Beyond your cable modem: How not to do DOCSIS networks

Presented at 32C3 (2015), Dec. 27, 2015, 6:30 p.m. (60 minutes)

Did you ever want to have access to a few hundred thousand network end points? Or a few hundred thousand phone numbers? A short look behind the curtains of how not to do network security.

Have you ever wondered why cable modem providers don’t allow you to swap out your modems with your own?

Once you look at the network your modem (and thus you once you gain access to it) has access to, a whole new world of security mess-up lies ahead.

Join me in exploring how DOCSIS (the standard behind cable modems) works, how it’s used today in a real life example setup, how you could potentially make it secure and what implications this has to you as an end user. I will also show you what happens if you don't look out for security on the DOCSIS network and how that can lead to compromising other people's modems, private networks and telephone access.

Presenters:

• Alexander Graf
  Alexander was mostly involved in QEMU, KVM and openSUSE on ARM during the last few years. Whenever something really useful comes to his mind, he tends to implement it. Among others he did Mac OS X virtualization using KVM, nested SVM, KVM on PowerPC and a lot of work in QEMU for openSUSE on ARM. He is an upstream maintainer of KVM for PowerPC, QEMU for PowerPC and QEMU for S390x.

Links:

• https://fahrplan.events.ccc.de/congress/2015/Fahrplan/events/7133.html

Similar Presentations:

• HOPE Number Nine (2012) / The ARRIStocrats: Cable Modem Lulz
• DEF CON 16 (2008) / Free Anonymous Internet Using Modified Cable Modems
• DEF CON 18 (2010) / Hacking DOCSIS For Fun and Profit