after weeks of having a problem with slowness on his cable modem service (provided by at&t broadband), 21-year-old matthew hallacy decided to take matters into his own hands to find out if his cable modem was really the bottleneck. he downloaded the specs for his 3com cable modem from the web then devised a method for changing an obscure configuration file–the result of which was significantly increased bandwidth (from 75 kbps to much higher). according to hallacy, he changed the configuration to proove that it was the network management of at&t broadband that was causing the slowness, and once he found this out he changed the settings back.
Sb4200 modem motorola. Open the internet explorer on the addresss bar put 192.168.100.1 then go to hack add on file adress file d11_m_speedtierextreme2_c01.cm. I have a a motorola SB4200 cable modem. The internet goes pretty fast however the download speed is really slow. Are there any things a could do about it? Cable Modem SB4200 User Guide. Declaration of Conformity We, Motorola, Inc. Broadband Communications Sector 6450 Sequence Drive San Diego, CA, U.S.A. Declare under our sole responsibility that the. Congratulations, you have a new state-of-the-art SB4200 cable modem! This high-speed, upgradeable modem enables you to connect your home. For specific Motorola SURFboard cable modems and gateways, software (known as drivers) will need to be installed when connecting to the cable device with a USB cable. Refer to the Cable Modem USB Driver Matrix section of this document to download the appropriate drivers. HACK SB4200 DOCSIS 1.1 TO DOCSIS 1.0 (SIN CABLES). Understanding the signal levels on a Motorola Surfboard Modem - Duration: 6:30. GeekHowTos 76,827. Cable Modem Termination System Tutorial.
after testing this trick on a few other cable modems, he decided that this was a security vulnerability because of the ability to capture data from other users on the attacker's node, or the ability to send huge amounts of data to a specified destination by taking control of the cable isp's routers and gateway computers. hallacy's report lays out in detail how to trick a docsis-compliant cable modem into divulging its configuration file, then tells how to edit that file with an open source program.
at&t broadband spokesman andrew johnson stated that although it takes potential security threats very seriously, the company was still investigating hallacy's claims and had no immediate comment. cablelabs, the developer of the docsis standard, stated that although the problem is real, it is not because of vulnerabilities in the standard itself, but flaws in the way that cable operators implement their networks. a feature in the docsis standard called “shared secret keys” allows cable operators to prevent users from making the sort of changes which hallacy describes. 3com no longer sells cable modems, and motorola stated it has been notified of and will comply with a requirement from cablelabs to implement a change to its products, preventing subscribers from making these types of changes.
check out security focus for more information.
ron's opinion
this is unfortunately another instance of incorrectly configured networks creating security vulnerabilities, again underscoring the need for strict security guidelines regarding the configuration of both networks and software. this is also another of the many reasons why computer and information security will be the next big economic boost. simple network and software design changes can be implemented to greatly increase the security of data of all types, and those changes need to be made as soon as humanly possible.
unfortunately, security seems to be all about visibility right now, and until a vulnerability has been published by the finder, no one will do anything about it. this is not good. it is another reason why the “responsible disclosure” theory will not work in this world. companies do not want to spend the money unless absolutely necessary, and when a vulnerability is published, it becomes necessary to fix it because the risk of exploit becomes greater.
cable operators are anti-competitive (at least in my area, where there is only one choice for service) and they must be forced to make the changes necessary to secure their networks. it will be interesting to see this develop.
