Sorry, but I missed the first post. I tried out all three clients, and they all work against Hybrid radio networking modems. These are used by a number of radio network providers, who provide long-haul (20km+) high speed (1Mbps) radio service. The specific one I'm using is the CCM-231 (if you read the case) or the CCM-311 (if you use the "version" HSMP command). NOS version 70471. At this point, I'd assume that the exploit applies to all of Hybrid's product line. My provider spoke with Hybrid this morning, and apparently Hybrid has a patch for the problem that fixes it in some unspecified way. According to my provider, Hybrid merely said that "only people you allow will be able to configure the modems" but that they made clear that remote configuration was still enabled. Maybe they'll use a password (easily sniffable). I think it's more likely at this point that Hybrid will merely check the source address (!) of the packets, and compare those addresses with a table configured by the provider. I'd like to believe that Hybrid will fix this in a sane way, but since they're remaining hush-hush about the fix, I think the chances of that are very slim. -- Jon Paul Nollmann ne' Darren Senn sinsterat_private Unsolicited commercial email will be archived at $1/byte/day. Dis.Org's propensity for casual violence is little different from that of any street gang. Carolyn Meinel -- Jon Paul Nollmann ne' Darren Senn sinsterat_private Unsolicited commercial email will be archived at $1/byte/day. "Tis better to remain silent and be thought a fool, than to speak up and remove all doubt." Benjamin Franklin
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:17 PDT