I too have a Motorola Surfboard 4200, not sure of revision/firmware
number, but whenever I have www.securityspace.com do a "basic scan" of
my system, my Motorola modem locks up hard and I have to power cycle it
to get it back. It locks up before my IDS can detect anything so
something is up with these cable modems.
-----Original Message-----
From: Juraj Ziegler [mailto:e (at) hq (dot) sk [email concealed]]
Sent: Monday, November 04, 2002 05:06
To: Ryan Sweat
Subject: Re: Motorola Cable Modem DOS
On Wed, Oct 30, 2002 at 02:02:27PM -0600, Ryan Sweat wrote:
> I've found it trivial to crash the Motorola Surfboard 4200 Cable
modem,
> as installed default by AT&T Broadband Internet.
>
> The modem acts as a bridge, but also has an internal RFC1918 IP
address
> (192.168.100.1). Simply nmap'ing the cable user's IP address, ie:
> # nmap -sS -p 1-1024 12.x.x.x
> will cause it to crash, rendering the ethernet interface useless. It
is
> also possible to crash it from the lan by simply doing the same scan
> against the cable modem's internal IP address. The crash is not
> specific to nmap, there are other publicly available tools which cause
> the same result. This is known to be effective on Software Version:
> SB4200-0.4.4.0-SCM06-NOSH. (possibly others?)
Nothing happens to a SB4200E-0.4.4.1-SCM04-NOSH. Everything works fine
after a scan.
_______
>e (at) hq (dot) sk [email concealed]< /(bb|[^b]{2})/
>http://hq.sk/~euro<
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe
trying
to produce bigger and better idiots. So far, the Universe is
winning."
--
Rich Cook
I too have a Motorola Surfboard 4200, not sure of revision/firmware
number, but whenever I have www.securityspace.com do a "basic scan" of
my system, my Motorola modem locks up hard and I have to power cycle it
to get it back. It locks up before my IDS can detect anything so
something is up with these cable modems.
-----Original Message-----
From: Juraj Ziegler [mailto:e (at) hq (dot) sk [email concealed]]
Sent: Monday, November 04, 2002 05:06
To: Ryan Sweat
Subject: Re: Motorola Cable Modem DOS
On Wed, Oct 30, 2002 at 02:02:27PM -0600, Ryan Sweat wrote:
> I've found it trivial to crash the Motorola Surfboard 4200 Cable
modem,
> as installed default by AT&T Broadband Internet.
>
> The modem acts as a bridge, but also has an internal RFC1918 IP
address
> (192.168.100.1). Simply nmap'ing the cable user's IP address, ie:
> # nmap -sS -p 1-1024 12.x.x.x
> will cause it to crash, rendering the ethernet interface useless. It
is
> also possible to crash it from the lan by simply doing the same scan
> against the cable modem's internal IP address. The crash is not
> specific to nmap, there are other publicly available tools which cause
> the same result. This is known to be effective on Software Version:
> SB4200-0.4.4.0-SCM06-NOSH. (possibly others?)
Nothing happens to a SB4200E-0.4.4.1-SCM04-NOSH. Everything works fine
after a scan.
[e]
--
________________________________________________________________________
_______
>e (at) hq (dot) sk [email concealed]< /(bb|[^b]{2})/
>http://hq.sk/~euro<
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe
trying
to produce bigger and better idiots. So far, the Universe is
winning."
--
Rich Cook
[ reply ]