection, or anything else, you
> shouldn't consider your Internet transactions secure. If you pass anything
> sensitive over the Internet, you should ensure that you're using an
> encrypting protocol to do it. Fortunately, most Web retailers employ
> encryption on their order pages, or at least on the ones that ask for
> credit card numbers -- but as noted, data thieves manage to steal CC
> numbers from the retailers' servers. (Local CC transactions are also at
> risk in the same way or by waiters or whatnot copying the information by
> hand, so don't swear off Internet purchases for this reason.) If you
> routinely log into remote systems (getting a command prompt or desktop to
> use it as if it were local), use an encrypting protocol such as SSH. For
> sensitive sites, such as a bank, use a unique password, and don't store it
> on your computer. (With all the Trojans and viruses out there, passwords
> stored by your browser might not be secure even on your own computer.)
> Particularly if you're using Windows, run anti-virus software, and keep it
> updated. Use a NAT router, if your cable modem doesn't incorporate that
> functionality, to help protect your home system. These basic steps will
> minimize the risks, but security isn't an all-or-none thing. The only way
> to be 100% sure that your Internet data won't be snooped is to not use the
> Internet, and the only way to be 100% sure that your computer's data won't
> be compromised is to not use a computer. In today's world, neither of
> these is a practical approach, so you'll have to accept some degree of
> risk.
>
> --
> Rod Smith, rodsm...@rodsbooks.comhttp://www.rodsbooks.com
> Author of books on Linux, FreeBSD, and networking

Thank yuo all for the responses. Much to think about.

@Rod

I suppose my initial confusion centered on this alleged ability of a
member of your shared last mile on the cable system to snoop on your
communication. To my limited understanding of networking, a snooper
would have to have some way of having direct access to that
multiplexer (or whatever the cable system uses) and then have some way
of replicating the traffic from the multiplexer back down the line to
himself. If a multiplexer (or whatever) is vulnerable, it would seem
to me that any medium, not just cable, is just as vulnerable. The book
I was reading stated that cable was more insecure by comparison to
other mediums but didn't offer any further explanation. Maybe I should
just calm down and go back to reading my Windows Administration
books... ;)


Nonapeptide

On Tue, 09 Oct 2007 23:20:40 -0000, Nonapeptide@gmail.com wrote:

>Thank yuo all for the responses. Much to think about.
>
>@Rod
>
>I suppose my initial confusion centered on this alleged ability of a
>member of your shared last mile on the cable system to snoop on your
>communication. To my limited understanding of networking, a snooper
>would have to have some way of having direct access to that
>multiplexer (or whatever the cable system uses) and then have some way
>of replicating the traffic from the multiplexer back down the line to
>himself. If a multiplexer (or whatever) is vulnerable, it would seem
>to me that any medium, not just cable, is just as vulnerable. The book
>I was reading stated that cable was more insecure by comparison to
>other mediums but didn't offer any further explanation. Maybe I should
>just calm down and go back to reading my Windows Administration
>books... ;)

By any chance, is the copyright on the book about 7-10 years old?
IIRC, that's about how long it's been since a cable customer could
browse his neighbor's open shares and print to neighboring printers.

--
Bill

On Oct 9, 11:31 pm, Bill M. <wbill...@hotmail.com> wrote:
> On Tue, 09 Oct 2007 23:20:40 -0000, Nonapept...@gmail.com wrote:
> >Thank yuo all for the responses. Much to think about.
>
> >@Rod
>
> >I suppose my initial confusion centered on this alleged ability of a
> >member of your shared last mile on the cable system to snoop on your
> >communication. To my limited understanding of networking, a snooper
> >would have to have some way of having direct access to that
> >multiplexer (or whatever the cable system uses) and then have some way
> >of replicating the traffic from the multiplexer back down the line to
> >himself. If a multiplexer (or whatever) is vulnerable, it would seem
> >to me that any medium, not just cable, is just as vulnerable. The book
> >I was reading stated that cable was more insecure by comparison to
> >other mediums but didn't offer any further explanation. Maybe I should
> >just calm down and go back to reading my Windows Administration
> >books... ;)
>
> By any chance, is the copyright on the book about 7-10 years old?
> IIRC, that's about how long it's been since a cable customer could
> browse his neighbor's open shares and print to neighboring printers.
>
> --
> Bill- Hide quoted text -
>
> - Show quoted text -

