Comcast/RCA Modem: Security Problem?

Comcast/RCA Modem: Security Problem?

Post by shockwaverider » Thu, 10 Apr 2003 03:10:40



Comcast Cable Modem service will be here (Elizabethtown,KY) within the next week or so....

I was at the local Comcast office paying my bill earilier this month when I noticed they had a demo Dell PC with a RCA DCM225 modem
attached to it...
My questions concerns the RCA modems:
1. From reading this newsgroup, it seems alot of people think RCA modems are crap.....is this true?
2. looks like they may be security problems with these RCA Modems:
http://www.securiteam.com/securitynews/5HP0L2A6KQ.html
http://qb0x.net/exploits/RCA_cablemodem.txt

Anybody that knows more about the security aspects of cable Modems in general and these articles about the RCA modems in particular
would be greatly appreciated.

3. Do you think they may have fixed this by NOW? via a modem firmware upgrade? That last article is dated 3/28/2002

Any information regarding the above will be greatly appreciated. TIA

regards,
Shockie B)

 
 
 

Comcast/RCA Modem: Security Problem?

Post by Jim » Thu, 10 Apr 2003 03:43:22



Quote:> My questions concerns the RCA modems:
> 1. From reading this newsgroup, it seems alot of people think RCA modems

are crap.....is this true?
Quote:> 2. looks like they may be security problems with these RCA Modems:
> http://www.securiteam.com/securitynews/5HP0L2A6KQ.html
> http://qb0x.net/exploits/RCA_cablemodem.txt
> Anybody that knows more about the security aspects of cable Modems in

general and these articles about the RCA modems in particular
Quote:> would be greatly appreciated.
> 3. Do you think they may have fixed this by NOW? via a modem firmware

upgrade? That last article is dated 3/28/2002

 In my opinion, those vulnerabilities have been corrected. For starters,
they assume that the MSO leaves their read/write community strings at
default - any moron who does so will not be in business for long. Secondly,
a simple IP filter in the config file blocks the ability to see any other
CM's on the defined subnet.

 In any case, the vulnerability only allows someone to read the DocsDev MIB
for the modem - no user data or configurable variables are there.

 Jim

 
 
 

Comcast/RCA Modem: Security Problem?

Post by Jerr » Thu, 10 Apr 2003 14:03:33


The RCA DCM225 model can develop a loose AC power connection. This models
power cord has a 5 wire, white plug. You can spot the bad ones...just
touching this connector can cause the modem to reset. This doesn't happen
new, out of box. Probably develops from rough handling (dropping, cord
tripping, improper unplugging to reset modem, etc.). The newer DCM305s have
a simpler connector plug.
Also, the new 305s have the internal diagnostics page, which is found with
http://192.168.100.1 (very useful, but the Surfboard diag is better).
Jerry


Quote:> Comcast Cable Modem service will be here (Elizabethtown,KY) within the
next week or so....

> I was at the local Comcast office paying my bill earilier this month when

I noticed they had a demo Dell PC with a RCA DCM225 modem
Quote:> attached to it...
> My questions concerns the RCA modems:
> 1. From reading this newsgroup, it seems alot of people think RCA modems

are crap.....is this true?
Quote:> 2. looks like they may be security problems with these RCA Modems:
> http://www.securiteam.com/securitynews/5HP0L2A6KQ.html
> http://qb0x.net/exploits/RCA_cablemodem.txt

> Anybody that knows more about the security aspects of cable Modems in

general and these articles about the RCA modems in particular
Quote:> would be greatly appreciated.

> 3. Do you think they may have fixed this by NOW? via a modem firmware

upgrade? That last article is dated 3/28/2002
Quote:

> Any information regarding the above will be greatly appreciated. TIA

> regards,
> Shockie B)

 
 
 

1. @HOME, Comcast & Thompson RCA Cable Modem

I have been anxiously awaiting cable modems in my area (Detroit).  Monday of

$52/month + $10 to lease an external Thompson RCA Cable modem, plus there is
no installation fee.  The service rep I talked to said that I can expect
500K/sec download of zipped files and something like 300K uploads.  I
realize that this does sound too good to be true, but anything is better
then 56K, right?

Has anybody used Thompson RCA Cable modems?  I have read many messages here

hubs, or what?

2. Q: Clusterwide AST delivery

3. Radio Shack/Comcast Deal = $75 RCA Cable Modem

4. Alternatives to Apple's 13in color monitor (long)

5. Poor Connection - Linksys Wireless Router & Comcast RCA Cable Modem

6. WM_SETHOTKEY and SetForegroundWindow

7. Comcast Cable Modem manual (RCA)

8. Updating TriForma Parts

9. Comcast / Radio Shack/ RCA DCM226 offer

10. RCA DCM 245 vrs. RCA DCM 305

11. RCA modem and BEFW11S4 Lynksys router conectivity break-down problem

12. RCA modem problem and war story

13. Problems with @Home's RCA Cable Modems?