user comments 49 comment(s)
hrm(8:30am est mon mar 18 2002) sounds way more fun then just “un capping” my modem muharhar har what? oh and maby thats why shaw'[s service really baddly suck's, it's really pi$$ing me off , maby ill have to go with dsl? hrm g'day – by evo |
finally!(8:36am est mon mar 18 2002) i knew that comcast was screwing everything up. maybe things will finally work correctly at home now – by salaryman |
where(9:13am est mon mar 18 2002) can i find the directions to try this on my own modem? mediacom is dreadfuly slow, limiting uploads to 128, which is not even fast enough to perform video conferencing with. – by zaph1 |
another good article(9:14am est mon mar 18 2002) here's another good article on this: my damn isp caps my upstream at 16/sec. |
ok i guess we cant post links?(9:15am est mon mar 18 2002) i never read the guidelines (oops?) – by fd |
it wouldn't have happened(9:22am est mon mar 18 2002) if the speed was at the rate is was supposed to go. ever since the changer over, it's been nothing but slow. though mostly because it's going through the at&t network. though i wouldn't be supprised if this was a part of it too. – by —mike savad |
it wouldn't have happened(9:23am est mon mar 18 2002) if the speed was at the rate is was supposed to go. ever since the changer over, it's been nothing but slow. though mostly because it's going through the at&t network. though i wouldn't be supprised if this was a part of it too. – by —mike savad |
this isn't new(9:29am est mon mar 18 2002) motorola surfboard cm's (the 3100) can easily be uncapped. they have a flaw where by they aren't instructed to download the configuration file from the service providers interface, but from any. as such you can setup a tftp server on the machine that the cm plugs into, and becuase it's a 10mbps (it's much slower coming in frm the wall) link the cm download the configuration file from that. telewest in the uk have had some problems with users doing this. it's very easy to detect because the signal to noise ratio on the rf network dramatically changes. it's also against most isp's aup. – by matt |
security flaw?(10:13am est mon mar 18 2002) i suppose that this might be considered a security flaw, from the isp's perspective, users reconfiguring the modem is certainly undesirable. however, form the users perspective this is *not* a security flaw. the end user is not exposed to any risk from this flaw. further, i would state that the configurations are *not* mis-configurations or mis-management by clueless isp staff. the caps are instead intentionally left in place. the isps do not wish for their users to be able to use this much bandwidth. in theory, cable modems are capable of 27mbps downstream. a more realistic speed of 6 to 10 mbps downstream is easily achievable but, the isps do not wish to enable these speeds for the users. while the potential high-speeds of cable modem make for great advertising, the isps do not have the infrastucture to support all of their customers at these high speeds. furthermore, they do not want to spend the money to build such infrastructures. by limiting the speeds that their subscribers can achieve they reduce the amount of equipment needed to support those subscribers and thereby reduce their cost. they also, are then able to sell higher speed “business class” service at a higher premium with a simple configuration change. it sucks that the isps are defrauding their customers with over infalted advertisements and then delivering a capped service but, uncapping the modem is basically illegal. the fact that a user can uncap the modem iis thus a security risk for the isp. it is in no way a security risk for the end user. – by get a grip |
heh(10:15am est mon mar 18 2002) i seem to remember getting flamed a few weeks ago via a post pertaining to security and cable modems. justice =) – by slack |
now imagine(10:36am est mon mar 18 2002) everyone uncapping their modem. cable does suck. – by god™ |
get a grip(10:47am est mon mar 18 2002) nicely put. logic and clarity … what a concept! – by niceguy |
re: get a grip(11:13am est mon mar 18 2002) from a cable modem users perspective: “the ability to capture data from other users on the attacker's node” seems like a serious security flaw to me. also i would be that only a mis-configuration or clueless it staff would allow the “taking control of the cable isp's routers and gateway computers” i do wish however that my cable was faster than 1 mb. – by scratchman |
ron's opinion(12:00pm est mon mar 18 2002) amen. – by steve |
funkdafie(12:04pm est mon mar 18 2002) be glad you're not a gamer. if they capped my upstream to a slow speed like that i'd go back to dialup. my dsl is worth it, but i can dl two linux distros at the same time while uploading 3 mp3s to 3 different servers, all the while the third pc is busy surfing the net w/o even knowing all that other traffic is taking place. i understand cable here is just as good. a lot of you guys are being screwed royally! but hat's what happens with monopolies. – by steve |
flame, part ii(1:57pm est mon mar 18 2002) um, sorry “slack”, but this security issue still has nothing to do with the claims you were being flamed about, which, if i remember correctly, involved the alleged intrusion risk of a cable-modem connected computer even when it was turned off. there is no correlation between your claim and this item. justice? nope. sorry. – by flamerboy |
