What about IPTV Security Assessment? Anyone familiar?

Good question, if it's any help we're proposing IPTV services and we query our client database and corellate with the number of subscribers known in the Radius for this given service to verify the legitimate use of our services. We disable multiple simoultaneous authentication with the same login/pass/macaddress and then finally display the illegitimate users. I know this is not a assessment but at least I replied ;).

Just noticed this book. http://www.wiley.com/WileyCDA/WileyTitle/productCd-047051924X.html but haven't bought it yet, so don't know if it's any good. I've been involved in a few IPTV assessments.

Most of the new kit uses a "Video_Bridge", the STB is connect to a port of the router which is VLAN off and connect to the Back-End Server via a ATM link.

In quotes because I haven't posted enough to do URLs:

cisco.com/warp/public/cc/so/neso/ns320/voip_wp.pdf

cablelabs.com/specifications/pc20.html

en.wikipedia.org/wiki/PacketCable

PS: Learn DOCSIS. Grab an uncapped cable modem and play with it, it's good to toy with. Noise around the water cooler is that a few major ISPs leave some CMTSs wide open goatse style under default configs *shiftyeyes*

PPS: HFC networks are a joke.

Seems like an interesting topic.

http://www.foundstone.com/us/services-iptv-security.asp

IPTV is also subject to spamming, spoofing, content theft, and other hacking attacks, like many other IP-based solutions. Foundstone performs IPTV Security Assessments for many telecommunications companies to ensure that their IPTV are secured according to industry best practices.
I can only imagine how much these assessments could potentially cost... especially if certain loopholes are difficult or even impossible to locate. :eek:

DOCSIS was broken, wasn't it?


PS: But, BPI+ does *sort* of "fix" it(not that you can't downgrade to 1.1 with "CM/NonVol/CM DOCSIS NonVol/bpi_verison", although I can read BPI certs off modems making it moot point.) and AFAIK there's not any glaring holes in packetcable(does more than VOIP) or related protocols

DOCSIS was broken, wasn't it?

I don't know? :confused:

and AFAIK there's not any glaring holes in packetcable(does more than VOIP) or related protocols

That's good to know ;)

I think we're on different pages here. :cool: :o

Makes for some Interesting reading though. ;)

What planet are you from? :D JJ

I'm from the internets, good sir.


I'm talking PacketCable(DOCSIS, HFC infastructure) where as the link provided is talking about DSLAM infrastructure. While DSLAM served IPTV(not actually any particular standard at all) may be subject to spoofing and the like, it's not something that's easily done on a DOCSIS network. You can see every device on the HFC network, but only the HFC interface - the WAN interface is kept seperate, and communications go over an encrypted(BPI/BPI+) channel. Attempts to spoof on an HFC network generally makes the CMTS start dropping every packet your modem sends for x amount of minutes. I've tried ARP poisoning and the like(and the router doesn't like that), but the only attack I've really had any success with was DHCP spoofing.

I'm from the internets, good sir.


I'm talking PacketCable(DOCSIS, HFC infastructure) where as the link provided is talking about DSLAM infrastructure. While DSLAM served IPTV(not actually any particular standard at all) may be subject to spoofing and the like, it's not something that's easily done on a DOCSIS network. You can see every device on the HFC network, but only the HFC interface - the WAN interface is kept seperate, and communications go over an encrypted(BPI/BPI+) channel. Attempts to spoof on an HFC network generally makes the CMTS start dropping every packet your modem sends for x amount of minutes. I've tried ARP poisoning and the like(and the router doesn't like that), but the only attack I've really had any success with was DHCP spoofing.

I downloaded that voip_wp.pdf. Very technical... but I think I have an idea, now, where you're coming from. ;)