Cable Modem Security

By Ira Winkler

February 3, 1999,3700,2190636,00.html

Cable modems and other high speed connections are becoming increasingly more available-- but what are the security risks?

Late last year, a Screen Savers viewer asked about cable modem security, concerned that many computers linked to cable modems are on all of the time. The response? Don't worry. This concerns me.

Before examining why cable modem users are more at risk, here are the technical differences between regular modems and cable modems. When you dial into an ISP with a regular modem, your computer is randomly assigned an Internet address.

["Here are the technical differences.." This makes it sound like they are essentially the same. Cable modems and their providers have several other differences which may also affect their security.]

That address equates to the specific modem at the ISP that you dialed into, and for that session, that is your Internet identity. On the next session, you will probably have a different address.

However, when you have a cable modem, your address is always the same.

[This is not true. Cable modem providers and dial-in ISPs may offer static or dynamic IPs depending on their setup and policy. There is no standard or absolute method for doing this.]

People with cable modems frequently leave their connection active 24 hours a day. While this isn't wrong, it opens a major security risk, leaving users more vulnerable to a hacker attack.

[Millions of hosts around the net are a) not on cable modems and b) have the same IP address all the time. This has little to do with the security concerns of owning a cable modem. Ira doesn't even touch on problems of open networks, unencrypted links, or inherent security problems in the customer's machines. He doesn't go into concerns of sniffing traffic, shared bandwidth and availability issues or any security issues really.]

main page ATTRITION feedback