if i had cable(2:37pm est mon mar 18 2002) if i had cable i would remove the cap on my modem and hack into everyonr else's and set their modems to run at 56kbs. then i could be king os the cable network until they catch me and put me in jail. 75kbs sucks i am glad i have dsl at 6mbs/384kbs mt server rocks. – by rax |
food for thought(2:49pm est mon mar 18 2002) i have a question to pose… if the cable companies are owned by the media companies and the media companies understand with hi-speed access comes unlimited music and movie trading isn't it obvious why they would cap the bandwith? i mean downloading is fine to them because only people with $$ like the media companies can afford hi-speed bi-directional pipes so you can pay them for their media. but if everyone had the ablity to serve then what would we need media companies for? – by truemore |
re: truemore(5:39pm est mon mar 18 2002) you hit the nail right on the head. it isn't a coincidence. since they can't really fight the mp3 trading by reducing cd prices (and they know it), they have begun to resort to these tactics to slow down the proliferation. until there is a breakup of media company and bandwidth provider, it will only get worse. yet another death knell to the cable modem industry and their short-sightedness. – by the watcher |
i love my dsl(6:29pm est mon mar 18 2002) fast speed static ip's run my own servers dsl rocks – by rax |
re: rax(12:04am est tue mar 19 2002) only if you're lucky do you get fast dsl… around here its limited to 640kb down, 256kb up, unless you want to pay $150+/mo…. sucks to live in suburbia… – by ryguy1984 |
heres the link(1:22am est tue mar 19 2002) – by right there |
legal tweaks(4:14am est tue mar 19 2002) .. has a patch for most systems that will help improve connections .. – by x0x0x0x0x |
uncapping is possible here…(5:16pm est wed mar 20 2002) uncapping is possible here: but this is illegal and you should not do it!!! – by will |
comcast suck(4:32pm est mon may 20 2002) comcast really suck 150kb/s down 10kb/s up i want @home back – by nobody |
it not going to change (6:17pm est thu may 23 2002) non of this stuff you people are complaining about will change anything. read the user/acceptable poily and you then will know you have signed. you give isp the right to whatever they and to take back whatever they want. so just deal with. it's not that. – by dbf |
cable company lies(1:01am est sun jul 07 2002) i called them after figuring out that my ups was 16kb/sec and u know what i got she told me over ther phone that the are doing a boost and i will see a hudge improvment and . well im still waiting . where is it lady . you hose bag nothing but lies and head aches … they are stealing from us all and we need to get something going to stop them . i know a few important people here around washington dc and im willing if i can get 5000 signatures to protest and seek for a new bill to be past ..i was lies to when i called and was told that my new cable line will be 150 times faster then a 56k … 56k times 150 = a big lie. now i can say donwloading is fast but i was getting 4 k upload speed with the 56k modem . now if we can all get all the anger behind us and focus on the issue we can chane things … please email if you want to change things … uurrmmaann@yahoo.com – by mr.you know who |
very usefull(6:51pm est thu jul 11 2002) thanks all i found very interesting all the coments and i may even be able to do something about the speed of my conection – by pasing by |
modem reactive(11:28am est fri jul 19 2002) is it possibe to swith a modem back on wicth has been swiched of my the isp – by john |
bob(2:05pm est fri jul 19 2002) most of this stuff posted has nothing to do with the question – by annoymous bob |
re: modem reactive (john)(11:20am est sun jul 21 2002) yes, its called paying your bill. your cable modem has a specific mac address that only that modem has. when you register with your isp they get the mac from you and allow it on their network. if you don't pay your bill they just put a deny on the address. you're stuck. – by passing through |
if i but a modem from the us will(1:55pm est wed jul 24 2002) go in the uk – by john |
ughhhh(8:45pm est mon sep 16 2002) if you want good down and up youd better pray that either rcn cable goes into your area or road runner or you'd better hope t1 becomes as cheap as broadband. companies like at&t and astound broadband will only give you 1.5down and about 256 up for the service they give most everyone else but will expect you to pay outrageous prices for an upgrade to about 768 up with the same download. rcn however gave its coustomers on the west coast a 3mb down and 832/up for free with megaband service for less than one pays for regular at&t service. boycott for all i care because i had to move and am now stuck with this crappy at&t. we can only hope that one day a program for the non techyy folk comes out in an uncapping one step deal software beast that will not give away what weve done so we can all live happily! – by m{}rp[-]e |
$hitty insight(4:05pm est sat oct 12 2002) i got insight and only get 10 kb/s upstream, its such bull. i am with the person who was talking about how they say its 100 time faster than dial up. false advertising, do i hear a lawsuit? – by ice |
uncap(9:20pm est tue nov 19 2002) will you show me how to hack my motorola surfboard sb4100? im sick of comcast fucking up my upload speed. – by your mom |
