Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adelphia's Cable Modems Compromised

Posted by CowboyNeal on from the leaving-the-door-open dept.

texus writes "The Adelphia PowerLink Cable Modem Internet Service Provider, that serves 5.5 million customers nation wide, was found to be vulnerable of a major security flaw that allows cable modem subscribers to spy on each others traffic, as well as the ability to modify other users internet packets in realtime. The severity of a potential attack could allow a malicious subscriber to gain access to the customers private activity on the net, as well as the capabilities to hijack connections, intercept SSL/SSH/VPN encrypted sessions, hijack and poison dns servers, and perform a Denial of Service on the entire subnet. The advisory on BugTraq officially states that it didn't seem like Unix machines that logged onto the network were affected, but reports from other Adelphia subscribers indicate that this was inaccurate and Unix users are vulnerable as well."

12 of 182 comments (clear)

  1. Shit.... by inode_buddha · · Score: 2, Interesting

    3/4 of my family uses them, I've got to go spread the word...

    Thank $DEITY is do Linux on dialup, for once!

    --
    C|N>K
  2. Why is this not surprising.... by eyegor · · Score: 4, Interesting

    Given that they're teetering on the edge of existance, most of the good people have long since fled.

    I've being trying to find a competent person at Adelphia so I can get my cable internet service working. It's been weeks and they can't figure out why there's no return path for my signal. If they can't get that right, cable modem misconfiguration issues shouldn't be surprising either.

    I'm beginning to question my decision to move from IDSL to cable.

    Sheesh....

    --

    Don't anthropomorphize computers, they don't like it.
  3. Guess What by Anonymous Coward · · Score: 2, Interesting

    On any cable network, ARP spoofing is available, not just in this example. It is quite easy for someone to do this.

  4. Sniff SSL Connections?!? by martyros · · Score: 3, Interesting

    Does someone want to explain to me how they can intercept SSL connections? I thought the whole point of encryption and secure protocols was that we need not fear sniffing and man-in-the-middle attacks...

    --

    TCP: Why the Internet is full of SYN.

  5. Uh-oh by Elflord1999 · · Score: 5, Interesting

    Wow. I work in the second highest level of network support at Adelphia and I had no idea. Of course, there's just three guys or so that deal with the actual modems and their boot files. I'm going to point this out to the higher ups and see what can be done, methinks.

    1. Re:Uh-oh by The-Perl-CD-Bookshel · · Score: 2, Interesting

      So are we looking at another example of BugTraq giving out the exploit before it can be fixed? IIRC this has been an issue with BugTraq in the past.

      --
      I don't keep a lid on my coffee so when I walk around I look busy -me
  6. Is this really anything new? by UpLateDrinkingCoffee · · Score: 3, Interesting

    I have adelphia (I'm very happy with the service... 3Mbps downloads most of the time) but I like many others run through a router because I thought the normal operation of cable broadband is that anyone in your "loop" was essentially on the same subnet and could sniff packets, etc. at will. Is this really anything new?

  7. Re:Hmmmm... by aggieben · · Score: 3, Interesting

    Why aren't the *nix subnets vulnerable? If you can drop your cable modem into promiscuous mode, it seems like even in a switched environment you could perform an arpspoof and still intercept/hijack connections and so on.

    --
    Don't become a regular here, you will become retarded. -- Yoda the Retard
  8. Re:Adelphia != Bad Peoples by k_stamour · · Score: 2, Interesting

    Last night I had my first outage with Adelphia in a year. It's been solid and reliable. At least here in Southern VA... May be I'm just lucky? -As far as Security, I use smooth wall. Don't think this will protect me from poison arp, but you should see my IDS log files!

    --
    Julius Caesar - Act I, Scene i: "What mean'st thou by that? Mend me, thou saucy fellow!"
  9. Re:This indicates one of the problems with Unix by nucal · · Score: 5, Interesting
    "Contrast this with a PC, where it is usually immediately obvious if someone is trying to hack you."

    You're kidding/trolling right? At the university where I work Windows 2000 machines are constantly being hacked for things like DoS attacks, pirated video servers, etc. The actual user typically does not find out until the IP is tracked down by the victim and the school is notified (usually including the threat of a lawsuit)...

  10. Check out the DOCSIS specs. by dumboy · · Score: 2, Interesting

    According to the DOCSIS 1.1 specification it is the responsibility of the cable modem itself to not pass other users traffic through, as cable internet is a shared medium like a hub. Some things will get through, though, since they are passed to a broadcast like DHCP, SSDP requests, and IGMP. I have Adelphia and can see these things coming in, as I should, but not other people's web traffic. Sounds to me that they posted something on BugTraq that is written up in a specification. Check out Cablelabs for the DOCSIS 1.1 specification.

  11. Adelphia is Garbage by chunkwhite86 · · Score: 5, Interesting

    Alow me to explain:

    1. Adelphia recently declared bankruptcy. Their CEO was the Number 1 CEO in the whole US for taking insider loans. Above Tyco, Enron, or Worldcom. The crooked bastard took an insider "loan" for OVER a quarter BILLION dollars. His reason for the loan was "Unspecified personal business".

    2. Their service sucks. I'm on the phone with their help desk at least once a month because the internet connection is down. Their tech support people are a bunch of brain-dead bozos reading from an "if: then" style troubleshooting manual - plus, it usually takes 45 minutes or more of waiting on hold to get through to a real human. Definitely some of the worst customer service in the industry.

    3. They are not complying, or planning to comply with the federal regulation passed in October that prevents cable providers from forcing customer to purchase service "bundles" to get a particular channel. The regulation states that a cable provider must provide, upon the customers request, the premium channels they ask for in an a-la-carte style manner.

    As an example, if I wanted to get the HBO channel at my house, Adelphia requires my to "upgrade" to their digital cable service for an additional $9.95 a month, plus $7/mo per TV (I have 3) plus pay $25.99 a month for the HBO bundle. Do the math - that equals a additional $57 per month just to get one premium channel. This practice is strictly forbidden by the recently passed legislation.

    And to top it off, the lying bastards told me that they don't have the technology to provide a single premium channel (no bundles) to a home, and that they don't have the technology to send certain premium channels to their analog cable subscribers - that they must "upgrade" to digital cable. The reason that they are lying bastards is that I have a friend who used to get just HBO (w/o a bundle) to his analog cable home (back when they offered this option). He canceled that channel but they never turned it off for him. Right now today he gets a single premium HBO channel to his analog cable home.

    My advice is to avoid this sleezy bunch at all costs - unless you like paying out the nose to support their insider lending (Yes, I know GWB thankfully just passed legislation making corporate insider loans illegal.) habbits and unfair business practices.

    --
    I'd rather be a conservative nutjob than a liberal with no nuts and no job.