Re: DOCSIS vulnerability

From: Rob Koliha (rkolihaat_private)
Date: Thu Mar 21 2002 - 17:09:20 PST

Next message: meat_private: "Re: IDS and SSL"

Previous message: Ron DuFresne: "Re: useless security@ contacts"
In reply to: Adam Wheeler: "Re: DOCSIS vulnerability"
Next in thread: Meritt James: "Wireless device vulnerability?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adam,

Actually speed issues with cable isp's can be caused by several 
different things.. If they're sending a tech out to fix it (we hope they 
are looking at your modem signal levels (get docsdiag.jar and see for 
yourself)) it's more than likely a signal problem.. Typically low 
downstream power levels (-15dBmv or lower), high upstream power levels 
(58dBmv or higher), or poor SNR (23 or less) cause slowdowns..  It could 
also be that your area is over utilized or that there are a lot of 
customers with better (provisioned faster) speeds and the system is 
feeding them as much as it can at your expense.. Same deal goes with 
hacked modems.. I can put 4 modems side by side all provisioned at 1.5mb 
and everyone on my port (0-100 ppl approx) will start going slower.. 
Same deal if I make one modem 10 down and 10 up and pull 800kBps from 
the headend.. Besides various network issues the only other thing I can 
think of right this second that would slow you down is possibly that 
your isp is utilizing 100% of their bandwidth at times.. Doing 
tracroutes before you experience a problem and after would probably give 
you a good way to check.. If ping times are good the first few hops and 
they get bad like the 4th-6th hop out (depends on your isp, look for the 
first ip out that isn't a 10.xxx.xxx.xxx or 172.xxx.xxx.xxx (non-private 
ip)) it could be that they are out of bandwidth..

Rob

vuln-dev moderator: post this if you think it's appropriate, cc'd just 
in case

Adam Wheeler wrote:

>In-Reply-To: <Pine.LNX.4.43.0203120939090.9902-200000at_private>
>
>Thanks for the informative post.  My company relies heavily on our broadband cable access, and as Technical Director I am responsible for maintaining a secure and reliable network for our employees.  
>
>Information like this helps us by giving us a little more leverage with our service provider.  Instead of "Hi, this is 'blah blah' my cable modem seems slow today" and the resulting "We'll send a technician out tomorrow", I can say "Hi, this is 'blah blah'. I just noticed a sudden network slowdown and it looks to me like somebody on my subnet might be hacking their cable modem.  Could I speak to a network administrator?"
>
>Information like this can help reduce network downtime from the typical day or two expected from a cable company to an hour or so and save thousands of dollars in lost profits and wasted time.
>
>Adam Wheeler
>Deluxe Business Machines
>

Next message: meat_private: "Re: IDS and SSL"
Previous message: Ron DuFresne: "Re: useless security@ contacts"
In reply to: Adam Wheeler: "Re: DOCSIS vulnerability"
Next in thread: Meritt James: "Wireless device vulnerability?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 22 2002 - 08:55:18 PST