[CLUE-Talk] Security Issue with @Home
Gary & Sheri Mauldin
gsmauldin at home.com
Sun Aug 26 16:50:43 MDT 2001
Any idea how to get into the @Home cable router that I have(it's operating system)? It's a Motorola Surfboard 3100.
Gary
-------Original Message-------
From: Brandon N
Date: Sunday, August 26, 2001 04:32:37 PM
To: clue-talk at clue.denver.co.us
Subject: Re: [CLUE-Talk] Security Issue with @Home
There is really no way to fix this on a shared connection, although the
modems detect the IP's behind them and can show this to @home techs.
All you have to do to hijack an IP is look at your host IP, subnet mask
and then pick another IP on your subnet. This is probably what
happened to the people mentioned on slashdot that had thier connection
turned off while they were on vacation for running a warez site.
Brandon
--- Warren <warren at guano.org> wrote:
> If you are considering broadband service with @Home, be aware of the
> following security issue of "IP address hijacking" being discussed on
> Bugtraq.
>
> Aside from the inconvenience, it is possible that someone could use
> your
> IP address for subversive activities, trading mp3s or sending
> instructions on how to rip CDs, for example, and point the finger at
> you. Refer to
> http://www.salon.com/tech/feature/2001/08/23/pirate/index.html
>
>
>
> Forwarded message:
>
> From: Roadkill Randu <randy at viopac.com>
> To: bugtraq at securityfocus.com <bugtraq at securityfocus.com>
> Date: Saturday, 25 August, 2001, 4:20:25 PM
> Subject: @Home network subject to DHCP hijacking
>
>
>
> ======================Original message text=================
>
> Greetings:
>
> Problem:
>
> The @Home network assigns IP addresses on a fairly permanent basis to
> its
> subscribers, but it does use DHCP for IP address assignment. It is
> trivial matter, however, to take over another @Home account's IP
> address
> by simply providing another customer's ID for the hostname parameter
> in
> DHCP. It is also trivial to acquire this hostname parameter, since
> all it
> requires is 'host @HomeIPaddress' to determine what the customer ID
> is.
>
> Notification:
>
> I have notified @Home of this problem twice in the last two months.
> Not
> being an expert in DHCP, I do not know what could be done to fix
> this. I
> figure at least using something different than my actual hostname for
> my
> hostname parameter would at least raise the bar to sniffing for DHCP
> packets, instead of the trivial hack it currently is.
>
> Reason for this message:
>
> I have had my @Home connection hijacked from me repeatedly in the
> last six
> months. Given @Home's aparent lack of concern for this problem, and
> the
> current mood of ISPs shutting down users without warning whenever the
> MPAA
> rattles it saber, I felt that the larger community needed to be aware
> of
> this potential problem. It should not be this trivially easy for
> someone
> to break the law in your name.
>
> Randy
>
>
>
> =================End of original message text===============
>
> --
>
> </W>
>
> http://guano.org/~warren/pgp.txt
>
>
> _______________________________________________
> CLUE-Talk mailing list
> CLUE-Talk at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-talk
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
_______________________________________________
CLUE-Talk mailing list
CLUE-Talk at clue.denver.co.us
http://clue.denver.co.us/mailman/listinfo/clue-talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue-talk/attachments/20010826/4c113a66/attachment.html
More information about the clue-talk
mailing list