|
Posted by on October 9, 2007, 7:20 pm
If you were Registered and logged in, you could reply and use other advanced thread options
On Oct 4, 11:01 am, rodsm...@nessus.rodsbooks.com (Rod Smith) wrote:
> Nonapept...@gmail.com writes:
>
>
>
> > I just stumbled across a blurb in a networking book that said that the
> > infrastructure for cable internet access is slightly insecure. The
> > allegation was that since all cable drops in an area trace back to a
> > distribution node (which in turn make their way to the head end)
> > someone on the same distro node could, with some "technical
> > prowess" (direct quote from the source) could eavesdrop on your
> > communications. Is this true? I couldn't get Google to cough up any
> > further info on the subject, but then again I couldn't seem to piece
> > together completely relevant search terms.
>
> > This is perturbing news for someone who tends to be
> > paranoid. ::glances nervously at the cable modem:: Is it time to go
> > back to tin cans and string?
>
> There is some truth to the claim; however, most cable companies today
> encrypt the last-mile data, which would make it difficult (perhaps to the
> point of impossibility, except maybe for national intelligence agencies)
> for somebody on the same cable node to decrypt your data.
>
> That said, most Internet traffic is not encrypted, and there are lots and
> lots of places on the Internet that it can be intercepted. If you're just
> concerned about your nosy neighbor knowing that you've been reading all
> the latest Star Trek rumors, this isn't a big deal, since your nosy
> neighbor probably doesn't have ready access to all the routers between you
> and the Star Trek sites. OTOH, if you're concerned about Big Brother
> snooping on your activities, that's another matter. Likewise if you're
> concerned about shady characters acquiring a profile on you and using it
> against you (for identity theft, say). Data passed over the Internet is
> compromised every day. Often this is a matter of theft of credit card
> numbers, but these are typically stolen from retailers' computers, not
> while they're in transit. If criminals were to compromise a router,
> though, they could sift through the data it manages and grab some of yours
> -- passwords or other personal information, say. There have been
> allegations that the US government is doing this for data to and from
> foreign countries, the difference being that the feds are alleged to have
> the cooperation of the data carriers, or at least some of them, and of
> course they claim to be doing it in the interests of national security --
> or they would if they admitted they were doing it.
>
> The bottom line is this: Whether you're using a cable modem, DSL, a T1
> line, a dial-up telephone modem connection, or anything else, you
> shouldn't consider your Internet transactions secure. If you pass anything
> sensitive over the Internet, you should ensure that you're using an
> encrypting protocol to do it. Fortunately, most Web retailers employ
> encryption on their order pages, or at least on the ones that ask for
> credit card numbers -- but as noted, data thieves manage to steal CC
> numbers from the retailers' servers. (Local CC transactions are also at
> risk in the same way or by waiters or whatnot copying the information by
> hand, so don't swear off Internet purchases for this reason.) If you
> routinely log into remote systems (getting a command prompt or desktop to
> use it as if it were local), use an encrypting protocol such as SSH. For
> sensitive sites, such as a bank, use a unique password, and don't store it
> on your computer. (With all the Trojans and viruses out there, passwords
> stored by your browser might not be secure even on your own computer.)
> Particularly if you're using Windows, run anti-virus software, and keep it
> updated. Use a NAT router, if your cable modem doesn't incorporate that
> functionality, to help protect your home system. These basic steps will
> minimize the risks, but security isn't an all-or-none thing. The only way
> to be 100% sure that your Internet data won't be snooped is to not use the
> Internet, and the only way to be 100% sure that your computer's data won't
> be compromised is to not use a computer. In today's world, neither of
> these is a practical approach, so you'll have to accept some degree of
> risk.
>
> --
> Rod Smith, rodsm...@rodsbooks.comhttp://www.rodsbooks.com
> Author of books on Linux, FreeBSD, and networking
Thank yuo all for the responses. Much to think about.
@Rod
I suppose my initial confusion centered on this alleged ability of a
member of your shared last mile on the cable system to snoop on your
communication. To my limited understanding of networking, a snooper
would have to have some way of having direct access to that
multiplexer (or whatever the cable system uses) and then have some way
of replicating the traffic from the multiplexer back down the line to
himself. If a multiplexer (or whatever) is vulnerable, it would seem
to me that any medium, not just cable, is just as vulnerable. The book
I was reading stated that cable was more insecure by comparison to
other mediums but didn't offer any further explanation. Maybe I should
just calm down and go back to reading my Windows Administration
books... ;)
Nonapeptide
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map