CMTS PC-Based (pci card) |

You are here

CMTS PC-Based (pci card)

4 posts / 0 new
Last post
CMTS PC-Based (pci card)

someone know about CMTS PC-Based ?

This is a docsis 1.1 CMTS. No

This is a docsis 1.1 CMTS. No Euro-Docsis yet.
Looking at the website, I would say that they do not exist on the market anymore.

c9 networks

In 2014-2015 C9 Networks is somewhat alive and well. Have been attempting to manage of their Docsis 3.0 CMTS units.
It's running Centos 6.x. providing service to less than 300 users and it's not doing it very well. They have a US address in the Silicon Valley area but find multiple references to them being located in India. Not sure if the US is a technology or marketing office.


Here's the summary of an analysis I performed on one of their units in mid-2016. Maybe things are better now. I'm not going to find out.

----- Begin: Analysis letter to customer -----

At first glance, the C9 Networks CMTS looks good. The configuration is simple, easily manageable through a Web GUI. They support most major DOCSIS3 features, and present a picture of simplicity. Indeed, versus a Cisco CMTS, they are quite simple.

I initially misconfigured it, entering the wrong subnet into a key field, making it inaccessible remotely. I missed this fact though and started poking at the device looking for some sort of more-in-depth command line interface to configure remote access controls, firewalls, etc.

What I discovered is quite disturbing, especially considering that these devices seem fairly prevalent.

I stumbled across an actual Linux command prompt, accessible via SSH and open to the public. Using the default username and password (that can't be changed through the web interface), I logged in successfully on the first try. Curious, I began inspecting the system...

First off, this device is actually a simple PC. It's a stock 3.3GHz Intel i3, with 2GB RAM, and a 4GB solid-state drive. The thing that makes it special is a Broadcom CMTS network interface card. This card's power and capabilities dwarf that of the PC, but it's not relevant at the moment.

The PC is running off-the-shelf CentOS Linux version 6.4. Released in February of 2013, CentOS 6.4 is one of several based on the last generation of Red Hat Linux. The 6.x series (released in 2011) is obsolete, with mainstream support ending in Q2 2017, and all support ending in Q4 2020.

This can be overlooked since the software could be upgraded, especially given the stock state of the device. These points can't be so easily overlooked though:

1. The device has NO firewall enabled at all! I can protect it from the Internet with our own routers and firewalls, but not from the residents. You just need one Linux person with half a brain and no morals to get some serious trouble brewing.

2. SELinux, a facility that is built into Linux to prevent easy remote exploits (among other things), is disabled by default.

3. The included Secure HTTP certificate expires in a few months, can't be changed (with the C9 GUI), and uses obsolete, weak cryptographic standards.

I have done some searches and could not find any information on my discoveries. As near as I can tell, we are the only people outside of C9 that know about these deficiencies. We could not have known about these before purchase, and had everything worked as described, likely would not have found out until after we were compromised.

The ironic part is that these boxes are likely compromised and controlled by hackers all over the world, and their operators don't even know! With such access, customer traffic could be easily be captured, studied, and even changed. Credit cards, Amazon account credentials, email, etc... All easy pickings with such access. (Using certificate injection or HTTP downgrade attacks, DNS rewrites, etc.)

Here's the thing... It's a Linux Box. I CAN fix these problems, but it means a major deviation from the C9's software design, and immensely complicating any future updates from them. It also means a ton of research, time, and ongoing future support on my part.

How much money do you have in this? Is the thing returnable? My point is, if you want to use this CMTS, we absolutely can make it work, but it is going to cost us in the future... And those costs may be substantial.

Given these new findings, I STRONGLY recommend deploying ANY other brand of CMTS.

Sorry to be the bearer of bad news. I wish things had worked out differently.

----- End: Analysis letter to customer -----