Today I would like to talk about how would one bypass Clone Detection on a Cisco UBR out of the blue for no reason at all. I have been reading up on them lately, it seems as though there are still a few minor holes in the UBR CMTS systems from what i have read anyway. For example: The Cisco CMTS router does not attempt to distinguish between two cable modems if the provisioning system does not provide a DOCSIS configuration file specifying BPI+ be enabled.
So, Correct me if I am wrong here BUT if the config file was to be edited so as to not specify BPI+ to be enabled then that would mean of course (in my mind), Yes! the CMTS well not "TRY" distinguish the legitimate modem from the clone which means you can reboot the sub modem provided you have SNMP access still and then put your clone online without issue, except for one. Yeah what about that sub modem that wont come online now do to the CMTS rejecting it because of the fact that the Cable Duplicate MAC Address Reject feature is enabled by default on the Cisco UBR???? This would not be a problem if it was not for the fact this feature creates a new log message, which appears in the system log by default, or you know, the simple fact the customer is gonna call the ISP now and tell them they have no internet. So how do we bypass this aspect of the security to allow both modems online? well Cisco says "the log message provides the cable interface and MAC address of the cable modem attempting to register when another physical modem with that same MAC address is already in a state of online(p_) elsewhere on the Cisco CMTS router." so it is possible to get on with a clone from another CMTS? or No? DOCSIS clones can’t exist on the same CMTS. They can, however, exist on different CMTSs as per my ISP is configured at the current moment with Arris C4's so would this mean that you can get online provided you connect to another CMTS but are still using the same provisional server so as to pickup the proper config??? someone please enlighten me as to if I am on the right, or wrong, course of thinking here. How do they span clone detection across multiple Cisco UBR CMTS's? I could not find any documentation about it through Cisco. Secret? Maybe. Not Possible? Possibility. anyway yeah I probably got some shit wrong here because A: Been up sense 11:00 Last night and B: never looked into clone detection very heavily before let along look into anything about Cisco CMTS systems, I Have only ever Dealt with the Shitty Arris C4's and older.
I assume Canis is gonna weigh in here as he usually would![Tongue]( "Tongue")
So, Correct me if I am wrong here BUT if the config file was to be edited so as to not specify BPI+ to be enabled then that would mean of course (in my mind), Yes! the CMTS well not "TRY" distinguish the legitimate modem from the clone which means you can reboot the sub modem provided you have SNMP access still and then put your clone online without issue, except for one. Yeah what about that sub modem that wont come online now do to the CMTS rejecting it because of the fact that the Cable Duplicate MAC Address Reject feature is enabled by default on the Cisco UBR???? This would not be a problem if it was not for the fact this feature creates a new log message, which appears in the system log by default, or you know, the simple fact the customer is gonna call the ISP now and tell them they have no internet. So how do we bypass this aspect of the security to allow both modems online? well Cisco says "the log message provides the cable interface and MAC address of the cable modem attempting to register when another physical modem with that same MAC address is already in a state of online(p_) elsewhere on the Cisco CMTS router." so it is possible to get on with a clone from another CMTS? or No? DOCSIS clones can’t exist on the same CMTS. They can, however, exist on different CMTSs as per my ISP is configured at the current moment with Arris C4's so would this mean that you can get online provided you connect to another CMTS but are still using the same provisional server so as to pickup the proper config??? someone please enlighten me as to if I am on the right, or wrong, course of thinking here. How do they span clone detection across multiple Cisco UBR CMTS's? I could not find any documentation about it through Cisco. Secret? Maybe. Not Possible? Possibility. anyway yeah I probably got some shit wrong here because A: Been up sense 11:00 Last night and B: never looked into clone detection very heavily before let along look into anything about Cisco CMTS systems, I Have only ever Dealt with the Shitty Arris C4's and older.
I assume Canis is gonna weigh in here as he usually would