Okay, if you all /must/ know, here it is:
http://www.amazon.com/gp/product/1592007929/ref=s9_asin_title_1/102-8221281-5400930?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-1&pf_rd_r=19SHBA73JHMW2TAGT55J&pf_rd_t=101&pf_rd_p=278240701&pf_rd_i=507846

Nonapeptide

In article <1191972040.493468.165280@22g2000hsm.googlegroups.com>,
Nonapeptide@gmail.com writes:
>
> On Oct 4, 11:01 am, rodsm...@nessus.rodsbooks.com (Rod Smith) wrote:
>> In article <1191464795.138725.206...@19g2000hsx.googlegroups.com>,
>> Nonapept...@gmail.com writes:
>>
>> > I just stumbled across a blurb in a networking book that said that the
>> > infrastructure for cable internet access is slightly insecure.
>>
>> There is some truth to the claim; however, most cable companies today
>> encrypt the last-mile data, which would make it difficult (perhaps to the
>> point of impossibility, except maybe for national intelligence agencies)
>> for somebody on the same cable node to decrypt your data.
>
> I suppose my initial confusion centered on this alleged ability of a
> member of your shared last mile on the cable system to snoop on your
> communication. To my limited understanding of networking, a snooper
> would have to have some way of having direct access to that
> multiplexer (or whatever the cable system uses) and then have some way
> of replicating the traffic from the multiplexer back down the line to
> himself. If a multiplexer (or whatever) is vulnerable, it would seem
> to me that any medium, not just cable, is just as vulnerable. The book
> I was reading stated that cable was more insecure by comparison to
> other mediums but didn't offer any further explanation. Maybe I should
> just calm down and go back to reading my Windows Administration
> books... ;)

The problem with cable systems is that every customer in an area gets
every other customer's data. Remember that cable systems were designed for
TV distribution, where every household gets the same set of channels. To
feed computer data over this existing infrastructure, cable operators
simply send the data for several households down this one shared set of
cables, so in theory one person can snoop on the data sent to a nearby
location. (Upstream data also goes over the same shared set of cables and
so is vulnerable, too.) In this sense a cable system's last-mile network
is similar to a large Ethernet network that uses hubs rather than
switches.

This description, though, is incomplete; as I wrote in my previous post,
most cable operators today employ encryption and other techniques to
secure their last-mile data. I certainly wouldn't want to bet my life --
or even my bank account access data -- that the last-mile data is really
secure, but I'm not going to get too worried about the last-mile security
compared to security on the rest of the Internet. When I deal with data
that really should be securely transmitted (credit card numbers, passwords
that provide shell access to remote systems, etc.), I use encryption to
provide end-to-end security. For most data (Web page URLs, most e-mails,
etc.), I don't worry about it, since this data isn't really sensitive,
whether it's stolen by my next-door neighbor or by a spy in China.

Note also that another technology has become very common that's far less
secure than cable modems: Wi-Fi. Wi-Fi is a radio technology, so somebody
can sit in a car parked outside your home and snoop on your Wi-Fi traffic
or even use your network to access the Internet. Your internal network may
also be vulnerable to attack, since many LAN security products are
designed to protect against access from the Internet rather than from
systems on your local network. Most (all?) Wi-Fi hardware supports
encryption, but the studies I've seen suggest that this encryption is
often ineffective and is also often disabled by default. (I've not been
following this closely, though, so my information may well be out of
date.) If you use wireless networking at home or at work, you should
definitely look into this issue to learn how secure your hardware's
encryption is and, if it turns out to be inadequate, add encryption on top
of it.

