All, I too have a Motorola Surfboard 4200, not sure of revision/firmware number, but whenever I have www.securityspace.com do a "basic scan" of my system, my Motorola modem locks up hard and I have to power cycle it to get it back. It locks up before my IDS can detect anything so something is up with these cable modems. -----Original Message----- From: Juraj Ziegler [mailto:eat_private] Sent: Monday, November 04, 2002 05:06 To: Ryan Sweat Subject: Re: Motorola Cable Modem DOS On Wed, Oct 30, 2002 at 02:02:27PM -0600, Ryan Sweat wrote: > I've found it trivial to crash the Motorola Surfboard 4200 Cable modem, > as installed default by AT&T Broadband Internet. > > The modem acts as a bridge, but also has an internal RFC1918 IP address > (192.168.100.1). Simply nmap'ing the cable user's IP address, ie: > # nmap -sS -p 1-1024 12.x.x.x > will cause it to crash, rendering the ethernet interface useless. It is > also possible to crash it from the lan by simply doing the same scan > against the cable modem's internal IP address. The crash is not > specific to nmap, there are other publicly available tools which cause > the same result. This is known to be effective on Software Version: > SB4200-0.4.4.0-SCM06-NOSH. (possibly others?) Nothing happens to a SB4200E-0.4.4.1-SCM04-NOSH. Everything works fine after a scan. [e] -- ________________________________________________________________________ _______ >eat_private< /(bb|[^b]{2})/ >http://hq.sk/~euro< "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -- Rich Cook
This archive was generated by hypermail 2b30 : Fri Nov 08 2002 - 01:06:30 PST