Uncapping Cable Modems

Posted on April 1, 2016 By

Cable modem technology has the ability to achieve speeds in excess of 1 Mbit per second, but modem cables are set to run at a lesser value. It is typically reduced to half of this number for downloads and around an eight of this number for upload. ISPs cap modems to ensure that the bandwidth is equally distributed among users and the upload cap in particular is designed to discouraged users in creating large servers.

Uncapping is defined as the concept of somehow eliminating the bandwidth limit many cable modem service providers impose. Some customers want to do this in order to improve the speed of their cable modem. This is obviously theft of service and may have seriously unpleasant consequences like imprisonment.

One way to do this is to set up a modified DOCSIS config file on a TFTP server hooked to the Ethernet side of the Cable Modem and tricking it to read the config file from the Ethernet side instead of the cable side. There are other ways but it involves highly technical skills in server technology and is too risky.

Cable modems service providers are fighting back with MIC, MAC/IP Checking and DOCSIS 1.1. MIC. Message Integrity Checking is run by authenticating the config file in the modem through robust encryption techniques using a shared secret. MAC/IP Checking is run through the service aggregation device (router) that checks the matching IP addresses with MAC addresses that were assigned to the end user PC during DHCP or statically. This would prevent the IP Accumulation attack way of uncapping. If the BPI+ of DOCSIS 1.1 is enabled, the Fake MAC way of uncapping would be consequently prevented. Most MSOs have not yet upgraded to v1.1, but that is expected to happen over time. Problems with theft of service may influence the decision to upgrade.

Computer     , , ,