--
Rod Smith, rodsmith@rodsbooks.com
http://www.rodsbooks.com
Author of books on Linux, FreeBSD, and networking

Rod Smith <rodsmith@nessus.rodsbooks.com> wrote:
>
> (Upstream data also goes over the same shared set of cables and
> so is vulnerable, too.)

It's worth noting, however, that cable modems transmit in an entirely
different range of frequencies than they receive. So, while it is
theoretically possible to hack a cable modem to receive data being sent
*to* other modems on the cable segment, it is physically impossible for
it to receive data being sent *from* those other modems.

-Larry Jones

You can never really enjoy Sundays because in the back of your
mind you know you have to go to school the next day. -- Calvin

In article <obb2u4-ps1.ln1@jones.homeip.net>, lawrence.jones@ugs.com
wrote:

> Rod Smith <rodsmith@nessus.rodsbooks.com> wrote:
> >
> > (Upstream data also goes over the same shared set of cables and
> > so is vulnerable, too.)
>
> It's worth noting, however, that cable modems transmit in an entirely
> different range of frequencies than they receive. So, while it is
> theoretically possible to hack a cable modem to receive data being sent
> *to* other modems on the cable segment, it is physically impossible for
> it to receive data being sent *from* those other modems.
>
No one said one had to use the same tuner to capture data going both
directions.

You can tune one device to (e.g.) 34.8 MHz to capture the upstream
traffic and to (e.g.) 723 MHz to capture the downstream traffic.

--
Tom Stiller

PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3 7BDA 71ED 6496 99C0 C7CF

Tom Stiller <tomstiller@comcast.net> wrote:
>
> No one said one had to use the same tuner to capture data going both
> directions.
>
> You can tune one device to (e.g.) 34.8 MHz to capture the upstream
> traffic and to (e.g.) 723 MHz to capture the downstream traffic.

My point was that you *can't* tune an off-the-shelf cable modem to
capture upstream traffic. To do that, you essentially have to build,
buy, or otherwise obtain something resembling a head-end modem (but not
an actual head-end modem, since the head-end expects to control all the
end-user modems connected to it and you don't want to control them, you
just want to snoop on them), which is well beyond the capabilities of
your average neighborhood hacker.