toshiba modems(12:49pm est fri dec 13 2002) does anyone have any iformation on how to hack a toshiba pcx1100u cable modem. i get 1.3mb download and 75 to 120 kb upload. – by frustrated |
network segment s/n ratio…?(12:27pm est fri jan 17 2003) matt, i'm curious: how does uncapping affect the signal-to-noise ratio of the local segment of the cable network…? – by another matt |
ports(10:22pm est wed may 28 2003) what about blocking ports. i am trying to beta test software and my cable company has blocked some ports. can this be done though the modem? – by paul_333 |
ports(5:42pm est tue oct 28 2003) paul_333, the blocking of ports is probably done at the companys switch or router, unless you get acsess to it and unblock them thru the switch/router software. otherwise you are screwed =) – by the unknown guy |
toshiba modems(5:44pm est tue oct 28 2003) so, any news on boosting up toshiba pcx1100u modem yet “frustrated”? – by the unknown guy |
toshiba modems(12:42am est wed apr 07 2004) thats what i am wondering, i am getting 30 up on cox and that is lame. – by cyko |
pep-talk time…(2:17am est thu apr 29 2004) down with “the man”. – by m3g4d37h |
telewest(11:32am est mon may 17 2004) tell me about low upstream! telewest (blueyonder) only give me 128 up, when i am getting 512 down! if you have a 3mb line from telewest, they only give you 256up – when my mate who has 128down, gets 256 up. if anyone knows a way in which i can increase my upstream bandwidth to about 256 without gettin caught on telewest – please e-mail me @ jonathan_halewood1@hotmail.com. ffs – they have an absolutly huge pipe – and the modems and lines can handle like 100mbps – so what the hell are they doing? – by jonathan halewood |
fbi(12:36pm est tue may 25 2004) good now the fbi will mke a new law – by beetsman |
you are all cheap basterds!!!(12:58pm est sun oct 17 2004) of course if you want more speed you have to pay. the more high speed users the isp has the more hardware it takes to provide that service. get a job and pay for the bandwidth. – by ereptor |
bandwidth is bandwidth(12:34pm est sat nov 13 2004) there is a difference in paying for bandwidth and being cheated on what you pay for. rr gives me 2.5 mb/s down and caps me at 35 kb/s up. to me bandwidth is bandwidth up or down. they should have a way to throttle the up and down at least with in the 2.5 mb/s range which i pay for. of course im not willing to pay $400+ for 1.5mb/s up thats absurd… i do however realize that during the '90s the isps paid too much for the for fiber optic lines and hardware and have to make up the cost some how, but they need to get on the ball and realize that the end-user is becoming more technology savy and setting up their own servers, sending larger emails, sharing files, communicating via video to family and friends. we deserve what we pay for… “bandwidth is bandwidth” – by frost |
pull out your tools, climb the poles yourself(3:13pm est mon apr 04 2005) the cablemodem companies need to just get out of the way and let us hackers and enthusiasts into the network and climbing the poles… we'll tweak everything out with the latest hardware ourselves to get the bandwidth. i just spent $800 myself and two weeks setting up a homebuilt repeater and state of the art pre-n equipment to get access 2000 ft away from me to me, and across a pond and around a house. hows that for elite. if it took a mission to plug a satelite into orbit to get more bandwidth, well by god i'll blast a satelite into space. that's next on my project list, actually. – by starguy |
Surfboard Sb4100 Cable Modem
bandwidth is bandwidth?(4:19am est wed apr 27 2005) i'm not convinced that the cable companies are giving us our monies' worth. it was estimated that the cost to provide bandwidth in 2000 was one-thousandth as much as it was in 1995 and that it was going to drop at the same rate between 2000 and 2005. that means that our $9/mo compuserve accounts should be producing roughly 14,000,000,000bps for the same price. sure, nobody likes to pay us$50/mo or more for capped (crippled) bandwith with ports blocked (crippled) and ip addresses that seemingly change at random 20 times per day. what can we do about it? here's what we can do: * first put some sun-tan oil on because our skin isn't used to the daylight. * meet your neighbors and find out if they have the same concerns. * find 9 other like-minded people in your neighborhood that feel the same way you do about the cable-modem people. * start a co-op and split the cost of a business-class dsl line (or t1/t3) with multiple static ip addresses. * set expectations on courtesy so people will cap their own upload speeds. * connect everybody via 802.11 (or cat5 if they're close). * meet each month as a users group to discuss 'net technologies and collect dues. this plan will work exceptionally well in dorms and apartment buildings. i shared my @home cable modem via proxy server with all of my neighbors in the late 90's and was paid in beer. my apartment buiding in atlanta shares a single cable modem connection and three neighbors get free access, too. they're all casual surfers, so there's never a problem. – by jim the tall guy |
Motorola Sb4200 Cable Modem Speed
question???(12:09am est sat may 14 2005) is it possible to keep a cm connected to the internet even though the isp has disconnected it?? i know you can spoof the mac address, enable a tftp server, disable sntp traps but would that along with some other little tweaks be enough to have it work. – by //// |