cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
For Australian Bushfire info please click here
New Contributor john27rg
New Contributor

Cable Haunt

There is a new potential vulnerability for cable modems. I became aware of it via:

https://arstechnica.com/information-technology/2020/01/exploit-that-gives-remote-access-affects-200-...

There is more information at:

https://cablehaunt.com/

And a question posted on Whirlpool at:

https://forums.whirlpool.net.au/archive/95qymxp9

I'm not an expert in this space, so just posting it here so Optus gurus are alerted if they're not already engaged. I do have an Optus Netgear cable modem. 

Tags (2)
0 Kudos
Reply
9 Replies
Trusted Contributor
Trusted Contributor

Re: Cable Haunt

Judging by: https://www.optus.com.au/for-you/support/answer?id=5429

It does not look like Optus used those models mentioned.

Did someone on Yes Crowd answer your question?
Please remember to throw a Kudo and/or Accepted Solution their way!
0 Kudos
Reply
Super Contributor
Super Contributor

Re: Cable Haunt


@Paddylee wrote:
Judging by: https://www.optus.com.au/for-you/support/answer?id=5429

It does not look like Optus used those models mentioned.

That is not an exhaustive list, and they state that "the exploit is likely to work on other models as well" (which you always have to assume anyway), so I think we need an Official statement from Optus. ( 😉 @Ray_YC 😉)

Trusted Contributor
Trusted Contributor

Re: Cable Haunt

Wont be long before no one is using the Optus HFC network.

The Arris devices NBN uses are not listed, so that side is covered.

Did someone on Yes Crowd answer your question?
Please remember to throw a Kudo and/or Accepted Solution their way!
0 Kudos
Reply
Highlighted
Super Contributor
Super Contributor

Re: Cable Haunt


@Paddylee wrote:
Wont be long before no one is using the Optus HFC network.

Sure, but how long is that? 6 month, 12 months, who knows. I am curious to hear from them as to when they anticipate the last customer may be disconnected.


The Arris devices NBN uses are not listed, so that side is covered.

You can't assume that. Multiple manufacturers use common firmware elements.

Trusted Contributor
Trusted Contributor

Re: Cable Haunt

Optus can terminate your HFC service after 90 days of the nbn going live at your address (is no 18 month wait, this is contractual).

Seeing Optus HFC is only a very small area in major cities, id think not many left (nbn was meant to be completed this year)

If its an exploit for the Arris devices then Telcos cannot do a thing, device is owned and managed by NBN themselves.

Did someone on Yes Crowd answer your question?
Please remember to throw a Kudo and/or Accepted Solution their way!
0 Kudos
Reply
Super Contributor
Super Contributor

Re: Cable Haunt

Optus can terminate your HFC service after 90 days of the nbn going live at your address (is no 18 month wait, this is contractual).

I'm aware of that.


Seeing Optus HFC is only a very small area in major cities, id think not many left (nbn was meant to be completed this year)

Optus HFC was largely not fit for purpose for NBN which added a lot of delay in its replacement, so who know how long is still to go.

If its an exploit for the Arris devices then Telcos cannot do a thing, device is owned and managed by NBN themselves.

But as consumers our point of contact is our RSP, so it is to be expected that we go through Optus.

0 Kudos
Reply
Trusted Contributor
Trusted Contributor

Re: Cable Haunt

Current Government decided to buy the Optus HFC network, so that was nice I guess.

RSP's cannot do a thing in regards to NBN and their devices, its a take it or leave it attitude from NBN Co themselves.
Their are numerous backdoors into all networking gear that the public is not aware of, everyone is snooping on each other.

Get a VPN from a legitimate VPN provider and off you go. The likes of Nord VPN who didnt advise of a breach until over a year later, then others that have been bought out by other IT companies are ones to stay away from.

Did someone on Yes Crowd answer your question?
Please remember to throw a Kudo and/or Accepted Solution their way!
0 Kudos
Reply
Super Contributor
Super Contributor

Re: Cable Haunt

RSP's cannot do a thing in regards to NBN and their devices, its a take it or leave it attitude from NBN Co themselves.

They can certainly ask about potential exploits.

They also have a vested financial interest, if for example their customers get compromised and get added to botnets they could be pulling/pushing a lot more data. and potentially higher CVC fees (not to mention other network performance issues).


Their are numerous backdoors into all networking gear that the public is not aware of, everyone is snooping on each other.

Sure, put a public exploit is an entirely different beast.


Get a VPN from a legitimate VPN provider and off you go. 

We are talking about a hardware exploit here, I doubt a VPN helps much in this situation.

0 Kudos
Reply
Trusted Contributor
Trusted Contributor

Re: Cable Haunt

"remote attackers can gain complete control over the modems, allowing them to change DNS settings, make the modem part of a botnet, and carry out a variety of other nefarious actions."

A vpn would insulate the user from this, sure a botnet would not be great though for service speed, also depends on the network layers as NBN delivers the first layer then your isp from the Arris device.

Not sure of other countries that resell their own HFC connections in a way like NBN as to what level of network access is actually open to the internet.

For now I am on FTTC which has a similar setup where NBN providers their own hardware and leaves the telco to plug in their device.
Anything is possible, depends if you want tinfoil or not.

Did someone on Yes Crowd answer your question?
Please remember to throw a Kudo and/or Accepted Solution their way!
0 Kudos
Reply