-Larry Jones

Oh, now don't YOU start on me. -- Calvin

On Oct 11, 2:05 am, rodsm...@nessus.rodsbooks.com (Rod Smith) wrote:
> In article <1191972040.493468.165...@22g2000hsm.googlegroups.com>,
> Nonapept...@gmail.com writes:
>
>
>
>
>
> > On Oct 4, 11:01 am, rodsm...@nessus.rodsbooks.com (Rod Smith) wrote:
> >> In article <1191464795.138725.206...@19g2000hsx.googlegroups.com>,
> >> Nonapept...@gmail.com writes:
>
> >> > I just stumbled across a blurb in a networking book that said that the
> >> > infrastructure for cable internet access is slightly insecure.
>
> >> There is some truth to the claim; however, most cable companies today
> >> encrypt the last-mile data, which would make it difficult (perhaps to the
> >> point of impossibility, except maybe for national intelligence agencies)
> >> for somebody on the same cable node to decrypt your data.
>
> > I suppose my initial confusion centered on this alleged ability of a
> > member of your shared last mile on the cable system to snoop on your
> > communication. To my limited understanding of networking, a snooper
> > would have to have some way of having direct access to that
> > multiplexer (or whatever the cable system uses) and then have some way
> > of replicating the traffic from the multiplexer back down the line to
> > himself. If a multiplexer (or whatever) is vulnerable, it would seem
> > to me that any medium, not just cable, is just as vulnerable. The book
> > I was reading stated that cable was more insecure by comparison to
> > other mediums but didn't offer any further explanation. Maybe I should
> > just calm down and go back to reading my Windows Administration
> > books... ;)
>
> The problem with cable systems is that every customer in an area gets
> every other customer's data. Remember that cable systems were designed for
> TV distribution, where every household gets the same set of channels. To
> feed computer data over this existing infrastructure, cable operators
> simply send the data for several households down this one shared set of
> cables, so in theory one person can snoop on the data sent to a nearby
> location. (Upstream data also goes over the same shared set of cables and
> so is vulnerable, too.) In this sense a cable system's last-mile network
> is similar to a large Ethernet network that uses hubs rather than
> switches.
>
> This description, though, is incomplete; as I wrote in my previous post,
> most cable operators today employ encryption and other techniques to
> secure their last-mile data. I certainly wouldn't want to bet my life --
> or even my bank account access data -- that the last-mile data is really
> secure, but I'm not going to get too worried about the last-mile security
> compared to security on the rest of the Internet. When I deal with data
> that really should be securely transmitted (credit card numbers, passwords
> that provide shell access to remote systems, etc.), I use encryption to
> provide end-to-end security. For most data (Web page URLs, most e-mails,
> etc.), I don't worry about it, since this data isn't really sensitive,
> whether it's stolen by my next-door neighbor or by a spy in China.
>
> Note also that another technology has become very common that's far less
> secure than cable modems: Wi-Fi. Wi-Fi is a radio technology, so somebody
> can sit in a car parked outside your home and snoop on your Wi-Fi traffic
> or even use your network to access the Internet. Your internal network may
> also be vulnerable to attack, since many LAN security products are
> designed to protect against access from the Internet rather than from
> systems on your local network. Most (all?) Wi-Fi hardware supports
> encryption, but the studies I've seen suggest that this encryption is
> often ineffective and is also often disabled by default. (I've not been
> following this closely, though, so my information may well be out of
> date.) If you use wireless networking at home or at work, you should
> definitely look into this issue to learn how secure your hardware's
> encryption is and, if it turns out to be inadequate, add encryption on top
> of it.
>
> --
> Rod Smith, rodsm...@rodsbooks.comhttp://www.rodsbooks.com
> Author of books on Linux, FreeBSD, and networking

So, if I'm understanding correctly, as I sit here and look at my
modem, its receiving downstream transmissions that are headed for me
and every other cable modem subscriber in my area. The modem is
selectively choosing to ignore all but the transmissions that are
addressed to it (I'm supposing that it's filtering by IP address?). My
mind's eye is picturing all downstream content that is intended for me
being split to all nodes on my local last mile, but only being
accepted by my modem. Is that correct?

Also, (again, if I understand correctly) each transmission that I send
hits some kind of local aggregator (multiplexer?) which then, in hub-
like fashion, repeats the transmission to every port, which includes
every neighbor that has a cable modem as well as the upstream
connection to the head end? Eek! Seems like a waste of bandwidth for
the provider. Each last mile area of a cable provider's service is
essentially a big MAN sized collision domain?

As for the wireless admonitions, I think WPA2 with a decent sized PSK
is purported to be uncrackable.


Thanks for the continued discussion,
Nonapeptide



Any word on what type of encryption cable providers use?

Nonapeptide@gmail.com wrote:
>
> So, if I'm understanding correctly, as I sit here and look at my
> modem, its receiving downstream transmissions that are headed for me
> and every other cable modem subscriber in my area. The modem is
> selectively choosing to ignore all but the transmissions that are
> addressed to it (I'm supposing that it's filtering by IP address?). My
> mind's eye is picturing all downstream content that is intended for me
> being split to all nodes on my local last mile, but only being
> accepted by my modem. Is that correct?

Yes, although the RF network has its own addressing scheme, it doesn't
use IP addresses. Most cable systems allow multiple IPs behind a single
modem (although there may be an additional charge).

> Also, (again, if I understand correctly) each transmission that I send
> hits some kind of local aggregator (multiplexer?) which then, in hub-
> like fashion, repeats the transmission to every port, which includes
> every neighbor that has a cable modem as well as the upstream
> connection to the head end? Eek! Seems like a waste of bandwidth for
> the provider. Each last mile area of a cable provider's service is
> essentially a big MAN sized collision domain?

No. The transmissions that you send go to the local node over coax that
is shared with your neighbors, so they receive those transmissions but
the node itself only retransmits (over fiber) to the head-end so people
attached to other nodes don't see the transmissions. And the upstream
bandwidth is divided into specific time slots that are, for the most
part, preassigned to specific cable modems, so there are no collisions
except for the few slots that are left open for contention.

> Any word on what type of encryption cable providers use?

The packet data is encrypted using either 56- or 40-bit DES. The DES
keys are managed using RSA public-key encryption.

-Larry Jones

Even though we're both talking english, we're not speaking the same language.
-- Calvin

On Sat, 13 Oct 2007 12:43:13 -0700, Nonapeptide@gmail.com wrote:

>As for the wireless admonitions, I think WPA2 with a decent sized PSK
>is purported to be uncrackable.

WPA and WPA2 aren't crackable in the same way that WEP is so easily
cracked, but both flavors of WPA are susceptible to dictionary
attacks, and the nice thing is that you don't need to sit there and
gather tons of packets like you would for WEP.

--
Bill

Not quite. The taps to which subscribers are connected are directional
and have high port-to-port isolation. Not like a hub or switch or
T-connection.

The downstream path is located somewhere in the bandwidth of 88-860MHz,
while the upstream path is in the 5-42MHz bandwidth. Just where depends
on the system.


CIAO!

Ed N.

Nonapeptide@gmail.com wrote:
> Also, (again, if I understand correctly) each transmission that I send
> hits some kind of local aggregator (multiplexer?) which then, in hub-
> like fashion, repeats the transmission to every port, which includes
> every neighbor that has a cable modem as well as the upstream
> connection to the head end? Eek! Seems like a waste of bandwidth for
> the provider. Each last mile area of a cable provider's service is
> essentially a big MAN sized collision domain?
>
>

Here in comp.dcom.modems.cable,
Bill M. <wbillups@hotmail.com> spake unto us, saying:

>WPA and WPA2 aren't crackable in the same way that WEP is so easily
>cracked, but both flavors of WPA are susceptible to dictionary
>attacks, and the nice thing is that you don't need to sit there and
>gather tons of packets like you would for WEP.

How much more secure are you when you turn SSID broadcasting off?

I would think that would at least deter casual drive-by Wifi cracking
(folks can't crack what they don't know exists).

Or will some Wifi detectors show hidden wireless networks anyway?

--
-Rich Steiner >>>---> http://www.visi.com/~rsteiner >>>---> Mableton, GA USA
Mainframe/Unix bit twiddler by day, OS/2+Linux+DOS hobbyist by night.
WARNING: I've seen FIELDATA FORTRAN V and I know how to use it!
The Theorem Theorem: If If, Then Then.

On Fri, 19 Oct 2007 12:04:39 -0500, rsteiner@visi.com (Richard
Steiner) wrote:

>Here in comp.dcom.modems.cable,
>Bill M. <wbillups@hotmail.com> spake unto us, saying:
>
>>WPA and WPA2 aren't crackable in the same way that WEP is so easily
>>cracked, but both flavors of WPA are susceptible to dictionary
>>attacks, and the nice thing is that you don't need to sit there and
>>gather tons of packets like you would for WEP.
>
>How much more secure are you when you turn SSID broadcasting off?

Not more secure at all, IMHO.

>I would think that would at least deter casual drive-by Wifi cracking
>(folks can't crack what they don't know exists).
>
>Or will some Wifi detectors show hidden wireless networks anyway?

Yup, passive scanner programs like Kismet show those networks, too,
just as quickly and clearly as if they were broadcasting their SSID.
Active scanners, like Netstumber, won't show them. Disabling SSID
broadcast is a little like MAC filtering, it makes you feel good but
adds little or nothing in the way of additional security.

--
Bill